Skip to content

Commit

Permalink
#2301 noescape 명시적 지정
Browse files Browse the repository at this point in the history
  • Loading branch information
bnu committed Sep 27, 2018
1 parent 8184760 commit 4d28066
Show file tree
Hide file tree
Showing 64 changed files with 225 additions and 225 deletions.
12 changes: 6 additions & 6 deletions layouts/default/layout.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ <h1>
<nav class="gnb" id="gnb">
<ul>
<li loop="$GNB->list=>$key1,$val1" class="active"|cond="$val1['selected']">
<a href="{$val1['href']}" target="_blank"|cond="$val1['open_window']=='Y'">{$val1['link']}</a>
<a href="{$val1['href']}" target="_blank"|cond="$val1['open_window']=='Y'">{$val1['link']|noescape}</a>
<ul cond="$val1['list']">
<li loop="$val1['list']=>$key2,$val2" class="active"|cond="$val2['selected']"><a href="{$val2['href']}" target="_blank"|cond="$val2['open_window']=='Y'">{$val2['link']}</a></li>
<li loop="$val1['list']=>$key2,$val2" class="active"|cond="$val2['selected']"><a href="{$val2['href']}" target="_blank"|cond="$val2['open_window']=='Y'">{$val2['link']|noescape}</a></li>
</ul>
</li>
</ul>
Expand Down Expand Up @@ -86,19 +86,19 @@ <h1>
<div class="body main"|cond="$layout_info->LAYOUT_TYPE=='MAIN_PAGE'" class="body sub"|cond="$layout_info->LAYOUT_TYPE=='SUB_PAGE'">
<!-- LNB -->
<nav class="lnb" cond="$layout_info->LAYOUT_TYPE == 'SUB_PAGE'">
<h1 loop="$GNB->list=>$key1,$val1" cond="$val1['selected']"><a href="{$val1['href']}" target="_blank"|cond="$val1['open_window']=='Y'">{$val1['link']}</a></h1>
<h1 loop="$GNB->list=>$key1,$val1" cond="$val1['selected']"><a href="{$val1['href']}" target="_blank"|cond="$val1['open_window']=='Y'">{$val1['link']|noescape}</a></h1>
<ul loop="$GNB->list=>$key1,$val1" cond="$val1['selected'] && $val1['list']">
<li loop="$val1['list']=>$key2,$val2" class="active"|cond="$val2['selected']"><a href="{$val2['href']}" target="_blank"|cond="$val2['open_window']=='Y'">{$val2['link']}</a>
<li loop="$val1['list']=>$key2,$val2" class="active"|cond="$val2['selected']"><a href="{$val2['href']}" target="_blank"|cond="$val2['open_window']=='Y'">{$val2['link']|noescape}</a>
<ul cond="$val2['list']">
<li loop="$val2['list']=>$key3,$val3" class="active"|cond="$val3['selected']"><a href="{$val3['href']}" target="_blank"|cond="$val3['open_window']=='Y'">{$val3['link']}</a></li>
<li loop="$val2['list']=>$key3,$val3" class="active"|cond="$val3['selected']"><a href="{$val3['href']}" target="_blank"|cond="$val3['open_window']=='Y'">{$val3['link']|noescape}</a></li>
</ul>
</li>
</ul>
</nav>
<!-- /LNB -->
<!-- CONTENT -->
<div class="content" id="content">
{$content}
{$content|noescape}
</div>
<!-- /CONTENT -->
</div>
Expand Down
12 changes: 6 additions & 6 deletions layouts/user_layout/layout.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,9 @@ <h1>Site Logo</h1>
<div class="gnb">
.gnb
<ul>
<li loop="$global_menu->list=>$key1,$val1" class="active"|cond="$val1['selected']"><a href="{$val1['href']}" target="_blank"|cond="$val1['open_window']=='Y'">{$val1['link']}</a>
<li loop="$global_menu->list=>$key1,$val1" class="active"|cond="$val1['selected']"><a href="{$val1['href']}" target="_blank"|cond="$val1['open_window']=='Y'">{$val1['link']|noescape}</a>
<ul cond="$val1['list']">
<li loop="$val1['list']=>$key2,$val2" class="active"|cond="$val2['selected']"><a href="{$val2['href']}" target="_blank"|cond="$val2['open_window']=='Y'">{$val2['link']}</a></li>
