extern/egroupware
1
0
Fork 1
mirror of https://github.com/EGroupware/egroupware.git synced 2025-01-27 16:29:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

Mereged in patch

Browse Source
This commit is contained in:
jengo 2000-09-05 04:05:39 +00:00
parent b30c63963d
commit 8b6951b89a
3 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
calendar/edit_entry.php
View File

@ -47,6 +47,11 @@ if ($id > 0) {
$name = $phpgw->db->f(9);
$description = $phpgw->db->f(10);
$name = stripslashes($name);
$name = htmlspecialchars($name);
$description = stripslashes($description);
$description = htmlspecialchars($description);
$phpgw->db->query("SELECT cal_login FROM webcal_entry_user WHERE cal_id=$id");
while ($phpgw->db->next_record()) {
$participants[$phpgw->db->f("cal_login")] = 1;
@ -124,7 +129,7 @@ function validate_and_submit() {
<TR>
<TD><B><?php echo lang_calendar("Brief Description"); ?>:</B></TD>
<TD>
<INPUT NAME="name" SIZE=25 VALUE="<?php echo htmlentities($name); ?>">
<INPUT NAME="name" SIZE=25 VALUE="<?php echo ($name); ?>">
</TD>
</TR>
@ -132,7 +137,7 @@ function validate_and_submit() {
<TD VALIGN="top"><B><?php echo lang_calendar("Full Description"); ?>:</B></TD>
<TD>
<TEXTAREA NAME="description" ROWS=5 COLS=40 WRAP="virtual"><?php
echo htmlentities($description); ?></TEXTAREA>
echo ($description); ?></TEXTAREA>
</TD>
</TR>

6
calendar/inc/functions.inc.php
View File

@ -509,7 +509,7 @@ function month_name ( $m ) {
echo "&gt;";
}
echo "</NOBR>";
echo htmlentities($phpgw->db->f(1));
echo htmlspecialchars(stripslashes($phpgw->db->f(1)));
if ($phpgw->db->f(2) == 3)
echo "</font>";
@ -602,10 +602,10 @@ function month_name ( $m ) {
}
$hour_arr[$ind] .= "] ";
}
$hour_arr[$ind] .= "<img src=".$phpgw_info["server"]["app_images"]."/circle.gif border=0 alt=\"" . htmlentities($description) . "\"></a>";
$hour_arr[$ind] .= "<img src=".$phpgw_info["server"]["app_images"]."/circle.gif border=0 alt=\"" . htmlspecialchars(stripslashes($description)) . "\"></a>";
if ($pri == 3)
$hour_arr[$ind] .= "<font color=\"CC0000\">";
$hour_arr[$ind] .= htmlspecialchars($name);
$hour_arr[$ind] .= htmlspecialchars(stripslashes($name));
if ($pri == 3)
$hour_arr[$ind] .= "</font>";

5
calendar/view.php
View File

@ -58,13 +58,16 @@
$name = $phpgw->db->f(9);
$description = $phpgw->db->f(10);
$name = stripslashes($name);
$name = htmlspecialchars($name);
$description = stripslashes($description);
$description = htmlspecialchars($description);
$description = nl2br($description);
?>
<h2>
<font color="<?php echo $H2COLOR; ?>">
<?php echo htmlspecialchars($name); ?>
<?php echo ($name); ?>
</font>
</h2>