projects
/
mir.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
remove some debug prints to stdout
[mir.git]
/
templates-dist
/
admin
/
video.template
diff --git
a/templates-dist/admin/video.template
b/templates-dist/admin/video.template
index
0118bd9
..
084af50
100755
(executable)
--- a/
templates-dist/admin/video.template
+++ b/
templates-dist/admin/video.template
@@
-4,11
+4,6
@@
${lang("video.htmltitle")}
</title>
</head>
${lang("video.htmltitle")}
</title>
</head>
-<SCRIPT LANGUAGE="JavaScript">
-function openWin(url) {
- window.open(url,"vc","scrollbars=0,height=${data.img_height},width=${data.img_width}");
-}
-</SCRIPT>
<body bgcolor="#FFFFFF">
<include "admin/head.template">
<body bgcolor="#FFFFFF">
<include "admin/head.template">
@@
-30,9
+25,9
@@
function openWin(url) {
</if>
<form enctype="multipart/form-data" method="post" action="${config.actionRoot}?module=Video&do=<if data.new>insert<else>update</if>&id=${data.id}">
</if>
<form enctype="multipart/form-data" method="post" action="${config.actionRoot}?module=Video&do=<if data.new>insert<else>update</if>&id=${data.id}">
- <input type="hidden" name="where" value="${
data.where
}">
- <input type="hidden" name="offset" value="${
data.offset
}">
- <input type="hidden" name="order" value="${
data.order
}">
+ <input type="hidden" name="where" value="${
encodeHTML(data.where)
}">
+ <input type="hidden" name="offset" value="${
encodeHTML(data.offset)
}">
+ <input type="hidden" name="order" value="${
encodeHTML(data.order)
}">
<input type="hidden" name="id" value="${data.id}">
<table border="0">
<input type="hidden" name="id" value="${data.id}">
<table border="0">
@@
-46,7
+41,7
@@
function openWin(url) {
${lang("media.created")}: ${data.webdb_create}
<if data.webdb_lastchange>/ ${lang("media.changed")} ${data.webdb_lastchange}</if><br>
<if data.is_published=="1">${lang("media.published")}: ${data.publish_date} / ${data.publish_server}${data.publish_path}<br></if>
${lang("media.created")}: ${data.webdb_create}
<if data.webdb_lastchange>/ ${lang("media.changed")} ${data.webdb_lastchange}</if><br>
<if data.is_published=="1">${lang("media.published")}: ${data.publish_date} / ${data.publish_server}${data.publish_path}<br></if>
- ${lang("media.format")}: ${data.mimetype} / ${
data.media_descr
} / ${data.human_readable_size}<br>
+ ${lang("media.format")}: ${data.mimetype} / ${
encodeHTML(data.media_descr)
} / ${data.human_readable_size}<br>
${lang("media.rights")}: <b>${data.rightsHashdata[to_rights]["name"]}</b><br>
</td>
</tr>
${lang("media.rights")}: <b>${data.rightsHashdata[to_rights]["name"]}</b><br>
</td>
</tr>
@@
-58,7
+53,7
@@
function openWin(url) {
<td>
<select name="to_media_folder">
<list extra.mediafolderPopupData as m>
<td>
<select name="to_media_folder">
<list extra.mediafolderPopupData as m>
- <option value="${
m.key}" <if m.key == data.to_media_folder>selected</if>>${m.value
}</option>
+ <option value="${
encodeHTML(m.key)}" <if m.key == data.to_media_folder>selected</if>>${encodeHTML(m.value)
}</option>
</list>
</select>
</td>
</list>
</select>
</td>
@@
-67,7
+62,7
@@
function openWin(url) {
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.description")}:</B></font></td>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.description")}:</B></font></td>
- <td><input type="text" size="40" maxlength="255" name="description" value="${
data.description
}"></td>
+ <td><input type="text" size="40" maxlength="255" name="description" value="${
encodeHTML(data.description)
}"></td>
</tr>
<tr>
</tr>
<tr>
@@
-80,20
+75,20
@@
function openWin(url) {
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.location")}:</B></font></td>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.location")}:</B></font></td>
- <td><input type="text" size="40" maxlength="80" name="place" value="${
data.place
}"></td>
+ <td><input type="text" size="40" maxlength="80" name="place" value="${
encodeHTML(data.place)
}"></td>
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.creator")}:</B></font></td>
<td>
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.creator")}:</B></font></td>
<td>
- <input type="text" size="40" maxlength="80" name="creator" value="${
data.creator
}">
+ <input type="text" size="40" maxlength="80" name="creator" value="${
encodeHTML(data.creator)
}">
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.keywords")}:</B></font></td>
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.keywords")}:</B></font></td>
- <td><textarea cols="40" rows="2" name="keywords">${
data.keywords
}</textarea></td>
+ <td><textarea cols="40" rows="2" name="keywords">${
encodeHTML(data.keywords)
}</textarea></td>
</tr>
<tr>
</tr>
<tr>
@@
-105,7
+100,7
@@
function openWin(url) {
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.source")}:</B></font></td>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.source")}:</B></font></td>
- <td><input type="text" size="40" maxlength="80" name="source" value="${
data.source
}"></td>
+ <td><input type="text" size="40" maxlength="80" name="source" value="${
encodeHTML(data.source)
}"></td>
</tr>
<tr>
<td colspan="2" align="right"> <font color="black">
</tr>
<tr>
<td colspan="2" align="right"> <font color="black">
@@
-140,7
+135,7
@@
function openWin(url) {
<B>${lang("media.title")}:<B>
</font> </td>
<td>
<B>${lang("media.title")}:<B>
</font> </td>
<td>
- <input type="text" name="title" size="40" maxlength="80" value="${
data.title
}">
+ <input type="text" name="title" size="40" maxlength="80" value="${
encodeHTML(data.title)
}">
</td>
</tr>
</if>
</td>
</tr>
</if>