diff options
| author | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
|---|---|---|
| committer | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
| commit | a89437b3c168e6d5f38b8e577f31ea89f5c9c8d0 (patch) | |
| tree | e64d30cb5a84749037695fbb1e34be6320964958 /tinydns-view-html.lsp | |
| parent | 21db17697487d4476e7f521b87b8e88fb61f9672 (diff) | |
| download | acf-tinydns-a89437b3c168e6d5f38b8e577f31ea89f5c9c8d0.tar.bz2 acf-tinydns-a89437b3c168e6d5f38b8e577f31ea89f5c9c8d0.tar.xz | |
Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.
git-svn-id: svn://svn.alpinelinux.org/acf/tinydns/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'tinydns-view-html.lsp')
| -rw-r--r-- | tinydns-view-html.lsp | 26 |
1 files changed, 13 insertions, 13 deletions
diff --git a/tinydns-view-html.lsp b/tinydns-view-html.lsp index b163ce5..35052ab 100644 --- a/tinydns-view-html.lsp +++ b/tinydns-view-html.lsp @@ -51,7 +51,7 @@ io.write("</span>") %> <H1>DNS Entries -<% if view.filename then io.write(" for "..string.gsub(view.filename, "^.*/", "")) end %> +<% if view.filename then io.write(" for "..html.html_escape(string.gsub(view.filename, "^.*/", ""))) end %> </H1> <H2>Locations</H2> <DL id="locations"> @@ -63,13 +63,13 @@ for i,loc in ipairs(view.value) do if currentloc ~= "" then %> </ul> <% end %> - <li><IMG SRC='/skins/static/tango/16x16/places/start-here.png' width='16' height='16' alt> <B><%= loc[1] %></B></li> + <li><IMG SRC='/skins/static/tango/16x16/places/start-here.png' width='16' height='16' alt> <B><%= html.html_escape(loc[1]) %></B></li> <ul STYLE='margin-left:30px';> <% end currentloc = loc[1] %> - <li id='filename=<%= loc.filename %>;linenumber=<%= loc.linenumber %>'> - <%= loc[2] %><% if loc[2] == "" then io.write('*') end %> - <% if (loc.errtxt) then %><P CLASS='error'><%= string.gsub(loc.errtxt, "\n", "<BR>") %></P><% end %> + <li id='filename=<%= html.html_escape(loc.filename) %>;linenumber=<%= html.html_escape(loc.linenumber) %>'> + <%= html.html_escape(loc[2]) %><% if loc[2] == "" then io.write('*') end %> + <% if (loc.errtxt) then %><P CLASS='error'><%= string.gsub(html.html_escape(loc.errtxt), "\n", "<BR>") %></P><% end %> </li> <% end end %> @@ -102,7 +102,7 @@ local function doListIndents(next, indent) end for j=1,starting do io.write("<ul><li STYLE='margin-left:10px;'><strong>") - io.write(table.concat(newentry, ".", #newentry-(i+j-2), #newentry)) + io.write(html.html_escape(table.concat(newentry, ".", #newentry-(i+j-2), #newentry))) io.write("</strong>\n") end return revnewentry @@ -117,20 +117,20 @@ end for j,entry in ipairs(view.value) do if entry.type ~= '%' then indent = doListIndents(entry[1], indent) %> - <ul><li STYLE='margin-left:10px;' id='filename=<%= entry.filename %>;linenumber=<%= entry.linenumber %>'> - <IMG SRC='/skins/static/tango/16x16/devices/computer.png' width='16' height='16'><%= entry.label %><BR> - <pre><%= entry.configline %></pre> - <TABLE STYLE='margin-left:<%= tostring(7-#indent) %>0px;'> + <ul><li STYLE='margin-left:10px;' id='filename=<%= html.html_escape(entry.filename) %>;linenumber=<%= html.html_escape(entry.linenumber) %>'> + <IMG SRC='/skins/static/tango/16x16/devices/computer.png' width='16' height='16'><%= html.html_escape(entry.label) %><BR> + <pre><%= html.html_escape(entry.configline) %></pre> + <TABLE STYLE='margin-left:<%= html.html_escape(tostring(7-#indent)) %>0px;'> <% for k=2,#entry do local option = entry[k] if (option) and option ~= "" then %> - <TR><TD WIDTH='160px' STYLE='border:none;'><%= view.fieldlabels[entry.type][k] %>:</TD> - <TD STYLE='border:none;'><%= option %></TD></TR> + <TR><TD WIDTH='160px' STYLE='border:none;'><%= html.html_escape(view.fieldlabels[entry.type][k]) %>:</TD> + <TD STYLE='border:none;'><%= html.html_escape(option) %></TD></TR> <% end end %> </TABLE> <% if entry.errtxt then %> - <P CLASS='error'><%= string.gsub(entry.errtxt, "\n", "<BR>") %></P> + <P CLASS='error'><%= string.gsub(html.html_escape(entry.errtxt), "\n", "<BR>") %></P> <% end %> </li></ul> <% end |