standardebooks/web
1
0
Fork 0
mirror of https://github.com/standardebooks/web.git synced 2025-07-12 17:42:29 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Rename some Formatter functions for clarity

Browse source
This commit is contained in:
Alex Cabal 2024-01-17 16:04:30 -06:00
parent 5ef6d3aef8
commit f7ff76bf7d
39 changed files with 194 additions and 194 deletions
Download patch file Download diff file Expand all files Collapse all files

20
lib/Ebook.php
View file

@ -489,7 +489,7 @@ class Ebook{
$this->AuthorsHtml = $this->GenerateContributorList($this->Authors, true);
// Now the complete title with credits.
$this->TitleWithCreditsHtml = Formatter::ToPlainText($this->Title) . ', by ' . str_replace('&', '&', $this->AuthorsHtml . $titleContributors);
$this->TitleWithCreditsHtml = Formatter::EscapeHtml($this->Title) . ', by ' . str_replace('&', '&', $this->AuthorsHtml . $titleContributors);
}
@ -671,30 +671,30 @@ class Ebook{
if($contributor->WikipediaUrl){
if($includeRdfa){
$string .= '<a property="' . $role . '" typeof="schema:Person" href="' . Formatter::ToPlainText($contributor->WikipediaUrl) .'"><span property="schema:name">' . Formatter::ToPlainText($contributor->Name) . '</span>';
$string .= '<a property="' . $role . '" typeof="schema:Person" href="' . Formatter::EscapeHtml($contributor->WikipediaUrl) .'"><span property="schema:name">' . Formatter::EscapeHtml($contributor->Name) . '</span>';
if($contributor->NacoafUrl){
$string .= '<meta property="schema:sameAs" content="' . Formatter::ToPlainText($contributor->NacoafUrl) . '"/>';
$string .= '<meta property="schema:sameAs" content="' . Formatter::EscapeHtml($contributor->NacoafUrl) . '"/>';
}
}
else{
$string .= '<a href="' . Formatter::ToPlainText($contributor->WikipediaUrl) .'">' . Formatter::ToPlainText($contributor->Name);
$string .= '<a href="' . Formatter::EscapeHtml($contributor->WikipediaUrl) .'">' . Formatter::EscapeHtml($contributor->Name);
}
$string .= '</a>';
}
else{
if($includeRdfa){
$string .= '<span property="' . $role . '" typeof="schema:Person"><span property="schema:name">' . Formatter::ToPlainText($contributor->Name) . '</span>';
$string .= '<span property="' . $role . '" typeof="schema:Person"><span property="schema:name">' . Formatter::EscapeHtml($contributor->Name) . '</span>';
if($contributor->NacoafUrl){
$string .= '<meta property="schema:sameAs" content="' . Formatter::ToPlainText($contributor->NacoafUrl) . '"/>';
$string .= '<meta property="schema:sameAs" content="' . Formatter::EscapeHtml($contributor->NacoafUrl) . '"/>';
}
$string .= '</span>';
}
else{
$string .= Formatter::ToPlainText($contributor->Name);
$string .= Formatter::EscapeHtml($contributor->Name);
}
}
@ -736,14 +736,14 @@ class Ebook{
$string .= '<div property="' . $role . '" typeof="schema:Person">' . "\n";
}
$string .= '<meta property="schema:name" content="' . Formatter::ToPlainText($contributor->Name) . '"/>' . "\n";
$string .= '<meta property="schema:name" content="' . Formatter::EscapeHtml($contributor->Name) . '"/>' . "\n";
if($contributor->WikipediaUrl){
$string .= '<meta property="schema:sameAs" content="' . Formatter::ToPlainText($contributor->WikipediaUrl) . '"/>' . "\n";
$string .= '<meta property="schema:sameAs" content="' . Formatter::EscapeHtml($contributor->WikipediaUrl) . '"/>' . "\n";
}
if($contributor->NacoafUrl){
$string .= '<meta property="schema:sameAs" content="' . Formatter::ToPlainText($contributor->NacoafUrl) . '"/>' . "\n";
$string .= '<meta property="schema:sameAs" content="' . Formatter::EscapeHtml($contributor->NacoafUrl) . '"/>' . "\n";
}
$string .= '</div>';

4
lib/Formatter.php
View file

@ -32,11 +32,11 @@ class Formatter{
return $text;
}
public static function ToPlainText(?string $text): string{
public static function EscapeHtml(?string $text): string{
return htmlspecialchars(trim($text ?? ''), ENT_QUOTES, 'utf-8');
}
public static function ToPlainXmlText(?string $text): string{
public static function EscapeXml(?string $text): string{
return htmlspecialchars(trim($text ?? ''), ENT_QUOTES|ENT_XML1, 'utf-8');
}

30
templates/ArtworkForm.php
View file

@ -20,9 +20,9 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
<span>For existing artists, leave the year of death blank.</span>
<datalist id="artist-names">
<? foreach(Library::GetAllArtists() as $artist){ ?>
<option value="<?= Formatter::ToPlainText($artist->Name) ?>"><?= Formatter::ToPlainText($artist->Name) ?>, d. <? if($artist->DeathYear !== null){ ?><?= $artist->DeathYear ?><? }else{ ?>unknown<? } ?></option>
<option value="<?= Formatter::EscapeHtml($artist->Name) ?>"><?= Formatter::EscapeHtml($artist->Name) ?>, d. <? if($artist->DeathYear !== null){ ?><?= $artist->DeathYear ?><? }else{ ?>unknown<? } ?></option>
<? foreach($artist->AlternateSpellings as $alternateSpelling){ ?>
<option value="<?= Formatter::ToPlainText($alternateSpelling) ?>"><?= Formatter::ToPlainText($alternateSpelling) ?>, d. <? if($artist->DeathYear !== null){ ?><?= Formatter::ToPlainText($artist->DeathYear) ?><? }else{ ?>unknown<? } ?></option>
<option value="<?= Formatter::EscapeHtml($alternateSpelling) ?>"><?= Formatter::EscapeHtml($alternateSpelling) ?>, d. <? if($artist->DeathYear !== null){ ?><?= Formatter::EscapeHtml($artist->DeathYear) ?><? }else{ ?>unknown<? } ?></option>
<? } ?>
<? } ?>
</datalist>
@ -32,7 +32,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
list="artist-names"
required="required"
autocomplete="off"
value="<?= Formatter::ToPlainText($artwork->Artist->Name) ?>"
value="<?= Formatter::EscapeHtml($artwork->Artist->Name) ?>"
/>
</label>
<label>
@ -44,7 +44,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
name="artist-year-of-death"
inputmode="numeric"
pattern="[0-9]+"
value="<?= Formatter::ToPlainText($artwork->Artist->DeathYear) ?>"
value="<?= Formatter::EscapeHtml($artwork->Artist->DeathYear) ?>"
/>
</label>
</fieldset>
@ -53,7 +53,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
<label>
Name
<input type="text" name="artwork-name" required="required"
value="<?= Formatter::ToPlainText($artwork->Name) ?>"/>
value="<?= Formatter::EscapeHtml($artwork->Name) ?>"/>
</label>
<fieldset>
<label>
@ -63,7 +63,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
name="artwork-year"
inputmode="numeric"
pattern="[0-9]+"
value="<?= Formatter::ToPlainText($artwork->CompletedYear) ?>"
value="<?= Formatter::EscapeHtml($artwork->CompletedYear) ?>"
/>
</label>
<label>
@ -82,7 +82,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
name="artwork-tags"
required="required"
autocomplete="off"
value="<?= Formatter::ToPlainText($artwork->ImplodeTags()) ?>"
value="<?= Formatter::EscapeHtml($artwork->ImplodeTags()) ?>"
/>
</label>
<label>
@ -107,7 +107,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
type="url"
name="artwork-museum-url"
autocomplete="off"
value="<?= Formatter::ToPlainText($artwork->MuseumUrl) ?>"
value="<?= Formatter::EscapeHtml($artwork->MuseumUrl) ?>"
/>
</label>
</fieldset>
@ -129,7 +129,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
name="artwork-publication-year"
inputmode="numeric"
pattern="[0-9]+"
value="<?= Formatter::ToPlainText($artwork->PublicationYear) ?>"
value="<?= Formatter::EscapeHtml($artwork->PublicationYear) ?>"
/>
</label>
<label>
@ -139,7 +139,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
type="url"
name="artwork-publication-year-page-url"
autocomplete="off"
value="<?= Formatter::ToPlainText($artwork->PublicationYearPageUrl) ?>"
value="<?= Formatter::EscapeHtml($artwork->PublicationYearPageUrl) ?>"
/>
</label>
<label>
@ -149,7 +149,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
type="url"
name="artwork-copyright-page-url"
autocomplete="off"
value="<?= Formatter::ToPlainText($artwork->CopyrightPageUrl) ?>"
value="<?= Formatter::EscapeHtml($artwork->CopyrightPageUrl) ?>"
/>
</label>
<label>
@ -159,7 +159,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
type="url"
name="artwork-artwork-page-url"
autocomplete="off"
value="<?= Formatter::ToPlainText($artwork->ArtworkPageUrl) ?>"
value="<?= Formatter::EscapeHtml($artwork->ArtworkPageUrl) ?>"
/>
</label>
</fieldset>
@ -168,7 +168,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
<label>
<span>Public domain status exception reason</span>
<span>Markdown accepted.</span>
<textarea maxlength="1024" name="artwork-exception"><?= Formatter::ToPlainText($artwork->Exception) ?></textarea>
<textarea maxlength="1024" name="artwork-exception"><?= Formatter::EscapeHtml($artwork->Exception) ?></textarea>
</label>
</fieldset>
</fieldset>
@ -177,7 +177,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
<label>
<span>Special notes</span>
<span>Any notes to remember about this artwork. Markdown accepted.</span>
<textarea maxlength="1024" name="artwork-notes"><?= Formatter::ToPlainText($artwork->Notes) ?></textarea>
<textarea maxlength="1024" name="artwork-notes"><?= Formatter::EscapeHtml($artwork->Notes) ?></textarea>
</label>
</fieldset>
<? if($artwork->CanStatusBeChangedBy($GLOBALS['User'] ?? null) || $artwork->CanEbookWwwFilesysemPathBeChangedBy($GLOBALS['User'] ?? null)){ ?>
@ -199,7 +199,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
<label>
<span>In use by</span>
<span>Ebook file system slug, like <code>c-s-lewis_poetry</code>. If not in use, leave this blank.</span>
<input type="text" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::ToPlainText($artwork->EbookWwwFilesystemPath) ?>"/>
<input type="text" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::EscapeHtml($artwork->EbookWwwFilesystemPath) ?>"/>
</label>
<? } ?>
</fieldset>

