<title>
${lang("video.htmltitle")}
</title>
-<head>
+</head>
<SCRIPT LANGUAGE="JavaScript">
function openWin(url) {
- window.open(url,"vc","scrollbars=0,height=${data.img_height},width=${data.img_width}");
+ window.open(url,"vc","scrollbars=0,height=${encodeHTML(data.img_height)},width=${encodeHTML(data.img_width)}");
}
</SCRIPT>
<body bgcolor="#FFFFFF">
<include "admin/head.template">
-<form enctype="multipart/form-data" method="post" action="${config.actionRoot}?module=Video&do=<if data.new>insert<else>update</if>&id=${data.id}">
-<if data.icon_data=="" || data.icon_data=="0">
- <INPUT TYPE="file" NAME="mptest">
+<if data.new>
+<form action="${encodeHTML(config.actionRoot)}?module=Video&do=add" method="post">
+ <table border="0">
+ <tr>
+ <td align="right" bgcolor="#006600">
+ <font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
+ <b>${lang("open.posting.nr_of_media")}</b> <br>
+ </font>
+ </td>
+ <td>
+ <input type="text" size="3" name="medianum" value="${encodeHTML(medianum)}"> <input type="submit" value="${lang("open.posting.nr_of_media.submit")}">
+ </td>
+ </tr>
+ </table>
+</form>
</if>
+<form enctype="multipart/form-data" method="post" action="${encodeHTML(config.actionRoot)}?module=Video&do=<if data.new>insert<else>update</if>&id=${encodeHTML(data.id)}">
- <input type="hidden" name="where" value="${data.where}">
- <input type="hidden" name="offset" value="${data.offset}">
- <input type="hidden" name="order" value="${data.order}">
- <input type="hidden" name="id" value="${data.id}">
+ <input type="hidden" name="where" value="${encodeHTML(data.where)}">
+ <input type="hidden" name="offset" value="${encodeHTML(data.offset)}">
+ <input type="hidden" name="order" value="${encodeHTML(data.order)}">
+ <input type="hidden" name="id" value="${encodeHTML(data.id)}">
<table border="0">
+ <if !data.new>
<tr>
<td align="right" bgcolor="#006600">
<font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
- <a href="${config.actionRoot}?module=Video&do=getMedia&id=${data.id}">
- <img src="${config.docRoot}/img/${data.big_icon}" border=0></a></font></td>
+ <a href="${encodeHTML(config.actionRoot)}?module=Video&do=getMedia&id=${encodeHTML(data.id)}">
+ <img src="${encodeHTML(config.docRoot)}/img/${encodeHTML(data.big_icon)}" border=0></a></font></td>
<td valign="bottom"><font color="Silver" face="Verdana, Arial, Helvetica, sans-serif" size=1>
- ${lang("media.created")}: ${data.webdb_create}
- <if data.webdb_lastchange>/ ${lang("media.changed")} ${data.webdb_lastchange}</if><br>
- <if data.is_published=="1">${lang("media.published")}: ${data.publish_date} / ${data.publish_server}${data.publish_path}<br></if>
- ${lang("media.format")}: ${data.mimetype} / ${data.media_descr} / ${data.human_readable_size}<br>
+ ${lang("media.created")}: ${encodeHTML(data.webdb_create)}
+ <if data.webdb_lastchange>/ ${lang("media.changed")} ${encodeHTML(data.webdb_lastchange)}</if><br>
+ <if data.is_published=="1">${lang("media.published")}: ${encodeHTML(data.publish_date)} / ${encodeHTML(data.publish_server)}${encodeHTML(data.publish_path)}<br></if>
+ ${lang("media.format")}: ${encodeHTML(data.mimetype)} / ${encodeHTML(data.media_descr)} / ${encodeHTML(data.human_readable_size)}<br>
${lang("media.rights")}: <b>${data.rightsHashdata[to_rights]["name"]}</b><br>
</td>
</tr>
+ </if>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<td>
<select name="to_media_folder">
<list extra.mediafolderPopupData as m>
- <option value="${m.key}" <if m.key == data.to_media_folder>selected</if>>${m.value}</option>
+ <option value="${encodeHTML(m.key)}" <if m.key == data.to_media_folder>selected</if>>${encodeHTML(m.value)}</option>
</list>
</select>
</td>
</tr>
-
- <tr>
- <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
