diff options
Diffstat (limited to 'askbot/skins/default/templates')
17 files changed, 36 insertions, 36 deletions
diff --git a/askbot/skins/default/templates/badge.html b/askbot/skins/default/templates/badge.html index d1f75617..b2c4ce8b 100644 --- a/askbot/skins/default/templates/badge.html +++ b/askbot/skins/default/templates/badge.html @@ -20,7 +20,7 @@ <div class="user"> <ul> <li class="thumb">{{ gravatar(recipient, 32) }}</li> - <li><a href="{{ recipient.get_absolute_url() }}">{{recipient.username}}</a></li> + <li><a href="{{ recipient.get_absolute_url() }}">{{recipient.username|escape}}</a></li> <li>{{ macros.user_score_and_badge_summary(recipient) }}</li> </ul> </div> diff --git a/askbot/skins/default/templates/email/ask_for_signature.html b/askbot/skins/default/templates/email/ask_for_signature.html index e4449433..cafeee2b 100644 --- a/askbot/skins/default/templates/email/ask_for_signature.html +++ b/askbot/skins/default/templates/email/ask_for_signature.html @@ -1,6 +1,6 @@ {% import "email/macros.html" as macros %} <p style="{{ macros.heading_style() }}"> - {% trans %}{{ username }}, please reply to this message.{% endtrans %} + {% trans user=username|escape %}{{ user }}, please reply to this message.{% endtrans %} </p> <p> {% trans %}Your post could not be published, because we could not detect signature in your email.{% endtrans %}<br/> diff --git a/askbot/skins/default/templates/email/insufficient_rep_to_post_by_email.html b/askbot/skins/default/templates/email/insufficient_rep_to_post_by_email.html index da4c93ca..284cc1b0 100644 --- a/askbot/skins/default/templates/email/insufficient_rep_to_post_by_email.html +++ b/askbot/skins/default/templates/email/insufficient_rep_to_post_by_email.html @@ -6,7 +6,7 @@ * site_link - html for the link #} <p style="{{ macros.heading_style() }}"> - {% trans %}{{ username }}, your question could not be posted by email just yet.{% endtrans %} + {% trans user=username|escape %}{{ username }}, your question could not be posted by email just yet.{% endtrans %} </p> <p> {% trans %}To make posts by email, you need to receive about {{min_upvotes}} upvotes.{% endtrans %}<br/> diff --git a/askbot/skins/default/templates/email/macros.html b/askbot/skins/default/templates/email/macros.html index 1acbf515..d7817bf9 100644 --- a/askbot/skins/default/templates/email/macros.html +++ b/askbot/skins/default/templates/email/macros.html @@ -7,7 +7,7 @@ %} {% spaceless %} {{ start_quote(quote_level) }} - {% set author = post.author.username %} + {% set author = post.author.username|escape %} {% if post.post_type == 'question' %} <p> {% if format == 'parent_subthread' %} diff --git a/askbot/skins/default/templates/feedback.html b/askbot/skins/default/templates/feedback.html index 85b5d00a..04b9a5b4 100644 --- a/askbot/skins/default/templates/feedback.html +++ b/askbot/skins/default/templates/feedback.html @@ -11,7 +11,7 @@ <form method="post" action="{% url feedback %}" accept-charset="utf-8">{% csrf_token %} {% if user.is_authenticated() %} <p class="message"> - {% trans user_name=user.username %} + {% trans user_name=user.username|escape %} <span class='big strong'>Dear {{user_name}}</span>, we look forward to hearing your feedback. Please type and send us your message below. {% endtrans %} diff --git a/askbot/skins/default/templates/help.html b/askbot/skins/default/templates/help.html index 7dc58f5d..204fc086 100644 --- a/askbot/skins/default/templates/help.html +++ b/askbot/skins/default/templates/help.html @@ -4,7 +4,7 @@ <h1 class='section-title'>{% trans %}Help{% endtrans %}</h1> <p> {% if request.user.is_authenticated() %} - {% trans username = request.user.username %}Welcome {{username}},{% endtrans %} + {% trans username = request.user.username|escape %}Welcome {{username}},{% endtrans %} {% else %} {% trans %}Welcome,{% endtrans %} {% endif %} diff --git a/askbot/skins/default/templates/macros.html b/askbot/skins/default/templates/macros.html index 485713aa..3e463c1c 100644 --- a/askbot/skins/default/templates/macros.html +++ b/askbot/skins/default/templates/macros.html @@ -10,7 +10,7 @@ {# follow - boolean; name - object type name; alias - e.g. users name; id - object id #} <div class="follow-toggle follow-user-toggle" - id="follow-{{ name }}-{{ id }}" + id="follow-{{ name|escape }}-{{ id }}" > {% if follow %} <div class="follow">{% trans %}follow {{alias}}{% endtrans %}</div> @@ -29,18 +29,18 @@ <div class="face"> {{ gravatar(response.user, 48) }} </div> - <a style="font-size:12px" href="{{ response.user.get_absolute_url() }}">{{ response.user.username }}</a> + <a style="font-size:12px" href="{{ response.user.get_absolute_url() }}">{{ response.user.username|escape }}</a> <a style="text-decoration:none;" href="{{ response.response_url }}"> {{ response.response_type }} ({{ timeago(response.timestamp) }}):<br/> {% if inbox_section != 'flags' %} - {{ response.response_snippet }} + {{ response.response_snippet|escape }} {% endif %} </a> {% if inbox_section == 'flags' %} <a class="re_expand" href="{{ response.response_url }}"> - <!--div class="re_snippet">{{ response.response_snippet }}</div--> - <div class="re_content">{{ response.response_content }}</div> + <!--div class="re_snippet">{{ response.response_snippet|escape }}</div--> + <div class="re_content">{{ response.response_content|escape }}</div> </a> {% endif %} </div> @@ -291,14 +291,14 @@ poor design of the data or methods on data objects #} class="tag tag-right{% if css_class %} {{ css_class }}{% endif %}" {% if is_link %} href="{{ search_state.add_tag(tag).full_url() }}" - title="{% trans %}see questions tagged '{{ tag }}'{% endtrans %}" + title="{% trans tag=tag|escape %}see questions tagged '{{ tag }}'{% endtrans %}" {% endif %} rel="tag" data-tag-name="{{ tag|replace('*', '✽')|escape }}" >{% if truncate_long_tag -%} - {{ tag|replace('*', '✽')|truncate(17, True) }} + {{ tag|replace('*', '✽')|truncate(17, True)|escape }} {%- else -%} - {{ tag|replace('*', '✽') }} + {{ tag|replace('*', '✽')|escape }} {%- endif %}</{% if not is_link or tag[-1] == '*' %}span{% else %}a{% endif %}> {% if deletable %} <div class="delete-icon" @@ -402,7 +402,7 @@ for the purposes of the AJAX comment editor #} </div> <div class="comment-body"> {{comment.html}} - <a class="author" href="{{comment.author.get_profile_url()}}">{{comment.author.username}}</a> + <a class="author" href="{{comment.author.get_profile_url()}}">{{comment.author.username|escape}}</a> <span class="age"> ({{ timeago(comment.added_at) }})</span> <a id="post-{{comment.id}}-edit" class="edit">{% trans %}edit{% endtrans %}</a> @@ -546,13 +546,13 @@ answer {% if answer.accepted() %}accepted-answer{% endif %} {% if answer.author_ {%- macro follow_user_toggle(visitor = None, subject = None) -%} {% if visitor.is_anonymous() %} - {{ follow_toggle(True, 'user', subject.username, subject.id) }} + {{ follow_toggle(True, 'user', subject.username|escape, subject.id) }} {% else %} {% if visitor != subject %} {% if