# HG changeset patch # User Wuzzy # Date 1556220316 -7200 # Node ID 5443e5e0faa36bc18a8cf8560974d3c1fc8157bf # Parent b9437746bffbfe9603dc5ab64346b4db893fb71c Escape HTML chars in stats screen diff -r b9437746bffb -r 5443e5e0faa3 QTfrontend/ui/page/pagegamestats.cpp --- a/QTfrontend/ui/page/pagegamestats.cpp Thu Apr 25 21:24:27 2019 +0200 +++ b/QTfrontend/ui/page/pagegamestats.cpp Thu Apr 25 21:25:16 2019 +0200 @@ -58,7 +58,7 @@ labelGameStats = new QLabel(this); QLabel * l = new QLabel(this); l->setTextFormat(Qt::RichText); - l->setText("

" + PageGameStats::tr("Details") + "

"); + l->setText("

" + PageGameStats::tr("Details").toHtmlEscaped() + "

"); l->setSizePolicy(QSizePolicy::Fixed, QSizePolicy::Fixed); labelGameStats->setTextFormat(Qt::RichText); labelGameStats->setAlignment(Qt::AlignTop); @@ -73,7 +73,7 @@ graphic->setObjectName("gameStatsView"); labelGraphTitle = new QLabel(this); labelGraphTitle->setTextFormat(Qt::RichText); - labelGraphTitle->setText("

" + PageGameStats::tr("Health graph") + "

"); + labelGraphTitle->setText("

" + PageGameStats::tr("Health graph").toHtmlEscaped() + "

"); labelGraphTitle->setSizePolicy(QSizePolicy::Fixed, QSizePolicy::Fixed); gbl->addWidget(labelGraphTitle); gbl->addWidget(graphic); @@ -91,7 +91,7 @@ labelGameRank = new QLabel(gb); l = new QLabel(this); l->setTextFormat(Qt::RichText); - l->setText("

" + PageGameStats::tr("Ranking") + "

"); + l->setText("

" + PageGameStats::tr("Ranking").toHtmlEscaped() + "

"); l->setSizePolicy(QSizePolicy::Fixed, QSizePolicy::Fixed); gbl->addWidget(l); gbl->addWidget(labelGameRank); @@ -164,7 +164,7 @@ void PageGameStats::renderStats() { if(defaultGraphTitle) { - labelGraphTitle->setText("

" + PageGameStats::tr("Health graph") + "

"); + labelGraphTitle->setText("

" + PageGameStats::tr("Health graph").toHtmlEscaped() + "

"); } else { defaultGraphTitle = true; } @@ -271,14 +271,14 @@ { case 'r' : { - labelGameWin->setText(QString("

%1

").arg(info)); + labelGameWin->setText(QString("

%1

").arg(info.toHtmlEscaped())); break; } case 'D' : { int i = info.indexOf(' '); int num = info.left(i).toInt(); - QString message = "

" + PageGameStats::tr("The best shot award was won by %1 with %2 pts.", "", num).arg(info.mid(i + 1), info.left(i)) + "

"; + QString message = "

" + PageGameStats::tr("The best shot award was won by %1 with %2 pts.", "", num).arg(info.mid(i + 1).toHtmlEscaped(), info.left(i)) + "

"; AddStatText(message); break; } @@ -286,7 +286,7 @@ { int i = info.indexOf(' '); int num = info.left(i).toInt(); - QString message = "

" + PageGameStats::tr("The best killer is %1 with %2 kills in a turn.", "", num).arg(info.mid(i + 1), info.left(i)) + "

"; + QString message = "

" + PageGameStats::tr("The best killer is %1 with %2 kills in a turn.", "", num).arg(info.mid(i + 1).toHtmlEscaped(), info.left(i)) + "

"; AddStatText(message); break; } @@ -309,7 +309,7 @@ { // TODO: change default picture or add change pic capability defaultGraphTitle = false; - labelGraphTitle->setText("

" + info + "

"); + labelGraphTitle->setText("

" + info.toHtmlEscaped() + "

"); break; } case 'T': // local team stats @@ -391,7 +391,7 @@ } kindOfPoints = QString(""); - message = QString("

%1 %2. %3 ").arg(image, QString::number(realPlayerPosition), playername, clanColor.name()) + killstring + "

"; + message = QString("

%1 %2. %3 ").arg(image, QString::number(realPlayerPosition), playername.toHtmlEscaped(), clanColor.name().toHtmlEscaped()) + killstring.toHtmlEscaped() + "

"; labelGameRank->setText(labelGameRank->text() + message); scriptPlayerPosition = 0; @@ -401,7 +401,7 @@ { int i = info.indexOf(' '); int num = info.left(i).toInt(); - QString message = "

" + PageGameStats::tr("%1 thought it's good to shoot their own hedgehogs for %2 pts.", "", num).arg(info.mid(i + 1)).arg(num) + "

"; + QString message = "

" + PageGameStats::tr("%1 thought it's good to shoot their own hedgehogs for %2 pts.", "", num).arg(info.mid(i + 1).toHtmlEscaped()).arg(num) + "

"; AddStatText(message); break; } @@ -409,7 +409,7 @@ { int i = info.indexOf(' '); int num = info.left(i).toInt(); - QString message = "

" + PageGameStats::tr("%1 killed %2 of their own hedgehogs.", "", num).arg(info.mid(i + 1)).arg(num) + "

"; + QString message = "

" + PageGameStats::tr("%1 killed %2 of their own hedgehogs.", "", num).arg(info.mid(i + 1).toHtmlEscaped()).arg(num) + "

"; AddStatText(message); break; } @@ -417,13 +417,13 @@ { int i = info.indexOf(' '); int num = info.left(i).toInt(); - QString message = "

" + PageGameStats::tr("%1 was scared and skipped turn %2 times.", "", num).arg(info.mid(i + 1)).arg(num) + "

"; + QString message = "

" + PageGameStats::tr("%1 was scared and skipped turn %2 times.", "", num).arg(info.mid(i + 1).toHtmlEscaped()).arg(num) + "

"; AddStatText(message); break; } case 'c' : { - QString message = "

"+info+"

"; + QString message = "

"+info.toHtmlEscaped()+"

"; AddStatText(message); break; } @@ -434,7 +434,7 @@ } case 'h' : { - QString message = "

" + PageGameStats::tr("With everyone having the same clan color, there was no reason to fight. And so the hedgehogs happily lived in peace ever after.") + "

"; + QString message = "

" + PageGameStats::tr("With everyone having the same clan color, there was no reason to fight. And so the hedgehogs happily lived in peace ever after.").toHtmlEscaped() + "

"; AddStatText(message); break; }