diff --git a/typo3/sysext/core/Classes/Database/QueryView.php b/typo3/sysext/core/Classes/Database/QueryView.php
index 7a3a7fdb7dcf1fc670f40a5bccf11a290ec8b233..d4ed78b7d4c1bb9dacda7e12e5c844b589f51208 100644
--- a/typo3/sysext/core/Classes/Database/QueryView.php
+++ b/typo3/sysext/core/Classes/Database/QueryView.php
@@ -680,7 +680,7 @@ class QueryView
]
],
'redirect' => GeneralUtility::linkThisScript()
- ])) . '" title="' . $this->languageService->getLL('undelete_only', true) . '">';
+ ])) . '" title="' . htmlspecialchars($this->languageService->getLL('undelete_only')) . '">';
$out .= $this->iconFactory->getIcon('actions-edit-restore', Icon::SIZE_SMALL)->render() . '</a>';
$formEngineParameters = [
'edit' => [
@@ -700,7 +700,7 @@ class QueryView
]
],
'redirect' => $redirectUrl
- ]) . '" title="' . $this->languageService->getLL('undelete_and_edit', true) . '">';
+ ]) . '" title="' . htmlspecialchars($this->languageService->getLL('undelete_and_edit')) . '">';
$out .= $this->iconFactory->getIcon('actions-edit-restore-edit', Icon::SIZE_SMALL)->render() . '</a>';
}
$_params = array($table => $row);
diff --git a/typo3/sysext/filelist/Classes/Controller/FileListController.php b/typo3/sysext/filelist/Classes/Controller/FileListController.php
index 4a1ddb0c14fa225734965c0b91547d710f81e726..c5985b6121e33a191f9a316c98b1642353006dea 100644
--- a/typo3/sysext/filelist/Classes/Controller/FileListController.php
+++ b/typo3/sysext/filelist/Classes/Controller/FileListController.php
@@ -208,10 +208,10 @@ class FileListController extends ActionController
$this->folderObject = null;
$this->errorMessage = GeneralUtility::makeInstance(FlashMessage::class,
sprintf(
- $this->getLanguageService()->getLL('missingFolderPermissionsMessage', true),
- htmlspecialchars($this->id)
+ $this->getLanguageService()->getLL('missingFolderPermissionsMessage'),
+ $this->id
),
- $this->getLanguageService()->getLL('missingFolderPermissionsTitle', true),
+ $this->getLanguageService()->getLL('missingFolderPermissionsTitle'),
FlashMessage::NOTICE
);
} catch (Exception $fileException) {
@@ -228,17 +228,17 @@ class FileListController extends ActionController
}
$this->errorMessage = GeneralUtility::makeInstance(FlashMessage::class,
sprintf(
- $this->getLanguageService()->getLL('folderNotFoundMessage', true),
- htmlspecialchars($this->id)
+ $this->getLanguageService()->getLL('folderNotFoundMessage'),
+ $this->id
),
- $this->getLanguageService()->getLL('folderNotFoundTitle', true),
+ $this->getLanguageService()->getLL('folderNotFoundTitle'),
FlashMessage::NOTICE
);
} catch (\RuntimeException $e) {
$this->folderObject = null;
$this->errorMessage = GeneralUtility::makeInstance(FlashMessage::class,
$e->getMessage() . ' (' . $e->getCode() . ')',
- $this->getLanguageService()->getLL('folderNotFoundTitle', true),
+ $this->getLanguageService()->getLL('folderNotFoundTitle'),
FlashMessage::NOTICE
);
}
@@ -432,19 +432,19 @@ class FileListController extends ActionController
$this->view->assign('checkboxes', [
'bigControlPanel' => [
'enabled' => $this->getBackendUser()->getTSConfigVal('options.file_list.enableDisplayBigControlPanel') === 'selectable',
- 'label' => $this->getLanguageService()->getLL('bigControlPanel', true),
+ 'label' => htmlspecialchars($this->getLanguageService()->getLL('bigControlPanel')),
'html' => BackendUtility::getFuncCheck($this->id, 'SET[bigControlPanel]',
$this->MOD_SETTINGS['bigControlPanel'], '', '', 'id="bigControlPanel"'),
],
'displayThumbs' => [
'enabled' => $GLOBALS['TYPO3_CONF_VARS']['GFX']['thumbnails'] && $this->getBackendUser()->getTSConfigVal('options.file_list.enableDisplayThumbnails') === 'selectable',
- 'label' => $this->getLanguageService()->getLL('displayThumbs', true),
+ 'label' => htmlspecialchars($this->getLanguageService()->getLL('displayThumbs')),
'html' => BackendUtility::getFuncCheck($this->id, 'SET[displayThumbs]',
$this->MOD_SETTINGS['displayThumbs'], '', '', 'id="checkDisplayThumbs"'),
],
'enableClipBoard' => [
'enabled' => $this->getBackendUser()->getTSConfigVal('options.file_list.enableClipBoard') === 'selectable',
- 'label' => $this->getLanguageService()->getLL('clipBoard', true),
+ 'label' => htmlspecialchars($this->getLanguageService()->getLL('clipBoard')),
'html' => BackendUtility::getFuncCheck($this->id, 'SET[clipBoard]',
$this->MOD_SETTINGS['clipBoard'], '', '', 'id="checkClipBoard"'),
]
diff --git a/typo3/sysext/filelist/Classes/FileFacade.php b/typo3/sysext/filelist/Classes/FileFacade.php
index 48f89d3fc0af354a4eca8b98aa879f59232b3e1e..131fb9c4f812096e3451a2acca609ea744c37880 100644
--- a/typo3/sysext/filelist/Classes/FileFacade.php
+++ b/typo3/sysext/filelist/Classes/FileFacade.php
@@ -163,7 +163,7 @@ class FileFacade
*/
public function getSize()
{
- return GeneralUtility::formatSize($this->resource->getSize(), $this->getLanguageService()->getLL('byteSizeUnits', true));
+ return GeneralUtility::formatSize($this->resource->getSize(), htmlspecialchars($this->getLanguageService()->getLL('byteSizeUnits')));
}
/**
diff --git a/typo3/sysext/filelist/Classes/FileList.php b/typo3/sysext/filelist/Classes/FileList.php
index c61cf83ca26f0e0d62158fbd78df86e21a01e19b..ca0773276daab82825ade7477703207b3b2f4a2c 100644
--- a/typo3/sysext/filelist/Classes/FileList.php
+++ b/typo3/sysext/filelist/Classes/FileList.php
@@ -401,16 +401,16 @@ class FileList extends AbstractRecordList
$elToConfirm
)) . '"'
. ' data-severity="warning"'
