Skip to content

Magento_OfflinePayments: avoid using deprecated escape* methods from … #31695

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,17 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Banktransfer
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$instructions = $block->getInstructions();
?>
<?php if ($instructions): ?>
<?php $methodCode = $block->escapeHtml($block->getMethodCode());?>
<?php $methodCode = $escaper->escapeHtml($block->getMethodCode());?>
<ul class="form-list checkout-agreements" id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<li>
<div class="<?= /* @noEscape */ $methodCode ?>-instructions-content checkout-agreement-item-content">
<?= /* @noEscape */ nl2br($block->escapeHtml($instructions)) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($instructions)) ?>
</div>
</li>
</ul>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,17 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Cashondelivery
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$instructions = $block->getInstructions();
?>
<?php if ($instructions): ?>
<?php $methodCode = $block->escapeHtml($block->getMethodCode());?>
<?php $methodCode = $escaper->escapeHtml($block->getMethodCode());?>
<ul class="form-list checkout-agreements" id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<li>
<div class="<?= /* @noEscape */ $methodCode ?>-instructions-content checkout-agreement-item-content">
<?= /* @noEscape */ nl2br($block->escapeHtml($instructions)) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($instructions)) ?>
</div>
</li>
</ul>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,24 +6,25 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Checkmo
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
?>
<fieldset class="admin__fieldset payment-method" id="payment_form_<?= $block->escapeHtml($block->getMethodCode()) ?>" >
<fieldset class="admin__fieldset payment-method" id="payment_form_<?= $escaper->escapeHtml($block->getMethodCode()) ?>" >
<?php if ($block->getMethod()->getPayableTo()): ?>
<label class="label"><span><?= $block->escapeHtml(__('Make Check payable to:')) ?></span></label>
<?= $block->escapeHtml($block->getMethod()->getPayableTo()) ?>
<label class="label"><span><?= $escaper->escapeHtml(__('Make Check payable to:')) ?></span></label>
<?= $escaper->escapeHtml($block->getMethod()->getPayableTo()) ?>
<?php endif; ?>
<?php if ($block->getMethod()->getMailingAddress()): ?>
<div class="admin__field">
<label class="admin__field-label"><span><?= $block->escapeHtml(__('Send Check to:')) ?></span></label>
<label class="admin__field-label"><span><?= $escaper->escapeHtml(__('Send Check to:')) ?></span></label>
<div class="admin__field-control checkmo-mailing-address">
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMethod()->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMethod()->getMailingAddress())) ?>
</div>
</div>
<?php endif; ?>
</fieldset>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
'fieldset#payment_form_' . $block->escapeJs($block->getMethodCode())
'fieldset#payment_form_' . $escaper->escapeJs($block->getMethodCode())
) ?>
Original file line number Diff line number Diff line change
Expand Up @@ -6,23 +6,24 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
?>
<fieldset class="admin__fieldset payment-method" id="payment_form_<?= $block->escapeHtml($block->getMethodCode()) ?>">
<fieldset class="admin__fieldset payment-method" id="payment_form_<?= $escaper->escapeHtml($block->getMethodCode()) ?>">
<div class="admin__field _required">
<label for="po_number" class="admin__field-label">
<span><?= $block->escapeHtml(__('Purchase Order Number')) ?></span>
<span><?= $escaper->escapeHtml(__('Purchase Order Number')) ?></span>
</label>
<div class="admin__field-control">
<input type="text" id="po_number" name="payment[po_number]"
title="<?= $block->escapeHtml(__("Purchase Order Number")) ?>"
title="<?= $escaper->escapeHtml(__("Purchase Order Number")) ?>"
class="required-entry admin__control-text"
value="<?= /* @noEscape */ $block->getInfoData('po_number') ?>"/>
</div>
</div>
</fieldset>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
'fieldset#payment_form_' . $block->escapeJs($block->getMethodCode())
'fieldset#payment_form_' . $escaper->escapeJs($block->getMethodCode())
) ?>
Original file line number Diff line number Diff line change
Expand Up @@ -6,18 +6,19 @@

/**
* @var $block \Magento\OfflinePayments\Block\Info\Checkmo
* @var \Magento\Framework\Escaper $escaper
*/
$paymentTitle = $block->getMethod()->getConfigData('title', $block->getInfo()->getOrder()->getStoreId());
?>
<?= $block->escapeHtml($paymentTitle) ?>
<?= $escaper->escapeHtml($paymentTitle) ?>
<?php if ($block->getInfo()->getAdditionalInformation()) : ?>
<?php if ($block->getPayableTo()) : ?>
<br /><?= $block->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
<br /><?= $escaper->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
<?php endif; ?>
<?php if ($block->getMailingAddress()) : ?>
<label><?= $block->escapeHtml(__('Send Check to:')) ?></label>
<label><?= $escaper->escapeHtml(__('Send Check to:')) ?></label>
<div class="checkmo-mailing-address">
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMailingAddress())) ?>
</div>
<?php endif; ?>
<?php endif; ?>
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,22 @@

