diff --git a/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php b/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php
index 6cd57ecdb91097ae44cf5dd9b1223a04c9a5c6ab..162f98043353f78c937af210529fa4f35ed1b21e 100644
--- a/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php
+++ b/typo3/sysext/backend/Classes/Backend/ToolbarItems/ClearCacheToolbarItem.php
@@ -59,8 +59,8 @@ class ClearCacheToolbarItem implements ToolbarItemInterface
if ($backendUser->isAdmin() || $backendUser->getTSConfigVal('options.clearCache.pages')) {
$this->cacheActions[] = array(
'id' => 'pages',
- 'title' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushPageCachesTitle', true),
- 'description' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushPageCachesDescription', true),
+ 'title' => htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushPageCachesTitle')),
+ 'description' => htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushPageCachesDescription')),
'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'pages', 'ajaxCall' => 1]),
'icon' => $this->iconFactory->getIcon('actions-system-cache-clear-impact-low', Icon::SIZE_SMALL)->render()
);
@@ -71,8 +71,8 @@ class ClearCacheToolbarItem implements ToolbarItemInterface
if ($backendUser->isAdmin() || $backendUser->getTSConfigVal('options.clearCache.all')) {
$this->cacheActions[] = array(
'id' => 'all',
- 'title' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushGeneralCachesTitle', true),
- 'description' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushGeneralCachesDescription', true),
+ 'title' => htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushGeneralCachesTitle')),
+ 'description' => htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushGeneralCachesDescription')),
'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'all', 'ajaxCall' => 1]),
'icon' => $this->iconFactory->getIcon('actions-system-cache-clear-impact-medium', Icon::SIZE_SMALL)->render()
);
@@ -87,8 +87,8 @@ class ClearCacheToolbarItem implements ToolbarItemInterface
|| ((bool)$GLOBALS['TYPO3_CONF_VARS']['SYS']['clearCacheSystem'] === true && $backendUser->isAdmin())) {
$this->cacheActions[] = array(
'id' => 'system',
- 'title' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushSystemCachesTitle', true),
- 'description' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushSystemCachesDescription', true),
+ 'title' => htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushSystemCachesTitle')),
+ 'description' => htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:flushSystemCachesDescription')),
'href' => BackendUtility::getModuleUrl('tce_db', ['vC' => $backendUser->veriCode(), 'cacheCmd' => 'system', 'ajaxCall' => 1]),
'icon' => $this->iconFactory->getIcon('actions-system-cache-clear-impact-high', Icon::SIZE_SMALL)->render()
);
@@ -135,7 +135,7 @@ class ClearCacheToolbarItem implements ToolbarItemInterface
*/
public function getItem()
{
- $title = $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.clearCache_clearCache', true);
+ $title = htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.clearCache_clearCache'));
return '<span title="' . $title . '">'
. $this->iconFactory->getIcon('apps-toolbar-menu-cache', Icon::SIZE_SMALL)->render('inline')
. '</span>';
diff --git a/typo3/sysext/backend/Classes/Backend/ToolbarItems/LiveSearchToolbarItem.php b/typo3/sysext/backend/Classes/Backend/ToolbarItems/LiveSearchToolbarItem.php
index 5f6b87b11411a288844983ba1ab95bd5401bea45..9df7f913c594371cbaa7a03eed25e3ddc69b92bc 100644
--- a/typo3/sysext/backend/Classes/Backend/ToolbarItems/LiveSearchToolbarItem.php
+++ b/typo3/sysext/backend/Classes/Backend/ToolbarItems/LiveSearchToolbarItem.php
@@ -60,7 +60,7 @@ class LiveSearchToolbarItem implements ToolbarItemInterface
return '
