From ab4c1fde6d73ab8c93c3f2b53babb62d8c200fcf Mon Sep 17 00:00:00 2001
From: coderkun <coderkun@localhost>
Date: Sun, 16 Feb 2014 13:17:59 +0100
Subject: [PATCH] create method for savely printing text

---
 app/Utils.inc                         | 27 +++++++++++++++++++++++++++
 views/html/questgroups/questgroup.tpl |  2 +-
 views/html/quests/quest.tpl           |  4 ++--
 views/html/quests/sidequest.tpl       |  4 ++--
 views/html/seminaries/seminary.tpl    |  2 +-
 5 files changed, 33 insertions(+), 6 deletions(-)

diff --git a/app/Utils.inc b/app/Utils.inc
index 1e3527c1..76ccc7fe 100644
--- a/app/Utils.inc
+++ b/app/Utils.inc
@@ -19,6 +19,33 @@
 	 */
 	class Utils
 	{
+		
+		
+		/**
+		 * Mask HTML-chars for save output.
+		 * 
+		 * @static
+		 * @param	string	$string	String to be masked
+		 * @return	string		Masked string
+		 */
+		static function t($string)
+		{
+			return nl2br(htmlspecialchars($string));
+		}
+		
+		
+		/**
+		 * ‚htmlspecialchars‘ with support for UTF-8.
+		 * 
+		 * @static
+		 * @param	string	$string	String to be masked
+		 * @return	string		Masked string
+		 */
+		public static function htmlspecialchars_utf8($string)
+		{
+			return htmlspecialchars($string, ENT_COMPAT, 'UTF-8');
+		}
+		
 	}
 
 ?>
diff --git a/views/html/questgroups/questgroup.tpl b/views/html/questgroups/questgroup.tpl
index b78d1fe4..5699bfa7 100644
--- a/views/html/questgroups/questgroup.tpl
+++ b/views/html/questgroups/questgroup.tpl
@@ -6,7 +6,7 @@
 
 <h3><?=$questgroupshierarchy['title_singular']?> <?=$questgroup['pos']?>: <?=$questgroup['title']?></h3>
 <?php foreach($texts as &$text) : ?>
-<p><?=$text['text']?></p>
+<p><?=\hhu\z\Utils::t($text['text'])?></p>
 <?php endforeach ?>
 
 <?php foreach($childquestgroupshierarchy as &$hierarchy) : ?>
diff --git a/views/html/quests/quest.tpl b/views/html/quests/quest.tpl
index afccd176..9a8b7376 100644
--- a/views/html/quests/quest.tpl
+++ b/views/html/quests/quest.tpl
@@ -10,7 +10,7 @@
 <?php endif ?>
 <section>
 	<h1><?=$questtext['type']?></h1>
-	<p><?=$questtext['text']?></p>
+	<p><?=\hhu\z\Utils::t($questtext['text'])?></p>
 	
 	<?php if(!empty($questtext['sidequests'])) : ?>
 	<ul>
@@ -35,6 +35,6 @@
 <?php if($showtask) : ?>
 <section>
 	<h1><?=_('Task')?></h1>
-	<p><?=$quest['task']?></p>
+	<p><?=\hhu\z\Utils::t($quest['task'])?></p>
 </section>
 <?php endif ?>
diff --git a/views/html/quests/sidequest.tpl b/views/html/quests/sidequest.tpl
index 4527b3c8..b1bff276 100644
--- a/views/html/quests/sidequest.tpl
+++ b/views/html/quests/sidequest.tpl
@@ -12,7 +12,7 @@
 <?php endif ?>
 <section>
 	<h1><?=$sidequesttext['type']?></h1>
-	<p><?=$sidequesttext['text']?></p>
+	<p><?=\hhu\z\Utils::t($sidequesttext['text'])?></p>
 	
 	<?php if(!empty($sidequesttext['out_text'])) : ?>
 	<?php if(!empty($sidequesttext['abort_text'])) : ?>
@@ -33,6 +33,6 @@
 <?php if($showtask) : ?>
 <section>
 	<h1><?=_('Task')?></h1>
-	<p><?=$sidequest['task']?></p>
+	<p><?=\hhu\z\Utils::t(($sidequest['task'])?></p>
 </section>
 <?php endif ?>
diff --git a/views/html/seminaries/seminary.tpl b/views/html/seminaries/seminary.tpl
index 89378d65..3e93b154 100644
--- a/views/html/seminaries/seminary.tpl
+++ b/views/html/seminaries/seminary.tpl
@@ -11,7 +11,7 @@
 	<?=sprintf(_('created by %s on %s'), $seminary['creator']['username'],  $dateFormatter->format(new \DateTime($seminary['created'])))?>
 </p>
 <h3>Beschreibung</h3>
-<p><?=$seminary['description']?></p>
+<p><?=\hhu\z\Utils::t($seminary['description'])?></p>
 
 <?php foreach($questgroupshierarchy as &$hierarchy) : ?>
 <h3><?=$hierarchy['title_plural']?></h3>