2
templates/ArtworkStatus.php
View file

@ -5,5 +5,5 @@ $artwork = $artwork ?? null;
<? if($artwork->Status == ArtworkStatus::Approved){ ?>Approved<? } ?>
<? if($artwork->Status == ArtworkStatus::Declined){ ?>Declined<? } ?>
<? if($artwork->Status == ArtworkStatus::Unverified){ ?>Unverified<? } ?>
<? if($artwork->EbookWwwFilesystemPath !== null){ ?> — in use<? if($artwork->EbookWwwFilesystemPath !== null){ ?> by <? if($artwork->Ebook !== null && $artwork->Ebook->Url !== null){ ?><i><a href="<?= $artwork->Ebook->Url ?>"><?= Formatter::ToPlainText($artwork->Ebook->Title) ?></a></i><? }else{ ?><code><?= Formatter::ToPlainText($artwork->EbookWwwFilesystemPath) ?></code> (unreleased)<? } ?><? } ?><? } ?>
<? if($artwork->EbookWwwFilesystemPath !== null){ ?> — in use<? if($artwork->EbookWwwFilesystemPath !== null){ ?> by <? if($artwork->Ebook !== null && $artwork->Ebook->Url !== null){ ?><i><a href="<?= $artwork->Ebook->Url ?>"><?= Formatter::EscapeHtml($artwork->Ebook->Title) ?></a></i><? }else{ ?><code><?= Formatter::EscapeHtml($artwork->EbookWwwFilesystemPath) ?></code> (unreleased)<? } ?><? } ?><? } ?>
<? } ?>

8
templates/AtomFeed.php
View file

@ -7,10 +7,10 @@ $subtitle = $subtitle ?? null;
print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
?>
<feed xmlns="http://www.w3.org/2005/Atom" xmlns:media="http://search.yahoo.com/mrss/">
<id><?= SITE_URL . Formatter::ToPlainXmlText($id) ?></id>
<link href="<?= SITE_URL . Formatter::ToPlainXmlText($url) ?>" rel="self" type="application/atom+xml"/>
<title><?= Formatter::ToPlainXmlText($title) ?></title>
<? if($subtitle !== null){ ?><subtitle><?= Formatter::ToPlainXmlText($subtitle) ?></subtitle><? } ?>
<id><?= SITE_URL . Formatter::EscapeXml($id) ?></id>
<link href="<?= SITE_URL . Formatter::EscapeXml($url) ?>" rel="self" type="application/atom+xml"/>
<title><?= Formatter::EscapeXml($title) ?></title>
<? if($subtitle !== null){ ?><subtitle><?= Formatter::EscapeXml($subtitle) ?></subtitle><? } ?>
<icon><?= SITE_URL ?>/images/logo.png</icon>
<updated><?= $updated->format('Y-m-d\TH:i:s\Z') ?></updated>
<author>

14
templates/AtomFeedEntry.php
View file

@ -1,22 +1,22 @@
<entry>
<id><?= SITE_URL . $entry->Url ?></id>
<title><?= Formatter::ToPlainXmlText($entry->Title) ?></title>
<title><?= Formatter::EscapeXml($entry->Title) ?></title>
<? foreach($entry->Authors as $author){ ?>
<author>
<name><?= Formatter::ToPlainXmlText($author->Name) ?></name>
<uri><?= SITE_URL . Formatter::ToPlainXmlText($entry->AuthorsUrl) ?></uri>
<name><?= Formatter::EscapeXml($author->Name) ?></name>
<uri><?= SITE_URL . Formatter::EscapeXml($entry->AuthorsUrl) ?></uri>
</author>
<? } ?>
<published><?= $entry->Created->format('Y-m-d\TH:i:s\Z') ?></published>
<updated><?= $entry->Updated->format('Y-m-d\TH:i:s\Z') ?></updated>
<rights>Public domain in the United States. Users located outside of the United States must check their local laws before using this ebook. Original content released to the public domain via the Creative Commons CC0 1.0 Universal Public Domain Dedication.</rights>
<summary type="text"><?= Formatter::ToPlainXmlText($entry->Description) ?></summary>
<content type="html"><?= Formatter::ToPlainXmlText($entry->LongDescription) ?></content>
<summary type="text"><?= Formatter::EscapeXml($entry->Description) ?></summary>
<content type="html"><?= Formatter::EscapeXml($entry->LongDescription) ?></content>
<? foreach($entry->LocTags as $subject){ ?>
<category scheme="http://purl.org/dc/terms/LCSH" term="<?= Formatter::ToPlainXmlText($subject) ?>"/>
<category scheme="http://purl.org/dc/terms/LCSH" term="<?= Formatter::EscapeXml($subject) ?>"/>
<? } ?>
<? foreach($entry->Tags as $subject){ ?>
<category scheme="https://standardebooks.org/vocab/subjects" term="<?= Formatter::ToPlainXmlText($subject->Name) ?>"/>
<category scheme="https://standardebooks.org/vocab/subjects" term="<?= Formatter::EscapeXml($subject->Name) ?>"/>
<? } ?>
<media:thumbnail url="<?= SITE_URL . $entry->Url ?>/downloads/cover-thumbnail.jpg" height="525" width="350"/>
<link href="<?= SITE_URL . $entry->Url ?>" rel="alternate" title="This ebooks page at Standard Ebooks" type="application/xhtml+xml"/>

8
templates/BulkDownloadTable.php
View file

@ -11,13 +11,13 @@
<tbody>
<? foreach($collections as $collection){ ?>
<tr>
<td class="row-header"><a href="<?= $collection->Url ?>"><?= Formatter::ToPlainText($collection->Label) ?></a></td>
<td class="number"><?= Formatter::ToPlainText(number_format($collection->EbookCount)) ?></td>
<td class="number"><?= Formatter::ToPlainText($collection->UpdatedString) ?></td>
<td class="row-header"><a href="<?= $collection->Url ?>"><?= Formatter::EscapeHtml($collection->Label) ?></a></td>
<td class="number"><?= Formatter::EscapeHtml(number_format($collection->EbookCount)) ?></td>
<td class="number"><?= Formatter::EscapeHtml($collection->UpdatedString) ?></td>
<? foreach($collection->ZipFiles as $item){ ?>
<td class="download"><a href="<?= $item->Url ?>"><?= $item->Type ?></a></td>
<td>(<?= Formatter::ToPlainText($item->Size) ?>)</td>
<td>(<?= Formatter::EscapeHtml($item->Size) ?>)</td>
<? } ?>
</tr>
<? } ?>

12
templates/EbookGrid.php
View file

@ -9,7 +9,7 @@ $ebooks = $ebooks ?? [];
?>
<ol class="ebooks-list<? if($view == VIEW_LIST){ ?> list<? }else{ ?> grid<? } ?>"<? if($collection !== null){ ?> typeof="schema:BookSeries" about="<?= $collection->Url ?>"<? } ?>>
<? if($collection !== null){ ?>
<meta property="schema:name" content="<?= Formatter::ToPlainText($collection->Name) ?>"/>
<meta property="schema:name" content="<?= Formatter::EscapeHtml($collection->Name) ?>"/>
<? } ?>
<? foreach($ebooks as $ebook){ ?>
<li typeof="schema:Book"<? if($collection !== null){ ?> resource="<?= $ebook->Url ?>" property="schema:hasPart"<? if($ebook->GetCollectionPosition($collection) !== null){ ?> value="<?= $ebook->GetCollectionPosition($collection) ?>"<? } ?><? }else{ ?> about="<?= $ebook->Url ?>"<? } ?>>
@ -21,19 +21,19 @@ $ebooks = $ebooks ?? [];
<picture>
<? if($ebook->CoverImage2xAvifUrl !== null){ ?><source srcset="<?= $ebook->CoverImage2xAvifUrl ?> 2x, <?= $ebook->CoverImageAvifUrl ?> 1x" type="image/avif"/><? } ?>
<source srcset="<?= $ebook->CoverImage2xUrl ?> 2x, <?= $ebook->CoverImageUrl ?> 1x" type="image/jpg"/>
<img src="<?= $ebook->CoverImage2xUrl ?>" alt="The cover for the Standard Ebooks edition of <?= Formatter::ToPlainText(strip_tags($ebook->TitleWithCreditsHtml)) ?>" property="schema:image" height="335" width="224"/>
<img src="<?= $ebook->CoverImage2xUrl ?>" alt="The cover for the Standard Ebooks edition of <?= Formatter::EscapeHtml(strip_tags($ebook->TitleWithCreditsHtml)) ?>" property="schema:image" height="335" width="224"/>
</picture>
</a>
</div>
<p><a href="<?= $ebook->Url ?>" property="schema:url"><span property="schema:name"><?= Formatter::ToPlainText($ebook->Title) ?></span></a></p>
<p><a href="<?= $ebook->Url ?>" property="schema:url"><span property="schema:name"><?= Formatter::EscapeHtml($ebook->Title) ?></span></a></p>
<? if($view == VIEW_GRID){ ?>
<? foreach($ebook->Authors as $author){ ?>
<p class="author" typeof="schema:Person" property="schema:author" resource="<?= $ebook->AuthorsUrl ?>"><? if($author->Name != 'Anonymous'){ ?><a href="<?= Formatter::ToPlainText(SITE_URL . $ebook->AuthorsUrl) ?>" property="schema:url"><span property="schema:name"><?= Formatter::ToPlainText($author->Name) ?></span></a><? } ?></p>
<p class="author" typeof="schema:Person" property="schema:author" resource="<?= $ebook->AuthorsUrl ?>"><? if($author->Name != 'Anonymous'){ ?><a href="<?= Formatter::EscapeHtml(SITE_URL . $ebook->AuthorsUrl) ?>" property="schema:url"><span property="schema:name"><?= Formatter::EscapeHtml($author->Name) ?></span></a><? } ?></p>
<? } ?>
<? }else{ ?>
<div>
<? foreach($ebook->Authors as $author){ ?>
<p class="author"><? if($author->Name != 'Anonymous'){ ?><a href="<?= Formatter::ToPlainText($ebook->AuthorsUrl) ?>"><?= Formatter::ToPlainText($author->Name) ?></a><? } ?></p>
<p class="author"><? if($author->Name != 'Anonymous'){ ?><a href="<?= Formatter::EscapeHtml($ebook->AuthorsUrl) ?>"><?= Formatter::EscapeHtml($author->Name) ?></a><? } ?></p>
<? } ?>
</div>
<div class="details">
@ -43,7 +43,7 @@ $ebooks = $ebooks ?? [];
</div>
<? } ?>
<p><?= number_format($ebook->WordCount) ?> words • <?= $ebook->ReadingEase ?> reading ease</p>
<ul class="tags"><? foreach($ebook->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::ToPlainText($tag->Name) ?></a></li><? } ?></ul>
<ul class="tags"><? foreach($ebook->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::EscapeHtml($tag->Name) ?></a></li><? } ?></ul>
</div>
<? } ?>
</li>

