gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-10-30 20:51:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

run workflow action name through htmlspecialchars()

Browse Source
This commit is contained in:
Uwe Steinmann 2020-05-08 07:42:38 +02:00
parent d0259109e1
commit fad5c31cf2
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
views/bootstrap/class.ViewDocument.php
View File

@ -1081,7 +1081,7 @@ class SeedDMS_View_ViewDocument extends SeedDMS_Bootstrap_Style {
echo "<td>";
if($latestContent->triggerWorkflowTransitionIsAllowed($user, $transition)) {
$action = $transition->getAction();
print "<form action=\"../out/out.TriggerWorkflow.php\" method=\"get\"><input type=\"hidden\" name=\"documentid\" value=\"".$latestContent->getDocument()->getId()."\" /><input type=\"hidden\" name=\"version\" value=\"".$latestContent->getVersion()."\" /><input type=\"hidden\" name=\"transition\" value=\"".$transition->getID()."\" /><input type=\"submit\" class=\"btn\" value=\"".getMLText('action_'.strtolower($action->getName()), array(), $action->getName())."\" /></form>";
print "<form action=\"../out/out.TriggerWorkflow.php\" method=\"get\"><input type=\"hidden\" name=\"documentid\" value=\"".$latestContent->getDocument()->getId()."\" /><input type=\"hidden\" name=\"version\" value=\"".$latestContent->getVersion()."\" /><input type=\"hidden\" name=\"transition\" value=\"".$transition->getID()."\" /><input type=\"submit\" class=\"btn\" value=\"".getMLText('action_'.strtolower($action->getName()), array(), htmlspecialchars($action->getName()))."\" /></form>";
$allowedtransitions[] = $transition;
}
echo "</td>";