- . ' data-title="' . $this->getLanguageService()->getLL('clip_paste', true) . '"'
- . ' title="' . $this->getLanguageService()->getLL('clip_paste', true) . '">'
+ . ' data-title="' . htmlspecialchars($this->getLanguageService()->getLL('clip_paste')) . '"'
+ . ' title="' . htmlspecialchars($this->getLanguageService()->getLL('clip_paste')) . '">'
. $this->iconFactory->getIcon('actions-document-paste-after', Icon::SIZE_SMALL)
->render()
. '</a>';
}
}
if ($this->clipObj->current !== 'normal' && $iOut) {
- $cells[] = $this->linkClipboardHeaderIcon('<span title="' . $this->getLanguageService()->getLL('clip_selectMarked', true) . '">' . $this->iconFactory->getIcon('actions-edit-copy', Icon::SIZE_SMALL)->render() . '</span>', $table, 'setCB');
- $cells[] = $this->linkClipboardHeaderIcon('<span title="' . $this->getLanguageService()->getLL('clip_deleteMarked', true) . '">' . $this->iconFactory->getIcon('actions-edit-delete', Icon::SIZE_SMALL)->render(), $table, 'delete', $this->getLanguageService()->getLL('clip_deleteMarkedWarning'));
+ $cells[] = $this->linkClipboardHeaderIcon('<span title="' . htmlspecialchars($this->getLanguageService()->getLL('clip_selectMarked')) . '">' . $this->iconFactory->getIcon('actions-edit-copy', Icon::SIZE_SMALL)->render() . '</span>', $table, 'setCB');
+ $cells[] = $this->linkClipboardHeaderIcon('<span title="' . htmlspecialchars($this->getLanguageService()->getLL('clip_deleteMarked')) . '">' . $this->iconFactory->getIcon('actions-edit-delete', Icon::SIZE_SMALL)->render(), $table, 'delete', $this->getLanguageService()->getLL('clip_deleteMarkedWarning'));
$onClick = 'checkOffCB(' . GeneralUtility::quoteJSvalue(implode(',', $this->CBnames)) . ', this); return false;';
$cells[] = '<a class="btn btn-default" rel="" href="#" onclick="' . htmlspecialchars($onClick) . '" title="' . $this->getLanguageService()->getLL('clip_markRecords', true) . '">' . $this->iconFactory->getIcon('actions-document-select', Icon::SIZE_SMALL)->render() . '</a>';
}
@@ -482,11 +482,11 @@ class FileList extends AbstractRecordList
public function getFolderInfo()
{
if ($this->counter == 1) {
- $fileLabel = $this->getLanguageService()->getLL('file', true);
+ $fileLabel = htmlspecialchars($this->getLanguageService()->getLL('file'));
} else {
- $fileLabel = $this->getLanguageService()->getLL('files', true);
+ $fileLabel = htmlspecialchars($this->getLanguageService()->getLL('files'));
}
- return $this->counter . ' ' . $fileLabel . ', ' . GeneralUtility::formatSize($this->totalbytes, $this->getLanguageService()->getLL('byteSizeUnits', true));
+ return $this->counter . ' ' . $fileLabel . ', ' . GeneralUtility::formatSize($this->totalbytes, htmlspecialchars($this->getLanguageService()->getLL('byteSizeUnits')));
}
/**
@@ -538,13 +538,13 @@ class FileList extends AbstractRecordList
} catch (InsufficientFolderAccessPermissionsException $e) {
$numFiles = 0;
}
- $theData[$field] = $numFiles . ' ' . $this->getLanguageService()->getLL(($numFiles === 1 ? 'file' : 'files'), true);
+ $theData[$field] = $numFiles . ' ' . htmlspecialchars($this->getLanguageService()->getLL(($numFiles === 1 ? 'file' : 'files')));
break;
case 'rw':
- $theData[$field] = '<strong class="text-danger">' . $this->getLanguageService()->getLL('read', true) . '</strong>' . (!$isWritable ? '' : '<strong class="text-danger">' . $this->getLanguageService()->getLL('write', true) . '</strong>');
+ $theData[$field] = '<strong class="text-danger">' . htmlspecialchars($this->getLanguageService()->getLL('read')) . '</strong>' . (!$isWritable ? '' : '<strong class="text-danger">' . htmlspecialchars($this->getLanguageService()->getLL('write')) . '</strong>');
break;
case 'fileext':
- $theData[$field] = $this->getLanguageService()->getLL('folder', true);
+ $theData[$field] = htmlspecialchars($this->getLanguageService()->getLL('folder'));
break;
case 'tstamp':
$tstamp = $folderObject->getModificationTime();
@@ -676,10 +676,10 @@ class FileList extends AbstractRecordList
foreach ($this->fieldArray as $field) {
switch ($field) {
case 'size':
- $theData[$field] = GeneralUtility::formatSize($fileObject->getSize(), $this->getLanguageService()->getLL('byteSizeUnits', true));
+ $theData[$field] = GeneralUtility::formatSize($fileObject->getSize(), htmlspecialchars($this->getLanguageService()->getLL('byteSizeUnits')));
break;
case 'rw':
- $theData[$field] = '' . (!$fileObject->checkActionPermission('read') ? ' ' : '<strong class="text-danger">' . $this->getLanguageService()->getLL('read', true) . '</strong>') . (!$fileObject->checkActionPermission('write') ? '' : '<strong class="text-danger">' . $this->getLanguageService()->getLL('write', true) . '</strong>');
+ $theData[$field] = '' . (!$fileObject->checkActionPermission('read') ? ' ' : '<strong class="text-danger">' . htmlspecialchars($this->getLanguageService()->getLL('read')) . '</strong>') . (!$fileObject->checkActionPermission('write') ? '' : '<strong class="text-danger">' . htmlspecialchars($this->getLanguageService()->getLL('write')) . '</strong>');
break;
case 'fileext':
$theData[$field] = strtoupper($ext);
@@ -736,7 +736,7 @@ class FileList extends AbstractRecordList
$theData[$field] = ' <div class="localisationData btn-group" data-fileid="' . $fileObject->getUid() . '"' .
(empty($translations) ? ' style="display: none;"' : '') . '>' . $languageCode . '</div>';
$theData[$field] .= '<a class="btn btn-default filelist-translationToggler" data-fileid="' . $fileObject->getUid() . '">' .
