0.4.9:comment-escaping in backend and proper errormsg when not selecting comments for analysis
This commit is contained in:
parent
dab1d095ab
commit
ae4b5ae7df
5 changed files with 15 additions and 8 deletions
|
@ -1,3 +1,8 @@
|
|||
|
||||
0.4.9:
|
||||
Security: Escaped comments in backend
|
||||
Fixed error when selecting no comments in analyse-menu
|
||||
|
||||
0.4.8:
|
||||
Added option to delete all comments when emptying recycler
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
<ul class="plainList bayesAnalysis">
|
||||
{foreach from=$types item=type}
|
||||
<li class="ratingBox"><div class="commentType">{$type}</div>
|
||||
<div class="commentPart">{$comment.$type|escape}</div>
|
||||
<div class="commentPart">{$comment.$type|escape:"html"}</div>
|
||||
<div class="rating">
|
||||
{if $comment.ratings.$type != "-"}
|
||||
{$comment.ratings.$type|regex_replace:"/\..*/":""}%
|
||||
|
|
|
@ -17,7 +17,7 @@
|
|||
<input type="checkbox" id="{$comment.id}" name="comments[{$comment.id}]" />
|
||||
<label for="{$comment.id}"" >{$comment.id}</label>:
|
||||
<div class="bayesComments">
|
||||
{$comment.author}, {$comment.body}
|
||||
{$comment.author|escape:"html"}, {$comment.body|escape:"html"}
|
||||
</div>
|
||||
</li>
|
||||
{/foreach}
|
||||
|
|
|
@ -33,8 +33,8 @@
|
|||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>{$comment.author|truncate:20:"..."}</td>
|
||||
<td>{$comment.body|truncate:20:"..."}</td>
|
||||
<td>{$comment.author|truncate:20:"..."|escape:"html"}</td>
|
||||
<td>{$comment.body|truncate:20:"..."|escape:"html"}</td>
|
||||
<td>{$comment.timestamp|date_format:"%d.%m.%y, %R"}</td>
|
||||
<td>{$comment.rating|regex_replace:"/\..*/":""}%</td>
|
||||
</tr>
|
||||
|
@ -44,7 +44,7 @@
|
|||
<dl class="bayesRecyclerList">
|
||||
{foreach from=$types item=type}
|
||||
<dt>{$type}</dt>
|
||||
<dd>{$comment.$type}</dd>
|
||||
<dd>{$comment.$type|escape:"html"}</dd>
|
||||
{/foreach}
|
||||
<dt>{$CONST.Article}</dt>
|
||||
<dd><a href="{$comment.article_link}" target="_blank">{$comment.article_title}</a></dd>
|
||||
|
|
|
@ -36,7 +36,7 @@ class serendipity_event_spamblock_bayes extends serendipity_event {
|
|||
$this->title = PLUGIN_EVENT_SPAMBLOCK_BAYES_NAME;
|
||||
$propbag->add ( 'description', PLUGIN_EVENT_SPAMBLOCK_BAYES_DESC);
|
||||
$propbag->add ( 'name', $this->title);
|
||||
$propbag->add ( 'version', '0.4.8' );
|
||||
$propbag->add ( 'version', '0.4.9' );
|
||||
$propbag->add ( 'event_hooks', array ('frontend_saveComment' => true,
|
||||
'backend_spamblock_comments_shown' => true,
|
||||
'external_plugin' => true,
|
||||
|
@ -890,8 +890,10 @@ class serendipity_event_spamblock_bayes extends serendipity_event {
|
|||
$url = 'serendipity_admin.php?serendipity[adminModule]=event_display';
|
||||
$url .= '&serendipity[adminAction]=spamblock_bayes';
|
||||
$url .= '&serendipity[subpage]=4';
|
||||
foreach ($comment_ids as $comment) {
|
||||
$url .= '&serendipity[comments]['.$comment.']';
|
||||
if (isset($_REQUEST['comments'])) {
|
||||
foreach ($comment_ids as $comment) {
|
||||
$url .= '&serendipity[comments]['.$comment.']';
|
||||
}
|
||||
}
|
||||
if (!empty($msgtype)) {
|
||||
$url .= '&serendipity['.$msgtype.']='. $msg .'"/>';
|
||||
|
|
Loading…
Reference in a new issue