[Svn-src-all:897] [version-2_5-dev 19785] #862(テンプレート上のエスケープを簡単に)
Seasoft
admin @ mail.ec-cube.net
2010年 12月 29日 (水) 13:10:02 JST
Subversion committed to /home/svn/open 19785
http://svn.ec-cube.net/open_trac/changeset/19785
┌────────────────────────────┐
│更新者 : Seasoft │
│更新日時: 2010-12-29 13:10:01 +0900 (水, 29 12月 2010)│
└────────────────────────────┘
Log:
--------------------------------------------------------
#862(テンプレート上のエスケープを簡単に)
#628(未使用処理・定義などの削除)
* Smarty 変数 tpl_start
#879(jQuery の ready イベントと競合する body の onload イベントを使用している)
Changed: [U:修正,A:追加,D:削除]
--------------------------------------------------------
U branches/version-2_5-dev/data/Smarty/templates/admin/admin_popup_header.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/control.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/delivery.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/delivery_input.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/holiday.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/kiyaku.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/mail.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/payment.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/payment_input.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/point.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/seo.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/tradelaw.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/basis/zip_install.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/contents/csv_sql.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/contents/csv_sql_view.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/contents/file_manager.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/contents/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/contents/recomend.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/contents/recomend_search.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit_complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/customer/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/customer/search_customer.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/design/bloc.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/design/css.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/design/header.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/design/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/design/main_edit.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/design/template.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/design/up_down.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/design/upload.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/home.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/history.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/input.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/input_complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/input_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/preview.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/query.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/template.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/mail/template_input.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/main_frame.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/order/disp.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/order/edit.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/order/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/order/mail.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/order/mail_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/order/mail_view.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/order/product_select.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/order/status.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/log.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/log_detail.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/products_list.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/settings.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/pager.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/plugin/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/plugin/install.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/plugin/subnavi.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/plugin/uninstall.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/category.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/class.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/classcategory.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/maker.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/product.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/product_class.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/product_class_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/product_rank.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/product_select.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/review.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/review_edit.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/trackback.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/products/trackback_edit.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/system/bkup.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/system/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/system/input.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/system/log.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/system/masterdata.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/system/parameter.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/system/plugin.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/system/system.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/total/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/admin/total/page_products.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/abouts/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/bloc/best5.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/bloc/category.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/bloc/login.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/bloc/news.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/bloc/search_products.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/cart/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/contact/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/contact/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/contact/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/entry/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/entry/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/entry/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/entry/kiyaku.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/footer.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/forgot/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/frontparts/form_personal_input.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/header.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/change.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/change_complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/change_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/delivery.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/delivery_addr.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/favorite.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/history.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/login.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/mail_view.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/navi.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal_complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/order/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/popup_header.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/products/detail.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/products/list.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/products/review.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/products/review_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/regist/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/rss/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/rss/product.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/shopping/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/shopping/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/shopping/deliv.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/shopping/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/shopping/nonmember_input.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/shopping/payment.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/site_frame.tpl
U branches/version-2_5-dev/data/Smarty/templates/default/site_main.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/cart/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/contact/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/entry/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/entry/email_mobile.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/entry/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/entry/kiyaku.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/entry/mail.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/entry/set1.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/entry/set2.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/footer.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/forgot/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/forgot/secret.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/best5.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/category.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/news.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/guide/about.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/guide/kiyaku.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order1.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order2.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order3.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/guide/privacy.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/magazine/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/magazine/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/change.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/change_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/history_detail.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/login.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/refusal.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/set1.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/set2.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/order/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/products/category_list.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/products/detail.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/products/list.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/products/search.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_find1.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_find2.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_item.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/regist/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv_addr.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv_date.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/payment.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/set1.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/set2.tpl
U branches/version-2_5-dev/data/Smarty/templates/mobile/site_frame.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/abouts/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/best5.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/category.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/news.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/cart/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/contact/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/contact/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/contact/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/entry/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/entry/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/entry/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/entry/kiyaku.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/footer.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/forgot/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change_complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/delivery.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/delivery_addr.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/favorite.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/history.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/login.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/mail_view.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/navi.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal_complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/order/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/products/detail.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/products/list.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/products/review.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/products/review_confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/regist/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/card.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/complete.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/confirm.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/convenience.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/deliv.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/index.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/nonmember_input.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/payment.tpl
U branches/version-2_5-dev/data/Smarty/templates/sphone/site_frame.tpl
A branches/version-2_5-dev/data/smarty_extends/modifier.h.php
A branches/version-2_5-dev/data/smarty_extends/modifier.u.php
変更: branches/version-2_5-dev/data/Smarty/templates/admin/admin_popup_header.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/admin_popup_header.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/admin_popup_header.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -35,17 +35,18 @@
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="<!--{$TPL_DIR}-->js/admin.js"></script>
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/css.js"></script>
-<!--{if $tpl_javascript != ""}-->
<script type="text/javascript">//<![CDATA[
<!--{$tpl_javascript}-->
+ $(function(){
+ <!--{$tpl_onload}-->
+ });
//]]>
</script>
-<!--{/if}-->
<!--{include file='css/contents.tpl'}-->
<title><!--{$smarty.const.ADMIN_TITLE}--> <!--{$tpl_subtitle}--></title>
</head>
-<body id="popup"<!--{if $tpl_onload || $tpl_start}--> onLoad="<!--{$tpl_onload}--> <!--{$tpl_start}-->"<!--{/if}-->>
+<body id="popup">
<noscript>
<p>JavaScript を有効にしてご利用下さい.</p>
</noscript>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/control.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/control.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/control.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -30,7 +30,7 @@
</tr>
<!--{section name=cnt loop=$arrControlList}-->
<tr>
- <td><strong><!--{$arrControlList[cnt].control_title|escape}--></strong><br /><!--{$arrControlList[cnt].control_text|escape}--></td>
+ <td><strong><!--{$arrControlList[cnt].control_title|h}--></strong><br /><!--{$arrControlList[cnt].control_text|h}--></td>
<td align="center">
<form name="form<!--{$smarty.section.cnt.index}-->" id="form<!--{$smarty.section.cnt.index}-->" method="post" action="?">
<input type="hidden" name="mode" value="edit" />
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/delivery.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/delivery.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/delivery.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -36,8 +36,8 @@
</tr>
<!--{section name=cnt loop=$arrDelivList}-->
<tr>
- <td><!--{$arrDelivList[cnt].name|escape}--></td>
- <td><!--{$arrDelivList[cnt].service_name|escape}--></td>
+ <td><!--{$arrDelivList[cnt].name|h}--></td>
+ <td><!--{$arrDelivList[cnt].service_name|h}--></td>
<td align="center"><a href="?" onclick="fnChangeAction('./delivery_input.php'); fnModeSubmit('pre_edit', 'deliv_id', <!--{$arrDelivList[cnt].deliv_id}-->); return false;">編集</a></td>
<td align="center"><a href="?" onclick="fnModeSubmit('delete', 'deliv_id', <!--{$arrDelivList[cnt].deliv_id}-->); return false;">削除</a></td>
<td align="center">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/delivery_input.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/delivery_input.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/delivery_input.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<form name="form1" id="form1" method="post" action="">
<input type="hidden" name="mode" value="edit" />
<!--{assign var=key value="deliv_id"}-->
-<input type="hidden" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" />
+<input type="hidden" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" />
<div id="basis" class="contents-main">
<h2>配送業者登録</h2>
@@ -34,21 +34,21 @@
<td colspan="3">
<!--{assign var=key value="name"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" /></td>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" /></td>
</tr>
<tr>
<th>名称<span class="attention"> *</span></td>
<td colspan="3">
<!--{assign var=key value="service_name"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" /></td>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" /></td>
</tr>
<tr>
<th>伝票No.URL</td>
<td colspan="3">
<!--{assign var=key value="confirm_url"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" /></td>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" /></td>
</tr>
<!--{section name=cnt loop=$smarty.const.DELIVTIME_MAX}-->
<!--{assign var=type value="`$smarty.section.cnt.index%2`"}-->
@@ -69,10 +69,10 @@
<!--{assign var=colspan value="1"}-->
<!--{/if}-->
<td colspan="<!--{$colspan}-->">
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="20" class="box20" /></td>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="20" class="box20" /></td>
<!--{else}-->
<th>お届け時間<!--{$keyno}--></td>
- <td><input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" size="20" class="box20" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /> </td>
+ <td><input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" size="20" class="box20" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /> </td>
</tr>
<!--{/if}-->
<!--{/section}-->
@@ -112,10 +112,10 @@
<!--{assign var=colspan value="1"}-->
<!--{/if}-->
<td width="247" colspan="<!--{$colspan}-->">
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" size="20" class="box20" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /> 円</td>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" size="20" class="box20" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /> 円</td>
<!--{else}-->
<th><!--{$arrPref[$keyno]}--></td>
- <td width="248"><input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" size="20" class="box20" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /> 円</td>
+ <td width="248"><input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" size="20" class="box20" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /> 円</td>
</tr>
<!--{/if}-->
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/holiday.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/holiday.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/holiday.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -31,7 +31,7 @@
<th>タイトル<span class="attention"> *</span></th>
<td>
<!--{if $arrErr.title}--><span class="attention"><!--{$arrErr.title}--></span><!--{/if}-->
- <input type="text" name="title" value="<!--{$arrForm.title|escape}-->" maxlength="<!--{$smarty.const.SMTEXT_LEN}-->" style="" size="60" class="box60"/>
+ <input type="text" name="title" value="<!--{$arrForm.title|h}-->" maxlength="<!--{$smarty.const.SMTEXT_LEN}-->" style="" size="60" class="box60"/>
<span class="attention"> (上限<!--{$smarty.const.SMTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -72,8 +72,8 @@
<!--{section name=cnt loop=$arrHoliday}-->
<tr style="background:<!--{if $tpl_class_id != $arrHoliday[cnt].holiday_id}-->#ffffff<!--{else}--><!--{$smarty.const.SELECT_RGB}--><!--{/if}-->;">
<!--{assign var=holiday_id value=$arrHoliday[cnt].holiday_id}-->
- <td><!--{$arrHoliday[cnt].title|escape}--></td>
- <td><!--{$arrHoliday[cnt].month|escape}-->月<!--{$arrHoliday[cnt].day|escape}-->日</td>
+ <td><!--{$arrHoliday[cnt].title|h}--></td>
+ <td><!--{$arrHoliday[cnt].month|h}-->月<!--{$arrHoliday[cnt].day|h}-->日</td>
<td class="center">
<!--{if $tpl_holiday_id != $arrHoliday[cnt].holiday_id}-->
<a href="?" onclick="fnModeSubmit('pre_edit', 'holiday_id', <!--{$arrHoliday[cnt].holiday_id}-->); return false;">編集</a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -98,7 +98,7 @@
<th>会社名</th>
<td>
<span class="attention"><!--{$arrErr.company_name}--></span>
- <input type="text" name="company_name" value="<!--{$arrForm.company_name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.company_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ <input type="text" name="company_name" value="<!--{$arrForm.company_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.company_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -106,7 +106,7 @@
<th>会社名(カナ)</th>
<td>
<span class="attention"><!--{$arrErr.company_kana}--></span>
- <input type="text" name="company_kana" value="<!--{$arrForm.company_kana|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.company_kana != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ <input type="text" name="company_kana" value="<!--{$arrForm.company_kana|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.company_kana != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -114,7 +114,7 @@
<th>店名<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.shop_name}--></span>
- <input type="text" name="shop_name" value="<!--{$arrForm.shop_name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.shop_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ <input type="text" name="shop_name" value="<!--{$arrForm.shop_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.shop_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -122,7 +122,7 @@
<th>店名(カナ)</th>
<td>
<span class="attention"><!--{$arrErr.shop_kana}--></span>
