From 47862f11c3df6dcba1df9096f9b8599a60a7b7e8 Mon Sep 17 00:00:00 2001
From: Kornel <kornel@aardvarkmedia.co.uk>
Date: Tue, 4 May 2010 17:45:08 +0100
Subject: [PATCH 1/4] XHTML validity fixes

---
 bug_monitor_list_view_inc.php |    2 +-
 core/html_api.php             |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/bug_monitor_list_view_inc.php b/bug_monitor_list_view_inc.php
index 58188ef..a1bd1a8 100644
--- a/bug_monitor_list_view_inc.php
+++ b/bug_monitor_list_view_inc.php
@@ -95,7 +95,7 @@ if ( access_has_bug_level( config_get( 'show_monitor_list_threshold' ), $f_bug_i
 				echo ($i > 0) ? ', ' : '';
 				echo print_user( $t_users[$i] );
 				if ( $t_can_delete_others ) {
-					echo ' [<a class="small" href="' . helper_mantis_url( 'bug_monitor_delete.php' ) . '?bug_id=' . $f_bug_id . '&user_id=' . $t_users[$i] . form_security_param( 'bug_monitor_delete' ) . '">' . lang_get( 'delete_link' ) . '</a>]';
+					echo ' [<a class="small" href="' . helper_mantis_url( 'bug_monitor_delete.php' ) . '?bug_id=' . $f_bug_id . '&amp;user_id=' . $t_users[$i] . htmlspecialchars(form_security_param( 'bug_monitor_delete' )) . '">' . lang_get( 'delete_link' ) . '</a>]';
 				}
 	 		}
  		}
diff --git a/core/html_api.php b/core/html_api.php
index 4a15945..e793b2c 100644
--- a/core/html_api.php
+++ b/core/html_api.php
@@ -1704,7 +1704,7 @@ function html_buttons_view_bug_page( $p_bug_id ) {
 
 	# MONITOR/UNMONITOR button
 	if( !current_user_is_anonymous() ) {
-		echo '<td class=center">';
+		echo '<td class="center">';
 		if( user_is_monitoring_bug( auth_get_current_user_id(), $p_bug_id ) ) {
 			html_button_bug_unmonitor( $p_bug_id );
 		} else {
-- 
1.7.0.2


From a9f15b2186cb45566ac354ea217e2c9e88359527 Mon Sep 17 00:00:00 2001
From: Kornel <kornel@aardvarkmedia.co.uk>
Date: Tue, 4 May 2010 16:30:05 +0100
Subject: [PATCH 2/4] Fixed text/html-incompatible <a/> syntax.

---
 admin/test_email.php          |    2 +-
 billing_inc.php               |    2 +-
 bug_monitor_list_view_inc.php |    2 +-
 bug_view_inc.php              |    4 ++--
 bugnote_stats_inc.php         |    2 +-
 bugnote_view_inc.php          |    2 +-
 history_inc.php               |    2 +-
 manage_proj_edit_page.php     |   10 +++-------
 manage_proj_page.php          |    3 +--
 9 files changed, 12 insertions(+), 17 deletions(-)

diff --git a/admin/test_email.php b/admin/test_email.php
index 3fa15ff..40e6ef3 100644
--- a/admin/test_email.php
+++ b/admin/test_email.php
@@ -33,7 +33,7 @@ html_page_top();
 
 ?>
 
-<a name="email" id="email" />
+<a name="email" id="email"></a>
 <table width="100%" bgcolor="#222222" border="0" cellpadding="20" cellspacing="1">
 <tr>
 	<td bgcolor="#f4f4f4">
diff --git a/billing_inc.php b/billing_inc.php
index 8633304..b7132b2 100644
--- a/billing_inc.php
+++ b/billing_inc.php
@@ -51,7 +51,7 @@ require_api( 'string_api.php' );
 require_api( 'utility_api.php' );
 