<li loop="$val1['list']=>$key2,$val2" class="active"|cond="$val2['selected']"><a href="{$val2['href']}" target="_blank"|cond="$val2['open_window']=='Y'">{$val2['link']|noescape}</a></li>
</ul>
</li>
</ul>
Expand All @@ -29,18 +29,18 @@ <h1>Site Logo</h1>
</div>
<hr />
.lnb
<h2 loop="$global_menu->list=>$key1,$val1" cond="$val1['selected']"><a href="{$val1['href']}" target="_blank"|cond="$val1['open_window']=='Y'">{$val1['link']}</a></h2>
<h2 loop="$global_menu->list=>$key1,$val1" cond="$val1['selected']"><a href="{$val1['href']}" target="_blank"|cond="$val1['open_window']=='Y'">{$val1['link']|noescape}</a></h2>
<ul loop="$global_menu->list=>$key1,$val1" cond="$val1['selected'] && $val1['list']">
<li loop="$val1['list']=>$key2,$val2" class="active"|cond="$val2['selected']"><a href="{$val2['href']}" target="_blank"|cond="$val2['open_window']=='Y'">{$val2['link']}</a>
<li loop="$val1['list']=>$key2,$val2" class="active"|cond="$val2['selected']"><a href="{$val2['href']}" target="_blank"|cond="$val2['open_window']=='Y'">{$val2['link']|noescape}</a>
<ul cond="$val2['list']">
<li loop="$val2['list']=>$key3,$val3" class="active"|cond="$val3['selected']"><a href="{$val3['href']}" target="_blank"|cond="$val3['open_window']=='Y'">{$val3['link']}</a>
<li loop="$val2['list']=>$key3,$val3" class="active"|cond="$val3['selected']"><a href="{$val3['href']}" target="_blank"|cond="$val3['open_window']=='Y'">{$val3['link']|noescape}</a>
</li>
</ul>
</li>
</ul>
</div>
<hr />
<div class="content">.content{$content}</div>
<div class="content">.content {$content|noescape}</div>
</div>
<hr />
<div class="footer">.footer</div>
Expand Down
6 changes: 3 additions & 3 deletions layouts/xedition/layout.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,7 +253,7 @@ <h1 class="logo-item">
<div cond="$_enable_unb && $UNB->list" class="custom_area">
<ul>
<li loop="$UNB->list => $key, $val">
<a href="{$val['href']}" target="_blank"|cond="$val['open_window'] == 'Y'">{$val['link']}</a>
<a href="{$val['href']}" target="_blank"|cond="$val['open_window'] == 'Y'">{$val['link']|noescape}</a>
</li>
</ul>
</div>
Expand Down Expand Up @@ -370,7 +370,7 @@ <h1>{$sub_header_title}</h1>
<!-- /LNB -->
<!-- CONTENT -->
<div class="content" id="content">
{$content}
{$content|noescape}
</div>
<!--@if($layout_info->use_demo === 'Y')-->
<include target="./demo/welcome_main.html" />
Expand All @@ -392,7 +392,7 @@ <h1>{$sub_header_title}</h1>
<!--@end-->
</a>
</p>
<p class="sub_desc">{$layout_info->footer_text}</p>
<p class="sub_desc">{$layout_info->footer_text|noescape}</p>
<!--@else-->
<include target="./demo/footer.html" />
<!--@end-->
Expand Down
100 changes: 50 additions & 50 deletions m.layouts/colorCode/layout.html
View file
Original file line number Diff line number Diff line change
@@ -1,50 +1,50 @@
<load target="css/Blue/layout.css" cond="$layout_info->colorset=='blue' || !$layout_info->colorset" />
<load target="css/Gray/layout.css" cond="$layout_info->colorset=='gray'" />
<load target="css/Red/layout.css" cond="$layout_info->colorset=='red'" />
<load target="css/Orange/layout.css" cond="$layout_info->colorset=='orange'" />
<load target="css/nGreenA/layout.css" cond="$layout_info->colorset=='ngreena'" />
<load target="css/nGreenB/layout.css" cond="$layout_info->colorset=='ngreenb'" />
<load target="js/layout.js" />
<div class="skip"><a href="#ct">Skip to Content</a></div>
<header class="lo_head">
<a href="{$layout_info->index_url}" class="btn_home">Home</a>

