my ($alliance) = @_;
my @alliances;
$alliance = -1 unless defined $alliance;
- push @alliances,{Id => -1, Name => ' ', Selected => not $alliance};
+ push @alliances,{Id => -1, Name => '', Selected => not $alliance};
my $query = $ND::DBH->prepare(q{SELECT id,name FROM alliances ORDER BY LOWER(name)});
$query->execute;
while (my $ally = $query->fetchrow_hashref){
}
}
if (my $thread = addForumThread $DBH,$board,$ND::UID,$subject){
- $error .= p 'Intel message added' if addForumPost $DBH,$thread,$ND::UID,param('intel')
+ $error .= 'Intel message added' if addForumPost $DBH,$thread,$ND::UID,param('intel')
}
}
}
$BODY->param(DefensePoints => $call->{defense_points});
$BODY->param(LandingTick => $call->{landing_tick});
$BODY->param(ETA => $call->{landing_tick}-$self->{TICK});
- $BODY->param(Info => escapeHTML $call->{info});
+ $BODY->param(Info => $call->{info});
$BODY->param(DC => $call->{dc});
$BODY->param(Member => $call->{member});
$BODY->param(SMS => $call->{sms});
$call->{dcstyle} = 'Hostile' unless defined $call->{dc};
$i++;
$call->{ODD} = $i % 2;
- $call->{shiptype} = escapeHTML($call->{shiptype});
+ $call->{shiptype} = $call->{shiptype};
push @calls, $call;
}
$BODY->param(Calls => \@calls);
$BODY->param(Nick => escapeHTML($planet->{nick}));
$BODY->param(Channel => $planet->{channel});
my @status;
- for my $status (" ","Friendly", "NAP", "Hostile"){
+ for my $status ("","Friendly", "NAP", "Hostile"){
push @status,{Status => $status, Selected => defined $planet->{planet_status} && $status eq $planet->{planet_status}}
}
$BODY->param(PlanetStatus => \@status);
}
$i++;
$call->{ODD} = $i % 2;
- $call->{shiptype} = escapeHTML($call->{shiptype});
+ $call->{shiptype} = $call->{shiptype};
push @calls, $call;
}
$BODY->param(Calls => \@calls);
$template = HTML::Template->new(filename => "templates/xml.tmpl", cache => 1);
$body = HTML::Template->new(filename => "templates/$self->{PAGE}.xml.tmpl", cache => 1);
}else{
- $body = HTML::Template->new(filename => "templates/$self->{PAGE}.tmpl", global_vars => 1, cache => 1);
+ $body = HTML::Template->new(filename => "templates/$self->{PAGE}.tmpl", global_vars => 1
+ , cache => 1, default_escape => 'HTML');
$body->param(PAGE => $self->{PAGE});
}
<td><TMPL_VAR NAME=Shiptype></td>
<td><TMPL_VAR NAME=Curreta> (<TMPL_VAR NAME=Eta>)</td>
<td><TMPL_VAR NAME=Alliance></td>
- <td><TMPL_VAR NAME=Attackers></td>
+ <td><TMPL_VAR ESCAPE=NONE NAME=Attackers></td>
</tr>
</TMPL_LOOP>
</table>
</div>
<div class="leftinfo">
<p>Raid message here</p>
- <textarea rows="15" cols="40" name="message"><TMPL_VAR NAME=Message></textarea>
+ <textarea rows="15" cols="40" name="message"><TMPL_VAR ESCAPE=NONE NAME=Message></textarea>
</div>
<div class="leftinfo">
<p>List all target coords here</p>
</div>
<div class="leftinfo">
<p> Comment:<br/>
- <textarea rows="5" cols="20" name="comment:<TMPL_VAR NAME=Id>"><TMPL_VAR NAME=Comment></textarea>
+ <textarea rows="5" cols="20" name="comment:<TMPL_VAR NAME=Id>"><TMPL_VAR ESCAPE=NONE NAME=Comment></textarea>
</p>
<TMPL_VAR NAME=PlanetScan>
</div>
<TMPL_IF Thread>
<TMPL_IF Moderate><a href="/<TMPL_VAR NAME=PAGE>?t=<TMPL_VAR NAME=FTID>;cmd=<TMPL_VAR NAME=Sticky>">Make this thread <TMPL_VAR NAME=Sticky></a></TMPL_IF>
-<TMPL_VAR Thread>
+<TMPL_VAR ESCAPE=NONE Thread>
</TMPL_IF>
<TMPL_IF ViewBoard>
<p><a href="/<TMPL_VAR NAME=PAGE>?b=<TMPL_VAR NAME=Id>;markAsRead=<TMPL_VAR ESCAPE=URL NAME=DATE>">Mark threads as read</a></p>
<TMPL_IF Thread>
<div>
-<TMPL_VAR NAME=Thread>
+<TMPL_VAR ESCAPE=NONE NAME=Thread>
<form action="<TMPL_VAR NAME=PAGE>#NewPosts" method="post"><fieldset class="forum-post"> <legend>New Reply</legend>
<textarea rows="10" cols="60" name="message"></textarea>
<input type="hidden" name="cmd" value="forumpost"/>
<TMPL_VAR NAME=Error>
<div class="leftinfo">
<fieldset class="forum-post"> <legend>Message from HC<TMPL_IF isHC> <a href="motd?">EDIT</a></TMPL_IF></legend>
- <TMPL_VAR NAME=MOTD>
+ <TMPL_VAR ESCAPE=NONE NAME=MOTD>
</fieldset>
</div>
<TMPL_IF PLANET>
<td><TMPL_VAR NAME=Shiptype></td>
<td><TMPL_VAR NAME=Curreta></td>
<td><TMPL_VAR NAME=Eta></td>
- <td><TMPL_VAR NAME=Attackers></td>
+ <td><TMPL_VAR ESCAPE=NONE NAME=Attackers></td>
</tr>
</TMPL_LOOP>
</table>
<p><b style="color: red;">DO NOT JOIN A WAVE UNLESS YOU HAVE PERMISSION FROM THE PERSON WHO CLAIMED IT</b></p>
<p><b style="color: purple;">COORDS ARE NOT SHOWN UNTIL AT LEAST 10 MIN AFTER YOUR CLAIM</b></p>
<p>Landing tick first wave: <TMPL_VAR NAME=LandingTick></p>
- <TMPL_VAR NAME=Message>
+ <TMPL_VAR ESCAPE=NONE NAME=Message>
</fieldset>
<TMPL_IF Ajax>
</ul>
<TMPL_IF Comment>
<fieldset> <legend>Comment</legend>
- <TMPL_VAR NAME=Comment>
+ <TMPL_VAR ESCAPE=NONE NAME=Comment>
</fieldset>
</TMPL_IF>
<table>
</TMPL_IF>
<fieldset class="forum-post">
<legend class="unread:<TMPL_VAR NAME=Unread>"><b><TMPL_VAR NAME=Username></b> : <TMPL_VAR NAME=Time></legend>
- <TMPL_VAR NAME=Message>
+ <TMPL_VAR ESCAPE=NONE NAME=Message>
</fieldset>
</TMPL_LOOP>
<TMPL_IF Post>