8
templates/EmailAdminNewPatron.php
View file

@ -17,7 +17,7 @@
<tbody>
<tr>
<td>Name:</td>
<td><? if($patron->User->Name === null){ ?>Anonymous <? }else{ ?><?= Formatter::ToPlainText($patron->User->Name) ?><? if($patron->IsAnonymous){ ?> (Anonymous)<? } ?><? } ?></td>
<td><? if($patron->User->Name === null){ ?>Anonymous <? }else{ ?><?= Formatter::EscapeHtml($patron->User->Name) ?><? if($patron->IsAnonymous){ ?> (Anonymous)<? } ?><? } ?></td>
</tr>
<tr>
<td>Donation type:</td>
@ -25,15 +25,15 @@
</tr>
<tr>
<td>Donation amount:</td>
<td><?= Formatter::ToPlainText(number_format($payment->Amount, 2)) ?></td>
<td><?= Formatter::EscapeHtml(number_format($payment->Amount, 2)) ?></td>
</tr>
<tr>
<td>Donation fee:</td>
<td><?= Formatter::ToPlainText(number_format($payment->Fee, 2)) ?></td>
<td><?= Formatter::EscapeHtml(number_format($payment->Fee, 2)) ?></td>
</tr>
<tr>
<td>Transaction ID:</td>
<td><a href="https://fundraising.fracturedatlas.org/admin/donations?query=<?= urlencode($payment->TransactionId) ?>"><?= Formatter::ToPlainText($payment->TransactionId) ?></a></td>
<td><a href="https://fundraising.fracturedatlas.org/admin/donations?query=<?= urlencode($payment->TransactionId) ?>"><?= Formatter::EscapeHtml($payment->TransactionId) ?></a></td>
</tr>
</tbody>
</table>

8
templates/EmailAdminNewPatronText.php
View file

@ -1,9 +1,9 @@
Name: <? if($patron->User->Name === null){ ?>Anonymous <? }else{ ?><?= Formatter::ToPlainText($patron->User->Name) ?><? if($patron->IsAnonymous){ ?> (Anonymous)<? } ?><? } ?>
Name: <? if($patron->User->Name === null){ ?>Anonymous <? }else{ ?><?= Formatter::EscapeHtml($patron->User->Name) ?><? if($patron->IsAnonymous){ ?> (Anonymous)<? } ?><? } ?>
Donation type: <? if($payment->IsRecurring){ ?>Recurring<? }else{ ?>One-time<? } ?>
Donation amount: <?= Formatter::ToPlainText(number_format($payment->Amount, 2)) ?>
Donation amount: <?= Formatter::EscapeHtml(number_format($payment->Amount, 2)) ?>
Donation fee: <?= Formatter::ToPlainText(number_format($payment->Fee, 2)) ?>
Donation fee: <?= Formatter::EscapeHtml(number_format($payment->Fee, 2)) ?>
Transaction ID: <?= Formatter::ToPlainText($payment->TransactionId) ?>
Transaction ID: <?= Formatter::EscapeHtml($payment->TransactionId) ?>

2
templates/EmailHeader.php
View file

@ -191,4 +191,4 @@ $letterhead = $letterhead ?? false;
</head>
<body>
<div class="body<? if($letterhead){ ?> letterhead<? } ?>">
<? if($preheader){ ?><p class="preheader"><?= Formatter::ToPlainText($preheader) ?><? for($i = 0; $i < 150 - strlen($preheader); $i++){ ?>&zwnj;&nbsp;<? } ?></p><? } ?>
<? if($preheader){ ?><p class="preheader"><?= Formatter::EscapeHtml($preheader) ?><? for($i = 0; $i < 150 - strlen($preheader); $i++){ ?>&zwnj;&nbsp;<? } ?></p><? } ?>

2
templates/Error.php
View file

@ -16,7 +16,7 @@ else{
<ul class="message error">
<? foreach($exceptions as $ex){ ?>
<li>
<p><? $message = $ex->getMessage(); if($message == ''){ $message = 'An error occurred.'; } ?><?= str_replace('CAPTCHA', '<abbr class="acronym">CAPTCHA</abbr>', Formatter::ToPlainText($message)) ?></p>
<p><? $message = $ex->getMessage(); if($message == ''){ $message = 'An error occurred.'; } ?><?= str_replace('CAPTCHA', '<abbr class="acronym">CAPTCHA</abbr>', Formatter::EscapeHtml($message)) ?></p>
</li>
<? } ?>
</ul>

12
templates/Header.php
View file

@ -29,8 +29,8 @@ if(!$isXslt){
<html xmlns="http://www.w3.org/1999/xhtml" lang="en-US">
<head prefix="twitter: https://twitter.com/ schema: http://schema.org/"><? /* The `og` RDFa prefix is part of the RDFa spec */ ?>
<meta charset="utf-8"/>
<title><? if($title != ''){ ?><?= Formatter::ToPlainText($title) ?> - <? } ?>Standard Ebooks: Free and liberated ebooks, carefully produced for the true book lover.</title>
<? if($description != ''){ ?><meta content="<?= Formatter::ToPlainText($description) ?>" name="description"/><? } ?>
<title><? if($title != ''){ ?><?= Formatter::EscapeHtml($title) ?> - <? } ?>Standard Ebooks: Free and liberated ebooks, carefully produced for the true book lover.</title>
<? if($description != ''){ ?><meta content="<?= Formatter::EscapeHtml($description) ?>" name="description"/><? } ?>
<meta content="width=device-width, initial-scale=1" name="viewport"/>
<link rel="preload" as="font" href="/fonts/crimson-pro.woff2" type="font/woff2" crossorigin="anonymous"/> <? /* Fonts require the crossorigin attribute */ ?>
<link rel="preload" as="font" href="/fonts/league-spartan-bold.woff2" type="font/woff2" crossorigin="anonymous"/>
@ -65,15 +65,15 @@ if(!$isXslt){
<link rel="alternate" type="application/atom+xml;profile=opds-catalog;kind=acquisition" title="Standard Ebooks - New Releases" href="https://standardebooks.org/feeds/opds/new-releases"/>
<link rel="alternate" type="application/rss+xml" title="Standard Ebooks - New Releases" href="https://standardebooks.org/feeds/rss/new-releases"/>
<? }else{ ?>
<link rel="alternate" type="application/atom+xml" title="<?= Formatter::ToPlainText($feedTitle) ?>" href="/feeds/atom<?= $feedUrl ?>"/>
<link rel="alternate" type="application/atom+xml;profile=opds-catalog;kind=acquisition" title="<?= Formatter::ToPlainText($feedTitle) ?>" href="/feeds/opds<?= $feedUrl ?>"/>
<link rel="alternate" type="application/rss+xml" title="<?= Formatter::ToPlainText($feedTitle) ?>" href="/feeds/rss<?= $feedUrl ?>"/>
<link rel="alternate" type="application/atom+xml" title="<?= Formatter::EscapeHtml($feedTitle) ?>" href="/feeds/atom<?= $feedUrl ?>"/>
<link rel="alternate" type="application/atom+xml;profile=opds-catalog;kind=acquisition" title="<?= Formatter::EscapeHtml($feedTitle) ?>" href="/feeds/opds<?= $feedUrl ?>"/>
<link rel="alternate" type="application/rss+xml" title="<?= Formatter::EscapeHtml($feedTitle) ?>" href="/feeds/rss<?= $feedUrl ?>"/>
<? } ?>
<link rel="search" href="/ebooks" type="application/xhtml+xml; charset=utf-8"/>
<link rel="search" href="/ebooks/opensearch" type="application/opensearchdescription+xml; charset=utf-8"/>
<? if(!$isErrorPage){ ?>
<meta content="#394451" name="theme-color"/>
<meta content="<? if($title != ''){ ?><?= Formatter::ToPlainText($title) ?><? }else{ ?>Standard Ebooks<? } ?>" property="og:title"/>
<meta content="<? if($title != ''){ ?><?= Formatter::EscapeHtml($title) ?><? }else{ ?>Standard Ebooks<? } ?>" property="og:title"/>
<meta content="<?= $ogType ?? 'website' ?>" property="og:type"/>
<meta content="<?= SITE_URL . str_replace(SITE_URL, '', ($_SERVER['ORIG_PATH_INFO'] ?? $_SERVER['SCRIPT_URI'] ?? '')) ?>" property="og:url"/>
<meta content="<?= SITE_URL . ($coverUrl ?? '/images/logo.png') ?>" property="og:image"/>

24
templates/OpdsAcquisitionEntry.php
View file

@ -1,29 +1,29 @@
<entry>
<id><?= SITE_URL . $entry->Url ?></id>
<dc:identifier><?= Formatter::ToPlainXmlText($entry->Identifier) ?></dc:identifier>
<title><?= Formatter::ToPlainXmlText($entry->Title) ?></title>
<dc:identifier><?= Formatter::EscapeXml($entry->Identifier) ?></dc:identifier>
<title><?= Formatter::EscapeXml($entry->Title) ?></title>
<? foreach($entry->Authors as $author){ ?>
<author>
<name><?= Formatter::ToPlainXmlText($author->Name) ?></name>
<uri><?= SITE_URL . Formatter::ToPlainXmlText($entry->AuthorsUrl) ?></uri>
<? if($author->FullName !== null){ ?><schema:alternateName><?= Formatter::ToPlainXmlText($author->FullName) ?></schema:alternateName><? } ?>
<? if($author->WikipediaUrl !== null){ ?><schema:sameAs><?= Formatter::ToPlainXmlText($author->WikipediaUrl) ?></schema:sameAs><? } ?>
<? if($author->NacoafUrl !== null){ ?><schema:sameAs><?= Formatter::ToPlainXmlText($author->NacoafUrl) ?></schema:sameAs><? } ?>
<name><?= Formatter::EscapeXml($author->Name) ?></name>
<uri><?= SITE_URL . Formatter::EscapeXml($entry->AuthorsUrl) ?></uri>
<? if($author->FullName !== null){ ?><schema:alternateName><?= Formatter::EscapeXml($author->FullName) ?></schema:alternateName><? } ?>
<? if($author->WikipediaUrl !== null){ ?><schema:sameAs><?= Formatter::EscapeXml($author->WikipediaUrl) ?></schema:sameAs><? } ?>
<? if($author->NacoafUrl !== null){ ?><schema:sameAs><?= Formatter::EscapeXml($author->NacoafUrl) ?></schema:sameAs><? } ?>
</author>
<? } ?>
<published><?= $entry->Created->format('Y-m-d\TH:i:s\Z') ?></published>
<dc:issued><?= $entry->Created->format('Y-m-d\TH:i:s\Z') ?></dc:issued>
<updated><?= $entry->Updated->format('Y-m-d\TH:i:s\Z') ?></updated>
<dc:language><?= Formatter::ToPlainXmlText($entry->Language) ?></dc:language>
<dc:language><?= Formatter::EscapeXml($entry->Language) ?></dc:language>
<dc:publisher>Standard Ebooks</dc:publisher>
<rights>Public domain in the United States. Users located outside of the United States must check their local laws before using this ebook. Original content released to the public domain via the Creative Commons CC0 1.0 Universal Public Domain Dedication.</rights>
<summary type="text"><?= Formatter::ToPlainXmlText($entry->Description) ?></summary>
<content type="html"><?= Formatter::ToPlainXmlText($entry->LongDescription) ?></content>
<summary type="text"><?= Formatter::EscapeXml($entry->Description) ?></summary>
<content type="html"><?= Formatter::EscapeXml($entry->LongDescription) ?></content>
<? foreach($entry->LocTags as $subject){ ?>
<category scheme="http://purl.org/dc/terms/LCSH" term="<?= Formatter::ToPlainXmlText($subject) ?>"/>
<category scheme="http://purl.org/dc/terms/LCSH" term="<?= Formatter::EscapeXml($subject) ?>"/>
<? } ?>
<? foreach($entry->Tags as $subject){ ?>
<category scheme="https://standardebooks.org/vocab/subjects" term="<?= Formatter::ToPlainXmlText($subject->Name) ?>"/>
<category scheme="https://standardebooks.org/vocab/subjects" term="<?= Formatter::EscapeXml($subject->Name) ?>"/>
<? } ?>
<link href="<?= SITE_URL . $entry->Url ?>/downloads/cover.jpg" rel="http://opds-spec.org/image" type="image/jpeg"/>
<link href="<?= SITE_URL . $entry->Url ?>/downloads/cover-thumbnail.jpg" rel="http://opds-spec.org/image/thumbnail" type="image/jpeg"/>

