diff options
author | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2009-01-15 21:44:39 +0000 |
commit | ce796fb65dd1ae945cc5cfd897691b8ca774ff9c (patch) | |
tree | beabe5d11cdefb0a7a54674ab7a0a87565c987e4 /openvpn-listconfigs-html.lsp | |
parent | 868be7c7183b179ddab351fd32790d843b6854c7 (diff) | |
download | acf-openvpn-ce796fb65dd1ae945cc5cfd897691b8ca774ff9c.tar.bz2 acf-openvpn-ce796fb65dd1ae945cc5cfd897691b8ca774ff9c.tar.xz |
Modified html.lua and viewlibrary.lua and all html files to html_escape variables before displaying them.
git-svn-id: svn://svn.alpinelinux.org/acf/openvpn/trunk@1678 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'openvpn-listconfigs-html.lsp')
-rw-r--r-- | openvpn-listconfigs-html.lsp | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/openvpn-listconfigs-html.lsp b/openvpn-listconfigs-html.lsp index 1e67f4b..498e52f 100644 --- a/openvpn-listconfigs-html.lsp +++ b/openvpn-listconfigs-html.lsp @@ -29,13 +29,13 @@ end %> <%= html.link{value = page_info.script .. page_info.prefix .. page_info.controller .. "/deleteconfig?name=" .. config.name.."&redir="..page_info.orig_action, label="Delete " } %> <% end %> </TD> - <TD><%= string.gsub(config.name, "^.*/", "") %></TD> - <TD <% if config.errtxt then io.write('class="error"') end %>><%= config.type %></TD> - <TD><%= config.status %></TD> - <TD><% if ( config.type == "server" ) then %><% if ( config.clients > 0 ) then %><%= html.link{value = page_info.script .. page_info.prefix .. page_info.controller .. "/status_info?name=" .. config.name, label = config.clients } %><% else %><%= config.clients %><% end %><% end %></TD> + <TD><%= html.html_escape(string.gsub(config.name, "^.*/", "")) %></TD> + <TD <% if config.errtxt then io.write('class="error"') end %>><%= html.html_escape(config.type) %></TD> + <TD><%= html.html_escape(config.status) %></TD> + <TD><% if ( config.type == "server" ) then %><% if ( config.clients > 0 ) then %><%= html.link{value = page_info.script .. page_info.prefix .. page_info.controller .. "/status_info?name=" .. config.name, label = config.clients } %><% else %><%= html.html_escape(config.clients) %><% end %><% end %></TD> </TR> <% if config.errtxt then %> - <TR class="error"><TD colspan=5><%= config.errtxt %></TD></TR> + <TR class="error"><TD colspan=5><%= html.html_escape(config.errtxt) %></TD></TR> <% end %> <% end %> |