<!--@if($layout_info->menu->main_menu->menu_srl)-->
<!--@if($act=='dispMenuMenu')-->
<a class="btn_menu" href="#" onclick="history.back(); return false;" title="{$lang->cmd_back}"><span class="b">Back</span></a>
<!--@else-->
<a class="btn_menu" href="{getUrl('act','dispMenuMenu','menu_srl',$layout_info->menu->main_menu->menu_srl)}" title="{$lang->menu}"><span class="m">Menu</span></a>
<!--@end-->
<!--@end-->
<!--@if($layout_info->logo_image)-->
<h1 class="title"><a href="{$layout_info->index_url}" class="img"><img src="{$layout_info->logo_image}" alt="{$layout_info->index_title}"|cond="$layout_info->index_title" alt="{Context::getSiteTitle()}"|cond="!$layout_info->index_title && Context::getSiteTitle()" /></a></h1>
<!--@elseif($layout_info->index_title)-->
<h1 class="title"><span class="txt">{$layout_info->index_title}</span></h1>
<!--@end-->
</header>
<hr class="head_hr" />
<section id="ct" class="ct">
{$content}
</section>
<footer class="lo_foot">
<ul class="link">
<!--@if($is_logged)-->
<li><a href="{getUrl('act','dispMemberLogout')}">{$lang->cmd_logout}</a></li>
<li><a href="{getUrl('act', 'dispMemberInfo')}">{$lang->cmd_view_member_info}</a></li>
<!--@elseif($act!='dispMemberLoginForm')-->
<li><a href="{getUrl('act','dispMemberLoginForm')}" >{$lang->cmd_login}...</a></li>
<!--@end-->
<li><a href="{getUrl('m',0)}">PC</a></li>
<li class="lang off" cond="count($lang_supported)>1">
<a href="#" onclick="return false;" title="{$lang_type}">{$lang_supported[$lang_type]} <i class="icon_arr_draw"></i></a>
<ul class="lang_lst">
<!--@foreach($lang_supported as $key=>$val)-->

<li cond="$key != $lang_type"><a href="{getUrl('act',$oldact,'l',$key)}">{$val}</a></li>

<!--@end-->
</ul>
</li>
</ul>
<p class="cr">{$layout_info->footer_title}</p>
</footer>
<load target="css/Blue/layout.css" cond="$layout_info->colorset=='blue' || !$layout_info->colorset" />
<load target="css/Gray/layout.css" cond="$layout_info->colorset=='gray'" />
<load target="css/Red/layout.css" cond="$layout_info->colorset=='red'" />
<load target="css/Orange/layout.css" cond="$layout_info->colorset=='orange'" />
<load target="css/nGreenA/layout.css" cond="$layout_info->colorset=='ngreena'" />
<load target="css/nGreenB/layout.css" cond="$layout_info->colorset=='ngreenb'" />
<load target="js/layout.js" />
<div class="skip"><a href="#ct">Skip to Content</a></div>
<header class="lo_head">
<a href="{$layout_info->index_url}" class="btn_home">Home</a>

