AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-24 22:45:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Documents

Browse Source 
- Properly escape HTML in the edit modal
- Tidy
This commit is contained in:
Marcus Hill
2023-03-11 19:55:38 +00:00
parent 4344a4fcca
commit 90bba73aac
4 changed files with 16 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
client_document_details.php
View File

@@ -1,7 +1,7 @@
<?php require_once("inc_all_client.php"); ?>
<?php <?php
require_once("inc_all_client.php");
if (isset($_GET['document_id'])) { if (isset($_GET['document_id'])) {
$document_id = intval($_GET['document_id']); $document_id = intval($_GET['document_id']);
} }
@@ -82,9 +82,7 @@ $document_folder_id = intval($row['document_folder_id']);
<?php <?php
include("client_document_edit_modal.php"); require_once("client_document_edit_modal.php");
include("share_modal.php"); require_once("share_modal.php");
?> require_once("footer.php");
<?php include("footer.php"); ?>

2
client_document_edit_modal.php
View File

@@ -17,7 +17,7 @@
</div> </div>
<div class="form-group"> <div class="form-group">
<textarea class="form-control summernote" name="content"><?php echo $document_content; ?></textarea> <textarea class="form-control summernote" name="content"><?php echo htmlentities($document_content); ?></textarea>
</div> </div>
<div class="form-group"> <div class="form-group">

10
client_document_template_details.php
View File

@@ -1,7 +1,7 @@
<?php require_once("inc_all_client.php"); ?>
<?php <?php
require_once("inc_all_client.php");
if (isset($_GET['document_id'])) { if (isset($_GET['document_id'])) {
$document_id = intval($_GET['document_id']); $document_id = intval($_GET['document_id']);
@@ -60,8 +60,6 @@ $document_updated_at = htmlentities($row['document_updated_at']);
<?php <?php
include("client_document_template_edit_modal.php"); require_once("client_document_template_edit_modal.php");
?> require_once("footer.php");
<?php include("footer.php"); ?>

2
client_document_template_edit_modal.php
View File

@@ -16,7 +16,7 @@
</div> </div>
<div class="form-group"> <div class="form-group">
<textarea class="form-control summernote" name="content"><?php echo $document_content; ?></textarea> <textarea class="form-control summernote" name="content"><?php echo htmlentities($document_content); ?></textarea>
</div> </div>
</div> </div>