/**
* @var $block \Magento\OfflinePayments\Block\Info\Checkmo
* @var \Magento\Framework\Escaper $escaper
*/
$paymentTitle = $block->getMethod()->getConfigData('title', $block->getInfo()->getOrder()->getStoreId());
?>
<?= $block->escapeHtml($paymentTitle) ?>
<?= $escaper->escapeHtml($paymentTitle) ?>
{{pdf_row_separator}}
<?php if ($block->getInfo()->getAdditionalInformation()) : ?>
{{pdf_row_separator}}
<?php if ($block->getPayableTo()) : ?>
<?= $block->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
<?= $escaper->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
{{pdf_row_separator}}
<?php endif; ?>
<?php if ($block->getMailingAddress()) : ?>
<?= $block->escapeHtml(__('Send Check to:')) ?>
<?= $escaper->escapeHtml(__('Send Check to:')) ?>
{{pdf_row_separator}}
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMailingAddress())) ?>
{{pdf_row_separator}}
<?php endif; ?>
<?php endif; ?>
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@
*/
/**
* @var $block \Magento\OfflinePayments\Block\Info\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
*/
?>
<?= $block->escapeHtml(__('Purchase Order Number: %1', $block->getInfo()->getPoNumber())) ?>
<?= $escaper->escapeHtml(__('Purchase Order Number: %1', $block->getInfo()->getPoNumber())) ?>
{{pdf_row_separator}}
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,14 @@
*/
/**
* @var $block \Magento\OfflinePayments\Block\Info\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
*/
$paymentTitle = $block->getMethod()->getConfigData('title', $block->getInfo()->getOrder()->getStoreId());
?>
<div class="order-payment-method-name"><?= $block->escapeHtml($paymentTitle) ?></div>
<div class="order-payment-method-name"><?= $escaper->escapeHtml($paymentTitle) ?></div>
<table class="data-table admin__table-secondary">
<tr>
<th><?= $block->escapeHtml(__('Purchase Order Number')) ?>:</th>
<td><?= $block->escapeHtml($block->getInfo()->getPoNumber()) ?></td>
<th><?= $escaper->escapeHtml(__('Purchase Order Number')) ?>:</th>
<td><?= $escaper->escapeHtml($block->getInfo()->getPoNumber()) ?></td>
</tr>
</table>
Original file line number Diff line number Diff line change
Expand Up @@ -6,20 +6,21 @@

