fixed the bug that caused problems when an article's title contained "'s

author zapata <zapata>

Thu, 12 Sep 2002 04:50:48 +0000 (04:50 +0000)

committer zapata <zapata>

Thu, 12 Sep 2002 04:50:48 +0000 (04:50 +0000)
author zapata <zapata>
Thu, 12 Sep 2002 04:50:48 +0000 (04:50 +0000)
committer zapata <zapata>
Thu, 12 Sep 2002 04:50:48 +0000 (04:50 +0000)
diff --git a/templates-dist/admin/comment.template b/templates-dist/admin/comment.template

index c602a6b..079759d 100755 (executable)
--- a/templates-dist/admin/comment.template
+++ b/templates-dist/admin/comment.template
@@ -10,12 +10,12 @@ ${lang("comment.htmltitle")}
  
  <form method="post" action="${config.actionRoot}">
         <input type="hidden" name="module" value="Comment">
-       <input type="hidden" name="where" value="${data.where}">
-       <input type="hidden" name="offset" value="${data.offset}">
-       <input type="hidden" name="order" value="${data.order}">
-       <input type="hidden" name="id" value="${data.id}">
-       <input type="hidden" name="date" value="${data.date}">
-       <input type="hidden" name="to_media" value="${data.to_media}">
+       <input type="hidden" name="where" value="${utility.encodeHTML(data.where)}">
+       <input type="hidden" name="offset" value="${utility.encodeHTML(data.offset)}">
+       <input type="hidden" name="order" value="${utility.encodeHTML(data.order)}">
+       <input type="hidden" name="id" value="${utility.encodeHTML(data.id)}">
+       <input type="hidden" name="date" value="${utility.encodeHTML(data.date)}">
+       <input type="hidden" name="to_media" value="${utility.encodeHTML(data.to_media)}">
         <if new> <input type="hidden" name="do" value="insert">
         <else>   <input type="hidden" name="do" value="update">
         </if>
@@ -25,49 +25,49 @@ ${lang("comment.htmltitle")}
         <tr> 
      <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
          <B>${lang("comment.date")}:</B></font></td>
-    <td>${data.date}</td>
+    <td>${utility.encodeHTML(utility.encodeHTML(data.date))}</td>
         </tr>
         
         <tr> 
      <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
          <B>${lang("comment.title")}:</B></font></td>
-    <td><input type="text" size="40" maxlength="255" name="title" value="${data.title}"></td>
+    <td><input type="text" size="40" maxlength="255" name="title" value="${utility.encodeHTML(data.title)}"></td>
         </tr>
  
         <tr> 
      <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
          <B>${lang("comment.creator")}:</B></font></td>
-    <td><input type="text" size="40" maxlength="80" name="creator" value="${data.creator}"></td>
+    <td><input type="text" size="40" maxlength="80" name="creator" value="${utility.encodeHTML(data.creator)}"></td>
         </tr>
  
         <tr> 
      <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
          <B>${lang("comment.url")}:</B></font></td>
-    <td><input type="text" size="40" maxlength="255" name="main_url" value="${data.main_url}"></td>
+    <td><input type="text" size="40" maxlength="255" name="main_url" value="${utility.encodeHTML(data.main_url)}"></td>
         </tr>
    
         <tr> 
      <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
          <B>${lang("comment.email")}:</B></font></td>
-    <td><input type="text" size="40" maxlength="80" name="email" value="${data.email}"></td>
+    <td><input type="text" size="40" maxlength="80" name="email" value="${utility.encodeHTML(data.email)}"></td>
         </tr>
    
         <tr> 
      <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
          <B>${lang("comment.phone")}:</B></font></td>
-    <td><input type="text" size="40" maxlength="80" name="phone" value="${data.phone}"></td>
+    <td><input type="text" size="40" maxlength="80" name="phone" value="${utility.encodeHTML(data.phone)}"></td>
         </tr>
    
         <tr> 
      <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
          <B>${lang("comment.address")}:</B></font></td>
-    <td><input type="text" size="40" maxlength="80" name="address" value="${data.address}"></td>
+    <td><input type="text" size="40" maxlength="80" name="address" value="${utility.encodeHTML(data.address)}"></td>
         </tr>
    
         <tr> 
      <td align="right" bgcolor="#006600"><font color="#ffffff" face="Verdana, Arial, Helvetica, sans-serif" size="-1">
          <B>${lang("comment.text")}:</B></font></td>
-    <td><textarea cols="40" rows="10" name="description" wrap="virtual">${data.description}</textarea></td>
+    <td><textarea cols="40" rows="10" name="description" wrap="virtual">${utility.encodeHTML(data.description)}</textarea></td>
         </tr>
  
      <td colspan="2" align="right"> <font color="black">
diff --git a/templates-dist/admin/content.template b/templates-dist/admin/content.template

