maket/MaketRandevu
1
1
Fork 0
Code Issues 15 Pull requests Projects Releases 4 Packages Wiki Activity

Apply the new escape helper function to the view files

Browse source
This commit is contained in:
Alex Tselegidis 2023-03-13 08:18:39 +01:00
parent 9b66e9fedc
commit 453c6e1302
7 changed files with 39 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
application/views/components/appointments_modal.php
View file

@ -43,6 +43,7 @@
// Group services by category, only if there is at least one service // Group services by category, only if there is at least one service
// with a parent category. // with a parent category.
$has_category = FALSE; $has_category = FALSE;
foreach ($available_services as $service) foreach ($available_services as $service)
{ {
if ( ! empty($service['category_id'])) if ( ! empty($service['category_id']))
@ -72,6 +73,7 @@
// We need the uncategorized services at the end of the list, so we will use // We need the uncategorized services at the end of the list, so we will use
// another iteration only for the uncategorized services. // another iteration only for the uncategorized services.
$grouped_services['uncategorized'] = []; $grouped_services['uncategorized'] = [];
foreach ($available_services as $service) foreach ($available_services as $service)
{ {
if ($service['category_id'] == NULL) if ($service['category_id'] == NULL)
@ -83,7 +85,7 @@
foreach ($grouped_services as $key => $group) foreach ($grouped_services as $key => $group)
{ {
$group_label = $key !== 'uncategorized' $group_label = $key !== 'uncategorized'
? $group[0]['category_name'] ? e($group[0]['category_name'])
: 'Uncategorized'; : 'Uncategorized';
if (count($group) > 0) if (count($group) > 0)
@ -93,7 +95,7 @@
foreach ($group as $service) foreach ($group as $service)
{ {
echo '<option value="' . $service['id'] . '">' echo '<option value="' . $service['id'] . '">'
. $service['name'] . '</option>'; . e($service['name']) . '</option>';
} }
echo '</optgroup>'; echo '</optgroup>';
@ -105,7 +107,7 @@
foreach ($available_services as $service) foreach ($available_services as $service)
{ {
echo '<option value="' . $service['id'] . '">' echo '<option value="' . $service['id'] . '">'
. $service['name'] . '</option>'; . e($service['name']) . '</option>';
} }
} }
?> ?>
@ -137,8 +139,8 @@
</label> </label>
<select id="appointment-status" class="form-control"> <select id="appointment-status" class="form-control">
<?php foreach ($appointment_status_options as $appointment_status_option): ?> <?php foreach ($appointment_status_options as $appointment_status_option): ?>
<option value="<?= $appointment_status_option ?>"> <option value="<?= e($appointment_status_option) ?>">
<?= $appointment_status_option ?> <?= e($appointment_status_option) ?>
</option> </option>
<?php endforeach ?> <?php endforeach ?>
</select> </select>

2
application/views/components/backend_footer.php
View file

@ -44,7 +44,7 @@
<div class="ms-lg-auto"> <div class="ms-lg-auto">
<strong id="footer-user-display-name"> <strong id="footer-user-display-name">
<?= lang('hello') . ', ' . $user_display_name ?>! <?= lang('hello') . ', ' . e($user_display_name) ?>!
</strong> </strong>
</div> </div>
</div> </div>

4
application/views/components/google_analytics_script.php
View file

@ -10,7 +10,7 @@
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,"script","//www.google-analytics.com/analytics.js","ga"); })(window,document,"script","//www.google-analytics.com/analytics.js","ga");
ga("create", "<?= $google_analytics_code ?>", "auto"); ga("create", "<?= e($google_analytics_code) ?>", "auto");
ga("send", "pageview"); ga("send", "pageview");
</script> </script>
<?php endif ?> <?php endif ?>
@ -21,7 +21,7 @@
window.dataLayer = window.dataLayer || []; window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);} function gtag(){dataLayer.push(arguments);}
gtag("js", new Date()); gtag("js", new Date());
gtag("config", "<?= $google_analytics_code ?>"); gtag("config", "<?= e($google_analytics_code) ?>");
</script> </script>
<?php endif ?> <?php endif ?>

