<head>
<body bgcolor="#FFFFFF">
<include "admin/head.template">
-<form action="${config.actionRoot}" method="post">
+<form action="${encodeHTML(config.actionRoot)}" method="post">
<input type=hidden name=module value=LinksImcs>
- <input type="hidden" name="id" value="${data.entity.id}">
+ <input type="hidden" name="id" value="${encodeHTML(data.entity.id)}">
<if data.new><input type="hidden" name="do" value="insert">
<else><input type="hidden" name="do" value="update"></if>
<table border="0">
<td align="right" bgcolor="#006600"><font face="Verdana, Arial, Helvetica, sans-serif" size="-1" color="#ffffff">
<B>${lang("linkimcs.name")}:</B></font></td>
<td>
- <input type="text" size="40" name="title" value="${data.entity.title}">
+ <input type="text" size="40" name="title" value="${encodeHTML(data.entity.title)}">
</td>
</tr>
<tr>
<if data.parentlist>
<select name="to_parent_id" size="1">
<option value=NULL> ${lang("linkimcs.new_parent")}
- <list data.parentlist as entry><option value="${entry.id}"<if entry.id == data.entity.to_parent_id> selected</if>> ${entry.title}</list>
+ <list data.parentlist as entry><option value="${encodeHTML(entry.id)}"<if entry.id == data.entity.to_parent_id> selected</if>> ${encodeHTML(entry.title)}</list>
</select>
</if>
</td>
<tr>
<td align="right" bgcolor="#006600"><font color="#ffffff"><B>${lang("linkimcs.url")}:</B></font></td>
<td>
- <input type="text" size="40" name="url" value="${data.entity.url}">
+ <input type="text" size="40" name="url" value="${encodeHTML(data.entity.url)}">
</td>
</tr>
<tr>
<td>
<select name="to_language" size="1">
<list data.languagelist as language>
- <option value="${language.id}"<if data.entity.to_language == language.id> selected</if>> ${language.name}
+ <option value="${encodeHTML(language.id)}"<if data.entity.to_language == language.id> selected</if>> ${encodeHTML(language.name)}
</list>
</select>
</td>
projects / mir.git / blobdiff