diff options
author | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
commit | ae5b7386ada89db2dcfac1639a25e9ad3bce7c81 (patch) | |
tree | 773256d5a0af811b0d4c7a31753284173a121ae2 | |
parent | 81775e430f1bdbc2be4b8ba9dd1e3cb9818f28b7 (diff) | |
download | acf-dansguardian-ae5b7386ada89db2dcfac1639a25e9ad3bce7c81.tar.bz2 acf-dansguardian-ae5b7386ada89db2dcfac1639a25e9ad3bce7c81.tar.xz |
Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.
git-svn-id: svn://svn.alpinelinux.org/acf/dansguardian/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r-- | dansguardian-html.lsp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/dansguardian-html.lsp b/dansguardian-html.lsp index 83a17d3..a84b6ad 100644 --- a/dansguardian-html.lsp +++ b/dansguardian-html.lsp @@ -26,7 +26,7 @@ end %> <% for k,v in ipairs( view.value ) do - io.write( "<tr><td><a href=\"" .. page_info.script .. page_info.prefix .. page_info.controller .. "/edit?filename=" .. v.filename .. "&redir=" .. page_info.orig_action .. "\">" .. v.filename .. "</a></td><td>" .. v.size .."</td><td>" .. v.mtime .."</td></tr>\n" ) + io.write( "<tr><td><a href=\"" .. html.html_escape(page_info.script .. page_info.prefix .. page_info.controller) .. "/edit?filename=" .. html.html_escape(v.filename) .. "&redir=" .. html.html_escape(page_info.orig_action) .. "\">" .. html.html_escape(v.filename) .. "</a></td><td>" .. html.html_escape(v.size) .."</td><td>" .. html.html_escape(v.mtime) .."</td></tr>\n" ) end %> </TABLE> |