visitor.is_following(subject) %} - {{ follow_toggle(False, 'user', subject.username, subject.id) }} + {{ follow_toggle(False, 'user', subject.username|escape, subject.id) }} {% else %} - {{ follow_toggle(True, 'user', subject.username, subject.id) }} + {{ follow_toggle(True, 'user', subject.username|escape, subject.id) }} {% endif %} {% endif %} {% endif %} @@ -572,7 +572,7 @@ answer {% if answer.accepted() %}accepted-answer{% endif %} {% if answer.author_ endtrans %}" title="{% trans country=user.country.name, - person=user.username %}{{person}} is from {{country}}{% + person=user.username|escape %}{{person}} is from {{country}}{% endtrans %}" /> {% endif %} @@ -607,8 +607,8 @@ answer {% if answer.accepted() %}accepted-answer{% endif %} {% if answer.author_ ><img class="gravatar" width="{{size}}" height="{{size}}" src="{{ user.get_avatar_url(size) }}" - title="{{user.username}}" - alt="{% trans username=user.username %}{{username}} gravatar image{% endtrans %}" + title="{{user.username|escape}}" + alt="{% trans username=user.username|escape %}{{username}} gravatar image{% endtrans %}" /></a> {% endspaceless %} {%- endmacro -%} @@ -708,7 +708,7 @@ answer {% if answer.accepted() %}accepted-answer{% endif %} {% if answer.author_ {% if user.new_response_count > 0 or user.seen_response_count > 0 %} <a id='ab-responses' href="{{user.get_absolute_url()}}?sort=inbox§ion=forum"> <img - alt="{% trans username=user.username %}responses for {{username}}{% endtrans %}" + alt="{% trans username=user.username|escape %}responses for {{username}}{% endtrans %}" {% if user.new_response_count > 0 %} src="{{ "/images/mail-envelope-full.png"|media }}" title="{% trans response_count=user.new_response_count %}you have {{response_count}} new response{% pluralize %}you have {{response_count}} new responses{% endtrans %}" diff --git a/askbot/skins/default/templates/reopen.html b/askbot/skins/default/templates/reopen.html index 894fa3a0..52d926ce 100644 --- a/askbot/skins/default/templates/reopen.html +++ b/askbot/skins/default/templates/reopen.html @@ -10,7 +10,7 @@ </a> </p> <p>{% trans %}This question has been closed by - <a href="{{closed_by_profile_url}}">{{closed_by_username}}</a> + <a href="{{closed_by_profile_url}}">{{closed_by_username|escape}}</a> {% endtrans %} </p> <p> diff --git a/askbot/skins/default/templates/user_profile/user.html b/askbot/skins/default/templates/user_profile/user.html index fb40b206..2f06a3c9 100644 --- a/askbot/skins/default/templates/user_profile/user.html +++ b/askbot/skins/default/templates/user_profile/user.html @@ -9,7 +9,7 @@ {% block content %} <h1 class="section-title"> {% spaceless %} - {% trans username=view_user.username %}{{username}}'s profile{% endtrans %} - {% block profilesection %}{% endblock %} + {% trans username=view_user.username|escape %}{{username}}'s profile{% endtrans %} - {% block profilesection %}{% endblock %} {% endspaceless %} </h1> {% include "user_profile/user_tabs.html" %} @@ -21,7 +21,7 @@ {% block endjs %} <script type="text/javascript"> var viewUserID = {{view_user.id}}; - askbot['data']['viewUserName'] = '{{ view_user.username }}'; + askbot['data']['viewUserName'] = '{{ view_user.username|escape }}'; askbot['data']['viewUserId'] = {{view_user.id}}; askbot['urls']['edit_group_membership'] = '{% url edit_group_membership %}'; askbot['urls']['get_groups_list'] = '{% url get_groups_list %}'; diff --git a/askbot/skins/default/templates/user_profile/user_edit.html b/askbot/skins/default/templates/user_profile/user_edit.html