interkollektives/lichterei-web
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Template escaping

Browse Source
This commit is contained in:
Lukas Bestle
2022-08-23 22:18:14 +02:00
parent 27acc17eac
commit 435b9f4541
12 changed files with 25 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
site/snippets/blocks/image.php
View File

@@ -24,9 +24,10 @@ $lightbox = $link->isEmpty();
if ($block->location() == 'web') { if ($block->location() == 'web') {
$src = $block->src(); $src = $block->src();
$srcValue = $src->escape('attr');
} elseif ($image = $block->image()->toFile()) { } elseif ($image = $block->image()->toFile()) {
$alt = $alt->or($image->alt()); $alt = $alt->or($image->alt());
$src = $image->url(); $src = $srcValue = $image->url();
} }
if ($ratio !== 'auto') { if ($ratio !== 'auto') {
@@ -44,10 +45,10 @@ $attrs = attr([
]); ]);
?> ?>
<?php if ($src): ?> <?php if ($srcValue): ?>
<figure> <figure>
<a <?= $attrs ?>> <a <?= $attrs ?>>
<img src="<?= $src ?>" alt="<?= $alt ?>"> <img src="<?= $srcValue ?>" alt="<?= esc($alt, 'attr') ?>">
</a> </a>
<?php if ($caption->isNotEmpty()): ?> <?php if ($caption->isNotEmpty()): ?>

2
site/snippets/footer.php
View File

@@ -23,7 +23,7 @@
<h2>Pages</h2> <h2>Pages</h2>
<ul> <ul>
<?php foreach ($site->children()->listed() as $example): ?> <?php foreach ($site->children()->listed() as $example): ?>
<li><a href="<?= $example->url() ?>"><?= $example->title()->html() ?></a></li> <li><a href="<?= $example->url() ?>"><?= $example->title()->esc() ?></a></li>
<?php endforeach ?> <?php endforeach ?>
</ul> </ul>
</div> </div>

6
site/snippets/header.php
View File

@@ -24,7 +24,7 @@
site and the title of the current page site and the title of the current page
*/ */
?> ?>
<title><?= $site->title() ?> | <?= $page->title() ?></title> <title><?= $site->title()->esc() ?> | <?= $page->title()->esc() ?></title>
<?php <?php
/* /*
@@ -60,7 +60,7 @@
*/ */
?> ?>
<a class="logo" href="<?= $site->url() ?>"> <a class="logo" href="<?= $site->url() ?>">
<?= $site->title()->html() ?> <?= $site->title()->esc() ?>
</a> </a>
<nav class="menu"> <nav class="menu">
@@ -78,7 +78,7 @@
*/ */
?> ?>
<?php foreach ($site->children()->listed() as $item): ?> <?php foreach ($site->children()->listed() as $item): ?>
<a <?php e($item->isOpen(), 'aria-current ') ?> href="<?= $item->url() ?>"><?= $item->title()->html() ?></a> <a <?php e($item->isOpen(), 'aria-current ') ?> href="<?= $item->url() ?>"><?= $item->title()->esc() ?></a>
<?php endforeach ?> <?php endforeach ?>
<?php snippet('social') ?> <?php snippet('social') ?>
</nav> </nav>

4
site/snippets/intro.php
View File

@@ -13,8 +13,8 @@
*/ */
?> ?>
<header class="h1"> <header class="h1">
<h1><?= $page->headline()->or($page->title())->html() ?></h1> <h1><?= $page->headline()->or($page->title())->esc() ?></h1>
<?php if ($page->subheadline()->isNotEmpty()): ?> <?php if ($page->subheadline()->isNotEmpty()): ?>
<p class="color-grey"><?= $page->subheadline()->html() ?></p> <p class="color-grey"><?= $page->subheadline()->esc() ?></p>
<?php endif ?> <?php endif ?>
</header> </header>

4
site/snippets/layouts.php
View File

@@ -11,9 +11,9 @@
*/ */
?> ?>
<?php foreach ($field->toLayouts() as $layout): ?> <?php foreach ($field->toLayouts() as $layout): ?>
<section class="grid margin-xl" id="<?= $layout->id() ?>" style="--gutter: 1.5rem"> <section class="grid margin-xl" id="<?= esc($layout->id(), 'attr') ?>" style="--gutter: 1.5rem">
<?php foreach ($layout->columns() as $column): ?> <?php foreach ($layout->columns() as $column): ?>
<div class="column" style="--columns:<?= $column->span() ?>"> <div class="column" style="--columns:<?= esc($column->span(), 'css') ?>">
<div class="text"> <div class="text">
<?= $column->blocks() ?> <?= $column->blocks() ?>
</div> </div>

