XSS exploit prevention

- Calendar - Show Contents
- Playlist tooltip in Library page
- Adding track to a show
- Widgets
- Playlist/Webstream title and description
- Smart block expansion

airtime_mvc/application/views/scripts/playlist/smart-block.phtml

@@ -39,7 +39,7 @@ if (isset($this->obj)) {
             <a id="playlist_name_display" contenteditable="true">
             <?php
                 if (isset($this->unsavedName)) echo $this->unsavedName;
-                else echo $this->obj->getName();
+                else echo $this->escape($this->obj->getName());
             ?>
             </a>
         </h3>

airtime_mvc/application/views/scripts/playlist/update.phtml

@@ -8,7 +8,6 @@ if ($item['type'] == 2) {
     $bl= new Application_Model_Block($item['item_id']);
     $staticBlock = $bl->isStatic();
 }
-$item["track_title"] = $this->escape($item["track_title"]);
 ?>
     <li class="ui-state-default" id="spl_<?php echo $item["id"] ?>" unqid="<?php echo $item["id"]; ?>">
         <div class="list-item-container">