- '<span title="' . $this->getLanguageService()->getLL('translateMetadata', true) . '">'
+ '<span title="' . htmlspecialchars($this->getLanguageService()->getLL('translateMetadata')) . '">'
. $this->iconFactory->getIcon('mimetypes-x-content-page-language-overlay', Icon::SIZE_SMALL)->render() . '</span>'
. '</a>';
}
@@ -906,8 +906,8 @@ class FileList extends AbstractRecordList
. ' href="' . htmlspecialchars($this->clipObj->pasteUrl('_FILE', $fullIdentifier)) . '"'
. ' data-content="' . htmlspecialchars($this->clipObj->confirmMsgText('_FILE', $fullName, 'into', $elToConfirm)) . '"'
. ' data-severity="warning"'
- . ' data-title="' . $this->getLanguageService()->getLL('clip_pasteInto', true) . '"'
- . ' title="' . $this->getLanguageService()->getLL('clip_pasteInto', true) . '"'
+ . ' data-title="' . htmlspecialchars($this->getLanguageService()->getLL('clip_pasteInto')) . '"'
+ . ' title="' . htmlspecialchars($this->getLanguageService()->getLL('clip_pasteInto')) . '"'
. '>'
. $this->iconFactory->getIcon('actions-document-paste-into', Icon::SIZE_SMALL)->render()
. '</a>';
diff --git a/typo3/sysext/impexp/Classes/Controller/ImportExportController.php b/typo3/sysext/impexp/Classes/Controller/ImportExportController.php
index 526e2cb9646b8905bc39bfceb5c1dbbbf52f5f96..a685b65f253cb0b33a3b96bf5eaeaf7364ce9ed0 100644
--- a/typo3/sysext/impexp/Classes/Controller/ImportExportController.php
+++ b/typo3/sysext/impexp/Classes/Controller/ImportExportController.php
@@ -849,9 +849,9 @@ class ImportExportController extends BaseScriptClass
$this->standaloneView->assign('fileSelectOptions', $selectOptions);
if ($path) {
- $this->standaloneView->assign('importPath', sprintf($this->lang->getLL('importdata_fromPathS', true), $path->getCombinedIdentifier()));
+ $this->standaloneView->assign('importPath', sprintf($this->lang->getLL('importdata_fromPathS'), $path->getCombinedIdentifier()));
} else {
- $this->standaloneView->assign('importPath', $this->lang->getLL('importdata_no_default_upload_folder', true));
+ $this->standaloneView->assign('importPath', $this->lang->getLL('importdata_no_default_upload_folder'));
}
$this->standaloneView->assign('isAdmin', $beUser->isAdmin());
diff --git a/typo3/sysext/impexp/Classes/ImportExport.php b/typo3/sysext/impexp/Classes/ImportExport.php
index 462a7459e1e2e7c4080a4b0f36507f3acec6ee2c..481ab980999de0825f0798cb080c45df4668e475 100644
--- a/typo3/sysext/impexp/Classes/ImportExport.php
+++ b/typo3/sysext/impexp/Classes/ImportExport.php
@@ -519,7 +519,7 @@ abstract class ImportExport
$lang = $this->getLanguageService();
if ($table === '_SOFTREF_') {
$pInfo['preCode'] = $preCode;
- $pInfo['title'] = '<em>' . $lang->getLL('impexpcore_singlereco_softReferencesFiles', true) . '</em>';
+ $pInfo['title'] = '<em>' . htmlspecialchars($lang->getLL('impexpcore_singlereco_softReferencesFiles')) . '</em>';
} elseif (!isset($GLOBALS['TCA'][$table])) {
// Unknown table name:
$pInfo['preCode'] = $preCode;
@@ -631,12 +631,12 @@ abstract class ImportExport
$pInfo['title'] = '<em>' . $info['field'] . ', "' . $info['spKey'] . '" </em>: <span title="' . htmlspecialchars($info['matchString']) . '">' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($info['matchString'], 60)) . '</span>';
if ($info['subst']['type']) {
if (strlen($info['subst']['title'])) {
- $pInfo['title'] .= '<br/>' . $preCode_B . '<strong>' . $lang->getLL('impexpcore_singlereco_title', true) . '</strong> ' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($info['subst']['title'], 60));
+ $pInfo['title'] .= '<br/>' . $preCode_B . '<strong>' . htmlspecialchars($lang->getLL('impexpcore_singlereco_title')) . '</strong> ' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($info['subst']['title'], 60));
}
if (strlen($info['subst']['description'])) {
- $pInfo['title'] .= '<br/>' . $preCode_B . '<strong>' . $lang->getLL('impexpcore_singlereco_descr', true) . '</strong> ' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($info['subst']['description'], 60));
+ $pInfo['title'] .= '<br/>' . $preCode_B . '<strong>' . htmlspecialchars($lang->getLL('impexpcore_singlereco_descr')) . '</strong> ' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($info['subst']['description'], 60));
}
- $pInfo['title'] .= '<br/>' . $preCode_B . ($info['subst']['type'] == 'file' ? $lang->getLL('impexpcore_singlereco_filename', true) . ' <strong>' . $info['subst']['relFileName'] . '</strong>' : '') . ($info['subst']['type'] == 'string' ? $lang->getLL('impexpcore_singlereco_value', true) . ' <strong>' . $info['subst']['tokenValue'] . '</strong>' : '') . ($info['subst']['type'] == 'db' ? $lang->getLL('impexpcore_softrefsel_record', true) . ' <strong>' . $info['subst']['recordRef'] . '</strong>' : '');
+ $pInfo['title'] .= '<br/>' . $preCode_B . ($info['subst']['type'] == 'file' ? htmlspecialchars($lang->getLL('impexpcore_singlereco_filename')) . ' <strong>' . $info['subst']['relFileName'] . '</strong>' : '') . ($info['subst']['type'] == 'string' ? htmlspecialchars($lang->getLL('impexpcore_singlereco_value')) . ' <strong>' . $info['subst']['tokenValue'] . '</strong>' : '') . ($info['subst']['type'] == 'db' ? htmlspecialchars($lang->getLL('impexpcore_softrefsel_record')) . ' <strong>' . $info['subst']['recordRef'] . '</strong>' : '');
}
$pInfo['ref'] = 'SOFTREF';
$pInfo['size'] = '';
@@ -862,7 +862,7 @@ abstract class ImportExport
{
if ($this->mode === 'export') {
if ($r['type'] === 'record') {
- return '<input type="checkbox" class="t3js-exclude-checkbox" name="tx_impexp[exclude][' . $r['ref'] . ']" id="checkExclude' . $r['ref'] . '" value="1" /> <label for="checkExclude' . $r['ref'] . '">' . $this->getLanguageService()->getLL('impexpcore_singlereco_exclude', true) . '</label>';
+ return '<input type="checkbox" class="t3js-exclude-checkbox" name="tx_impexp[exclude][' . $r['ref'] . ']" id="checkExclude' . $r['ref'] . '" value="1" /> <label for="checkExclude' . $r['ref'] . '">' . htmlspecialchars($this->getLanguageService()->getLL('impexpcore_singlereco_exclude')) . '</label>';
} else {
return $r['type'] == 'softref' ? $this->softrefSelector($r['_softRefInfo']) : '';
}
@@ -913,7 +913,7 @@ abstract class ImportExport
// Description:
if (!strlen($cfg['subst']['description'])) {
$descriptionField .= '
- ' . $this->getLanguageService()->getLL('impexpcore_printerror_description', true) . '<br/>
+ ' . htmlspecialchars($this->getLanguageService()->getLL('impexpcore_printerror_description')) . '<br/>
<input type="text" name="tx_impexp[softrefCfg][' . $cfg['subst']['tokenID'] . '][description]" value="' . htmlspecialchars($this->softrefCfg[$cfg['subst']['tokenID']]['description']) . '" />';
} else {
$descriptionField .= '
diff --git a/typo3/sysext/lowlevel/Classes/View/DatabaseIntegrityView.php b/typo3/sysext/lowlevel/Classes/View/DatabaseIntegrityView.php
index 0db784e82bc314bfe216e6d6a96698909ba5d3d5..f0519cf8f3bd6f4e7727d7de9afda3d783954318 100644
--- a/typo3/sysext/lowlevel/Classes/View/DatabaseIntegrityView.php
+++ b/typo3/sysext/lowlevel/Classes/View/DatabaseIntegrityView.php
@@ -114,15 +114,15 @@ class DatabaseIntegrityView extends BaseScriptClass
// Values NOT in this array will not be saved in the settings-array for the module.