<!--@if($layout_info->menu->main_menu->menu_srl)-->
<!--@if($act=='dispMenuMenu')-->
<a class="btn_menu" href="#" onclick="history.back(); return false;" title="{$lang->cmd_back}"><span class="b">Back</span></a>
<!--@else-->
<a class="btn_menu" href="{getUrl('act','dispMenuMenu','menu_srl',$layout_info->menu->main_menu->menu_srl)}" title="{$lang->menu}"><span class="m">Menu</span></a>
<!--@end-->
<!--@end-->
<!--@if($layout_info->logo_image)-->
<h1 class="title"><a href="{$layout_info->index_url}" class="img"><img src="{$layout_info->logo_image}" alt="{$layout_info->index_title}"|cond="$layout_info->index_title" alt="{Context::getSiteTitle()}"|cond="!$layout_info->index_title && Context::getSiteTitle()" /></a></h1>
<!--@elseif($layout_info->index_title)-->
<h1 class="title"><span class="txt">{$layout_info->index_title}</span></h1>
<!--@end-->
</header>
<hr class="head_hr" />
<section id="ct" class="ct">
{$content|noescape}
</section>
<footer class="lo_foot">
<ul class="link">
<!--@if($is_logged)-->
<li><a href="{getUrl('act','dispMemberLogout')}">{$lang->cmd_logout}</a></li>
<li><a href="{getUrl('act', 'dispMemberInfo')}">{$lang->cmd_view_member_info}</a></li>
<!--@elseif($act!='dispMemberLoginForm')-->
<li><a href="{getUrl('act','dispMemberLoginForm')}" >{$lang->cmd_login}...</a></li>
<!--@end-->
<li><a href="{getUrl('m',0)}">PC</a></li>
<li class="lang off" cond="count($lang_supported)>1">
<a href="#" onclick="return false;" title="{$lang_type}">{$lang_supported[$lang_type]} <i class="icon_arr_draw"></i></a>
<ul class="lang_lst">
<!--@foreach($lang_supported as $key=>$val)-->

<li cond="$key != $lang_type"><a href="{getUrl('act',$oldact,'l',$key)}">{$val}</a></li>

<!--@end-->
</ul>
</li>
</ul>
<p class="cr">{$layout_info->footer_title}</p>
</footer>
2 changes: 1 addition & 1 deletion m.layouts/default/layout.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ <h1 class="h1"><a href="{$layout_info->index_url}"|cond="$layout_info->index_url
<!--@end-->
<!--@end-->
</div>
{$content}
{$content|noescape}
<ul class="ft">
<!--@if($is_logged)-->
<li class="fl"><a href="{getUrl('act','dispMemberLogout')}">{$lang->cmd_logout}</a></li>
Expand Down
2 changes: 1 addition & 1 deletion m.layouts/simpleGray/layout.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ <h1 class="h1"><a href="{$layout_info->index_url}">{$layout_info->index_title}</
<div class="fr"><a href="{getUrl('act','dispMenuMenu','menu_srl',$layout_info->menu->main_menu->menu_srl)}" class="bn">{$lang->menu}</a></div>
<!--@end-->
</div>
{$content}
{$content|noescape}
<ul class="eg ft">
<!--@if($is_logged)-->
<li class="fl"><a href="{getUrl('act','dispMemberLogout')}">{$lang->cmd_logout}</a></li>
Expand Down
2 changes: 1 addition & 1 deletion modules/admin/tpl/layout.html
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<include target="./_header.html" />
<div class="content" id="content">
{$content}
{$content|noescape}
</div>
<include target="./_footer.html" />