- <B>${lang("media.title")}:</B></font></td>
- <td><input type="text" size="40" maxlength="255" name="title" value="${data.title}"></td>
- </tr>
-
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.description")}:</B></font></td>
- <td><input type="text" size="40" maxlength="255" name="description" value="${data.description}"></td>
+ <td><input type="text" size="40" maxlength="255" name="description" value="${encodeHTML(data.description)}"></td>
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.date")}:</B></font></td>
- <td><input type="text" size="8" maxlength="8" name="date" value="${data.date}">
- <input type="text" size="20" maxlength="40" name="year" value="${data.year}"></td>
+ <td><input type="text" size="8" maxlength="8" name="date" value="${encodeHTML(data.date)}">
+ <input type="text" size="20" maxlength="40" name="year" value="${encodeHTML(data.year)}"></td>
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.location")}:</B></font></td>
- <td><input type="text" size="40" maxlength="80" name="place" value="${data.place}"></td>
+ <td><input type="text" size="40" maxlength="80" name="place" value="${encodeHTML(data.place)}"></td>
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.creator")}:</B></font></td>
<td>
- <input type="text" size="40" maxlength="80" name="creator" value="${data.creator}">
+ <input type="text" size="40" maxlength="80" name="creator" value="${encodeHTML(data.creator)}">
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.keywords")}:</B></font></td>
- <td><textarea cols="40" rows="2" name="keywords">${data.keywords}</textarea></td>
+ <td><textarea cols="40" rows="2" name="keywords">${encodeHTML(data.keywords)}</textarea></td>
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.comment")}:</B></font></td>
- <td><textarea cols="40" rows="2" name="comment">${data.comment}</textarea></td>
+ <td><textarea cols="40" rows="2" name="comment">${encodeHTML(data.comment)}</textarea></td>
</tr>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
<B>${lang("media.source")}:</B></font></td>
- <td><input type="text" size="40" maxlength="80" name="source" value="${data.source}"></td>
+ <td><input type="text" size="40" maxlength="80" name="source" value="${encodeHTML(data.source)}"></td>
</tr>
<tr>
<td colspan="2" align="right"> <font color="black">
- ${lang("media.is_published")} <input type="checkbox" name="is_published" value="1"<if data.is_published!="0" && data.is_published!=""> checked</if>>
+ <if data.new>
+ <tr>
+ <td>
+ ${lang("media.is_published")} <input type="checkbox" name="is_published" value="1"<if data.is_published!="0" && data.is_published!=""> checked</if>>
+ </td>
+ </tr>
+
+ <list data.mediafields as m>
+ <tr>
+ <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
+
+ <B>${lang("media.title")}:<B>
+ </font> </td>
+ <td>
+ <input type="text" name="media_title${encodeHTML(m)}" size="40" maxlength="80" value="">
+ </td>
+ </tr>
+ <tr>
+ <td bgcolor="#006600"></td>
+ <td>
+ <INPUT TYPE="file" NAME="mpfile${encodeHTML(m)}"><br>
+ </td>
+ </tr>
+ </list>
+ <else>
+ <tr>
+ <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
+
+ <B>${lang("media.title")}:<B>
+ </font> </td>
+ <td>
+ <input type="text" name="title" size="40" maxlength="80" value="${encodeHTML(data.title)}">
+ </td>
+ </tr>
+ </if>
+ <td colspan="2" align="right"> <font color="black">
<if data.new>
<input type="submit" name="save" value="${lang("insert")}">
<else>
+ ${lang("media.is_published")} <input type="checkbox" name="is_published" value="1"<if data.is_published!="0" && data.is_published!=""> checked</if>>
<input type="submit" name="save" value="${lang("save")}">
</if> </font></form></font>
</td>
projects / mir.git / blobdiff