mirror of
https://github.com/danpros/htmly.git
synced 2026-04-18 11:36:20 +05:30
Make sure to return htmlspecialchars
This commit is contained in:
danpros
parent
c069ecfdb9
commit
665ad9aa83
5 changed files with 29 additions and 30 deletions
|
|
@ -23,26 +23,10 @@
|
|||
</tr>
|
||||
<?php
|
||||
global $config_file;
|
||||
$array = array(
|
||||
"google.wmt" => "hallo",
|
||||
);
|
||||
$array = array();
|
||||
if (file_exists($config_file)) {
|
||||
$array = parse_ini_file($config_file, true);
|
||||
}
|
||||
function valueMaker($value)
|
||||
{
|
||||
if (is_string($value))
|
||||
return htmlspecialchars($value);
|
||||
|
||||
if ($value === true)
|
||||
return "true";
|
||||
if ($value === false)
|
||||
return "false";
|
||||
|
||||
if ($value == false)
|
||||
return "0";
|
||||
return (string)$value;
|
||||
}
|
||||
$configList = json_decode(file_get_contents('content/data/configList.json', true));
|
||||
foreach ($array as $key => $value) {
|
||||
if (!in_array($key, $configList)) {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
<?php
|
||||
<?php
|
||||
global $config_file;
|
||||
$array = array();
|
||||
if (file_exists($config_file)) {
|
||||
|
|
|
|||
|
|
@ -82,13 +82,13 @@
|
|||
<div class="form-group row">
|
||||
<label for="disqus.shortname" class="col-sm-2 col-form-label">Disqus shortname</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-disqus.shortname" class="form-control" id="disqus.shortname" value="<?php echo config('disqus.shortname');?>" placeholder="htmly">
|
||||
<input type="text" name="-config-disqus.shortname" class="form-control" id="disqus.shortname" value="<?php echo valueMaker(config('disqus.shortname'));?>" placeholder="htmly">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label for="fb.appid" class="col-sm-2 col-form-label">Facebook App ID</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-fb.appid" class="form-control" id="fb.appid" value="<?php echo config('fb.appid');?>" placeholder="12345abcde">
|
||||
<input type="text" name="-config-fb.appid" class="form-control" id="fb.appid" value="<?php echo valueMaker(config('fb.appid'));?>" placeholder="12345abcde">
|
||||
</div>
|
||||
</div>
|
||||
<br>
|
||||
|
|
@ -117,13 +117,13 @@
|
|||
<div class="form-group row">
|
||||
<label for="google.reCaptcha.public" class="col-sm-2 col-form-label">Site Key</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-google.reCaptcha.public" class="form-control" id="google.reCaptcha.public" value="<?php echo config('google.reCaptcha.public');?>" placeholder="12345abcde">
|
||||
<input type="text" name="-config-google.reCaptcha.public" class="form-control" id="google.reCaptcha.public" value="<?php echo valueMaker(config('google.reCaptcha.public'));?>" placeholder="12345abcde">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label for="google.reCaptcha.private" class="col-sm-2 col-form-label">Secret Key</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-google.reCaptcha.private" class="form-control" id="google.reCaptcha.private" value="<?php echo config('google.reCaptcha.private');?>" placeholder="12345abcde">
|
||||
<input type="text" name="-config-google.reCaptcha.private" class="form-control" id="google.reCaptcha.private" value="<?php echo valueMaker(config('google.reCaptcha.private'));?>" placeholder="12345abcde">
|
||||
</div>
|
||||
</div>
|
||||
<br>
|
||||
|
|
@ -132,20 +132,20 @@
|
|||
<div class="form-group row">
|
||||
<label for="google.gtag.id" class="col-sm-2 col-form-label">Universal Analytics (gtag.js)</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-google.gtag.id" class="form-control" id="google.gtag.id" value="<?php echo config('google.gtag.id');?>" placeholder="12345abcde">
|
||||
<input type="text" name="-config-google.gtag.id" class="form-control" id="google.gtag.id" value="<?php echo valueMaker(config('google.gtag.id'));?>" placeholder="12345abcde">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label for="google.analytics.id" class="col-sm-2 col-form-label">Google Analytics (legacy)</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-google.analytics.id" class="form-control" id="google.analytics.id" value="<?php echo config('google.analytics.id');?>" placeholder="12345abcde">
