<body bgcolor="#FFFFFF" link="#aaaaaa">
<include "admin/head.template">
-<form method="post" action="${config.actionRoot}">
+<form method="post" action="${encodeHTML(config.actionRoot)}">
<input type="hidden" name="module" value="Content">
- <input type="hidden" name="where" value="${data.where}">
- <input type="hidden" name="offset" value="${data.offset}">
- <input type="hidden" name="order" value="${data.order}">
- <input type="hidden" name="id" value="${data.id}">
+ <input type="hidden" name="where" value="${encodeHTML(data.where)}">
+ <input type="hidden" name="offset" value="${encodeHTML(data.offset)}">
+ <input type="hidden" name="order" value="${encodeHTML(data.order)}">
+ <input type="hidden" name="id" value="${encodeHTML(data.id)}">
<if data.new>
<input type="hidden" name="do" value="insert">
<else>
<b>${lang("content.owner")}:</b>
</td>
<td>
- ${data.login_user.login}
+ ${encodeHTML(data.login_user.login)}
</td>
</font>
<td colspan="3"> </td>
<b>${lang("content.import_date")}:</b>
</td>
<td>
- ${data.date}
+ ${encodeHTML(data.date)}
</td>
</font>
<td colspan="3"> </td>
<b>${lang("content.lastchange_date")}:</b>
</td>
<td>
- ${data.webdb_lastchange}
+ ${encodeHTML(data.webdb_lastchange)}
<br>
</td>
</font>
<b>${lang("content.create_date")}:</b>
</td>
<td colspan="3">
- ${data.webdb_create}<br><br>${lang("edit")} (yyyy-mm-dd [HH:mm]):
+ ${encodeHTML(data.webdb_create)}<br><br>${lang("edit")} (yyyy-mm-dd [HH:mm]):
<input type="text" size="10" maxlength="16" name="webdb_create" value="">
<br>
</td>
<tr>
<td align="right" valign="top" bgcolor="#AAAAAA"><font color="#ffffff">
- <B>${lang("content.topic")} <a href="${config.docRoot}/help/content.html">
- <img src=" ${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
+ <B>${lang("content.topic")} <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src=" ${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>
/ ${lang("content.feature")}:
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>
</B></font>
</td>
<td colspan="4" >
<td>
<select name="to_article_type">
<list extra.articletypePopupData as a>
- <option value="${a.key}" <if (a.key == data.to_article_type)>selected</if>>${a.value}</option>
+ <option value="${encodeHTML(a.key)}" <if (a.key == data.to_article_type)>selected</if>>${encodeHTML(a.value)}</option>
</list>
</select>
<select name="to_feature">
<list extra.schwerpunktPopupData as s>
- <option value="${s.key}" <if (s.key == data.to_feature)>selected</if>>${s.value}</option>
+ <option value="${encodeHTML(s.key)}" <if (s.key == data.to_feature)>selected</if>>${encodeHTML(s.value)}</option>
</list>
</select>
</td>
<select name="to_topic" size="5" multiple>
<list extra.themenPopupData as t>
- <option value="${t.key}" <list data.to_topics as to><if (t.key == to["id"])>selected</if></list>>${t.value}</option>
+ <option value="${encodeHTML(t.key)}" <list data.to_topics as to><if (t.key == to["id"])>selected</if></list>>${encodeHTML(t.value)}</option>
</list>
</select>
<td>
<select name="to_language">
<list extra.languagePopupData as l>
- <option value="${l.key}" <if (l.key == data.to_language)>selected</if>>${l.value}</option>
+ <option value="${encodeHTML(l.key)}" <if (l.key == data.to_language)>selected</if>>${encodeHTML(l.value)}</option>
</list>
</select>
<td>
<tr>
<td align="right" valign="top" bgcolor="#AAAAAA">
<B><font color="#ffffff">${lang("content.title")}: <br><br>${lang("content.subtitle")}: <br>
- <a href="${config.docRoot}/help/content.html#title">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html#title">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>
</font></B>
</td>
<td colspan="4">
- <input type="text" size="40" name="title" value="${data.title}"><br>
- <input type="text" size="20" name="subtitle" value="${data.subtitle}">
- <input type="text" size="20" name="edittitle" value="${data.edittitle}">
+ <input type="text" size="40" name="title" value="${encodeHTML(data.title)}"><br>
+ <input type="text" size="20" name="subtitle" value="${encodeHTML(data.subtitle)}">
+ <input type="text" size="20" name="edittitle" value="${encodeHTML(data.edittitle)}">
</td>
</tr>
<tr>
<td align="right" valign="top" bgcolor="#AAAAAA">
<B><font color="#ffffff">${lang("content.location")}:</font>
<font color="#FFFFFF">
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>
</font></B>
</td>
<td colspan="4" >
- <input type="text" size="40" name="place" value="${data.place}">
+ <input type="text" size="40" name="place" value="${encodeHTML(data.place)}">
</td>
</tr>
<tr>
<td align="right" valign="top" bgcolor="#AAAAAA">
<font color="#ffffff"><B>${lang("content.creator")}:</B></font>
<font color="#ffffff">
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a></font>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a></font>
</td>
<td colspan="4">
- <input type="text" size="40" name="creator" value="${data.creator}"><br>
+ <input type="text" size="40" name="creator" value="${encodeHTML(data.creator)}"><br>
</td>
</tr>
<td align="right" valign="top" bgcolor="#AAAAAA">
<font color="#ffffff"><B>${lang("content.creator.email")}/${lang("content.creator.url")}:</B></font>
<font color="#ffffff">
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a></font>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a></font>
</td>
<td colspan="4" >
- <input type="text" size="20" name="creator_email" value="${data.creator_email}">
- <input type="text" size="20" name="creator_main_url" value="${data.creator_main_url}">
+ <input type="text" size="20" name="creator_email" value="${encodeHTML(data.creator_email)}">
+ <input type="text" size="20" name="creator_main_url" value="${encodeHTML(data.creator_main_url)}">
</td>
</tr>
<tr>
<td align="right" valign="top" bgcolor="#AAAAAA">
<font color="#ffffff"><B>${lang("content.creator.address")}/${lang("content.creator.telephone")}:</B></font>
<font color="#ffffff">
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a></font>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a></font>
</td>
<td colspan="4" >
- <input type="text" size="20" name="creator_address" value="${data.creator_address}">
- <input type="text" size="20" name="creator_phone" value="${data.creator_phone}">
+ <input type="text" size="20" name="creator_address" value="${encodeHTML(data.creator_address)}">
+ <input type="text" size="20" name="creator_phone" value="${encodeHTML(data.creator_phone)}">
</td>
</tr>
<tr>
<td align="right" valign="top" bgcolor="#AAAAAA">
<B><font color="#ffffff">${lang("content.abstract")}:</font></B>
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>
</td>
<td colspan="4">
- <textarea cols="50" rows="15" name="description" wrap=virtual>${data.description}</textarea>
+ <textarea cols="50" rows="15" name="description" wrap=virtual>${encodeHTML(data.description)}</textarea>
</td>
</tr>
<tr>
<td align="right" valign="top" bgcolor="#AAAAAA">
<B><font color="#ffffff">${lang("content.content")}:
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>
${lang("content.html")}</font> <input type="checkbox" name="is_html" value="1"<if
data.is_html=="1"> checked</if>>
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>
</font></b></td>
<td colspan="4">
- <textarea cols="50" rows="20" name="content_data" wrap=virtual>${data.content_data}</textarea></td>
+ <textarea cols="50" rows="20" name="content_data" wrap=virtual>${encodeHTML(data.content_data)}</textarea></td>
</tr>
<!--
<tr>
<td align="right" valign="top" bgcolor="#aaaaaa"><B><font color="#ffffff">Termin (von/bis)
<font color="#000000">
- <a href="${config.docRoot}/help/content.html">
- <img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a></font>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html">
+ <img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a></font>
</font>:</B></td>
<td nowrap>
- <input type="text" size="8" maxlength="8" name="date_from" value="${data.date_from}">
- <input type="text" size="8" maxlength="8" name="date_to" value="${data.date_to}">
+ <input type="text" size="8" maxlength="8" name="date_from" value="${encodeHTML(data.date_from)}">
+ <input type="text" size="8" maxlength="8" name="date_to" value="${encodeHTML(data.date_to)}">
</td>
<td>
</td>
<td align="right" valign="top" bgcolor="#aaaaaa">
<B><font color="#ffffff">Termin Name:
- <a href="${config.docRoot}/help/content.html"><img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>
+ <a href="${encodeHTML(config.docRoot)}/help/content.html"><img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>
</font></B>
</td>
<td>
- <input type="text" size="25" name="date_name" value="${data.date_name}">
+ <input type="text" size="25" name="date_name" value="${encodeHTML(data.date_name)}">
</td>
</tr>
-->
<i>${lang("content.internal")}</i></font>
</td>
<td colspan="4">
- <textarea cols="50" rows="6" name="comment" wrap=virtual>${data.comment}</textarea>
+ <textarea cols="50" rows="6" name="comment" wrap=virtual>${encodeHTML(data.comment)}</textarea>
</td>
</tr>
<td> </td>
<td> </td>
<td colspan="2" align="right" valign="top">
- frei <a href="${config.docRoot}/help/content.html"><img src="${config.docRoot}/img/help.gif" border="0" align="absmiddle"></a>:
+ frei <a href="${encodeHTML(config.docRoot)}/help/content.html"><img src="${encodeHTML(config.docRoot)}/img/help.gif" border="0" align="absmiddle"></a>:
<input type="checkbox" name="is_published" value="1"<if data.is_published!="0" && data.is_published!=""> checked</if>>
<if data.new>
<input type="submit" name="save" value="${lang("insert")}">
