MyShaarli/tpl/daily.html
ArthurHoaro 5f85fcd863 Working on shaarli/Shaarli#224
I reviewed character escaping everywhere with the following ideas:

  * use a single common function to escape user data: `escape` using `htmlspecialchars`.
  * sanitize fields in `index.php` after reading them from datastore and before sending them to templates.
  	It means no escaping function in Twig templates.
    2 reasons:
    * it reduces risks of security issue for future user made templates
    * more readable templates
  * sanitize user configuration fields after loading them.
2015-06-23 16:35:36 +02:00

62 lines
3 KiB
HTML

<!DOCTYPE html>
<html>
<head>{include="includes"}</head>
<body>
<div id="pageheader">{include="page.header"}</div>
<div class="daily">
<div class="dailyAbout">
All links of one day<br>in a single page.<br>
{if="$previousday"} <a href="?do=daily&amp;day={$previousday}"><b>&lt;</b>Previous day</a>{else}<b>&lt;</b>Previous day{/if}
-
{if="$nextday"}<a href="?do=daily&amp;day={$nextday}">Next day<b>&gt;</b></a>{else}Next day<b>&gt;</b>{/if}
<br><br>
<a href="?do=dailyrss" title="1 RSS entry per day"><img src="images/feed-icon-14x14.png#" alt="rss_feed">Daily RSS Feed</a>
</div>
<div class="dailyTitle"><img src="../images/floral_left.png" width="51" height="50" class="nomobile" alt="floral_left"> The Daily Shaarli <img src="../images/floral_right.png" width="51" height="50" class="nomobile" alt="floral_right"></div>
<div class="dailyDate"><span class="nomobile">&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;</span> {function="strftime('%A %d, %B %Y', $day)"} <span class="nomobile">&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;&mdash;</span></div>
<div class="clear"></div>
{if="$linksToDisplay"}
{loop="cols"}
{if="isset($value[0])"}
<div id="daily_col{$counter+1}">
{loop="value"}
{$link=$value}
<div class="dailyEntry">
<div class="dailyEntryPermalink">
<a href="?{$link.linkdate|smallHash}">
<img src="../images/squiggle2.png" width="25" height="26" title="permalink" alt="permalink">
</a>
</div>
{if="!$GLOBALS['config']['HIDE_TIMESTAMPS'] || isLoggedIn()"}
<div class="dailyEntryLinkdate">
<a href="?{$link.linkdate|smallHash}">{function="strftime('%c', $link.timestamp)"}</a>
</div>
{/if}
{if="$link.tags"}
<div class="dailyEntryTags">
{loop="link.taglist"}
{$value} -
{/loop}
</div>
{/if}
<div class="dailyEntryTitle">
<a href="{$link.url}">{$link.title}</a>
</div>
{if="$link.thumbnail"}
<div class="dailyEntryThumbnail">{$link.thumbnail}</div>
{/if}
<div class="dailyEntryDescription">{$link.formatedDescription}</div>
</div>
{/loop}
</div>
{/if}
{/loop}
{else}
<div class="dailyNoEntry">No articles on this day.</div>
{/if}
<div id="closing"><img src="../images/squiggle_closing.png" width="66" height="61" alt="-"></div>
</div>
{include="page.footer"}
</body>
</html>