diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php index edbba27c7c2ea6cfaafd82333e74dbf5bc94848d..f5c2c1886217c53bf0fb89fbf21b0c7035acca5a 100755 --- a/interface/lib/app.inc.php +++ b/interface/lib/app.inc.php @@ -298,14 +298,14 @@ class app { $this->tpl->setVar('phpsessid', session_id()); - $this->tpl->setVar('theme', $_SESSION['s']['theme']); + $this->tpl->setVar('theme', $_SESSION['s']['theme'], true); $this->tpl->setVar('html_content_encoding', $this->_conf['html_content_encoding']); $this->tpl->setVar('delete_confirmation', $this->lng('delete_confirmation')); //print_r($_SESSION); if(isset($_SESSION['s']['module']['name'])) { - $this->tpl->setVar('app_module', $_SESSION['s']['module']['name']); - $this->tpl->setVar('session_module', $_SESSION['s']['module']['name']); + $this->tpl->setVar('app_module', $_SESSION['s']['module']['name'], true); + $this->tpl->setVar('session_module', $_SESSION['s']['module']['name'], true); } if(isset($_SESSION['s']['user']) && $_SESSION['s']['user']['typ'] == 'admin') { $this->tpl->setVar('is_admin', 1); @@ -315,7 +315,7 @@ class app { } /* Show username */ if(isset($_SESSION['s']['user'])) { - $this->tpl->setVar('cpuser', $_SESSION['s']['user']['username']); + $this->tpl->setVar('cpuser', $_SESSION['s']['user']['username'], true); $this->tpl->setVar('logout_txt', $this->lng('logout_txt')); /* Show search field only for normal users, not mail users */ if(stristr($_SESSION['s']['user']['username'], '@')){ diff --git a/interface/lib/classes/plugin_listview.inc.php b/interface/lib/classes/plugin_listview.inc.php index bc764caefe0dbb144b53d6c87826bad5edb0a637..c9d8340e02e290de97bedba9a4edb530aca6a7b4 100644 --- a/interface/lib/classes/plugin_listview.inc.php +++ b/interface/lib/classes/plugin_listview.inc.php @@ -56,7 +56,7 @@ class plugin_listview extends plugin_base { // $app->listform->listDef["page_params"] = "&id=".$app->tform_actions->id."&next_tab=".$_SESSION["s"]["form"]["tab"]; $app->listform->listDef["page_params"] = "&id=".$this->form->id."&next_tab=".$_SESSION["s"]["form"]["tab"]; $listTpl->setVar('parent_id', $this->form->id); - $listTpl->setVar('theme', $_SESSION['s']['theme']); + $listTpl->setVar('theme', $_SESSION['s']['theme'], true); // Generate the SQL for searching $sql_where = ""; @@ -193,13 +193,13 @@ class plugin_listview extends plugin_base { $listTpl->setVar('phpsessid', session_id()); - $listTpl->setVar('theme', $_SESSION['s']['theme']); + $listTpl->setVar('theme', $_SESSION['s']['theme'], true); $listTpl->setVar('html_content_encoding', $app->_conf['html_content_encoding']); $listTpl->setVar('delete_confirmation', $app->lng('delete_confirmation')); //print_r($_SESSION); if(isset($_SESSION['s']['module']['name'])) { - $listTpl->setVar('app_module', $_SESSION['s']['module']['name']); + $listTpl->setVar('app_module', $_SESSION['s']['module']['name'], true); } if(isset($_SESSION['s']['user']) && $_SESSION['s']['user']['typ'] == 'admin') { $listTpl->setVar('is_admin', 1); @@ -209,7 +209,7 @@ class plugin_listview extends plugin_base { } /* Show username */ if(isset($_SESSION['s']['user'])) { - $listTpl->setVar('cpuser', $_SESSION['s']['user']['username']); + $listTpl->setVar('cpuser', $_SESSION['s']['user']['username'], true); $listTpl->setVar('logout_txt', $app->lng('logout_txt')); /* Show search field only for normal users, not mail users */ if(stristr($_SESSION['s']['user']['username'], '@')){ diff --git a/interface/web/client/client_message.php b/interface/web/client/client_message.php index eb8bcdbae244e1e5a93958cd2a3f8cabf042ffb6..b4638bd2151ce076df7d96970166e163552d21ea 100644 --- a/interface/web/client/client_message.php +++ b/interface/web/client/client_message.php @@ -114,9 +114,9 @@ if(isset($_POST) && count($_POST) > 1) { } } else { - $app->tpl->setVar('sender', $_POST['sender']); - $app->tpl->setVar('subject', $_POST['subject']); - $app->tpl->setVar('message', $_POST['message']); + $app->tpl->setVar('sender', $_POST['sender'], true); + $app->tpl->setVar('subject', $_POST['subject'], true); + $app->tpl->setVar('message', $_POST['message'], true); } } else { // pre-fill Sender field with reseller's email address diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php index 0e955bee09044a9a339b90ea74b631b0ff619db3..32112560a48ba9747f18eee43570acb6c4a96493 100644 --- a/interface/web/dns/dns_wizard.php +++ b/interface/web/dns/dns_wizard.php @@ -183,7 +183,7 @@ if(is_array($fields)) { } else { $app->tpl->setVar($field."_VISIBLE", 1); $field = strtolower($field); - $app->tpl->setVar($field, $_POST[$field]); + $app->tpl->setVar($field, $_POST[$field], true); } } } diff --git a/interface/web/index.php b/interface/web/index.php index 4a2103208101e69633d6a18923fc1d81f9137b7e..1bccb1ebe17093938c57fcfadaba577057875ea4 100644 --- a/interface/web/index.php +++ b/interface/web/index.php @@ -41,7 +41,7 @@ if(!isset($_SESSION['s']['module']['name'])) $_SESSION['s']['module']['name'] = $app->uses('tpl'); $app->tpl->newTemplate('main.tpl.htm'); -$app->tpl->setVar('startpage', isset($_SESSION['s']['module']['startpage']) ? $_SESSION['s']['module']['startpage'] : ''); +$app->tpl->setVar('startpage', isset($_SESSION['s']['module']['startpage']) ? $_SESSION['s']['module']['startpage'] : '', true); $app->tpl->setVar('logged_in', ($_SESSION['s']['user']['active'] != 1 ? 'n' : 'y')); // tab change warning? @@ -93,7 +93,7 @@ if(@is_dir($js_d)) { if (!empty($js_d_files)) $app->tpl->setLoop('js_d_includes', $js_d_files); unset($js_d_files); -$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default'); +$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default', true); // Logo $logo = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = 1"); diff --git a/interface/web/login/index.php b/interface/web/login/index.php index bccf4330af9e6dedc0c9328976cddd9ccb5cf361..441de353ca5aa41fff7f7eaf8a96d1f7422be4a3 100644 --- a/interface/web/login/index.php +++ b/interface/web/login/index.php @@ -340,7 +340,7 @@ $app->tpl->setVar('login_button_txt', $app->lng('login_button_txt')); $app->tpl->setVar('session_timeout', $server_config_array['session_timeout']); $app->tpl->setVar('session_allow_endless', $server_config_array['session_allow_endless']); //$app->tpl->setInclude('content_tpl', 'login/templates/index.htm'); -$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default'); +$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default', true); //die(isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default'); // Logo diff --git a/interface/web/login/password_reset.php b/interface/web/login/password_reset.php index c0d454cd326fce1f1e6ae5d72b55bcf5675cfbb2..e6976bff734798d0c5ee59440c161f072465540c 100644 --- a/interface/web/login/password_reset.php +++ b/interface/web/login/password_reset.php @@ -156,7 +156,7 @@ if(isset($_POST['username']) && $_POST['username'] != '' && $_POST['email'] != ' if(isset($_POST) && count($_POST) > 0) $app->tpl->setVar("msg", $wb['pw_error_noinput']); } -$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default'); +$app->tpl->setVar('current_theme', isset($_SESSION['s']['theme']) ? $_SESSION['s']['theme'] : 'default', true); // Logo $logo = $app->db->queryOneRecord("SELECT * FROM sys_ini WHERE sysini_id = 1"); diff --git a/interface/web/sites/web_childdomain_list.php b/interface/web/sites/web_childdomain_list.php index a4e953c07e99115de6a14da7952e14d8e42fed66..f445c4b50bf826e2c72a327488e423ad0fc69f48 100644 --- a/interface/web/sites/web_childdomain_list.php +++ b/interface/web/sites/web_childdomain_list.php @@ -56,7 +56,7 @@ $_SESSION['s']['var']['childdomain_type'] = $show_type; class