summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/drupal.module4
-rw-r--r--modules/drupal/drupal.module4
-rw-r--r--modules/statistics.module2
-rw-r--r--modules/statistics/statistics.module2
-rw-r--r--modules/upload.module2
-rw-r--r--modules/upload/upload.module2
6 files changed, 10 insertions, 6 deletions
diff --git a/modules/drupal.module b/modules/drupal.module
index 8295d8778..143ee798a 100644
--- a/modules/drupal.module
+++ b/modules/drupal.module
@@ -114,8 +114,10 @@ function drupal_directory_ping($arguments) {
function drupal_directory_page($sort = 'name') {
$result = db_query('SELECT * FROM {directory} ORDER BY '. $sort);
+ // Note: All fields except the mission are treated as plain-text.
+ // The mission is stripped of any HTML tags to keep the output simple and consistent.
while ($site = db_fetch_object($result)) {
- $output .= "<a href=\"$site->link\">$site->name</a> - $site->slogan<div style=\"padding-left: 20px;\">$site->mission</div><br />";
+ $output .= '<a href="'. check_url($site->link) .'">'. check_plain($site->name) .'</a> - '. check_plain($site->slogan) .'<div style="padding-left: 20px;">'. strip_tags($site->mission) .'</div><br />';
}
return $output;
diff --git a/modules/drupal/drupal.module b/modules/drupal/drupal.module
index 8295d8778..143ee798a 100644
--- a/modules/drupal/drupal.module
+++ b/modules/drupal/drupal.module
@@ -114,8 +114,10 @@ function drupal_directory_ping($arguments) {
function drupal_directory_page($sort = 'name') {
$result = db_query('SELECT * FROM {directory} ORDER BY '. $sort);
+ // Note: All fields except the mission are treated as plain-text.
+ // The mission is stripped of any HTML tags to keep the output simple and consistent.
while ($site = db_fetch_object($result)) {
- $output .= "<a href=\"$site->link\">$site->name</a> - $site->slogan<div style=\"padding-left: 20px;\">$site->mission</div><br />";
+ $output .= '<a href="'. check_url($site->link) .'">'. check_plain($site->name) .'</a> - '. check_plain($site->slogan) .'<div style="padding-left: 20px;">'. strip_tags($site->mission) .'</div><br />';
}
return $output;
diff --git a/modules/statistics.module b/modules/statistics.module
index 692eee327..20bc687fb 100644
--- a/modules/statistics.module
+++ b/modules/statistics.module
@@ -316,7 +316,7 @@ function statistics_top_referrers() {
$result = pager_query($query, 30, 0, $query_cnt, $_SERVER['HTTP_HOST']);
while ($referrer = db_fetch_object($result)) {
- $rows[] = array($referrer->hits, '<a href="'. $referrer->url .'">'. _statistics_column_width($referrer->url) .'</a>', t('%time ago', array('%time' => format_interval(time() - $referrer->last))));
+ $rows[] = array($referrer->hits, '<a href="'. check_url($referrer->url) .'">'. check_plain(_statistics_column_width($referrer->url)) .'</a>', t('%time ago', array('%time' => format_interval(time() - $referrer->last))));
}
if ($pager = theme('pager', NULL, 30, 0, tablesort_pager())) {
$rows[] = array(array('data' => $pager, 'colspan' => '3'));
diff --git a/modules/statistics/statistics.module b/modules/statistics/statistics.module
index 692eee327..20bc687fb 100644
--- a/modules/statistics/statistics.module
+++ b/modules/statistics/statistics.module
@@ -316,7 +316,7 @@ function statistics_top_referrers() {
$result = pager_query($query, 30, 0, $query_cnt, $_SERVER['HTTP_HOST']);
while ($referrer = db_fetch_object($result)) {
- $rows[] = array($referrer->hits, '<a href="'. $referrer->url .'">'. _statistics_column_width($referrer->url) .'</a>', t('%time ago', array('%time' => format_interval(time() - $referrer->last))));
+ $rows[] = array($referrer->hits, '<a href="'. check_url($referrer->url) .'">'. check_plain(_statistics_column_width($referrer->url)) .'</a>', t('%time ago', array('%time' => format_interval(time() - $referrer->last))));
}
if ($pager = theme('pager', NULL, 30, 0, tablesort_pager())) {
$rows[] = array(array('data' => $pager, 'colspan' => '3'));
diff --git a/modules/upload.module b/modules/upload.module
index 5302d5ac3..c0c7c6b86 100644
--- a/modules/upload.module
+++ b/modules/upload.module
@@ -247,7 +247,7 @@ function upload_nodeapi(&$node, $op, $arg) {
foreach ($node->files as $file) {
if ($file->list) {
$rows[] = array(
- '<a href="'. ($file->fid ? file_create_url($file->filepath) : url(file_create_filename($file->filename, file_create_path()))) . '">'. $file->filename .'</a>',
+ '<a href="'. check_url(($file->fid ? file_create_url($file->filepath) : url(file_create_filename($file->filename, file_create_path())))) .'">'. check_plain($file->filename) .'</a>',
format_size($file->filesize)
);
// We save the list of files still in preview for later
diff --git a/modules/upload/upload.module b/modules/upload/upload.module
index 5302d5ac3..c0c7c6b86 100644
--- a/modules/upload/upload.module
+++ b/modules/upload/upload.module
@@ -247,7 +247,7 @@ function upload_nodeapi(&$node, $op, $arg) {
foreach ($node->files as $file) {
if ($file->list) {
$rows[] = array(
- '<a href="'. ($file->fid ? file_create_url($file->filepath) : url(file_create_filename($file->filename, file_create_path()))) . '">'. $file->filename .'</a>',
+ '<a href="'. check_url(($file->fid ? file_create_url($file->filepath) : url(file_create_filename($file->filename, file_create_path())))) .'">'. check_plain($file->filename) .'</a>',
format_size($file->filesize)
);
// We save the list of files still in preview for later
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-22 04:04:49 +0000