<form class="typo3-topbar-navigation-search t3js-topbar-navigation-search live-search-wrapper" role="search">
<div class="form-group">
- <input type="text" class="form-control t3js-topbar-navigation-search-field" placeholder="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.search', true) . '" id="live-search-box" autocomplete="off">
+ <input type="text" class="form-control t3js-topbar-navigation-search-field" placeholder="' . htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.search')) . '" id="live-search-box" autocomplete="off">
</div>
</form>
<div class="dropdown-menu" role="menu"></div>
diff --git a/typo3/sysext/backend/Classes/Backend/ToolbarItems/ShortcutToolbarItem.php b/typo3/sysext/backend/Classes/Backend/ToolbarItems/ShortcutToolbarItem.php
index f7020ac9afbd223397c94c9b63eaa9d539cfc0fe..799395bf718bca3d0051b01ebcd245da9f3cb03c 100644
--- a/typo3/sysext/backend/Classes/Backend/ToolbarItems/ShortcutToolbarItem.php
+++ b/typo3/sysext/backend/Classes/Backend/ToolbarItems/ShortcutToolbarItem.php
@@ -118,7 +118,7 @@ class ShortcutToolbarItem implements ToolbarItemInterface
*/
public function getItem()
{
- $title = $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarks', true);
+ $title = htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarks'));
return '<span title="' . $title . '">' . $this->iconFactory->getIcon('apps-toolbar-menu-shortcut', Icon::SIZE_SMALL)->render('inline') . '</span>';
}
@@ -130,9 +130,9 @@ class ShortcutToolbarItem implements ToolbarItemInterface
public function getDropDown()
{
$languageService = $this->getLanguageService();
- $shortcutGroup = $languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarksGroup', true);
- $shortcutEdit = $languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarksEdit', true);
- $shortcutDelete = $languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarksDelete', true);
+ $shortcutGroup = htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarksGroup'));
+ $shortcutEdit = htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarksEdit'));
+ $shortcutDelete = htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarksDelete'));
$editIcon = '<a href="#" class="dropdown-list-link-edit shortcut-edit" ' . $shortcutEdit . '>'
. $this->iconFactory->getIcon('actions-open', Icon::SIZE_SMALL)->render('inline') . '</a>';
$deleteIcon = '<a href="#" class="dropdown-list-link-delete shortcut-delete" title="' . $shortcutDelete . '">'
@@ -185,9 +185,9 @@ class ShortcutToolbarItem implements ToolbarItemInterface
if (count($shortcutMenu) === 2) {
// No shortcuts added yet, show a small help message how to add shortcuts
- $title = $languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarks', true);
+ $title = htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.bookmarks'));
$icon = '<span title="' . $title . '">' . $this->iconFactory->getIcon('actions-system-shortcut-new', Icon::SIZE_SMALL)->render('inline') . '</span>';
- $label = str_replace('%icon%', $icon, $languageService->sL('LLL:EXT:lang/locallang_misc.xlf:bookmarkDescription', true));
+ $label = str_replace('%icon%', $icon, htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_misc.xlf:bookmarkDescription')));
$compiledShortcutMenu = '<p>' . $label . '</p>';
} else {
$compiledShortcutMenu = implode(LF, $shortcutMenu);
@@ -431,17 +431,17 @@ class ShortcutToolbarItem implements ToolbarItemInterface
$groupId = (int)$groupId;
$label = $groupLabel;
if ($groupLabel == '1') {
- $label = $languageService->sL('LLL:EXT:lang/locallang_misc.xlf:bookmark_group_' . abs($groupId), true);
+ $label = htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_misc.xlf:bookmark_group_' . abs($groupId)));
if (empty($label)) {
// Fallback label
- $label = $languageService->getLL('bookmark_group', true) . ' ' . abs($groupId);
