Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.

git-svn-id: svn://svn.alpinelinux.org/acf/gnats/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
author: Ted Trask <ttrask01@yahoo.com> 2009-01-15 21:44:39 +0000
committer: Ted Trask <ttrask01@yahoo.com> 2009-01-15 21:44:39 +0000
commit: 82bba5703c4c02d30b6c0a3c1fa7d5f692147882 (patch)
tree: eebcce26e11c9e6bd64861989293a440be8beb3b /gnats-edit-html.lsp
parent: 585b049c9a3f424faa33faaf0b9c19a0eec73a15 (diff)
download: acf-gnats-82bba5703c4c02d30b6c0a3c1fa7d5f692147882.tar.bz2
acf-gnats-82bba5703c4c02d30b6c0a3c1fa7d5f692147882.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/gnats-edit-html.lsp b/gnats-edit-html.lsp
index 9cc3514..c8e46ca 100644
--- a/gnats-edit-html.lsp
+++ b/gnats-edit-html.lsp
@@ -25,7 +25,7 @@ displayinfo(myform,tags,"viewonly")
 <DL>
 <% 
 local myform = form.file 
-io.write('<input type="hidden" value="' .. myform.filename.value .. '" name="name">')
+io.write('<input type="hidden" value="' .. html.html_escape(myform.filename.value) .. '" name="name">')
 local tags = { "filename", "filesize", "mtime", "sumerrors", }
 displayinfo(myform,tags,"viewonly")
 %>
@@ -34,7 +34,7 @@ displayinfo(myform,tags,"viewonly")
 <H3>FILE CONTENT</H3>
 <% 
 local myform = form.file
-io.write('<input type="hidden" value="' .. myform.filename.value .. '" name="name">')
+io.write('<input type="hidden" value="' .. html.html_escape(myform.filename.value) .. '" name="name">')
 io.write(html.form[myform.filecontent.type](myform.filecontent))
 %>
author	Ted Trask <ttrask01@yahoo.com>	2009-01-15 21:44:39 +0000
committer	Ted Trask <ttrask01@yahoo.com>	2009-01-15 21:44:39 +0000
commit	82bba5703c4c02d30b6c0a3c1fa7d5f692147882 (patch)
tree	eebcce26e11c9e6bd64861989293a440be8beb3b /gnats-edit-html.lsp
parent	585b049c9a3f424faa33faaf0b9c19a0eec73a15 (diff)
download	acf-gnats-82bba5703c4c02d30b6c0a3c1fa7d5f692147882.tar.bz2 acf-gnats-82bba5703c4c02d30b6c0a3c1fa7d5f692147882.tar.xz