<td align=right valign=top bgcolor="#aaaaaa">
<B><font color="#ffffff">${lang("content.images")}:</B><br></td>
<td colspan="4" align="left" valign="top">
- <a href="${config.actionRoot}?module=Images&do=edit&id=${m["id"]}"><img src="${config.actionRoot}?module=Images&do=getIcon&id=${m["id"]}" alt="edit" border="0"></a>
- <a href="${config.actionRoot}?module=Content&do=dettach&cid=${data.id}&mid=${m["id"]}">${lang("delete")}</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Images&do=edit&id=${m["id"]}"><img src="${encodeHTML(config.actionRoot)}?module=Images&do=getIcon&id=${m["id"]}" alt="edit" border="0"></a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Content&do=dettach&cid=${encodeHTML(data.id)}&mid=${m["id"]}">${lang("delete")}</a>
</td>
</tr>
</list>
<td align=right valign=top bgcolor="#aaaaaa">
<B><font color="#ffffff">${lang("content.media")}:</B><br></td>
<td colspan="4" align="left" valign="top">
- <a href="${config.actionRoot}?module=Images&do=list&cid=${data.id}">${lang("content.addimage")}</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Images&do=list&cid=${encodeHTML(data.id)}&query_is_published=1">${lang("content.addimage")}</a>
</td>
</tr>
<list data.to_media_audio as m>
<td align=right valign=top bgcolor="#aaaaaa">
<B><font color="#ffffff">${lang("content.audio")}:</B><br></td>
<td colspan="4" align="left" valign="top">
- <a href="${config.actionRoot}?module=Audio&do=edit&id=${m["id"]}"><img src="${config.docRoot}/img/${m["big_icon"]}" alt="edit" border="0"></a>
- <a href="${config.actionRoot}?module=Content&do=dettach&cid=${data.id}&mid=${m["id"]}">${lang("delete")}</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Audio&do=edit&id=${m["id"]}"><img src="${encodeHTML(config.docRoot)}/img/${m["big_icon"]}" alt="edit" border="0"></a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Content&do=dettach&cid=${encodeHTML(data.id)}&mid=${m["id"]}">${lang("delete")}</a>
</td>
</tr>
</list>
<td align=right valign=top bgcolor="#aaaaaa">
<B><font color="#ffffff">${lang("content.media")}:</B><br></td>
<td colspan="4" align="left" valign="top">
- <a href="${config.actionRoot}?module=Audio&do=list&cid=${data.id}">${lang("content.addaudio")}</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Audio&do=list&cid=${encodeHTML(data.id)}&query_is_published=1">${lang("content.addaudio")}</a>
</td>
</tr>
<list data.to_media_video as m>
<td align=right valign=top bgcolor="#aaaaaa">
<B><font color="#ffffff">${lang("content.video")}:</B><br></td>
<td colspan="4" align="left" valign="top">
- <a href="${config.actionRoot}?module=Video&do=edit&id=${m["id"]}"><img src="${config.docRoot}/img/${m["big_icon"]}" alt="edit" border="0"></a>
- <a href="${config.actionRoot}?module=Content&do=dettach&cid=${data.id}&mid=${m["id"]}">${lang("delete")}</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Video&do=edit&id=${m["id"]}"><img src="${encodeHTML(config.docRoot)}/img/${m["big_icon"]}" alt="edit" border="0"></a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Content&do=dettach&cid=${encodeHTML(data.id)}&mid=${m["id"]}">${lang("delete")}</a>
</td>
</tr>
</list>
<td align=right valign=top bgcolor="#aaaaaa">
<B><font color="#ffffff">${lang("content.media")}:</B><br></td>
<td colspan="4" align="left" valign="top">
- <a href="${config.actionRoot}?module=Video&do=list&cid=${data.id}">${lang("content.addvideo")}</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Video&do=list&cid=${encodeHTML(data.id)}&query_is_published=1">${lang("content.addvideo")}</a>
</td>
</tr>
<list data.to_media_other as m>
<td align=right valign=top bgcolor="#aaaaaa">
<B><font color="#ffffff">${lang("content.other")}:</B><br></td>
<td colspan="4" align="left" valign="top">
- <a href="${config.actionRoot}?module=OtherMedia&do=edit&id=${m["id"]}"><img src="${config.docRoot}/img/${m["big_icon"]}" alt="edit" border="0"></a>
- <a href="${config.actionRoot}?module=Content&do=dettach&cid=${data.id}&mid=${m["id"]}">${lang("delete")}</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=OtherMedia&do=edit&id=${m["id"]}"><img src="${encodeHTML(config.docRoot)}/img/${m["big_icon"]}" alt="edit" border="0"></a>
+ <a href="${encodeHTML(config.actionRoot)}?module=Content&do=dettach&cid=${encodeHTML(data.id)}&mid=${m["id"]}">${lang("delete")}</a>
</td>
</tr>
</list>
<td align=right valign=top bgcolor="#aaaaaa">
<B><font color="#ffffff">${lang("content.media")}:</B><br></td>
<td colspan="4" align="left" valign="top">
- <a href="${config.actionRoot}?module=OtherMedia&do=list&cid=${data.id}">${lang("content.addother")}</a>
+ <a href="${encodeHTML(config.actionRoot)}?module=OtherMedia&do=list&cid=${encodeHTML(data.id)}&query_is_published=1">${lang("content.addother")}</a>
</td>
</tr>
</table>
projects / mir.git / commitdiff