FCLT#91046 LCL's zijn HTML safe maar niet String-safe of SQL-safe

svn path=/Website/trunk/; revision=70998
2025-11-19 08:52:18 +00:00
parent 18f0517d99
commit 2c47223b45
8 changed files with 16 additions and 16 deletions
--- a/APPL/API/phonebook_js.asp
+++ b/APPL/API/phonebook_js.asp
@@ -91,10 +91,10 @@ function L(p_lcl)
          toonFoto: true,
          detailurl: "appl/fac/fac_user_info.asp",
          deeplinkurl: "<%=safe.jsstring(site)%>/?nomenu=1&noheader=1&ihatetabs=1&JumpTo=",
-          fields: [ { lbl: "<%=L("lcl_prs_email")%>",   val: "prs_perslid_email" },
-                    { lbl: "<%=L("lcl_pb_phone")%>",    val: "prs_perslid_telefoonnr" },
-                    { lbl: "<%=L("lcl_pb_mobile")%>",   val: "prs_perslid_mobiel" },
-                    { lbl: "<%=L("lcl_pb_afdeling")%>", val: "afdeling" }
+          fields: [ { lbl: L("lcl_prs_email"),   val: "prs_perslid_email" },
+                    { lbl: L("lcl_pb_phone"),    val: "prs_perslid_telefoonnr" },
+                    { lbl: L("lcl_pb_mobile"),   val: "prs_perslid_mobiel" },
+                    { lbl: L("lcl_pb_afdeling"), val: "afdeling" }
                  ]
        };
    <%
--- a/APPL/API/phonebook_js_IE11.asp
+++ b/APPL/API/phonebook_js_IE11.asp
@@ -91,10 +91,10 @@ function L(p_lcl)
          toonFoto: true,
          detailurl: "appl/fac/fac_user_info.asp",
          deeplinkurl: "<%=safe.jsstring(site)%>/?nomenu=1&noheader=1&ihatetabs=1&JumpTo=",
-          fields: [ { lbl: "<%=L("lcl_prs_email")%>",   val: "prs_perslid_email" },
-                    { lbl: "<%=L("lcl_pb_phone")%>",    val: "prs_perslid_telefoonnr" },
-                    { lbl: "<%=L("lcl_pb_mobile")%>",   val: "prs_perslid_mobiel" },
-                    { lbl: "<%=L("lcl_pb_afdeling")%>", val: "afdeling" }
+          fields: [ { lbl: L("lcl_prs_email"),   val: "prs_perslid_email" },
+                    { lbl: L("lcl_pb_phone"),    val: "prs_perslid_telefoonnr" },
+                    { lbl: L("lcl_pb_mobile"),   val: "prs_perslid_mobiel" },
+                    { lbl: L("lcl_pb_afdeling"), val: "afdeling" }
                  ]
        };
    <%
--- a/APPL/AUT/login.asp
+++ b/APPL/AUT/login.asp
@@ -55,7 +55,7 @@ checkUserAgent(); // heeft device capability bits gezet
            <%
        }
    %>
-    window.parent.document.title = "<%=L("lcl_facilitor_ie_title")%>";
+    window.parent.document.title = L("lcl_facilitor_ie_title");
    function login_callback(json)
    {
        if (json.success && json.otp_prompt)
--- a/APPL/AUT/login_email.asp
+++ b/APPL/AUT/login_email.asp
@@ -55,7 +55,7 @@ checkUserAgent(); // heeft device capability bits gezet
            <%
        }
    %>
-    window.parent.document.title = "<%=L("lcl_facilitor_ie_title")%>";
+    window.parent.document.title = L("lcl_facilitor_ie_title");
    function login_callback(json)
    {
        if (json.success)
--- a/APPL/BES/bes_bestelling.asp
+++ b/APPL/BES/bes_bestelling.asp
@@ -147,7 +147,7 @@ transitParam = buildTransitParam(["punch", "voorraad", "mld_key", "artikel_key",
 %>
        <script type="text/javascript" >
         var disc_url = "../bes/bes_select_discipline.asp" + ("<%=correctie%>" == "1" ? "?intern=1" : "");
-         FcltMgr.openModalDetail(disc_url, "<%=L("lcl_bes_fac_select_cat")%>",
+         FcltMgr.openModalDetail(disc_url, L("lcl_bes_fac_select_cat"),
                  { nomessage: true,
                    callback: function (data)
                      {
--- a/APPL/BES/bes_edit_bestelling.asp
+++ b/APPL/BES/bes_edit_bestelling.asp
@@ -542,7 +542,7 @@ oRs.Close();
            return false;

          url = "../bes/sel_favourites.asp?disc_key=<%=bes_bestelling.dis_key%>";
-          FcltMgr.openModalDetail(url, "<%=L("lcl_bes_favour_title")%>",
+          FcltMgr.openModalDetail(url, L("lcl_bes_favour_title"),
                  {
                    callback: async function (data)
                            {
@@ -599,7 +599,7 @@ oRs.Close();

          url = "../bes/addFavourites.asp" + "?srtdeel_key=" + bes_item_info.srtdeel_key
                                           + "&disc_key=<%=bes_bestelling.dis_key%>";
-          FcltMgr.openModalDetail(url, '<%=L("lcl_bes_favour_list")%>');
+          FcltMgr.openModalDetail(url, L("lcl_bes_favour_list"));
        }
      </script>

@@ -1028,7 +1028,7 @@ oRs.Close();
              </td>
              <td class="besdetailtd">
                  <table class="besdetailtable">
-                      <tr><td colspan="2" class="iteminfo2" title="<%= L("lcl_bes_srtgroup") %>" id="srtgroep_text"></td></tr>
+                      <tr><td colspan="2" class="iteminfo2" title="<%=L("lcl_bes_srtgroup")%>" id="srtgroep_text"></td></tr>
                      <tr><td colspan="2" class="iteminfo1" title="<%=L("lcl_bes_srtdeel_full")%>" id="srtdeel_omschrijving"></td></tr>

                      <tr id="opmerking_tr" style="display:none">
--- a/APPL/BES/bes_retour.asp
+++ b/APPL/BES/bes_retour.asp
@@ -250,7 +250,7 @@ user.auth_required_or_abort(this_bes.canRetourBES);
      }
 %>
      <script type="text/javascript">
-        FcltMgr.closeDetail(window, {success: true, warning: "<%=L("lcl_bes_registered_nr") + " " + new_bes_key%>"});
+        FcltMgr.closeDetail(window, {success: true, warning: L("lcl_bes_registered_nr") + " " + "<%=new_bes_key%>"});
      </script>
 <%
      Response.End;
--- a/APPL/SlnkDwf/Printoptions.asp
+++ b/APPL/SlnkDwf/Printoptions.asp
@@ -26,7 +26,7 @@
        <title>SLNKDwf print options</title>
        <script type="text/javascript">
            var qryWhat = "<%=safe.jsstring(qryWhat)%>"; // Used inside PrintOptions.asp
-            var qrySchaal = "<%=L("lcl_fg_schaal")%>"; // Will be used in PrintOprions.js
+            var qrySchaal = L("lcl_fg_schaal");          // Will be used in PrintOprions.js
            $(function () {
                Preview();
                $("#Eview").on('load', onload);