fix: </textarea> closing tag bug

- escape the value in php templates
- clean edittab template by the way @vincent-peugnet, you should never
  use echo in a template

Fixes #112

1 files changed, 14 insertions, 15 deletions

diff --git a/app/view/templates/edittabs.php b/app/view/templates/edittabs.php
index c890677..cc7739f 100644
--- a/app/view/templates/edittabs.php
+++ b/app/view/templates/edittabs.php
@@ -1,25 +1,24 @@
 <div class="tabs">
 
-<?php
-foreach ($tablist as $key => $value) {
-    echo '<div class="tab">';
-    ?>
+<?php foreach ($tablist as $key => $value) { ?>
+<div class="tab">
 
     <input name="interface" type="radio" value="<?= $key ?>" id="tab<?= $key ?>" class="checkboxtab" <?= $key == $opentab ? 'checked' : '' ?> >
 
     <label for="tab<?= $key ?>" <?= empty($templates[$key]) ? '' : 'title="template : '.$templates[$key].'" ' ?> class="<?= empty($templates[$key]) ? '' : 'template' ?> <?= empty($value) ? '' : 'edited' ?>"><?= $key ?> </label>
 
-    <?php
+    <div class="content">
 
-    echo '<div class="content">';
-    if ($key == $opentab) {
-        echo '<textarea name="' . $key . '" id="edit' . $key . '"  autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" autofocus >' . $value . '</textarea>';
-    } else {
-        echo '<textarea name="' . $key . '" id="edit' . $key . '"  autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false">' . $value . '</textarea>';
-    }
-    echo '</div>';
-    echo '</div>';
-}
-?>
+        <textarea name="<?= $key ?>"
+                  id="edit<?= $key ?>"
+                  autocomplete="off"
+                  autocorrect="off"
+                  autocapitalize="off"
+                  spellcheck="false"
+                  <?= $key == $opentab ? 'autofocus' : '' ?>
+        ><?= $this->e($value) ?></textarea>
+    </div>
+</div>
+<?php } ?>
 
 </div>
\ No newline at end of file