</head>
<body bgcolor="#FFFFFF">
-<include "head.template">
+<include "admin/head.template">
<table border="0" cellpadding="2" cellspacing="1">
<tr>
- <td colspan="5"><form method="post" action="${config.actionRoot}">
+ <td colspan="5"><form method="post" action="${encodeHTML(config.actionRoot)}">
<input type="hidden" name="module" value="Images">
<input type="hidden" name="do" value="list">
- <input type="hidden" name="cid" value="${data.cid}">
+ <input type="hidden" name="cid" value="${encodeHTML(data.cid)}">
<table border="0">
<tr bgcolor="Pink">
- <td>${lang("imagelist.search_text_in")}:</td>
- <td>${lang("image.published")}:</td>
- <td>${lang("image.mediafolder")}:</td>
+ <td>${lang("medialist.search_text_in")}:</td>
+ <td>${lang("media.published")}:</td>
+ <td>${lang("media.mediafolder")}:</td>
<td> </td>
</tr>
<tr>
<td>
- <input type="text" size="10" maxlength="20" name="query_text" value="${data.query_text}">
+ <input type="text" size="10" maxlength="20" name="query_text" value="${encodeHTML(data.query_text)}">
<select name="query_field">
- <option value="title"<if data.query_field=="title"> selected</if>>${lang("image.title")}</option>
- <option value="creator"<if data.query_field=="creator"> selected</if>>${lang("image.creator")}</option>
- <option value="place"<if data.query_field=="place"> selected</if>>${lang("image.location")}</option>
- <option value="keywords"<if data.query_field=="keywords"> selected</if>>${lang("image.keywords")}</option>
+ <option value="title"<if data.query_field=="title"> selected</if>>${lang("media.title")}</option>
+ <option value="creator"<if data.query_field=="creator"> selected</if>>${lang("media.creator")}</option>
+ <option value="place"<if data.query_field=="place"> selected</if>>${lang("media.location")}</option>
+ <option value="keywords"<if data.query_field=="keywords"> selected</if>>${lang("media.keywords")}</option>
</select>
</td>
<td>
</td>
<td>
<select name="query_media_folder">
- <list data.mediafolderPopupData as m>
- <option value="${m.key}" <if m.key == query_media_folder>selected</if>>${m.value}</option>
+ <list extra.mediafolderPopupData as m>
+ <option value="${encodeHTML(m.key)}" <if m.key == data.query_media_folder>selected</if>>${encodeHTML(m.value)}</option>
</list>
</select>
</td>
<tr bgcolor="#006600" >
<td><font color="#FFFFFF" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
- <b>${lang("image.icon")}</b></font></td>
+ <b>${lang("media.icon")}</b></font></td>
<td><font color="#FFFFFF" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
- <b>${lang("image.title")}</b></font></td>
+ <b>${lang("media.title")}</b></font></td>
<td><font color="#FFFFFF" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
- <b>${lang("image.mediafolder")}</b></font></td>
+ <b>${lang("media.format")}</b></font></td>
<td><font color="#FFFFFF" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
- <b>${lang("image.creator")}</b></font></td>
+ <b>${lang("media.size")}</b></font></td>
+ <td><font color="#FFFFFF" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
+ <b>${lang("media.mediafolder")}</b></font></td>
+ <td><font color="#FFFFFF" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
+ <b>${lang("media.creator")}</b></font></td>
</tr>
<if data.contentlist>
<list data.contentlist as entry>
<tr <if grey=="1"><assign grey="0">bgcolor="#dddddd" <else><assign grey="1"> </if>>
<td>
<if entry.icon_data!="" && entry.icon_data!="0">
- <a href="${config.actionRoot}?module=Images&do=showimg&id=${entry.id}" target="new">
