Commit 2a0594bc47d9642f7c557f649dd368424bc32235
1 parent
fc050d95
KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6947 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
6 additions
and
6 deletions
templates/ktcore/folder/permissions.smarty
| 1 | -<h2>{i18n arg_foldername=$foldername}Folder permissions for "#foldername#"{/i18n}</h2> | |
| 1 | +<h2>Folder permissions for "{$foldername|sanitize}"</h2> | |
| 2 | 2 | |
| 3 | 3 | |
| 4 | 4 | |
| ... | ... | @@ -31,9 +31,9 @@ |
| 31 | 31 | |
| 32 | 32 | <form action="{$smarty.server.PHP_SELF}" method="POST"> |
| 33 | 33 | <div class="field"> |
| 34 | - | |
| 34 | + | |
| 35 | 35 | <p class="descriptiveText">{i18n}Select roles and groups for whom you wish to change permission assignment from the box on the left, and move them over to the box on the right using the button with right-pointing arrows. You can then allocate or remove permissions from these entities and save by pressing the 'Update Permission Assignments' button'.{/i18n}</p> |
| 36 | - | |
| 36 | + | |
| 37 | 37 | <table> |
| 38 | 38 | |
| 39 | 39 | <thead> |
| ... | ... | @@ -55,11 +55,11 @@ |
| 55 | 55 | </td> |
| 56 | 56 | |
| 57 | 57 | <td> |
| 58 | - | |
| 58 | + | |
| 59 | 59 | <input type="button" id="entities_add" value="»" /> |
| 60 | 60 | <br /><br/> |
| 61 | 61 | <input type="button" id="entities_remove" value="«" /> |
| 62 | - | |
| 62 | + | |
| 63 | 63 | </td> |
| 64 | 64 | |
| 65 | 65 | <td style="vertical-align: top"> |
| ... | ... | @@ -74,7 +74,7 @@ |
| 74 | 74 | |
| 75 | 75 | <input name="entities_items_added" id="entities_items_added" type="hidden" /> |
| 76 | 76 | <input name="entities_items_removed" id="entities_items_removed" type="hidden" /> |
| 77 | - | |
| 77 | + | |
| 78 | 78 | <input type="hidden" name="kt_core_fieldsets_expect[entities]" value ="1" /> |
| 79 | 79 | </div> |
| 80 | 80 | ... | ... |