Line 322 | Line 322 |
---|
function _context($lines) {
|
function _context($lines) {
|
return '<pre class="diff context">' . htmlspecialchars($this->_lines($lines, ' ')) . '<br /></pre>';
| return '<pre class="diff context">' . htmlspecialchars($this->_lines($lines, ' '), ENT_COMPAT) . '<br /></pre>';
|
}
function _added($lines) {
|
}
function _added($lines) {
|
return '<pre class="diff added">' . htmlspecialchars($this->_lines($lines, '+')) . '<br /></pre>';
| return '<pre class="diff added">' . htmlspecialchars($this->_lines($lines, '+'), ENT_COMPAT) . '<br /></pre>';
|
}
function _deleted($lines) {
|
}
function _deleted($lines) {
|
return '<pre class="diff removed">' . htmlspecialchars($this->_lines($lines, '-')) . '<br /></pre>';
| return '<pre class="diff removed">' . htmlspecialchars($this->_lines($lines, '-'), ENT_COMPAT) . '<br /></pre>';
|
}
function _changed($orig, $final)
| }
function _changed($orig, $final)
|
Line 519 | Line 519 |
---|
function _encode(&$string) {
|
function _encode(&$string) {
|
$string = htmlspecialchars($string);
| $string = htmlspecialchars($string, ENT_COMPAT);
|
} }
| } }
|
Line 539 | Line 539 |
---|
*/ function get_diff_content($diff) {
|
*/ function get_diff_content($diff) {
|
return '<textarea style="height: 290px;" rows="15" cols="76" class="full">' . htmlspecialchars($this->render($diff)) . '</textarea>';
| return '<textarea style="height: 290px;" rows="15" cols="76" class="full">' . htmlspecialchars($this->render($diff), ENT_COMPAT) . '</textarea>';
|
}
function _block_header($xbeg, $xlen, $ybeg, $ylen)
| }
function _block_header($xbeg, $xlen, $ybeg, $ylen)
|
Line 649 | Line 649 |
---|
foreach ($change['lines'] as $_line) {
|
foreach ($change['lines'] as $_line) {
|
$line .= htmlspecialchars($_line) . '<br />';
| $line .= htmlspecialchars($_line, ENT_COMPAT) . '<br />';
|
}
$output .= '<tr><td class="added_empty"> </td><td class="added"><pre>' . ((strlen($line)) ? $line : ' ') . '<br /></pre></td></tr>';
| }
$output .= '<tr><td class="added_empty"> </td><td class="added"><pre>' . ((strlen($line)) ? $line : ' ') . '<br /></pre></td></tr>';
|
Line 660 | Line 660 |
---|
foreach ($change['lines'] as $_line) {
|
foreach ($change['lines'] as $_line) {
|
$line .= htmlspecialchars($_line) . '<br />';
| $line .= htmlspecialchars($_line, ENT_COMPAT) . '<br />';
|
}
$output .= '<tr><td class="removed"><pre>' . ((strlen($line)) ? $line : ' ') . '<br /></pre></td><td class="removed_empty"> </td></tr>'; break;
case 'empty':
|
}
$output .= '<tr><td class="removed"><pre>' . ((strlen($line)) ? $line : ' ') . '<br /></pre></td><td class="removed_empty"> </td></tr>'; break;
case 'empty':
|
$current_context .= htmlspecialchars($change['line']) . '<br />';
| $current_context .= htmlspecialchars($change['line'], ENT_COMPAT) . '<br />';
|
break;
case 'change':
| break;
case 'change':
|
Line 678 | Line 678 |
---|
for ($row = 0, $row_max = max($oldsize, $newsize); $row < $row_max; ++$row) {
|
for ($row = 0, $row_max = max($oldsize, $newsize); $row < $row_max; ++$row) {
|
$left .= isset($change['old'][$row]) ? htmlspecialchars($change['old'][$row]) : '';
| $left .= isset($change['old'][$row]) ? htmlspecialchars($change['old'][$row], ENT_COMPAT) : '';
|
$left .= '<br />';
|
$left .= '<br />';
|
$right .= isset($change['new'][$row]) ? htmlspecialchars($change['new'][$row]) : '';
| $right .= isset($change['new'][$row]) ? htmlspecialchars($change['new'][$row], ENT_COMPAT) : '';
|
$right .= '<br />'; }
| $right .= '<br />'; }
|