4 changes: 2 additions & 2 deletions modules/board/m.skins/default/_list.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,15 @@ <h2><a href="{getUrl('','vid',$vid,'mid',$mid)}">{$module_info->browser_title}</
<!--@foreach($notice_list as $no => $document)-->
<li>
<a href="{getUrl('document_srl', $document->document_srl)}">
<span class="title"><span class="notice">{$lang->notice}</span> <!--@if($module_info->use_category == "Y" && $document->get('category_srl'))-->{$category_list[$document->get('category_srl')]->title} &rsaquo;<!--@end--> <strong>{$document->getTitle($module_info->subject_cut_size)}</strong> <!--@if($document->getCommentCount())--><em>[{$document->getCommentCount()}]</em><!--@endif--></span>
<span class="title"><span class="notice">{$lang->notice}</span> <!--@if($module_info->use_category == "Y" && $document->get('category_srl'))-->{$category_list[$document->get('category_srl')]->title} &rsaquo;<!--@end--> <strong>{$document->getTitle($module_info->subject_cut_size)|noescape}</strong> <!--@if($document->getCommentCount())--><em>[{$document->getCommentCount()}]</em><!--@endif--></span>
<span class="auth"><strong>{$document->getNickName()}</strong> <span class="time">{$document->getRegDate("Y.m.d")}</span></span>
</a>
</li>
<!--@end-->
<!--@foreach($document_list as $no => $document)-->
<li>
<a href="{getUrl('document_srl', $document->document_srl)}">
<span class="title"><!--@if($module_info->use_category == "Y" && $document->get('category_srl'))-->{$category_list[$document->get('category_srl')]->title} &rsaquo;<!--@end--> <strong>{$document->getTitle($module_info->subject_cut_size)}</strong> <!--@if($document->getCommentCount())--><em>[{$document->getCommentCount()}]</em><!--@endif--></span>
<span class="title"><!--@if($module_info->use_category == "Y" && $document->get('category_srl'))-->{$category_list[$document->get('category_srl')]->title} &rsaquo;<!--@end--> <strong>{$document->getTitle($module_info->subject_cut_size)|noescape}</strong> <!--@if($document->getCommentCount())--><em>[{$document->getCommentCount()}]</em><!--@endif--></span>
<span class="auth"><strong>{$document->getNickName()}</strong> <span class="time">{$document->getRegDate("Y.m.d")}</span></span>
</a>
</li>
Expand Down
96 changes: 48 additions & 48 deletions modules/board/m.skins/default/comment.html
View file
Original file line number Diff line number Diff line change
@@ -1,48 +1,48 @@
<ul id="cl" class="rp tgo open">
{@ $_comment_list = $oDocument->getComments() }
{@ $start = true }
{@ $depth = 0 }
<!--@foreach($_comment_list as $key => $comment)-->
<!--@if(!$start && $comment->get('depth') == $depth)-->
</li>
<!--@end-->
<!--@if($comment->get('depth') > $depth)-->
<ul>
<!--@else-->
<!--@while($comment->get('depth') < $depth)-->
</li>
</ul>
{@ $depth -= 1 }
<!--@end-->
<!--@endif-->
<li>
{$comment->getContent(false)}
<span class="auth">
<em>{$comment->getNickName()}</em>
<span class="time">{$comment->getRegdate("Y.m.d")}</span>
<!--@if($comment->isGranted() || !$comment->get('member_srl'))-->
<a href="{getUrl('act','dispBoardDeleteComment','comment_srl',$comment->comment_srl)}" class="btn de">{$lang->cmd_delete}</a>
<!--@endif-->
<a href="{getUrl('act','dispBoardReplyComment','comment_srl',$comment->comment_srl)}" class="btn re">{$lang->cmd_reply}</a>
{@ $start = false }
{@ $depth = $comment->get('depth') }
</span>
<!--@endforeach-->
<!--@while($depth > 0)-->
</li>
</ul>
{@ $depth -= 1}
<!--@end-->
</li>
</ul>
<!--@if($oDocument->comment_page_navigation)-->