 ?>
-<a name="bugnotestats" id="bugnotestats" /><br />
+<a name="bugnotestats" id="bugnotestats"></a><br />
 <?php
 collapse_open( 'bugnotestats' );
 
diff --git a/bug_monitor_list_view_inc.php b/bug_monitor_list_view_inc.php
index a1bd1a8..c0c2eb4 100644
--- a/bug_monitor_list_view_inc.php
+++ b/bug_monitor_list_view_inc.php
@@ -68,7 +68,7 @@ if ( access_has_bug_level( config_get( 'show_monitor_list_threshold' ), $f_bug_i
 	}
 	user_cache_array_rows( $t_users );
 
-	echo '<a name="monitors" id="monitors" /><br />';
+	echo '<a name="monitors" id="monitors"></a><br />';
 
 	collapse_open( 'monitoring' );
 ?>
diff --git a/bug_view_inc.php b/bug_view_inc.php
index 4cda1a9..da35b66 100644
--- a/bug_view_inc.php
+++ b/bug_view_inc.php
@@ -711,8 +711,8 @@ if ( $t_custom_fields_found ) {
 
 # Attachments
 if ( $tpl_show_attachments ) {
-	echo '<tr ', helper_alternate_class(), '>';
-	echo '<td class="category"><a name="attachments" id="attachments" />', lang_get( 'attached_files' ), '</td>';
+	echo '<tr id="attachments" ', helper_alternate_class(), '>';
+	echo '<td class="category">', lang_get( 'attached_files' ), '</td>';
 	echo '<td colspan="5">';
 	print_bug_attachments_list( $tpl_bug_id );
 	echo '</td></tr>';
diff --git a/bugnote_stats_inc.php b/bugnote_stats_inc.php
index 1304d2c..bdce944 100644
--- a/bugnote_stats_inc.php
+++ b/bugnote_stats_inc.php
@@ -53,7 +53,7 @@ if ( OFF == config_get('time_tracking_enabled') ) {
 }
 ?>
 
-<a name="bugnotestats" id="bugnotestats" /><br />
+<a name="bugnotestats" id="bugnotestats"></a><br />
 
 <?php
 collapse_open( 'bugnotestats' );
diff --git a/bugnote_view_inc.php b/bugnote_view_inc.php
index afc6f74..5900698 100644
--- a/bugnote_view_inc.php
+++ b/bugnote_view_inc.php
@@ -89,7 +89,7 @@ $num_notes = count( $t_bugnotes );
 ?>
 
 <?php # Bugnotes BEGIN ?>
-<a name="bugnotes" id="bugnotes" /><br />
+<a name="bugnotes" id="bugnotes"></a><br />
 
 <?php
 	collapse_open( 'bugnotes' );
diff --git a/history_inc.php b/history_inc.php
index eee86c3..48276d2 100644
--- a/history_inc.php
+++ b/history_inc.php
@@ -52,7 +52,7 @@ if ( !access_has_bug_level( $t_access_level_needed, $f_bug_id ) ) {
 }
 ?>
 
-<a name="history" id="history" /><br />
+<a name="history" id="history"></a><br />
 
 <?php
 	collapse_open( 'history' );
diff --git a/manage_proj_edit_page.php b/manage_proj_edit_page.php
index f2562d8..6cb3d54 100644
--- a/manage_proj_edit_page.php
+++ b/manage_proj_edit_page.php
@@ -344,8 +344,7 @@ if ( access_has_global_level ( config_get( 'delete_project_threshold' ) ) ) { ?>
 <br />
 
 <!-- PROJECT CATEGORIES -->
-<a name="categories" />
-<div align="center">
+<div align="center" id="categories">
 <table class="width75" cellspacing="1">
 
 <!-- Title -->
@@ -448,8 +447,7 @@ if ( access_has_global_level ( config_get( 'delete_project_threshold' ) ) ) { ?>
 ?>
 
 <!-- PROJECT VERSIONS -->
-<a name="versions" />
-<table class="width75" cellspacing="1">
+<table id="versions" class="width75" cellspacing="1">
 
 <!-- Title -->
 <tr>
@@ -564,8 +562,6 @@ if ( access_has_global_level ( config_get( 'delete_project_threshold' ) ) ) { ?>
 ?>
 
