Commit df3a0848c25646c0b3a8b55e383c47c77e56c1fb
1 parent
2c598b76
KTS-2178
"cross site scripting" Implemented. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6995 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
1 additions
and
1 deletions
templates/kt3/portlets/search_portlet.smarty
| @@ -9,7 +9,7 @@ | @@ -9,7 +9,7 @@ | ||
| 9 | <ul class="actionlist"> | 9 | <ul class="actionlist"> |
| 10 | {foreach item=oSearch from=$saved_searches} | 10 | {foreach item=oSearch from=$saved_searches} |
| 11 | <li> | 11 | <li> |
| 12 | -{if ($oSearch->getUserId())}<a class="ktInline ktAction ktDelete" href="{"booleanSearch"|generateControllerUrl}&qs[action]=deleteSearch&qs[fSavedSearchId]={$oSearch->getId()}&qs[fFolderId]={$folder_id}&qs[fDocumentId]={$document_id}">{i18n}Delete{/i18n}</a>{/if}<a href="{"booleanSearch"|generateControllerUrl}&qs[action]=performSearch&qs[fSavedSearchId]={$oSearch->getId()}">{$oSearch->getName()}</a> | 12 | +{if ($oSearch->getUserId())}<a class="ktInline ktAction ktDelete" href="{"booleanSearch"|generateControllerUrl}&qs[action]=deleteSearch&qs[fSavedSearchId]={$oSearch->getId()}&qs[fFolderId]={$folder_id}&qs[fDocumentId]={$document_id}">{i18n}Delete{/i18n}</a>{/if}<a href="{"booleanSearch"|generateControllerUrl}&qs[action]=performSearch&qs[fSavedSearchId]={$oSearch->getId()}">{$oSearch->getName()|sanitize}</a> |
| 13 | </li> | 13 | </li> |
| 14 | {/foreach} | 14 | {/foreach} |
| 15 | </ul> | 15 | </ul> |