10
templates/OpdsAcquisitionFeed.php
View file

@ -17,14 +17,14 @@ $subtitle = $subtitle ?? null;
print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
?>
<feed xmlns="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/terms/" xmlns:schema="http://schema.org/"<? if($isCrawlable){ ?> xmlns:fh="http://purl.org/syndication/history/1.0"<? } ?>>
<id><?= SITE_URL . Formatter::ToPlainXmlText($id) ?></id>
<link href="<?= SITE_URL . Formatter::ToPlainXmlText($url) ?>" rel="self" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
<id><?= SITE_URL . Formatter::EscapeXml($id) ?></id>
<link href="<?= SITE_URL . Formatter::EscapeXml($url) ?>" rel="self" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
<link href="<?= SITE_URL ?>/feeds/opds" rel="start" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
<link href="<?= SITE_URL ?><?= Formatter::ToPlainXmlText($parentUrl) ?>" rel="up" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
<link href="<?= SITE_URL ?><?= Formatter::EscapeXml($parentUrl) ?>" rel="up" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
<link href="<?= SITE_URL ?>/feeds/opds/all" rel="http://opds-spec.org/crawlable" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
<link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml; charset=utf-8"/>
<title><?= Formatter::ToPlainXmlText($title) ?></title>
<? if($subtitle !== null){ ?><subtitle><?= Formatter::ToPlainXmlText($subtitle) ?></subtitle><? } ?>
<title><?= Formatter::EscapeXml($title) ?></title>
<? if($subtitle !== null){ ?><subtitle><?= Formatter::EscapeXml($subtitle) ?></subtitle><? } ?>
<icon><?= SITE_URL ?>/images/logo.png</icon>
<updated><?= $updated->format('Y-m-d\TH:i:s\Z') ?></updated>
<? if($isCrawlable){ ?><fh:complete/><? } ?>

18
templates/OpdsNavigationFeed.php
View file

@ -8,14 +8,14 @@ $subtitle = $subtitle ?? null;
print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
?>
<feed xmlns="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/terms/">
<id><?= SITE_URL . Formatter::ToPlainXmlText($id) ?></id>
<link href="<?= SITE_URL . Formatter::ToPlainXmlText($url) ?>" rel="self" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
<id><?= SITE_URL . Formatter::EscapeXml($id) ?></id>
<link href="<?= SITE_URL . Formatter::EscapeXml($url) ?>" rel="self" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
<link href="<?= SITE_URL ?>/feeds/opds" rel="start" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
<link href="<?= SITE_URL ?>/feeds/opds/all" rel="http://opds-spec.org/crawlable" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
<link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml; charset=utf-8"/>
<? if($parentUrl !== null){ ?><link href="<?= SITE_URL ?><?= Formatter::ToPlainXmlText($parentUrl) ?>" rel="up" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/><? } ?>
<title><?= Formatter::ToPlainXmlText($title) ?></title>
<? if($subtitle !== null){ ?><subtitle><?= Formatter::ToPlainXmlText($subtitle) ?></subtitle><? } ?>
<? if($parentUrl !== null){ ?><link href="<?= SITE_URL ?><?= Formatter::EscapeXml($parentUrl) ?>" rel="up" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/><? } ?>
<title><?= Formatter::EscapeXml($title) ?></title>
<? if($subtitle !== null){ ?><subtitle><?= Formatter::EscapeXml($subtitle) ?></subtitle><? } ?>
<icon><?= SITE_URL ?>/images/logo.png</icon>
<updated><?= $updated->format('Y-m-d\TH:i:s\Z') ?></updated>
<author>
@ -24,11 +24,11 @@ print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
</author>
<? foreach($entries as $entry){ ?>
<entry>
<title><?= Formatter::ToPlainXmlText($entry->Title) ?></title>
<link href="<?= SITE_URL . Formatter::ToPlainXmlText($entry->Url) ?>" rel="<?= Formatter::ToPlainXmlText($entry->Rel) ?>" type="application/atom+xml;profile=opds-catalog;kind=<?= $entry->Type ?>; charset=utf-8"/>
<title><?= Formatter::EscapeXml($entry->Title) ?></title>
<link href="<?= SITE_URL . Formatter::EscapeXml($entry->Url) ?>" rel="<?= Formatter::EscapeXml($entry->Rel) ?>" type="application/atom+xml;profile=opds-catalog;kind=<?= $entry->Type ?>; charset=utf-8"/>
<updated><? if($entry->Updated !== null){ ?><?= $entry->Updated->format('Y-m-d\TH:i:s\Z') ?><? } ?></updated>
<id><?= Formatter::ToPlainXmlText($entry->Id) ?></id>
<content type="text"><?= Formatter::ToPlainXmlText($entry->Description) ?></content>
<id><?= Formatter::EscapeXml($entry->Id) ?></id>
<content type="text"><?= Formatter::EscapeXml($entry->Description) ?></content>
</entry>
<? } ?>
</feed>

12
templates/RssEntry.php
View file

@ -1,14 +1,14 @@
<item>
<title><?= Formatter::ToPlainXmlText($entry->Title) ?>, by <?= Formatter::ToPlainXmlText(strip_tags($entry->AuthorsHtml)) ?></title>
<link><?= SITE_URL . Formatter::ToPlainXmlText($entry->Url) ?></link>
<description><?= Formatter::ToPlainXmlText($entry->Description) ?></description>
<title><?= Formatter::EscapeXml($entry->Title) ?>, by <?= Formatter::EscapeXml(strip_tags($entry->AuthorsHtml)) ?></title>
<link><?= SITE_URL . Formatter::EscapeXml($entry->Url) ?></link>
<description><?= Formatter::EscapeXml($entry->Description) ?></description>
<pubDate><?= $entry->Created->format('r') ?></pubDate>
<guid><?= Formatter::ToPlainXmlText(preg_replace('/^url:/ius', '', $entry->Identifier)) ?></guid>
<guid><?= Formatter::EscapeXml(preg_replace('/^url:/ius', '', $entry->Identifier)) ?></guid>
<? foreach($entry->Tags as $tag){ ?>
<category domain="https://standardebooks.org/vocab/subjects"><?= Formatter::ToPlainXmlText($tag->Name) ?></category>
<category domain="https://standardebooks.org/vocab/subjects"><?= Formatter::EscapeXml($tag->Name) ?></category>
<? } ?>
<media:thumbnail url="<?= SITE_URL . $entry->Url ?>/downloads/cover-thumbnail.jpg" height="525" width="350"/>
<? if($entry->EpubUrl !== null){ ?>
<enclosure url="<?= SITE_URL . Formatter::ToPlainXmlText($entry->EpubUrl) ?>" length="<?= filesize(WEB_ROOT . $entry->EpubUrl) ?>" type="application/epub+zip" /> <? /* Only one <enclosure> is allowed */ ?>
<enclosure url="<?= SITE_URL . Formatter::EscapeXml($entry->EpubUrl) ?>" length="<?= filesize(WEB_ROOT . $entry->EpubUrl) ?>" type="application/epub+zip" /> <? /* Only one <enclosure> is allowed */ ?>
<? } ?>
</item>

8
templates/RssFeed.php
View file

@ -7,18 +7,18 @@ use Safe\DateTime;
print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:media="http://search.yahoo.com/mrss/">
<channel>
<title><?= Formatter::ToPlainXmlText($title) ?></title>
<title><?= Formatter::EscapeXml($title) ?></title>
<link><?= SITE_URL ?></link>
<description><?= Formatter::ToPlainXmlText($description) ?></description>
<description><?= Formatter::EscapeXml($description) ?></description>
<language>en-US</language>
<copyright>https://creativecommons.org/publicdomain/zero/1.0/</copyright>
<lastBuildDate><?= $updated ?></lastBuildDate>
<docs>http://blogs.law.harvard.edu/tech/rss</docs>
<atom:link href="<?= SITE_URL . Formatter::ToPlainXmlText($url) ?>" rel="self" type="application/rss+xml"/>
<atom:link href="<?= SITE_URL . Formatter::EscapeXml($url) ?>" rel="self" type="application/rss+xml"/>
<atom:link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml" />
<image>
<url><?= SITE_URL ?>/images/logo-rss.png</url>
<title><?= Formatter::ToPlainXmlText($title) ?></title> <? /* must be identical to channel title */ ?>
<title><?= Formatter::EscapeXml($title) ?></title> <? /* must be identical to channel title */ ?>
<description>The Standard Ebooks logo</description>
<link><?= SITE_URL ?></link>
<height>144</height>

