Ticket #8959: contrib-comments-escaping.diff
| File contrib-comments-escaping.diff, 5.2 KB (added by , 16 years ago) |
|---|
-
contrib/comments/templates/comments/approve.html
4 4 5 5 {% block content %} 6 6 <h1>Really make this comment public?</h1> 7 <blockquote>{{ comment| escape|linebreaks }}</blockquote>7 <blockquote>{{ comment|linebreaks }}</blockquote> 8 8 <form action="." method="POST"> 9 <input type="hidden" name="next" value="{{ next |escape}}" id="next">9 <input type="hidden" name="next" value="{{ next }}" id="next"> 10 10 <p class="submit"> 11 11 <input type="submit" name="submit" value="Approve"> or <a href="{{ comment.permalink }}">cancel</a> 12 12 </p> 13 13 </form> 14 {% endblock %} 15 No newline at end of file 14 {% endblock %} -
contrib/comments/templates/comments/reply_preview.html
9 9 <h1>Please correct the error{{ form.errors|pluralize }} below</h1> 10 10 {% else %} 11 11 <h1>Preview your comment</h1> 12 <blockquote>{{ comment| escape|linebreaks }}</blockquote>12 <blockquote>{{ comment|linebreaks }}</blockquote> 13 13 <p> 14 14 and <input type="submit" name="submit" value="Post your comment" id="submit"> or make changes: 15 15 </p> -
contrib/comments/templates/comments/preview.html
9 9 <h1>Please correct the error{{ form.errors|pluralize }} below</h1> 10 10 {% else %} 11 11 <h1>Preview your comment</h1> 12 <blockquote>{{ comment| escape|linebreaks }}</blockquote>12 <blockquote>{{ comment|linebreaks }}</blockquote> 13 13 <p> 14 14 and <input type="submit" name="submit" value="Post your comment" id="submit"> or make changes: 15 15 </p> … … 31 31 <input type="submit" name="submit" class="submit-preview" value="Preview"> 32 32 </p> 33 33 </form> 34 {% endblock %} 35 No newline at end of file 34 {% endblock %} -
contrib/comments/templates/comments/delete.html
4 4 5 5 {% block content %} 6 6 <h1>Really remove this comment?</h1> 7 <blockquote>{{ comment| escape|linebreaks }}</blockquote>7 <blockquote>{{ comment|linebreaks }}</blockquote> 8 8 <form action="." method="POST"> 9 <input type="hidden" name="next" value="{{ next |escape}}" id="next">9 <input type="hidden" name="next" value="{{ next }}" id="next"> 10 10 <p class="submit"> 11 11 <input type="submit" name="submit" value="Remove"> or <a href="{{ comment.permalink }}">cancel</a> 12 12 </p> 13 13 </form> 14 {% endblock %} 15 No newline at end of file 14 {% endblock %} -
contrib/comments/templates/comments/moderation_queue.html
53 53 <input class="remove submit" type="submit" name="submit" value="Remove"> 54 54 </form> 55 55 </td> 56 <td>{{ comment.name |escape}}</td>57 <td>{{ comment.comment|truncatewords:"50" |escape}}</td>58 <td>{{ comment.email |escape}}</td>59 <td>{{ comment.url |escape}}</td>56 <td>{{ comment.name }}</td> 57 <td>{{ comment.comment|truncatewords:"50" }}</td> 58 <td>{{ comment.email }}</td> 59 <td>{{ comment.url }}</td> 60 60 <td> 61 61 <img 62 62 src="{% admin_media_prefix %}img/admin/icon-{% if comment.user %}yes{% else %}no{% endif %}.gif" 63 63 alt="{% if comment.user %}yes{% else %}no{% endif %}" 64 64 /> 65 65 </td> 66 <td>{{ comment.ip_address |escape}}</td>66 <td>{{ comment.ip_address }}</td> 67 67 <td>{{ comment.submit_date|date:"F j, P" }}</td> 68 68 </tr> 69 69 {% endfor %} -
contrib/comments/templates/comments/flag.html
4 4 5 5 {% block content %} 6 6 <h1>Really flag this comment?</h1> 7 <blockquote>{{ comment| escape|linebreaks }}</blockquote>7 <blockquote>{{ comment|linebreaks }}</blockquote> 8 8 <form action="." method="POST"> 9 <input type="hidden" name="next" value="{{ next |escape}}" id="next">9 <input type="hidden" name="next" value="{{ next }}" id="next"> 10 10 <p class="submit"> 11 11 <input type="submit" name="submit" value="Flag"> or <a href="{{ comment.permalink }}">cancel</a> 12 12 </p> 13 13 </form> 14 {% endblock %} 15 No newline at end of file 14 {% endblock %}