+ $label = htmlspecialchars($languageService->getLL('bookmark_group')) . ' ' . abs($groupId);
}
}
if ($groupId < 0) {
// Global group
- $label = $languageService->sL('LLL:EXT:lang/locallang_misc.xlf:bookmark_global', true) . ': ' . (!empty($label) ? $label : abs($groupId));
+ $label = htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_misc.xlf:bookmark_global')) . ': ' . (!empty($label) ? $label : abs($groupId));
if ($groupId === self::SUPERGLOBAL_GROUP) {
- $label = $languageService->getLL('bookmark_global', true) . ': ' . $languageService->getLL('bookmark_all', true);
+ $label = htmlspecialchars($languageService->getLL('bookmark_global')) . ': ' . htmlspecialchars($languageService->getLL('bookmark_all'));
}
}
$this->shortcutGroups[$groupId] = $label;
@@ -561,10 +561,10 @@ class ShortcutToolbarItem implements ToolbarItemInterface
$shortcut['pid'] = BackendUtility::getRecord($shortcut['table'], $shortcut['recordid'])['pid'];
if ($queryParameters['edit'][$shortcut['table']][$shortcut['recordid']] == 'edit') {
$shortcut['type'] = 'edit';
- $shortcutNamePrepend = $languageService->getLL('shortcut_edit', true);
+ $shortcutNamePrepend = htmlspecialchars($languageService->getLL('shortcut_edit'));
} elseif ($queryParameters['edit'][$shortcut['table']][$shortcut['recordid']] == 'new') {
$shortcut['type'] = 'new';
- $shortcutNamePrepend = $languageService->getLL('shortcut_create', true);
+ $shortcutNamePrepend = htmlspecialchars($languageService->getLL('shortcut_create'));
}
} else {
$shortcut['type'] = 'other';
@@ -790,7 +790,7 @@ class ShortcutToolbarItem implements ToolbarItemInterface
{
$databaseConnection = $this->getDatabaseConnection();
$languageService = $this->getLanguageService();
- $titleAttribute = $languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.shortcut', true);
+ $titleAttribute = htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.shortcut'));
switch ($row['module_name']) {
case 'xMOD_alt_doc.php':
$table = $shortcut['table'];
diff --git a/typo3/sysext/backend/Classes/Backend/ToolbarItems/SystemInformationToolbarItem.php b/typo3/sysext/backend/Classes/Backend/ToolbarItems/SystemInformationToolbarItem.php
index b1892aeb84cd8ed5615e94ef2742182e774ab896..7b76d7620efc653603c510cb15ecd9f8f80aa7f8 100644
--- a/typo3/sysext/backend/Classes/Backend/ToolbarItems/SystemInformationToolbarItem.php
+++ b/typo3/sysext/backend/Classes/Backend/ToolbarItems/SystemInformationToolbarItem.php
@@ -148,7 +148,7 @@ class SystemInformationToolbarItem implements ToolbarItemInterface
protected function getPhpVersion()
{
$this->systemInformation[] = array(
- 'title' => $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.phpversion', true),
+ 'title' => htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.phpversion')),
'value' => PHP_VERSION,
'icon' => $this->iconFactory->getIcon('sysinfo-php-version', Icon::SIZE_SMALL)->render()
);
@@ -162,7 +162,7 @@ class SystemInformationToolbarItem implements ToolbarItemInterface
protected function getDatabase()
{
$this->systemInformation[] = array(
- 'title' => $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.database', true),
+ 'title' => htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.database')),
'value' => $this->getDatabaseConnection()->getServerVersion(),
'icon' => $this->iconFactory->getIcon('sysinfo-database', Icon::SIZE_SMALL)->render()
);
@@ -177,7 +177,7 @@ class SystemInformationToolbarItem implements ToolbarItemInterface
{
$applicationContext = GeneralUtility::getApplicationContext();
$this->systemInformation[] = array(
- 'title' => $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.applicationcontext', true),
+ 'title' => htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.applicationcontext')),
'value' => (string)$applicationContext,