index 88a21e9f..c95bf815 100644 --- a/askbot/skins/default/templates/user_profile/user_edit.html +++ b/askbot/skins/default/templates/user_profile/user_edit.html @@ -4,7 +4,7 @@ {% block title %}{% spaceless %}{% trans %}Edit user profile{% endtrans %}{% endspaceless %}{% endblock %} {% block content %} <h1 class="section-title"> - {{ request.user.username }} - {% trans %}edit profile{% endtrans %} + {{ request.user.username|escape }} - {% trans %}edit profile{% endtrans %} </h1> <div id="main-body" style="width:100%;padding-top:10px"> <form name="" action="{% url edit_user request.user.id %}" method="post">{% csrf_token %} @@ -42,7 +42,7 @@ {{ form.username }} <span class="form-error"> {{ form.username.errors }} </span></td> {% else %} - {{ view_user.username }} + {{ view_user.username|escape }} {% endif %} </td> </tr> diff --git a/askbot/skins/default/templates/user_profile/user_moderate.html b/askbot/skins/default/templates/user_profile/user_moderate.html index 347ec3af..a7f05b1c 100644 --- a/askbot/skins/default/templates/user_profile/user_moderate.html +++ b/askbot/skins/default/templates/user_profile/user_moderate.html @@ -5,7 +5,7 @@ {% endblock %} {% block usercontent %} {% if request.user != view_user %} - <h3>{% trans username=view_user.username, status=view_user.get_status_display() %}{{username}}'s current status is "{{status}}"{% endtrans %} + <h3>{% trans username=view_user.username|escape, status=view_user.get_status_display() %}{{username}}'s current status is "{{status}}"{% endtrans %} </h3> {% if user_status_changed %} <p class="action-status"><span>{% trans %}User status changed{% endtrans %}</span></p> @@ -40,7 +40,7 @@ </form> {% if request.user != view_user %} <hr/> -<h3>{% trans username=view_user.username %}Send message to {{username}}{% endtrans %}</h3> +<h3>{% trans username=view_user.username|escape %}Send message to {{username}}{% endtrans %}</h3> <p>{% trans %}An email will be sent to the user with 'reply-to' field set to your email address. Please make sure that your address is entered correctly.{% endtrans %}</p> {% if message_sent %} <p class="action-status"><span>{% trans %}Message sent{% endtrans %}</span></p> diff --git a/askbot/skins/default/templates/user_profile/user_network.html b/askbot/skins/default/templates/user_profile/user_network.html index e6134e0c..f64d95b0 100644 --- a/askbot/skins/default/templates/user_profile/user_network.html +++ b/askbot/skins/default/templates/user_profile/user_network.html @@ -32,7 +32,7 @@ {% if request.user == view_user %} <p>{% trans %}Your network is empty. Would you like to follow someone? - Just visit their profiles and click "follow"{% endtrans %}</p> {% else %} - <p>{% trans username = view_user.username %}{{username}}'s network is empty{% endtrans %}</p> + <p>{% trans username = view_user.username|escape %}{{username}}'s network is empty{% endtrans %}</p> {% endif %} {% endif %} {% endblock %} diff --git a/askbot/skins/default/templates/user_profile/user_reputation.html b/askbot/skins/default/templates/user_profile/user_reputation.html index 1bb9b1ba..1cdf014a 100644 --- a/askbot/skins/default/templates/user_profile/user_reputation.html +++ b/askbot/skins/default/templates/user_profile/user_reputation.html @@ -11,7 +11,7 @@ {% if view_user.id == user.id %} <h2>{% trans %}Your karma change log.