gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-06-01 14:37:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix possible xss attack

Browse Source
This commit is contained in:
Uwe Steinmann 2025-03-26 09:36:38 +01:00
parent b7e075cdba
commit 28ba7b59b9
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
views/bootstrap/class.Tasks.php
View File

@ -323,7 +323,7 @@ class SeedDMS_View_Tasks extends SeedDMS_Theme_Style {
$subitems = [];
foreach($tasks['receipt'] as $t) {
$doc = $dms->getDocument($t['id']);
$subitems[] = array('label'=>$doc->getName(), 'link'=>"../out/out.ViewDocument.php?documentid=".$doc->getID()."&currenttab=recipients", 'class'=>"table-row-document", 'rel'=>"document_".$doc->getID());
$subitems[] = array('label'=>htmlspecialchars($doc->getName()), 'link'=>"../out/out.ViewDocument.php?documentid=".$doc->getID()."&currenttab=recipients", 'class'=>"table-row-document", 'rel'=>"document_".$doc->getID());
}
$menuitems['tasks']['children']['receipt'] = array('label'=>getMLText('documents_to_receipt'), 'children'=>$subitems);
}
@ -331,7 +331,7 @@ class SeedDMS_View_Tasks extends SeedDMS_Theme_Style {
$subitems = [];
foreach($tasks['revision'] as $t) {
$doc = $dms->getDocument($t['id']);
$subitems[] = array('label'=>$doc->getName(), 'link'=>"../out/out.ViewDocument.php?documentid=".$doc->getID()."&currenttab=revision", 'class'=>"table-row-document", 'rel'=>"document_".$doc->getID());
$subitems[] = array('label'=>htmlspecialchars($doc->getName()), 'link'=>"../out/out.ViewDocument.php?documentid=".$doc->getID()."&currenttab=revision", 'class'=>"table-row-document", 'rel'=>"document_".$doc->getID());
}
$menuitems['tasks']['children']['revision'] = array('label'=>getMLText('documents_to_revise'), 'children'=>$subitems);
}
@ -339,7 +339,7 @@ class SeedDMS_View_Tasks extends SeedDMS_Theme_Style {
$subitems = [];
foreach($tasks['needscorrection'] as $t) {
$doc = $dms->getDocument($t['id']);
$subitems[] = array('label'=>$doc->getName(), 'link'=>"../out/out.ViewDocument.php?documentid=".$doc->getID()."&currenttab=docinfo", 'class'=>"table-row-document", 'rel'=>"document_".$doc->getID());
$subitems[] = array('label'=>htmlspecialchars($doc->getName()), 'link'=>"../out/out.ViewDocument.php?documentid=".$doc->getID()."&currenttab=docinfo", 'class'=>"table-row-document", 'rel'=>"document_".$doc->getID());
}
$menuitems['tasks']['children']['needscorrection'] = array('label'=>getMLText('documents_to_correct'), 'children'=>$subitems);
}
@ -355,7 +355,7 @@ class SeedDMS_View_Tasks extends SeedDMS_Theme_Style {
$subitems = [];
foreach($tasks['checkedout'] as $t) {
$doc = $dms->getDocument($t['id']);
$subitems[] = array('label'=>$doc->getName(), 'link'=>"../out/out.ViewDocument.php?documentid=".$doc->getID()."&currenttab=docinfo", 'class'=>"table-row-document", 'rel'=>"document_".$doc->getID());
$subitems[] = array('label'=>htmlspecialchars($doc->getName()), 'link'=>"../out/out.ViewDocument.php?documentid=".$doc->getID()."&currenttab=docinfo", 'class'=>"table-row-document", 'rel'=>"document_".$doc->getID());
}
$menuitems['tasks']['children']['checkedout'] = array('label'=>getMLText('documents_checked_out_by_you'), 'children'=>$subitems);
}