2
site/snippets/note.php
View File

@@ -18,7 +18,7 @@
<?php endif ?> <?php endif ?>
</figure> </figure>
<h2 class="note-excerpt-title"><?= $note->title() ?></h2> <h2 class="note-excerpt-title"><?= $note->title()->esc() ?></h2>
<time class="note-excerpt-date" datetime="<?= $note->published('c') ?>"><?= $note->published() ?></time> <time class="note-excerpt-date" datetime="<?= $note->published('c') ?>"><?= $note->published() ?></time>
</header> </header>
<?php if (($excerpt ?? true) !== false): ?> <?php if (($excerpt ?? true) !== false): ?>

6
site/templates/about.php
View File

@@ -33,15 +33,15 @@
</section> </section>
<section class="column text" style="--columns: 4"> <section class="column text" style="--columns: 4">
<h3>Email</h3> <h3>Email</h3>
<p><?= html::email($page->email()) ?></p> <p><?= Html::email($page->email()) ?></p>
<h3>Phone</h3> <h3>Phone</h3>
<p><?= html::tel($page->phone()) ?></p> <p><?= Html::tel($page->phone()) ?></p>
</section> </section>
<section class="column text" style="--columns: 4"> <section class="column text" style="--columns: 4">
<h3>On the web</h3> <h3>On the web</h3>
<ul> <ul>
<?php foreach ($page->social()->toStructure() as $social): ?> <?php foreach ($page->social()->toStructure() as $social): ?>
<li><?= html::a($social->url(), $social->platform()) ?></li> <li><?= Html::a($social->url(), $social->platform()) ?></li>
<?php endforeach ?> <?php endforeach ?>
</ul> </ul>
</section> </section>

2
site/templates/default.php
View File

@@ -21,7 +21,7 @@
<?php snippet('header') ?> <?php snippet('header') ?>
<article> <article>
<h1 class="h1"><?= $page->title()->html() ?></h1> <h1 class="h1"><?= $page->title()->esc() ?></h1>
<div class="text"> <div class="text">
<?= $page->text()->kt() ?> <?= $page->text()->kt() ?>
</div> </div>

2
site/templates/home.php
View File

@@ -48,7 +48,7 @@
<?php endif ?> <?php endif ?>
<figcaption> <figcaption>
<span> <span>
<span class="example-name"><?= $album->title()->html() ?></span> <span class="example-name"><?= $album->title()->esc() ?></span>
</span> </span>
</figcaption> </figcaption>
</figure> </figure>

8
site/templates/note.php
View File

@@ -31,9 +31,9 @@
<article class="note"> <article class="note">
<header class="note-header h1"> <header class="note-header h1">
<h1 class="note-title"><?= $page->title()->html() ?></h1> <h1 class="note-title"><?= $page->title()->esc() ?></h1>
<?php if ($page->subheading()->isNotEmpty()): ?> <?php if ($page->subheading()->isNotEmpty()): ?>
<p class="note-subheading"><small><?= $page->subheading()->html() ?></small></p> <p class="note-subheading"><small><?= $page->subheading()->esc() ?></small></p>
<?php endif ?> <?php endif ?>
</header> </header>
<div class="note text"> <div class="note text">
@@ -44,13 +44,13 @@
<ul class="note-tags"> <ul class="note-tags">
<?php foreach ($tags as $tag): ?> <?php foreach ($tags as $tag): ?>
<li> <li>
<a href="<?= $page->parent()->url(['params' => ['tag' => $tag]]) ?>"><?= html($tag) ?></a> <a href="<?= $page->parent()->url(['params' => ['tag' => $tag]]) ?>"><?= esc($tag) ?></a>
</li> </li>
<?php endforeach ?> <?php endforeach ?>
</ul> </ul>
<?php endif ?> <?php endif ?>
<time class="note-date" datetime="<?= $page->date('c') ?>">Published on <?= $page->date() ?></time> <time class="note-date" datetime="<?= $page->date()->toDate('c') ?>">Published on <?= $page->date()->esc() ?></time>
</footer> </footer>
<?php snippet('prevnext') ?> <?php snippet('prevnext') ?>

2
site/templates/notes.php
View File

@@ -26,7 +26,7 @@
<?php if (empty($tag) === false): ?> <?php if (empty($tag) === false): ?>
<header class="h1"> <header class="h1">
<h1> <h1>
<small>Tag:</small> <?= html($tag) ?> <small>Tag:</small> <?= esc($tag) ?>
<a href="<?= $page->url() ?>" aria-label="All Notes">&times;</a> <a href="<?= $page->url() ?>" aria-label="All Notes">&times;</a>
</h1> </h1>
</header> </header>

2
site/templates/photography.php
View File

@@ -30,7 +30,7 @@
<?= ($cover = $project->cover()) ? $cover->crop(400, 500) : null ?> <?= ($cover = $project->cover()) ? $cover->crop(400, 500) : null ?>
</span> </span>
<figcaption class="img-caption"> <figcaption class="img-caption">
<?= $project->title()->html() ?> <?= $project->title()->esc() ?>
</figcaption> </figcaption>
</figure> </figure>
</a> </a>