</tr>
<list data.contentlist as entry>
<tr <if grey=="1"><assign grey="0">bgcolor="#dddddd" <else><assign grey="1"> </if>>
- <td><font face="Verdana, Arial, Helvetica, sans-serif" size="-1">${entry.title} </font></td>
- <td><font face="Verdana, Arial, Helvetica, sans-serif" size="-1">${entry.description} </font></td>
+ <td><font face="Verdana, Arial, Helvetica, sans-serif" size="-1">${encodeHTML(entry.title)} </font></td>
+ <td><font face="Verdana, Arial, Helvetica, sans-serif" size="-1">${encodeHTML(entry.description)} </font></td>
<td><font face="Verdana, Arial, Helvetica, sans-serif" size="-1">
- ${entry.main_url}<br>
- ${entry.archiv_url}</font></td>
- <td><font size="1"> <a href="${config.actionRoot}?module=Topics&do=delete&id=${entry.id}">${lang("delete")}</a>
- | <a href="${config.actionRoot}?module=Topics&do=edit&id=${entry.id}">${lang("edit")}</a></font></td>
+ ${encodeHTML(entry.main_url)}<br>
+ ${encodeHTML(entry.archiv_url)}</font></td>
+ <td><font size="1"> <a href="${encodeHTML(config.actionRoot)}?module=Topics&do=delete&id=${encodeHTML(entry.id)}">${lang("delete")}</a>
+ | <a href="${encodeHTML(config.actionRoot)}?module=Topics&do=edit&id=${encodeHTML(entry.id)}">${lang("edit")}</a></font></td>
</tr>
</list>
<tr>
<td colspan="4" bgcolor="#006600"><font face="Verdana, Arial, Helvetica, sans-serif" size="-1" color="#ffffff">
- ${data.count} ${lang("records")} / ${lang("show_from_to", data.from, data.to)}</font></td>
+ ${encodeHTML(data.count)} ${lang("records")} / ${lang("show_from_to", data.from, data.to)}</font></td>
<td> </td>
</tr>
</table>
<P>
<if (data.prev || data.next)>
- <form method="post" action="${config.actionRoot}">
+ <form method="post" action="${encodeHTML(config.actionRoot)}">
<input type="hidden" name="module" value="Topics">
- <input type="hidden" name="where" value="${data.where}">
+ <input type="hidden" name="where" value="${encodeHTML(data.where)}">
<if data.prev>
- <input type="hidden" name="prevoffset" value="${prev}">
+ <input type="hidden" name="do" value="list">
+ <input type="hidden" name="prevoffset" value="${encodeHTML(data.prev)}">
<input type="submit" name="prev" value="${lang("list.previous")}">
</if>
<if data.next>
- <input type="hidden" name="nextoffset" value="${next}">
+ <input type="hidden" name="do" value="list">
+ <input type="hidden" name="nextoffset" value="${encodeHTML(data.next)}">
<input type="submit" name="next" value="${lang("list.next")}">
</if>
</form>