$this->MOD_MENU = array(
'function' => array(
- 0 => $lang->getLL('menuTitle', true),
- 'records' => $lang->getLL('recordStatistics', true),
- 'relations' => $lang->getLL('databaseRelations', true),
- 'search' => $lang->getLL('fullSearch', true),
- 'refindex' => $lang->getLL('manageRefIndex', true)
+ 0 => htmlspecialchars($lang->getLL('menuTitle')),
+ 'records' => htmlspecialchars($lang->getLL('recordStatistics')),
+ 'relations' => htmlspecialchars($lang->getLL('databaseRelations')),
+ 'search' => htmlspecialchars($lang->getLL('fullSearch')),
+ 'refindex' => htmlspecialchars($lang->getLL('manageRefIndex'))
),
'search' => array(
- 'raw' => $lang->getLL('rawSearch', true),
- 'query' => $lang->getLL('advancedQuery', true)
+ 'raw' => htmlspecialchars($lang->getLL('rawSearch')),
+ 'query' => htmlspecialchars($lang->getLL('advancedQuery'))
),
'search_query_smallparts' => '',
'search_result_labels' => '',
@@ -152,10 +152,10 @@ class DatabaseIntegrityView extends BaseScriptClass
'storeQueryConfigs' => '',
// Used to store the available Query configs in memory
'search_query_makeQuery' => array(
- 'all' => $lang->getLL('selectRecords', true),
- 'count' => $lang->getLL('countResults', true),
- 'explain' => $lang->getLL('explainQuery', true),
- 'csv' => $lang->getLL('csvExport', true)
+ 'all' => htmlspecialchars($lang->getLL('selectRecords')),
+ 'count' => htmlspecialchars($lang->getLL('countResults')),
+ 'explain' => htmlspecialchars($lang->getLL('explainQuery')),
+ 'csv' => htmlspecialchars($lang->getLL('csvExport'))
),
'sword' => ''
);
@@ -439,7 +439,7 @@ class DatabaseIntegrityView extends BaseScriptClass
if (is_array($admin->lRecords[$t])) {
foreach ($admin->lRecords[$t] as $data) {
if (!GeneralUtility::inList($admin->lostPagesList, $data['pid'])) {
- $lr .= '<div class="record"><a href="' . htmlspecialchars((BackendUtility::getModuleUrl('system_dbint') . '&SET[function]=records&fixLostRecords_table=' . $t . '&fixLostRecords_uid=' . $data['uid'])) . '" title="' . $lang->getLL('fixLostRecord', true) . '">' . $this->iconFactory->getIcon('status-dialog-error', Icon::SIZE_SMALL)->render() . '</a>uid:' . $data['uid'] . ', pid:' . $data['pid'] . ', ' . htmlspecialchars(GeneralUtility::fixed_lgd_cs(strip_tags($data['title']), 20)) . '</div>';
+ $lr .= '<div class="record"><a href="' . htmlspecialchars((BackendUtility::getModuleUrl('system_dbint') . '&SET[function]=records&fixLostRecords_table=' . $t . '&fixLostRecords_uid=' . $data['uid'])) . '" title="' . htmlspecialchars($lang->getLL('fixLostRecord')) . '">' . $this->iconFactory->getIcon('status-dialog-error', Icon::SIZE_SMALL)->render() . '</a>uid:' . $data['uid'] . ', pid:' . $data['pid'] . ', ' . htmlspecialchars(GeneralUtility::fixed_lgd_cs(strip_tags($data['title']), 20)) . '</div>';
} else {
$lr .= '<div class="record-noicon">uid:' . $data['uid'] . ', pid:' . $data['pid'] . ', ' . htmlspecialchars(GeneralUtility::fixed_lgd_cs(strip_tags($data['title']), 20)) . '</div>';
}
diff --git a/typo3/sysext/opendocs/Classes/Backend/ToolbarItems/OpendocsToolbarItem.php b/typo3/sysext/opendocs/Classes/Backend/ToolbarItems/OpendocsToolbarItem.php
index 180f529982ac78c80ec75ce4457e058ab40a604f..f475294fb5049aa9b9985dc7d87ff5a50b86fa83 100644
--- a/typo3/sysext/opendocs/Classes/Backend/ToolbarItems/OpendocsToolbarItem.php
+++ b/typo3/sysext/opendocs/Classes/Backend/ToolbarItems/OpendocsToolbarItem.php
@@ -85,7 +85,7 @@ class OpendocsToolbarItem implements ToolbarItemInterface
public function getItem()
{
$numDocs = count($this->openDocs);
- $title = $this->getLanguageService()->getLL('toolbaritem', true);
+ $title = htmlspecialchars($this->getLanguageService()->getLL('toolbaritem'));
$opendocsMenu = array();
$opendocsMenu[] = '<span title="' . $title . '">' . $this->iconFactory->getIcon('apps-toolbar-menu-opendocs', Icon::SIZE_SMALL)->render('inline') . '</span>';
@@ -106,7 +106,7 @@ class OpendocsToolbarItem implements ToolbarItemInterface
$recentDocuments = $this->recentDocs;
$entries = array();
if (!empty($openDocuments)) {
- $entries[] = '<li class="dropdown-header">' . $languageService->getLL('open_docs', true) . '</li>';
+ $entries[] = '<li class="dropdown-header">' . htmlspecialchars($languageService->getLL('open_docs')) . '</li>';
$i = 0;
foreach ($openDocuments as $md5sum => $openDocument) {
$i++;
@@ -116,7 +116,7 @@ class OpendocsToolbarItem implements ToolbarItemInterface
}
// If there are "recent documents" in the list, add them
if (!empty($recentDocuments)) {
- $entries[] = '<li class="dropdown-header">' . $languageService->getLL('recent_docs', true) . '</li>';
+ $entries[] = '<li class="dropdown-header">' . htmlspecialchars($languageService->getLL('recent_docs')) . '</li>';
$i = 0;
foreach ($recentDocuments as $md5sum => $recentDocument) {
$i++;
@@ -126,7 +126,7 @@ class OpendocsToolbarItem implements ToolbarItemInterface
if (!empty($entries)) {
$content = '<ul class="dropdown-list">' . implode('', $entries) . '</ul>';
} else {
- $content = '<p>' . $languageService->getLL('no_docs', true) . '</p>';
+ $content = '<p>' . htmlspecialchars($languageService->getLL('no_docs')) . '</p>';
}
return $content;
}
diff --git a/typo3/sysext/rtehtmlarea/Classes/Controller/BrowseLinksController.php b/typo3/sysext/rtehtmlarea/Classes/Controller/BrowseLinksController.php
index 2c1228ce55d53627158519f2b126ecb2269a8870..073aa2e354009fbbcfd1e43653a6aab5c2f2d100 100644
--- a/typo3/sysext/rtehtmlarea/Classes/Controller/BrowseLinksController.php
+++ b/typo3/sysext/rtehtmlarea/Classes/Controller/BrowseLinksController.php
@@ -361,11 +361,11 @@ class BrowseLinksController extends AbstractLinkBrowserController
*/
protected function renderCurrentUrl()
{
- $removeLink = ' <a href="#" class="btn btn-default t3js-removeCurrentLink">' . $this->getLanguageService()->getLL('removeLink', true) . '</a>';
+ $removeLink = ' <a href="#" class="btn btn-default t3js-removeCurrentLink">' . htmlspecialchars($this->getLanguageService()->getLL('removeLink')) . '</a>';
return '
<div class="link-browser-section link-browser-current-link">
<strong>' .