list_action extends listform_actions { function onShow() { global $app; - $app->tpl->setVar('childdomain_type', $_SESSION['s']['var']['childdomain_type']); + $app->tpl->setVar('childdomain_type', $_SESSION['s']['var']['childdomain_type'], true); parent::onShow(); } diff --git a/interface/web/sites/web_vhost_domain_list.php b/interface/web/sites/web_vhost_domain_list.php index 378eeaaf6a2bfa3acaf44e4325ba428162082a86..b74fd644f70bd42fadb6fcec7b38389e9c83d777 100644 --- a/interface/web/sites/web_vhost_domain_list.php +++ b/interface/web/sites/web_vhost_domain_list.php @@ -68,7 +68,7 @@ $_SESSION['s']['var']['vhostdomain_type'] = $show_type; class list_action extends listform_actions { function onShow() { global $app; - $app->tpl->setVar('vhostdomain_type', $_SESSION['s']['var']['vhostdomain_type']); + $app->tpl->setVar('vhostdomain_type', $_SESSION['s']['var']['vhostdomain_type'], true); parent::onShow(); } diff --git a/interface/web/tools/dns_import_tupa.php b/interface/web/tools/dns_import_tupa.php index 849a097680f74a6f7bd68584340f3fc4c76fa1f0..12bd03529673c39a8b5d9979e2f4cf4bc6a84111 100644 --- a/interface/web/tools/dns_import_tupa.php +++ b/interface/web/tools/dns_import_tupa.php @@ -50,10 +50,10 @@ if(isset($_POST['start']) && $_POST['start'] == 1) { $app->auth->csrf_token_check(); //* Set variable sin template - $app->tpl->setVar('dbhost', $_POST['dbhost']); - $app->tpl->setVar('dbname', $_POST['dbname']); - $app->tpl->setVar('dbuser', $_POST['dbuser']); - $app->tpl->setVar('dbpassword', $_POST['dbpassword']); + $app->tpl->setVar('dbhost', $_POST['dbhost'], true); + $app->tpl->setVar('dbname', $_POST['dbname'], true); + $app->tpl->setVar('dbuser', $_POST['dbuser'], true); + $app->tpl->setVar('dbpassword', $_POST['dbpassword'], true); //* Establish connection to external database $msg .= 'Connecting to external database...
'; diff --git a/interface/web/tools/import_ispconfig.php b/interface/web/tools/import_ispconfig.php index c43b15b7eb0ef286ff5d66ab8220f1e1d91bb2c1..0e7763dd98d15a79f660e0ade9f03b89f3a4b9bf 100644 --- a/interface/web/tools/import_ispconfig.php +++ b/interface/web/tools/import_ispconfig.php @@ -142,9 +142,9 @@ if(isset($_POST['connected'])) { } -$app->tpl->setVar('remote_server', $_POST['remote_server']); -$app->tpl->setVar('remote_user', $_POST['remote_user']); -$app->tpl->setVar('remote_password', $_POST['remote_password']); +$app->tpl->setVar('remote_server', $_POST['remote_server'], true); +$app->tpl->setVar('remote_user', $_POST['remote_user'], true); +$app->tpl->setVar('remote_password', $_POST['remote_password'], true); $app->tpl->setVar('connected', $connected); $app->tpl->setVar('remote_session_id', $remote_session_id); $app->tpl->setVar('msg', $msg); diff --git a/interface/web/tools/import_vpopmail.php b/interface/web/tools/import_vpopmail.php index 9e560cdf30455be6c9e3459aec98334cfa3a7a54..3ef87710e593cb37c6980e5cfa4e16c54052dc3d 100644 --- a/interface/web/tools/import_vpopmail.php +++ b/interface/web/tools/import_vpopmail.php @@ -84,11 +84,11 @@ if(isset($_POST['db_hostname']) && $_POST['db_hostname'] != '') { $_POST['local_server_id'] = 1; } -$app->tpl->setVar('db_hostname', $_POST['db_hostname']); -$app->tpl->setVar('db_user', $_POST['db_user']); -$app->tpl->setVar('db_password', $_POST['db_password']); -$app->tpl->setVar('db_name', $_POST['db_name']); -$app->tpl->setVar('local_server_id', $_POST['local_server_id']); +$app->tpl->setVar('db_hostname', $_POST['db_hostname'], true); +$app->tpl->setVar('db_user', $_POST['db_user'], true); +$app->tpl->setVar('db_password', $_POST['db_password'], true); +$app->tpl->setVar('db_name', $_POST['db_name'], true); +$app->tpl->setVar('local_server_id', $_POST['local_server_id'], true); $app->tpl->setVar('msg', $msg); $app->tpl->setVar('error', $error);