'status' => $applicationContext->isProduction() ? InformationStatus::STATUS_OK : InformationStatus::STATUS_WARNING,
'icon' => $this->iconFactory->getIcon('sysinfo-application-context', Icon::SIZE_SMALL)->render()
@@ -195,8 +195,8 @@ class SystemInformationToolbarItem implements ToolbarItemInterface
$languageService = $this->getLanguageService();
$this->systemInformation[] = array(
- 'title' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.composerMode', true),
- 'value' => $languageService->sL('LLL:EXT:lang/locallang_core.xlf:labels.enabled', true),
+ 'title' => htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.composerMode')),
+ 'value' => htmlspecialchars($languageService->sL('LLL:EXT:lang/locallang_core.xlf:labels.enabled')),
'icon' => $this->iconFactory->getIcon('sysinfo-composer-mode', Icon::SIZE_SMALL)->render()
);
}
@@ -222,7 +222,7 @@ class SystemInformationToolbarItem implements ToolbarItemInterface
$branch = trim(CommandUtility::exec('git rev-parse --abbrev-ref HEAD'));
if (!empty($revision) && !empty($branch)) {
$this->systemInformation[] = array(
- 'title' => $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.gitrevision', true),
+ 'title' => htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.gitrevision')),
'value' => sprintf('%s [%s]', $revision, $branch),
'icon' => $this->iconFactory->getIcon('sysinfo-git', Icon::SIZE_SMALL)->render()
);
@@ -248,7 +248,7 @@ class SystemInformationToolbarItem implements ToolbarItemInterface
$icon = 'windows';
}
$this->systemInformation[] = array(
- 'title' => $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.operatingsystem', true),
+ 'title' => htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.operatingsystem')),
'value' => $kernelName . ' ' . php_uname('r'),
'icon' => $this->iconFactory->getIcon('sysinfo-os-' . $icon, Icon::SIZE_SMALL)->render()
);
@@ -260,7 +260,7 @@ class SystemInformationToolbarItem implements ToolbarItemInterface
protected function getWebServer()
{
$this->systemInformation[] = array(
- 'title' => $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.webserver', true),
+ 'title' => htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo.webserver')),
'value' => htmlspecialchars($_SERVER['SERVER_SOFTWARE']),
'icon' => $this->iconFactory->getIcon('sysinfo-webserver', Icon::SIZE_SMALL)->render()
);
@@ -325,7 +325,7 @@ class SystemInformationToolbarItem implements ToolbarItemInterface
*/
public function getItem()
{
- $title = $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo', true);
+ $title = htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:toolbarItems.sysinfo'));
$icon = $this->iconFactory->getIcon('actions-system-list-open', Icon::SIZE_SMALL)->render('inline');
return '<span title="' . $title . '">' . $icon . '<span id="t3js-systeminformation-counter" class="badge"></span></span>';
}
diff --git a/typo3/sysext/backend/Classes/Backend/ToolbarItems/UserToolbarItem.php b/typo3/sysext/backend/Classes/Backend/ToolbarItems/UserToolbarItem.php
index a46831e8ba369582ebb5129f69bc170610643639..696063674d383ace5d007e93f6290fda2de0e4bd 100644
--- a/typo3/sysext/backend/Classes/Backend/ToolbarItems/UserToolbarItem.php
+++ b/typo3/sysext/backend/Classes/Backend/ToolbarItems/UserToolbarItem.php
@@ -127,7 +127,7 @@ class UserToolbarItem implements ToolbarItemInterface
$dropdown[] = '<li class="reset-dropdown">';
$dropdown[] = '<a href="' . htmlspecialchars(BackendUtility::getModuleUrl('logout')) . '" class="btn btn-danger pull-right" target="_top">';
$dropdown[] = $this->iconFactory->getIcon('actions-logout', Icon::SIZE_SMALL)->render('inline') . ' ';
- $dropdown[] = $languageService->sL($buttonLabel, true);
+ $dropdown[] = htmlspecialchars($languageService->sL($buttonLabel));
$dropdown[] = '</a>';
$dropdown[] = '</li>';