{% endtrans %}</h2> {% else %} - <h2>{% trans user_name=view_user.username %}{{user_name}}'s karma change log{% endtrans %}</h2> + <h2>{% trans user_name=view_user.username|escape %}{{user_name}}'s karma change log{% endtrans %}</h2> {% endif %} {% for rep in reputation %} <p> diff --git a/askbot/skins/default/templates/user_profile/user_stats.html b/askbot/skins/default/templates/user_profile/user_stats.html index 5e0e7426..2ccc277f 100644 --- a/askbot/skins/default/templates/user_profile/user_stats.html +++ b/askbot/skins/default/templates/user_profile/user_stats.html @@ -10,7 +10,7 @@ {% if settings.GROUPS_ENABLED %} <div id="user-groups"> <h2>{% trans - username = view_user.username + username = view_user.username|escape %}{{username}}'s groups{% endtrans %} </h2> <table id="groups-list"> @@ -146,7 +146,7 @@ <a title="{{ award.content_object.get_snippet()|collapse }}" href="{{ award.content_object.get_absolute_url() }}" - >{% if award.content_type.post_type == 'answer' %}{% trans %}Answer to:{% endtrans %}{% endif %} {{ award.content_object.thread.title }}</a> + >{% if award.content_type.post_type == 'answer' %}{% trans %}Answer to:{% endtrans %}{% endif %} {{ award.content_object.thread.title|escape }}</a> </li> {% endif %} {% endfor %} diff --git a/askbot/skins/default/templates/widgets/question_summary.html b/askbot/skins/default/templates/widgets/question_summary.html index c6e7bc5d..5fd51e08 100644 --- a/askbot/skins/default/templates/widgets/question_summary.html +++ b/askbot/skins/default/templates/widgets/question_summary.html @@ -46,7 +46,7 @@ {% if question.is_anonymous %} <span class="anonymous">{{ thread.last_activity_by.get_anonymous_name() }}</span> {% else %} - <a href="{% url user_profile thread.last_activity_by.id, thread.last_activity_by.username|slugify %}">{{thread.last_activity_by.username}}</a> {{ user_country_flag(thread.last_activity_by) }} + <a href="{% url user_profile thread.last_activity_by.id, thread.last_activity_by.username|slugify %}">{{thread.last_activity_by.username|escape}}</a> {{ user_country_flag(thread.last_activity_by) }} {#{user_score_and_badge_summary(thread.last_activity_by)}#} {% endif %} </div> diff --git a/askbot/skins/default/templates/widgets/user_list.html b/askbot/skins/default/templates/widgets/user_list.html index 11f2ed50..e51abc5b 100644 --- a/askbot/skins/default/templates/widgets/user_list.html +++ b/askbot/skins/default/templates/widgets/user_list.html @@ -7,7 +7,7 @@ <div class="user"> <ul> <li class="thumb">{{ gravatar(user, 32) }}</li> - <li><a href="{% url user_profile user.id, user.username|slugify %}{% if profile_section %}?sort={{profile_section}}{% endif %}">{{user.username}}</a>{{ user_country_flag(user) }}</li> + <li><a href="{% url user_profile user.id, user.username|slugify %}{% if profile_section %}?sort={{profile_section}}{% endif %}">{{user.username|escape}}</a>{{ user_country_flag(user) }}</li> <li>{{ user_score_and_badge_summary( user, diff --git a/askbot/skins/default/templates/widgets/user_navigation.html b/askbot/skins/default/templates/widgets/user_navigation.html index eec7e628..717cd7ee 100644 --- a/askbot/skins/default/templates/widgets/user_navigation.html +++ b/askbot/skins/default/templates/widgets/user_navigation.html @@ -1,5 +1,5 @@ {%- if request.user.is_authenticated() -%} - <a href="{{ request.user.get_absolute_url() }}">{{ request.user.username }}</a> + <a href="{{ request.user.get_absolute_url() }}">{{ request.user.username|escape }}</a> <span class="user-info"> {{ macros.inbox_link(request.user) }} {{ macros.moderation_items_link(request.user, moderation_items) }} |