4
templates/SearchForm.php
View file

@ -6,12 +6,12 @@ $allSelected = sizeof($tags) == 0 || in_array('all', $tags);
<select <? if(!Template::IsEreaderBrowser()){ ?> multiple="multiple"<? } ?> name="tags[]" size="1">
<option value="all">All</option>
<? foreach(Library::GetTags() as $tag){ ?>
<option value="<?= $tag->UrlName ?>"<? if(!$allSelected && in_array($tag->UrlName, $tags)){ ?> selected="selected"<? } ?>><?= Formatter::ToPlainText($tag->Name) ?></option>
<option value="<?= $tag->UrlName ?>"<? if(!$allSelected && in_array($tag->UrlName, $tags)){ ?> selected="selected"<? } ?>><?= Formatter::EscapeHtml($tag->Name) ?></option>
<? } ?>
</select>
</label>
<label class="search">Keywords
<input type="search" name="query" value="<?= Formatter::ToPlainText($query ?? '') ?>"/>
<input type="search" name="query" value="<?= Formatter::EscapeHtml($query ?? '') ?>"/>
</label>
<label class="select sort">
<span>Sort</span>

2
www/about/index.php
View file

@ -170,7 +170,7 @@ $anonymousPatronCount = Db::QueryInt('
<ol class="donors patrons">
<? foreach($patronsCircle as $patron){ ?>
<li>
<p><?= Formatter::ToPlainText(str_ireplace(['\'', ' and '], ['', ' & '], $patron->SortedName)) ?></p>
<p><?= Formatter::EscapeHtml(str_ireplace(['\'', ' and '], ['', ' & '], $patron->SortedName)) ?></p>
</li>
<? } ?>
<? if($anonymousPatronCount > 0){ ?>

30
www/artworks/get.php
View file

@ -48,7 +48,7 @@ catch(Exceptions\InvalidPermissionsException){
?><?= Template::Header(['title' => $artwork->Name, 'artwork' => true]) ?>
<main class="artworks">
<section class="narrow">
<h1><?= Formatter::ToPlainText($artwork->Name) ?></h1>
<h1><?= Formatter::EscapeHtml($artwork->Name) ?></h1>
<?= Template::Error(['exception' => $exception]) ?>
@ -69,12 +69,12 @@ catch(Exceptions\InvalidPermissionsException){
<table class="artwork-metadata">
<tr>
<td>Title</td>
<td><i><?= Formatter::ToPlainText($artwork->Name) ?></i></td>
<td><i><?= Formatter::EscapeHtml($artwork->Name) ?></i></td>
</tr>
<tr>
<td>Artist</td>
<td>
<?= Formatter::ToPlainText($artwork->Artist->Name) ?><? if(sizeof($artwork->Artist->AlternateSpellings) > 0){ ?> (A.K.A. <span class="author" typeof="schema:Person" property="schema:name"><?= implode('</span>, <span class="author" typeof="schema:Person" property="schema:name">', array_map('Formatter::ToPlainText', $artwork->Artist->AlternateSpellings)) ?></span>)<? } ?><? if($artwork->Artist->DeathYear !== null){ ?> (<abbr>d.</abbr> <?= $artwork->Artist->DeathYear ?>)<? } ?>
<?= Formatter::EscapeHtml($artwork->Artist->Name) ?><? if(sizeof($artwork->Artist->AlternateSpellings) > 0){ ?> (A.K.A. <span class="author" typeof="schema:Person" property="schema:name"><?= implode('</span>, <span class="author" typeof="schema:Person" property="schema:name">', array_map('Formatter::EscapeHtml', $artwork->Artist->AlternateSpellings)) ?></span>)<? } ?><? if($artwork->Artist->DeathYear !== null){ ?> (<abbr>d.</abbr> <?= $artwork->Artist->DeathYear ?>)<? } ?>
</td>
</tr>
<tr>
@ -83,7 +83,7 @@ catch(Exceptions\InvalidPermissionsException){
</tr>
<tr>
<td>Tags</td>
<td><ul class="tags"><? foreach($artwork->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::ToPlainText($tag->Name) ?></a></li><? } ?></ul></td>
<td><ul class="tags"><? foreach($artwork->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::EscapeHtml($tag->Name) ?></a></li><? } ?></ul></td>
</tr>
<tr>
<td>Dimensions</td>
@ -96,12 +96,12 @@ catch(Exceptions\InvalidPermissionsException){
<? if($isAdminView){ ?>
<tr>
<td>Submitted by</td>
<td><? if($artwork->Submitter === null){ ?>Anonymous<? }else{ ?><a href="mailto:<?= Formatter::ToPlainText($artwork->Submitter->Email) ?>"><? if($artwork->Submitter->Name !== null){ ?> <?= Formatter::ToPlainText($artwork->Submitter->Name) ?><? }else{ ?><?= Formatter::ToPlainText($artwork->Submitter->Email) ?><? } ?></a><? } ?></td>
<td><? if($artwork->Submitter === null){ ?>Anonymous<? }else{ ?><a href="mailto:<?= Formatter::EscapeHtml($artwork->Submitter->Email) ?>"><? if($artwork->Submitter->Name !== null){ ?> <?= Formatter::EscapeHtml($artwork->Submitter->Name) ?><? }else{ ?><?= Formatter::EscapeHtml($artwork->Submitter->Email) ?><? } ?></a><? } ?></td>
</tr>
<? if($artwork->Reviewer !== null){ ?>
<tr>
<td>Reviewed by</td>
<td><a href="mailto:<?= Formatter::ToPlainText($artwork->Reviewer->Email) ?>"><? if($artwork->Reviewer->Name !== null){ ?> <?= Formatter::ToPlainText($artwork->Reviewer->Name) ?><? }else{ ?><?= Formatter::ToPlainText($artwork->Reviewer->Email) ?><? } ?></a></td>
<td><a href="mailto:<?= Formatter::EscapeHtml($artwork->Reviewer->Email) ?>"><? if($artwork->Reviewer->Name !== null){ ?> <?= Formatter::EscapeHtml($artwork->Reviewer->Name) ?><? }else{ ?><?= Formatter::EscapeHtml($artwork->Reviewer->Email) ?><? } ?></a></td>
</tr>
<? } ?>
<? } ?>
@ -110,10 +110,10 @@ catch(Exceptions\InvalidPermissionsException){
<h2>U.S. public domain proof</h2>
<? if($artwork->MuseumUrl !== null){ ?>
<h3>Museum page</h3>
<p><a href="<?= Formatter::ToPlainText($artwork->MuseumUrl) ?>"><?= Formatter::ToPlainText($artwork->MuseumUrl) ?></a></p>
<p><a href="<?= Formatter::EscapeHtml($artwork->MuseumUrl) ?>"><?= Formatter::EscapeHtml($artwork->MuseumUrl) ?></a></p>
<? if($artwork->Museum !== null){ ?>
<figure class="corrected full">
<p>Approved museum: <?= Formatter::ToPlainText($artwork->Museum->Name) ?> <code>(<?= Formatter::ToPlainText($artwork->Museum->Domain) ?>)</code></p>
<p>Approved museum: <?= Formatter::EscapeHtml($artwork->Museum->Name) ?> <code>(<?= Formatter::EscapeHtml($artwork->Museum->Domain) ?>)</code></p>
</figure>
<? }else{ ?>
<figure class="wrong full">
@ -126,9 +126,9 @@ catch(Exceptions\InvalidPermissionsException){
<h3>Page scans</h3>
<ul>
<li>Year book was published: <? if($artwork->PublicationYear !== null){ ?><?= $artwork->PublicationYear ?><? }else{ ?><i>Not provided</i><? } ?></li>
<li>Page scan of book publication year: <? if($artwork->PublicationYearPageUrl !== null){ ?><a href="<?= Formatter::ToPlainText($artwork->PublicationYearPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
<li>Page scan of rights statement: <? if($artwork->CopyrightPageUrl !== null){ ?><a href="<?= Formatter::ToPlainText($artwork->CopyrightPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
<li>Page scan of artwork: <? if($artwork->ArtworkPageUrl !== null){ ?><a href="<?= Formatter::ToPlainText($artwork->ArtworkPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
<li>Page scan of book publication year: <? if($artwork->PublicationYearPageUrl !== null){ ?><a href="<?= Formatter::EscapeHtml($artwork->PublicationYearPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
<li>Page scan of rights statement: <? if($artwork->CopyrightPageUrl !== null){ ?><a href="<?= Formatter::EscapeHtml($artwork->CopyrightPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
<li>Page scan of artwork: <? if($artwork->ArtworkPageUrl !== null){ ?><a href="<?= Formatter::EscapeHtml($artwork->ArtworkPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
</ul>
<? } ?>
@ -144,7 +144,7 @@ catch(Exceptions\InvalidPermissionsException){
<? if($artwork->CanBeEditedBy($GLOBALS['User'] ?? null)){ ?>
<h2>Edit artwork</h2>
<p>Before approval, the editor and submitter may <a href="<?= $artwork->EditUrl ?>">edit <i><?= Formatter::ToPlainText($artwork->Name) ?></i></a>.</p>
<p>Before approval, the editor and submitter may <a href="<?= $artwork->EditUrl ?>">edit <i><?= Formatter::EscapeHtml($artwork->Name) ?></i></a>.</p>
<? } ?>
<? if($artwork->CanStatusBeChangedBy($GLOBALS['User'] ?? null) || $artwork->CanEbookWwwFilesysemPathBeChangedBy($GLOBALS['User'] ?? null)){ ?>
@ -169,16 +169,16 @@ catch(Exceptions\InvalidPermissionsException){
</span>
</label>
<? }else{ ?>
<input type="hidden" name="artwork-status" value="<?= Formatter::ToPlainText($artwork->Status->value ?? '') ?>" />
<input type="hidden" name="artwork-status" value="<?= Formatter::EscapeHtml($artwork->Status->value ?? '') ?>" />
<? } ?>
<? if($artwork->CanEbookWwwFilesysemPathBeChangedBy($GLOBALS['User'] ?? null)){ ?>
<label>
<span>In use by</span>
<span>Ebook file system slug, like <code>c-s-lewis_poetry</code>. If not in use, leave this blank.</span>
<input type="text" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::ToPlainText($artwork->EbookWwwFilesystemPath) ?>"/>
<input type="text" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::EscapeHtml($artwork->EbookWwwFilesystemPath) ?>"/>
</label>
<? }else{ ?>
<input type="hidden" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::ToPlainText($artwork->EbookWwwFilesystemPath) ?>" />
<input type="hidden" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::EscapeHtml($artwork->EbookWwwFilesystemPath) ?>" />
<? } ?>
<div class="footer">
<button>Save changes</button>

2
www/artworks/index.php
View file

@ -113,7 +113,7 @@ if($perPage !== ARTWORK_PER_PAGE){
</span>
</label>
<label class="search">Keywords
<input type="search" name="query" value="<?= Formatter::ToPlainText($query) ?>"/>
<input type="search" name="query" value="<?= Formatter::EscapeHtml($query) ?>"/>
</label>
<label class="sort">
<span>Sort</span>

