Commit eb013f6884ef473fc57e035035f2b0bee116828b
1 parent
9001d669
KTC-475
"Workflow with '''´`""\/:&;!.~,$%()|<>#= in its name, transition names and state names appear incorrect on the second page of the Workflow creation wizard." Fixed. The input name and values needed to be sanitised. Committed by: Megan Watson Reviewed by: Jonathan Byrne git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/branches/3.5.2c-Release-Branch@8471 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
9 additions
and
9 deletions
templates/ktcore/workflow/admin/new_wizard_step2.smarty
| @@ -14,30 +14,30 @@ states. Use the table below to configure this behaviour.{/i18n}</p> | @@ -14,30 +14,30 @@ states. Use the table below to configure this behaviour.{/i18n}</p> | ||
| 14 | <thead> | 14 | <thead> |
| 15 | <tr> | 15 | <tr> |
| 16 | <th>{i18n}Transition{/i18n}</th> | 16 | <th>{i18n}Transition{/i18n}</th> |
| 17 | - <th>{i18n}Leads to state{/i18n}</th> | 17 | + <th>{i18n}Leads to state{/i18n}</th> |
| 18 | {foreach from=$states item=state} | 18 | {foreach from=$states item=state} |
| 19 | - <th>{$state}</th> | ||
| 20 | - {/foreach} | 19 | + <th>{$state}</th> |
| 20 | + {/foreach} | ||
| 21 | </tr> | 21 | </tr> |
| 22 | </thead> | 22 | </thead> |
| 23 | <tbody> | 23 | <tbody> |
| 24 | {foreach from=$transitions item=transition} | 24 | {foreach from=$transitions item=transition} |
| 25 | <tr class="row {cycle values=odd,even}"> | 25 | <tr class="row {cycle values=odd,even}"> |
| 26 | <td>{$transition}</td> | 26 | <td>{$transition}</td> |
| 27 | - <td><select name="fTo[{$transition}]"> | 27 | + <td><select name="fTo[{$transition|sanitize}]"> |
| 28 | {foreach from=$states item=state} | 28 | {foreach from=$states item=state} |
| 29 | - <option value="{$state}">{$state}</option> | 29 | + <option value="{$state|sanitize}">{$state}</option> |
| 30 | {/foreach} | 30 | {/foreach} |
| 31 | - </select></td> | 31 | + </select></td> |
| 32 | {foreach from=$states item=state} | 32 | {foreach from=$states item=state} |
| 33 | - <td><input type="checkbox" name="fFrom[{$transition}][{$state}]"/></td> | ||
| 34 | - {/foreach} | 33 | + <td><input type="checkbox" name="fFrom[{$transition|sanitize}][{$state|sanitize}]"/></td> |
| 34 | + {/foreach} | ||
| 35 | </tr> | 35 | </tr> |
| 36 | {/foreach} | 36 | {/foreach} |
| 37 | </tbody> | 37 | </tbody> |
| 38 | </table> | 38 | </table> |
| 39 | </div> | 39 | </div> |
| 40 | - | 40 | + |
| 41 | <div class="form_actions"> | 41 | <div class="form_actions"> |
| 42 | <input type="submit" value="{i18n}Create Workflow{/i18n}" /> | 42 | <input type="submit" value="{i18n}Create Workflow{/i18n}" /> |
| 43 | <a href="{$smarty.server.PHP_SELF}">{i18n}Cancel{/i18n}</a> | 43 | <a href="{$smarty.server.PHP_SELF}">{i18n}Cancel{/i18n}</a> |