- <img src="${config.actionRoot}?module=Images&do=showicon&id=${entry.id}" border=0></a></font></td>
+ <a href="${encodeHTML(config.actionRoot)}?module=Images&do=getMedia&id=${encodeHTML(entry.id)}" target="new">
+ <img src="${encodeHTML(config.actionRoot)}?module=Images&do=getIcon&id=${encodeHTML(entry.id)}" border=0></a></font></td>
</if>
- <td>${entry.title}
- <if entry.decription><br>${entry.description}</if></td>
+ <td>${encodeHTML(entry.title)}
+ <if entry.description><br>${encodeHTML(entry.description)}</if></td>
+ <td>${encodeHTML(entry.media_descr)} </td>
+ <td>${encodeHTML(entry.human_readable_size)} </td>
<td>${data.mediafolderHashdata[entry.to_media_folder]["name"]} </td>
- <td>${entry.creator} </td>
+ <td>${encodeHTML(entry.creator)} </td>
<td><font size="1">
- <if data.cid><a href="${config.actionRoot}?module=Content&do=attach&mid=${entry.id}&cid=${data.cid}">${lang("attach")}</a>
+ <if data.cid><a href="${encodeHTML(config.actionRoot)}?module=Content&do=attach&mid=${encodeHTML(entry.id)}&cid=${encodeHTML(data.cid)}">${lang("attach")}</a>
<else>
- <a href="${config.actionRoot}?module=Images&do=delete&id=${entry.id}">${lang("delete")}</a>
- | <a href="${config.actionRoot}?module=Images&do=edit&id=${entry.id}">${lang("edit")}</a>
+ <a href="${config.actionRoot}?module=Images&do=delete&id=${entry.id}&query_text=${encodeHTML(data.query_text_encoded)}&query_field=${encodeHTML(data.query_field)}&query_is_published=${data.query_is_published}&query_media_folder=${data.query_media_folder}&offset=${data.offset}&order=${data.order}">${lang("delete")}</a>
+ | <a href="${encodeHTML(config.actionRoot)}?module=Images&do=edit&id=${encodeHTML(entry.id)}">${lang("edit")}</a>
</if>
</font></td>
</tr>
</list>
<tr>
- <td colspan="4" bgcolor="#006600"><font color="#ffffff">${data.count} ${lang("records")}
+ <td colspan="4" bgcolor="#006600"><font color="#ffffff">${encodeHTML(data.count)} ${lang("records")}
/ ${lang("show_from_to", data.from, data.to)}</font></td>
<td> </td>
</tr>
<tr><td>
<if data.prev>
- <a href="${config.actionRoot}?module=Images&do=list&query_text=${data.query_text_encoded}&query_field=${data.query_field}&query_is_published=${data.query_is_published}&query_media_folder=${data.query_media_folder}&offset=${data.prev}&prev=zurück&cid=${data.cid}">zurueck</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Images&do=list&query_text=${encodeHTML(data.query_text_encoded)}&query_field=${encodeHTML(data.query_field)}&query_is_published=${encodeHTML(data.query_is_published)}&query_media_folder=${encodeHTML(data.query_media_folder)}&offset=${encodeHTML(data.prev)}&prev=zurück&cid=${encodeHTML(data.cid)}">zurueck</a>
</if>
-<if next>
-<a href="${config.actionRoot}?module=Images&do=list&query_text=${data.query_text_encoded}&query_field=${data.query_field}&query_is_published=${data.query_is_published}&query_media_folder=${data.query_media_folder}&offset=${data.next}&next=weiter&cid=${data.cid}">weiter</a>
+<if data.next>
+<a href="${encodeHTML(config.actionRoot)}?module=Images&do=list&query_text=${encodeHTML(data.query_text_encoded)}&query_field=${encodeHTML(data.query_field)}&query_is_published=${encodeHTML(data.query_is_published)}&query_media_folder=${encodeHTML(data.query_media_folder)}&offset=${encodeHTML(data.next)}&next=weiter&cid=${encodeHTML(data.cid)}">weiter</a>
</if>
</td></tr>
<else>
<tr><td align="center">${lang("no_matches_found")}</td></tr>
</if>
</table>
-<include "foot.template">
+<include "admin/foot.template">
</body>
-</html>
\ No newline at end of file
+</html>
projects / mir.git / blobdiff