Skip to content

Magento_OfflinePayments: avoid using deprecated escape* methods from … #31695

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 1 commit into from
Closed

Magento_OfflinePayments: avoid using deprecated escape* methods from … #31695

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions app/code/Magento/OfflinePayments/view/adminhtml/templates/form/banktransfer.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,17 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Banktransfer
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$instructions = $block->getInstructions();
?>
<?php if ($instructions): ?>
<?php $methodCode = $block->escapeHtml($block->getMethodCode());?>
<?php $methodCode = $escaper->escapeHtml($block->getMethodCode());?>
<ul class="form-list checkout-agreements" id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<li>
<div class="<?= /* @noEscape */ $methodCode ?>-instructions-content checkout-agreement-item-content">
<?= /* @noEscape */ nl2br($block->escapeHtml($instructions)) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($instructions)) ?>
</div>
</li>
</ul>
Expand Down
5 changes: 3 additions & 2 deletions app/code/Magento/OfflinePayments/view/adminhtml/templates/form/cashondelivery.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,16 +6,17 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Cashondelivery
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$instructions = $block->getInstructions();
?>
<?php if ($instructions): ?>
<?php $methodCode = $block->escapeHtml($block->getMethodCode());?>
<?php $methodCode = $escaper->escapeHtml($block->getMethodCode());?>
<ul class="form-list checkout-agreements" id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<li>
<div class="<?= /* @noEscape */ $methodCode ?>-instructions-content checkout-agreement-item-content">
<?= /* @noEscape */ nl2br($block->escapeHtml($instructions)) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($instructions)) ?>
</div>
</li>
</ul>
Expand Down
13 changes: 7 additions & 6 deletions app/code/Magento/OfflinePayments/view/adminhtml/templates/form/checkmo.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,24 +6,25 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Checkmo
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
?>
<fieldset class="admin__fieldset payment-method" id="payment_form_<?= $block->escapeHtml($block->getMethodCode()) ?>" >
<fieldset class="admin__fieldset payment-method" id="payment_form_<?= $escaper->escapeHtml($block->getMethodCode()) ?>" >
<?php if ($block->getMethod()->getPayableTo()): ?>
<label class="label"><span><?= $block->escapeHtml(__('Make Check payable to:')) ?></span></label>
<?= $block->escapeHtml($block->getMethod()->getPayableTo()) ?>
<label class="label"><span><?= $escaper->escapeHtml(__('Make Check payable to:')) ?></span></label>
<?= $escaper->escapeHtml($block->getMethod()->getPayableTo()) ?>
<?php endif; ?>
<?php if ($block->getMethod()->getMailingAddress()): ?>
<div class="admin__field">
<label class="admin__field-label"><span><?= $block->escapeHtml(__('Send Check to:')) ?></span></label>
<label class="admin__field-label"><span><?= $escaper->escapeHtml(__('Send Check to:')) ?></span></label>
<div class="admin__field-control checkmo-mailing-address">
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMethod()->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMethod()->getMailingAddress())) ?>
</div>
</div>
<?php endif; ?>
</fieldset>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
'fieldset#payment_form_' . $block->escapeJs($block->getMethodCode())
'fieldset#payment_form_' . $escaper->escapeJs($block->getMethodCode())
) ?>
9 changes: 5 additions & 4 deletions app/code/Magento/OfflinePayments/view/adminhtml/templates/form/purchaseorder.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,23 +6,24 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
?>
<fieldset class="admin__fieldset payment-method" id="payment_form_<?= $block->escapeHtml($block->getMethodCode()) ?>">
<fieldset class="admin__fieldset payment-method" id="payment_form_<?= $escaper->escapeHtml($block->getMethodCode()) ?>">
<div class="admin__field _required">
<label for="po_number" class="admin__field-label">
<span><?= $block->escapeHtml(__('Purchase Order Number')) ?></span>
<span><?= $escaper->escapeHtml(__('Purchase Order Number')) ?></span>
</label>
<div class="admin__field-control">
<input type="text" id="po_number" name="payment[po_number]"
title="<?= $block->escapeHtml(__("Purchase Order Number")) ?>"
title="<?= $escaper->escapeHtml(__("Purchase Order Number")) ?>"
class="required-entry admin__control-text"
value="<?= /* @noEscape */ $block->getInfoData('po_number') ?>"/>
</div>
</div>
</fieldset>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
'fieldset#payment_form_' . $block->escapeJs($block->getMethodCode())
'fieldset#payment_form_' . $escaper->escapeJs($block->getMethodCode())
) ?>
9 changes: 5 additions & 4 deletions app/code/Magento/OfflinePayments/view/adminhtml/templates/info/checkmo.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,18 +6,19 @@

