Strona główna Odkrywaj Pomoc
Zaloguj się
fusionpbx
/
fusionpbx-apps
kopia lustrzana https://github.com/fusionpbx/fusionpbx-apps.git
2
0
Forkuj 0
Pliki Problemy 0 Wiki
Przeglądaj źródła

Update rssupdate.php (#99)

AlexanderDCrane 6 lat temu
rodzic
f5d15bdc2c
commit
b3568269d4
1 zmienionych plików z 18 dodań i 18 usunięć
Widok podzielony Pokaż statystyki zmian
  1. 18 18
      content/rssupdate.php

+ 18 - 18
content/rssupdate.php
Wyświetl plik 

@@ -168,25 +168,25 @@ else {
 
 
 	//echo "	<tr>";
 
 	//echo "		<td class='vncellreq'>Category</td>";
 
-	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_category' value='$rss_category'></td>";
 
+	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_category' value='".escape($rss_category)."'></td>";
 
 	//echo "	</tr>";
 
 	//echo "	<tr>";
 
 	//echo "		<td class='vncellreq' nowrap>Sub Category</td>";
 
-	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_sub_category' value='$rss_sub_category'></td>";
 
+	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_sub_category' value='".escape($rss_sub_category)."'></td>";
 
 	//echo "	</tr>";
 
 	echo "	<tr>";
 
 	echo "		<td width='30%' class='vncellreq' nowrap>".$text['label-title']."</td>";
 
-	echo "		<td width='70%' class='vtable' width='100%'><input type='text' class='formfld' name='rss_title' value='$rss_title'></td>";
 
+	echo "		<td width='70%' class='vtable' width='100%'><input type='text' class='formfld' name='rss_title' value='".escape($rss_title)."'></td>";
 
 	echo "	</tr>";
 
 	echo "	<tr>";
 
 	echo "		<td class='vncellreq'>".$text['label-link']."</td>";
 
-	echo "		<td class='vtable'><input type='text' class='formfld' name='rss_link' value='$rss_link'></td>";
 
+	echo "		<td class='vtable'><input type='text' class='formfld' name='rss_link' value='".escape($rss_link)."'></td>";
 
 	echo "	</tr>";
 
 
 	echo "	<tr>";
 
 	echo "		<td class='vncellreq'>".$text['label-group']."</td>";
 
 	echo "		<td class='vtable'>";
 
-	//echo "            <input type='text' class='formfld' name='menuparentid' value='$menuparentid'>";
 
+	//echo "            <input type='text' class='formfld' name='menuparentid' value='".escape($menuparentid)."'>";
 
 
 	//---- Begin Select List --------------------
 
 	$sql = "SELECT * FROM v_groups ";
 
@@ -201,10 +201,10 @@ else {
 
 	//$count = count($result);
 
 	foreach($result as $field) {
 
 			if ($rss_group == $field[group_name]) {
 
-				echo "<option value='".$field[group_name]."' selected>".$field[group_name]."</option>\n";
 
+				echo "<option value='".escape($field[group_name])."' selected>".escape($field[group_name])."</option>\n";
 
 			}
 
 			else {
 
-				echo "<option value='".$field[group_name]."'>".$field[group_name]."</option>\n";
 
+				echo "<option value='".escape($field[group_name])."'>".escape($field[group_name])."</option>\n";
 
 			}
 
 	}
 
 
@@ -228,10 +228,10 @@ else {
 
 		while (false !== ($file = readdir($handle))) {
 
 			if ($file != "." && $file != ".." && $file != ".svn" && is_dir($theme_dir.'/'.$file)) {
 
 				if ($file == $rss_sub_category) {
 
-					echo "<option value='$file' selected='selected'>$file</option>\n";
 
+					echo "<option value='".escape($file)."' selected='selected'>".escape($file)."</option>\n";
 
 				}
 
 				else {
 
-					echo "<option value='$file'>$file</option>\n";
 
+					echo "<option value='".escape($file)."'>".escape($file)."</option>\n";
 
