diff --git a/app/code/Magento/ImportExport/Block/Adminhtml/Export/Filter.php b/app/code/Magento/ImportExport/Block/Adminhtml/Export/Filter.php index d032f2f7621b2..5e68a16b991b8 100644 --- a/app/code/Magento/ImportExport/Block/Adminhtml/Export/Filter.php +++ b/app/code/Magento/ImportExport/Block/Adminhtml/Export/Filter.php @@ -102,8 +102,8 @@ protected function _getDateFromToHtmlWithValue(Attribute $attribute, $value) $fromValue = null; $toValue = null; if (is_array($value) && count($value) == 2) { - $fromValue = $this->escapeHtml(reset($value)); - $toValue = $this->escapeHtml(next($value)); + $fromValue = $this->_escaper->escapeHtml(reset($value)); + $toValue = $this->_escaper->escapeHtml(next($value)); } return '' . __('From') . ': ' @@ -125,7 +125,7 @@ protected function _getInputHtmlWithValue(Attribute $attribute, $value) $attribute->getAttributeCode() ) . '" class="admin__control-text input-text input-text-export-filter"'; if ($value) { - $html .= ' value="' . $this->escapeHtml($value) . '"'; + $html .= ' value="' . $this->_escaper->escapeHtml($value) . '"'; } return $html . ' />'; } @@ -184,8 +184,8 @@ protected function _getNumberFromToHtmlWithValue(Attribute $attribute, $value) $toValue = null; $name = $this->getFilterElementName($attribute->getAttributeCode()); if (is_array($value) && count($value) == 2) { - $fromValue = $this->escapeHtml(reset($value)); - $toValue = $this->escapeHtml(next($value)); + $fromValue = $this->_escaper->escapeHtml(reset($value)); + $toValue = $this->_escaper->escapeHtml(next($value)); } return '' . diff --git a/app/code/Magento/ImportExport/Block/Adminhtml/Grid/Column/Renderer/Download.php b/app/code/Magento/ImportExport/Block/Adminhtml/Grid/Column/Renderer/Download.php index 5a9e3a2a8504a..48ff442e778d2 100644 --- a/app/code/Magento/ImportExport/Block/Adminhtml/Grid/Column/Renderer/Download.php +++ b/app/code/Magento/ImportExport/Block/Adminhtml/Grid/Column/Renderer/Download.php @@ -20,9 +20,9 @@ class Download extends \Magento\Backend\Block\Widget\Grid\Column\Renderer\Text */ public function _getValue(\Magento\Framework\DataObject $row) { - return '

' . $this->escapeHtml($row->getData('imported_file')) . '

getUrl('*/*/download', ['filename' => $row->getData('imported_file')]) . '">' - . $this->escapeHtml(__('Download')) + . $this->_escaper->escapeHtml(__('Download')) . ''; } } diff --git a/app/code/Magento/ImportExport/Block/Adminhtml/Grid/Column/Renderer/Error.php b/app/code/Magento/ImportExport/Block/Adminhtml/Grid/Column/Renderer/Error.php index d493fc3fd9531..f2d194182182d 100644 --- a/app/code/Magento/ImportExport/Block/Adminhtml/Grid/Column/Renderer/Error.php +++ b/app/code/Magento/ImportExport/Block/Adminhtml/Grid/Column/Renderer/Error.php @@ -22,9 +22,9 @@ public function _getValue(\Magento\Framework\DataObject $row) { $result = ''; if ($row->getData('error_file') != '') { - $result = '

' . $this->escapeHtml($row->getData('error_file')) . '

getUrl('*/*/download', ['filename' => $row->getData('error_file')]) . '">' - . $this->escapeHtml(__('Download')) + . $this->_escaper->escapeHtml(__('Download')) . ''; } return $result; diff --git a/app/code/Magento/ImportExport/Block/Adminhtml/Import/Edit/Form.php b/app/code/Magento/ImportExport/Block/Adminhtml/Import/Edit/Form.php index 07cf6f8c733d4..0a52e78c67174 100644 --- a/app/code/Magento/ImportExport/Block/Adminhtml/Import/Edit/Form.php +++ b/app/code/Magento/ImportExport/Block/Adminhtml/Import/Edit/Form.php @@ -242,7 +242,7 @@ protected function _prepareForm() 'required' => false, 'class' => 'input-text', 'note' => __( - $this->escapeHtml( + $this->_escaper->escapeHtml( 'For Type "Local Server" use relative path to <Magento root directory>/' .$this->imagesDirectoryProvider->getDirectoryRelativePath() .', e.g. product_images, import_images/batch1.

' diff --git a/app/code/Magento/ImportExport/Block/Adminhtml/Import/Frame/Result.php b/app/code/Magento/ImportExport/Block/Adminhtml/Import/Frame/Result.php index 0b9857edc53eb..e6ddfd5614825 100644 --- a/app/code/Magento/ImportExport/Block/Adminhtml/Import/Frame/Result.php +++ b/app/code/Magento/ImportExport/Block/Adminhtml/Import/Frame/Result.php @@ -102,7 +102,7 @@ public function addError($message) $this->addError($row); } } else { - $this->_messages['error'][] = $this->escapeHtml($message); + $this->_messages['error'][] = $this->_escaper->escapeHtml($message); } return $this; } @@ -140,7 +140,7 @@ public function addSuccess($message, $appendImportButton = false) $this->addSuccess($row); } } else { - $escapedMessage = $this->escapeHtml($message); + $escapedMessage = $this->_escaper->escapeHtml($message); $this->_messages['success'][] = $escapedMessage . ($appendImportButton ? $this->getImportButtonHtml() : ''); } return $this; diff --git a/app/code/Magento/ImportExport/view/adminhtml/templates/busy.phtml b/app/code/Magento/ImportExport/view/adminhtml/templates/busy.phtml index fe1763d3e0286..0f43bbf06f247 100644 --- a/app/code/Magento/ImportExport/view/adminhtml/templates/busy.phtml +++ b/app/code/Magento/ImportExport/view/adminhtml/templates/busy.phtml @@ -3,14 +3,18 @@ * Copyright © Magento, Inc. All rights reserved. * See COPYING.txt for license details. */ + +/** + * @var \Magento\Framework\Escaper $escaper + */ ?>
- escapeHtml(__('Status')) ?> + escapeHtml(__('Status')) ?>