4
application/views/components/matomo_analytics_script.php
View file

@ -13,7 +13,7 @@
_paq.push(['trackPageView']); _paq.push(['trackPageView']);
_paq.push(['enableLinkTracking']); _paq.push(['enableLinkTracking']);
(function () { (function () {
var u = "<?= $matomo_analytics_url ?>"; var u = "<?= e($matomo_analytics_url) ?>";
_paq.push(['setTrackerUrl', u + 'matomo.php']); _paq.push(['setTrackerUrl', u + 'matomo.php']);
_paq.push(['setSiteId', '1']); _paq.push(['setSiteId', '1']);
var d = document, g = d.createElement('script'), s = d.getElementsByTagName('script')[0]; var d = document, g = d.createElement('script'), s = d.getElementsByTagName('script')[0];
@ -24,7 +24,7 @@
</script> </script>
<noscript> <noscript>
<p><img src="<?= $matomo_analytics_url ?>matomo.php?idsite=1&amp;rec=1" style="border:0;" alt=""/></p> <p><img src="<?= e($matomo_analytics_url) ?>matomo.php?idsite=1&amp;rec=1" style="border:0;" alt=""/></p>
</noscript> </noscript>
<?php endif ?> <?php endif ?>

4
application/views/emails/account_recovery_email.php
View file

@ -16,7 +16,7 @@
<div class="email-container" style="width: 650px; border: 1px solid #eee;"> <div class="email-container" style="width: 650px; border: 1px solid #eee;">
<div id="header" style="background-color: #429a82; height: 45px; padding: 10px 15px;"> <div id="header" style="background-color: #429a82; height: 45px; padding: 10px 15px;">
<strong id="logo" style="color: white; font-size: 20px; margin-top: 10px; display: inline-block"> <strong id="logo" style="color: white; font-size: 20px; margin-top: 10px; display: inline-block">
<?= $settings['company_name'] ?> <?= e($settings['company_name']) ?>
</strong> </strong>
</div> </div>
@ -37,7 +37,7 @@
</a> </a>
| |
<a href="<?= $settings['company_link'] ?>" style="text-decoration: none;"> <a href="<?= $settings['company_link'] ?>" style="text-decoration: none;">
<?= $settings['company_name'] ?> <?= e($settings['company_name']) ?>
</a> </a>
</div> </div>
</div> </div>

24
application/views/emails/appointment_deleted_email.php
View file

@ -21,7 +21,7 @@
<div class="email-container" style="width: 650px; border: 1px solid #eee;"> <div class="email-container" style="width: 650px; border: 1px solid #eee;">
<div id="header" style="background-color: #429a82; height: 45px; padding: 10px 15px;"> <div id="header" style="background-color: #429a82; height: 45px; padding: 10px 15px;">
<strong id="logo" style="color: white; font-size: 20px; margin-top: 10px; display: inline-block"> <strong id="logo" style="color: white; font-size: 20px; margin-top: 10px; display: inline-block">
<?= $settings['company_name'] ?> <?= e($settings['company_name']) ?>
</strong> </strong>
</div> </div>
@ -44,7 +44,7 @@
<?= lang('service') ?> <?= lang('service') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $service['name'] ?> <?= e($service['name']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -52,7 +52,7 @@
<?= lang('provider') ?> <?= lang('provider') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $provider['first_name'] . ' ' . $provider['last_name'] ?> <?= e($provider['first_name'] . ' ' . $provider['last_name']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -87,7 +87,7 @@
<?= lang('location') ?> <?= lang('location') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $appointment['location'] ?> <?= e($appointment['location']) ?>
</td> </td>
</tr> </tr>
<?php endif ?> <?php endif ?>
@ -98,7 +98,7 @@
<?= lang('notes') ?> <?= lang('notes') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $appointment['notes'] ?> <?= e($appointment['notes']) ?>
</td> </td>
</tr> </tr>
<?php endif ?> <?php endif ?>
@ -114,7 +114,7 @@
<?= lang('name') ?> <?= lang('name') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $customer['first_name'] . ' ' . $customer['last_name'] ?> <?= e($customer['first_name'] . ' ' . $customer['last_name']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -122,7 +122,7 @@
<?= lang('email') ?> <?= lang('email') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $customer['email'] ?> <?= e($customer['email']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -130,7 +130,7 @@
<?= lang('phone_number') ?> <?= lang('phone_number') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $customer['phone_number'] ?> <?= e($customer['phone_number']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -138,7 +138,7 @@
<?= lang('address') ?> <?= lang('address') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $customer['address'] ?> <?= e($customer['address']) ?>
</td> </td>
</tr> </tr>
</table> </table>
@ -148,7 +148,7 @@
</h2> </h2>
<p> <p>
<?= $reason ?> <?= e($reason) ?>
</p> </p>
</div> </div>
@ -159,8 +159,8 @@
Easy!Appointments Easy!Appointments
</a> </a>
| |
<a href="<?= $settings['company_link'] ?>" style="text-decoration: none;"> <a href="<?= e($settings['company_link']) ?>" style="text-decoration: none;">
<?= $settings['company_name'] ?> <?= e($settings['company_name']) ?>
</a> </a>
</div> </div>
</div> </div>