- $this->getLanguageService()->getLL('currentLink', true) .
+ htmlspecialchars($this->getLanguageService()->getLL('currentLink')) .
': ' .
htmlspecialchars($this->currentLinkHandler->formatCurrentUrl()) .
'</strong>' .
@@ -448,7 +448,7 @@ class BrowseLinksController extends AbstractLinkBrowserController
<form action="" name="lrelform" id="lrelform" class="t3js-dummyform form-horizontal">
<div class="form-group form-group-sm">
<label class="col-xs-4 control-label">' .
- $this->getLanguageService()->getLL('linkRelationship', true) .
+ htmlspecialchars($this->getLanguageService()->getLL('linkRelationship')) .
'</label>
<div class="col-xs-8">
<input type="text" name="lrel" class="form-control" value="' . $currentRel . '" />
@@ -477,8 +477,8 @@ class BrowseLinksController extends AbstractLinkBrowserController
$targetSelector = '
<select name="ltarget_type" class="t3js-targetPreselect form-control">
<option value=""></option>
- <option value="_top">' . $lang->getLL('top', true) . '</option>
- <option value="_blank">' . $lang->getLL('newWindow', true) . '</option>
+ <option value="_top">' . htmlspecialchars($lang->getLL('top')) . '</option>
+ <option value="_blank">' . htmlspecialchars($lang->getLL('newWindow')) . '</option>
</select>
';
}
@@ -486,7 +486,7 @@ class BrowseLinksController extends AbstractLinkBrowserController
return '
<form action="" name="ltargetform" id="ltargetform" class="t3js-dummyform form-horizontal">
<div class="form-group form-group-sm" ' . ($targetSelectorConfig['disabled'] ? ' style="display: none;"' : '') . '>
- <label class="col-xs-4 control-label">' . $lang->getLL('target', true) . '</label>
+ <label class="col-xs-4 control-label">' . htmlspecialchars($lang->getLL('target')) . '</label>
<div class="col-xs-3">
<input type="text" name="ltarget" class="t3js-linkTarget form-control"
value="' . htmlspecialchars($target) . '" />
@@ -532,7 +532,7 @@ class BrowseLinksController extends AbstractLinkBrowserController
<form action="" name="ltitleform" id="ltitleform" class="t3js-dummyform form-horizontal">
<div class="form-group form-group-sm">
<label class="col-xs-4 control-label">
- ' . $this->getLanguageService()->getLL('anchor_title', true) . '
+ ' . htmlspecialchars($this->getLanguageService()->getLL('anchor_title')) . '
</label>
<div class="col-xs-8">
<span style="display: ' . ($readOnly ? 'none' : 'inline') . ';">
@@ -561,7 +561,7 @@ class BrowseLinksController extends AbstractLinkBrowserController
<form action="" name="lclassform" id="lclassform" class="t3js-dummyform">
<table border="0" cellpadding="2" cellspacing="1" id="typo3-linkClass">
<tr>
- <td style="width: 96px;">' . $this->getLanguageService()->getLL('anchor_class', true) . '</td>
+ <td style="width: 96px;">' . htmlspecialchars($this->getLanguageService()->getLL('anchor_class')) . '</td>
<td><select name="lclass" class="t3js-class-selector form-control">
' . $this->classesAnchorJSOptions[$this->displayedLinkHandlerId] . '
</select></td>
diff --git a/typo3/sysext/rtehtmlarea/Classes/Controller/UserElementsController.php b/typo3/sysext/rtehtmlarea/Classes/Controller/UserElementsController.php
index c449061c6cb704f1c18ba74bf043c9b171fd6cf5..bfbab25cb8bb76ba728f361da8a76fa0760e91aa 100644
--- a/typo3/sysext/rtehtmlarea/Classes/Controller/UserElementsController.php
+++ b/typo3/sysext/rtehtmlarea/Classes/Controller/UserElementsController.php
@@ -172,7 +172,7 @@ class UserElementsController
public function main_user($openKeys)
{
// Starting content:
- $content = $this->doc->startPage($GLOBALS['LANG']->getLL('Insert Custom Element', true));
+ $content = $this->doc->startPage(htmlspecialchars($GLOBALS['LANG']->getLL('Insert Custom Element')));
$RTEtsConfigParts = explode(':', \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('RTEtsConfigParams'));
$RTEsetup = $GLOBALS['BE_USER']->getTSConfig('RTE', \TYPO3\CMS\Backend\Utility\BackendUtility::getPagesTSconfig($RTEtsConfigParts[5]));
$thisConfig = \TYPO3\CMS\Backend\Utility\BackendUtility::RTEsetup($RTEsetup['properties'], $RTEtsConfigParts[0], $RTEtsConfigParts[2], $RTEtsConfigParts[4]);
@@ -200,7 +200,7 @@ class UserElementsController
$mArray[$ks . '.'] = array(
'content' => '<img src="' . $this->siteUrl . $v['path'] . $filename . '" />',
'_icon' => '<img src="' . $this->siteUrl . $v['path'] . $filename . '" ' . $iInfo[3] . ' />',
- 'description' => $GLOBALS['LANG']->getLL('filesize') . ': ' . str_replace(' ', ' ', \TYPO3\CMS\Core\Utility\GeneralUtility::formatSize(@filesize((PATH_site . $v['path'] . $filename)))) . ', ' . $GLOBALS['LANG']->getLL('pixels', 1) . ': ' . $iInfo[0] . 'x' . $iInfo[1]
+ 'description' => $GLOBALS['LANG']->getLL('filesize') . ': ' . str_replace(' ', ' ', \TYPO3\CMS\Core\Utility\GeneralUtility::formatSize(@filesize((PATH_site . $v['path'] . $filename)))) . ', ' . htmlspecialchars($GLOBALS['LANG']->getLL('pixels')) . ': ' . $iInfo[0] . 'x' . $iInfo[1]
);
$c++;
}
@@ -220,7 +220,7 @@ class UserElementsController
if (substr($k2, -1) == '.' && is_array($v[$k2i . '.'])) {
$title = trim($v[$k2i]);
if (!$title) {
- $title = '[' . $GLOBALS['LANG']->getLL('noTitle', true) . ']';
+ $title = '[' . htmlspecialchars($GLOBALS['LANG']->getLL('noTitle')) . ']';
} else {
$title = $GLOBALS['LANG']->sL($title, true);
}
@@ -269,7 +269,7 @@ class UserElementsController
$title = trim($thisConfig['userElements.'][$k]);
$openK = $k;
if (!$title) {
- $title = '[' . $GLOBALS['LANG']->getLL('noTitle', true) . ']';
+ $title = '[' . htmlspecialchars($GLOBALS['LANG']->getLL('noTitle')) . ']';
} else {
$title = $GLOBALS['LANG']->sL($title, true);
}
@@ -277,7 +277,7 @@ class UserElementsController
$uriBuilder = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Routing\UriBuilder::class);
$url = (string)$uriBuilder->buildUriFromRoute('rtehtmlarea_wizard_user_elements', array('OC_key' => ($openKeys[$openK] ? 'C|' : 'O|') . $openK));
- $lines[] = '<tr><td colspan="3"><a href="#" title="' . $GLOBALS['LANG']->getLL('expand', true) . '" onClick="jumpToUrl(' . GeneralUtility::quoteJSvalue($url) . ');return false;"><i class="fa fa-caret-square-o-' . ($openKeys[$openK] ? 'left' : 'right') . '" title="' . $GLOBALS['LANG']->getLL('expand', true) . '"></i><strong>' . $title . '</strong></a></td></tr>';
+ $lines[] = '<tr><td colspan="3"><a href="#" title="' . htmlspecialchars($GLOBALS['LANG']->getLL('expand')) . '" onClick="jumpToUrl(' . GeneralUtility::quoteJSvalue($url) . ');return false;"><i class="fa fa-caret-square-o-' . ($openKeys[$openK] ? 'left' : 'right') . '" title="' . htmlspecialchars($GLOBALS['LANG']->getLL('expand')) . '"></i><strong>' . $title . '</strong></a></td></tr>';
$lines[] = $v;
}
$content .= '<table class="table table-striped table-hover">' . implode('', $lines) . '</table>';