-
escapeHtml($block->getStatusMessage()) ?>
+
escapeHtml($block->getStatusMessage()) ?>
diff --git a/app/code/Magento/ImportExport/view/adminhtml/templates/export/form/after.phtml b/app/code/Magento/ImportExport/view/adminhtml/templates/export/form/after.phtml index 784e140041004..aefc4c9cab9c4 100644 --- a/app/code/Magento/ImportExport/view/adminhtml/templates/export/form/after.phtml +++ b/app/code/Magento/ImportExport/view/adminhtml/templates/export/form/after.phtml @@ -4,20 +4,23 @@ * See COPYING.txt for license details. */ -/** @var \Magento\ImportExport\Block\Adminhtml\Form\After $block */ +/** + * @var \Magento\ImportExport\Block\Adminhtml\Form\After $block + * @var \Magento\Framework\Escaper $escaper + */ /** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */ ?>
- escapeHtml(__('Entity Attributes')) ?> + escapeHtml(__('Entity Attributes')) ?>
-
+
renderStyleAsTag("display:none;", 'fieldset#export_filter_container') ?> diff --git a/app/code/Magento/ImportExport/view/adminhtml/templates/export/form/before.phtml b/app/code/Magento/ImportExport/view/adminhtml/templates/export/form/before.phtml index b569518d9d239..6edcd5f95c9c5 100644 --- a/app/code/Magento/ImportExport/view/adminhtml/templates/export/form/before.phtml +++ b/app/code/Magento/ImportExport/view/adminhtml/templates/export/form/before.phtml @@ -4,7 +4,10 @@ * See COPYING.txt for license details. */ -/** @var \Magento\Backend\Block\Template $block */ +/** + * @var \Magento\Backend\Block\Template $block + * @var \Magento\Framework\Escaper $escaper + */ /** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */ ?> @@ -48,7 +51,7 @@ require([ */ getFilter: function() { if ($('entity') && \$F('entity')) { - var url = "{$block->escapeJs($block->getUrl('*/*/getFilter'))}"; + var url = "{$escaper->escapeJs($block->getUrl('*/*/getFilter'))}"; var entity = \$F('entity'); if (entity != this.previousGridEntity) { this.previousGridEntity = entity; @@ -93,7 +96,7 @@ require([ form.action = oldAction; } else { alert({ - content: '{$block->escapeHtml(__('Invalid data'))}' + content: '{$escaper->escapeHtml(__('Invalid data'))}' }); } }; diff --git a/app/code/Magento/ImportExport/view/adminhtml/templates/import/form/after.phtml b/app/code/Magento/ImportExport/view/adminhtml/templates/import/form/after.phtml index 5a59ffca17cb5..99213d96a53e5 100644 --- a/app/code/Magento/ImportExport/view/adminhtml/templates/import/form/after.phtml +++ b/app/code/Magento/ImportExport/view/adminhtml/templates/import/form/after.phtml @@ -4,14 +4,17 @@ * See COPYING.txt for license details. */ -/** @var \Magento\ImportExport\Block\Adminhtml\Form\After $block */ +/** + * @var \Magento\ImportExport\Block\Adminhtml\Form\After $block + * @var \Magento\Framework\Escaper $escaper + */ /** @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer */ ?>
escapeHtml(__('Validation Results')) ?> + id="import_validation_container_header">escapeHtml(__('Validation Results')) ?>

diff --git a/app/code/Magento/ImportExport/view/adminhtml/templates/import/form/before.phtml b/app/code/Magento/ImportExport/view/adminhtml/templates/import/form/before.phtml index d512ce8182ede..a6ca2bb906c9f 100644 --- a/app/code/Magento/ImportExport/view/adminhtml/templates/import/form/before.phtml +++ b/app/code/Magento/ImportExport/view/adminhtml/templates/import/form/before.phtml @@ -5,10 +5,13 @@ */ ?> escapeHtml( +$uploaderErrorMessage = $escaper->escapeHtml( __('Content of uploaded file was changed, please re-upload the file') ); ?> @@ -51,7 +54,7 @@ require([ * Base url * @type {string} */ - sampleFilesBaseUrl: '{$block->escapeJs($block->getUrl('*/*/download/', ['filename' => 'entity-name']))}', + sampleFilesBaseUrl: '{$escaper->escapeJs($block->getUrl('*/*/download/', ['filename' => 'entity-name']))}', /** * Loaded file last modified @@ -258,7 +261,7 @@ require([ postToFrameProcessResponse: function(response) { if ('object' != typeof(response)) { alert({ - content: '{$block->escapeHtml(__('Invalid response'))}' + content: '{$escaper->escapeHtml(__('Invalid response'))}' }); return false;