|
|
@@ -146,44 +146,44 @@ else {
|
|
|
//echo " </tr>";
|
|
|
echo " <tr>";
|
|
|
echo " <td nowrap>".$text['label-sub-title']."</td>";
|
|
|
- echo " <td width='100%'><input type='text' name='rss_sub_title' class='txt' value='$rss_sub_title'></td>";
|
|
|
+ echo " <td width='100%'><input type='text' name='rss_sub_title' class='txt' value='".escape($rss_sub_title)."'></td>";
|
|
|
echo " </tr>";
|
|
|
echo " <tr>";
|
|
|
echo " <td>".$text['label-sub-link']."</td>";
|
|
|
- echo " <td><input type='text' name='rss_sub_link' class='txt' value='$rss_sub_link'></td>";
|
|
|
+ echo " <td><input type='text' name='rss_sub_link' class='txt' value='".escape($rss_sub_link)."'></td>";
|
|
|
echo " </tr>";
|
|
|
echo " <tr>";
|
|
|
echo " <td valign='top'>".$text['label-description']."</td>";
|
|
|
echo " <td>";
|
|
|
- echo " <textarea name='rss_sub_description' rows='12' class='txt'>$rss_sub_description</textarea>";
|
|
|
+ echo " <textarea name='rss_sub_description' rows='12' class='txt'>".escape($rss_sub_description)."</textarea>";
|
|
|
echo " </td>";
|
|
|
echo " </tr>";
|
|
|
//echo " <tr>";
|
|
|
//echo " <td>rss_sub_optional_1</td>";
|
|
|
- //echo " <td><input type='text' name='rss_sub_optional_1' value='$rss_sub_optional_1'></td>";
|
|
|
+ //echo " <td><input type='text' name='rss_sub_optional_1' value='".escape($rss_sub_optional_1)."'></td>";
|
|
|
//echo " </tr>";
|
|
|
//echo " <tr>";
|
|
|
//echo " <td>rss_sub_optional_2</td>";
|
|
|
- //echo " <td><input type='text' name='rss_sub_optional_2' value='$rss_sub_optional_2'></td>";
|
|
|
+ //echo " <td><input type='text' name='rss_sub_optional_2' value='".escape($rss_sub_optional_2)."'></td>";
|
|
|
//echo " </tr>";
|
|
|
//echo " <tr>";
|
|
|
//echo " <td>rss_sub_optional_3</td>";
|
|
|
- //echo " <td><input type='text' name='rss_sub_optional_3' value='$rss_sub_optional_3'></td>";
|
|
|
+ //echo " <td><input type='text' name='rss_sub_optional_3' value='".escape($rss_sub_optional_3)."'></td>";
|
|
|
//echo " </tr>";
|
|
|
//echo " <tr>";
|
|
|
//echo " <td>rss_sub_optional_4</td>";
|
|
|
- //echo " <td><input type='text' name='rss_sub_optional_4' value='$rss_sub_optional_4'></td>";
|
|
|
+ //echo " <td><input type='text' name='rss_sub_optional_4' value='".escape($rss_sub_optional_4)."'></td>";
|
|
|
//echo " </tr>";
|
|
|
//echo " <tr>";
|
|
|
//echo " <td>rss_sub_optional_5</td>";
|
|
|
- //echo " <td><input type='text' name='rss_sub_optional_5' value='$rss_sub_optional_5'></td>";
|
|
|
+ //echo " <td><input type='text' name='rss_sub_optional_5' value='".escape($rss_sub_optional_5)."'></td>";
|
|
|
//echo " </tr>";
|
|
|
|
|
|
echo " <tr>";
|
|
|
echo " <td colspan='2' align='right'>";
|
|
|
- echo " <input type='hidden' name='rss_uuid' value='$rss_uuid'>";
|
|
|
+ echo " <input type='hidden' name='rss_uuid' value='".escape($rss_uuid)."'>";
|
|
|
echo " <input type='hidden' name='persistform' value='0'>";
|
|
|
- echo " <input type='hidden' name='rss_sub_uuid' value='$rss_sub_uuid'>";
|
|
|
+ echo " <input type='hidden' name='rss_sub_uuid' value='".escape($rss_sub_uuid)."'>";
|
|
|
echo " <br><br>";
|
|
|
echo " <input type='submit' name='submit' class='btn' value='".$text['button-update']."'>";
|
|
|
echo " </td>";
|
AlexanderDCrane