- <input type="text" name="shop_kana" value="<!--{$arrForm.shop_kana|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.shop_kana != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ <input type="text" name="shop_kana" value="<!--{$arrForm.shop_kana|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.shop_kana != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -130,7 +130,7 @@
<th>店名(英語表記)</th>
<td>
<span class="attention"><!--{$arrErr.shop_name_eng}--></span>
- <input type="text" name="shop_name_eng" value="<!--{$arrForm.shop_name_eng|escape}-->" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.shop_name_eng != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ <input type="text" name="shop_name_eng" value="<!--{$arrForm.shop_name_eng|h}-->" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.shop_name_eng != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<span class="attention"> (上限<!--{$smarty.const.MTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -139,7 +139,7 @@
<td>
<span class="attention"><!--{$arrErr.zip01}--></span>
<span class="attention"><!--{$arrErr.zip02}--></span>
- 〒 <input type="text" name="zip01" value="<!--{$arrForm.zip01|escape}-->" maxlength="3" size="6" class="box6" style="<!--{if $arrErr.zip01 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" /> - <input type="text" name="zip02" value="<!--{$arrForm.zip02|escape}-->" maxlength="4" size="6" class="box6" style="<!--{if $arrErr.zip02 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ 〒 <input type="text" name="zip01" value="<!--{$arrForm.zip01|h}-->" maxlength="3" size="6" class="box6" style="<!--{if $arrErr.zip01 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" /> - <input type="text" name="zip02" value="<!--{$arrForm.zip02|h}-->" maxlength="4" size="6" class="box6" style="<!--{if $arrErr.zip02 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<a class="btn-normal" href="javascript:;" name="address_input" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'zip01', 'zip02', 'pref', 'addr01');">住所入力</a>
</td>
</tr>
@@ -155,12 +155,12 @@
</p>
<p>
<span class="attention"><!--{$arrErr.addr01}--></span>
- <input type="text" name="addr01" value="<!--{$arrForm.addr01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.addr01 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" id="addr01" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span><br />
+ <input type="text" name="addr01" value="<!--{$arrForm.addr01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.addr01 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" id="addr01" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}-->
</p>
<p>
<span class="attention"><!--{$arrErr.addr02}--></span>
- <input type="text" name="addr02" value="<!--{$arrForm.addr02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.addr02 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" id="addr02" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span><br />
+ <input type="text" name="addr02" value="<!--{$arrForm.addr02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.addr02 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" id="addr02" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}-->
</p>
</td>
@@ -187,7 +187,7 @@
<th>店舗営業時間</th>
<td>
<span class="attention"><!--{$arrErr.business_hour}--></span>
- <input type="text" name="business_hour" value="<!--{$arrForm.business_hour|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.business_hour != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ <input type="text" name="business_hour" value="<!--{$arrForm.business_hour|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.business_hour != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -195,7 +195,7 @@
<th>商品注文受付<br />メールアドレス<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.email01}--></span>
- <input type="text" name="email01" value="<!--{$arrForm.email01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.email01 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ <input type="text" name="email01" value="<!--{$arrForm.email01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.email01 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -203,7 +203,7 @@
<th>問い合わせ受付<br />メールアドレス<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.email02}--></span>
- <input type="text" name="email02" value="<!--{$arrForm.email02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.email02 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
+ <input type="text" name="email02" value="<!--{$arrForm.email02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.email02 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -211,7 +211,7 @@
<th>メール送信元<br />メールアドレス<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.email03}--></span>
- <input type="text" name="email03" value="<!--{$arrForm.email03|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.email03 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
+ <input type="text" name="email03" value="<!--{$arrForm.email03|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.email03 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -219,7 +219,7 @@
<th>送信エラー受付<br />メールアドレス<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.email04}--></span>
- <input type="text" name="email04" value="<!--{$arrForm.email04|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.email04 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
+ <input type="text" name="email04" value="<!--{$arrForm.email04|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.email04 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -228,7 +228,7 @@
<td>
<!--{assign var=key value="good_traded"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$key}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key]|escape}--></textarea>
+ <textarea name="<!--{$key}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key]|h}--></textarea>
<span class="attention"> (上限<!--{$smarty.const.LLTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -237,7 +237,7 @@
<td>
<!--{assign var=key value="message"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$key}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key]|escape}--></textarea>
+ <textarea name="<!--{$key}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key]|h}--></textarea>
<span class="attention"> (上限<!--{$smarty.const.LLTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -260,7 +260,7 @@
<th>消費税率<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.tax}--></span>
- <input type="text" name="tax" value="<!--{$arrForm.tax|escape}-->" maxlength="<!--{$smarty.const.PERCENTAGE_LEN}-->" size="6" class="box6" style="<!--{if $arrErr.tax != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" /> %
+ <input type="text" name="tax" value="<!--{$arrForm.tax|h}-->" maxlength="<!--{$smarty.const.PERCENTAGE_LEN}-->" size="6" class="box6" style="<!--{if $arrErr.tax != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" /> %
</td>
</tr>
<tr>
@@ -274,14 +274,14 @@
<th>送料無料条件</th>
<td>
<span class="attention"><!--{$arrErr.free_rule}--></span>
- <input type="text" name="free_rule" value="<!--{$arrForm.free_rule|escape}-->" maxlength="<!--{$smarty.const.PRICE_LEN}-->" size="6" class="box6" style="<!--{if $arrErr.free_rule != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" /> 円以上購入時無料
+ <input type="text" name="free_rule" value="<!--{$arrForm.free_rule|h}-->" maxlength="<!--{$smarty.const.PRICE_LEN}-->" size="6" class="box6" style="<!--{if $arrErr.free_rule != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" /> 円以上購入時無料
</td>
</tr>
<tr>
<th>ダウンロード可能日数</th>
<td>
<span class="attention"><!--{$arrErr.downloadable_days}--></span>
- <input type="text" name="downloadable_days" value="<!--{$arrForm.downloadable_days|escape}-->" maxlength="<!--{$smarty.const.DAYS_LEN}-->" size="6" class="box6" style="<!--{if $arrErr.downloadable_days != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}--><!--{/if}-->" /> 日間有効
+ <input type="text" name="downloadable_days" value="<!--{$arrForm.downloadable_days|h}-->" maxlength="<!--{$smarty.const.DAYS_LEN}-->" size="6" class="box6" style="<!--{if $arrErr.downloadable_days != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}--><!--{/if}-->" /> 日間有効
<input type="checkbox" name="downloadable_days_unlimited" value="1" <!--{if $arrForm.downloadable_days_unlimited == "1"}-->checked<!--{/if}--> onclick="fnCheckLimit('downloadable_days', 'downloadable_days_unlimited', '<!--{$smarty.const.DISABLED_RGB}-->');"/>無制限
</td>
</tr>
@@ -294,8 +294,8 @@
<td>
<span class="attention"><!--{$arrErr.latitude}--></span>
<span class="attention"><!--{$arrErr.longitude}--></span>
- 緯度: <input type="text" name="latitude" value="<!--{$arrForm.latitude|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" style="<!--{if $arrErr.latitude != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" id="latitude" />
- 経度: <input type="text" name="longitude" value="<!--{$arrForm.longitude|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" style="<!--{if $arrErr.longitude != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" id="longitude" />
+ 緯度: <input type="text" name="latitude" value="<!--{$arrForm.latitude|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" style="<!--{if $arrErr.latitude != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" id="latitude" />
+ 経度: <input type="text" name="longitude" value="<!--{$arrForm.longitude|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" style="<!--{if $arrErr.longitude != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" id="longitude" />
<a class="btn-normal" href="javascript:;" name="codeAddress" id="codeAddress" onclick="">住所より自動取得</a>
<a href="#maparea" id="mapAddress">地図で設定</a>
</td>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/kiyaku.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/kiyaku.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/kiyaku.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -30,7 +30,7 @@
<th>規約タイトル<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.kiyaku_title}--></span>
- <input type="text" name="kiyaku_title" value="<!--{$arrForm.kiyaku_title|escape}-->" maxlength="<!--{$smarty.const.SMTEXT_LEN}-->" style="" size="60" class="box60"/>
+ <input type="text" name="kiyaku_title" value="<!--{$arrForm.kiyaku_title|h}-->" maxlength="<!--{$smarty.const.SMTEXT_LEN}-->" style="" size="60" class="box60"/>
<span class="attention"> (上限<!--{$smarty.const.SMTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -38,7 +38,7 @@
<th>規約内容<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.kiyaku_text}--></span>
- <textarea name="kiyaku_text" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" cols="60" rows="8" class="area60" style="" ><!--{$arrForm.kiyaku_text|escape}--></textarea>
+ <textarea name="kiyaku_text" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" cols="60" rows="8" class="area60" style="" ><!--{$arrForm.kiyaku_text|h}--></textarea>
<span class="attention"> (上限<!--{$smarty.const.MLTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -55,7 +55,7 @@
<!--{section name=cnt loop=$arrKiyaku}-->
<tr style="background:<!--{if $tpl_class_id != $arrKiyaku[cnt].kiyaku_id}-->#ffffff<!--{else}--><!--{$smarty.const.SELECT_RGB}--><!--{/if}-->;">
<!--{assign var=kiyaku_id value=$arrKiyaku[cnt].kiyaku_id}-->
- <td><!--{* 規格名 *}--><!--{$arrKiyaku[cnt].kiyaku_title|escape}--></td>
+ <td><!--{* 規格名 *}--><!--{$arrKiyaku[cnt].kiyaku_title|h}--></td>
<td align="center">
<!--{if $tpl_kiyaku_id != $arrKiyaku[cnt].kiyaku_id}-->
<a href="?" onclick="fnModeSubmit('pre_edit', 'kiyaku_id', <!--{$arrKiyaku[cnt].kiyaku_id}-->); return false;">編集</a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/mail.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/mail.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/mail.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -68,7 +68,7 @@
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <input type="text" name="subject" value="<!--{$arrForm[$key]|escape}-->" onChange="setFlag();" size="30" class="box30" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
+ <input type="text" name="subject" value="<!--{$arrForm[$key]|h}-->" onChange="setFlag();" size="30" class="box30" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
</td>
</tr>
<tr>
@@ -78,7 +78,7 @@
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <textarea name="header" cols="75" rows="12" class="area75" onChange="setFlag();" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"><!--{$arrForm[$key]|escape}--></textarea><br />
+ <textarea name="header" cols="75" rows="12" class="area75" onChange="setFlag();" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"><!--{$arrForm[$key]|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.LTEXT_LEN}-->文字)
</span>
<div>
@@ -99,7 +99,7 @@
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <textarea name="footer" cols="75" rows="12" class="area75" onChange="setFlag();" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"><!--{$arrForm[$key]|escape}--></textarea><br />
+ <textarea name="footer" cols="75" rows="12" class="area75" onChange="setFlag();" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"><!--{$arrForm[$key]|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.LTEXT_LEN}-->文字)</span>
<div>
<a class="btn-normal" href="javascript:;" onclick="fnCharCount('form1','footer','cnt_footer');"><span>文字数カウント</span></a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/payment.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/payment.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/payment.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -37,16 +37,16 @@
</tr>
<!--{section name=cnt loop=$arrPaymentListFree}-->
<tr>
- <td><!--{$arrPaymentListFree[cnt].payment_id|escape}--></td>
- <td><!--{$arrPaymentListFree[cnt].payment_method|escape}--></td>
+ <td><!--{$arrPaymentListFree[cnt].payment_id|h}--></td>
+ <td><!--{$arrPaymentListFree[cnt].payment_method|h}--></td>
<!--{if $arrPaymentListFree[cnt].charge_flg == 2}-->
<td align="center">-</td>
<!--{else}-->
- <td align="right"><!--{$arrPaymentListFree[cnt].charge|escape|number_format}--></td>
+ <td align="right"><!--{$arrPaymentListFree[cnt].charge|number_format|h}--></td>
<!--{/if}-->
<td align="center">
- <!--{if $arrPaymentListFree[cnt].rule > 0}--><!--{$arrPaymentListFree[cnt].rule|escape|number_format}--><!--{else}-->0<!--{/if}-->円
- <!--{if $arrPaymentListFree[cnt].upper_rule > 0}-->〜<!--{$arrPaymentListFree[cnt].upper_rule|escape|number_format}-->円<!--{elseif $arrPaymentListFree[cnt].upper_rule == "0"}--><!--{else}-->〜無制限<!--{/if}--></td>
+ <!--{if $arrPaymentListFree[cnt].rule > 0}--><!--{$arrPaymentListFree[cnt].rule|number_format|h}--><!--{else}-->0<!--{/if}-->円
+ <!--{if $arrPaymentListFree[cnt].upper_rule > 0}-->〜<!--{$arrPaymentListFree[cnt].upper_rule|number_format|h}-->円<!--{elseif $arrPaymentListFree[cnt].upper_rule == "0"}--><!--{else}-->〜無制限<!--{/if}--></td>
<td align="center"><!--{if $arrPaymentListFree[cnt].fix != 1}--><a href="?" onclick="win03('./payment_input.php?mode=pre_edit&payment_id=<!--{$arrPaymentListFree[cnt].payment_id}-->','payment_input','530','400'); return false;">編集</a><!--{else}-->-<!--{/if}--></td>
<td align="center"><!--{if $arrPaymentListFree[cnt].fix != 1}--><a href="?" onclick="fnModeSubmit('delete', 'payment_id', <!--{$arrPaymentListFree[cnt].payment_id}-->); return false;">削除</a><!--{else}-->-<!--{/if}--></td>
<td align="center">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/payment_input.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/payment_input.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/payment_input.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -35,7 +35,7 @@
<input type="hidden" name="image_key" value="" />
<input type="hidden" name="fix" value="<!--{$arrForm.fix.value}-->" />
<!--{foreach key=key item=item from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<input type="hidden" name="charge_flg" value="<!--{$charge_flg}-->" />
<h2>支払方法登録・編集</h2>
@@ -46,7 +46,7 @@
<td>
<!--{assign var=key value="payment_method"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" size="30" class="box30" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" size="30" class="box30" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
</td>
</tr>
<tr>
@@ -57,7 +57,7 @@
<!--{else}-->
<!--{assign var=key value="charge"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" size="10" class="box10" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" size="10" class="box10" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
円
<!--{/if}-->
</td>
@@ -69,10 +69,10 @@
<!--{assign var=key_to value="upper_rule"}-->
<span class="attention"><!--{$arrErr[$key_from]}--></span>
<span class="attention"><!--{$arrErr[$key_to]}--></span>
- <input type="text" name="<!--{$arrForm[$key_from].keyname}-->" value="<!--{$arrForm[$key_from].value|escape}-->" size="10" class="box10" maxlength="<!--{$arrForm[$key_from].length}-->" style="<!--{$arrErr[$key_from]|sfGetErrorColor}-->" />
+ <input type="text" name="<!--{$arrForm[$key_from].keyname}-->" value="<!--{$arrForm[$key_from].value|h}-->" size="10" class="box10" maxlength="<!--{$arrForm[$key_from].length}-->" style="<!--{$arrErr[$key_from]|sfGetErrorColor}-->" />
円
〜
- <input type="text" name="<!--{$arrForm[$key_to].keyname}-->" value="<!--{$arrForm[$key_to].value|escape}-->" size="10" class="box10" maxlength="<!--{$arrForm[$key_to].length}-->" style="<!--{$arrErr[$key_to]|sfGetErrorColor}-->" />
+ <input type="text" name="<!--{$arrForm[$key_to].keyname}-->" value="<!--{$arrForm[$key_to].value|h}-->" size="10" class="box10" maxlength="<!--{$arrForm[$key_to].length}-->" style="<!--{$arrErr[$key_to]|sfGetErrorColor}-->" />
円
</td>
</tr>
@@ -82,7 +82,7 @@
<!--{assign var=key value="payment_image"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->"> <a href="" onclick="fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->"> <a href="" onclick="fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
<!--{/if}-->
<input type="file" name="<!--{$key}-->" size="25" class="box25" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
<a class="btn-normal" href="javascript:;" name="btn" onclick="fnModeSubmit('upload_image', 'image_key', '<!--{$key}-->')">アップロード</a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/point.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/point.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/point.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -32,7 +32,7 @@
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="6" class="box6" />
% 小数点以下切り捨て</td>
</tr>
<tr>
@@ -42,7 +42,7 @@
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="6" class="box6" />
pt</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/seo.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/seo.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/seo.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -37,19 +37,19 @@
<th>メタタグ:Author</th>
<td>
<span class="attention"><!--{$arrErr[$item.page_id].author}--></span>
- <input type="text" name="meta[<!--{$item.page_id}-->][author]" value="<!--{$item.author|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style='<!--{if $arrErr[$item.page_id].author != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->' /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span></td>
+ <input type="text" name="meta[<!--{$item.page_id}-->][author]" value="<!--{$item.author|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style='<!--{if $arrErr[$item.page_id].author != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->' /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span></td>
</tr>
<tr>
<th>メタタグ:Description</th>
<td>
<span class="attention"><!--{$arrErr[$item.page_id].description}--></span>
- <input type="text" name="meta[<!--{$item.page_id}-->][description]" value="<!--{$item.description|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style='<!--{if $arrErr[$item.page_id].description != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->' /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span></td>
+ <input type="text" name="meta[<!--{$item.page_id}-->][description]" value="<!--{$item.description|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style='<!--{if $arrErr[$item.page_id].description != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->' /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span></td>
</tr>
<tr>
<th>メタタグ:Keywords</th>
<td>
<span class="attention"><!--{$arrErr[$item.page_id].keyword}--></span>
- <input type="text" name="meta[<!--{$item.page_id}-->][keyword]" value="<!--{$item.keyword|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style='<!--{if $arrErr[$item.page_id].keyword != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->' /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span></td>
+ <input type="text" name="meta[<!--{$item.page_id}-->][keyword]" value="<!--{$item.keyword|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style='<!--{if $arrErr[$item.page_id].keyword != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->' /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span></td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/tradelaw.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/tradelaw.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/tradelaw.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -32,7 +32,7 @@
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
</tr>
<tr>
<th>運営責任者<span class="attention"> *</span></th>
@@ -41,7 +41,7 @@
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
</tr>
<tr>
<th>郵便番号<span class="attention"> *</span></th>
@@ -53,9 +53,9 @@
<span class="attention"><!--{$arrErr[$key2]}--></span>
<!--{/if}-->
〒
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
-
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
<a class="btn-normal" href="javascript:;" name="address_input" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'law_zip01', 'law_zip02', 'law_pref', 'law_addr01');">住所入力</a>
</td>
</tr>
@@ -74,14 +74,14 @@
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span>
<br />
<!--{$smarty.const.SAMPLE_ADDRESS1}--><br />
<!--{assign var=key value="law_addr02"}-->
<!--{if $arrErr[$key]}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span>
<br />
<!--{$smarty.const.SAMPLE_ADDRESS2}-->
</td>
@@ -97,9 +97,9 @@
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
<!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box6" />
</td>
</tr>
<tr>
@@ -113,9 +113,9 @@
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
<!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box6" />
</td>
</tr>
<tr>
@@ -123,7 +123,7 @@
<td>
<!--{assign var=key value="law_email"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span>
</td>
</tr>
<tr>
@@ -131,7 +131,7 @@
<td>
<!--{assign var=key value="law_url"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span>
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span>
</td>
</tr>
<tr>
@@ -139,42 +139,42 @@
