wrap stuff in encodeHTML and add in advanced search parameters (query_..) used form...

author mh <mh>

Tue, 10 Dec 2002 09:47:36 +0000 (09:47 +0000)

committer mh <mh>

Tue, 10 Dec 2002 09:47:36 +0000 (09:47 +0000)
author mh <mh>
Tue, 10 Dec 2002 09:47:36 +0000 (09:47 +0000)
committer mh <mh>
Tue, 10 Dec 2002 09:47:36 +0000 (09:47 +0000)
diff --git a/templates-dist/admin/confirm.template b/templates-dist/admin/confirm.template

index 1343d85..1e5488d 100755 (executable)
--- a/templates-dist/admin/confirm.template
+++ b/templates-dist/admin/confirm.template
@@ -17,8 +17,12 @@
            <input type="hidden" name="module" value=${data.module}>
            <input type="hidden" name="do" value="delete">
            <input type="hidden" name="id" value="${data.id}">
-          <input type="hidden" name="where" value="${data.where}">
-          <input type="hidden" name="order" value="${data.order}">
+          <input type="hidden" name="where" value="${encodeHTML(data.where)}">
+          <input type="hidden" name="order" value="${encodeHTML(data.order)}">
+          <input type="hidden" name="query_text" value="${encodeHTML(data.query_text)}">
+          <input type="hidden" name="query_field" value="${encodeHTML(data.query_field)}">
+          <input type="hidden" name="query_is_pubished" value="${data.query_is_pubished}">
+          <input type="hidden" name="query_media_folder" value="${data.query_media_folder}">
            <input type="hidden" name="offset" value="${data.offset}">
            <input type="submit" name="cancel" value="${lang("cancel")}">
            <input type="submit" name="confirm" value="${lang("delete")}">
author	mh <mh>
	Tue, 10 Dec 2002 09:47:36 +0000 (09:47 +0000)
committer	mh <mh>
	Tue, 10 Dec 2002 09:47:36 +0000 (09:47 +0000)