diff options
author | gerv%gerv.net <> | 2003-09-07 04:23:09 +0200 |
---|---|---|
committer | gerv%gerv.net <> | 2003-09-07 04:23:09 +0200 |
commit | 026539311662235ea26f5f3cfe885322846db6fb (patch) | |
tree | 97ded73af263f79157ec928cc0fc56c82e8b9334 /template/en/default/admin | |
parent | 94266c521b3e388b41f3dd6f74948a9ec71997d5 (diff) | |
download | bugzilla-026539311662235ea26f5f3cfe885322846db6fb.tar.gz bugzilla-026539311662235ea26f5f3cfe885322846db6fb.tar.xz |
Bug 207044 - Filter more template directives. None of these are security bugs, but they need fixing anyway. Patch by gerv; r,a=justdave.
Diffstat (limited to 'template/en/default/admin')
-rw-r--r-- | template/en/default/admin/flag-type/confirm-delete.html.tmpl | 2 | ||||
-rw-r--r-- | template/en/default/admin/flag-type/edit.html.tmpl | 17 | ||||
-rw-r--r-- | template/en/default/admin/flag-type/list.html.tmpl | 2 |
3 files changed, 14 insertions, 7 deletions
diff --git a/template/en/default/admin/flag-type/confirm-delete.html.tmpl b/template/en/default/admin/flag-type/confirm-delete.html.tmpl index 6bf1ca43f..ddd99d7ca 100644 --- a/template/en/default/admin/flag-type/confirm-delete.html.tmpl +++ b/template/en/default/admin/flag-type/confirm-delete.html.tmpl @@ -29,7 +29,7 @@ %] <p> - There are [% flag_count %] flags of type [% name %]. + There are [% flag_count %] flags of type [% name FILTER html %]. If you delete this type, those flags will also be deleted. Note that instead of deleting the type you can <a href="editflagtypes.cgi?action=deactivate&id=[% flag_type.id %]">deactivate it</a>, diff --git a/template/en/default/admin/flag-type/edit.html.tmpl b/template/en/default/admin/flag-type/edit.html.tmpl index a56c3bb65..58519466d 100644 --- a/template/en/default/admin/flag-type/edit.html.tmpl +++ b/template/en/default/admin/flag-type/edit.html.tmpl @@ -67,10 +67,10 @@ <input type="hidden" name="id" value="[% type.id %]"> <input type="hidden" name="target_type" value="[% type.target_type %]"> [% FOREACH category = type.inclusions %] - <input type="hidden" name="inclusions" value="[% category %]"> + <input type="hidden" name="inclusions" value="[% category FILTER html %]"> [% END %] [% FOREACH category = type.exclusions %] - <input type="hidden" name="exclusions" value="[% category %]"> + <input type="hidden" name="exclusions" value="[% category FILTER html %]"> [% END %] <table id="form" cellspacing="0" cellpadding="4" border="0"> @@ -105,13 +105,17 @@ <select name="product" onchange="selectProduct(this.form, 'product', 'component', '__Any__');"> <option value="">__Any__</option> [% FOREACH item = products %] - <option value="[% item %]" [% "selected" IF type.product.name == item %]>[% item %]</option> + <option value="[% item FILTER html %]" + [% "selected" IF type.product.name == item %]> + [% item FILTER html %]</option> [% END %] </select><br> <select name="component"> <option value="">__Any__</option> [% FOREACH item = components %] - <option value="[% item %]" [% "selected" IF type.component.name == item %]>[% item %]</option> + <option value="[% item FILTER html %]" + [% "selected" IF type.component.name == item %]> + [% item FILTER html %]</option> [% END %] </select><br> <input type="submit" name="categoryAction" value="Include"> @@ -186,7 +190,10 @@ <tr> <th></th> <td> - <input type="submit" value="[% (last_action == "enter" || last_action == "copy") ? "Create" : "Save Changes" %]"> + <input type="submit" value=" + [% IF (last_action == "enter" || last_action == "copy") %]Create + [% ELSE %]Save Changes + [% END %]"> </td> </tr> diff --git a/template/en/default/admin/flag-type/list.html.tmpl b/template/en/default/admin/flag-type/list.html.tmpl index 0e3306d27..80764d613 100644 --- a/template/en/default/admin/flag-type/list.html.tmpl +++ b/template/en/default/admin/flag-type/list.html.tmpl @@ -92,7 +92,7 @@ [% FOREACH type = types %] - <tr class="[% type.is_active ? "active" : "inactive" %]"> + <tr class="[% IF type.is_active %]active[% ELSE %]inactive[% END %]"> <td><a href="editflagtypes.cgi?action=edit&id=[% type.id %]">[% type.name FILTER html %]</a></td> <td>[% type.description FILTER html %]</td> <td> |