/**
* @var $block \Magento\OfflinePayments\Block\Info\Checkmo
* @var \Magento\Framework\Escaper $escaper
*/
$paymentTitle = $block->getMethod()->getConfigData('title', $block->getInfo()->getOrder()->getStoreId());
?>
<?= $block->escapeHtml($paymentTitle) ?>
<?= $escaper->escapeHtml($paymentTitle) ?>
<?php if ($block->getInfo()->getAdditionalInformation()) : ?>
<?php if ($block->getPayableTo()) : ?>
<br /><?= $block->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
<br /><?= $escaper->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
<?php endif; ?>
<?php if ($block->getMailingAddress()) : ?>
<label><?= $block->escapeHtml(__('Send Check to:')) ?></label>
<label><?= $escaper->escapeHtml(__('Send Check to:')) ?></label>
<div class="checkmo-mailing-address">
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMailingAddress())) ?>
</div>
<?php endif; ?>
<?php endif; ?>
9 changes: 5 additions & 4 deletions app/code/Magento/OfflinePayments/view/adminhtml/templates/info/pdf/checkmo.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,22 @@

/**
* @var $block \Magento\OfflinePayments\Block\Info\Checkmo
* @var \Magento\Framework\Escaper $escaper
*/
$paymentTitle = $block->getMethod()->getConfigData('title', $block->getInfo()->getOrder()->getStoreId());
?>
<?= $block->escapeHtml($paymentTitle) ?>
<?= $escaper->escapeHtml($paymentTitle) ?>
{{pdf_row_separator}}
<?php if ($block->getInfo()->getAdditionalInformation()) : ?>
{{pdf_row_separator}}
<?php if ($block->getPayableTo()) : ?>
<?= $block->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
<?= $escaper->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
{{pdf_row_separator}}
<?php endif; ?>
<?php if ($block->getMailingAddress()) : ?>
<?= $block->escapeHtml(__('Send Check to:')) ?>
<?= $escaper->escapeHtml(__('Send Check to:')) ?>
{{pdf_row_separator}}
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMailingAddress())) ?>
{{pdf_row_separator}}
<?php endif; ?>
<?php endif; ?>
3 changes: 2 additions & 1 deletion app/code/Magento/OfflinePayments/view/adminhtml/templates/info/pdf/purchaseorder.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@
*/
/**
* @var $block \Magento\OfflinePayments\Block\Info\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
*/
?>
<?= $block->escapeHtml(__('Purchase Order Number: %1', $block->getInfo()->getPoNumber())) ?>
<?= $escaper->escapeHtml(__('Purchase Order Number: %1', $block->getInfo()->getPoNumber())) ?>
{{pdf_row_separator}}
7 changes: 4 additions & 3 deletions app/code/Magento/OfflinePayments/view/adminhtml/templates/info/purchaseorder.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,14 @@
*/
/**
* @var $block \Magento\OfflinePayments\Block\Info\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
*/
$paymentTitle = $block->getMethod()->getConfigData('title', $block->getInfo()->getOrder()->getStoreId());
?>
<div class="order-payment-method-name"><?= $block->escapeHtml($paymentTitle) ?></div>
<div class="order-payment-method-name"><?= $escaper->escapeHtml($paymentTitle) ?></div>
<table class="data-table admin__table-secondary">
<tr>
<th><?= $block->escapeHtml(__('Purchase Order Number')) ?>:</th>
<td><?= $block->escapeHtml($block->getInfo()->getPoNumber()) ?></td>
<th><?= $escaper->escapeHtml(__('Purchase Order Number')) ?>:</th>
<td><?= $escaper->escapeHtml($block->getInfo()->getPoNumber()) ?></td>
</tr>
</table>
9 changes: 5 additions & 4 deletions app/code/Magento/OfflinePayments/view/base/templates/info/pdf/checkmo.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,20 +6,21 @@

