Skip to content
Snippets Groups Projects
Commit 140b9181 authored by deuce's avatar deuce
Browse files

Use encodeURIComponent where appropriate for URIs.

parent 4702ee5a
Branches
Tags
No related merge requests found
Hide whitespace changes
Inline Side-by-side
web/root/sajax-forum/client_functions.xjs
+ 7
7
View file @ 140b9181
......@@ -76,7 +76,7 @@ function toggle_replies(sub_code, message_number)
var expander=document.getElementById(expanderid);
if(container.innerHTML=='') {
ajaxpage(messages_url+"?sub_code="+sub_code+"&msg_number="+message_number+'&user='+user,containerid,expanderid,minus_url);
ajaxpage(messages_url+"?sub_code="+encodeURIComponent(sub_code)+"&msg_number="+message_number+'&user='+encodeURIComponent(user),containerid,expanderid,minus_url);
container.style.display='block';
}
else {
......@@ -98,7 +98,7 @@ function toggle_body(sub_code, message_number)
var message=container.parentNode.parentNode;
if(container.innerHTML=='') {
ajaxpage(body_url+"?sub_code="+sub_code+"&msg_number="+message_number+'&user='+user,containerid);
ajaxpage(body_url+"?sub_code="+encodeURIComponent(sub_code)+"&msg_number="+message_number+'&user='+encodeURIComponent(user),containerid);
container.style.display='block';
/* If this is higher than the current read_ptr, update it */
if(read_ptr[sub_code] < message_number)
......@@ -144,7 +144,7 @@ function load_more_messages(sub_code, offset, count)
var m=container.innerHTML.match(/^([\u0000-\uffff]*?)<[Aa] href="javascript:load_more_messages[\u0000-\uffff]*$/);
if(m!=null) {
ajaxpage(messages_url+"?sub_code="+sub_code+'&msg_count='+count+'&msg_offset='+offset+'&user='+user,containerid, undefined, undefined, false, m[1]);
ajaxpage(messages_url+"?sub_code="+encodeURIComponent(sub_code)+'&msg_count='+count+'&msg_offset='+offset+'&user='+encodeURIComponent(user),containerid, undefined, undefined, false, m[1]);
}
else {
alert("No match!");
......@@ -157,7 +157,7 @@ function toggle_messages(sub_code)
var container=document.getElementById(containerid);
if(container.innerHTML=='') {
ajaxpage(messages_url+"?sub_code="+sub_code+'&user='+user,containerid);
ajaxpage(messages_url+"?sub_code="+encodeURIComponent(sub_code)+'&user='+encodeURIComponent(user),containerid);
container.style.display='block';
if(read_ptr[sub_code]==undefined)
read_ptr[sub_code]=0;
......@@ -176,7 +176,7 @@ function toggle_subs(group_code)
var container=document.getElementById(containerid);
if(container.innerHTML=='') {
ajaxpage(subs_url+"?group_code="+group_code+'&user='+user,containerid);
ajaxpage(subs_url+"?group_code="+encodeURIComponent(group_code)+'&user='+encodeURIComponent(user),containerid);
container.style.display='block';
}
else {
......@@ -190,7 +190,7 @@ function toggle_subs(group_code)
function reload_groups()
{
var containerid='group-list';
ajaxpage(groups_url+'?user='+user,containerid);
ajaxpage(groups_url+'?user='+encodeURIComponent(user),containerid);
}
function ajaxpage(url, containerid, buttonid, buttonurl, is_script, prefix, suffix)
......@@ -286,7 +286,7 @@ function login()
var new_password=document.getElementById('login_password').value;
/* Clear newest read pointers */
read_ptr=new Object();
ajaxpage(login_url+'?user='+new_user+'&pass='+new_password+'&killcache='+new Date().getTime()+Math.random(), 'current_user',undefined,undefined,true);
ajaxpage(login_url+'?user='+encodeURIComponent(new_user)+'&pass='+encodeURIComponent(new_password)+'&killcache='+new Date().getTime()+Math.random(), 'current_user',undefined,undefined,true);
}
function update_pointers()
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment