source: branches/1.1dev/templates/adm_record_lock.ihtml

Last change on this file was 185, checked in by scdev, 18 years ago

Q - added oTxt() around all printed PHP_SELFs to avoid XSS attack. See: http://blog.phpdoc.info/archives/13-XSS-Woes.html
File size: 939 bytes
Line 
1<form method="post" action="<?php echo oTxt($_SERVER['PHP_SELF']); ?>">
2<?php printHiddenSession() ?>
3<input type="hidden" name="lock_id" value="<?php echo $lock->getID(); ?>" />
4<p>
5The record <strong><?php echo $lock->getTitle(); ?></strong> is currently being edited by <strong><?php echo $lock->getEditor(); ?></strong> (<?php printf('%d', date('i', $lock->getSecondsElapsed() + 60)) ?> minutes elapsed). You cannot modify the record while it is locked by another user.
6</p>
7<?php if ($lock->getSecondsElapsed() > $lock->timeout) { ?>
8    <p>
9    You can force unlock the record if you believe the editing session has expired. You might want to confirm with <?php echo $lock->getEditor(); ?> before doing this.
10    </p>
11    <input type="submit" class="formsubmitbutton" name="unlock" value="<?php echo _("Unlock"); ?>">
12<?php } ?>
13<input type="submit" class="formsubmitbutton" name="cancel" value="<?php echo _("Cancel"); ?>">
14</form>
Note: See TracBrowser for help on using the repository browser.