Changeset 20741 for branches/version-2_5-dev/data/Smarty/templates/admin/design

Timestamp:

2011/03/20 14:45:13 (13 years ago)

Author:

kotani

Message:

#862 (テンプレート上のエスケープを簡単に)実装漏れ箇所

File:

• branches/version-2_5-dev/data/Smarty/templates/admin/design/css.tpl (modified) (4 diffs)

branches/version-2_5-dev/data/Smarty/templates/admin/design/css.tpl

@@ -25 +25 @@
 <input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
 <input type="hidden" name="mode" value="" />
-<input type="hidden" name="area_row" value="<!--{$area_row}-->" />
-<input type="hidden" name="old_css_name" value="<!--{$old_css_name}-->" />
+<input type="hidden" name="area_row" value="<!--{$area_row|h}-->" />
+<input type="hidden" name="old_css_name" value="<!--{$old_css_name|h}-->" />
 <input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
 <div id="design" class="contents-main">
@@ -36 +36 @@
             <td>
                 <!--{if $arrErr.css_name != ""}--><span class="attention"><!--{$arrErr.css_name}--></span><br /><!--{/if}-->
-                <input type="text" name="css_name" value="<!--{$css_name}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.css_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />.css<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
+                <input type="text" name="css_name" value="<!--{$css_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.css_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />.css<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
             </td>
         </tr>
@@ -60 +60 @@
     <h2>編集可能CSSファイル</h2>
     <div class="btn addnew">
-        <a class="btn-normal" href="?" onclick="fnFormModeSubmit('form_css','','',''); return false;"><span>CSSを新規入力</span></a>
+        <a class="btn-normal" href="?device_type_id=<!--{$device_type_id|h}-->"><span>CSSを新規入力</span></a>
     </div>
     <table class="list" id="design-css-list">
@@ -71 +71 @@
         <!--{foreach key=key item=item from=$arrCSSList}-->
         <tr>
-            <td style="background:<!--{if $item.css_name == $css_name}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;"><!--{$item.file_name}--></td>
+            <td style="background:<!--{if $item.css_name == $css_name}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;"><!--{$item.file_name|h}--></td>
             <td class="center" style="background:<!--{if $item.css_name == $css_name}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;">
-                <a href="?css_name=<!--{$item.css_name}-->&amp;device_type_id=<!--{$device_type_id}-->">編集</a>
+                <a href="?css_name=<!--{$item.css_name|h}-->&amp;device_type_id=<!--{$device_type_id|h}-->">編集</a>
             </td>
             <td class="center" style="background:<!--{if $item.css_name == $css_name}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;">
-                <a href="javascript:;" onclick="fnFormModeSubmit('form_css','delete','css_name','<!--{$item.css_name}-->'); return false;">削除</a>
+                <a href="javascript:;" onclick="fnFormModeSubmit('form_css','delete','css_name','<!--{$item.css_name|h}-->'); return false;">削除</a>
             </td>
         </tr>