gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-11 12:11:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

pass group/user name to htmlspecialchars() before output

Browse Source
This commit is contained in:
Uwe Steinmann 2014-06-17 19:07:51 +02:00
parent cf7a6becf2
commit 3cd1219b81
2 changed files with 67 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
views/bootstrap/class.AddDocument.php
View File

@ -284,7 +284,7 @@ $(document).ready(function() {
foreach ($res as $r) {
if($r['reviewerUserID'] > 0) {
$u = $dms->getUser($r['reviewerUserID']);
$tmp[] = $u->getFullName().' ('.$u->getLogin().')';
$tmp[] = htmlspecialchars($u->getFullName().' ('.$u->getLogin().')');
}
}
if($tmp) {
@ -335,7 +335,7 @@ $(document).ready(function() {
foreach ($res as $r) {
if($r['reviewerGroupID'] > 0) {
$u = $dms->getGroup($r['reviewerGroupID']);
$tmp[] = $u->getName();
$tmp[] = htmlspecialchars($u->getName());
}
}
if($tmp) {
@ -394,7 +394,7 @@ $(document).ready(function() {
foreach ($res as $r) {
if($r['approverUserID'] > 0) {
$u = $dms->getUser($r['approverUserID']);
$tmp[] = $u->getFullName().' ('.$u->getLogin().')';
$tmp[] = htmlspecialchars($u->getFullName().' ('.$u->getLogin().')');
}
}
if($tmp) {
@ -446,7 +446,7 @@ $(document).ready(function() {
foreach ($res as $r) {
if($r['approverGroupID'] > 0) {
$u = $dms->getGroup($r['approverGroupID']);
$tmp[] = $u->getName();
$tmp[] = htmlspecialchars($u->getName());
}
}
if($tmp) {

63
views/bootstrap/class.UpdateDocument.php
View File

@ -203,6 +203,21 @@ function checkForm()
?>
</select>
<?php
/* List all mandatory reviewers */
if($res) {
$tmp = array();
foreach ($res as $r) {
if($r['reviewerUserID'] > 0) {
$u = $dms->getUser($r['reviewerUserID']);
$tmp[] = htmlspecialchars($u->getFullName().' ('.$u->getLogin().')');
}
}
if($tmp) {
echo '<div class="mandatories"><span>'.getMLText('mandatory_reviewers').':</span> ';
echo implode(', ', $tmp);
echo "</div>\n";
}
}
/* Check for mandatory reviewer without access */
foreach($res as $r) {
if($r['reviewerUserID']) {
@ -238,6 +253,22 @@ function checkForm()
?>
</select>
<?php
/* List all mandatory groups of reviewers */
if($res) {
$tmp = array();
foreach ($res as $r) {
if($r['reviewerGroupID'] > 0) {
$u = $dms->getGroup($r['reviewerGroupID']);
$tmp[] = htmlspecialchars($u->getName());
}
}
if($tmp) {
echo '<div class="mandatories"><span>'.getMLText('mandatory_reviewergroups').':</span> ';
echo implode(', ', $tmp);
echo "</div>\n";
}
}
/* Check for mandatory reviewer group without access */
foreach($res as $r) {
if ($r['reviewerGroupID']) {
@ -280,6 +311,22 @@ function checkForm()
?>
</select>
<?php
/* List all mandatory approvers */
if($res) {
$tmp = array();
foreach ($res as $r) {
if($r['approverUserID'] > 0) {
$u = $dms->getUser($r['approverUserID']);
$tmp[] = htmlspecialchars($u->getFullName().' ('.$u->getLogin().')');
}
}
if($tmp) {
echo '<div class="mandatories"><span>'.getMLText('mandatory_approvers').':</span> ';
echo implode(', ', $tmp);
echo "</div>\n";
}
}
/* Check for mandatory approvers without access */
foreach($res as $r) {
if($r['approverUserID']) {
@ -315,6 +362,22 @@ function checkForm()
?>
</select>
<?php
/* List all mandatory groups of approvers */
if($res) {
$tmp = array();
foreach ($res as $r) {
if($r['approverGroupID'] > 0) {
$u = $dms->getGroup($r['approverGroupID']);
$tmp[] = htmlspecialchars($u->getName());
}
}
if($tmp) {
echo '<div class="mandatories"><span>'.getMLText('mandatory_approvergroups').':</span> ';
echo implode(', ', $tmp);
echo "</div>\n";
}
}
/* Check for mandatory approver groups without access */
foreach($res as $r) {
if ($r['approverGroupID']) {