Peter M. Groen / knowledgetree

Commit 8aa4d7b5fffb6d980ddea7e47035def47122eae3

Authored by Conrad Vermeulen
1 parent 2a0594bc

KTS-2178 

"cross site scripting"
Updated.

Reviewed By: Kevin Fourie

git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6948 c91229c3-7414-0410-bfa2-8a42b809f60b
Inline Side-by-side
Showing 1 changed file with 5 additions and 5 deletions
templates/ktcore/folder/bulkUpload.smarty
  View file @8aa4d7b
... ... @@ -12,9 +12,9 @@
12 12 {capture assign=sJavascript}
13 13 {literal}
14 14 function swapInItem(elementId, req) {
15   -
  15 +
16 16 var cp = getElement(elementId);
17   -
  17 +
18 18 cp.innerHTML = req.responseText;
19 19 initialiseConditionalFieldsets();
20 20 }
... ... @@ -28,8 +28,8 @@ function swapElementFromRequest(elementId, url) {
28 28 var cp = getElement(elementId);
29 29 cp.innerHTML=_("loading...");
30 30 deff.addCallback(partial(swapInItem, elementId));
31   -
32   -
  31 +
  32 +
33 33 }
34 34  
35 35 function getMetadataForType(id) {
... ... @@ -54,7 +54,7 @@ addLoadEvent(startupMetadata);
54 54 {/capture}
55 55 {$context->oPage->requireJSStandalone($sJavascript)}
56 56  
57   -<h2><img src="{if $config->get("ui/morphEnabled") == '1'}{$rootUrl}/skins/kts_{$config->get("ui/morphTo")}/title_bullet.png{else}{$rootUrl}/resources/graphics/title_bullet.png{/if}"/>{i18n}Upload files into{/i18n}:<br />{$context->oFolder->getName()}</h2>
  57 +<h2><img src="{if $config->get("ui/morphEnabled") == '1'}{$rootUrl}/skins/kts_{$config->get("ui/morphTo")}/title_bullet.png{else}{$rootUrl}/resources/graphics/title_bullet.png{/if}"/>{i18n}Upload files into{/i18n}:<br />{$context->oFolder->getName()|sanitize}</h2>
58 58  
59 59 <form method="POST" action="{$smarty.server.PHP_SELF|addQueryString:"postExpected=1&fFolderId="}{$context->oFolder->getId()}" enctype="multipart/form-data">
60 60 <fieldset><legend>{i18n}Bulk upload{/i18n}</legend>
... ...