/**
* @var $block \Magento\OfflinePayments\Block\Info\Checkmo
* @var \Magento\Framework\Escaper $escaper
*/
?>
<?= $block->escapeHtml($block->getMethod()->getTitle()) ?>
<?= $escaper->escapeHtml($block->getMethod()->getTitle()) ?>
{{pdf_row_separator}}
<?php if ($block->getInfo()->getAdditionalInformation()) : ?>
{{pdf_row_separator}}
<?php if ($block->getPayableTo()) : ?>
<?= $block->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
<?= $escaper->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
{{pdf_row_separator}}
<?php endif; ?>
<?php if ($block->getMailingAddress()) : ?>
<?= $block->escapeHtml(__('Send Check to:')) ?>
<?= $escaper->escapeHtml(__('Send Check to:')) ?>
{{pdf_row_separator}}
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMailingAddress())) ?>
{{pdf_row_separator}}
<?php endif; ?>
<?php endif; ?>
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@
*/
/**
* @var $block \Magento\OfflinePayments\Block\Info\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
*/
?>
<?= $block->escapeHtml(__('Purchase Order Number: %1', $block->getInfo()->getPoNumber())) ?>
<?= $escaper->escapeHtml(__('Purchase Order Number: %1', $block->getInfo()->getPoNumber())) ?>
{{pdf_row_separator}}
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,16 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Banktransfer
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$instructions = $block->getInstructions();
?>
<?php if ($instructions): ?>
<?php $methodCode = $block->escapeHtml($block->getMethodCode());?>
<?php $methodCode = $escaper->escapeHtml($block->getMethodCode());?>
<div class="items <?= /* @noEscape */ $methodCode ?> instructions agreement checkout-agreement-item-content"
id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<?= /* @noEscape */ nl2br($block->escapeHtml($instructions)) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($instructions)) ?>
</div>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,16 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Cashondelivery
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$instructions = $block->getInstructions();
?>
<?php if ($instructions): ?>
<?php $methodCode = $block->escapeHtml($block->getMethodCode());?>
<?php $methodCode = $escaper->escapeHtml($block->getMethodCode());?>
<div class="items <?= /* @noEscape */ $methodCode ?> instructions agreement"
id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<?= /* @noEscape */ nl2br($block->escapeHtml($instructions)) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($instructions)) ?>
</div>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,26 +6,27 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Checkmo
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
?>
<?php if ($block->getMethod()->getMailingAddress() || $block->getMethod()->getPayableTo()): ?>
<dl class="items check payable" id="payment_form_<?= $block->escapeHtml($block->getMethodCode()) ?>">
<dl class="items check payable" id="payment_form_<?= $escaper->escapeHtml($block->getMethodCode()) ?>">
<?php if ($block->getMethod()->getPayableTo()): ?>
<dt class="title"><?= $block->escapeHtml(__('Make Check payable to:')) ?></dt>
<dd class="content"><?= $block->escapeHtml($block->getMethod()->getPayableTo()) ?></dd>
<dt class="title"><?= $escaper->escapeHtml(__('Make Check payable to:')) ?></dt>
<dd class="content"><?= $escaper->escapeHtml($block->getMethod()->getPayableTo()) ?></dd>
<?php endif; ?>
<?php if ($block->getMethod()->getMailingAddress()): ?>
<dt class="title"><?= $block->escapeHtml(__('Send Check to:')) ?></dt>
<dt class="title"><?= $escaper->escapeHtml(__('Send Check to:')) ?></dt>
<dd class="content">
<address class="checkmo mailing address">
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMethod()->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMethod()->getMailingAddress())) ?>
</address>
</dd>
<?php endif; ?>
</dl>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
'dl#payment_form_' . $block->escapeJs($block->getMethodCode())
'dl#payment_form_' . $escaper->escapeJs($block->getMethodCode())
) ?>
<?php endif; ?>
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,20 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$methodCode = $block->escapeHtml($block->getMethodCode());
$methodCode = $escaper->escapeHtml($block->getMethodCode());
?>
<fieldset class="fieldset items <?= /* @noEscape */ $methodCode ?>"
id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<div class="field number required">
<label for="po_number" class="label"><span><?= $block->escapeHtml(__('Purchase Order Number')) ?></span></label>
<label for="po_number" class="label"><span><?= $escaper->escapeHtml(__('Purchase Order Number')) ?></span></label>
<div class="control">
<input type="text" id="po_number" name="payment[po_number]"
title="<?= $block->escapeHtml(__('Purchase Order Number')) ?>"
title="<?= $escaper->escapeHtml(__('Purchase Order Number')) ?>"
class="input-text required-entry"
value="<?= $block->escapeHtml($block->getInfoData('po_number')) ?>" />
value="<?= $escaper->escapeHtml($block->getInfoData('po_number')) ?>" />
</div>
</div>
</fieldset>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -6,22 +6,23 @@

/**
* @var $block \Magento\OfflinePayments\Block\Info\Checkmo
* @var \Magento\Framework\Escaper $escaper
*/
?>
<dl class="payment-method checkmemo">
<dt class="title"><?= $block->escapeHtml($block->getMethod()->getTitle()) ?></dt>
<dt class="title"><?= $escaper->escapeHtml($block->getMethod()->getTitle()) ?></dt>
<?php if ($block->getInfo()->getAdditionalInformation()) : ?>
<?php if ($block->getPayableTo()) : ?>
<dd class="content">
<strong><?= $block->escapeHtml(__('Make Check payable to')) ?></strong>
<?= $block->escapeHtml($block->getPayableTo()) ?>
<strong><?= $escaper->escapeHtml(__('Make Check payable to')) ?></strong>
<?= $escaper->escapeHtml($block->getPayableTo()) ?>
</dd>
<?php endif; ?>
<?php if ($block->getMailingAddress()) : ?>
<dd class="content">
<strong><?= $block->escapeHtml(__('Send Check to')) ?></strong>
<strong><?= $escaper->escapeHtml(__('Send Check to')) ?></strong>
<address class="checkmo mailing address">
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMailingAddress())) ?>
</address>
</dd>
<?php endif; ?>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,13 @@
*/
/**
* @var $block \Magento\OfflinePayments\Block\Info\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
*/
?>
<dl class="payment-method purchase order">
<dt class="title"><?= $block->escapeHtml($block->getMethod()->getTitle()) ?></dt>
<dt class="title"><?= $escaper->escapeHtml($block->getMethod()->getTitle()) ?></dt>
<dd class="content">
<strong><?= $block->escapeHtml(__('Purchase Order Number')) ?></strong>
<span class="number"><?= $block->escapeHtml($block->getInfo()->getPoNumber()) ?></span>
<strong><?= $escaper->escapeHtml(__('Purchase Order Number')) ?></strong>
<span class="number"><?= $escaper->escapeHtml($block->getInfo()->getPoNumber()) ?></span>
</dd>
</dl>