diff --git a/typo3/sysext/rtehtmlarea/Classes/ImageHandler/AddImageHandler.php b/typo3/sysext/rtehtmlarea/Classes/ImageHandler/AddImageHandler.php
index 3875a35ba854d2464a24c24787a9b567c196dc54..e1327f2838fb4f3236fe3adb2c1b2bb6af0fedfa 100644
--- a/typo3/sysext/rtehtmlarea/Classes/ImageHandler/AddImageHandler.php
+++ b/typo3/sysext/rtehtmlarea/Classes/ImageHandler/AddImageHandler.php
@@ -258,7 +258,7 @@ class AddImageHandler implements LinkParameterProviderInterface, LinkHandlerInte
<div class="element-browser-section element-browser-filetree">
<table border="0" cellpadding="0" cellspacing="0" id="typo3-EBfiles">
<tr>
- <td class="c-wCell" valign="top"><h3>' . $this->getLanguageService()->getLL('folderTree', true) . ':</h3>' . $tree . '</td>
+ <td class="c-wCell" valign="top"><h3>' . htmlspecialchars($this->getLanguageService()->getLL('folderTree')) . ':</h3>' . $tree . '</td>
<td class="c-wCell" valign="top">' . $files . '</td>
</tr>
</table>
@@ -318,8 +318,8 @@ class AddImageHandler implements LinkParameterProviderInterface, LinkHandlerInte
<th class="col-title" nowrap="nowrap">' . $folderIcon . ' ' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($folder->getIdentifier(), $titleLen)) . '</th>
<th class="col-control" nowrap="nowrap"></th>
<th class="col-clipboard" nowrap="nowrap">
- <a href="#" class="btn btn-default" id="t3js-importSelection" title="' . $lang->getLL('importSelection', true) . '">' . $this->iconFactory->getIcon('actions-document-import-t3d', Icon::SIZE_SMALL) . '</a>
- <a href="#" class="btn btn-default" id="t3js-toggleSelection" title="' . $lang->getLL('toggleSelection', true) . '">' . $this->iconFactory->getIcon('actions-document-select', Icon::SIZE_SMALL) . '</a>
+ <a href="#" class="btn btn-default" id="t3js-importSelection" title="' . htmlspecialchars($lang->getLL('importSelection')) . '">' . $this->iconFactory->getIcon('actions-document-import-t3d', Icon::SIZE_SMALL) . '</a>
+ <a href="#" class="btn btn-default" id="t3js-toggleSelection" title="' . htmlspecialchars($lang->getLL('toggleSelection')) . '">' . $this->iconFactory->getIcon('actions-document-select', Icon::SIZE_SMALL) . '</a>
</th>
<th nowrap="nowrap"> </th>
</tr>';
@@ -394,8 +394,8 @@ class AddImageHandler implements LinkParameterProviderInterface, LinkHandlerInte
<tr class="file_list_normal">
<td class="col-title" nowrap="nowrap">' . $filenameAndIcon . ' </td>
<td class="col-control">
- <div class="btn-group">' . $ATag . '<span title="' . $lang->getLL('addToList', true) . '">' . $this->iconFactory->getIcon('actions-edit-add', Icon::SIZE_SMALL)->render() . '</span>' . $ATag_e . '
- <a href="' . htmlspecialchars($Ahref) . '" class="btn btn-default" title="' . $lang->getLL('info', true) . '">' . $this->iconFactory->getIcon('actions-document-info', Icon::SIZE_SMALL) . '</a>
+ <div class="btn-group">' . $ATag . '<span title="' . htmlspecialchars($lang->getLL('addToList')) . '">' . $this->iconFactory->getIcon('actions-edit-add', Icon::SIZE_SMALL)->render() . '</span>' . $ATag_e . '
+ <a href="' . htmlspecialchars($Ahref) . '" class="btn btn-default" title="' . htmlspecialchars($lang->getLL('info')) . '">' . $this->iconFactory->getIcon('actions-document-info', Icon::SIZE_SMALL) . '</a>
</td>
<td class="col-clipboard" valign="top">' . $bulkCheckBox . '</td>
<td nowrap="nowrap"> ' . $pDim . '</td>
@@ -408,7 +408,7 @@ class AddImageHandler implements LinkParameterProviderInterface, LinkHandlerInte
}
}
- $out = '<h3>' . $lang->getLL('files', true) . ' ' . $filesCount . ':</h3>';
+ $out = '<h3>' . htmlspecialchars($lang->getLL('files')) . ' ' . $filesCount . ':</h3>';
$out .= GeneralUtility::makeInstance(FolderUtilityRenderer::class, $this)->getFileSearchField($this->searchWord);
$out .= '<div id="filelist">';
$out .= $this->getBulkSelector($filesCount);
diff --git a/typo3/sysext/scheduler/Classes/Controller/SchedulerModuleController.php b/typo3/sysext/scheduler/Classes/Controller/SchedulerModuleController.php
index d539e906d29616e1169a90ab352c20f6f80300d3..12622c9f464912914e75f2bd385e629f28a1349f 100644
--- a/typo3/sysext/scheduler/Classes/Controller/SchedulerModuleController.php
+++ b/typo3/sysext/scheduler/Classes/Controller/SchedulerModuleController.php
@@ -976,14 +976,14 @@ class SchedulerModuleController extends \TYPO3\CMS\Backend\Module\BaseScriptClas
// Header row
$table[] =
'<thead><tr>'
- . '<th><a href="#" id="checkall" title="' . $this->getLanguageService()->getLL('label.checkAll', true) . '" class="icon">' . $this->moduleTemplate->getIconFactory()->getIcon('actions-document-select', Icon::SIZE_SMALL)->render() . '</a></th>'
- . '<th>' . $this->getLanguageService()->getLL('label.id', true) . '</th>'
- . '<th>' . $this->getLanguageService()->getLL('task', true) . '</th>'
- . '<th>' . $this->getLanguageService()->getLL('label.type', true) . '</th>'
- . '<th>' . $this->getLanguageService()->getLL('label.frequency', true) . '</th>'
- . '<th>' . $this->getLanguageService()->getLL('label.parallel', true) . '</th>'
- . '<th>' . $this->getLanguageService()->getLL('label.lastExecution', true) . '</th>'
- . '<th>' . $this->getLanguageService()->getLL('label.nextExecution', true) . '</th>'
+ . '<th><a href="#" id="checkall" title="' . htmlspecialchars($this->getLanguageService()->getLL('label.checkAll')) . '" class="icon">' . $this->moduleTemplate->getIconFactory()->getIcon('actions-document-select', Icon::SIZE_SMALL)->render() . '</a></th>'
+ . '<th>' . htmlspecialchars($this->getLanguageService()->getLL('label.id')) . '</th>'
+ . '<th>' . htmlspecialchars($this->getLanguageService()->getLL('task')) . '</th>'
+ . '<th>' . htmlspecialchars($this->getLanguageService()->getLL('label.type')) . '</th>'
+ . '<th>' . htmlspecialchars($this->getLanguageService()->getLL('label.frequency')) . '</th>'
+ . '<th>' . htmlspecialchars($this->getLanguageService()->getLL('label.parallel')) . '</th>'
+ . '<th>' . htmlspecialchars($this->getLanguageService()->getLL('label.lastExecution')) . '</th>'
+ . '<th>' . htmlspecialchars($this->getLanguageService()->getLL('label.nextExecution')) . '</th>'
. '<th></th>'
. '</tr></thead>';
@@ -1029,17 +1029,17 @@ class SchedulerModuleController extends \TYPO3\CMS\Backend\Module\BaseScriptClas
. ' data-severity="warning"'
. ' data-title="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:delete', true) . '"'
. ' data-button-close-text="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:cancel', true) . '"'
- . ' data-content="' . $this->getLanguageService()->getLL('msg.delete', true) . '"'
+ . ' data-content="' . htmlspecialchars($this->getLanguageService()->getLL('msg.delete')) . '"'
. ' title="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:delete', true) . '" class="icon">' .
