|
|
@@ -110,12 +110,12 @@ else {
|
|
|
foreach($result as $row) {
|
|
|
$tr_link = "href='menu_edit.php?id=".$row['menu_uuid']."'";
|
|
|
echo "<tr ".$tr_link.">\n";
|
|
|
- echo " <td valign='top' class='".$row_style[$c]."'><a href='menu_edit.php?id=".$row['menu_uuid']."'>".$row['menu_name']."</a></td>\n";
|
|
|
- echo " <td valign='top' class='".$row_style[$c]."'>".$row['menu_language']."</td>\n";
|
|
|
- echo " <td valign='top' class='row_stylebg'>".$row['menu_description']." </td>\n";
|
|
|
+ echo " <td valign='top' class='".$row_style[$c]."'><a href='menu_edit.php?id=".escape($row['menu_uuid'])."'>".escape($row['menu_name'])."</a></td>\n";
|
|
|
+ echo " <td valign='top' class='".$row_style[$c]."'>".escape($row['menu_language'])."</td>\n";
|
|
|
+ echo " <td valign='top' class='row_stylebg'>".escape($row['menu_description'])." </td>\n";
|
|
|
echo " <td class='list_control_icons'>";
|
|
|
- echo "<a href='menu_edit.php?id=".$row['menu_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
|
|
|
- echo "<a href='menu_delete.php?id=".$row['menu_uuid']."&menu_uuid=".$row['menu_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
|
|
|
+ echo "<a href='menu_edit.php?id=".escape($row['menu_uuid'])."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
|
|
|
+ echo "<a href='menu_delete.php?id=".escape($row['menu_uuid'])."&menu_uuid=".escape($row['menu_uuid'])."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
|
|
|
echo " </td>\n";
|
|
|
echo "</tr>\n";
|
|
|
if ($c==0) { $c=1; } else { $c=0; }
|
|
|
@@ -143,4 +143,4 @@ else {
|
|
|
|
|
|
//include the footer
|
|
|
require_once "resources/footer.php";
|
|
|
-?>
|
|
|
+?>
|
AlexanderDCrane