<td>
<!--{assign var=key value="law_term01"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|escape}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
+ <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|h}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
</tr>
<tr>
<th>注文方法<span class="attention"> *</span></th>
<td>
<!--{assign var=key value="law_term02"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|escape}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
+ <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|h}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
</tr>
<tr>
<th>支払方法<span class="attention"> *</span></th>
<td>
<!--{assign var=key value="law_term03"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|escape}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
+ <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|h}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
</tr>
<tr>
<th>支払期限<span class="attention"> *</span></th>
<td>
<!--{assign var=key value="law_term04"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|escape}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
+ <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|h}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
</tr>
<tr>
<th>引き渡し時期<span class="attention"> *</span></th>
<td>
<!--{assign var=key value="law_term05"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|escape}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
+ <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|h}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
</tr>
<tr>
<th>返品・交換について<span class="attention"> *</span></th>
<td>
<!--{assign var=key value="law_term06"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|escape}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
+ <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|h}--></textarea><span class="attention"> (上限<!--{$arrForm[$key].length}-->文字)</span></td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/basis/zip_install.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/basis/zip_install.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/basis/zip_install.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -29,8 +29,8 @@
</style>
<form name="form1" id="form1" method="get" action="?" onsubmit="return false;">
<input type="hidden" name="mode" value="">
- <p>郵便番号CSVには <!--{$tpl_line|escape}--> 行のデータがあります。</p>
- <p>郵便番号DBには <!--{$tpl_count_mtb_zip|escape}--> 行のデータがあります。</p>
+ <p>郵便番号CSVには <!--{$tpl_line|h}--> 行のデータがあります。</p>
+ <p>郵便番号DBには <!--{$tpl_count_mtb_zip|h}--> 行のデータがあります。</p>
<!--{if $tpl_count_mtb_zip == 0}-->
<p class="attention">登録を行なってください。</p>
<!--{elseif $tpl_line <> $tpl_count_mtb_zip}-->
@@ -52,10 +52,10 @@
</div>
<div class="item">
<a class="btn-normal" href="javascript:;" onclick="fnModeSubmit('manual', '', '');">手動登録</a>
- 開始行: <input type="text" name="startRowNum" value="<!--{$arrForm.startRowNum|default:$tpl_count_mtb_zip+1|escape}-->" size="8"><span class="attention"><!--{$arrErr.startRowNum}--></span><br />
+ 開始行: <input type="text" name="startRowNum" value="<!--{$arrForm.startRowNum|default:$tpl_count_mtb_zip+1|h}-->" size="8"><span class="attention"><!--{$arrErr.startRowNum}--></span><br />
指定した行数から郵便番号を登録します。タイムアウトした場合、直前まで登録されます。
</div>
</form>
<!--{else}-->
- <iframe src="?mode=<!--{$tpl_mode|escape}-->&exec=yes&startRowNum=<!--{$arrForm.startRowNum|escape}-->" name="progress" height="200" width="750" frameborder="0"></iframe>
+ <iframe src="?mode=<!--{$tpl_mode|h}-->&exec=yes&startRowNum=<!--{$arrForm.startRowNum|h}-->" name="progress" height="200" width="750" frameborder="0"></iframe>
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/contents/csv_sql.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/contents/csv_sql.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/contents/csv_sql.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -61,7 +61,7 @@
<!--{ foreach key=key item=item from=$arrSqlList }-->
<tr style="background-color:<!--{if $item.sql_id == $sql_id}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;">
<td>
- <a href="<!--{$smarty.server.PHP_SELF|escape}-->?sql_id=<!--{$item.sql_id}-->" ><!--{$item.sql_name}--></a>
+ <a href="<!--{$smarty.server.PHP_SELF|h}-->?sql_id=<!--{$item.sql_id}-->" ><!--{$item.sql_name}--></a>
</td>
<td>
<div class="btn">
@@ -85,7 +85,7 @@
<th>名称<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.sql_name}--></span>
- <input type="text" name="sql_name" value="<!--{$arrSqlData.sql_name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />
+ <input type="text" name="sql_name" value="<!--{$arrSqlData.sql_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/contents/csv_sql_view.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/contents/csv_sql_view.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/contents/csv_sql_view.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,13 +26,13 @@
<table class="form">
<tr>
<th>SQL文</th>
- <td><!--{$sql|escape|nl2br}--></td>
+ <td><!--{$sql|h|nl2br}--></td>
</tr>
<tr>
<th>エラー内容</th>
<td>
<!--{if $sqlerr != "" }-->
- <!--{$sqlerr|escape|nl2br}-->
+ <!--{$sqlerr|h|nl2br}-->
<!--{else}-->
エラーはありません
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/contents/file_manager.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/contents/file_manager.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/contents/file_manager.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -45,7 +45,7 @@
<th>更新日付</th>
</tr>
<!--{if !$tpl_is_top_dir}-->
- <tr id="parent_dir" onclick="fnSetFormVal('form1', 'select_file', '<!--{$tpl_parent_dir|escape}-->');fnSelectFile('parent_dir', '#808080');" onDblClick="setTreeStatus('tree_status');fnDbClick(arrTree, '<!--{$tpl_parent_dir|escape}-->', true, '<!--{$tpl_now_dir|escape}-->', true)" style="" onMouseOver="fnChangeBgColor('parent_dir', '#808080');" onMouseOut="fnChangeBgColor('parent_dir', '');">
+ <tr id="parent_dir" onclick="fnSetFormVal('form1', 'select_file', '<!--{$tpl_parent_dir|h}-->');fnSelectFile('parent_dir', '#808080');" onDblClick="setTreeStatus('tree_status');fnDbClick(arrTree, '<!--{$tpl_parent_dir|h}-->', true, '<!--{$tpl_now_dir|h}-->', true)" style="" onMouseOver="fnChangeBgColor('parent_dir', '#808080');" onMouseOut="fnChangeBgColor('parent_dir', '');">
<td>
<img src="<!--{$TPL_DIR}-->img/contents/folder_parent.gif" alt="フォルダ"> ..
</td>
@@ -55,17 +55,17 @@
<!--{/if}-->
<!--{section name=cnt loop=$arrFileList}-->
<!--{assign var="id" value="select_file`$smarty.section.cnt.index`"}-->
- <tr id="<!--{$id}-->" onclick="fnSetFormVal('form1', 'select_file', '<!--{$arrFileList[cnt].file_path|escape}-->');fnSelectFile('<!--{$id}-->', '#808080');" onDblClick="setTreeStatus('tree_status');fnDbClick(arrTree, '<!--{$arrFileList[cnt].file_path|escape}-->', <!--{if $arrFileList[cnt].is_dir|escape}-->true<!--{else}-->false<!--{/if}-->, '<!--{$tpl_now_dir|escape}-->', false)" style="" onMouseOver="fnChangeBgColor('<!--{$id}-->', '#808080');" onMouseOut="fnChangeBgColor('<!--{$id}-->', '');">
+ <tr id="<!--{$id}-->" onclick="fnSetFormVal('form1', 'select_file', '<!--{$arrFileList[cnt].file_path|h}-->');fnSelectFile('<!--{$id}-->', '#808080');" onDblClick="setTreeStatus('tree_status');fnDbClick(arrTree, '<!--{$arrFileList[cnt].file_path|h}-->', <!--{if $arrFileList[cnt].is_dir|h}-->true<!--{else}-->false<!--{/if}-->, '<!--{$tpl_now_dir|h}-->', false)" style="" onMouseOver="fnChangeBgColor('<!--{$id}-->', '#808080');" onMouseOut="fnChangeBgColor('<!--{$id}-->', '');">
<td>
<!--{if $arrFileList[cnt].is_dir}-->
<img src="<!--{$TPL_DIR}-->img/contents/folder_close.gif" alt="フォルダ">
<!--{else}-->
<img src="<!--{$TPL_DIR}-->img/contents/file.gif">
<!--{/if}-->
- <!--{$arrFileList[cnt].file_name|escape}-->
+ <!--{$arrFileList[cnt].file_name|h}-->
</td>
<td class="right"><!--{$arrFileList[cnt].file_size|number_format}--></td>
- <td><!--{$arrFileList[cnt].file_time|escape}--></td>
+ <td><!--{$arrFileList[cnt].file_time|h}--></td>
</tr>
<!--{/section}-->
</table>
@@ -83,14 +83,14 @@
<th>ファイルのアップロード</th>
<td>
<!--{if $arrErr.upload_file}--><span class="attention"><!--{$arrErr.upload_file}--></span><!--{/if}-->
- <input type="file" name="upload_file" size="64" <!--{if $arrErr.upload_file}-->style="background-color:<!--{$smarty.const.ERR_COLOR|escape}-->"<!--{/if}-->><a class="btn-normal" href="javascript:;" onclick="setTreeStatus('tree_status');fnModeSubmit('upload','',''); return false;">アップロード</a>
+ <input type="file" name="upload_file" size="64" <!--{if $arrErr.upload_file}-->style="background-color:<!--{$smarty.const.ERR_COLOR|h}-->"<!--{/if}-->><a class="btn-normal" href="javascript:;" onclick="setTreeStatus('tree_status');fnModeSubmit('upload','',''); return false;">アップロード</a>
</td>
</tr>
<tr>
<th>フォルダ作成</th>
<td>
<!--{if $arrErr.create_file}--><span class="attention"><!--{$arrErr.create_file}--></span><!--{/if}-->
- <input type="text" name="create_file" value="" style="width:336px;<!--{if $arrErr.create_file}--> background-color:<!--{$smarty.const.ERR_COLOR|escape}--><!--{/if}-->"><a class="btn-normal" href="javascript:;" onclick="setTreeStatus('tree_status');fnModeSubmit('create','',''); return false;">作成</a>
+ <input type="text" name="create_file" value="" style="width:336px;<!--{if $arrErr.create_file}--> background-color:<!--{$smarty.const.ERR_COLOR|h}--><!--{/if}-->"><a class="btn-normal" href="javascript:;" onclick="setTreeStatus('tree_status');fnModeSubmit('create','',''); return false;">作成</a>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/contents/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/contents/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/contents/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -110,7 +110,7 @@
<div id="admin-contents" class="contents-main">
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="" />
-<input type="hidden" name="news_id" value="<!--{$arrForm.news_id|escape}-->" />
+<input type="hidden" name="news_id" value="<!--{$arrForm.news_id|h}-->" />
<input type="hidden" name="term" value="" />
<!--{* ▼登録テーブルここから *}-->
<table>
@@ -118,15 +118,15 @@
<th>日付<span class="attention"> *</span></th>
<td>
<!--{if $arrErr.year || $arrErr.month || $arrErr.day}--><span class="attention"><!--{$arrErr.year}--><!--{$arrErr.month}--><!--{$arrErr.day}--></span><!--{/if}-->
- <select name="year" <!--{if $arrErr.year}-->style="background-color:<!--{$smarty.const.ERR_COLOR|escape}-->"<!--{/if}-->>
+ <select name="year" <!--{if $arrErr.year}-->style="background-color:<!--{$smarty.const.ERR_COLOR|h}-->"<!--{/if}-->>
<option value="" selected>----</option>
<!--{html_options options=$arrYear selected=$arrForm.year}-->
</select>年
- <select name="month" <!--{if $arrErr.month}-->style="background-color:<!--{$smarty.const.ERR_COLOR|escape}-->"<!--{/if}-->>
+ <select name="month" <!--{if $arrErr.month}-->style="background-color:<!--{$smarty.const.ERR_COLOR|h}-->"<!--{/if}-->>
<option value="" selected>--</option>
<!--{html_options options=$arrMonth selected=$arrForm.month}-->
</select>月
- <select name="day" <!--{if $arrErr.day}-->style="background-color:<!--{$smarty.const.ERR_COLOR|escape}-->"<!--{/if}-->>
+ <select name="day" <!--{if $arrErr.day}-->style="background-color:<!--{$smarty.const.ERR_COLOR|h}-->"<!--{/if}-->>
<option value="" selected>--</option>
<!--{html_options options=$arrDay selected=$arrForm.day}-->
</select>日
@@ -136,7 +136,7 @@
<th>タイトル<span class="attention"> *</span></th>
<td>
<!--{if $arrErr.news_title}--><span class="attention"><!--{$arrErr.news_title}--></span><!--{/if}-->
- <textarea name="news_title" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" <!--{if $arrErr.news_title}-->style="background-color:<!--{$smarty.const.ERR_COLOR|escape}-->"<!--{/if}-->><!--{$arrForm.news_title|escape}--></textarea><br />
+ <textarea name="news_title" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" <!--{if $arrErr.news_title}-->style="background-color:<!--{$smarty.const.ERR_COLOR|h}-->"<!--{/if}-->><!--{$arrForm.news_title|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.MTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -144,7 +144,7 @@
<th>URL</th>
<td>
<span class="attention"><!--{$arrErr.news_url}--></span>
- <input type="text" name="news_url" size="60" class="box60" value="<!--{$arrForm.news_url|escape}-->" <!--{if $arrErr.news_url}-->style="background-color:<!--{$smarty.const.ERR_COLOR|escape}-->"<!--{/if}--> maxlength="<!--{$smarty.const.URL_LEN}-->" />
+ <input type="text" name="news_url" size="60" class="box60" value="<!--{$arrForm.news_url|h}-->" <!--{if $arrErr.news_url}-->style="background-color:<!--{$smarty.const.ERR_COLOR|h}-->"<!--{/if}--> maxlength="<!--{$smarty.const.URL_LEN}-->" />
<span class="attention"> (上限<!--{$smarty.const.URL_LEN}-->文字)</span>
</td>
</tr>
@@ -156,7 +156,7 @@
<th>本文作成</th>
<td>
<!--{if $arrErr.news_comment}--><span class="attention"><!--{$arrErr.news_comment}--></span><!--{/if}-->
- <textarea name="news_comment" cols="60" rows="8" wrap="soft" class="area60" maxlength="<!--{$smarty.const.LTEXT_LEN}-->" style="background-color:<!--{if $arrErr.news_comment}--><!--{$smarty.const.ERR_COLOR|escape}--><!--{/if}-->"><!--{$arrForm.news_comment|escape}--></textarea><br />
+ <textarea name="news_comment" cols="60" rows="8" wrap="soft" class="area60" maxlength="<!--{$smarty.const.LTEXT_LEN}-->" style="background-color:<!--{if $arrErr.news_comment}--><!--{$smarty.const.ERR_COLOR|h}--><!--{/if}-->"><!--{$arrForm.news_comment|h}--></textarea><br />
<span class="attention"> (上限3000文字)</span>
</td>
</tr>
@@ -190,22 +190,22 @@
<tr style="background:<!--{if $list_data[data].news_id eq $news_id}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;" class="center">
<!--{assign var=db_rank value="`$list_data[data].rank`"}-->
<!--{assign var=rank value="`$line_max-$db_rank+1`"}-->
- <td><!--{$rank|escape}--></td>
+ <td><!--{$rank|h}--></td>
<td><!--{$list_data[data].cast_news_date|date_format:"%Y/%m/%d"}--></td>
<td class="left">
- <!--{if $list_data[data].link_method eq 1 && $list_data[data].news_url != ""}--><a href="<!--{$list_data[data].news_url|escape}-->" ><!--{$list_data[data].news_title|escape|nl2br}--></a>
- <!--{elseif $list_data[data].link_method eq 1 && $list_data[data].news_url == ""}--><!--{$list_data[data].news_title|escape|nl2br}-->
- <!--{elseif $list_data[data].link_method eq 2 && $list_data[data].news_url != ""}--><a href="<!--{$list_data[data].news_url|escape}-->" target="_blank" ><!--{$list_data[data].news_title|escape|nl2br}--></a>
- <!--{else}--><!--{$list_data[data].news_title|escape|nl2br}-->
+ <!--{if $list_data[data].link_method eq 1 && $list_data[data].news_url != ""}--><a href="<!--{$list_data[data].news_url|h}-->" ><!--{$list_data[data].news_title|h|nl2br}--></a>
+ <!--{elseif $list_data[data].link_method eq 1 && $list_data[data].news_url == ""}--><!--{$list_data[data].news_title|h|nl2br}-->
+ <!--{elseif $list_data[data].link_method eq 2 && $list_data[data].news_url != ""}--><a href="<!--{$list_data[data].news_url|h}-->" target="_blank" ><!--{$list_data[data].news_title|h|nl2br}--></a>
+ <!--{else}--><!--{$list_data[data].news_title|h|nl2br}-->
<!--{/if}-->
</td>
- <td><a href="#" onclick="return func_edit('<!--{$list_data[data].news_id|escape}-->');">編集</a></td>
- <td><a href="#" onclick="return func_del('<!--{$list_data[data].news_id|escape}-->');">削除</a></td>
+ <td><a href="#" onclick="return func_edit('<!--{$list_data[data].news_id|h}-->');">編集</a></td>
+ <td><a href="#" onclick="return func_del('<!--{$list_data[data].news_id|h}-->');">削除</a></td>
<td>
<!--{if count($list_data) != 1}-->
- <input type="text" name="pos-<!--{$list_data[data].news_id|escape}-->" size="3" class="box3" />番目へ<a href="?" onclick="fnFormModeSubmit('move', 'moveRankSet','news_id', '<!--{$list_data[data].news_id|escape}-->'); return false;">移動</a><br />
+ <input type="text" name="pos-<!--{$list_data[data].news_id|h}-->" size="3" class="box3" />番目へ<a href="?" onclick="fnFormModeSubmit('move', 'moveRankSet','news_id', '<!--{$list_data[data].news_id|h}-->'); return false;">移動</a><br />
<!--{/if}-->
- <!--{if $list_data[data].rank ne $max_rank}--><a href="#" onclick="return func_rankMove('up', '<!--{$list_data[data].news_id|escape}-->', '<!--{$max_rank|escape}-->');">上へ</a><!--{/if}--> <!--{if $list_data[data].rank ne 1}--><a href="#" onclick="return func_rankMove('down', '<!--{$list_data[data].news_id|escape}-->', '<!--{$max_rank|escape}-->');">下へ</a><!--{/if}-->
+ <!--{if $list_data[data].rank ne $max_rank}--><a href="#" onclick="return func_rankMove('up', '<!--{$list_data[data].news_id|h}-->', '<!--{$max_rank|h}-->');">上へ</a><!--{/if}--> <!--{if $list_data[data].rank ne 1}--><a href="#" onclick="return func_rankMove('down', '<!--{$list_data[data].news_id|h}-->', '<!--{$max_rank|h}-->');">下へ</a><!--{/if}-->
</td>
</tr>
<!--{sectionelse}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/contents/recomend.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/contents/recomend.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/contents/recomend.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -80,10 +80,10 @@
<th><!--{$smarty.section.cnt.iteration}--></th>
<td>
<!--{if $arrItems[$smarty.section.cnt.iteration].product_id}-->
- <img src="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrItems[$smarty.section.cnt.iteration].main_list_image|sfNoImageMainList|escape}-->" alt="<!--{$arrItems[$smarty.section.cnt.iteration].name|escape}-->" />
+ <img src="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrItems[$smarty.section.cnt.iteration].main_list_image|sfNoImageMainList|h}-->" alt="<!--{$arrItems[$smarty.section.cnt.iteration].name|h}-->" />
<!--{/if}-->
</td>
- <td><!--{$arrItems[$smarty.section.cnt.iteration].name|escape}--></td>
+ <td><!--{$arrItems[$smarty.section.cnt.iteration].name|h}--></td>
<td>
<!--{if $arrItems[$smarty.section.cnt.iteration].product_id}-->
<a href="#" onClick="return fnInsertValAndSubmit( document.form<!--{$smarty.section.cnt.iteration}-->, 'mode', 'delete', '削除します。宜しいですか' )">削除</a>
@@ -96,9 +96,9 @@
<td>
<form name="form<!--{$smarty.section.cnt.iteration}-->" id="form<!--{$smarty.section.cnt.iteration}-->" method="post" action="?">
<input type="hidden" name="mode" value="regist" />
- <input type="hidden" name="product_id" value="<!--{$arrItems[$smarty.section.cnt.iteration].product_id|escape}-->" />
- <input type="hidden" name="category_id" value="<!--{$category_id|escape}-->" />
- <input type="hidden" name="rank" value="<!--{$arrItems[$smarty.section.cnt.iteration].rank|escape}-->" />
+ <input type="hidden" name="product_id" value="<!--{$arrItems[$smarty.section.cnt.iteration].product_id|h}-->" />
+ <input type="hidden" name="category_id" value="<!--{$category_id|h}-->" />
+ <input type="hidden" name="rank" value="<!--{$arrItems[$smarty.section.cnt.iteration].rank|h}-->" />
<span class="attention"><!--{$arrErr[$smarty.section.cnt.iteration].comment}--></span>
<textarea name="comment" cols="45" rows="4" style="width: 337px; height: 82px; <!--{$arrErr[$smarty.section.cnt.iteration].comment|sfGetErrorColor}-->" <!--{$arrItems[$smarty.section.cnt.iteration].product_id|sfGetEnabled}-->><!--{$arrItems[$smarty.section.cnt.iteration].comment}--></textarea>
<!--{if $arrItems[$smarty.section.cnt.iteration].product_id}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/contents/recomend_search.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/contents/recomend_search.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/contents/recomend_search.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -40,7 +40,7 @@
</script>
<!--▼検索フォーム-->
-<form name="form1" id="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|escape}-->">
+<form name="form1" id="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|h}-->">
<input name="mode" type="hidden" value="search" />
<input name="search_pageno" type="hidden" value="" />
<table class="form">
@@ -76,10 +76,10 @@
<!--▼商品<!--{$smarty.section.cnt.iteration}-->-->
<tr>
<td class="center">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProducts[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="" />
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProducts[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="" />
</td>
- <td><!--{$arrProducts[cnt].product_code|escape|default:"-"}--></td>
- <td><!--{$arrProducts[cnt].name|escape}--></td>
+ <td><!--{$arrProducts[cnt].product_code|default:"-"|h}--></td>
+ <td><!--{$arrProducts[cnt].name|h}--></td>
<td class="center"><a href="" onClick="return func_submit(<!--{$arrProducts[cnt].product_id}-->)">決定</a></td>
</tr>
<!--▲商品<!--{$smarty.section.cnt.iteration}-->-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -44,7 +44,7 @@
<form name="search_form" method="post" action="">
<input type="hidden" name="mode" value="search" />
<!--{foreach from=$arrSearchData key="key" item="item"}-->
- <!--{if $key ne "customer_id" && $key ne "mode" && $key ne "del_mode" && $key ne "edit_customer_id" && $key ne "del_customer_id" && $key ne "csv_mode" && $key ne "job" && $key ne "sex"}--><input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->"><!--{/if}-->
+ <!--{if $key ne "customer_id" && $key ne "mode" && $key ne "del_mode" && $key ne "edit_customer_id" && $key ne "del_customer_id" && $key ne "csv_mode" && $key ne "job" && $key ne "sex"}--><input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->"><!--{/if}-->
<!--{/foreach}-->
<!--{foreach from=$arrSearchData.job key="key" item="item"}-->
<input type="hidden" name="job[]" value="<!--{$item}-->" />
@@ -57,11 +57,11 @@
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="confirm" />
<input type="hidden" name="edit_email" value="<!--{$tpl_edit_email}-->" />
- <input type="hidden" name="customer_id" value="<!--{$list_data.customer_id|escape}-->" />
+ <input type="hidden" name="customer_id" value="<!--{$list_data.customer_id|h}-->" />
<!-- 検索条件の保持 -->
<!--{foreach from=$arrSearchData key="key" item="item"}-->
- <!--{if $key ne "job" && $key ne "sex"}--><input type="hidden" name="search_data[<!--{$key|escape}-->]" value="<!--{$item|escape}-->"><!--{/if}-->
+ <!--{if $key ne "job" && $key ne "sex"}--><input type="hidden" name="search_data[<!--{$key|h}-->]" value="<!--{$item|h}-->"><!--{/if}-->
<!--{/foreach}-->
<!--{foreach from=$arrSearchData.job key="key" item="item"}-->
<input type="hidden" name="search_data[job][]" value="<!--{$item}-->" />
@@ -75,7 +75,7 @@
<table class="form">
<tr>
<th>顧客ID<span class="attention"> *</span></th>
- <td><!--{$list_data.customer_id|escape}--></td>
+ <td><!--{$list_data.customer_id|h}--></td>
</tr>
<tr>
<th>会員状態<span class="attention"> *</span></th>
@@ -89,21 +89,21 @@
<th>お名前<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.name01}--><!--{$arrErr.name02}--></span>