 				}
 
 			}
 
 		}
 
@@ -307,9 +307,9 @@ else {
 
 	//echo "	<tr>";
 
 	//echo "		<td class='vncellreq'>Priority</td>";
 
 	//echo "		<td class='vtable'>";
 
-	//echo "            <input type='text' name='rss_optional_1' value='$rss_optional_1'>";
 
+	//echo "            <input type='text' name='rss_optional_1' value='".escape($rss_optional_1)."'>";
 
 	//echo "            <select name=\"rss_optional_1\" class='formfld'>\n";
 
-	//echo "            <option value=\"$rss_optional_1\">$rss_optional_1</option>\n";
 
+	//echo "            <option value=\"".escape($rss_optional_1)."\">".escape($rss_optional_1)."</option>\n";
 
 	//echo "            <option value=\"\"></option>\n";
 
 	//echo "            <option value=\"low\">low</option>\n";
 
 	//echo "            <option value=\"med\">med</option>\n";
 
@@ -320,9 +320,9 @@ else {
 
 	//echo "	<tr>";
 
 	//echo "		<td class='vncellreq'>Status</td>";
 
 	//echo "		<td class='vtable'>";
 
-	//echo "            <input type='text' name='rss_optional_2' value='$rss_optional_2'>";
 
+	//echo "            <input type='text' name='rss_optional_2' value='".escape($rss_optional_2)."'>";
 
 	//echo "            <select name=\"rss_optional_2\" class=\"formfld\">\n";
 
-	//echo "            <option value=\"$rss_optional_2\">$rss_optional_2</option>\n";
 
+	//echo "            <option value=\"".escape($rss_optional_2)."\">".escape($rss_optional_2)."</option>\n";
 
 	//echo "            <option value=\"\"></option>\n";
 
 	//echo "            <option value=\"0\">0</option>\n";
 
 	//echo "            <option value=\"10\">10</option>\n";
 
@@ -340,19 +340,19 @@ else {
 
 	//echo "	</tr>";
 
 	//echo "	<tr>";
 
 	//echo "		<td class='vncellreq'>Optional 3</td>";
 
-	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_optional_3' value='$rss_optional_3'></td>";
 
+	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_optional_3' value='".escape($rss_optional_3)."'></td>";
 
 	//echo "	</tr>";
 
 	//echo "	<tr>";
 
 	//echo "		<td class='vncellreq'>Optional 4</td>";
 
-	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_optional_4' value='$rss_optional_4'></td>";
 
+	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_optional_4' value='".escape($rss_optional_4)."'></td>";
 
 	//echo "	</tr>";
 
 	//echo "	<tr>";
 
 	//echo "		<td class='vncellreq'>rss_optional_5</td>";
 
-	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_optional_5' value='$rss_optional_5'></td>";
 
+	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_optional_5' value='".escape($rss_optional_5)."'></td>";
 
 	//echo "	</tr>";
 
 	//echo "	<tr>";
 
 	//echo "		<td class='vncellreq'>rss_add_date</td>";
 
-	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_add_date' value='$rss_add_date'></td>";
 
+	//echo "		<td class='vtable'><input type='text' class='formfld' name='rss_add_date' value='".escape($rss_add_date)."'></td>";
 
 	//echo "	</tr>";
 
 
 	echo "	<tr>";
 
@@ -360,7 +360,7 @@ else {
 
 	//echo "<input type=\"button\" value=\"Load\" onclick=\"document.getElementById('rss_description').innerHTML = ajaxresponse;\" />";
 
 	//echo "<input type=\"button\" value=\"Load\" onclick=\"ajaxLoad('rss_description', ajaxresponse);\" />";
 
 
-	echo "          <input type='hidden' name='rss_uuid' value='$rss_uuid'>";
 
+	echo "          <input type='hidden' name='rss_uuid' value='".escape($rss_uuid)."'>";
 
 	echo "			<br><br>";
 
 	echo "          <input type='submit' class='btn' name='submit' value='".$text['button-save']."'>";
 
 	echo "		</td>";