# group_chooser.cgi
# This CGI generated the HTML for choosing a group or list of groups.
-require './web-lib.pl';
+BEGIN { push(@INC, ".."); };
+use WebminCore;
+
+$trust_unknown_referers = 1;
&init_config();
+if (&get_product_name() eq 'usermin') {
+ &switch_to_remote_user();
+ }
&ReadParse(undef, undef, 2);
%access = &get_module_acl();
print "sel = new Array($len);\n";
print "selr = new Array($len);\n";
for($i=0; $i<$len; $i++) {
- print "sel[$i] = \"$ul[$i]\";\n";
+ print "sel[$i] = \"".
+ "e_escape($ul[$i], '"')."\";\n";
@ginfo = getgrnam($ul[$i]);
if (@ginfo) {
@mems = &unique( split(/ /, $ginfo[3]),
@{$members{$ginfo[2]}} );
if (@mems > 3) { @mems = (@mems[0..1], "..."); }
- print "selr[$i] = \"",join(' ', @mems),"\";\n";
+ print "selr[$i] = \"",
+ "e_escape(join(' ', @mems), "'"),"\";\n";
}
else { print "selr[$i] = \"???\";\n"; }
}
print "</script>\n";
print "<title>$text{'groups_title1'}</title>\n";
print "<frameset cols='50%,50%'>\n";
- print "<frame src=\"/group_chooser.cgi?frame=1&multi=1\">\n";
+ print "<frame src=\"group_chooser.cgi?frame=1&multi=1\">\n";
print "<frameset rows='*,50' frameborder=no>\n";
- print " <frame src=\"/group_chooser.cgi?frame=2&multi=1\">\n";
- print " <frame src=\"/group_chooser.cgi?frame=3&multi=1\" scrolling=no>\n";
+ print " <frame src=\"group_chooser.cgi?frame=2&multi=1\">\n";
+ print " <frame src=\"group_chooser.cgi?frame=3&multi=1\" scrolling=no>\n";
print "</frameset>\n";
print "</frameset>\n";
}
projects / webmin.git / blobdiff