14
www/bulk-downloads/collection.php
View file

@ -38,10 +38,10 @@ $title = preg_replace('/s$/', '', ucfirst($class));
<caption aria-hidden="hidden">Scroll right </caption>
<tbody>
<? foreach($collection as $year => $months){
$yearHeader = Formatter::ToPlainText($year);
$yearHeader = Formatter::EscapeHtml($year);
?>
<tr class="year-header">
<th colspan="13" scope="colgroup" id="<?= $yearHeader ?>"><?= Formatter::ToPlainText((string)$year) ?></th>
<th colspan="13" scope="colgroup" id="<?= $yearHeader ?>"><?= Formatter::EscapeHtml((string)$year) ?></th>
</tr>
<tr class="mid-header">
<th id="<?= $yearHeader?>-type" scope="col">Month</th>
@ -51,16 +51,16 @@ $title = preg_replace('/s$/', '', ucfirst($class));
</tr>
<? foreach($months as $month => $collection){
$monthHeader = Formatter::ToPlainText($month);
$monthHeader = Formatter::EscapeHtml($month);
?>
<tr>
<th class="row-header" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-type" id="<?= $monthHeader ?>"><?= Formatter::ToPlainText($month) ?></th>
<td class="number" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-ebooks"><?= Formatter::ToPlainText(number_format($collection->EbookCount)) ?></td>
<td class="number" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-updated"><?= Formatter::ToPlainText($collection->UpdatedString) ?></td>
<th class="row-header" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-type" id="<?= $monthHeader ?>"><?= Formatter::EscapeHtml($month) ?></th>
<td class="number" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-ebooks"><?= Formatter::EscapeHtml(number_format($collection->EbookCount)) ?></td>
<td class="number" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-updated"><?= Formatter::EscapeHtml($collection->UpdatedString) ?></td>
<? foreach($collection->ZipFiles as $item){ ?>
<td headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-download" class="download"><a href="<?= $item->Url ?>"><?= $item->Type ?></a></td>
<td headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-download">(<?= Formatter::ToPlainText($item->Size) ?>)</td>
<td headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-download">(<?= Formatter::EscapeHtml($item->Size) ?>)</td>
<? } ?>
</tr>
<? } ?>

2
www/collections/index.php
View file

@ -13,7 +13,7 @@ $collections = Library::GetEbookCollections();
<ul>
<? foreach($collections as $collection){ ?>
<li>
<p><a href="<?= $collection->Url ?>"><?= Formatter::ToPlainText($collection->Name) ?></a></p>
<p><a href="<?= $collection->Url ?>"><?= Formatter::EscapeHtml($collection->Name) ?></a></p>
</li>
<? } ?>
</ul>

2
www/ebooks/author.php
View file

@ -19,7 +19,7 @@ try{
}
$author = strip_tags($ebooks[0]->AuthorsHtml);
$authorUrl = Formatter::ToPlainText($ebooks[0]->AuthorsUrl);
$authorUrl = Formatter::EscapeHtml($ebooks[0]->AuthorsUrl);
}
catch(Exceptions\InvalidAuthorException){
Template::Emit404();