<div id="clpn" class="pn">
<!--@if($oDocument->comment_page_navigation->cur_page != 1)-->
<a href="#" onclick="loadPage({$oDocument->document_srl}, {$oDocument->comment_page_navigation->cur_page-1}); return false;">&lsaquo; {$lang->cmd_prev}</a>
<!--@endif-->
<strong id="curpage">{$oDocument->comment_page_navigation->cur_page} / {$oDocument->comment_page_navigation->last_page}</strong>
<!--@if($oDocument->comment_page_navigation->cur_page != $oDocument->comment_page_navigation->last_page)-->
<a href="#" onclick="loadPage({$oDocument->document_srl}, {$oDocument->comment_page_navigation->cur_page+1}); return false;">{$lang->cmd_next} &rsaquo;</a>
<!--@endif-->
</div>
<!--@endif-->
<ul id="cl" class="rp tgo open">
{@ $_comment_list = $oDocument->getComments() }
{@ $start = true }
{@ $depth = 0 }
<!--@foreach($_comment_list as $key => $comment)-->
<!--@if(!$start && $comment->get('depth') == $depth)-->
</li>
<!--@end-->
<!--@if($comment->get('depth') > $depth)-->
<ul>
<!--@else-->
<!--@while($comment->get('depth') < $depth)-->
</li>
</ul>
{@ $depth -= 1 }
<!--@end-->
<!--@endif-->
<li>
{$comment->getContent(false)|noescape}
<span class="auth">
<em>{$comment->getNickName()}</em>
<span class="time">{$comment->getRegdate("Y.m.d")}</span>
<!--@if($comment->isGranted() || !$comment->get('member_srl'))-->
<a href="{getUrl('act','dispBoardDeleteComment','comment_srl',$comment->comment_srl)}" class="btn de">{$lang->cmd_delete}</a>
<!--@endif-->
<a href="{getUrl('act','dispBoardReplyComment','comment_srl',$comment->comment_srl)}" class="btn re">{$lang->cmd_reply}</a>
{@ $start = false }
{@ $depth = $comment->get('depth') }
</span>
<!--@endforeach-->
<!--@while($depth > 0)-->
</li>
</ul>
{@ $depth -= 1}
<!--@end-->
</li>
</ul>
<!--@if($oDocument->comment_page_navigation)-->
<div id="clpn" class="pn">
<!--@if($oDocument->comment_page_navigation->cur_page != 1)-->
<a href="#" onclick="loadPage({$oDocument->document_srl}, {$oDocument->comment_page_navigation->cur_page-1}); return false;">&lsaquo; {$lang->cmd_prev}</a>
<!--@endif-->
<strong id="curpage">{$oDocument->comment_page_navigation->cur_page} / {$oDocument->comment_page_navigation->last_page}</strong>
<!--@if($oDocument->comment_page_navigation->cur_page != $oDocument->comment_page_navigation->last_page)-->
<a href="#" onclick="loadPage({$oDocument->document_srl}, {$oDocument->comment_page_navigation->cur_page+1}); return false;">{$lang->cmd_next} &rsaquo;</a>
<!--@endif-->
</div>
<!--@endif-->
4 changes: 2 additions & 2 deletions modules/board/m.skins/default/comment_form.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ <h2><a href="{getUrl('','vid',$vid,'mid',$mid)}">{$module_info->browser_title}</
</div>

<!--@if($oSourceComment->isExists())-->
<div class="origin">{$oSourceComment->getContent(false)}</div>
<div class="origin">{$oSourceComment->getContent(false)|noescape}</div>
<!--@end-->

<form action="./" method="post" class="ff tgo open" onsubmit="return procFilter(this, insert_comment);">
Expand All @@ -20,7 +20,7 @@ <h2><a href="{getUrl('','vid',$vid,'mid',$mid)}">{$module_info->browser_title}</
<label for="rText">{$lang->comment}</label>
<!--@if($module_info->mobile_use_editor === 'Y')-->
<input type="hidden" name="content" value="{$oComment->getContentText()}">
{$oComment->getEditor()}
{$oComment->getEditor()|noescape}
<!--@else-->
<textarea name="content" rows="8" cols="42" id="rText">{$oComment->getContentText()}</textarea>
<!--@endif-->
Expand Down
Loading

0 comments on commit 4d28066

Please sign in to comment.