- <input type="text" name="name01" value="<!--{$list_data.name01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" <!--{if $arrErr.name01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> <input type="text" name="name02" value="<!--{$list_data.name02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" <!--{if $arrErr.name02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
+ <input type="text" name="name01" value="<!--{$list_data.name01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" <!--{if $arrErr.name01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> <input type="text" name="name02" value="<!--{$list_data.name02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" <!--{if $arrErr.name02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
</td>
</tr>
<tr>
<th>お名前(フリガナ)<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.kana01}--><!--{$arrErr.kana02}--></span>
- <input type="text" name="kana01" value="<!--{$list_data.kana01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" <!--{if $arrErr.kana01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> <input type="text" name="kana02" value="<!--{$list_data.kana02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" <!--{if $arrErr.kana02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
+ <input type="text" name="kana01" value="<!--{$list_data.kana01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" <!--{if $arrErr.kana01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> <input type="text" name="kana02" value="<!--{$list_data.kana02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="30" class="box30" <!--{if $arrErr.kana02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
</td>
</tr>
<tr>
<th>郵便番号<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.zip01}--><!--{$arrErr.zip02}--></span>
- 〒 <input type="text" name="zip01" value="<!--{$list_data.zip01|escape}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" size="6" class="box6" maxlength="3" <!--{if $arrErr.zip01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="zip02" value="<!--{$list_data.zip02|escape}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" size="6" class="box6" maxlength="4" <!--{if $arrErr.zip02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
+ 〒 <input type="text" name="zip01" value="<!--{$list_data.zip01|h}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" size="6" class="box6" maxlength="3" <!--{if $arrErr.zip01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="zip02" value="<!--{$list_data.zip02|h}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" size="6" class="box6" maxlength="4" <!--{if $arrErr.zip02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
<a class="btn-normal" href="javascript:;" name="address_input" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'zip01', 'zip02', 'pref', 'addr01');">住所入力</a>
</td>
</tr>
@@ -115,9 +115,9 @@
<option value="" selected="selected">都道府県を選択</option>
<!--{html_options options=$arrPref selected=$list_data.pref}-->
</select>
- <input type="text" name="addr01" value="<!--{$list_data.addr01|escape}-->" size="60" class="box60" <!--{if $arrErr.addr01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /><br />
+ <input type="text" name="addr01" value="<!--{$list_data.addr01|h}-->" size="60" class="box60" <!--{if $arrErr.addr01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}--><br />
- <input type="text" name="addr02" value="<!--{$list_data.addr02|escape}-->" size="60" class="box60" <!--{if $arrErr.addr02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /><br />
+ <input type="text" name="addr02" value="<!--{$list_data.addr02|h}-->" size="60" class="box60" <!--{if $arrErr.addr02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}-->
</td>
</tr>
@@ -125,28 +125,28 @@
<th>メールアドレス<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.email}--></span>
- <input type="text" name="email" value="<!--{$list_data.email|escape}-->" size="60" class="box60" <!--{if $arrErr.email != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
+ <input type="text" name="email" value="<!--{$list_data.email|h}-->" size="60" class="box60" <!--{if $arrErr.email != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
</td>
</tr>
<tr>
<th>携帯メールアドレス</th>
<td>
<span class="attention"><!--{$arrErr.email_mobile}--></span>
- <input type="text" name="email_mobile" value="<!--{$list_data.email_mobile|escape}-->" size="60" class="box60" <!--{if $arrErr.email_mobile != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
+ <input type="text" name="email_mobile" value="<!--{$list_data.email_mobile|h}-->" size="60" class="box60" <!--{if $arrErr.email_mobile != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
</td>
</tr>
<tr>
<th>電話番号<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.tel01}--><!--{$arrErr.tel02}--><!--{$arrErr.tel03}--></span>
- <input type="text" name="tel01" value="<!--{$list_data.tel01|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.tel01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="tel02" value="<!--{$list_data.tel02|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.tel01 != "" || $arrErr.tel02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="tel03" value="<!--{$list_data.tel03|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.tel01 != "" || $arrErr.tel03 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
+ <input type="text" name="tel01" value="<!--{$list_data.tel01|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.tel01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="tel02" value="<!--{$list_data.tel02|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.tel01 != "" || $arrErr.tel02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="tel03" value="<!--{$list_data.tel03|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.tel01 != "" || $arrErr.tel03 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
</td>
</tr>
<tr>
<th>FAX</th>
<td>
<span class="attention"><!--{$arrErr.fax01}--><!--{$arrErr.fax02}--><!--{$arrErr.fax03}--></span>
- <input type="text" name="fax01" value="<!--{$list_data.fax01|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.fax01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="fax02" value="<!--{$list_data.fax02|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.fax01 != "" || $arrErr.tel02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="fax03" value="<!--{$list_data.fax03|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.fax01 != "" || $arrErr.fax03 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
+ <input type="text" name="fax01" value="<!--{$list_data.fax01|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.fax01 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="fax02" value="<!--{$list_data.fax02|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.fax01 != "" || $arrErr.tel02 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> - <input type="text" name="fax03" value="<!--{$list_data.fax03|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" class="box6" <!--{if $arrErr.fax01 != "" || $arrErr.fax03 != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
</td>
</tr>
<tr>
@@ -190,7 +190,7 @@
<th>パスワード<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.password}--></span>
- <input type="password" name="password" value="<!--{$list_data.password|escape}-->" size="30" class="box30" <!--{if $arrErr.password != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 半角英数小文字<!--{$smarty.const.PASSWORD_LEN1}-->〜<!--{$smarty.const.PASSWORD_LEN2}-->文字(記号不可)
+ <input type="password" name="password" value="<!--{$list_data.password|h}-->" size="30" class="box30" <!--{if $arrErr.password != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 半角英数小文字<!--{$smarty.const.PASSWORD_LEN1}-->〜<!--{$smarty.const.PASSWORD_LEN2}-->文字(記号不可)
</td>
</tr>
<tr>
@@ -203,7 +203,7 @@
<!--{html_options options=$arrReminder selected=$list_data.reminder}-->
</select><br />
答え:
- <input type="text" name="reminder_answer" value="<!--{$list_data.reminder_answer|escape}-->" size="30" class="box30" <!--{if $arrErr.reminder_answer != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
+ <input type="text" name="reminder_answer" value="<!--{$list_data.reminder_answer|h}-->" size="30" class="box30" <!--{if $arrErr.reminder_answer != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> />
</td>
</tr>
<tr>
@@ -219,14 +219,14 @@
<th>SHOP用メモ</th>
<td>
<span class="attention"><!--{$arrErr.note}--></span>
- <textarea name="note" maxlength="<!--{$smarty.const.LTEXT_LEN}-->" <!--{if $arrErr.note != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> cols="60" rows="8" class="area60"><!--{$list_data.note|escape}--></textarea>
+ <textarea name="note" maxlength="<!--{$smarty.const.LTEXT_LEN}-->" <!--{if $arrErr.note != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> cols="60" rows="8" class="area60"><!--{$list_data.note|h}--></textarea>
</td>
</tr>
<tr>
<th>所持ポイント</th>
<td>
<span class="attention"><!--{$arrErr.point}--></span>
- <input type="text" name="point" value="<!--{$list_data.point|escape}-->" maxlength="<!--{$smarty.const.TEL_LEN}-->" <!--{if $arrErr.point != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> size="6" class="box6" <!--{if $arrErr.point != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> pt
+ <input type="text" name="point" value="<!--{$list_data.point|h}-->" maxlength="<!--{$smarty.const.TEL_LEN}-->" <!--{if $arrErr.point != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> size="6" class="box6" <!--{if $arrErr.point != ""}--><!--{sfSetErrorStyle}--><!--{/if}--> /> pt
</td>
</tr>
</table>
@@ -262,7 +262,7 @@
<td class="center"><!--{$arrPurchaseHistory[cnt].payment_total|number_format}-->円</td>
<td class="center"><!--{if $arrPurchaseHistory[cnt].status eq 5}--><!--{$arrPurchaseHistory[cnt].commit_date|sfDispDBDate}--><!--{else}-->未発送<!--{ /if }--></td>
<!--{assign var=payment_id value="`$arrPurchaseHistory[cnt].payment_id`"}-->
- <td class="center"><!--{$arrPayment[$payment_id]|escape}--></td>
+ <td class="center"><!--{$arrPayment[$payment_id]|h}--></td>
</tr>
<!--{/section}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit_complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit_complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit_complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<input type="hidden" name="mode" value="complete" />
<!--{foreach from=$arrForm key=key item=item}-->
<!--{if $key ne "mode" && $key ne "subm"}-->
-<input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<div id="customer" class="contents-main">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/customer/edit_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -37,12 +37,12 @@
<input type="hidden" name="mode" value="complete" />
<!--{foreach from=$arrForm key=key item=item}-->
<!--{if $key ne "mode" && $key ne "subm"}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<!-- 検索条件の保持 -->
<!--{foreach from=$arrSearchData key="key" item="item"}-->
- <!--{if $key ne "job" && $key ne "sex"}--><input type="hidden" name="search_data[<!--{$key|escape}-->]" value="<!--{$item|escape}-->"><!--{/if}-->
+ <!--{if $key ne "job" && $key ne "sex"}--><input type="hidden" name="search_data[<!--{$key|h}-->]" value="<!--{$item|h}-->"><!--{/if}-->
<!--{/foreach}-->
<!--{foreach from=$arrSearchData.job key="key" item="item"}-->
<input type="hidden" name="search_data[job][]" value=<!--{$item}--> />
@@ -55,7 +55,7 @@
<table class="form">
<tr>
<th>顧客ID<span class="attention"> *</span></th>
- <td><!--{$arrForm.customer_id|escape}--></td>
+ <td><!--{$arrForm.customer_id|h}--></td>
</tr>
<tr>
<th>会員状態<span class="attention"> *</span></th>
@@ -63,47 +63,47 @@
</tr>
<tr>
<th>お名前<span class="attention"> *</span></th>
- <td><!--{$arrForm.name01|escape}--><!--{$arrForm.name02|escape}--> 様</td>
+ <td><!--{$arrForm.name01|h}--><!--{$arrForm.name02|h}--> 様</td>
</tr>
<tr>
<th>お名前(フリガナ)<span class="attention"> *</span></th>
- <td><!--{$arrForm.kana01|escape}--><!--{$arrForm.kana02|escape}--> 様</td>
+ <td><!--{$arrForm.kana01|h}--><!--{$arrForm.kana02|h}--> 様</td>
</tr>
<tr>
<th>郵便番号<span class="attention"> *</span></th>
- <td>〒 <!--{$arrForm.zip01|escape}--> - <!--{$arrForm.zip02|escape}--></td>
+ <td>〒 <!--{$arrForm.zip01|h}--> - <!--{$arrForm.zip02|h}--></td>
</tr>
<tr>
<th>住所<span class="attention"> *</span></td>
- <td><!--{$arrPref[$arrForm.pref]|escape}--><!--{$arrForm.addr01|escape}--><!--{$arrForm.addr02|escape}--></td>
+ <td><!--{$arrPref[$arrForm.pref]|h}--><!--{$arrForm.addr01|h}--><!--{$arrForm.addr02|h}--></td>
</tr>
<tr>
<th>メールアドレス<span class="attention"> *</span></th>
- <td><!--{$arrForm.email|escape}--></td>
+ <td><!--{$arrForm.email|h}--></td>
</tr>
<tr>
<th>携帯メールアドレス</th>
- <td><!--{$arrForm.email_mobile|escape}--></td>
+ <td><!--{$arrForm.email_mobile|h}--></td>
</tr>
<tr>
<th>お電話番号<span class="attention"> *</span></th>
- <td><!--{$arrForm.tel01|escape}--> - <!--{$arrForm.tel02|escape}--> - <!--{$arrForm.tel03|escape}--></td>
+ <td><!--{$arrForm.tel01|h}--> - <!--{$arrForm.tel02|h}--> - <!--{$arrForm.tel03|h}--></td>
</tr>
<tr>
<th>FAX</th>
- <td><!--{if strlen($arrForm.fax01) > 0}--><!--{$arrForm.fax01|escape}--> - <!--{$arrForm.fax02|escape}--> - <!--{$arrForm.fax03|escape}--><!--{else}-->未登録<!--{/if}--></td>
+ <td><!--{if strlen($arrForm.fax01) > 0}--><!--{$arrForm.fax01|h}--> - <!--{$arrForm.fax02|h}--> - <!--{$arrForm.fax03|h}--><!--{else}-->未登録<!--{/if}--></td>
</tr>
<tr>
<th>ご性別<span class="attention"> *</span></th>
- <td><!--{$arrSex[$arrForm.sex]|escape}--></td>
+ <td><!--{$arrSex[$arrForm.sex]|h}--></td>
</tr>
<tr>
<th>ご職業</th>
- <td><!--{$arrJob[$arrForm.job]|escape|default:"未登録"}--></td>
+ <td><!--{$arrJob[$arrForm.job]|default:"未登録"|h}--></td>
</tr>
<tr>
<th>生年月日</th>
- <td><!--{if strlen($arrForm.year) > 0 && strlen($arrForm.month) > 0 && strlen($arrForm.day) > 0}--><!--{$arrForm.year|escape}-->年<!--{$arrForm.month|escape}-->月<!--{$arrForm.day|escape}-->日<!--{else}-->未登録<!--{/if}--></td>
+ <td><!--{if strlen($arrForm.year) > 0 && strlen($arrForm.month) > 0 && strlen($arrForm.day) > 0}--><!--{$arrForm.year|h}-->年<!--{$arrForm.month|h}-->月<!--{$arrForm.day|h}-->日<!--{else}-->未登録<!--{/if}--></td>
</tr>
<tr>
<th>パスワード<span class="attention"> *</span></th>
@@ -112,8 +112,8 @@
<tr>
<th>パスワードを忘れたときのヒント<span class="attention"> *</span></th>
<td>
- 質問: <!--{$arrReminder[$arrForm.reminder]|escape}--><br />
- 答え: <!--{$arrForm.reminder_answer|escape}-->
+ 質問: <!--{$arrReminder[$arrForm.reminder]|h}--><br />
+ 答え: <!--{$arrForm.reminder_answer|h}-->
</td>
</tr>
<tr>
@@ -122,11 +122,11 @@
</tr>
<tr>
<th>SHOP用メモ</th>
- <td><!--{$arrForm.note|escape|nl2br|default:"未登録"}--></td>
+ <td><!--{$arrForm.note|h|nl2br|default:"未登録"}--></td>
</tr>
<tr>
<th>所持ポイント</td>
- <td><!--{$arrForm.point|escape|default:"0"}--> pt</td>
+ <td><!--{$arrForm.point|default:"0"|h}--> pt</td>
</tr>
</table>
<div class="btn">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/customer/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/customer/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/customer/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -80,7 +80,7 @@
<table class="form">
<tr>
<th>顧客ID</th>
- <td><!--{if $arrErr.customer_id}--><span class="attention"><!--{$arrErr.customer_id}--></span><br /><!--{/if}--><input type="text" name="customer_id" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.customer_id|escape}-->" size="30" class="box30" <!--{if $arrErr.customer_id}--><!--{sfSetErrorStyle}--><!--{/if}--> /></td>
+ <td><!--{if $arrErr.customer_id}--><span class="attention"><!--{$arrErr.customer_id}--></span><br /><!--{/if}--><input type="text" name="customer_id" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.customer_id|h}-->" size="30" class="box30" <!--{if $arrErr.customer_id}--><!--{sfSetErrorStyle}--><!--{/if}--> /></td>
<th>都道府県</th>
<td>
<!--{if $arrErr.pref}--><span class="attention"><!--{$arrErr.pref}--></span><br /><!--{/if}-->
@@ -92,9 +92,9 @@
</tr>
<tr>
<th>顧客名</th>
- <td><!--{if $arrErr.name}--><span class="attention"><!--{$arrErr.name}--></span><br /><!--{/if}--><input type="text" name="name" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.name|escape}-->" size="30" class="box30" <!--{if $arrErr.name}--><!--{sfSetErrorStyle}--><!--{/if}--> /></td>
+ <td><!--{if $arrErr.name}--><span class="attention"><!--{$arrErr.name}--></span><br /><!--{/if}--><input type="text" name="name" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.name|h}-->" size="30" class="box30" <!--{if $arrErr.name}--><!--{sfSetErrorStyle}--><!--{/if}--> /></td>
<th>顧客名(カナ)</th>
- <td><!--{if $arrErr.kana}--><span class="attention"><!--{$arrErr.kana}--></span><br /><!--{/if}--><input type="text" name="kana" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.kana|escape}-->" size="30" class="box30" <!--{if $arrErr.kana}--><!--{sfSetErrorStyle}--><!--{/if}--> /></td>
+ <td><!--{if $arrErr.kana}--><span class="attention"><!--{$arrErr.kana}--></span><br /><!--{/if}--><input type="text" name="kana" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.kana|h}-->" size="30" class="box30" <!--{if $arrErr.kana}--><!--{sfSetErrorStyle}--><!--{/if}--> /></td>
</tr>
<tr>
<th>性別</th>
@@ -143,15 +143,15 @@
</tr>
<tr>
<th>メールアドレス</th>
- <td colspan="3"><!--{if $arrErr.email}--><span class="attention"><!--{$arrErr.email}--></span><!--{/if}--><input type="text" name="email" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.email|escape}-->" size="60" class="box60" <!--{if $arrErr.email}--><!--{sfSetErrorStyle}--><!--{/if}-->/></td>
+ <td colspan="3"><!--{if $arrErr.email}--><span class="attention"><!--{$arrErr.email}--></span><!--{/if}--><input type="text" name="email" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.email|h}-->" size="60" class="box60" <!--{if $arrErr.email}--><!--{sfSetErrorStyle}--><!--{/if}-->/></td>
</tr>
<tr>
<th>携帯メールアドレス</th>
- <td colspan="3"><!--{if $arrErr.email_mobile}--><span class="attention"><!--{$arrErr.email_mobile}--></span><!--{/if}--><input type="text" name="email_mobile" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.email_mobile|escape}-->" size="60" class="box60" <!--{if $arrErr.email_mobile}--><!--{sfSetErrorStyle}--><!--{/if}-->/></td>
+ <td colspan="3"><!--{if $arrErr.email_mobile}--><span class="attention"><!--{$arrErr.email_mobile}--></span><!--{/if}--><input type="text" name="email_mobile" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.email_mobile|h}-->" size="60" class="box60" <!--{if $arrErr.email_mobile}--><!--{sfSetErrorStyle}--><!--{/if}-->/></td>
</tr>
<tr>
<th>電話番号</th>
- <td colspan="3"><!--{if $arrErr.tel}--><span class="attention"><!--{$arrErr.tel}--></span><br /><!--{/if}--><input type="text" name="tel" maxlength="<!--{$smarty.const.TEL_LEN}-->" value="<!--{$arrForm.tel|escape}-->" size="60" class="box60" /></td>
+ <td colspan="3"><!--{if $arrErr.tel}--><span class="attention"><!--{$arrErr.tel}--></span><br /><!--{/if}--><input type="text" name="tel" maxlength="<!--{$smarty.const.TEL_LEN}-->" value="<!--{$arrForm.tel|h}-->" size="60" class="box60" /></td>
</tr>
<tr>
<th>職業</th>
@@ -159,9 +159,9 @@
</tr>
<tr>
<th>購入金額</th>
- <td><!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><span class="attention"><!--{$arrErr.buy_total_from}--><!--{$arrErr.buy_total_to}--></span><br /><!--{/if}--><input type="text" name="buy_total_from" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.buy_total_from|escape}-->" size="6" class="box6" <!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 円 〜 <input type="text" name="buy_total_to" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.buy_total_to|escape}-->" size="6" class="box6" <!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 円</td>
+ <td><!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><span class="attention"><!--{$arrErr.buy_total_from}--><!--{$arrErr.buy_total_to}--></span><br /><!--{/if}--><input type="text" name="buy_total_from" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.buy_total_from|h}-->" size="6" class="box6" <!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 円 〜 <input type="text" name="buy_total_to" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.buy_total_to|h}-->" size="6" class="box6" <!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 円</td>
<th>購入回数</th>
- <td><!--{if $arrErr.buy_times_from || $arrErr.buy_times_to}--><span class="attention"><!--{$arrErr.buy_times_from}--><!--{$arrErr.buy_times_to}--></span><br /><!--{/if}--><input type="text" name="buy_times_from" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.buy_times_from|escape}-->" size="6" class="box6" <!--{if $arrErr.buy_times_from || $arrErr.buy_times_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 回 〜 <input type="text" name="buy_times_to" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.buy_times_to|escape}-->" size="6" class="box6" <!--{if $arrErr.buy_times_from || $arrErr.buy_times_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 回</td>
+ <td><!--{if $arrErr.buy_times_from || $arrErr.buy_times_to}--><span class="attention"><!--{$arrErr.buy_times_from}--><!--{$arrErr.buy_times_to}--></span><br /><!--{/if}--><input type="text" name="buy_times_from" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.buy_times_from|h}-->" size="6" class="box6" <!--{if $arrErr.buy_times_from || $arrErr.buy_times_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 回 〜 <input type="text" name="buy_times_to" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$arrForm.buy_times_to|h}-->" size="6" class="box6" <!--{if $arrErr.buy_times_from || $arrErr.buy_times_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 回</td>
</tr>
<tr>
<th>登録・更新日</th>
@@ -228,7 +228,7 @@
<td>
<!--{if $arrErr.buy_product_name}--><span class="attention"><!--{$arrErr.buy_product_name}--></span><!--{/if}-->
<span style="<!--{$arrErr.buy_product_name|sfGetErrorColor}-->">
- <input type="text" name="buy_product_name" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.buy_product_name|escape}-->" size="30" class="box30" style="<!--{$arrErr.buy_product_name|sfGetErrorColor}-->"/>
+ <input type="text" name="buy_product_name" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$arrForm.buy_product_name|h}-->" size="30" class="box30" style="<!--{$arrErr.buy_product_name|sfGetErrorColor}-->"/>
</span>
</td>
<th>購入商品コード</th>
@@ -261,7 +261,7 @@
<!--★★検索結果一覧★★-->
<form name="form1" id="form1" method="post" action="?">
<!--{foreach from=$smarty.post key="key" item="item"}-->
-<!--{if $key ne "mode" && $key ne "del_mode" && $key ne "edit_customer_id" && $key ne "del_customer_id" && $key ne "search_pageno" && $key ne "csv_mode" && $key ne "job" && $key ne "sex" && $key ne "status"}--><input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->"><!--{/if}-->
+<!--{if $key ne "mode" && $key ne "del_mode" && $key ne "edit_customer_id" && $key ne "del_customer_id" && $key ne "search_pageno" && $key ne "csv_mode" && $key ne "job" && $key ne "sex" && $key ne "status"}--><input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->"><!--{/if}-->