$this->moduleTemplate->getIconFactory()->getIcon('actions-edit-delete', Icon::SIZE_SMALL)->render() . '</a>';
$stopAction = '<a class="btn btn-default t3js-modal-trigger" href="' . htmlspecialchars($this->moduleUri . '&CMD=stop&tx_scheduler[uid]=' . $schedulerRecord['uid']) . '" '
. ' data-severity="warning"'
. ' data-title="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:stop', true) . '"'
. ' data-button-close-text="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:cancel', true) . '"'
- . ' data-content="' . $this->getLanguageService()->getLL('msg.stop', true) . '"'
+ . ' data-content="' . htmlspecialchars($this->getLanguageService()->getLL('msg.stop')) . '"'
. ' title="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:stop', true) . '" class="icon">' .
$this->moduleTemplate->getIconFactory()->getIcon('actions-document-close', Icon::SIZE_SMALL)->render() . '</a>';
- $runAction = '<a class="btn btn-default" href="' . htmlspecialchars($this->moduleUri . '&tx_scheduler[execute][]=' . $schedulerRecord['uid']) . '" title="' . $this->getLanguageService()->getLL('action.run_task', true) . '" class="icon">' .
+ $runAction = '<a class="btn btn-default" href="' . htmlspecialchars($this->moduleUri . '&tx_scheduler[execute][]=' . $schedulerRecord['uid']) . '" title="' . htmlspecialchars($this->getLanguageService()->getLL('action.run_task')) . '" class="icon">' .
$this->moduleTemplate->getIconFactory()->getIcon('extensions-scheduler-run-task', Icon::SIZE_SMALL)->render() . '</a>';
// Define some default values
diff --git a/typo3/sysext/setup/Classes/Controller/SetupModuleController.php b/typo3/sysext/setup/Classes/Controller/SetupModuleController.php
index 47cb00e079e37605ca1859331e7501bd8115de35..cc43cb1fd43389d38cafa0a0f7b708e95c6ade75 100644
--- a/typo3/sysext/setup/Classes/Controller/SetupModuleController.php
+++ b/typo3/sysext/setup/Classes/Controller/SetupModuleController.php
@@ -679,7 +679,7 @@ class SetupModuleController extends AbstractModule
foreach ($languages as $locale => $name) {
if ($locale !== 'default') {
$defaultName = isset($GLOBALS['LOCAL_LANG']['default']['lang_' . $locale]) ? $GLOBALS['LOCAL_LANG']['default']['lang_' . $locale][0]['source'] : $name;
- $localizedName = $this->getLanguageService()->getLL('lang_' . $locale, true);
+ $localizedName = htmlspecialchars($this->getLanguageService()->getLL('lang_' . $locale));
if ($localizedName === '') {
$localizedName = htmlspecialchars($name);
}
@@ -696,7 +696,7 @@ class SetupModuleController extends AbstractModule
</select>';
if ($this->getBackendUser()->uc['lang'] && !@is_dir((PATH_typo3conf . 'l10n/' . $this->getBackendUser()->uc['lang']))) {
// TODO: The text constants have to be moved into language files
- $languageUnavailableWarning = 'The selected language "' . $this->getLanguageService()->getLL(('lang_' . $this->getBackendUser()->uc['lang']), true) . '" is not available before the language files are installed. <br /> ' . ($this->getBackendUser()->isAdmin() ? 'You can use the Language module to easily download new language files.' : 'Please ask your system administrator to do this.');
+ $languageUnavailableWarning = 'The selected language "' . htmlspecialchars($this->getLanguageService()->getLL('lang_' . $this->getBackendUser()->uc['lang'])) . '" is not available before the language files are installed. <br /> ' . ($this->getBackendUser()->isAdmin() ? 'You can use the Language module to easily download new language files.' : 'Please ask your system administrator to do this.');
$languageCode = '<br /><span class="label label-danger">' . $languageUnavailableWarning . '</span><br /><br />' . $languageCode;
}
return $languageCode;
@@ -716,7 +716,7 @@ class SetupModuleController extends AbstractModule
$this->loadModules = GeneralUtility::makeInstance(ModuleLoader::class);
$this->loadModules->observeWorkspaces = true;
$this->loadModules->load($GLOBALS['TBE_MODULES']);
- $startModuleSelect = '<option value="">' . $this->getLanguageService()->getLL('startModule.firstInMenu', true) . '</option>';
+ $startModuleSelect = '<option value="">' . htmlspecialchars($this->getLanguageService()->getLL('startModule.firstInMenu')) . '</option>';
foreach ($pObj->loadModules->modules as $mainMod => $modData) {
if (!empty($modData['sub']) && is_array($modData['sub'])) {
$modules = '';
diff --git a/typo3/sysext/taskcenter/Classes/Controller/TaskModuleController.php b/typo3/sysext/taskcenter/Classes/Controller/TaskModuleController.php
index 59988e2791dbdcd9e13522d1846a18fb7769eebf..5f24116213f1100e34f7f8da172c8765ecb24286 100644
--- a/typo3/sysext/taskcenter/Classes/Controller/TaskModuleController.php
+++ b/typo3/sysext/taskcenter/Classes/Controller/TaskModuleController.php
@@ -196,7 +196,7 @@ class TaskModuleController extends BaseScriptClass
} else {
$flashMessage = GeneralUtility::makeInstance(
FlashMessage::class,
- $this->getLanguageService()->getLL('error-access', true),
+ $this->getLanguageService()->getLL('error-access'),
$this->getLanguageService()->getLL('error_header'),
FlashMessage::ERROR
);
@@ -205,7 +205,7 @@ class TaskModuleController extends BaseScriptClass
// Error if the task is not an instance of \TYPO3\CMS\Taskcenter\TaskInterface
$flashMessage = GeneralUtility::makeInstance(
FlashMessage::class,
- sprintf($this->getLanguageService()->getLL('error_no-instance', true), $taskClass, TaskInterface::class),
+ sprintf($this->getLanguageService()->getLL('error_no-instance'), $taskClass, TaskInterface::class),
$this->getLanguageService()->getLL('error_header'),
FlashMessage::ERROR
);
@@ -424,7 +424,7 @@ class TaskModuleController extends BaseScriptClass
} else {
$flashMessage = GeneralUtility::makeInstance(
FlashMessage::class,
- $this->getLanguageService()->getLL('no-tasks', true),
+ $this->getLanguageService()->getLL('no-tasks'),
'',
FlashMessage::INFO
);
diff --git a/typo3/sysext/wizard_sortpages/Classes/View/SortPagesWizardModuleFunction.php b/typo3/sysext/wizard_sortpages/Classes/View/SortPagesWizardModuleFunction.php
index ee4353a7586248bd0143d7370f1138455b4bcf8c..626cb9928d0066cbef94cdc9efe65bce15c020e0 100644
--- a/typo3/sysext/wizard_sortpages/Classes/View/SortPagesWizardModuleFunction.php
+++ b/typo3/sysext/wizard_sortpages/Classes/View/SortPagesWizardModuleFunction.php
@@ -80,13 +80,13 @@ class SortPagesWizardModuleFunction extends \TYPO3\CMS\Backend\Module\AbstractFu
$m_perms_clause = $this->getBackendUser()->getPagePermsClause(2);
// edit permissions for that page!
