mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-06-25 20:31:31 +02:00
Mereged in patch
This commit is contained in:
jengo
parent
b30c63963d
commit
8b6951b89a
@ -47,6 +47,11 @@ if ($id > 0) {
|
|||||||
$name = $phpgw->db->f(9);
|
$name = $phpgw->db->f(9);
|
||||||
$description = $phpgw->db->f(10);
|
$description = $phpgw->db->f(10);
|
||||||
|
|
||||||
|
$name = stripslashes($name);
|
||||||
|
$name = htmlspecialchars($name);
|
||||||
|
$description = stripslashes($description);
|
||||||
|
$description = htmlspecialchars($description);
|
||||||
|
|
||||||
$phpgw->db->query("SELECT cal_login FROM webcal_entry_user WHERE cal_id=$id");
|
$phpgw->db->query("SELECT cal_login FROM webcal_entry_user WHERE cal_id=$id");
|
||||||
while ($phpgw->db->next_record()) {
|
while ($phpgw->db->next_record()) {
|
||||||
$participants[$phpgw->db->f("cal_login")] = 1;
|
$participants[$phpgw->db->f("cal_login")] = 1;
|
||||||
@ -124,7 +129,7 @@ function validate_and_submit() {
|
|||||||
<TR>
|
<TR>
|
||||||
<TD><B><?php echo lang_calendar("Brief Description"); ?>:</B></TD>
|
<TD><B><?php echo lang_calendar("Brief Description"); ?>:</B></TD>
|
||||||
<TD>
|
<TD>
|
||||||
<INPUT NAME="name" SIZE=25 VALUE="<?php echo htmlentities($name); ?>">
|
<INPUT NAME="name" SIZE=25 VALUE="<?php echo ($name); ?>">
|
||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
|
|
||||||
@ -132,7 +137,7 @@ function validate_and_submit() {
|
|||||||
<TD VALIGN="top"><B><?php echo lang_calendar("Full Description"); ?>:</B></TD>
|
<TD VALIGN="top"><B><?php echo lang_calendar("Full Description"); ?>:</B></TD>
|
||||||
<TD>
|
<TD>
|
||||||
<TEXTAREA NAME="description" ROWS=5 COLS=40 WRAP="virtual"><?php
|
<TEXTAREA NAME="description" ROWS=5 COLS=40 WRAP="virtual"><?php
|
||||||
echo htmlentities($description); ?></TEXTAREA>
|
echo ($description); ?></TEXTAREA>
|
||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
|
|
||||||
|
|||||||
@ -509,7 +509,7 @@ function month_name ( $m ) {
|
|||||||
echo ">";
|
echo ">";
|
||||||
}
|
}
|
||||||
echo "</NOBR>";
|
echo "</NOBR>";
|
||||||
echo htmlentities($phpgw->db->f(1));
|
echo htmlspecialchars(stripslashes($phpgw->db->f(1)));
|
||||||
|
|
||||||
if ($phpgw->db->f(2) == 3)
|
if ($phpgw->db->f(2) == 3)
|
||||||
echo "</font>";
|
echo "</font>";
|
||||||
@ -602,10 +602,10 @@ function month_name ( $m ) {
|
|||||||
}
|
}
|
||||||
$hour_arr[$ind] .= "] ";
|
$hour_arr[$ind] .= "] ";
|
||||||
}
|
}
|
||||||
$hour_arr[$ind] .= "<img src=".$phpgw_info["server"]["app_images"]."/circle.gif border=0 alt=\"" . htmlentities($description) . "\"></a>";
|
$hour_arr[$ind] .= "<img src=".$phpgw_info["server"]["app_images"]."/circle.gif border=0 alt=\"" . htmlspecialchars(stripslashes($description)) . "\"></a>";
|
||||||
if ($pri == 3)
|
if ($pri == 3)
|
||||||
$hour_arr[$ind] .= "<font color=\"CC0000\">";
|
$hour_arr[$ind] .= "<font color=\"CC0000\">";
|
||||||
$hour_arr[$ind] .= htmlspecialchars($name);
|
$hour_arr[$ind] .= htmlspecialchars(stripslashes($name));
|
||||||
|
|
||||||
if ($pri == 3)
|
if ($pri == 3)
|
||||||
$hour_arr[$ind] .= "</font>";
|
$hour_arr[$ind] .= "</font>";
|
||||||
|
|||||||
@ -58,13 +58,16 @@
|
|||||||
$name = $phpgw->db->f(9);
|
$name = $phpgw->db->f(9);
|
||||||
$description = $phpgw->db->f(10);
|
$description = $phpgw->db->f(10);
|
||||||
|
|
||||||
|
$name = stripslashes($name);
|
||||||
|
$name = htmlspecialchars($name);
|
||||||
|
$description = stripslashes($description);
|
||||||
$description = htmlspecialchars($description);
|
$description = htmlspecialchars($description);
|
||||||
$description = nl2br($description);
|
$description = nl2br($description);
|
||||||
|
|
||||||
?>
|
?>
|
||||||
<h2>
|
<h2>
|
||||||
<font color="<?php echo $H2COLOR; ?>">
|
<font color="<?php echo $H2COLOR; ?>">
|
||||||
<?php echo htmlspecialchars($name); ?>
|
<?php echo ($name); ?>
|
||||||
</font>
|
</font>
|
||||||
</h2>
|
</h2>
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user