source: alternc/trunk/bureau/admin/hta_add.php @ 2724

Revision 2724, 2.3 KB checked in by benjamin, 3 years ago (diff)

replacing echoes and urlencode by ehe() in VALUES of forms text input fields (prevent UTF/ISO and ENTITIES hacking)
Line 
1<?php
2/*
3 $Id: hta_add.php,v 1.3 2003/06/10 13:16:11 root Exp $
4 ----------------------------------------------------------------------
5 AlternC - Web Hosting System
6 Copyright (C) 2002 by the AlternC Development Team.
7 http://alternc.org/
8 ----------------------------------------------------------------------
9 Based on:
10 Valentin Lacambre's web hosting softwares: http://altern.org/
11 ----------------------------------------------------------------------
12 LICENSE
13
14 This program is free software; you can redistribute it and/or
15 modify it under the terms of the GNU General Public License (GPL)
16 as published by the Free Software Foundation; either version 2
17 of the License, or (at your option) any later version.
18
19 This program is distributed in the hope that it will be useful,
20 but WITHOUT ANY WARRANTY; without even the implied warranty of
21 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
22 GNU General Public License for more details.
23
24 To read the license please visit http://www.gnu.org/copyleft/gpl.html
25 ----------------------------------------------------------------------
26 Original Author of file: Franck Missoum
27 Purpose of file: Ask the required values to protect a folder
28 ----------------------------------------------------------------------
29*/
30require_once("../class/config.php");
31include_once("head.php");
32
33?>
34<h3><?php __("Protect a folder"); ?></h3>
35<hr id="topbar"/>
36<br />
37<p>
38<?php __("Enter the name of the folder you want to protect. It must already exists."); ?>
39</p>
40<?php
41        if ($error) {
42                echo "<p class=\"error\">$error</p>";
43                include_once("foot.php");
44                exit;
45        }
46?>
47<form method="post" action="hta_doadd.php" name="main" id="main">
48<table border="1" cellspacing="0" cellpadding="4">
49<tr>
50        <td><label for="dir"><?php __("Folder"); ?></label></td>
51        <td><input type="text" class="int" name="dir" id="dir" value="<?php ehe($dir); ?>" maxlength="255" />
52<script type="text/javascript">
53<!--
54  document.write("&nbsp;<input type=\"button\" name=\"bff\" onclick=\"browseforfolder('main.dir');\" value=\" <?php __("Choose a folder..."); ?> \" class=\"bff\">");
55//  -->
56</script>
57</td>
58</tr>
59</table>
60<br />
61<input type="submit" class="inb" value="<?php __("Protect this folder"); ?>" />
62</form>
63<script type="text/javascript">
64document.forms['main'].dir.focus();
65</script>
66<?php include_once("foot.php"); ?>
Note: See TracBrowser for help on using the repository browser.