merge from 1.5.3 (~r10943)

git-svn-id: http://xe-core.googlecode.com/svn/trunk@10951 201d5d3c-b55e-5fd7-737f-ddc643e51545

widgets/login_info/skins/xe_global/login_form.html

@@ -16,16 +16,16 @@
     xAddEventListener(window, "load", function(){ doFocusUserId("fo_login_widget"); });
 </script>
 
-<form action="./" method="post" ruleset="@login" id="fo_login_widget">
+<form action="{getUrl('','act','procMemberLogin')}" method="post" ruleset="@login" id="fo_login_widget">
 <fieldset id="login" class="login_{$colorset}">
 <legend>{$lang->cmd_login}</legend>
 	<h2>Login</h2>
 	<input type="hidden" name="act" value="procMemberLogin" />
-	<input type="hidden" name="success_return_url" value="{getRequestUriByServerEnviroment()}" />
+	<input type="hidden" name="success_return_url" value="{htmlspecialchars(getRequestUriByServerEnviroment())}" />
     <div class="idpwWrap">
         <div class="idpw">
-            <input name="user_id" type="text" title="user id" />
-            <input name="password" type="password" title="password" />
+            <input name="user_id" type="text" title="<!--@if($member_config->identifier != 'email_address')-->{$lang->user_id}<!--@else-->{$lang->email_address}<!--@end-->" />
+            <input name="password" type="password" title="{$lang->password}" />
         </div>
 		<p class="save">
         <input type="checkbox" name="keep_signed" id="keepid" value="Y" onclick="if(this.checked) return confirm(keep_signed_msg);" />

widgets/login_info/skins/xe_globalTwo/login_form.html

@@ -17,16 +17,16 @@
 </script>
 
 
-<form action="./" method="post" ruleset="@login" id="fo_login_widget" class="fo_login_widget">
+<form action="{getUrl('','act','procMemberLogin')}" method="post" ruleset="@login" id="fo_login_widget" class="fo_login_widget">
 	<fieldset id="login" class="login_{$colorset}">
 	<legend>{$lang->cmd_login}</legend>
 	<input type="hidden" name="act" value="procMemberLogin" />
-	<input type="hidden" name="success_return_url" value="{getRequestUriByServerEnviroment()}" />
+	<input type="hidden" name="success_return_url" value="{htmlspecialchars(getRequestUriByServerEnviroment())}" />
 	<h2>Login</h2>
     <div class="idpwWrap">
         <div class="idpw">
-            <input name="user_id" type="text" title="user id" />
-            <input name="password" type="password" title="password" />
+            <input name="user_id" type="text" title="<!--@if($member_config->identifier != 'email_address')-->{$lang->user_id}<!--@else-->{$lang->email_address}<!--@end-->" />
+            <input name="password" type="password" title="{$lang->password}" />
         </div>
 		<p class="save">
         <input type="checkbox" name="keep_signed" id="keepid" value="Y" onclick="if(this.checked) return confirm(keep_signed_msg);" />

widgets/login_info/skins/xe_official/login_form.html

@@ -14,14 +14,14 @@
 <div cond="$XE_VALIDATOR_MESSAGE" class="message {$XE_VALIDATOR_MESSAGE_TYPE}">
 	<p>{$XE_VALIDATOR_MESSAGE}</p>
 </div>
-<form id="fo_login_widget" action="./" method="post" ruleset="@login" class="login_{$colorset}">
+<form id="fo_login_widget" action="{getUrl('','act','procMemberLogin')}" method="post" ruleset="@login" class="login_{$colorset}">
 	<fieldset>
 		<input type="hidden" name="act" value="procMemberLogin" />
-		<input type="hidden" name="success_return_url" value="{getRequestUriByServerEnviroment()}" />
+		<input type="hidden" name="success_return_url" value="{htmlspecialchars(getRequestUriByServerEnviroment())}" />
 		<div class="idpwWrap">
 			<div class="idpw">
-				<input name="user_id" type="text" title="user id" />
-				<input name="password" type="password" title="password" />
+				<input name="user_id" type="text" title="<!--@if($member_config->identifier != 'email_address')-->{$lang->user_id}<!--@else-->{$lang->email_address}<!--@end-->" />
+				<input name="password" type="password" title="{$lang->password}" />
 				<p class="keep">
 					<input type="checkbox" name="keep_signed" id="keep_signed" value="Y" />
 					<label for="keep_signed">{$lang->keep_signed}</label>

widgets/login_info/skins/xe_solid_enterprise_login/login_form.html

@@ -10,11 +10,11 @@ var keep_signed_msg = "{$lang->about_keep_signed}";
 
 </script>
 
-<form action="./" method="post" ruleset="@login" id="fo_login_widget">
+<form action="{getUrl('','act','procMemberLogin')}" method="post" ruleset="@login" id="fo_login_widget">
 <fieldset id="login">
 <legend>{$lang->cmd_login}</legend>
 <input type="hidden" name="act" value="procMemberLogin" />
-<input type="hidden" name="success_return_url" value="{getRequestUriByServerEnviroment()}" />
+<input type="hidden" name="success_return_url" value="{htmlspecialchars(getRequestUriByServerEnviroment())}" />
 <div id="sign_box">
 	<div class="txt sign_state1"><span class="label">Sign in</span></div>
 	<div class="signin_window" style="display:none;">
@@ -22,8 +22,8 @@ var keep_signed_msg = "{$lang->about_keep_signed}";
 		<div class="body">
 			<div class="mb_input_box">
 				<div class="m_left">
-					<div class="input_text mb_id"><img src="images/bullet_input_id.gif" alt="" title="" /><input name="user_id" type="text" title="user id" /></div>
-					<div class="input_text mb_pw"><img src="images/bullet_input_pw.gif" alt="" title="" /><input name="password"type="password" title="password" /></div>
+					<div class="input_text mb_id"><img src="images/bullet_input_id.gif" alt="" title="" /><input name="user_id" type="text" title="<!--@if($member_config->identifier != 'email_address')-->{$lang->user_id}<!--@else-->{$lang->email_address}<!--@end-->" /></div>
+					<div class="input_text mb_pw"><img src="images/bullet_input_pw.gif" alt="" title="" /><input name="password" type="password" title="{$lang->password}" /></div>
 					<label><input  type="checkbox" name="keep_signed" id="keepid" class="sign_check" value="Y" onclick="if(this.checked) return confirm(keep_signed_msg);" />{$lang->keep_signed}</label>
 					
 					<p cond="$ssl_mode" class="securitySignIn <!--@if($ssl_mode)-->SSL<!--@else-->noneSSL<!--@end-->">