summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEarl Miles2007-03-06 22:56:28 (GMT)
committer Earl Miles2007-03-06 22:56:28 (GMT)
commit6712419accb4783fe58e1d114ffa63bbcdf34099 (patch)
tree709a83f962dac6b039da45cdd397c20ed410ddb1
parent87ee5263d4985b37ea71738bc1be0fe588a7d817 (diff)
#119463: Double check_plain on breadcrumbs for Views titles.
-rw-r--r--CHANGELOG.txt1
-rw-r--r--views.module6
-rw-r--r--views_ui.module12
3 files changed, 14 insertions, 5 deletions
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index 9fbaff4..c64e70a 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -147,6 +147,7 @@ Views --dev
o #113332: NULL entries for vocabulary summaries with nodes without terms.
o #119082: Fixed a problem with view titles on the admin page.
o #119921: Recent comments block had incorrect filter, causing nodes with just 1 comment not to show up.
+ o #119463: Double check_plain on breadcrumbs for Views' titles.
New features:
o #105620: (Attempt 2) allow modules to alter views tables + arguments
diff --git a/views.module b/views.module
index 3f9b00b..06c1af4 100644
--- a/views.module
+++ b/views.module
@@ -210,7 +210,7 @@ function _views_create_menu_item(&$items, $view, $path, $local_task_type = MENU_
$roles[] = DRUPAL_ANONYMOUS_RID;
}
}
- $title = views_get_title($view, 'menu');
+ $title = filter_xss_admin(views_get_title($view, 'menu'));
$type = _views_menu_type($view);
if ($type == MENU_LOCAL_TASK || $type == MENU_DEFAULT_LOCAL_TASK) {
$weight = $view->menu_tab_weight;
@@ -1361,7 +1361,7 @@ function views_set_breadcrumb($view) {
$where = 1;
foreach ($view->args as $level => $arg) {
if ($view->argument[$level]['argdefault'] != 1) {
- $breadcrumb[] = l(views_get_title($view, 'page', $args), $url);
+ $breadcrumb[] = l(filter_xss_admin(views_get_title($view, 'page', $args)), $url, NULL, NULL, NULL, NULL, TRUE);
// For next round.
}
$args[] = $arg;
@@ -1402,7 +1402,7 @@ function theme_views_view($view, $type, $nodes, $level = NULL, $args = NULL) {
$num_nodes = count($nodes);
if ($type == 'page') {
- drupal_set_title(views_get_title($view, 'page'));
+ drupal_set_title(filter_xss_admin(views_get_title($view, 'page')));
views_set_breadcrumb($view);
}
diff --git a/views_ui.module b/views_ui.module
index 56a48e9..4ece98a 100644
--- a/views_ui.module
+++ b/views_ui.module
@@ -220,7 +220,7 @@ function views_ui_admin_page() {
$items[] = array(
$view->name,
- views_get_title($view, 'admin'),
+ filter_xss_admin(views_get_title($view, 'admin')),
$view->description,
implode(', ', $provides),
$url,
@@ -293,7 +293,15 @@ function views_ui_admin_page() {
$links[] = array('title' => t('Enable'), 'href' => "admin/build/views/enable/$view->name");
}
- $items[] = array($view->name, views_get_title($view, 'menu'), $view->description, implode(', ', $provides), $url, $status, theme('links', $links));
+ $items[] = array(
+ $view->name,
+ filter_xss_admin(views_get_title($view, 'menu')),
+ $view->description,
+ implode(', ', $provides),
+ $url,
+ $status,
+ theme('links', $links)
+ );
}
if ($items) {