$pRec = BackendUtility::getRecord('pages', $rec['uid'], 'uid', ' AND ' . $m_perms_clause);
- $lines[] = '<tr><td nowrap="nowrap">' . $iconFactory->getIconForRecord('pages', $rec, Icon::SIZE_SMALL)->render() . (!is_array($pRec) ? '<strong class="text-danger">' . $lang->getLL('wiz_W', true) . '</strong></span> ' : '') . htmlspecialchars(GeneralUtility::fixed_lgd_cs($rec['title'], $GLOBALS['BE_USER']->uc['titleLen'])) . '</td>
+ $lines[] = '<tr><td nowrap="nowrap">' . $iconFactory->getIconForRecord('pages', $rec, Icon::SIZE_SMALL)->render() . (!is_array($pRec) ? '<strong class="text-danger">' . htmlspecialchars($lang->getLL('wiz_W')) . '</strong></span> ' : '') . htmlspecialchars(GeneralUtility::fixed_lgd_cs($rec['title'], $GLOBALS['BE_USER']->uc['titleLen'])) . '</td>
<td nowrap="nowrap">' . htmlspecialchars(GeneralUtility::fixed_lgd_cs($rec['subtitle'], $this->getBackendUser()->uc['titleLen'])) . '</td>
<td nowrap="nowrap">' . BackendUtility::datetime($rec['tstamp']) . '</td>
<td nowrap="nowrap">' . BackendUtility::datetime($rec['crdate']) . '</td>
</tr>';
}
- $theCode .= '<h2>' . $lang->getLL('wiz_currentPageOrder', true) . '</h2>';
+ $theCode .= '<h2>' . htmlspecialchars($lang->getLL('wiz_currentPageOrder')) . '</h2>';
$theCode .= '<div class="table-fit"><table class="table table-striped table-hover">' . implode('', $lines) . '</table></div>';
// Menu:
@@ -134,7 +134,7 @@ class SortPagesWizardModuleFunction extends \TYPO3\CMS\Backend\Module\AbstractFu
. ' data-severity="warning"'
. ' data-title="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:pleaseConfirm', true) . '"'
. ' data-button-close-text="' . $this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:cancel', true) . '"'
- . ' data-content="' . $this->getLanguageService()->getLL('wiz_changeOrder_msg1', true) . '"'
+ . ' data-content="' . htmlspecialchars($this->getLanguageService()->getLL('wiz_changeOrder_msg1')) . '"'
. ' >' . htmlspecialchars($title) . '</a>';
}
diff --git a/typo3/sysext/workspaces/Classes/Backend/ToolbarItems/WorkspaceSelectorToolbarItem.php b/typo3/sysext/workspaces/Classes/Backend/ToolbarItems/WorkspaceSelectorToolbarItem.php
index c910fd03fb352c8077f971ea3418550ad0c46d9e..ffdc8d52e6aae5cf4ee3f94c9a6439f04fe570b8 100644
--- a/typo3/sysext/workspaces/Classes/Backend/ToolbarItems/WorkspaceSelectorToolbarItem.php
+++ b/typo3/sysext/workspaces/Classes/Backend/ToolbarItems/WorkspaceSelectorToolbarItem.php
@@ -89,7 +89,7 @@ class WorkspaceSelectorToolbarItem implements ToolbarItemInterface
$index = 0;
$activeWorkspace = (int)$backendUser->workspace;
$stateCheckedIcon = $this->iconFactory->getIcon('status-status-checked', Icon::SIZE_SMALL)->render();
- $stateUncheckedIcon = '<span title="' . $languageService->getLL('bookmark_inactive', true) . '">' . $this->iconFactory->getIcon('empty-empty', Icon::SIZE_SMALL)->render() . '</span>';
+ $stateUncheckedIcon = '<span title="' . htmlspecialchars($languageService->getLL('bookmark_inactive')) . '">' . $this->iconFactory->getIcon('empty-empty', Icon::SIZE_SMALL)->render() . '</span>';
$workspaceSections = array(
'top' => array(),
'items' => array(),
@@ -111,12 +111,12 @@ class WorkspaceSelectorToolbarItem implements ToolbarItemInterface
// if there is at least one icon on top and if the access rights are there
if ($backendUser->check('modules', 'web_WorkspacesWorkspaces')) {
$workspaceSections['top'][] = '<li><a target="content" data-module="web_WorkspacesWorkspaces" class="dropdown-list-link tx-workspaces-modulelink">'
- . $stateUncheckedIcon . ' ' . $languageService->getLL('bookmark_workspace', true)
+ . $stateUncheckedIcon . ' ' . htmlspecialchars($languageService->getLL('bookmark_workspace'))
. '</a></li>';
}
} else {
// no items on top (= no workspace to work in)
- $workspaceSections['top'][] = '<li>' . $stateUncheckedIcon . ' ' . $languageService->getLL('bookmark_noWSfound', true) . '</li>';
+ $workspaceSections['top'][] = '<li>' . $stateUncheckedIcon . ' ' . htmlspecialchars($languageService->getLL('bookmark_noWSfound')) . '</li>';
}
$workspaceMenu = array(