fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-31 00:59:58 +09:00
Code Issues Projects Releases Packages Wiki Activity

issue 1985 when insert db, add htmlspecialchars to menu name

Browse source 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.1@10899 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
ovclas 2012-07-16 04:45:10 +00:00
parent f653aea372
commit bb3ad0734f
2 changed files with 9 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

5
modules/menu/menu.admin.controller.php
View file

@ -160,6 +160,11 @@
else else
$args->name = $source_args->menu_name; $args->name = $source_args->menu_name;
if(!strstr($args->name, '$user_lang->'))
{
$args->name = htmlspecialchars($args->name);
}
$args->url = trim($source_args->menu_url); $args->url = trim($source_args->menu_url);
$args->open_window = $source_args->menu_open_window; $args->open_window = $source_args->menu_open_window;
$args->expand = $source_args->menu_expand; $args->expand = $source_args->menu_expand;

6
modules/menu/tpl/js/sitemap.js
View file

@ -51,12 +51,14 @@ $('form.siteMap')
var menuItem = obj.menu_item; var menuItem = obj.menu_item;
menuUrl = menuItem.url; menuUrl = menuItem.url;
var successReturnUrl = editForm.find('input[name=success_return_url]').val() + menuItem.menu_srl; var successReturnUrl = editForm.find('input[name=success_return_url]').val() + menuItem.menu_srl;
var menuName = $('<div />').html(menuItem.name).text();
editForm.find('.h2').text(xe.lang.edit_menu); editForm.find('.h2').text(xe.lang.edit_menu);
editForm.find('input[name=menu_srl]').val(menuItem.menu_srl); editForm.find('input[name=menu_srl]').val(menuItem.menu_srl);
editForm.find('input[name=menu_item_srl]').val(menuItem.menu_item_srl); editForm.find('input[name=menu_item_srl]').val(menuItem.menu_item_srl);
editForm.find('input[name=parent_srl]').val(menuItem.parent_srl); editForm.find('input[name=parent_srl]').val(menuItem.parent_srl);
editForm.find('input[name=menu_name_key]').val(menuItem.name_key); editForm.find('input[name=menu_name_key]').val(menuName);
editForm.find('input[name=menu_name]').val(menuItem.name); editForm.find('input[name=menu_name]').val(menuName);
editForm.find('input[name=success_return_url]').val(successReturnUrl); editForm.find('input[name=success_return_url]').val(successReturnUrl);
var moduleType = menuItem.moduleType; var moduleType = menuItem.moduleType;