 <!-- PROJECT CUSTOM FIELD -->
-<a name="customfields" />
-
 <?php
 # You need either global permissions or project-specific permissions to link
 #  custom fields
@@ -573,7 +569,7 @@ if ( access_has_project_level( config_get( 'custom_field_link_threshold' ), $f_p
 	( count( custom_field_get_ids() ) > 0 ) ) {
 ?>
 	<br />
-	<div align="center">
+	<div id="customfields" align="center">
 	<table class="width75" cellspacing="1">
 	<tr>
 		<td class="form-title" colspan="3">
diff --git a/manage_proj_page.php b/manage_proj_page.php
index cf53dc7..bbc10c7 100644
--- a/manage_proj_page.php
+++ b/manage_proj_page.php
@@ -186,8 +186,7 @@ print_manage_menu( 'manage_proj_page.php' );
 <br/>
 
 <!-- GLOBAL CATEGORIES -->
-<a name="categories" />
-<div align="center">
+<div align="center" id="categories">
 <table class="width75" cellspacing="1">
 
 <!-- Title -->
-- 
1.7.0.2


From 0e887bd9657a820194626e564c6d9b314f8d852a Mon Sep 17 00:00:00 2001
From: Kornel <kornel@aardvarkmedia.co.uk>
Date: Wed, 5 May 2010 12:32:30 +0100
Subject: [PATCH 3/4] Removed hack for Netscape 4

---
 core/html_api.php |    5 -----
 1 files changed, 0 insertions(+), 5 deletions(-)

diff --git a/core/html_api.php b/core/html_api.php
index e793b2c..74ffdae 100644
--- a/core/html_api.php
+++ b/core/html_api.php
@@ -360,11 +360,6 @@ function html_css() {
 		$t_css_rtl_url = config_get( 'css_rtl_include_file' );
 		echo "\t", '<link rel="stylesheet" type="text/css" href="', string_sanitize_url( helper_mantis_url( $t_css_rtl_url ), true ), '" />', "\n";
 	}
-
-	# fix for NS 4.x css
-	echo "\t", '<script type="text/javascript"><!--', "\n";
-	echo "\t\t", 'if(document.layers) {document.write("<style>td{padding:0px;}<\/style>")}', "\n";
-	echo "\t", '// --></script>', "\n";
 }
 
 /**
-- 
1.7.0.2


From 19cd3127b1b7c5f41d07fb4e4ce47833b0c05776 Mon Sep 17 00:00:00 2001
From: Kornel <kornel@aardvarkmedia.co.uk>
Date: Wed, 5 May 2010 12:45:25 +0100
Subject: [PATCH 4/4] Escaped SCRIPT_NAME on billing page.

---
 billing_inc.php |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/billing_inc.php b/billing_inc.php
index b7132b2..c18c291 100644
--- a/billing_inc.php
+++ b/billing_inc.php
@@ -89,7 +89,7 @@ if ( ON == config_get( 'time_tracking_with_billing' ) ) {
 }
 
 ?>
-<form method="post" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>">
+<form method="post" action="<?php echo htmlspecialchars($_SERVER['SCRIPT_NAME']); ?>">
 <?php # CSRF protection not required here - form does not result in modifications ?>
 <input type="hidden" name="id" value="<?php echo isset( $f_bug_id ) ? $f_bug_id : 0 ?>" />
 <table border="0" class="width100" cellspacing="0">
-- 
1.7.0.2


diff --git a/billing_inc.php b/billing_inc.php index 8633304..b7132b2 100644 --- a/billing_inc.php +++ b/billing_inc.php @@ -51,7 +51,7 @@ require_api( 'string_api.php' ); require_api( 'utility_api.php' ); ?> - + '; + echo ' '; collapse_open( 'monitoring' ); ?> diff --git a/bug_view_inc.php b/bug_view_inc.php index 4cda1a9..da35b66 100644 --- a/bug_view_inc.php +++ b/bug_view_inc.php @@ -711,8 +711,8 @@ if ( $t_custom_fields_found ) { # Attachments if ( $tpl_show_attachments ) { - echo '
', lang_get( 'attached_files' ), '
', lang_get( 'attached_files' ), '	'; print_bug_attachments_list( $tpl_bug_id ); echo '