index 160e82c..f5cb396 100755 (executable)
--- a/templates-dist/admin/content.template
+++ b/templates-dist/admin/content.template
@@ -14,10 +14,10 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
  <include "admin/head.template">
  <form method="post" action="${config.actionRoot}">
         <input type="hidden" name="module" value="Content">
-       <input type="hidden" name="where" value="${data.where}">
-       <input type="hidden" name="offset" value="${data.offset}">
-       <input type="hidden" name="order" value="${data.order}">
-       <input type="hidden" name="id" value="${data.id}">
+       <input type="hidden" name="where" value="${utility.encodeHTML(data.where)}">
+       <input type="hidden" name="offset" value="${utility.encodeHTML(data.offset)}">
+       <input type="hidden" name="order" value="${utility.encodeHTML(data.order)}">
+       <input type="hidden" name="id" value="${utility.encodeHTML(data.id)}">
         <if data.new>
                 <input type="hidden" name="do" value="insert">
         <else>
@@ -32,7 +32,7 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 <b>${lang("content.owner")}:</b>
    </td>
         <td>
-    ${data.login_user.login}
+    ${utility.encodeHTML(data.login_user.login)}
    </td>
         </font>
         <td colspan="3">&nbsp;</td>
@@ -43,7 +43,7 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
      <b>${lang("content.import_date")}:</b>
    </td>
    <td>
-    ${data.date}
+    ${utility.encodeHTML(data.date)}
    </td>
         </font>
         <td colspan="3">&nbsp;</td>
@@ -55,7 +55,7 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
      <b>${lang("content.lastchange_date")}:</b>
    </td>
    <td>
-               ${data.webdb_lastchange}
+               ${utility.encodeHTML(data.webdb_lastchange)}
      <br>
    </td>
         </font>
@@ -68,7 +68,7 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
      <b>${lang("content.create_date")}:</b>
    </td>
    <td colspan="3">
-       ${data.webdb_create}<br><br>${lang("edit")} (yyyy-mm-dd [HH:mm]):
+       ${utility.encodeHTML(data.webdb_create)}<br><br>${lang("edit")} (yyyy-mm-dd [HH:mm]):
         <input type="text" size="10" maxlength="16" name="webdb_create" value="">
      <br>
    </td>
@@ -130,9 +130,9 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 </font></B>
         </td>
         <td colspan="4">
-               <input type="text" size="40" name="title" value="${data.title}"><br>
-               <input type="text" size="20" name="subtitle" value="${data.subtitle}">
-               <input type="text" size="20" name="edittitle" value="${data.edittitle}">
+               <input type="text" size="40" name="title" value="${utility.encodeHTML(data.title)}"><br>
+               <input type="text" size="20" name="subtitle" value="${utility.encodeHTML(data.subtitle)}">
+               <input type="text" size="20" name="edittitle" value="${utility.encodeHTML(data.edittitle)}">
         </td>
  </tr>
  <tr>
@@ -144,7 +144,7 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 </font></B>
         </td>
         <td colspan="4" >
-               <input type="text" size="40" name="place" value="${data.place}">
+               <input type="text" size="40" name="place" value="${utility.encodeHTML(data.place)}">
         </td>
  </tr>
  <tr>
@@ -155,7 +155,7 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a></font>
         </td>
         <td colspan="4">
-               <input type="text" size="40" name="creator" value="${data.creator}"><br>
+               <input type="text" size="40" name="creator" value="${utility.encodeHTML(data.creator)}"><br>
         </td>
  </tr>
  
@@ -167,8 +167,8 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a></font>
         </td>
         <td colspan="4" >
-               <input type="text" size="20" name="creator_email" value="${data.creator_email}">
-               <input type="text" size="20" name="creator_main_url" value="${data.creator_main_url}">
+               <input type="text" size="20" name="creator_email" value="${utility.encodeHTML(data.creator_email)}">
+               <input type="text" size="20" name="creator_main_url" value="${utility.encodeHTML(data.creator_main_url)}">
         </td>
  </tr>
  <tr>
@@ -179,8 +179,8 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a></font>
         </td>
         <td colspan="4" >
-               <input type="text" size="20" name="creator_address" value="${data.creator_address}">
-               <input type="text" size="20" name="creator_phone" value="${data.creator_phone}">
+               <input type="text" size="20" name="creator_address" value="${utility.encodeHTML(data.creator_address)}">
+               <input type="text" size="20" name="creator_phone" value="${utility.encodeHTML(data.creator_phone)}">
         </td>
  </tr>
  <tr>
@@ -190,7 +190,7 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
         </td>
         <td colspan="4">
-               <textarea cols="50" rows="15" name="description" wrap=virtual>${data.description}</textarea>
+               <textarea cols="50" rows="15" name="description" wrap=virtual>${utility.encodeHTML(data.description)}</textarea>
         </td>
  </tr>
  
@@ -205,9 +205,9 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
         </font></b></td>
         <td colspan="4">
-       <textarea cols="50" rows="20" name="content_data" wrap=virtual>${data.content_data}</textarea></td>
+       <textarea cols="50" rows="20" name="content_data" wrap=virtual>${utility.encodeHTML(data.content_data)}</textarea></td>
  </tr>
-<!--
+<comment>
  <tr>
         <td align="right" valign="top" bgcolor="#aaaaaa"><B><font color="#ffffff">Termin (von/bis)
                 <font color="#000000">
@@ -230,14 +230,14 @@ p {  font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 10pt}
                 <input type="text" size="25" name="date_name" value="${data.date_name}">
         </td>
  </tr>
--->
+</comment>
  <tr>
         <td align="right" valign="top" bgcolor="#aaaaaa">
                 <B><font color="#ffffff">${lang("content.comment")}:</B><br>
                 <i>${lang("content.internal")}</i></font>
         </td>
         <td colspan="4">
-               <textarea cols="50" rows="6" name="comment" wrap=virtual>${data.comment}</textarea>
+               <textarea cols="50" rows="6" name="comment" wrap=virtual>${utility.encodeHTML(data.comment)}</textarea>
         </td>
  </tr>
author	zapata <zapata>
	Thu, 12 Sep 2002 04:50:48 +0000 (04:50 +0000)
committer	zapata <zapata>
	Thu, 12 Sep 2002 04:50:48 +0000 (04:50 +0000)
templates-dist/admin/comment.template		patch \| blob \| history
templates-dist/admin/content.template		patch \| blob \| history