26
application/views/emails/appointment_saved_email.php
View file

@ -25,7 +25,7 @@
<div class="email-container" style="width: 650px; border: 1px solid #eee;"> <div class="email-container" style="width: 650px; border: 1px solid #eee;">
<div id="header" style="background-color: #429a82; height: 45px; padding: 10px 15px;"> <div id="header" style="background-color: #429a82; height: 45px; padding: 10px 15px;">
<strong id="logo" style="color: white; font-size: 20px; margin-top: 10px; display: inline-block"> <strong id="logo" style="color: white; font-size: 20px; margin-top: 10px; display: inline-block">
<?= $settings['company_name'] ?> <?= e($settings['company_name']) ?>
</strong> </strong>
</div> </div>
@ -48,7 +48,7 @@
<?= lang('service') ?> <?= lang('service') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $service['name'] ?> <?= e($service['name']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -56,7 +56,7 @@
<?= lang('provider') ?> <?= lang('provider') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $provider['first_name'] . ' ' . $provider['last_name'] ?> <?= e($provider['first_name'] . ' ' . $provider['last_name']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -91,7 +91,7 @@
<?= lang('location') ?> <?= lang('location') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $appointment['location'] ?> <?= e($appointment['location']) ?>
</td> </td>
</tr> </tr>
<?php endif ?> <?php endif ?>
@ -102,7 +102,7 @@
<?= lang('notes') ?> <?= lang('notes') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $appointment['notes'] ?> <?= e($appointment['notes']) ?>
</td> </td>
</tr> </tr>
<?php endif ?> <?php endif ?>
@ -118,7 +118,7 @@
<?= lang('name') ?> <?= lang('name') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $customer['first_name'] . ' ' . $customer['last_name'] ?> <?= e($customer['first_name'] . ' ' . $customer['last_name']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -126,7 +126,7 @@
<?= lang('email') ?> <?= lang('email') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $customer['email'] ?> <?= e($customer['email']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -134,7 +134,7 @@
<?= lang('phone_number') ?> <?= lang('phone_number') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $customer['phone_number'] ?> <?= e($customer['phone_number']) ?>
</td> </td>
</tr> </tr>
<tr> <tr>
@ -142,7 +142,7 @@
<?= lang('address') ?> <?= lang('address') ?>
</td> </td>
<td style="padding: 3px;"> <td style="padding: 3px;">
<?= $customer['address'] ?> <?= e($customer['address']) ?>
</td> </td>
</tr> </tr>
</table> </table>
@ -151,8 +151,8 @@
<?= lang('appointment_link_title') ?> <?= lang('appointment_link_title') ?>
</h2> </h2>
<a href="<?= $appointment_link ?>" style="width: 600px;"> <a href="<?= e($appointment_link) ?>" style="width: 600px;">
<?= $appointment_link ?> <?= e($appointment_link) ?>
</a> </a>
</div> </div>
@ -163,8 +163,8 @@
Easy!Appointments Easy!Appointments
</a> </a>
| |
<a href="<?= $settings['company_link'] ?>" style="text-decoration: none;"> <a href="<?= e($settings['company_link']) ?>" style="text-decoration: none;">
<?= $settings['company_name'] ?> <?= e($settings['company_name']) ?>
</a> </a>
</div> </div>
</div> </div>