72
www/ebooks/ebook.php
View file

@ -110,24 +110,24 @@ catch(Exceptions\InvalidEbookException){
?><?= Template::Header(['title' => strip_tags($ebook->TitleWithCreditsHtml) . ' - Free ebook download', 'ogType' => 'book', 'coverUrl' => $ebook->DistCoverUrl, 'highlight' => 'ebooks', 'description' => 'Free epub ebook download of the Standard Ebooks edition of ' . $ebook->Title . ': ' . $ebook->Description]) ?>
<main>
<article class="ebook" typeof="schema:Book" about="<?= $ebook->Url ?>">
<meta property="schema:description" content="<?= Formatter::ToPlainText($ebook->Description) ?>"/>
<meta property="schema:url" content="<?= SITE_URL . Formatter::ToPlainText($ebook->Url) ?>"/>
<meta property="schema:description" content="<?= Formatter::EscapeHtml($ebook->Description) ?>"/>
<meta property="schema:url" content="<?= SITE_URL . Formatter::EscapeHtml($ebook->Url) ?>"/>
<? if($ebook->WikipediaUrl){ ?>
<meta property="schema:sameAs" content="<?= Formatter::ToPlainText($ebook->WikipediaUrl) ?>"/>
<meta property="schema:sameAs" content="<?= Formatter::EscapeHtml($ebook->WikipediaUrl) ?>"/>
<? } ?>
<header>
<hgroup>
<h1 property="schema:name"><?= Formatter::ToPlainText($ebook->Title) ?></h1>
<h1 property="schema:name"><?= Formatter::EscapeHtml($ebook->Title) ?></h1>
<? foreach($ebook->Authors as $author){ ?>
<? /* We include the `resource` attr here because we can have multiple authors, and in that case their href URLs will link to their combined corpus.
For example, William Wordsworth & Samuel Coleridge will both link to /ebooks/william-wordsworth_samuel-taylor-coleridge
But, each author is an individual, so we have to differentiate them in RDFa with `resource` */ ?>
<? if($author->Name != 'Anonymous'){ ?>
<h2><a property="schema:author" typeof="schema:Person" href="<?= Formatter::ToPlainText($ebook->AuthorsUrl) ?>" resource="<?= '/ebooks/' . $author->UrlName ?>">
<span property="schema:name"><?= Formatter::ToPlainText($author->Name) ?></span>
<meta property="schema:url" content="<?= SITE_URL . Formatter::ToPlainText($ebook->AuthorsUrl) ?>"/>
<? if($author->NacoafUrl){ ?><meta property="schema:sameAs" content="<?= Formatter::ToPlainText($author->NacoafUrl) ?>"/><? } ?>
<? if($author->WikipediaUrl){ ?><meta property="schema:sameAs" content="<?= Formatter::ToPlainText($author->WikipediaUrl) ?>"/><? } ?>
<h2><a property="schema:author" typeof="schema:Person" href="<?= Formatter::EscapeHtml($ebook->AuthorsUrl) ?>" resource="<?= '/ebooks/' . $author->UrlName ?>">
<span property="schema:name"><?= Formatter::EscapeHtml($author->Name) ?></span>
<meta property="schema:url" content="<?= SITE_URL . Formatter::EscapeHtml($ebook->AuthorsUrl) ?>"/>
<? if($author->NacoafUrl){ ?><meta property="schema:sameAs" content="<?= Formatter::EscapeHtml($author->NacoafUrl) ?>"/><? } ?>
<? if($author->WikipediaUrl){ ?><meta property="schema:sameAs" content="<?= Formatter::EscapeHtml($author->WikipediaUrl) ?>"/><? } ?>
</a>
</h2>
<? } ?>
@ -148,7 +148,7 @@ catch(Exceptions\InvalidEbookException){
<? } ?>
<? if(sizeof($ebook->Collections) > 0){ ?>
<? foreach($ebook->Collections as $collection){ ?>
<p><? if($collection->SequenceNumber !== null){ ?>№ <?= number_format($collection->SequenceNumber) ?> in the<? }else{ ?>Part of the<? } ?> <a href="<?= $collection->Url ?>" property="schema:isPartOf"><?= Formatter::ToPlainText(preg_replace('/^The /ius', '', (string)$collection->Name)) ?></a>
<p><? if($collection->SequenceNumber !== null){ ?>№ <?= number_format($collection->SequenceNumber) ?> in the<? }else{ ?>Part of the<? } ?> <a href="<?= $collection->Url ?>" property="schema:isPartOf"><?= Formatter::EscapeHtml(preg_replace('/^The /ius', '', (string)$collection->Name)) ?></a>
<? if($collection->Type !== null){ ?>
<? if(substr_compare(mb_strtolower($collection->Name), mb_strtolower($collection->Type), -strlen(mb_strtolower($collection->Type))) !== 0){ ?>
<?= $collection->Type ?>.
@ -159,7 +159,7 @@ catch(Exceptions\InvalidEbookException){
</p>
<? } ?>
<? } ?>
<ul class="tags"><? foreach($ebook->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::ToPlainText($tag->Name) ?></a></li><? } ?></ul>
<ul class="tags"><? foreach($ebook->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::EscapeHtml($tag->Name) ?></a></li><? } ?></ul>
</aside>
<section id="description">
@ -177,24 +177,24 @@ catch(Exceptions\InvalidEbookException){
</section>
<? if($ebook->HasDownloads){ ?>
<section id="read-free" property="schema:workExample" typeof="schema:Book" resource="<?= Formatter::ToPlainText($ebook->Url) ?>/downloads">
<section id="read-free" property="schema:workExample" typeof="schema:Book" resource="<?= Formatter::EscapeHtml($ebook->Url) ?>/downloads">
<meta property="schema:bookFormat" content="http://schema.org/EBook"/>
<meta property="schema:url" content="<?= Formatter::ToPlainText(SITE_URL . $ebook->Url) ?>"/>
<meta property="schema:url" content="<?= Formatter::EscapeHtml(SITE_URL . $ebook->Url) ?>"/>
<meta property="schema:license" content="https://creativecommons.org/publicdomain/zero/1.0/"/>
<div property="schema:publisher" typeof="schema:Organization">
<meta property="schema:name" content="Standard Ebooks"/>
<meta property="schema:logo" content="https://standardebooks.org/images/logo-full.svg"/>
<meta property="schema:url" content="https://standardebooks.org"/>
</div>
<meta property="schema:image" content="<?= Formatter::ToPlainText(SITE_URL . $ebook->DistCoverUrl) ?>"/>
<meta property="schema:thumbnailUrl" content="<?= Formatter::ToPlainText(SITE_URL . $ebook->Url . '/downloads/cover-thumbnail.jpg') ?>"/>
<meta property="schema:inLanguage" content="<?= Formatter::ToPlainText($ebook->Language) ?>"/>
<meta property="schema:datePublished" content="<?= Formatter::ToPlainText($ebook->Created->format('Y-m-d')) ?>"/>
<meta property="schema:dateModified" content="<?= Formatter::ToPlainText($ebook->Updated->format('Y-m-d')) ?>"/>
<meta property="schema:image" content="<?= Formatter::EscapeHtml(SITE_URL . $ebook->DistCoverUrl) ?>"/>
<meta property="schema:thumbnailUrl" content="<?= Formatter::EscapeHtml(SITE_URL . $ebook->Url . '/downloads/cover-thumbnail.jpg') ?>"/>
<meta property="schema:inLanguage" content="<?= Formatter::EscapeHtml($ebook->Language) ?>"/>
<meta property="schema:datePublished" content="<?= Formatter::EscapeHtml($ebook->Created->format('Y-m-d')) ?>"/>
<meta property="schema:dateModified" content="<?= Formatter::EscapeHtml($ebook->Updated->format('Y-m-d')) ?>"/>
<div property="schema:potentialAction" typeof="http://schema.org/ReadAction">
<meta property="schema:actionStatus" content="http://schema.org/PotentialActionStatus"/>
<div property="schema:target" typeof="schema:EntryPoint">
<meta property="schema:urlTemplate" content="<?= Formatter::ToPlainText(SITE_URL . $ebook->Url) ?>"/>
<meta property="schema:urlTemplate" content="<?= Formatter::EscapeHtml(SITE_URL . $ebook->Url) ?>"/>
<meta property="schema:actionPlatform" content="http://schema.org/DesktopWebPlatform"/>
<meta property="schema:actionPlatform" content="http://schema.org/AndroidPlatform"/>
<meta property="schema:actionPlatform" content="http://schema.org/IOSPlatform"/>
@ -298,13 +298,13 @@ catch(Exceptions\InvalidEbookException){
<? foreach($ebook->GitCommits as $commit){ ?>
<li>
<time datetime="<?= $commit->Created->format(DateTime::RFC3339) ?>"><?= $commit->Created->format('M j, Y') ?></time>
<p><a href="<?= Formatter::ToPlainText($ebook->GitHubUrl) ?>/commit/<?= Formatter::ToPlainText($commit->Hash) ?>"><?= Formatter::ToPlainText($commit->Message) ?></a></p>
<p><a href="<?= Formatter::EscapeHtml($ebook->GitHubUrl) ?>/commit/<?= Formatter::EscapeHtml($commit->Hash) ?>"><?= Formatter::EscapeHtml($commit->Message) ?></a></p>
</li>
<? } ?>
</ol>
<? if($ebook->GitHubUrl !== null){ ?>
<aside>
<p>Read the <a href="<?= Formatter::ToPlainText($ebook->GitHubUrl) ?>/commits/master">full change history</a>.</p>
<p>Read the <a href="<?= Formatter::EscapeHtml($ebook->GitHubUrl) ?>/commits/master">full change history</a>.</p>
</aside>
<? } ?>
</section>
@ -315,12 +315,12 @@ catch(Exceptions\InvalidEbookException){
<ul>
<? if($ebook->GitHubUrl !== null){ ?>
<li>
<p><a href="<?= Formatter::ToPlainText($ebook->GitHubUrl) ?>" class="github">This ebooks source code at GitHub</a></p>
<p><a href="<?= Formatter::EscapeHtml($ebook->GitHubUrl) ?>" class="github">This ebooks source code at GitHub</a></p>
</li>
<? } ?>
<? if($ebook->WikipediaUrl !== null){ ?>
<li>
<p><a href="<?= Formatter::ToPlainText($ebook->WikipediaUrl) ?>" class="wikipedia">This book at Wikipedia</a></p>
<p><a href="<?= Formatter::EscapeHtml($ebook->WikipediaUrl) ?>" class="wikipedia">This book at Wikipedia</a></p>
</li>
<? } ?>
</ul>
@ -337,13 +337,13 @@ catch(Exceptions\InvalidEbookException){
<? foreach($transcriptionSources as $source){ ?>
<li>
<p>
<? if($source->Type == SOURCE_PROJECT_GUTENBERG){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg</a>
<? }elseif($source->Type == SOURCE_PROJECT_GUTENBERG_AUSTRALIA){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg Australia</a>
<? }elseif($source->Type == SOURCE_PROJECT_GUTENBERG_CANADA){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg Canada</a>
<? }elseif($source->Type == SOURCE_WIKISOURCE){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="wikisource">Transcription at Wikisource</a>
<? }elseif($source->Type == SOURCE_FADED_PAGE){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="globe">Transcription at Faded Page</a>
<? if($source->Type == SOURCE_PROJECT_GUTENBERG){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg</a>
<? }elseif($source->Type == SOURCE_PROJECT_GUTENBERG_AUSTRALIA){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg Australia</a>
<? }elseif($source->Type == SOURCE_PROJECT_GUTENBERG_CANADA){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg Canada</a>
<? }elseif($source->Type == SOURCE_WIKISOURCE){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="wikisource">Transcription at Wikisource</a>
<? }elseif($source->Type == SOURCE_FADED_PAGE){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="globe">Transcription at Faded Page</a>
<? }else{?>
<a href="<?= Formatter::ToPlainText($source->Url) ?>" class="globe">Transcription</a>
<a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="globe">Transcription</a>
<? } ?>
</p>
</li>
@ -358,10 +358,10 @@ catch(Exceptions\InvalidEbookException){
<? foreach($scanSources as $source){ ?>
<li>
<p>
<? if($source->Type == SOURCE_INTERNET_ARCHIVE){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="internet-archive">Page scans at the Internet Archive</a>
<? }elseif($source->Type == SOURCE_HATHI_TRUST){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="hathitrust">Page scans at HathiTrust</a>
<? }elseif($source->Type == SOURCE_GOOGLE_BOOKS){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="google">Page scans at Google Books</a>
<? }else{ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="globe">Page scans</a><? } ?>
<? if($source->Type == SOURCE_INTERNET_ARCHIVE){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="internet-archive">Page scans at the Internet Archive</a>
<? }elseif($source->Type == SOURCE_HATHI_TRUST){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="hathitrust">Page scans at HathiTrust</a>
<? }elseif($source->Type == SOURCE_GOOGLE_BOOKS){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="google">Page scans at Google Books</a>
<? }else{ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="globe">Page scans</a><? } ?>
</p>
</li>
<? } ?>
@ -375,7 +375,7 @@ catch(Exceptions\InvalidEbookException){
<? foreach($otherSources as $source){ ?>
<li>
<p>
<? if($source->Type == SOURCE_OTHER){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="globe"><?= Formatter::ToPlainText(preg_replace(['|https?://(en\.)?|', '|/.+$|'], '', (string)$source->Url)) /* force type to (string) to satisfy PHPStan */ ?></a><? } ?>
<? if($source->Type == SOURCE_OTHER){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="globe"><?= Formatter::EscapeHtml(preg_replace(['|https?://(en\.)?|', '|/.+$|'], '', (string)$source->Url)) /* force type to (string) to satisfy PHPStan */ ?></a><? } ?>
</p>
</li>
<? } ?>
@ -389,7 +389,7 @@ catch(Exceptions\InvalidEbookException){
<h2>Improve this ebook</h2>
<p>Anyone can contribute to make a Standard Ebook better for everyone!</p>
<p>To report typos, typography errors, or other corrections, see <a href="/contribute/report-errors">how to report errors</a>.</p>
<? if($ebook->GitHubUrl !== null){ ?><p>If youre comfortable with technology and want to contribute directly, check out <a href="<?= Formatter::ToPlainText($ebook->GitHubUrl) ?>">this ebooks GitHub repository</a> and our <a href="/contribute">contributors section</a>.</p><? } ?>
<? if($ebook->GitHubUrl !== null){ ?><p>If youre comfortable with technology and want to contribute directly, check out <a href="<?= Formatter::EscapeHtml($ebook->GitHubUrl) ?>">this ebooks GitHub repository</a> and our <a href="/contribute">contributors section</a>.</p><? } ?>
<p>You can also <a href="/donate">donate to Standard Ebooks</a> to help fund continuing improvement of this and other ebooks.</p>
</section>
@ -403,7 +403,7 @@ catch(Exceptions\InvalidEbookException){
<picture>
<? if($carouselEbook->CoverImage2xAvifUrl !== null){ ?><source srcset="<?= $carouselEbook->CoverImage2xAvifUrl ?> 2x, <?= $carouselEbook->CoverImageAvifUrl ?> 1x" type="image/avif"/><? } ?>
<source srcset="<?= $carouselEbook->CoverImage2xUrl ?> 2x, <?= $carouselEbook->CoverImageUrl ?> 1x" type="image/jpg"/>
<img src="<?= $carouselEbook->CoverImageUrl ?>" alt="The cover for the Standard Ebooks edition of <?= Formatter::ToPlainText(strip_tags($carouselEbook->TitleWithCreditsHtml)) ?>" height="200" width="134" loading="lazy"/>
<img src="<?= $carouselEbook->CoverImageUrl ?>" alt="The cover for the Standard Ebooks edition of <?= Formatter::EscapeHtml(strip_tags($carouselEbook->TitleWithCreditsHtml)) ?>" height="200" width="134" loading="lazy"/>
</picture>
</a>
</li>

14
www/ebooks/index.php
View file

@ -66,9 +66,9 @@ try{
$collectionName = preg_replace('/^The /ius', '', $collectionObject->Name);
$collectionType = $collectionObject->Type ?? 'collection';
$pageTitle = 'Browse free ebooks in the ' . Formatter::ToPlainText($collectionName) . ' ' . $collectionType;
$pageDescription = 'A list of free ebooks in the ' . Formatter::ToPlainText($collectionName) . ' ' . $collectionType;
$pageHeader = 'Free Ebooks in the ' . Formatter::ToPlainText($collectionName) . ' ' . ucfirst($collectionType);
$pageTitle = 'Browse free ebooks in the ' . Formatter::EscapeHtml($collectionName) . ' ' . $collectionType;
$pageDescription = 'A list of free ebooks in the ' . Formatter::EscapeHtml($collectionName) . ' ' . $collectionType;
$pageHeader = 'Free Ebooks in the ' . Formatter::EscapeHtml($collectionName) . ' ' . ucfirst($collectionType);
}
else{
throw new Exceptions\InvalidCollectionException();
@ -114,8 +114,8 @@ try{
$queryString = preg_replace('/^&amp;/ius', '', $queryString);
if($collection !== null){
$feedUrl = '/collections/' . Formatter::ToPlainText($collection);
$feedTitle = 'Standard Ebooks - Ebooks in the ' . Formatter::ToPlainText($collectionName) . ' ' . $collectionType;
$feedUrl = '/collections/' . Formatter::EscapeHtml($collection);
$feedTitle = 'Standard Ebooks - Ebooks in the ' . Formatter::EscapeHtml($collectionName) . ' ' . $collectionType;
}
}
catch(Exceptions\InvalidCollectionException){
@ -134,8 +134,8 @@ catch(Exceptions\InvalidCollectionException){
<? } ?>
<? if($collection !== null){ ?>
<p class="ebooks-toolbar">
<a class="button" href="/collections/<?= Formatter::ToPlainText($collection) ?>/downloads">Download collection</a>
<a class="button" href="/collections/<?= Formatter::ToPlainText($collection) ?>/feeds">Collection feeds</a>
<a class="button" href="/collections/<?= Formatter::EscapeHtml($collection) ?>/downloads">Download collection</a>
<a class="button" href="/collections/<?= Formatter::EscapeHtml($collection) ?>/feeds">Collection feeds</a>
</p>
<? } ?>
<? if(sizeof($ebooks) == 0){ ?>