/**
* @var $block \Magento\OfflinePayments\Block\Info\Checkmo
* @var \Magento\Framework\Escaper $escaper
*/
?>
<?= $block->escapeHtml($block->getMethod()->getTitle()) ?>
<?= $escaper->escapeHtml($block->getMethod()->getTitle()) ?>
{{pdf_row_separator}}
<?php if ($block->getInfo()->getAdditionalInformation()) : ?>
{{pdf_row_separator}}
<?php if ($block->getPayableTo()) : ?>
<?= $block->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
<?= $escaper->escapeHtml(__('Make Check payable to: %1', $block->getPayableTo())) ?>
{{pdf_row_separator}}
<?php endif; ?>
<?php if ($block->getMailingAddress()) : ?>
<?= $block->escapeHtml(__('Send Check to:')) ?>
<?= $escaper->escapeHtml(__('Send Check to:')) ?>
{{pdf_row_separator}}
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMailingAddress())) ?>
{{pdf_row_separator}}
<?php endif; ?>
<?php endif; ?>
3 changes: 2 additions & 1 deletion app/code/Magento/OfflinePayments/view/base/templates/info/pdf/purchaseorder.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@
*/
/**
* @var $block \Magento\OfflinePayments\Block\Info\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
*/
?>
<?= $block->escapeHtml(__('Purchase Order Number: %1', $block->getInfo()->getPoNumber())) ?>
<?= $escaper->escapeHtml(__('Purchase Order Number: %1', $block->getInfo()->getPoNumber())) ?>
{{pdf_row_separator}}
5 changes: 3 additions & 2 deletions app/code/Magento/OfflinePayments/view/frontend/templates/form/banktransfer.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,16 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Banktransfer
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$instructions = $block->getInstructions();
?>
<?php if ($instructions): ?>
<?php $methodCode = $block->escapeHtml($block->getMethodCode());?>
<?php $methodCode = $escaper->escapeHtml($block->getMethodCode());?>
<div class="items <?= /* @noEscape */ $methodCode ?> instructions agreement checkout-agreement-item-content"
id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<?= /* @noEscape */ nl2br($block->escapeHtml($instructions)) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($instructions)) ?>
</div>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
Expand Down
5 changes: 3 additions & 2 deletions app/code/Magento/OfflinePayments/view/frontend/templates/form/cashondelivery.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,15 +6,16 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Cashondelivery
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$instructions = $block->getInstructions();
?>
<?php if ($instructions): ?>
<?php $methodCode = $block->escapeHtml($block->getMethodCode());?>
<?php $methodCode = $escaper->escapeHtml($block->getMethodCode());?>
<div class="items <?= /* @noEscape */ $methodCode ?> instructions agreement"
id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<?= /* @noEscape */ nl2br($block->escapeHtml($instructions)) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($instructions)) ?>
</div>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
Expand Down
13 changes: 7 additions & 6 deletions app/code/Magento/OfflinePayments/view/frontend/templates/form/checkmo.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,26 +6,27 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Checkmo
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
?>
<?php if ($block->getMethod()->getMailingAddress() || $block->getMethod()->getPayableTo()): ?>
<dl class="items check payable" id="payment_form_<?= $block->escapeHtml($block->getMethodCode()) ?>">
<dl class="items check payable" id="payment_form_<?= $escaper->escapeHtml($block->getMethodCode()) ?>">
<?php if ($block->getMethod()->getPayableTo()): ?>
<dt class="title"><?= $block->escapeHtml(__('Make Check payable to:')) ?></dt>
<dd class="content"><?= $block->escapeHtml($block->getMethod()->getPayableTo()) ?></dd>
<dt class="title"><?= $escaper->escapeHtml(__('Make Check payable to:')) ?></dt>
<dd class="content"><?= $escaper->escapeHtml($block->getMethod()->getPayableTo()) ?></dd>
<?php endif; ?>
<?php if ($block->getMethod()->getMailingAddress()): ?>
<dt class="title"><?= $block->escapeHtml(__('Send Check to:')) ?></dt>
<dt class="title"><?= $escaper->escapeHtml(__('Send Check to:')) ?></dt>
<dd class="content">
<address class="checkmo mailing address">
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMethod()->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMethod()->getMailingAddress())) ?>
</address>
</dd>
<?php endif; ?>
</dl>
<?= /* @noEscape */ $secureRenderer->renderStyleAsTag(
"display:none",
'dl#payment_form_' . $block->escapeJs($block->getMethodCode())
'dl#payment_form_' . $escaper->escapeJs($block->getMethodCode())
) ?>
<?php endif; ?>
9 changes: 5 additions & 4 deletions app/code/Magento/OfflinePayments/view/frontend/templates/form/purchaseorder.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,20 @@

/**
* @var $block \Magento\OfflinePayments\Block\Form\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
* @var \Magento\Framework\View\Helper\SecureHtmlRenderer $secureRenderer
*/
$methodCode = $block->escapeHtml($block->getMethodCode());
$methodCode = $escaper->escapeHtml($block->getMethodCode());
?>
<fieldset class="fieldset items <?= /* @noEscape */ $methodCode ?>"
id="payment_form_<?= /* @noEscape */ $methodCode ?>">
<div class="field number required">
<label for="po_number" class="label"><span><?= $block->escapeHtml(__('Purchase Order Number')) ?></span></label>
<label for="po_number" class="label"><span><?= $escaper->escapeHtml(__('Purchase Order Number')) ?></span></label>
<div class="control">
<input type="text" id="po_number" name="payment[po_number]"
title="<?= $block->escapeHtml(__('Purchase Order Number')) ?>"
title="<?= $escaper->escapeHtml(__('Purchase Order Number')) ?>"
class="input-text required-entry"
value="<?= $block->escapeHtml($block->getInfoData('po_number')) ?>" />
value="<?= $escaper->escapeHtml($block->getInfoData('po_number')) ?>" />
</div>
</div>
</fieldset>
Expand Down
11 changes: 6 additions & 5 deletions app/code/Magento/OfflinePayments/view/frontend/templates/info/checkmo.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,22 +6,23 @@

/**
* @var $block \Magento\OfflinePayments\Block\Info\Checkmo
* @var \Magento\Framework\Escaper $escaper
*/
?>
<dl class="payment-method checkmemo">
<dt class="title"><?= $block->escapeHtml($block->getMethod()->getTitle()) ?></dt>
<dt class="title"><?= $escaper->escapeHtml($block->getMethod()->getTitle()) ?></dt>
<?php if ($block->getInfo()->getAdditionalInformation()) : ?>
<?php if ($block->getPayableTo()) : ?>
<dd class="content">
<strong><?= $block->escapeHtml(__('Make Check payable to')) ?></strong>
<?= $block->escapeHtml($block->getPayableTo()) ?>
<strong><?= $escaper->escapeHtml(__('Make Check payable to')) ?></strong>
<?= $escaper->escapeHtml($block->getPayableTo()) ?>
</dd>
<?php endif; ?>
<?php if ($block->getMailingAddress()) : ?>
<dd class="content">
<strong><?= $block->escapeHtml(__('Send Check to')) ?></strong>
<strong><?= $escaper->escapeHtml(__('Send Check to')) ?></strong>
<address class="checkmo mailing address">
<?= /* @noEscape */ nl2br($block->escapeHtml($block->getMailingAddress())) ?>
<?= /* @noEscape */ nl2br($escaper->escapeHtml($block->getMailingAddress())) ?>
</address>
</dd>
<?php endif; ?>
Expand Down
7 changes: 4 additions & 3 deletions app/code/Magento/OfflinePayments/view/frontend/templates/info/purchaseorder.phtml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,13 @@
*/
/**
* @var $block \Magento\OfflinePayments\Block\Info\Purchaseorder
* @var \Magento\Framework\Escaper $escaper
*/
?>
<dl class="payment-method purchase order">
<dt class="title"><?= $block->escapeHtml($block->getMethod()->getTitle()) ?></dt>
<dt class="title"><?= $escaper->escapeHtml($block->getMethod()->getTitle()) ?></dt>
<dd class="content">
<strong><?= $block->escapeHtml(__('Purchase Order Number')) ?></strong>
<span class="number"><?= $block->escapeHtml($block->getInfo()->getPoNumber()) ?></span>
<strong><?= $escaper->escapeHtml(__('Purchase Order Number')) ?></strong>
<span class="number"><?= $escaper->escapeHtml($block->getInfo()->getPoNumber()) ?></span>
</dd>
</dl>