<!--{/foreach}-->
<!--{foreach from=$smarty.post.job key="key" item="item"}-->
<input type="hidden" name="job[]" value=<!--{$item}-->>
@@ -276,7 +276,7 @@
<input type="hidden" name="del_mode" value="" />
<input type="hidden" name="edit_customer_id" value="" />
<input type="hidden" name="del_customer_id" value="" />
-<input type="hidden" name="search_pageno" value="<!--{$smarty.post.search_pageno|escape}-->" />
+<input type="hidden" name="search_pageno" value="<!--{$smarty.post.search_pageno|h}-->" />
<input type="hidden" name="csv_mode" value="" />
<h2>検索結果一覧</h2>
@@ -311,16 +311,16 @@
<!--{foreach from=$search_data item=row}-->
<tr>
<td class="center" rowspan="2"><!--{if $row.status eq 1}-->仮<!--{else}-->本<!--{/if}--></td>
- <td><!--{$row.customer_id|escape}--></td>
- <td rowspan="2"><!--{$row.name01|escape}--> <!--{$row.name02|escape}-->(<!--{$row.kana01|escape}--> <!--{$row.kana02|escape}-->)</td>
- <td class="center" rowspan="2"><!--{$arrSex[$row.sex]|escape}--></td>
- <td><!--{$row.tel01|escape}-->-<!--{$row.tel02|escape}-->-<!--{$row.tel03|escape}--></td>
- <td class="center" rowspan="2"><span class="icon_edit"><a href="#" onclick="return fnEdit('<!--{$row.customer_id|escape}-->');">編集</a></span></td>
- <td class="center" rowspan="2"><span class="icon_delete"><a href="#" onclick="return fnDelete('<!--{$row.customer_id|escape}-->');">削除</a></span></td>
+ <td><!--{$row.customer_id|h}--></td>
+ <td rowspan="2"><!--{$row.name01|h}--> <!--{$row.name02|h}-->(<!--{$row.kana01|h}--> <!--{$row.kana02|h}-->)</td>
+ <td class="center" rowspan="2"><!--{$arrSex[$row.sex]|h}--></td>
+ <td><!--{$row.tel01|h}-->-<!--{$row.tel02|h}-->-<!--{$row.tel03|h}--></td>
+ <td class="center" rowspan="2"><span class="icon_edit"><a href="#" onclick="return fnEdit('<!--{$row.customer_id|h}-->');">編集</a></span></td>
+ <td class="center" rowspan="2"><span class="icon_delete"><a href="#" onclick="return fnDelete('<!--{$row.customer_id|h}-->');">削除</a></span></td>
</tr>
<tr>
<td><!--{assign var=pref value=$row.pref}--><!--{$arrPref[$pref]}--></td>
- <td><!--{mailto address=$row.email encode="javascript"}--></a><!--{if $row.status eq 1}--><br /><a href="#" onclick="return fnReSendMail('<!--{$row.customer_id|escape}-->');">仮登録メール再送</a><!--{/if}--></td>
+ <td><!--{mailto address=$row.email encode="javascript"}--></a><!--{if $row.status eq 1}--><br /><a href="#" onclick="return fnReSendMail('<!--{$row.customer_id|h}-->');">仮登録メール再送</a><!--{/if}--></td>
</tr>
<!--{/foreach}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/customer/search_customer.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/customer/search_customer.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/customer/search_customer.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -59,7 +59,7 @@
<div align="center">
<!--▼検索フォーム-->
-<form name="form1" id="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|escape}-->">
+<form name="form1" id="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|h}-->">
<input name="mode" type="hidden" value="search">
<input name="search_pageno" type="hidden" value="">
<input name="customer_id" type="hidden" value="">
@@ -68,7 +68,7 @@
<td bgcolor="#f0f0f0" width="100">顧客ID</td>
<td bgcolor="#ffffff" width="287" colspan="2">
<!--{if $arrErr.search_customer_id}--><span class="red12"><!--{$arrErr.search_customer_id}--></span><!--{/if}-->
- <input type="text" name="search_customer_id" value="<!--{$arrForm.search_customer_id|escape}-->" size="40" class="box40" style="<!--{$arrErr.search_customer_id|sfGetErrorColor}-->"/>
+ <input type="text" name="search_customer_id" value="<!--{$arrForm.search_customer_id|h}-->" size="40" class="box40" style="<!--{$arrErr.search_customer_id|sfGetErrorColor}-->"/>
</td>
</tr>
<tr class="fs12n">
@@ -76,8 +76,8 @@
<td bgcolor="#ffffff">
<!--{if $arrErr.search_name01}--><span class="red12"><!--{$arrErr.search_name01}--></span><!--{/if}-->
<!--{if $arrErr.search_name02}--><span class="red12"><!--{$arrErr.search_name02}--></span><!--{/if}-->
- 姓 <input type="text" name="search_name01" value="<!--{$arrForm.search_name01|escape}-->" size="15" class="box15" style="<!--{$arrErr.search_name01|sfGetErrorColor}-->"/>
- 名 <input type="text" name="search_name02" value="<!--{$arrForm.search_name02|escape}-->" size="15" class="box15" style="<!--{$arrErr.search_name02|sfGetErrorColor}-->"/>
+ 姓 <input type="text" name="search_name01" value="<!--{$arrForm.search_name01|h}-->" size="15" class="box15" style="<!--{$arrErr.search_name01|sfGetErrorColor}-->"/>
+ 名 <input type="text" name="search_name02" value="<!--{$arrForm.search_name02|h}-->" size="15" class="box15" style="<!--{$arrErr.search_name02|sfGetErrorColor}-->"/>
</td>
</tr>
<tr class="fs12n">
@@ -85,8 +85,8 @@
<td bgcolor="#ffffff">
<!--{if $arrErr.search_kana01}--><span class="red12"><!--{$arrErr.search_kana01}--></span><!--{/if}-->
<!--{if $arrErr.search_kana02}--><span class="red12"><!--{$arrErr.search_kana02}--></span><!--{/if}-->
- セイ<input type="text" name="search_kana01" value="<!--{$arrForm.search_kana01|escape}-->" size="15" class="box15" style="<!--{$arrErr.search_kana01|sfGetErrorColor}-->"/>
- メイ <input type="text" name="search_kana02" value="<!--{$arrForm.search_kana02|escape}-->" size="15" class="box15" style="<!--{$arrErr.search_kana02|sfGetErrorColor}-->"/>
+ セイ<input type="text" name="search_kana01" value="<!--{$arrForm.search_kana01|h}-->" size="15" class="box15" style="<!--{$arrErr.search_kana01|sfGetErrorColor}-->"/>
+ メイ <input type="text" name="search_kana02" value="<!--{$arrForm.search_kana02|h}-->" size="15" class="box15" style="<!--{$arrErr.search_kana02|sfGetErrorColor}-->"/>
</td>
</tr>
</table>
@@ -125,10 +125,10 @@
<!--▼顧客<!--{$smarty.section.cnt.iteration}-->-->
<tr bgcolor="#FFFFFF" class="fs12n">
<td width="90" align="center">
- <!--{$arrCustomer[cnt].customer_id|escape}-->
+ <!--{$arrCustomer[cnt].customer_id|h}-->
</td>
- <td><!--{$arrCustomer[cnt].name01|escape}--><!--{$arrCustomer[cnt].name02|escape}-->(<!--{$arrCustomer[cnt].kana01|escape}--><!--{$arrCustomer[cnt].kana02|escape}-->)</td>
- <td><!--{$arrCustomer[cnt].tel01|escape}-->-<!--{$arrCustomer[cnt].tel02|escape}-->-<!--{$arrCustomer[cnt].tel03|escape}--></td>
+ <td><!--{$arrCustomer[cnt].name01|h}--><!--{$arrCustomer[cnt].name02|h}-->(<!--{$arrCustomer[cnt].kana01|h}--><!--{$arrCustomer[cnt].kana02|h}-->)</td>
+ <td><!--{$arrCustomer[cnt].tel01|h}-->-<!--{$arrCustomer[cnt].tel02|h}-->-<!--{$arrCustomer[cnt].tel03|h}--></td>
<td align="center"><a href="" onClick="return func_submit(<!--{$arrCustomer[cnt].customer_id}-->)">決定</a></td>
</tr>
<!--▲商品<!--{$smarty.section.cnt.iteration}-->-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/design/bloc.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/design/bloc.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/design/bloc.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<form name="form_bloc" id="form_bloc" method="post" action="?" >
<input type="hidden" name="mode" value="" />
<input type="hidden" name="bloc_id" value="<!--{$bloc_id}-->" />
-<input type="hidden" name="device_type_id" value="<!--{$device_type_id|escape}-->" />
+<input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
<!--{* ▼ブロック設定 *}-->
@@ -39,13 +39,13 @@
<tr>
<th>ブロック名</th>
<td>
- <input type="text" name="bloc_name" value="<!--{$arrBlocData.bloc_name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.bloc_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
+ <input type="text" name="bloc_name" value="<!--{$arrBlocData.bloc_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.bloc_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
<!--{ if $arrErr.bloc_name != "" }--> <div align="center"> <span class="attention"><!--{$arrErr.bloc_name}--></span></div> <!--{/if}-->
</td>
</tr>
<tr>
<th>ファイル名</th>
- <td><input type="text" name="filename" value="<!--{$arrBlocData.filename|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.filename != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />.tpl<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
+ <td><input type="text" name="filename" value="<!--{$arrBlocData.filename|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.filename != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />.tpl<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
<!--{ if $arrErr.filename != "" }--> <div align="center"> <span class="attention"><!--{$arrErr.filename}--></span></div> <!--{/if}-->
</td>
</tr>
@@ -68,7 +68,7 @@
<!--{* ▼ブロック一覧 *}-->
<h2>編集可能ブロック</h2>
<div class="btn addnew">
- <a class='button' href="<!--{$smarty.server.PHP_SELF|escape}-->"><span>ブロックを新規入力</span></a>
+ <a class='button' href="<!--{$smarty.server.PHP_SELF|h}-->"><span>ブロックを新規入力</span></a>
</div>
<table class="list center">
<tr>
@@ -78,7 +78,7 @@
<tr style="background-color:<!--{if $item.bloc_id == $bloc_id}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;">
<td><!--{$item.bloc_name}--></td>
<td>
- <a href="<!--{$smarty.server.PHP_SELF|escape}-->?bloc_id=<!--{$item.bloc_id}-->&device_type_id=<!--{$device_type_id}-->" >編集</a>
+ <a href="<!--{$smarty.server.PHP_SELF|h}-->?bloc_id=<!--{$item.bloc_id}-->&device_type_id=<!--{$device_type_id}-->" >編集</a>
</td>
<td>
<!--{if $item.deletable_flg == 1}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/design/css.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/design/css.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/design/css.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<input type="hidden" name="mode" value="" />
<input type="hidden" name="area_row" value="<!--{$area_row}-->" />
<input type="hidden" name="old_css_name" value="<!--{$old_css_name}-->" />
-<input type="hidden" name="device_type_id" value="<!--{$device_type_id|escape}-->" />
+<input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
<div id="design" class="contents-main">
<!--▼CSS設定ここから-->
@@ -56,7 +56,7 @@
<!--▼CSSファイル一覧 ここから-->
<h2>編集可能CSSファイル</h2>
<div class="btn addnew">
- <a class="btn-normal" href="<!--{$smarty.server.PHP_SELF|escape}-->"><span>CSSを新規入力</span></a>
+ <a class="btn-normal" href="<!--{$smarty.server.PHP_SELF|h}-->"><span>CSSを新規入力</span></a>
</div>
<table class="list center" id="design-css-list">
<tr>
@@ -69,7 +69,7 @@
<tr>
<td><!--{$item.file_name}--></td>
<td style="background:<!--{if $item.css_name == $css_name}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;">
- <a href="<!--{$smarty.server.PHP_SELF|escape}-->?css_name=<!--{$item.css_name}-->&device_type_id=<!--{$device_type_id}-->">編集</a>
+ <a href="<!--{$smarty.server.PHP_SELF|h}-->?css_name=<!--{$item.css_name}-->&device_type_id=<!--{$device_type_id}-->">編集</a>
</td>
<td style="background:<!--{if $item.css_name == $css_name}--><!--{$smarty.const.SELECT_RGB}--><!--{else}-->#ffffff<!--{/if}-->;">
<a href="javascript:;" onclick="fnFormModeSubmit('form_css','delete','css_name','<!--{$item.css_name}-->');">削除</a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/design/header.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/design/header.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/design/header.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -46,7 +46,7 @@
<input type="hidden" name="division" value="header" />
<input type="hidden" name="header_row" value="<!--{$header_row}-->" />
<input type="hidden" name="browser_type" value="" />
- <input type="hidden" name="device_type_id" value="<!--{$device_type_id|escape}-->" />
+ <input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
<textarea name="header" rows="<!--{$header_row}-->" wrap="off" style="width: 100%;"><!--{$header_data|smarty:nodefaults}--></textarea>
<div class="btn">
@@ -76,7 +76,7 @@
<input type="hidden" name="division" value="footer" />
<input type="hidden" name="footer_row" value=<!--{$footer_row}--> />
<input type="hidden" name="browser_type" value="" />
- <input type="hidden" name="device_type_id" value="<!--{$device_type_id|escape}-->" />
+ <input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
<textarea name="footer" rows="<!--{$footer_row}-->" style="width: 100%;"><!--{$footer_data|smarty:nodefaults}--></textarea>
<div class="btn">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/design/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/design/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/design/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -20,7 +20,7 @@
<input type="hidden" name="mode" value="" />
<input type="hidden" name="page_id" value="<!--{$page_id}-->" />
<input type="hidden" name="bloc_cnt" value="<!--{$bloc_cnt}-->" />
-<input type="hidden" name="device_type_id" value="<!--{$device_type_id|escape}-->" />
+<input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
<div id="design" class="contents-main">
<!--{* ▼レイアウトここから *}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/design/main_edit.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/design/main_edit.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/design/main_edit.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -47,7 +47,7 @@
<form name="form_edit" id="form_edit" method="post" action="?" >
<input type="hidden" name="mode" value="" />
<input type="hidden" name="page_id" value="<!--{$page_id}-->" />
-<input type="hidden" name="device_type_id" value="<!--{$device_type_id|escape}-->" />
+<input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
<!--{if $arrErr.page_id_err != ""}-->
<div class="message">
@@ -59,9 +59,9 @@
<th>名称</th>
<td>
<!--{if $arrPageData.edit_flg == 2}-->
- <!--{$arrPageData.page_name|escape}--><input type="hidden" name="page_name" value="<!--{$arrPageData.page_name|escape}-->" />
+ <!--{$arrPageData.page_name|h}--><input type="hidden" name="page_name" value="<!--{$arrPageData.page_name|h}-->" />
<!--{else}-->
- <input type="text" name="page_name" value="<!--{$arrPageData.page_name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.page_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
+ <input type="text" name="page_name" value="<!--{$arrPageData.page_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.page_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
<!--{/if}-->
<!--{ if $arrErr.page_name != "" }-->
<div class="message">
@@ -73,10 +73,10 @@
<th>URL</th>
<td>
<!--{if $arrPageData.edit_flg == 2}-->
- <!--{$smarty.const.SITE_URL|escape}--><!--{$arrPageData.url|escape}-->
- <input type="hidden" name="url" value="<!--{$arrPageData.filename|escape}-->" />
+ <!--{$smarty.const.SITE_URL|h}--><!--{$arrPageData.url|h}-->
+ <input type="hidden" name="url" value="<!--{$arrPageData.filename|h}-->" />
<!--{else}-->
- <!--{$user_URL|escape}--><input type="text" name="url" value="<!--{$arrPageData.directory|escape}--><!--{$arrPageData.filename|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.url != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}--> ime-mode: disabled;" size="40" class="box40" />.php<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
+ <!--{$user_URL|h}--><input type="text" name="url" value="<!--{$arrPageData.directory|h}--><!--{$arrPageData.filename|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.url != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}--> ime-mode: disabled;" size="40" class="box40" />.php<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
<!--{/if}-->
<!--{ if $arrErr.url != "" }-->
<div class="attention">
@@ -91,7 +91,7 @@
<label for="header-chk"><input type="checkbox" name="header_chk" id="header-chk" <!--{$arrPageData.header_chk}--> />共通のヘッダーを使用する</label>
<label for="footer-chk"><input type="checkbox" name="footer_chk" id="footer-chk" <!--{$arrPageData.footer_chk}--> />共通のフッターを使用する</label>
<div>
- <textarea name="tpl_data" rows=<!--{$text_row}--> style="width: 100%;"><!--{$arrPageData.tpl_data|escape|smarty:nodefaults}--></textarea>
+ <textarea name="tpl_data" rows=<!--{$text_row}--> style="width: 100%;"><!--{$arrPageData.tpl_data|h|smarty:nodefaults}--></textarea>
<input type="hidden" name="html_area_row" value="<!--{$text_row}-->" />
<a class="btn-normal" href="javascript:;" onclick="ChangeSize(this, tpl_data, 50, 13, html_area_row)"><span><!--{if $text_row > 13}-->縮小<!--{else}-->拡大<!--{/if}--></span></a>
</div>
@@ -136,7 +136,7 @@
<!--{/foreach}-->
</table>
<div class="btn addnew">
- <a class="btn-normal" href="<!--{$smarty.server.PHP_SELF|escape}-->"><span>ページを新規入力</span></a>
+ <a class="btn-normal" href="<!--{$smarty.server.PHP_SELF|h}-->"><span>ページを新規入力</span></a>
</div>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/design/template.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/design/template.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/design/template.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -38,7 +38,7 @@
<input type="hidden" name="mode" value="" />
<input type="hidden" name="template_code_temp" value="" />
<input type="hidden" name="uniqid" value="<!--{$uniqid}-->" />
-<input type="hidden" name="device_type_id" value="<!--{$device_type_id|escape}-->" />
+<input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
<div id="design" class="contents-main">
<p style="margin-bottom: 20px">
テンプレートを選択し、「この内容で登録する」ボタンを押すと、<br />
@@ -55,9 +55,9 @@
<!--{foreach from=$templates item=tpl}-->
<!--{assign var=tplcode value=$tpl.template_code}-->
<tr class="center">
- <td><input type="radio" name="template_code" value="<!--{$tplcode|escape}-->" <!--{if $tplcode == $tpl_select}-->checked<!--{/if}--> /></td>
- <td class="left"><!--{$tpl.template_name|escape}--></td>
- <td class="left">data/Smarty/templates/<!--{$tplcode|escape}-->/</td>
+ <td><input type="radio" name="template_code" value="<!--{$tplcode|h}-->" <!--{if $tplcode == $tpl_select}-->checked<!--{/if}--> /></td>
+ <td class="left"><!--{$tpl.template_name|h}--></td>
+ <td class="left">data/Smarty/templates/<!--{$tplcode|h}-->/</td>
<td><span class="icon_confirm"><a href="#" onClick="fnModeSubmit('download','template_code_temp','<!--{$tplcode}-->');return false;">ダウンロード</a></span></td>
<td><span class="icon_delete"><a href="#" onClick="fnModeSubmit('delete','template_code_temp','<!--{$tplcode}-->');return false;">削除</a></span></td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/design/up_down.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/design/up_down.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/design/up_down.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -37,7 +37,7 @@
<form name="form1" method="post" action="?" enctype="multipart/form-data">
<input type="hidden" name="mode" value="" />
<input type="hidden" name="uniqid" value="<!--{$uniqid}-->" />
-<input type="hidden" name="device_type_id" value="<!--{$device_type_id|escape}-->" />
+<input type="hidden" name="device_type_id" value="<!--{$device_type_id|h}-->" />
<div id="disign" class="contents-main">
<p class="remark">
テンプレートパッケージのアップロードを行います。<br />
@@ -49,7 +49,7 @@
<th>テンプレートコード</td>
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54">
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54">
</td>
</tr>
<!--{assign var=key value="template_name"}-->
@@ -57,7 +57,7 @@
<th>テンプレート名</td>
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54">
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54">
</td>
</tr>
<!--{assign var=key value="template_file"}-->
@@ -67,7 +67,7 @@
</td>
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="file" name="<!--{$key}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54" size="64" <!--{if $arrErr[$key]}-->style="background-color:<!--{$smarty.const.ERR_COLOR|escape}-->"<!--{/if}-->>
+ <input type="file" name="<!--{$key}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54" size="64" <!--{if $arrErr[$key]}-->style="background-color:<!--{$smarty.const.ERR_COLOR|h}-->"<!--{/if}-->>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/design/upload.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/design/upload.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/design/upload.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -31,7 +31,7 @@
<th>テンプレートコード</th>
<td>
<!--{if $arrErr[$key]}--><span class="attention"><!--{$arrErr[$key]}--></span><!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54" />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54" />
</td>
</tr>
<!--{assign var=key value="template_name"}-->
@@ -39,7 +39,7 @@
<th>テンプレート名</th>
<td>
<!--{if $arrErr[$key]}--><span class="attention"><!--{$arrErr[$key]}--></span><!--{/if}-->
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54" />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54" />
</td>
</tr>
<!--{assign var=key value="template_file"}-->
@@ -47,7 +47,7 @@
<th>テンプレートファイル<br /><span class="attention">※ファイル形式は.tar/.tar.gzのみ</span></th>
<td>
<!--{if $arrErr[$key]}--><span class="attention"><!--{$arrErr[$key]}--></span><!--{/if}-->
- <input type="file" name="<!--{$key}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54" size="64" <!--{if $arrErr.template_file}-->style="background-color:<!--{$smarty.const.ERR_COLOR|escape}-->"<!--{/if}--> />
+ <input type="file" name="<!--{$key}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box54" size="64" <!--{if $arrErr.template_file}-->style="background-color:<!--{$smarty.const.ERR_COLOR|h}-->"<!--{/if}--> />
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/home.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/home.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/home.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -28,7 +28,7 @@
<div id="home-info">
<!--{foreach item=info from=$arrInfo}-->
<dl class="home-info-item">
- <dt class="date"><!--{$info.disp_date|sfDispDBDate:false|escape}--></dt>
+ <dt class="date"><!--{$info.disp_date|sfDispDBDate:false|h}--></dt>
<dt class="title"><!--{$info.title}--></dt>
<dd class="body"><!--{$info.body}--></dd>
</dl>
@@ -101,7 +101,7 @@
<th>品切れ商品</td>
<td>
<!--{section name=i loop=$arrSoldout}-->
- <!--{$arrSoldout[i].product_id}-->:<!--{$arrSoldout[i].name|escape}--><br />
+ <!--{$arrSoldout[i].product_id}-->:<!--{$arrSoldout[i].name|h}--><br />
<!--{/section}-->
</td>
</tr>
@@ -121,9 +121,9 @@
<!--{section name=i loop=$arrNewOrder}-->
<tr>
<td><!--{$arrNewOrder[i].create_date}--></td>
- <td><!--{$arrNewOrder[i].name01|escape}--> <!--{$arrNewOrder[i].name02|escape}--></td>
- <td><!--{$arrNewOrder[i].product_name|escape}--></td>
- <td><!--{$arrNewOrder[i].payment_method|escape}--></td>
+ <td><!--{$arrNewOrder[i].name01|h}--> <!--{$arrNewOrder[i].name02|h}--></td>
+ <td><!--{$arrNewOrder[i].product_name|h}--></td>
+ <td><!--{$arrNewOrder[i].payment_method|h}--></td>
<td class="right"><!--{$arrNewOrder[i].total|number_format}-->円</td>
</tr>
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/history.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/history.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/history.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -41,25 +41,25 @@