2
www/feeds/atom/search.php
View file

@ -23,7 +23,7 @@ print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<?xml-stylesheet href=\"" . S
<link href="<?= SITE_URL ?>/ebooks/ebooks?query=<?= urlencode($query) ?>" rel="alternate" type="text/html"/>
<link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml"/>
<title>Search Results</title>
<subtitle>Results for <?= Formatter::ToPlainXmlText($query) ?>”.</subtitle>
<subtitle>Results for <?= Formatter::EscapeXml($query) ?>”.</subtitle>
<icon><?= SITE_URL ?>/images/logo.png</icon>
<updated><?= (new Datetime())->Format('Y-m-d\TH:i:s\Z') ?></updated>
<author>

4
www/feeds/collection.php
View file

@ -40,8 +40,8 @@ catch(Safe\Exceptions\ApcuException){
<ul class="feed">
<? foreach($feeds as $feed){ ?>
<li>
<p><a href="<?= Formatter::ToPlainText($feed->Url) ?>"><?= Formatter::ToPlainText($feed->Label) ?></a></p>
<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?><?= Formatter::ToPlainText($feed->Url) ?></p>
<p><a href="<?= Formatter::EscapeHtml($feed->Url) ?>"><?= Formatter::EscapeHtml($feed->Label) ?></a></p>
<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?><?= Formatter::EscapeHtml($feed->Url) ?></p>
</li>
<? } ?>
</ul>

4
www/feeds/get.php
View file

@ -54,7 +54,7 @@ catch(Exceptions\InvalidCollectionException){
?><?= Template::Header(['title' => $title, 'feedTitle' => $feedTitle, 'feedUrl' => $feedUrl, 'description' => $description]) ?>
<main>
<article>
<h1>Ebook Feeds for <?= Formatter::ToPlainText($label) ?></h1>
<h1>Ebook Feeds for <?= Formatter::EscapeHtml($label) ?></h1>
<?= Template::FeedHowTo() ?>
<? foreach($feedTypes as $type){ ?>
<section id="ebooks-by-<?= $type ?>">
@ -70,7 +70,7 @@ catch(Exceptions\InvalidCollectionException){
<? } ?>
<ul class="feed">
<li>
<p><a href="/feeds/<?= $type ?>/<?= $name ?>/<?= $target?>"><?= Formatter::ToPlainText($label) ?></a></p>
<p><a href="/feeds/<?= $type ?>/<?= $name ?>/<?= $target?>"><?= Formatter::EscapeHtml($label) ?></a></p>
<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?>/feeds/<?= $type ?>/<?= $name ?>/<?= $target?></p>
</li>
</ul>

2
www/feeds/opds/search.php
View file

@ -24,7 +24,7 @@ print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<?xml-stylesheet href=\"". SI
<link href="<?= SITE_URL ?>/feeds/opds/all" rel="http://opds-spec.org/crawlable" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
<link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml; charset=utf-8"/>
<title>Search Results</title>
<subtitle>Results for <?= Formatter::ToPlainXmlText($query) ?>”.</subtitle>
<subtitle>Results for <?= Formatter::EscapeXml($query) ?>”.</subtitle>
<icon><?= SITE_URL ?>/images/logo.png</icon>
<updated><?= (new Datetime())->Format('Y-m-d\TH:i:s\Z') ?></updated>
<author>

2
www/feeds/rss/search.php
View file

@ -21,7 +21,7 @@ print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<?xml-stylesheet href=\"" . S
<channel>
<title>Search Results</title>
<link><?= SITE_URL ?></link>
<description>Results for <?= Formatter::ToPlainXmlText($query) ?>”.</description>
<description>Results for <?= Formatter::EscapeXml($query) ?>”.</description>
<language>en-US</language>
<copyright>https://creativecommons.org/publicdomain/zero/1.0/</copyright>
<lastBuildDate><?= (new DateTime())->format('r') ?></lastBuildDate>

2
www/newsletter/subscriptions/new.php
View file

@ -32,7 +32,7 @@ if($exception){
<input type="text" name="automationtest" value="" maxlength="80" />
</label>
<label class="email">Your email address
<input type="email" name="email" value="<? if($subscription->User !== null){ ?><?= Formatter::ToPlainText($subscription->User->Email) ?><? } ?>" maxlength="80" required="required" />
<input type="email" name="email" value="<? if($subscription->User !== null){ ?><?= Formatter::EscapeHtml($subscription->User->Email) ?><? } ?>" maxlength="80" required="required" />
</label>
<label class="captcha">
Type the letters in the <abbr class="acronym">CAPTCHA</abbr> image

2
www/polls/get.php
View file

@ -31,7 +31,7 @@ catch(Exceptions\AppException){
?><?= Template::Header(['title' => $poll->Name, 'highlight' => '', 'description' => $poll->Description]) ?>
<main>
<section class="narrow">
<h1><?= Formatter::ToPlainText($poll->Name) ?></h1>
<h1><?= Formatter::EscapeHtml($poll->Name) ?></h1>
<p><?= $poll->Description ?></p>
<? if($poll->IsActive()){ ?>
<? if($poll->End !== null){ ?>

4
www/polls/index.php
View file

@ -37,7 +37,7 @@ $openPolls = Db::Query('
<ul>
<? foreach($openPolls as $poll){ ?>
<li>
<p><a href="<?= $poll->Url ?>"><?= Formatter::ToPlainText($poll->Name) ?></a></p>
<p><a href="<?= $poll->Url ?>"><?= Formatter::EscapeHtml($poll->Name) ?></a></p>
</li>
<? } ?>
</ul>
@ -49,7 +49,7 @@ $openPolls = Db::Query('
<ul>
<? foreach($pastPolls as $poll){ ?>
<li>
<p><a href="<?= $poll->Url ?>"><?= Formatter::ToPlainText($poll->Name) ?></a></p>
<p><a href="<?= $poll->Url ?>"><?= Formatter::EscapeHtml($poll->Name) ?></a></p>
</li>
<? } ?>
</ul>

4
www/polls/votes/get.php
View file

@ -24,9 +24,9 @@ catch(Exceptions\AppException){
<section class="narrow">
<h1>Your vote has been recorded!</h1>
<? if($created){ ?>
<p class="center-notice">Thank you for voting in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::ToPlainText($vote->PollItem->Poll->Name) ?> poll</a>.</p>
<p class="center-notice">Thank you for voting in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::EscapeHtml($vote->PollItem->Poll->Name) ?> poll</a>.</p>
<? }else{ ?>
<p class="center-notice">Your vote in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::ToPlainText($vote->PollItem->Poll->Name) ?> poll</a> was submitted on <?= $vote->Created->format('F j, Y g:i a') ?>.</p>
<p class="center-notice">Your vote in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::EscapeHtml($vote->PollItem->Poll->Name) ?> poll</a> was submitted on <?= $vote->Created->format('F j, Y g:i a') ?>.</p>
<? } ?>
<p class="button-row narrow"><a class="button" href="<?= $vote->PollItem->Poll->Url ?>/votes"> view results</a></p>
</section>

2
www/polls/votes/index.php
View file

@ -11,7 +11,7 @@ catch(Exceptions\AppException){
?><?= Template::Header(['title' => 'Results for the ' . $poll->Name . ' Poll', 'highlight' => '', 'description' => 'The voting results for the ' . $poll->Name . ' poll.']) ?>
<main>
<section class="narrow">
<h1>Results for the <?= Formatter::ToPlainText($poll->Name) ?> Poll</h1>
<h1>Results for the <?= Formatter::EscapeHtml($poll->Name) ?> Poll</h1>
<p class="center-notice">Total votes: <?= number_format($poll->VoteCount) ?></p>
<? if($poll->IsActive()){ ?>
<? if($poll->End !== null){ ?>

8
www/polls/votes/new.php
View file

@ -54,10 +54,10 @@ catch(Exceptions\PollVoteExistsException $ex){
?><?= Template::Header(['title' => $poll->Name . ' - Vote Now', 'highlight' => '', 'description' => 'Vote in the ' . $poll->Name . ' poll']) ?>
<main>
<section class="narrow">
<h1>Vote in the <?= Formatter::ToPlainText($poll->Name) ?> Poll</h1>
<h1>Vote in the <?= Formatter::EscapeHtml($poll->Name) ?> Poll</h1>
<?= Template::Error(['exception' => $exception]) ?>
<form method="post" action="<?= Formatter::ToPlainText($poll->Url) ?>/votes">
<input type="hidden" name="email" value="<? if($vote->User !== null){ ?><?= Formatter::ToPlainText($vote->User->Email) ?><? } ?>" maxlength="80" required="required" />
<form method="post" action="<?= Formatter::EscapeHtml($poll->Url) ?>/votes">
<input type="hidden" name="email" value="<? if($vote->User !== null){ ?><?= Formatter::EscapeHtml($vote->User->Email) ?><? } ?>" maxlength="80" required="required" />
<fieldset>
<p>Select one of these options.</p>
<ul>
@ -68,7 +68,7 @@ catch(Exceptions\PollVoteExistsException $ex){
<span>
<b><?= $pollItem->Name ?></b>
<? if($pollItem->Description !== null){ ?>
<span><?= Formatter::ToPlainText($pollItem->Description) ?></span>
<span><?= Formatter::EscapeHtml($pollItem->Description) ?></span>
<? } ?>
</span>
</label>

8
www/sessions/new.php
View file

@ -40,17 +40,17 @@ if($exception){
<p><strong>Important:</strong> When making your donation, you must have selected either “List my name publicly” or “Dont list publicly, but reveal to project” on the donation form; otherwise, your email address isnt shared with us, and we cant include you in our login system.</p>
<? } ?>
<form method="post" action="/sessions" class="single-row">
<input type="hidden" name="redirect" value="<?= Formatter::ToPlainText($redirect) ?>" />
<input type="hidden" name="redirect" value="<?= Formatter::EscapeHtml($redirect) ?>" />
<? if($passwordRequired){ ?>
<input type="hidden" name="email" value="<?= Formatter::ToPlainText($email) ?>" maxlength="80" required="required" />
<input type="hidden" name="email" value="<?= Formatter::EscapeHtml($email) ?>" maxlength="80" required="required" />
<label class="password">
<span>Your password</span>
<span>Logging in as <?= Formatter::ToPlainText($email) ?>.</span>
<span>Logging in as <?= Formatter::EscapeHtml($email) ?>.</span>
<input type="password" name="password" value="" required="required" />
</label>
<? }else{ ?>
<label class="email">Your email address
<input type="email" name="email" value="<?= Formatter::ToPlainText($email) ?>" maxlength="80" required="required" />
<input type="email" name="email" value="<?= Formatter::EscapeHtml($email) ?>" maxlength="80" required="required" />
</label>
<? } ?>
<button>Log in</button>