bashclub/piler
1
0
Fork 0
mirror of https://bitbucket.org/jsuto/piler.git synced 2025-06-12 23:37:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

fixed an xss issue in the gui

Browse Source
This commit is contained in:
SJ
2014-08-11 10:40:18 +02:00
parent eb334317ca
commit f0e81b60ff
3 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
webui/view/theme/default/templates/search/load.tpl
View File

@ -10,7 +10,7 @@
if(isset($s['search'])) {
?>
<tr>
<td><a href="#" onclick="Piler.load_search_results_for_saved_query('<?php print urlencode($term['term']); ?>');"><?php print $s['search']; ?></a> | <a href="#" class="menulink" onclick="Piler.remove_saved_search_term(<?php print $term['ts']; ?>); return false;"><?php print $text_remove; ?></a></td>
<td><a href="#" onclick="Piler.load_search_results_for_saved_query('<?php print urlencode($term['term']); ?>');"><?php print htmlspecialchars($s['search']); ?></a> | <a href="#" class="menulink" onclick="Piler.remove_saved_search_term(<?php print $term['ts']; ?>); return false;"><?php print $text_remove; ?></a></td>
<td>&nbsp;</td>
</tr>
<?php } } ?>

2
webui/view/theme/mobile/templates/search/load.tpl
View File

@ -18,7 +18,7 @@
if(isset($s['search']) && $s['search']) {
?>
<div class="resultrow center">
<a href="#" onclick="Piler.load_search_results_for_saved_query('<?php print urlencode($term['term']); ?>');"><?php print $s['search']; ?></a> | <a href="#" class="menulink" onclick="Piler.remove_saved_search_term(<?php print $term['ts']; ?>); return false;"><?php print $text_remove; ?></a></br />
<a href="#" onclick="Piler.load_search_results_for_saved_query('<?php print urlencode($term['term']); ?>');"><?php print htmlspecialchars($s['search']); ?></a> | <a href="#" class="menulink" onclick="Piler.remove_saved_search_term(<?php print $term['ts']; ?>); return false;"><?php print $text_remove; ?></a></br />
</div>
<?php } } ?>