</tr>
<!--{section name=cnt loop=$arrDataList}-->
<tr>
- <td><!--{$arrDataList[cnt].start_date|sfDispDBDate|escape}--></td>
- <td><!--{$arrDataList[cnt].end_date|sfDispDBDate|escape}--></td>
- <td class="left"><!--{$arrDataList[cnt].subject|escape}--></td>
- <td><a href="javascript:;" onclick="win03('./preview.php?send_id=<!--{$arrDataList[cnt].send_id|escape}-->', 'confirm', '720', '600')">確認</a></td>
- <td><a href="#" onclick="win03('./<!--{$smarty.const.DIR_INDEX_URL}-->?mode=query&send_id=<!--{$arrDataList[cnt].send_id|escape}-->','query','720','420'); return false;">確認</a></td>
- <td><!--{$arrDataList[cnt].count_all|escape}--></td>
- <td><!--{$arrDataList[cnt].count_sent|escape}--></td>
+ <td><!--{$arrDataList[cnt].start_date|sfDispDBDate|h}--></td>
+ <td><!--{$arrDataList[cnt].end_date|sfDispDBDate|h}--></td>
+ <td class="left"><!--{$arrDataList[cnt].subject|h}--></td>
+ <td><a href="javascript:;" onclick="win03('./preview.php?send_id=<!--{$arrDataList[cnt].send_id|h}-->', 'confirm', '720', '600')">確認</a></td>
+ <td><a href="#" onclick="win03('./<!--{$smarty.const.DIR_INDEX_URL}-->?mode=query&send_id=<!--{$arrDataList[cnt].send_id|h}-->','query','720','420'); return false;">確認</a></td>
+ <td><!--{$arrDataList[cnt].count_all|h}--></td>
+ <td><!--{$arrDataList[cnt].count_sent|h}--></td>
<td style="<!--{if $arrDataList[cnt].count_error >= 1}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->">
- <!--{$arrDataList[cnt].count_error|escape}-->
+ <!--{$arrDataList[cnt].count_error|h}-->
</td>
<td style="<!--{if $arrDataList[cnt].count_unsent >= 1}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->">
- <!--{$arrDataList[cnt].count_unsent|escape}-->
+ <!--{$arrDataList[cnt].count_unsent|h}-->
</td>
<td>
<!--{if $arrDataList[cnt].count_error >= 1 || $arrDataList[cnt].count_unsent >= 1}-->
- <a href="sendmail.php?mode=now&send_id=<!--{$arrDataList[cnt].send_id|escape}-->&retry=yes" onclick="return window.confirm('未配信と配信失敗となった宛先に再送信を試みますか?');">実行</a>
+ <a href="sendmail.php?mode=now&send_id=<!--{$arrDataList[cnt].send_id|h}-->&retry=yes" onclick="return window.confirm('未配信と配信失敗となった宛先に再送信を試みますか?');">実行</a>
<!--{/if}-->
</td>
- <td><a href="?mode=delete&send_id=<!--{$arrDataList[cnt].send_id|escape}-->" onclick="return window.confirm('配信履歴を削除しても宜しいでしょうか');">削除</a></td>
+ <td><a href="?mode=delete&send_id=<!--{$arrDataList[cnt].send_id|h}-->" onclick="return window.confirm('配信履歴を削除しても宜しいでしょうか');">削除</a></td>
</tr>
<!--{/section}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -32,12 +32,12 @@
<th>顧客名</th>
<td>
<!--{if $arrErr.name}--><span class="attention"><!--{$arrErr.name}--></span><br /><!--{/if}-->
- <input type="text" name="name" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.name|escape}-->" size="30" class="box30" style="<!--{$arrErr.name|sfGetErrorColor}-->" />
+ <input type="text" name="name" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.name|h}-->" size="30" class="box30" style="<!--{$arrErr.name|sfGetErrorColor}-->" />
</td>
<th>顧客名(カナ)</th>
<td>
<!--{if $arrErr.kana}--><span class="attention"><!--{$arrErr.kana}--></span><br /><!--{/if}-->
- <input type="text" name="kana" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.kana|escape}-->" size="30" class="box30" style="<!--{$arrErr.kana|sfGetErrorColor}-->" />
+ <input type="text" name="kana" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.kana|h}-->" size="30" class="box30" style="<!--{$arrErr.kana|sfGetErrorColor}-->" />
</td>
</tr>
<tr>
@@ -52,7 +52,7 @@
<th>TEL</th>
<td>
<!--{if $arrErr.tel}--><span class="attention"><!--{$arrErr.tel}--></span><br /><!--{/if}-->
- <input type="text" name="tel" maxlength="<!--{$smarty.const.TEL_LEN}-->" value="<!--{$list_data.tel|escape}-->" size="30" class="box30" style="<!--{$arrErr.tel|sfGetErrorColor}-->" />
+ <input type="text" name="tel" maxlength="<!--{$smarty.const.TEL_LEN}-->" value="<!--{$list_data.tel|h}-->" size="30" class="box30" style="<!--{$arrErr.tel|sfGetErrorColor}-->" />
</td>
</tr>
<tr>
@@ -65,7 +65,7 @@
<!--{if $arrErr.birth_month}--><span class="attention"><!--{$arrErr.birth_month}--></span><br /><!--{/if}-->
<select name="birth_month" style="<!--{$arrErr.birth_month|sfGetErrorColor}-->" >
<option value="" selected="selected">--</option>
- <!--{html_options options=$objDate->getMonth() selected=$list_data.birth_month|escape}-->
+ <!--{html_options options=$objDate->getMonth() selected=$list_data.birth_month|h}-->
</select>月
</td>
</tr>
@@ -85,16 +85,16 @@
<th>購入回数</th>
<td>
<!--{if $arrErr.buy_times_from || $arrErr.buy_times_to}--><span class="attention"><!--{$arrErr.buy_times_from}--><!--{$arrErr.buy_times_to}--></span><br /><!--{/if}-->
- <input type="text" name="buy_times_from" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$list_data.buy_times_from|escape}-->" size="6" class="box6" style="<!--{$arrErr.buy_times_from|sfGetErrorColor}-->" /> 回 〜
- <input type="text" name="buy_times_to" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$list_data.buy_times_to|escape}-->" size="6" class="box6" style="<!--{$arrErr.buy_times_to|sfGetErrorColor}-->" /> 回
+ <input type="text" name="buy_times_from" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$list_data.buy_times_from|h}-->" size="6" class="box6" style="<!--{$arrErr.buy_times_from|sfGetErrorColor}-->" /> 回 〜
+ <input type="text" name="buy_times_to" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$list_data.buy_times_to|h}-->" size="6" class="box6" style="<!--{$arrErr.buy_times_to|sfGetErrorColor}-->" /> 回
</td>
<th>購入金額</th>
<td>
<!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}-->
<span class="attention"><!--{$arrErr.buy_total_from}--><!--{$arrErr.buy_total_to}--></span><br />
<!--{/if}-->
- <input type="text" name="buy_total_from" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$list_data.buy_total_from|escape}-->" size="6" class="box6" <!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 円 〜
- <input type="text" name="buy_total_to" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$list_data.buy_total_to|escape}-->" size="6" class="box6" <!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 円
+ <input type="text" name="buy_total_from" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$list_data.buy_total_from|h}-->" size="6" class="box6" <!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 円 〜
+ <input type="text" name="buy_total_to" maxlength="<!--{$smarty.const.INT_LEN}-->" value="<!--{$list_data.buy_total_to|h}-->" size="6" class="box6" <!--{if $arrErr.buy_total_from || $arrErr.buy_total_to}--><!--{sfSetErrorStyle}--><!--{/if}--> /> 円
</td>
</tr>
<tr>
@@ -102,7 +102,7 @@
<td colspan="3">
<!--{if $arrErr.email}--><span class="attention"><!--{$arrErr.email}--></span><!--{/if}-->
<span style="<!--{$arrErr.email|sfGetErrorColor}-->">
- <input type="text" name="email" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.email|escape}-->" size="60" class="box60" style="<!--{$arrErr.email|sfGetErrorColor}-->"/>
+ <input type="text" name="email" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.email|h}-->" size="60" class="box60" style="<!--{$arrErr.email|sfGetErrorColor}-->"/>
</span>
</td>
</tr>
@@ -112,7 +112,7 @@
<td colspan="3">
<!--{if $arrErr.email_mobile}--><span class="attention"><!--{$arrErr.email_mobile}--></span><!--{/if}-->
<span style="<!--{$arrErr.email_mobile|sfGetErrorColor}-->">
- <input type="text" name="email_mobile" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.email_mobile|escape}-->" size="60" class="box60" style="<!--{$arrErr.email_mobile|sfGetErrorColor}-->"/>
+ <input type="text" name="email_mobile" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.email_mobile|h}-->" size="60" class="box60" style="<!--{$arrErr.email_mobile|sfGetErrorColor}-->"/>
</span>
</td>
</tr>
@@ -228,7 +228,7 @@
<td>
<!--{if $arrErr.buy_product_name}--><span class="attention"><!--{$arrErr.buy_product_name}--></span><!--{/if}-->
<span style="<!--{$arrErr.buy_product_name|sfGetErrorColor}-->">
- <input type="text" name="buy_product_name" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.buy_product_name|escape}-->" size="30" class="box30" style="<!--{$arrErr.buy_product_name|sfGetErrorColor}-->" />
+ <input type="text" name="buy_product_name" maxlength="<!--{$smarty.const.STEXT_LEN}-->" value="<!--{$list_data.buy_product_name|h}-->" size="30" class="box30" style="<!--{$arrErr.buy_product_name|sfGetErrorColor}-->" />
</span>
</td>
<th>カテゴリ</th>
@@ -255,7 +255,7 @@
<input type="hidden" name="search_pageno" value="<!--{$tpl_pageno}-->" />
<input type="hidden" name="result_email" value="" />
<!--{foreach key=key item=val from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$val|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$val|h}-->" />
<!--{/foreach}-->
<h2>検索結果一覧</h2>
@@ -298,15 +298,15 @@
<!--{/foreach}-->
</td>
- <td><!--{$arrResults[i].name01|escape}--> <!--{$arrResults[i].name02|escape}--></td>
- <td><!--{$arrResults[i].email|escape}--></td>
+ <td><!--{$arrResults[i].name01|h}--> <!--{$arrResults[i].name02|h}--></td>
+ <td><!--{$arrResults[i].email|h}--></td>
<!--{assign var="key" value="`$arrResults[i].mailmaga_flg`"}-->
<td class="center"><!--{$arrMAILMAGATYPE[$key]}--></td>
<td><!--{$arrResults[i].create_date|sfDispDBDate}--></td>
<!--{if $arrResults[i].customer_id != ""}-->
<td class="center">-</td>
<!--{else}-->
- <td class="center"><a href="?" onclick="fnFormModeSubmit('form1','delete','result_email','<!--{$arrResults[i].email|escape}-->'); return false;">削除</a></td>
+ <td class="center"><a href="?" onclick="fnFormModeSubmit('form1','delete','result_email','<!--{$arrResults[i].email|h}-->'); return false;">削除</a></td>
<!--{/if}-->
</tr>
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/input.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/input.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/input.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<form name="form1" id="form1" method="post" action="?">
<!--{foreach key=key item=val from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$val|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$val|h}-->" />
<!--{/foreach}-->
<div id="mail" class="contents-main">
<table class="form">
@@ -70,14 +70,14 @@
<th>Subject<span class="attention"> *</span></th>
<td>
<!--{if $arrErr.subject}--><span class="attention"><!--{$arrErr.subject}--></span><!--{/if}-->
- <input type="text" name="subject" size="65" class="box65" <!--{if $arrErr.subject}--><!--{sfSetErrorStyle}--><!--{/if}--> value="<!--{$list_data.subject|escape}-->" />
+ <input type="text" name="subject" size="65" class="box65" <!--{if $arrErr.subject}--><!--{sfSetErrorStyle}--><!--{/if}--> value="<!--{$list_data.subject|h}-->" />
</td>
</tr>
<tr>
<th>本文<span class="attention"> *</span><br />(名前差し込み時は {name} といれてください)</th>
<td>
<!--{if $arrErr.body}--><span class="attention"><!--{$arrErr.body}--></span><!--{/if}-->
- <textarea name="body" cols="90" rows="40" class="area90" <!--{if $arrErr.body}--><!--{sfSetErrorStyle}--><!--{/if}-->><!--{$list_data.body|escape}--></textarea>
+ <textarea name="body" cols="90" rows="40" class="area90" <!--{if $arrErr.body}--><!--{sfSetErrorStyle}--><!--{/if}-->><!--{$list_data.body|h}--></textarea>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/input_complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/input_complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/input_complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<form name="form1" id="form1" method="post" action="?">
<!--{foreach key=key item=val from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$val|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$val|h}-->" />
<!--{/foreach}-->
<input type="hidden" name="mode" value="template" />
<div id="mail" class="contents-main">
@@ -41,8 +41,8 @@
</form>
<form name="form2" id="form2" method="post" action="./preview.php" target="_blank">
-<input type="hidden" name="subject" value="<!--{$list_data.subject|escape}-->" />
-<input type="hidden" name="body" value="<!--{$list_data.body|escape}-->" />
+<input type="hidden" name="subject" value="<!--{$list_data.subject|h}-->" />
+<input type="hidden" name="body" value="<!--{$list_data.body|h}-->" />
<div id="mail2" class="contents-main">
<h2>HTMLメール作成</h2>
<div class="message">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/input_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/input_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/input_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<form name="form1" id="form1" method="post" action="?">
<!--{foreach key=key item=val from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$val|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$val|h}-->" />
<!--{/foreach}-->
<div id="mail" class="contents-main">
<table class="form">
@@ -40,7 +40,7 @@
<!--{if $list_data.template_id}-->
<tr>
<th>Subject<span class="attention"> *</span></th>
- <td><!--{$list_data.subject|escape}--></td>
+ <td><!--{$list_data.subject|h}--></td>
</tr>
<!--{if $list_data.mail_method ne 2}-->
<tr>
@@ -50,7 +50,7 @@
<!--{if $smarty.post.template_mode ne "html_template"}-->
<tr>
<th>本文<span class="attention"> *</span><br />(名前差し込み時は {name} といれてください)</th>
- <td><!--{$list_data.body|escape|nl2br}--></td>
+ <td><!--{$list_data.body|h|nl2br}--></td>
</tr>
<!--{/if}-->
<!--{/if}-->
@@ -69,6 +69,6 @@
<input type="hidden" name="mode" value="template">
</form>
<form name="form2" id="form2" method="post" action="./preview.php" target="_blank">
- <input type="hidden" name="subject" value="<!--{$list_data.subject|escape}-->" />
- <input type="hidden" name="body" value="<!--{$list_data.body|escape}-->" />
+ <input type="hidden" name="subject" value="<!--{$list_data.subject|h}-->" />
+ <input type="hidden" name="body" value="<!--{$list_data.body|h}-->" />
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/preview.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/preview.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/preview.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -21,4 +21,4 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
*}-->
-<!--{if $escape_flag eq 1}--><!--{$body|escape|nl2br}--><!--{else}--><!--{$body}--><!--{/if}-->
+<!--{if $escape_flag eq 1}--><!--{$body|h|nl2br}--><!--{else}--><!--{$body}--><!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/query.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/query.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/query.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -39,11 +39,11 @@
<table class="form">
<tr>
<th>顧客名</th>
- <td><!--{$list_data.name|escape|default:"(未指定)"}--></td>
+ <td><!--{$list_data.name|default:"(未指定)"|h}--></td>
</tr>
<tr>
<th>顧客名(カナ)</th>
- <td width="249"><!--{$list_data.kana|escape|default:"(未指定)"}--></td>
+ <td width="249"><!--{$list_data.kana|default:"(未指定)"|h}--></td>
</tr>
<tr>
<th>都道府県</th>
@@ -51,7 +51,7 @@
</tr>
<tr>
<th>TEL</th>
- <td width="249"><!--{$list_data.tel|escape|default:"(未指定)"}--></td>
+ <td width="249"><!--{$list_data.tel|default:"(未指定)"|h}--></td>
</tr>
<tr>
<th>性別</th>
@@ -59,45 +59,45 @@
</tr>
<tr>
<th>誕生月</th>
- <td width="249"><!--{if $list_data.birth_month}--><!--{$list_data.birth_month|escape}-->月<!--{else}-->(未指定)<!--{/if}--></td>
+ <td width="249"><!--{if $list_data.birth_month}--><!--{$list_data.birth_month|h}-->月<!--{else}-->(未指定)<!--{/if}--></td>
</tr>
<tr>
<th>配信形式</th>
- <td><!--{$list_data.htmlmail_disp|escape|default:"(未指定)"}--></td>
+ <td><!--{$list_data.htmlmail_disp|default:"(未指定)"|h}--></td>
</tr>
<tr>
<th>購入回数</th>
<td>
- <!--{if $list_data.buy_times_from == null}-->(未指定)<!--{else}--><!--{$list_data.buy_times_from|escape}-->回<!--{/if}--> 〜
- <!--{if $list_data.buy_times_to == null}-->(未指定)<!--{else}--><!--{$list_data.buy_times_to|escape}-->回<!--{/if}-->
+ <!--{if $list_data.buy_times_from == null}-->(未指定)<!--{else}--><!--{$list_data.buy_times_from|h}-->回<!--{/if}--> 〜
+ <!--{if $list_data.buy_times_to == null}-->(未指定)<!--{else}--><!--{$list_data.buy_times_to|h}-->回<!--{/if}-->
</td>
</tr>
<!--{*非会員は選択できない
<tr>
<th>種別</th>
<td>
- <!--{$list_data.customer|escape|default:"すべて"}-->
+ <!--{$list_data.customer|default:"すべて"|h}-->
</td>
</tr>
*}-->
<tr>
<th>購入商品コード</th>
- <td><!--{$list_data.buy_product_code|escape|default:"(未指定)"}--></td>
+ <td><!--{$list_data.buy_product_code|default:"(未指定)"|h}--></td>
</tr>
<tr>
<th>購入金額</th>
<td>
- <!--{if $list_data.buy_total_from == null}-->(未指定)<!--{else}--><!--{$list_data.buy_total_from|escape}-->円<!--{/if}--> 〜
- <!--{if $list_data.buy_total_to == null}-->(未指定)<!--{else}--><!--{$list_data.buy_total_to|escape}-->円<!--{/if}-->
+ <!--{if $list_data.buy_total_from == null}-->(未指定)<!--{else}--><!--{$list_data.buy_total_from|h}-->円<!--{/if}--> 〜
+ <!--{if $list_data.buy_total_to == null}-->(未指定)<!--{else}--><!--{$list_data.buy_total_to|h}-->円<!--{/if}-->
</td>
</tr>
<tr>
<th>メールアドレス</th>
- <td><!--{$list_data.email|escape|default:"(未指定)"}--></td>
+ <td><!--{$list_data.email|default:"(未指定)"|h}--></td>
</tr>
<tr>
<th>職業</th>
- <td><!--{$list_data.job_disp|escape|default:"(未指定)"}--></td>
+ <td><!--{$list_data.job_disp|default:"(未指定)"|h}--></td>
</tr>
<tr>
<th>生年月日</th>
@@ -125,11 +125,11 @@
</tr>
<tr>
<th>購入商品名</th>
- <td><!--{$list_data.buy_product_name|escape|default:"(未指定)"}--></td>
+ <td><!--{$list_data.buy_product_name|default:"(未指定)"|h}--></td>
</tr>
<tr>
<th>カテゴリ</th>
- <td><!--{$list_data.category_name|escape|default:"(未指定)"}--></td>
+ <td><!--{$list_data.category_name|default:"(未指定)"|h}--></td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/template.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/template.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/template.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -34,12 +34,12 @@
</tr>
<!--{section name=data loop=$list_data}-->
<tr>
- <td><!--{$list_data[data].disp_date|escape|date_format:'%Y/%m/%d'}--></td>
- <td class="left"><!--{$list_data[data].subject|escape}--></td>
- <!--{assign var=type value=$list_data[data].mail_method|escape}-->
+ <td><!--{$list_data[data].disp_date|date_format:'%Y/%m/%d'|h}--></td>
+ <td class="left"><!--{$list_data[data].subject|h}--></td>
+ <!--{assign var=type value=$list_data[data].mail_method|h}-->
<td><!--{$arrMagazineType[$type]}--></td>
<td><!--{if $list_data[data].mail_method eq 3}--><a href="./htmlmail.php?mode=edit&template_id=<!--{$list_data[data].template_id}-->"><!--{else}--><a href="./template_input.php?mode=edit&template_id=<!--{$list_data[data].template_id}-->"><!--{/if}-->編集</a></td>
- <td><a href="" onclick="fnDelete('<!--{$smarty.server.PHP_SELF|escape}-->?mode=delete&id=<!--{$list_data[data].template_id}-->'); return false;">削除</a></td>
+ <td><a href="" onclick="fnDelete('<!--{$smarty.server.PHP_SELF|h}-->?mode=delete&id=<!--{$list_data[data].template_id}-->'); return false;">削除</a></td>
<td><!--{if $list_data[data].mail_method eq 3}--><a href="" onclick="win03('./preview.php?method=template&id=<!--{$list_data[data].template_id}-->','preview','650','700'); return false;" target="_blank"><!--{else}--><a href="" onclick="win03('./preview.php?id=<!--{$list_data[data].template_id}-->','preview','650','700'); return false;" target="_blank"><!--{/if}-->プレビュー</a></td>
</tr>
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/mail/template_input.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/mail/template_input.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/mail/template_input.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -66,14 +66,14 @@
<tr>
<th>Subject<span class="attention"> *</span></th>
<td>
- <input type="text" name="subject" size="65" class="box65" <!--{if $arrErr.subject}--><!--{sfSetErrorStyle}--><!--{/if}--> value="<!--{$arrForm.subject|escape}-->" />
+ <input type="text" name="subject" size="65" class="box65" <!--{if $arrErr.subject}--><!--{sfSetErrorStyle}--><!--{/if}--> value="<!--{$arrForm.subject|h}-->" />
<!--{if $arrErr.subject}--><br /><span class="attention"><!--{$arrErr.subject}--></span><!--{/if}-->
</td>
</tr>
<tr>
<th>本文<span class="attention"> *</span><br />(名前差し込み時は {name} といれてください)</th>
<td>
- <textarea name="body" cols="90" rows="40" class="area90" <!--{if $arrErr.body}--><!--{sfSetErrorStyle}--><!--{/if}-->><!--{$arrForm.body|escape}--></textarea>
+ <textarea name="body" cols="90" rows="40" class="area90" <!--{if $arrErr.body}--><!--{sfSetErrorStyle}--><!--{/if}-->><!--{$arrForm.body|h}--></textarea>
<!--{if $arrErr.body}--><br /><span class="attention"><!--{$arrErr.body}--></span><!--{/if}-->
<div>
<a class="btn-normal" href="javascript:;" onclick="fnCharCount('form1','body','cnt_footer');" name="next" id="next"><span>文字数カウント</span></a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/main_frame.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/main_frame.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/main_frame.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -43,15 +43,17 @@
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/css.js"></script>
<script type="text/javascript" src="<!--{$TPL_DIR}-->js/file_manager.js"></script>
<title><!--{$smarty.const.ADMIN_TITLE}--></title>
-<script type="text/javascript">
-<!--
-<!--{$tpl_javascript}-->
-//-->
+<script type="text/javascript">//<![CDATA[
+ <!--{$tpl_javascript}-->
+ $(function(){
+ <!--{$tpl_onload}-->
+ });
+//]]>
</script>
</head>
-<body onload="<!--{$tpl_onload}-->" class="<!--{if strlen($tpl_authority) >= 1}-->authority_<!--{$tpl_authority}--><!--{/if}-->">
+<body class="<!--{if strlen($tpl_authority) >= 1}-->authority_<!--{$tpl_authority}--><!--{/if}-->">
<!--{$GLOBAL_ERR}-->
<noscript>
<p>JavaScript を有効にしてご利用下さい.</p>
@@ -72,7 +74,7 @@
<li><a href="<!--{$smarty.const.SITE_URL}--><!--{$smarty.const.DIR_INDEX_URL}-->" target="_blank"><span>SITE CHECK</span></a></li>
</ul>
<p>
- WELCOME! <span><!--{* ログイン名 *}--><!--{$smarty.session.login_name|escape}--></span> 様
+ WELCOME! <span><!--{* ログイン名 *}--><!--{$smarty.session.login_name|h}--></span> 様
<a href="<!--{$smarty.const.URL_LOGOUT}-->">LOGOUT</a>
</p>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/order/disp.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/order/disp.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/order/disp.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -68,15 +68,15 @@
</tr>
<tr>
<th>顧客名</th>
- <td><!--{$arrForm.order_name01.value|escape}--> <!--{$arrForm.order_name02.value|escape}--></td>
+ <td><!--{$arrForm.order_name01.value|h}--> <!--{$arrForm.order_name02.value|h}--></td>
</tr>
<tr>
<th>顧客名(カナ)</th>
- <td><!--{$arrForm.order_kana01.value|escape}--> <!--{$arrForm.order_kana02.value|escape}--></td>
+ <td><!--{$arrForm.order_kana01.value|h}--> <!--{$arrForm.order_kana02.value|h}--></td>
</tr>
<tr>
<th>メールアドレス</th>
- <td><a href="mailto:<!--{$arrForm.order_email.value|escape}-->"><!--{$arrForm.order_email.value|escape}--></a></td>