|
||||
<input type="text" name="-config-google.analytics.id" class="form-control" id="google.analytics.id" value="<?php echo valueMaker(config('google.analytics.id'));?>" placeholder="12345abcde">
|
||||
<small><em>This is legacy code. Usually new created analyics using gtag.js</em></small>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label for="google.wmt.id" class="col-sm-2 col-form-label">Google Search Console</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-google.wmt.id" class="form-control" id="google.wmt.id" value="<?php echo config('google.wmt.id');?>" placeholder="12345abcde">
|
||||
<input type="text" name="-config-google.wmt.id" class="form-control" id="google.wmt.id" value="<?php echo valueMaker(config('google.wmt.id'));?>" placeholder="12345abcde">
|
||||
<small><em>For google-site-verification meta</em></small>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -16,33 +16,33 @@
|
|||
<div class="form-group row">
|
||||
<label for="site.url" class="col-sm-2 col-form-label">Address (URL)</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-site.url" class="form-control" id="site.url" value="<?php echo config('site.url');?>" placeholder="https://www.htmly.com">
|
||||
<input type="text" name="-config-site.url" class="form-control" id="site.url" value="<?php echo valueMaker(config('site.url'));?>" placeholder="https://www.htmly.com">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label for="blog.title" class="col-sm-2 col-form-label">Blog title</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-blog.title" class="form-control" id="blog.title" value="<?php echo config('blog.title');?>" placeholder="My HTMLy Blog">
|
||||
<input type="text" name="-config-blog.title" class="form-control" id="blog.title" value="<?php echo valueMaker(config('blog.title'));?>" placeholder="My HTMLy Blog">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label for="blog.tagline" class="col-sm-2 col-form-label">Tagline</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-blog.tagline" class="form-control" id="blog.tagline" value="<?php echo config('blog.tagline');?>" placeholder="Databaseless PHP Blogging Platform">
|
||||
<input type="text" name="-config-blog.tagline" class="form-control" id="blog.tagline" value="<?php echo valueMaker(config('blog.tagline'));?>" placeholder="Databaseless PHP Blogging Platform">
|
||||
<small><em>In a few words, explain what this blog is about.</em></small>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label for="blog.description" class="col-sm-2 col-form-label">Description</label>
|
||||
<div class="col-sm-10">
|
||||
<textarea id="blog.description" name="-config-blog.description" class="form-control"><?php echo config('blog.description');?></textarea>
|
||||
<textarea id="blog.description" name="-config-blog.description" class="form-control"><?php echo valueMaker(config('blog.description'));?></textarea>
|
||||
<small><em>In one paragraph, tell us more about your blog.</em></small>
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
<label for="blog.copyright" class="col-sm-2 col-form-label">Copyright</label>
|
||||
<div class="col-sm-10">
|
||||
<input type="text" name="-config-blog.copyright" class="form-control" id="blog.copyright" value="<?php echo config('blog.copyright');?>" placeholder="(c) Your name.">
|
||||
<input type="text" name="-config-blog.copyright" class="form-control" id="blog.copyright" value="<?php echo valueMaker(config('blog.copyright'));?>" placeholder="(c) Your name.">
|
||||
</div>
|
||||
</div>
|
||||
<div class="form-group row">
|
||||
|
|
|
|||
|
|
@ -3321,3 +3321,18 @@ function format_date($date)
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
function valueMaker($value)
|
||||
{
|
||||
if (is_string($value))
|
||||
return htmlspecialchars($value);
|
||||
|
||||
if ($value === true)
|
||||
return "true";
|
||||
if ($value === false)
|
||||
return "false";
|
||||
|
||||
if ($value == false)
|
||||
return "0";
|
||||
return (string)$value;
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue