Yassine Doghri cd2e1e1dc3 fix(security): add csrf filter + prevent xss attacks by escaping user input
- update CI4 to v4.1.9's stable production package
- update php and js dependencies to latest
2022-03-04 14:36:32 +00:00

131 lines
6.1 KiB

<?= $this->extend('_layout') ?>
<?= $this->section('title') ?>
<?= lang('Episode.all_podcast_episodes') ?>
<?= $this->endSection() ?>
<?= $this->section('pageTitle') ?>
<?= lang('Episode.all_podcast_episodes') ?> (<?= $pager->getDetails()['total'] ?>)
<?= $this->endSection() ?>
<?= $this->section('headerRight') ?>
<Button uri="<?= route_to('episode-create', $podcast->id) ?>" variant="primary" iconLeft="add"><?= lang('Episode.create') ?></Button>
<?= $this->endSection() ?>
<?= $this->section('content') ?>
<p class="mb-4 text-sm italic text-skin-muted">
<?= lang('Common.pageInfo', [
'currentPage' => $pager->getDetails()['currentPage'],
'pageCount' => $pager->getDetails()['pageCount'],
]) ?>
<?= data_table(
'header' => lang('Episode.list.episode'),
'cell' => function ($episode, $podcast) {
return '<div class="flex">' .
'<div class="relative flex-shrink-0 mr-2">' .
'<time class="absolute px-1 text-xs font-semibold text-white rounded bottom-2 right-2 bg-black/50" datetime="PT<?= $episode->audio->duration ?>S">' .
) .
'</time>' .
'<img src="' . $episode->cover->thumbnail_url . '" alt="' . esc($episode->title) . '" class="object-cover w-20 rounded-lg shadow-inner aspect-square" loading="lazy" />' .
'</div>' .
'<a class="overflow-x-hidden text-sm hover:underline" href="' . route_to(
) . '">' .
'<h2 class="inline-flex items-baseline w-full font-semibold leading-none gap-x-1 group">' .
'text-xs font-semibold text-skin-muted !no-underline border px-1 border-gray-500',
) .
'<span class="mr-1 truncate group-hover:underline">' . esc($episode->title) . '</span>' .
'</h2>' .
'<p class="max-w-sm text-xs text-skin-muted line-clamp-2">' . $episode->description . '</p>' .
'</a>' .
'header' => lang('Episode.list.visibility'),
'cell' => function ($episode): string {
return publication_pill(
'header' => lang('Episode.list.comments'),
'cell' => function ($episode): int {
return $episode->comments_count;
'header' => lang('Episode.list.actions'),
'cell' => function ($episode, $podcast) {
return '<button id="more-dropdown-' . $episode->id . '" type="button" class="inline-flex items-center p-1 rounded-full focus:ring-accent" data-dropdown="button" data-dropdown-target="more-dropdown-' . $episode->id . '-menu" aria-haspopup="true" aria-expanded="false">' .
icon('more') .
'</button>' .
'<DropdownMenu id="more-dropdown-' . $episode->id . '-menu" labelledby="more-dropdown-' . $episode->id . '" offsetY="-24" items="' . esc(json_encode([
'type' => 'link',
'title' => lang('Episode.go_to_page'),
'uri' => route_to('episode', esc($podcast->handle), esc($episode->slug)),
'type' => 'link',
'title' => lang('Episode.edit'),
'uri' => route_to('episode-edit', $podcast->id, $episode->id),
'type' => 'link',
'title' => lang('Episode.embed.title'),
'uri' => route_to('embed-add', $podcast->id, $episode->id),
'type' => 'link',
'title' => lang('Person.persons'),
'uri' => route_to('episode-persons-manage', $podcast->id, $episode->id),
'type' => 'link',
'title' => lang('VideoClip.list.title'),
'uri' => route_to('video-clips-list', $episode->podcast->id, $episode->id),
'type' => 'link',
'title' => lang('Soundbite.list.title'),
'uri' => route_to('soundbites-list', $podcast->id, $episode->id),
'type' => 'separator',
'type' => 'link',
'title' => lang('Episode.delete'),
'uri' => route_to('episode-delete', $podcast->id, $episode->id),
'class' => 'font-semibold text-red-600',
])) . '" />';
) ?>
<?= $pager->links() ?>
<?= $this->endSection() ?>