+ <td><a href="mailto:<!--{$arrForm.order_email.value|h}-->"><!--{$arrForm.order_email.value|h}--></a></td>
</tr>
<tr>
<th>TEL</th>
@@ -92,7 +92,7 @@
</tr>
<tr>
<th>備考</th>
- <td><!--{$arrForm.message.value|escape|nl2br}--></td>
+ <td><!--{$arrForm.message.value|h|nl2br}--></td>
</tr>
</table>
@@ -104,8 +104,8 @@
<td>
<!--{assign var=key1 value="deliv_name01"}-->
<!--{assign var=key2 value="deliv_name02"}-->
- <!--{$arrForm[$key1].value|escape}-->
- <!--{$arrForm[$key2].value|escape}-->
+ <!--{$arrForm[$key1].value|h}-->
+ <!--{$arrForm[$key2].value|h}-->
</td>
</tr>
<tr>
@@ -113,8 +113,8 @@
<td>
<!--{assign var=key1 value="deliv_kana01"}-->
<!--{assign var=key2 value="deliv_kana02"}-->
- <!--{$arrForm[$key1].value|escape}-->
- <!--{$arrForm[$key2].value|escape}-->
+ <!--{$arrForm[$key1].value|h}-->
+ <!--{$arrForm[$key2].value|h}-->
</td>
</tr>
<tr>
@@ -122,7 +122,7 @@
<td>
<!--{assign var=key1 value="deliv_zip01"}-->
<!--{assign var=key2 value="deliv_zip02"}-->
- 〒<!--{$arrForm[$key1].value|escape}-->-<!--{$arrForm[$key2].value|escape}-->
+ 〒<!--{$arrForm[$key1].value|h}-->-<!--{$arrForm[$key2].value|h}-->
</td>
</tr>
<tr>
@@ -131,7 +131,7 @@
<!--{assign var=key1 value="deliv_tel01"}-->
<!--{assign var=key2 value="deliv_tel02"}-->
<!--{assign var=key3 value="deliv_tel03"}-->
- <!--{$arrForm[$key1].value|escape}-->-<!--{$arrForm[$key2].value|escape}-->-<!--{$arrForm[$key3].value|escape}-->
+ <!--{$arrForm[$key1].value|h}-->-<!--{$arrForm[$key2].value|h}-->-<!--{$arrForm[$key3].value|h}-->
</td>
</tr>
<tr>
@@ -140,9 +140,9 @@
<!--{assign var=pref value=`$arrForm.deliv_pref.value`}-->
<!--{$arrPref[$pref]}-->
<!--{assign var=key value="deliv_addr01"}-->
- <!--{$arrForm[$key].value|escape}-->
+ <!--{$arrForm[$key].value|h}-->
<!--{assign var=key value="deliv_addr02"}-->
- <!--{$arrForm[$key].value|escape}-->
+ <!--{$arrForm[$key].value|h}-->
</td>
</tr>
</table>
@@ -160,10 +160,10 @@
<!--{section name=cnt loop=$arrForm.quantity.value}-->
<!--{assign var=key value="`$smarty.section.cnt.index`"}-->
<tr>
- <td><!--{$arrForm.product_code.value[$key]|escape}--></td>
- <td><!--{$arrForm.product_name.value[$key]|escape}-->/<!--{$arrForm.classcategory_name1.value[$key]|escape|default:"(なし)"}-->/<!--{$arrForm.classcategory_name2.value[$key]|escape|default:"(なし)"}--></td>
+ <td><!--{$arrForm.product_code.value[$key]|h}--></td>
+ <td><!--{$arrForm.product_name.value[$key]|h}-->/<!--{$arrForm.classcategory_name1.value[$key]|default:"(なし)"|h}-->/<!--{$arrForm.classcategory_name2.value[$key]|default:"(なし)"|h}--></td>
<td class="right"><!--{if $arrForm.price.value[$key] != 0}--><!--{$arrForm.price.value[$key]|number_format}-->円<!--{else}-->無料<!--{/if}--></td>
- <td class="center"><!--{$arrForm.quantity.value[$key]|escape}--></td>
+ <td class="center"><!--{$arrForm.quantity.value[$key]|h}--></td>
<!--{assign var=price value=`$arrForm.price.value[$key]`}-->
<!--{assign var=quantity value=`$arrForm.quantity.value[$key]`}-->
<td class="right"><!--{if $price != 0}--><!--{$price|sfCalcIncTax:$arrInfo.tax:$arrInfo.tax_rule|sfMultiply:$quantity|number_format}-->円<!--{else}-->無料<!--{/if}--></td>
@@ -186,12 +186,12 @@
<!--{/if}-->
<tr>
<th colspan="4" class="right">送料</th>
- <td align="right"><!--{assign var=key value="deliv_fee"}--><!--{$arrForm[$key].value|escape|number_format}--> 円</td>
+ <td align="right"><!--{assign var=key value="deliv_fee"}--><!--{$arrForm[$key].value|number_format|h}--> 円</td>
</tr>
<tr>
<th colspan="4" class="right">手数料</th>
<td align="right"><!--{assign var=key value="charge"}-->
- <span class="attention"><!--{$arrErr[$key]}--></span><!--{$arrForm[$key].value|escape|number_format}--> 円</td>
+ <span class="attention"><!--{$arrErr[$key]}--></span><!--{$arrForm[$key].value|number_format|h}--> 円</td>
</tr>
<tr>
<th colspan="4" class="right">合計</th>
@@ -246,7 +246,7 @@
<th>お支払方法</th>
<td>
<!--{assign var=payment_id value="`$arrForm.payment_id.value`"}-->
- <!--{$arrPayment[$payment_id]|escape}-->
+ <!--{$arrPayment[$payment_id]|h}-->
</td>
</tr>
<!--{if $arrForm.payment_info.value|@count > 0}-->
@@ -278,7 +278,7 @@
<th>メモ</th>
<td>
<!--{assign var=key value="note"}-->
- <!--{$arrForm[$key].value|escape|nl2br}-->
+ <!--{$arrForm[$key].value|h|nl2br}-->
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/order/edit.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/order/edit.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/order/edit.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -134,7 +134,7 @@
</table>
<!--{foreach key=key item=item from=$arrSearchHidden}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<h2>お客様情報
<!--{if $tpl_mode == 'add'}-->
@@ -159,8 +159,8 @@
<!--{assign var=key1 value="order_name01"}-->
<!--{assign var=key2 value="order_name02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box15" />
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box15" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box15" />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box15" />
</td>
</tr>
<tr>
@@ -169,8 +169,8 @@
<!--{assign var=key1 value="order_kana01"}-->
<!--{assign var=key2 value="order_kana02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box15" />
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box15" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box15" />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box15" />
</td>
</tr>
<tr>
@@ -178,7 +178,7 @@
<td>
<!--{assign var=key1 value="order_email"}-->
<span class="attention"><!--{$arrErr[$key1]}--></span>
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="30" class="box30" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="30" class="box30" />
</td>
</tr>
<tr>
@@ -190,9 +190,9 @@
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box6" />
</td>
</tr>
<tr>
@@ -202,9 +202,9 @@
<!--{assign var=key2 value="order_zip02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
〒
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
-
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
<a class="btn-normal" href="javascript:;" name="address_input" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'order_zip01', 'order_zip02', 'order_pref', 'order_addr01');">住所入力</a><br />
<!--{assign var=key value="order_pref"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
@@ -214,15 +214,15 @@
</select><br />
<!--{assign var=key value="order_addr01"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /><br />
<!--{assign var=key value="order_addr02"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
</td>
</tr>
<tr>
<th>備考</th>
- <td><!--{$arrForm.message.value|escape|nl2br}--></td>
+ <td><!--{$arrForm.message.value|h|nl2br}--></td>
</tr>
<tr>
<th>現在ポイント</th>
@@ -249,8 +249,8 @@
<!--{assign var=key1 value="deliv_name01"}-->
<!--{assign var=key2 value="deliv_name02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box15" />
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box15" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box15" />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box15" />
</td>
</tr>
<tr>
@@ -259,8 +259,8 @@
<!--{assign var=key1 value="deliv_kana01"}-->
<!--{assign var=key2 value="deliv_kana02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box15" />
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box15" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box15" />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box15" />
</td>
</tr>
<tr>
@@ -272,9 +272,9 @@
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box6" />
</td>
</tr>
<tr>
@@ -284,9 +284,9 @@
<!--{assign var=key2 value="deliv_zip02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
〒
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
-
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
<a class="btn-normal" href="javascript:;" name="address_input" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'deliv_zip01', 'deliv_zip02', 'deliv_pref', 'deliv_addr01');">住所入力</a><br />
<!--{assign var=key value="deliv_pref"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
@@ -296,10 +296,10 @@
</select><br />
<!--{assign var=key value="deliv_addr01"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" /><br />
<!--{assign var=key value="deliv_addr02"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="60" class="box60" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
</td>
</tr>
</table>
@@ -329,11 +329,11 @@
<!--{assign var=key value="`$smarty.section.cnt.index`"}-->
<tr>
<td>
- <!--{$arrForm.product_code.value[$key]|escape}-->
+ <!--{$arrForm.product_code.value[$key]|h}-->
<input type="hidden" name="product_code[<!--{$key}-->]" value="<!--{$arrForm.product_code.value[$key]}-->" id="product_code_<!--{$key}-->" />
</td>
<td>
- <!--{$arrForm.product_name.value[$key]|escape}-->/<!--{$arrForm.classcategory_name1.value[$key]|escape|default:"(なし)"}-->/<!--{$arrForm.classcategory_name2.value[$key]|escape|default:"(なし)"}-->
+ <!--{$arrForm.product_name.value[$key]|h}-->/<!--{$arrForm.classcategory_name1.value[$key]|default:"(なし)"|h}-->/<!--{$arrForm.classcategory_name2.value[$key]|default:"(なし)"|h}-->
<input type="hidden" name="product_name[<!--{$key}-->]" value="<!--{$arrForm.product_name.value[$key]}-->" id="product_name_<!--{$key}-->" />
<input type="hidden" name="classcategory_name1[<!--{$key}-->]" value="<!--{$arrForm.classcategory_name1.value[$key]}-->" id="classcategory_name1_<!--{$key}-->" />
<input type="hidden" name="classcategory_name2[<!--{$key}-->]" value="<!--{$arrForm.classcategory_name2.value[$key]}-->" id="classcategory_name2_<!--{$key}-->" />
@@ -346,8 +346,8 @@
<input type="hidden" name="product_class_id[<!--{$key}-->]" value="<!--{$arrForm.product_class_id.value[$key]}-->" id="product_class_id_<!--{$key}-->" />
<input type="hidden" name="point_rate[<!--{$key}-->]" value="<!--{$arrForm.point_rate.value[$key]}-->" id="point_rate_<!--{$key}-->" />
</td>
- <td align="center"><input type="text" name="price[<!--{$key}-->]" value="<!--{$arrForm.price.value[$key]|escape}-->" size="6" class="box6" maxlength="<!--{$arrForm.price.length}-->" id="price_<!--{$key}-->"/> 円</td>
- <td align="center"><input type="text" name="quantity[<!--{$key}-->]" value="<!--{$arrForm.quantity.value[$key]|escape}-->" size="3" class="box3" maxlength="<!--{$arrForm.quantity.length}-->"/></td>
+ <td align="center"><input type="text" name="price[<!--{$key}-->]" value="<!--{$arrForm.price.value[$key]|h}-->" size="6" class="box6" maxlength="<!--{$arrForm.price.length}-->" id="price_<!--{$key}-->"/> 円</td>
+ <td align="center"><input type="text" name="quantity[<!--{$key}-->]" value="<!--{$arrForm.quantity.value[$key]|h}-->" size="3" class="box3" maxlength="<!--{$arrForm.quantity.length}-->"/></td>
<!--{assign var=price value=`$arrForm.price.value[$key]`}-->
<!--{assign var=quantity value=`$arrForm.quantity.value[$key]`}-->
<td class="right"><!--{$price|sfCalcIncTax:$arrInfo.tax:$arrInfo.tax_rule|number_format}--> 円</td>
@@ -363,7 +363,7 @@
<td class="right">
<!--{assign var=key value="discount"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="5" class="box6" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="5" class="box6" />
円
</td>
</tr>
@@ -372,7 +372,7 @@
<td class="right">
<!--{assign var=key value="deliv_fee"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="5" class="box6" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="5" class="box6" />
円
</td>
</tr>
@@ -381,7 +381,7 @@
<td class="right">
<!--{assign var=key value="charge"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="5" class="box6" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="5" class="box6" />
円
</td>
</tr>
@@ -406,7 +406,7 @@
<td class="right">
<!--{assign var=key value="use_point"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape|default:0}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="5" class="box6" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|default:0|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="5" class="box6" />
pt
</td>
</tr>
@@ -470,8 +470,8 @@
<!--{assign var=key value="deliv_date"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
<input
- name="<!--{$key|escape}-->"
- value="<!--{$arrForm[$key].value|escape}-->"
+ name="<!--{$key|h}-->"
+ value="<!--{$arrForm[$key].value|h}-->"
style="<!--{$arrErr[$key]|sfGetErrorColor}-->"
size="30"
maxlength="<!--{$arrForm[$key].length}-->"
@@ -483,7 +483,7 @@
<td>
<!--{assign var=key value="note"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$key}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="80" rows="6" class="area80" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|escape}--></textarea></td>
+ <textarea name="<!--{$key}-->" maxlength="<!--{$arrForm[$key].length}-->" cols="80" rows="6" class="area80" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrForm[$key].value|h}--></textarea></td>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/order/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/order/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/order/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -90,9 +90,9 @@
<!--{assign var=key2 value="search_order_id2"}-->
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
〜
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
</td>
<th>対応状況</th>
<td>
@@ -109,13 +109,13 @@
<td>
<!--{assign var=key value="search_order_name"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
</td>
<th>顧客名(カナ)</th>
<td>
<!--{assign var=key value="search_order_kana"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
</td>
</tr>
<tr>
@@ -123,13 +123,13 @@
<td>
<!--{assign var=key value="search_order_email"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
</td>
<th>TEL</th>
<td>
<!--{assign var=key value="search_order_tel"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
</td>
</tr>
<tr>
@@ -175,7 +175,7 @@
<th>支払方法</th>
<td colspan="3">
<!--{assign var=key value="search_payment_id"}-->
- <span class="attention"><!--{$arrErr[$key]|escape}--></span>
+ <span class="attention"><!--{$arrErr[$key]|h}--></span>
<!--{html_checkboxes name="$key" options=$arrPayment|escape selected=$arrForm[$key].value}-->
</td>
</tr>
@@ -248,16 +248,16 @@
<!--{assign var=key2 value="search_total2"}-->
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box6" />
円 〜
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box6" />
円
</td>
<th>購入商品</th>
<td>
<!--{assign var=key value="search_product_name"}-->
<!--{if $arrErr[$key]}--><span class="attention"><!--{$arrErr[$key]}--></span><!--{/if}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="6" class="box30" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="6" class="box30" />
</td>
</tr>
</table>
@@ -281,7 +281,7 @@
<input type="hidden" name="mode" value="search" />
<input type="hidden" name="order_id" value="" />
<!--{foreach key=key item=item from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<h2>検索結果一覧</h2>
<div class="btn">
@@ -323,7 +323,7 @@
<tr style="background:<!--{$arrORDERSTATUS_COLOR[$status]}-->;">
<td class="center"><!--{$arrResults[cnt].create_date|sfDispDBDate}--></td>
<td class="center"><!--{$arrResults[cnt].order_id}--></td>
- <td><!--{$arrResults[cnt].order_name01|escape}--> <!--{$arrResults[cnt].order_name02|escape}--></td>
+ <td><!--{$arrResults[cnt].order_name01|h}--> <!--{$arrResults[cnt].order_name02|h}--></td>
<!--{assign var=payment_id value="`$arrResults[cnt].payment_id`"}-->
<td class="center"><!--{$arrPayment[$payment_id]}--></td>
<td class="right"><!--{$arrResults[cnt].total|number_format}--></td>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/order/mail.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/order/mail.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/order/mail.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<input type="hidden" name="mode" value="confirm" />
<input type="hidden" name="order_id" value="<!--{$tpl_order_id}-->" />
<!--{foreach key=key item=item from=$arrSearchHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<div id="order" class="contents-main">
<h2>メール配信</h2>
@@ -37,10 +37,10 @@
</tr>
<!--{section name=cnt loop=$arrMailHistory}-->
<tr class="center">
- <td><!--{$arrMailHistory[cnt].send_date|sfDispDBDate|escape}--></td>
+ <td><!--{$arrMailHistory[cnt].send_date|sfDispDBDate|h}--></td>
<!--{assign var=key value="`$arrMailHistory[cnt].template_id`"}-->
- <td><!--{$arrMAILTEMPLATE[$key]|escape}--></td>
- <td><a href="?" onclick="win02('./mail_view.php?send_id=<!--{$arrMailHistory[cnt].send_id}-->','mail_view','650','800'); return false;"><!--{$arrMailHistory[cnt].subject|escape}--></a></td>
+ <td><!--{$arrMAILTEMPLATE[$key]|h}--></td>
+ <td><a href="?" onclick="win02('./mail_view.php?send_id=<!--{$arrMailHistory[cnt].send_id}-->','mail_view','650','800'); return false;"><!--{$arrMailHistory[cnt].subject|h}--></a></td>
</tr>
<!--{/section}-->
</table>
@@ -53,7 +53,7 @@
<span class="attention"><!--{$arrErr[$key]}--></span>
<select name="template_id" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" onchange="fnModeSubmit('change', '', '');">
<option value="" selected="selected">選択してください</option>
- <!--{html_options options=$arrMAILTEMPLATE selected=$arrForm[$key].value|escape}-->
+ <!--{html_options options=$arrMAILTEMPLATE selected=$arrForm[$key].value|h}-->
</select>
</td>
</tr>
@@ -62,7 +62,7 @@
<td>
<!--{assign var=key value="subject"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="30" class="box30" />
</td>
</tr>
<tr>
@@ -70,7 +70,7 @@
<td>
<!--{assign var=key value="header"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" cols="75" rows="12" class="area75"><!--{$arrForm[$key].value|escape}--></textarea>
+ <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" cols="75" rows="12" class="area75"><!--{$arrForm[$key].value|h}--></textarea>
</td>
</tr>
<tr>
@@ -81,7 +81,7 @@
<td>
<!--{assign var=key value="footer"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" cols="75" rows="12" class="area75"><!--{$arrForm[$key].value|escape}--></textarea>
+ <textarea name="<!--{$arrForm[$key].keyname}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" cols="75" rows="12" class="area75"><!--{$arrForm[$key].value|h}--></textarea>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/order/mail_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/order/mail_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/order/mail_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,10 +25,10 @@
<input type="hidden" name="mode" value="send" />
<input type="hidden" name="order_id" value="<!--{$tpl_order_id}-->" />
<!--{foreach key=key item=item from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<!--{foreach key=key item=item from=$arrSearchHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<div id="order" class="contents-main">
<h2>メール配信</h2>
@@ -36,11 +36,11 @@
<table class="form">
<tr>
<th>件名</th>
- <td><!--{$tpl_subject|escape}--></td>
+ <td><!--{$tpl_subject|h}--></td>
</tr>
<tr>
<th>本文</th>
- <td><!--{$tpl_body|escape|nl2br}--></td>
+ <td><!--{$tpl_body|h|nl2br}--></td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/order/mail_view.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/order/mail_view.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/order/mail_view.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,11 +26,11 @@
<table class="form">
<tr>
<th>件名</th>
- <td><!--{$tpl_subject|escape}--></td>
+ <td><!--{$tpl_subject|h}--></td>
</tr>
<tr>
<th>本文</th>
- <td><!--{$tpl_body|escape|nl2br}--></td>
+ <td><!--{$tpl_body|h|nl2br}--></td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/order/product_select.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/order/product_select.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/order/product_select.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -122,7 +122,7 @@
</script>
<!--▼検索フォーム-->
-<form name="form1" id="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|escape}-->">
+<form name="form1" id="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|h}-->">
<input name="mode" type="hidden" value="search" />
<input name="anchor_key" type="hidden" value="" />
<input name="search_pageno" type="hidden" value="" />
@@ -167,30 +167,30 @@
</tr>
<!--{section name=cnt loop=$arrProducts}-->
<!--{assign var=id value=$arrProducts[cnt].product_id}-->
- <form name="product_form<!--{$id|escape}-->" action="?" onsubmit="return false;">
+ <form name="product_form<!--{$id|h}-->" action="?" onsubmit="return false;">
<!--▼商品<!--{$smarty.section.cnt.iteration}-->-->
<!--{assign var=status value="`$arrProducts[cnt].status`"}-->
<tr style="background:<!--{$arrPRODUCTSTATUS_COLOR[$status]}-->;">
<td class="center">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProducts[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrRecommend[$recommend_no].name|escape}-->" />
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProducts[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrRecommend[$recommend_no].name|h}-->" />
</td>
<td>
<!--{assign var=codemin value=`$arrProducts[cnt].product_code_min`}-->
<!--{assign var=codemax value=`$arrProducts[cnt].product_code_max`}-->
<!--{* 商品コード *}-->
<!--{if $codemin != $codemax}-->
- <!--{$codemin|escape}-->〜<!--{$codemax|escape}-->
+ <!--{$codemin|h}-->〜<!--{$codemax|h}-->
<!--{else}-->
- <!--{$codemin|escape}-->
+ <!--{$codemin|h}-->
<!--{/if}-->
</td>
<td>
- <!--{$arrProducts[cnt].name|escape}-->
+ <!--{$arrProducts[cnt].name|h}-->
<!--{assign var=class1 value=classcategory_id`$id`_1}-->
<!--{assign var=class2 value=classcategory_id`$id`_2}-->
<!--{if $tpl_classcat_find1[$id]}-->
- <dt><!--{$tpl_class_name1[$id]|escape}-->:</dt>
+ <dt><!--{$tpl_class_name1[$id]|h}-->:</dt>
<dd>
<select name="classcategory_id1" id="<!--{$class1}-->" style="<!--{$arrErr[$class1]|sfGetErrorColor}-->" onchange="fnSetClassCategories(this.form);">
<!--{html_options options=$arrClassCat1[$id] selected=$arrForm[$class1]}-->
@@ -203,7 +203,7 @@
<input type="hidden" name="<!--{$class1}-->" id="<!--{$class1}-->" value="" />
<!--{/if}-->
<!--{if $tpl_classcat_find2[$id]}-->
- <dt><!--{$tpl_class_name2[$id]|escape}-->:</dt>
+ <dt><!--{$tpl_class_name2[$id]|h}-->:</dt>
<dd>
<select name="classcategory_id2" id="<!--{$class2}-->" style="<!--{$arrErr[$class2]|sfGetErrorColor}-->" onchange="fnCheckStock(this.form);"></select>
<!--{if $arrErr[$class2] != ""}-->
@@ -213,9 +213,9 @@
<!--{else}-->
<input type="hidden" name="<!--{$class2}-->" id="<!--{$class2}-->" value="" />
<!--{/if}-->
- <input type="hidden" name="product_id" value="<!--{$id|escape}-->" />
- <input type="hidden" name="product_class_id<!--{$id|escape}-->" id="product_class_id<!--{$id|escape}-->" value="<!--{$tpl_product_class_id[$id]}-->" />
- <input type="hidden" name="product_type" id="product_type<!--{$id|escape}-->" value="<!--{$tpl_product_type[$id]}-->" />
+ <input type="hidden" name="product_id" value="<!--{$id|h}-->" />
+ <input type="hidden" name="product_class_id<!--{$id|h}-->" id="product_class_id<!--{$id|h}-->" value="<!--{$tpl_product_class_id[$id]}-->" />
