summaryrefslogtreecommitdiffstats
path: root/template/en/default/admin
diff options
context:
space:
mode:
authorgerv%gerv.net <>2003-09-07 04:23:09 +0200
committergerv%gerv.net <>2003-09-07 04:23:09 +0200
commit026539311662235ea26f5f3cfe885322846db6fb (patch)
tree97ded73af263f79157ec928cc0fc56c82e8b9334 /template/en/default/admin
parent94266c521b3e388b41f3dd6f74948a9ec71997d5 (diff)
downloadbugzilla-026539311662235ea26f5f3cfe885322846db6fb.tar.gz
bugzilla-026539311662235ea26f5f3cfe885322846db6fb.tar.xz
Bug 207044 - Filter more template directives. None of these are security bugs, but they need fixing anyway. Patch by gerv; r,a=justdave.
Diffstat (limited to 'template/en/default/admin')
-rw-r--r--template/en/default/admin/flag-type/confirm-delete.html.tmpl2
-rw-r--r--template/en/default/admin/flag-type/edit.html.tmpl17
-rw-r--r--template/en/default/admin/flag-type/list.html.tmpl2
3 files changed, 14 insertions, 7 deletions
diff --git a/template/en/default/admin/flag-type/confirm-delete.html.tmpl b/template/en/default/admin/flag-type/confirm-delete.html.tmpl
index 6bf1ca43f..ddd99d7ca 100644
--- a/template/en/default/admin/flag-type/confirm-delete.html.tmpl
+++ b/template/en/default/admin/flag-type/confirm-delete.html.tmpl
@@ -29,7 +29,7 @@
%]
<p>
- There are [% flag_count %] flags of type [% name %].
+ There are [% flag_count %] flags of type [% name FILTER html %].
If you delete this type, those flags will also be deleted. Note that
instead of deleting the type you can
<a href="editflagtypes.cgi?action=deactivate&amp;id=[% flag_type.id %]">deactivate it</a>,
diff --git a/template/en/default/admin/flag-type/edit.html.tmpl b/template/en/default/admin/flag-type/edit.html.tmpl
index a56c3bb65..58519466d 100644
--- a/template/en/default/admin/flag-type/edit.html.tmpl
+++ b/template/en/default/admin/flag-type/edit.html.tmpl
@@ -67,10 +67,10 @@
<input type="hidden" name="id" value="[% type.id %]">
<input type="hidden" name="target_type" value="[% type.target_type %]">
[% FOREACH category = type.inclusions %]
- <input type="hidden" name="inclusions" value="[% category %]">
+ <input type="hidden" name="inclusions" value="[% category FILTER html %]">
[% END %]
[% FOREACH category = type.exclusions %]
- <input type="hidden" name="exclusions" value="[% category %]">
+ <input type="hidden" name="exclusions" value="[% category FILTER html %]">
[% END %]
<table id="form" cellspacing="0" cellpadding="4" border="0">
@@ -105,13 +105,17 @@
<select name="product" onchange="selectProduct(this.form, 'product', 'component', '__Any__');">
<option value="">__Any__</option>
[% FOREACH item = products %]
- <option value="[% item %]" [% "selected" IF type.product.name == item %]>[% item %]</option>
+ <option value="[% item FILTER html %]"
+ [% "selected" IF type.product.name == item %]>
+ [% item FILTER html %]</option>
[% END %]
</select><br>
<select name="component">
<option value="">__Any__</option>
[% FOREACH item = components %]
- <option value="[% item %]" [% "selected" IF type.component.name == item %]>[% item %]</option>
+ <option value="[% item FILTER html %]"
+ [% "selected" IF type.component.name == item %]>
+ [% item FILTER html %]</option>
[% END %]
</select><br>
<input type="submit" name="categoryAction" value="Include">
@@ -186,7 +190,10 @@
<tr>
<th></th>
<td>
- <input type="submit" value="[% (last_action == "enter" || last_action == "copy") ? "Create" : "Save Changes" %]">
+ <input type="submit" value="
+ [% IF (last_action == "enter" || last_action == "copy") %]Create
+ [% ELSE %]Save Changes
+ [% END %]">
</td>
</tr>
diff --git a/template/en/default/admin/flag-type/list.html.tmpl b/template/en/default/admin/flag-type/list.html.tmpl
index 0e3306d27..80764d613 100644
--- a/template/en/default/admin/flag-type/list.html.tmpl
+++ b/template/en/default/admin/flag-type/list.html.tmpl
@@ -92,7 +92,7 @@
[% FOREACH type = types %]
- <tr class="[% type.is_active ? "active" : "inactive" %]">
+ <tr class="[% IF type.is_active %]active[% ELSE %]inactive[% END %]">
<td><a href="editflagtypes.cgi?action=edit&amp;id=[% type.id %]">[% type.name FILTER html %]</a></td>
<td>[% type.description FILTER html %]</td>
<td>