Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2024-11-17 21:43:41 +00:00
Code Issues Projects Releases Packages Wiki Activity

Escape album name select list in photo upload form

Browse source 
- Thanks to @apexrabbit for the report!
This commit is contained in:
Hypolite Petovan 2024-05-09 20:57:35 -04:00
parent a6cb3ed903
commit 25475b4838
2 changed files with 12 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
mod/photos.php
View file

@ -672,18 +672,14 @@ function photos_content(App $a)
$selname = (!is_null($datum) && Strings::isHex($datum)) ? hex2bin($datum) : '';
$albumselect = '';
$albumselect = ['' => '<current year>'];
$albumselect .= '<option value="" ' . (!$selname ? ' selected="selected" ' : '') . '>&lt;current year&gt;</option>';
$albums = Photo::getAlbums($owner_uid);
if (!empty($albums)) {
foreach ($albums as $album) {
foreach (Photo::getAlbums($owner_uid) as $album) {
if ($album['album'] === '') {
continue;
}
$selected = (($selname === $album['album']) ? ' selected="selected" ' : '');
$albumselect .= '<option value="' . $album['album'] . '"' . $selected . '>' . $album['album'] . '</option>';
}
$albumselect[$album['album']] = $album['album'];
}
$uploader = '';
@ -729,6 +725,7 @@ function photos_content(App $a)
'$existalbumtext' => DI::l10n()->t('or select existing album:'),
'$nosharetext' => DI::l10n()->t('Do not show a status post for this upload'),
'$albumselect' => $albumselect,
'$selname' => $selname,
'$permissions' => DI::l10n()->t('Permissions'),
'$aclselect' => $aclselect_e,
'$lockstate' => ACL::getLockstateForUserId($a->getLoggedInUserId()) ? 'lock' : 'unlock',

6
view/theme/frio/templates/photos_upload.tpl
View file

@ -9,7 +9,11 @@
<label id="photos-upload-text" for="photos-upload-newalbum">{{$newalbum}}</label>
<input id="photos-upload-album-select" class="form-control" placeholder="{{$existalbumtext}}" list="dl-photo-upload" type="text" name="album" size="4">
<datalist id="dl-photo-upload">{{$albumselect nofilter}}</datalist>
<datalist id="dl-photo-upload">
{{foreach $albumselect as $value => $name}}
<option value="{{$value}}"{{if $selname == $value}} selected{{/if}}>{{$name}}</option>
{{/foreach}}
</datalist>
</div>
<div id="photos-upload-end" class="clearfix"></div>