comments field textedit field adjusted
authorBernhard Fröhlich <bernhard@cacert.org>
Tue, 2 Aug 2011 19:08:02 +0000 (21:08 +0200)
committerBernhard Fröhlich <bernhard@cacert.org>
Tue, 2 Aug 2011 19:08:02 +0000 (21:08 +0200)
Uli60 proposal

pages/account/24.php [changed mode: 0644->0755]
pages/account/27.php [changed mode: 0644->0755]
pages/account/32.php [changed mode: 0644->0755]
pages/account/33.php [changed mode: 0644->0755]

old mode 100644 (file)
new mode 100755 (executable)
index 19faa9f..3ddded0
@@ -42,7 +42,7 @@
   </tr>
   <tr>
     <td class="DataTD"><?=_("Comments")?>:</td>
-    <td class="DataTD"><textarea name="comments" cols="35" rows="5"><?=array_key_exists('comments',$_SESSION['_config'])?$_SESSION['_config']['comments']:""?></textarea></td>
+    <td class="DataTD"><textarea name="comments" cols="60" rows="10"><?=array_key_exists('comments',$_SESSION['_config'])?$_SESSION['_config']['comments']:""?></textarea></td>
   </tr>
   <tr>
     <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Next")?>"></td>
old mode 100644 (file)
new mode 100755 (executable)
index 2cd52a8..a77aefe
@@ -45,7 +45,7 @@
   </tr>
   <tr>
     <td class="DataTD"><?=_("Comments")?>:</td>
-    <td class="DataTD"><textarea name="comments" cols=15 rows=5><?=($row['comments'])?></textarea></td>
+    <td class="DataTD"><textarea name="comments" cols=60 rows=10><?=($row['comments'])?></textarea></td>
   </tr>
   <tr>
     <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Update")?>"></td>
old mode 100644 (file)
new mode 100755 (executable)
index 00dc1ea..a05c927
                $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($row['memid'])."'"));
 ?>
   <tr>
-    <td class="DataTD"><a href='mailto:<?=$user['email']?>'><?=($user['fname'])?> <?=($user['lname'])?></a></td>
+    <td class="DataTD"><a href='mailto:<?=sanitizeHTML($user['email'])?>'><?=sanitizeHTML($user['fname'])?> <?=sanitizeHTML($user['lname'])?></a></td>
     <td class="DataTD"><?=($row['masteracc'])?></a></td>
-    <td class="DataTD"><?=($row['OU'])?></a></td>
-    <td class="DataTD"><?=($row['comments'])?></a></td>
+    <td class="DataTD"><?=sanitizeHTML($row['OU'])?></a></td>
+    <td class="DataTD"><?=sanitizeHTML($row['comments'])?></a></td>
 <? if($row['masteracc'] == 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
     <td class="DataTD"><a href="account.php?id=34&amp;orgid=<?=$row['orgid']?>&amp;memid=<?=$row['memid']?>"><?=_("Delete")?></a></td>
 <? } else { ?>
old mode 100644 (file)
new mode 100755 (executable)
index 4da8bed..6652bde
@@ -31,7 +31,7 @@
   </tr>
   <tr>
     <td class="DataTD"><?=_("Department")?>:</td>
-    <td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?$_SESSION['_config']['OU']:""?>"></td>
+    <td class="DataTD"><input type="text" name="OU" value="<?=array_key_exists('OU',$_SESSION['_config'])?sanitizeHTML($_SESSION['_config']['OU']):""?>"></td>
   </tr>
 <? if($_SESSION['profile']['orgadmin'] == 1) { ?>
   <tr>
@@ -44,7 +44,7 @@
 <? } ?>
   <tr>
     <td class="DataTD"><?=_("Comments")?>:</td>
-    <td class="DataTD"><input type="text" name="comments" value="<?=array_key_exists('comments',$_SESSION['_config'])?$_SESSION['_config']['comments']:""?>"></td>
+    <td class="DataTD"><input type="text" name="comments" size=27 maxlength=20 value="<?=array_key_exists('comments',$_SESSION['_config'])?sanitizeHTML($_SESSION['_config']['comments']):""?>"></td>
   </tr>
   <tr>
     <td class="DataTD" colspan="2"><input type="submit" name="process" value="<?=_("Add")?>"></td>