+ <input type="hidden" name="product_type" id="product_type<!--{$id|h}-->" value="<!--{$tpl_product_type[$id]}-->" />
</td>
<td class="center"><a href="javascript:;" onclick="return func_submit('<!--{$arrProducts[cnt].product_id}-->', '<!--{$tpl_class_name1[$id]}-->', '<!--{$tpl_class_name2[$id]}-->', '<!--{$tpl_product_class_id[$id]}-->')">決定</a></td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/order/status.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/order/status.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/order/status.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -79,11 +79,11 @@
<tr style="background:<!--{$arrORDERSTATUS_COLOR[$status]}-->;">
<td><input type="checkbox" name="move[]" value="<!--{$arrStatus[cnt].order_id}-->" ></td>
<td><!--{$arrORDERSTATUS[$status]}--></td>
- <td><a href ="<!--{$smarty.server.PHP_SELF|escape}-->" onclick="fnOpenWindow('./edit.php?order_id=<!--{$arrStatus[cnt].order_id}-->','order_disp','800','900'); return false;" ><!--{$arrStatus[cnt].order_id}--></td>
+ <td><a href ="<!--{$smarty.server.PHP_SELF|h}-->" onclick="fnOpenWindow('./edit.php?order_id=<!--{$arrStatus[cnt].order_id}-->','order_disp','800','900'); return false;" ><!--{$arrStatus[cnt].order_id}--></td>
<td><!--{$arrStatus[cnt].create_date|sfDispDBDate:false}--></td>
- <td><!--{$arrStatus[cnt].order_name01|escape}--><!--{$arrStatus[cnt].order_name02|escape}--></td>
+ <td><!--{$arrStatus[cnt].order_name01|h}--><!--{$arrStatus[cnt].order_name02|h}--></td>
<!--{assign var=payment_id value=`$arrStatus[cnt].payment_id`}-->
- <td><!--{$arrPayment[$payment_id]|escape}--></td>
+ <td><!--{$arrPayment[$payment_id]|h}--></td>
<td class="right"><!--{$arrStatus[cnt].total|number_format}--></td>
<td><!--{if $arrStatus[cnt].payment_date != ""}--><!--{$arrStatus[cnt].payment_date|sfDispDBDate:false}--><!--{else}-->未入金<!--{/if}--></td>
<td><!--{if $arrStatus[cnt].status eq 5}--><!--{$arrStatus[cnt].commit_date|sfDispDBDate:false}--><!--{else}-->未発送<!--{/if}--></td>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/log.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/log.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/log.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -36,9 +36,9 @@
</tr>
<!--{foreach from=$arrInstallLogs item=log name=log_loop}-->
<tr>
- <td class="left"><!--{$log.module_name|escape}--></td>
+ <td class="left"><!--{$log.module_name|h}--></td>
<td><!--{if $log.error_flg}-->失敗<!--{else}-->成功<!--{/if}--></td>
- <td class="left"><!--{$log.update_date|sfDispDBDate|escape}--></td>
+ <td class="left"><!--{$log.update_date|sfDispDBDate|h}--></td>
<td>
<a href="<!--{$smarty.const.URL_DIR}--><!--{$smarty.const.ADMIN_DIR}-->ownersstore/log.php?mode=detail&log_id=<!--{$log.log_id}-->">
詳細</a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/log_detail.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/log_detail.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/log_detail.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -29,7 +29,7 @@
<table class="form">
<tr>
<th>モジュール名</th>
- <td><!--{$arrLogDetail.module_name|escape}--></td>
+ <td><!--{$arrLogDetail.module_name|h}--></td>
</tr>
<tr>
<th>ステータス</th>
@@ -37,20 +37,20 @@
</tr>
<tr>
<th>日時</th>
- <td><!--{$arrLogDetail.update_date|sfDispDBDate|escape}--></td>
+ <td><!--{$arrLogDetail.update_date|sfDispDBDate|h}--></td>
</tr>
<tr>
<th>バックアップパス</th>
<td><!--{$arrLogDetail.buckup_path|wordwrap:100:"
-":true|escape|nl2br}--></td>
+":true|h|nl2br}--></td>
</tr>
<tr>
<th>詳細</th>
<td>
<!--{$arrLogDetail.error|wordwrap:100:"
-":true|escape|nl2br}-->
+":true|h|nl2br}-->
<!--{$arrLogDetail.ok|wordwrap:100:"
-":true|escape|nl2br}-->
+":true|h|nl2br}-->
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/products_list.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/products_list.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/products_list.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -33,19 +33,19 @@
<!--{foreach from=$arrProducts item=product name=products_list_loop}-->
<tr>
<td>
- <a href="<!--{$smarty.const.OSTORE_URL}-->products/detail.php?product_id=<!--{$product.product_id|escape}-->" target="_blank">
- <img src="<!--{$smarty.const.OSTORE_SSLURL}-->resize.php?image=<!--{$product.main_list_image|escape}-->&width=50&height=50" /></a>
+ <a href="<!--{$smarty.const.OSTORE_URL}-->products/detail.php?product_id=<!--{$product.product_id|h}-->" target="_blank">
+ <img src="<!--{$smarty.const.OSTORE_SSLURL}-->resize.php?image=<!--{$product.main_list_image|h}-->&width=50&height=50" /></a>
</td>
<td>
<p>
- <a href="<!--{$smarty.const.OSTORE_URL}-->products/detail.php?product_id=<!--{$product.product_id|escape}-->" target="_blank">
+ <a href="<!--{$smarty.const.OSTORE_URL}-->products/detail.php?product_id=<!--{$product.product_id|h}-->" target="_blank">
<!--{$product.name}--></a>
</p>
- <p>Version.<!--{$product.version|default:"--"}--> <!--{$product.last_update_date|sfDispDBDate:false|escape}--></p>
+ <p>Version.<!--{$product.version|default:"--"}--> <!--{$product.last_update_date|sfDispDBDate:false|h}--></p>
</td>
<td>
- <div id="ownersstore_version<!--{$product.product_id|escape}-->">
- <!--{$product.installed_version|default:"--"|escape}-->
+ <div id="ownersstore_version<!--{$product.product_id|h}-->">
+ <!--{$product.installed_version|default:"--"|h}-->
</div>
</td>
@@ -53,16 +53,16 @@
<!--{if $product.download_flg}-->
<td>
- <div id="ownersstore_download<!--{$product.product_id|escape}-->">
+ <div id="ownersstore_download<!--{$product.product_id|h}-->">
<!--{* 新バージョンが公開している場合 はアップデートボタン表示 *}-->
<!--{if $product.version_up_flg}-->
<span class="icon_confirm">
- <a href="#" onclick="OwnersStore.download(<!--{$product.product_id|escape}-->);return false;">アップデート</a>
+ <a href="#" onclick="OwnersStore.download(<!--{$product.product_id|h}-->);return false;">アップデート</a>
</span>
<!--{* それ以外ならダウンロードボタン表示 *}-->
<!--{else}-->
<span class="icon_confirm">
- <a href="#" onclick="OwnersStore.download(<!--{$product.product_id|escape}-->);return false;">ダウンロード</a>
+ <a href="#" onclick="OwnersStore.download(<!--{$product.product_id|h}-->);return false;">ダウンロード</a>
</span>
<!--{/if}-->
</div>
@@ -76,13 +76,13 @@
設定</a>
</span>
<!--{else}-->
- <div id='ownersstore_settings<!--{$product.product_id|escape}-->' style="display:none">
+ <div id='ownersstore_settings<!--{$product.product_id|h}-->' style="display:none">
<span class="icon_confirm">
<a href="#" onclick="win02('../load_module_config.php?module_id=<!--{$product.product_id}-->', 'load', 600, 400);return false;">
設定</a>
</span>
</div>
- <div id='ownersstore_settings_default<!--{$product.product_id|escape}-->' style="display:bloc">--</div>
+ <div id='ownersstore_settings_default<!--{$product.product_id|h}-->' style="display:bloc">--</div>
<!--{/if}-->
</td>
@@ -92,7 +92,7 @@
<td>--</td>
<!--{/if}-->
- <td><!--{$product.status|escape|nl2br}--></td>
+ <td><!--{$product.status|h|nl2br}--></td>
</tr>
<!--{/foreach}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/settings.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/settings.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/ownersstore/settings.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -34,7 +34,7 @@
<td>
<!--{assign var="key" value="public_key"}-->
<!--{if $arrErr[$key]}--><span class="attention"><!--{$arrErr[$key]}--></span><!--{/if}-->
- <textarea name="<!--{$key}-->" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"><!--{$arrForm[$key]|escape}--></textarea>
+ <textarea name="<!--{$key}-->" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"><!--{$arrForm[$key]|h}--></textarea>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/pager.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/pager.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/pager.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -2,7 +2,7 @@
<div class="pager">
<ul>
<!--{foreach from=$arrPagenavi.arrPageno key="key" item="item"}-->
- <li<!--{if $arrPagenavi.now_page == $item}--> class="on"<!--{/if}-->><a href=<!--{$smarty.server.PHP_SELF|escape}--> onclick="fnNaviSearchPage(<!--{$item}-->, '<!--{$arrPagenavi.mode}-->'); return false;"><span><!--{$item}--></span></a></li>
+ <li<!--{if $arrPagenavi.now_page == $item}--> class="on"<!--{/if}-->><a href=<!--{$smarty.server.PHP_SELF|h}--> onclick="fnNaviSearchPage(<!--{$item}-->, '<!--{$arrPagenavi.mode}-->'); return false;"><span><!--{$item}--></span></a></li>
<!--{/foreach}-->
</ul>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/plugin/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/plugin/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/plugin/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -36,11 +36,11 @@
</tr>
<!--{/if}-->
<tr>
- <td><!--{$plugin.info.name|escape}--></td>
- <td><!--{$plugin.path|escape}--></td>
- <td><!--{$plugin.info.version|escape}--></td>
- <td><!--{$plugin.info.auther|escape}--></td>
- <td><a href="<!--{$smarty.const.URL_DIR}--><!--{$smarty.const.ADMIN_DIR}-->plugin/uninstall.php?path=<!--{$plugin.path|escape}-->">アンインストール</a></td>
+ <td><!--{$plugin.info.name|h}--></td>
+ <td><!--{$plugin.path|h}--></td>
+ <td><!--{$plugin.info.version|h}--></td>
+ <td><!--{$plugin.info.auther|h}--></td>
+ <td><a href="<!--{$smarty.const.URL_DIR}--><!--{$smarty.const.ADMIN_DIR}-->plugin/uninstall.php?path=<!--{$plugin.path|h}-->">アンインストール</a></td>
</tr>
<!--{if $smarty.foreach.installedPlugin.last}-->
</table>
@@ -62,11 +62,11 @@
</tr>
<!--{/if}-->
<tr>
- <td><!--{$plugin.info.name|escape}--></td>
- <td><!--{$plugin.path|escape}--></td>
- <td><!--{$plugin.info.version|escape}--></td>
- <td><!--{$plugin.info.auther|escape}--></td>
- <td><a href="<!--{$smarty.const.URL_DIR}--><!--{$smarty.const.ADMIN_DIR}-->plugin/install.php?path=<!--{$plugin.path|escape}-->">インストール</a></td>
+ <td><!--{$plugin.info.name|h}--></td>
+ <td><!--{$plugin.path|h}--></td>
+ <td><!--{$plugin.info.version|h}--></td>
+ <td><!--{$plugin.info.auther|h}--></td>
+ <td><a href="<!--{$smarty.const.URL_DIR}--><!--{$smarty.const.ADMIN_DIR}-->plugin/install.php?path=<!--{$plugin.path|h}-->">インストール</a></td>
</tr>
<!--{if $smarty.foreach.installablePlugin.last}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/plugin/install.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/plugin/install.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/plugin/install.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<form name="form1" id="form1" method="post" action="">
<div class="contents-main">
<h2>結果</h2>
- <div><!--{$tpl_result|escape|nl2br}--></div>
+ <div><!--{$tpl_result|h|nl2br}--></div>
<div><a href="<!--{$smarty.const.URL_DIR}--><!--{$smarty.const.ADMIN_DIR}-->plugin/<!--{$smarty.const.DIR_INDEX_URL}-->">→ プラグイン管理へ</a><div>
</div>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/plugin/subnavi.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/plugin/subnavi.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/plugin/subnavi.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,6 +24,6 @@
<ul class="level1">
<li<!--{if $tpl_subno == 'index'}--> class="on"<!--{/if}--> id="navi-plugin-index"><a href="<!--{$smarty.const.URL_DIR}--><!--{$smarty.const.ADMIN_DIR}-->plugin/<!--{$smarty.const.DIR_INDEX_URL}-->"><span>プラグイン管理</span></a></li>
<!--{foreach from=$smarty.env.pluginsXml->plugin item="plugin"}-->
- <li<!--{if $tpl_subno == $plugin->path}--> class="on"<!--{/if}--> id="navi-plugin-<!--{$plugin->path|escape}-->"><a href="<!--{$smarty.const.PLUGIN_URL}--><!--{$plugin->path|escape}-->/<!--{$smarty.const.ADMIN_DIR}--><!--{$smarty.const.DIR_INDEX_URL}-->"><span><!--{$plugin->name|escape}--></span></a></li>
+ <li<!--{if $tpl_subno == $plugin->path}--> class="on"<!--{/if}--> id="navi-plugin-<!--{$plugin->path|h}-->"><a href="<!--{$smarty.const.PLUGIN_URL}--><!--{$plugin->path|h}-->/<!--{$smarty.const.ADMIN_DIR}--><!--{$smarty.const.DIR_INDEX_URL}-->"><span><!--{$plugin->name|h}--></span></a></li>
<!--{/foreach}-->
</ul>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/plugin/uninstall.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/plugin/uninstall.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/plugin/uninstall.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<form name="form1" id="form1" method="post" action="">
<div class="contents-main">
<h2>結果</h2>
- <div><!--{$tpl_result|escape|nl2br}--></div>
+ <div><!--{$tpl_result|h|nl2br}--></div>
<div><a href="<!--{$smarty.const.URL_DIR}--><!--{$smarty.const.ADMIN_DIR}-->plugin/<!--{$smarty.const.DIR_INDEX_URL}-->">→ プラグイン管理へ</a><div>
</div>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/category.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/category.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/category.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -57,10 +57,10 @@
<!--{else}-->
<img src="<!--{$smarty.const.URL_DIR}-->misc/closef.gif">
<!--{/if}-->
- <!--{$disp_name|sfCutString:20|escape}--></a><br />
+ <!--{$disp_name|sfCutString:20|h}--></a><br />
<!--{else}-->
<img src="<!--{$smarty.const.URL_DIR}-->misc/closef.gif">
- <!--{$disp_name|sfCutString:20|escape}--></a><br />
+ <!--{$disp_name|sfCutString:20|h}--></a><br />
<!--{/if}-->
<!--{if $arrTree[cnt].display == true}-->
@@ -84,7 +84,7 @@
<!--{if $arrErr.category_name}-->
<span class="attention"><!--{$arrErr.category_name}--></span>
<!--{/if}-->
- <input type="text" name="category_name" value="<!--{$arrForm.category_name|escape}-->" size="30" class="box30" maxlength="<!--{$smarty.const.STEXT_LEN}-->" />
+ <input type="text" name="category_name" value="<!--{$arrForm.category_name|h}-->" size="30" class="box30" maxlength="<!--{$smarty.const.STEXT_LEN}-->" />
<a class="btn-normal" href="javascript:;" onclick="fnModeSubmit('edit','','');"><span>登録</span></a><span class="attention">(上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
<!--{if count($arrList) > 0}-->
@@ -131,9 +131,9 @@
<td class="center"><!--{$arrList[cnt].category_id}--></td>
<td>
<!--{if $arrList[cnt].level != $smarty.const.LEVEL_MAX}-->
- <a href="?" onclick="fnModeSubmit('tree', 'parent_category_id', <!--{$arrList[cnt].category_id}-->); return false"><!--{$arrList[cnt].category_name|escape}--></a>
+ <a href="?" onclick="fnModeSubmit('tree', 'parent_category_id', <!--{$arrList[cnt].category_id}-->); return false"><!--{$arrList[cnt].category_name|h}--></a>
<!--{else}-->
- <!--{$arrList[cnt].category_name|escape}-->
+ <!--{$arrList[cnt].category_name|h}-->
<!--{/if}-->
</td>
<td align="center">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/class.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/class.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/class.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -33,7 +33,7 @@
<!--{if $arrErr.name}-->
<span class="attention"><!--{$arrErr.name}--></span>
<!--{/if}-->
- <input type="text" name="name" value="<!--{$arrForm.name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="" size="30" class="box30" />
+ <input type="text" name="name" value="<!--{$arrForm.name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="" size="30" class="box30" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -53,7 +53,7 @@
<!--{section name=cnt loop=$arrClass}-->
<tr style="background:<!--{if $tpl_class_id != $arrClass[cnt].class_id}-->#ffffff<!--{else}--><!--{$smarty.const.SELECT_RGB}--><!--{/if}-->;">
<!--{assign var=class_id value=$arrClass[cnt].class_id}-->
- <td><!--{* 規格名 *}--><!--{$arrClass[cnt].name|escape}--> (<!--{$arrClassCatCount[$class_id]|default:0}-->)</td>
+ <td><!--{* 規格名 *}--><!--{$arrClass[cnt].name|h}--> (<!--{$arrClassCatCount[$class_id]|default:0}-->)</td>
<td align="center"><a href="<!--{$smarty.const.URL_DIR}-->" onclick="fnClassCatPage(<!--{$arrClass[cnt].class_id}-->); return false;">分類登録</a></td>
<td align="center">
<!--{if $tpl_class_id != $arrClass[cnt].class_id}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/classcategory.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/classcategory.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/classcategory.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<input type="hidden" name="mode" value="edit" />
<input type="hidden" name="classcategory_id" value="<!--{$tpl_classcategory_id}-->" />
<!--{foreach key=key item=item from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<div id="products" class="contents-main">
@@ -40,7 +40,7 @@
<!--{if $arrErr.name}-->
<span class="attention"><!--{$arrErr.name}--></span>
<!--{/if}-->
- <input type="text" name="name" value="<!--{$arrForm.name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="" size="30" class="box30" />
+ <input type="text" name="name" value="<!--{$arrForm.name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="" size="30" class="box30" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -58,7 +58,7 @@
</tr>
<!--{section name=cnt loop=$arrClassCat}-->
<tr style="background:<!--{if $tpl_classcategory_id != $arrClassCat[cnt].classcategory_id}-->#ffffff<!--{else}--><!--{$smarty.const.SELECT_RGB}--><!--{/if}-->;">
- <td><!--{* 規格名 *}--><!--{$arrClassCat[cnt].name|escape}--></td>
+ <td><!--{* 規格名 *}--><!--{$arrClassCat[cnt].name|h}--></td>
<td align="center" >
<!--{if $tpl_classcategory_id != $arrClassCat[cnt].classcategory_id}-->
<a href="?" onclick="fnModeSubmit('pre_edit','classcategory_id', <!--{$arrClassCat[cnt].classcategory_id}-->); return false;">編集</a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,10 +25,10 @@
<!--{foreach key=key item=item from=$arrForm}-->
<!--{if $key == 'product_status' || $key == 'payment_ids'}-->
<!--{foreach item=statusVal from=$item}-->
- <input type="hidden" name="<!--{$key}-->[]" value="<!--{$statusVal|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->[]" value="<!--{$statusVal|h}-->" />
<!--{/foreach}-->
<!--{else}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<div id="products" class="contents-main">
@@ -37,7 +37,7 @@
<tr>
<th>商品名</th>
<td>
- <!--{$arrForm.name|escape}-->
+ <!--{$arrForm.name|h}-->
</td>
</tr>
<tr>
@@ -74,33 +74,33 @@
<tr>
<th>ダウンロードファイル名</th>
<td>
- <!--{$arrForm.down_filename|escape}-->
+ <!--{$arrForm.down_filename|h}-->
</td>
</tr>
<tr>
<th>ダウンロード商品用<BR />ファイル</th>
<td>
<!--{if $arrForm.down_realfilename != ""}-->
- <!--{$arrForm.down_realfilename|escape}-->
+ <!--{$arrForm.down_realfilename|h}-->
<!--{/if}-->
</td>
</tr>
<tr>
<th>商品コード</th>
<td>
- <!--{$arrForm.product_code|escape}-->
+ <!--{$arrForm.product_code|h}-->
</td>
</tr>
<tr>
<th><!--{$smarty.const.NORMAL_PRICE_TITLE}--></th>
<td>
- <!--{$arrForm.price01|escape}-->
+ <!--{$arrForm.price01|h}-->
円</td>
</tr>
<tr>
<th><!--{$smarty.const.SALE_PRICE_TITLE}--></th>
<td>
- <!--{$arrForm.price02|escape}-->
+ <!--{$arrForm.price02|h}-->
円</td>
</tr>
<tr>
@@ -109,7 +109,7 @@
<!--{if $arrForm.stock_unlimited == 1}-->
無制限
<!--{else}-->
- <!--{$arrForm.stock|escape}-->
+ <!--{$arrForm.stock|h}-->
<!--{/if}-->
</td>
</tr>
@@ -117,7 +117,7 @@
<th>支払方法</th>
<td>
<!--{foreach from=$arrForm.payment_ids item=payment_id}-->
- <!--{$arrPayments[$payment_id]|escape}-->
+ <!--{$arrPayments[$payment_id]|h}-->
<!--{/foreach}-->
</td>
</tr>
@@ -126,63 +126,63 @@
<tr>
<th>商品送料</th>
<td>
- <!--{$arrForm.deliv_fee|escape}-->
+ <!--{$arrForm.deliv_fee|h}-->
円</td>
</tr>
<tr>
<th>ポイント付与率</th>
<td>
- <!--{$arrForm.point_rate|escape}-->
+ <!--{$arrForm.point_rate|h}-->
%</td>
</tr>
<tr>
<th>発送日目安</th>
<td>
- <!--{$arrDELIVERYDATE[$arrForm.deliv_date_id]|escape}-->
+ <!--{$arrDELIVERYDATE[$arrForm.deliv_date_id]|h}-->
</td>
</tr>
<tr>
<th>購入制限</th>
<td>
- <!--{$arrForm.sale_limit|default:'無制限'|escape}-->
+ <!--{$arrForm.sale_limit|default:'無制限'|h}-->
</td>
</tr>
<tr>
<th>メーカー</th>
<td>
- <!--{$arrMaker[$arrForm.maker_id]|escape}-->
+ <!--{$arrMaker[$arrForm.maker_id]|h}-->
</td>
</tr>
<tr>
<th>メーカーURL</th>
<td>
- <!--{$arrForm.comment1|escape|sfPutBR:$smarty.const.LINE_LIMIT_SIZE}-->
+ <!--{$arrForm.comment1|h|sfPutBR:$smarty.const.LINE_LIMIT_SIZE}-->
</td>
</tr>
<!--{*
<tr>
<th>成分</th>
<td>
- <!--{$arrForm.comment2|escape}-->
+ <!--{$arrForm.comment2|h}-->
</td>
</tr>
*}-->
<tr>
<th>検索ワード</th>
<td>
- <!--{$arrForm.comment3|escape}-->
+ <!--{$arrForm.comment3|h}-->
</td>
</tr>
<tr>
<th>備考欄(SHOP専用)</th>
<td>
- <!--{$arrForm.note|escape|nl2br}-->
+ <!--{$arrForm.note|h|nl2br}-->
</td>
</tr>
<tr>
<th>一覧-メインコメント</th>
<td>
- <!--{$arrForm.main_list_comment|escape|nl2br}-->
+ <!--{$arrForm.main_list_comment|h|nl2br}-->
</td>
</tr>
<tr>
@@ -196,7 +196,7 @@
<td>
<!--{assign var=key value="main_list_image"}-->
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /><br />
<!--{/if}-->
</td>
</tr>
@@ -205,7 +205,7 @@
<td>
<!--{assign var=key value="main_image"}-->
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /><br />
<!--{/if}-->
</td>
</tr>
@@ -214,7 +214,7 @@
<td>
<!--{assign var=key value="main_large_image"}-->
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /><br />
<!--{/if}-->
</td>
</tr>
@@ -230,7 +230,7 @@
<th>詳細-サブタイトル(<!--{$smarty.section.cnt.iteration}-->)</th>
<td>
<!--{assign var=key value="sub_title`$smarty.section.cnt.iteration`"}-->
- <!--{$arrForm[$key]|escape}-->
+ <!--{$arrForm[$key]|h}-->
</td>
</tr>
<tr>
@@ -245,7 +245,7 @@
<td>
<!--{assign var=key value="sub_image`$smarty.section.cnt.iteration`"}-->
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /><br />
<!--{/if}-->
</td>
</tr>
@@ -254,7 +254,7 @@
<td>
<!--{assign var=key value="sub_large_image`$smarty.section.cnt.iteration`"}-->
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /><br />
<!--{/if}-->
</td>
</tr>
@@ -268,15 +268,15 @@
<tr>
<th>関連商品(<!--{$smarty.section.cnt.iteration}-->)<br />
<!--{if $arrRecommend[$recommend_no].product_id|strlen >= 1}-->
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[$recommend_no].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrRecommend[$recommend_no].name|escape}-->">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[$recommend_no].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrRecommend[$recommend_no].name|h}-->">
<!--{/if}-->
</th>
<td>
<!--{if $arrRecommend[$recommend_no].product_id|strlen >= 1}-->
商品コード:<!--{$arrRecommend[$recommend_no].product_code_min}--><br />
- 商品名:<!--{$arrRecommend[$recommend_no].name|escape}--><br />
+ 商品名:<!--{$arrRecommend[$recommend_no].name|h}--><br />
コメント:<br />
- <!--{$arrRecommend[$recommend_no].comment|escape|nl2br}-->
+ <!--{$arrRecommend[$recommend_no].comment|h|nl2br}-->
<!--{/if}-->
</td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -60,7 +60,7 @@
<input type="hidden" name="mode" value="search" />
<!--{foreach key=key item=item from=$arrHidden}-->
<!--{if $key == 'campaign_id' || $key == 'search_mode'}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<h2>検索条件設定</h2>
@@ -73,21 +73,21 @@
<!--{if $arrErr.search_product_id}-->
<span class="attention"><!--{$arrErr.search_product_id}--></span>
<!--{/if}-->
- <input type="text" name="search_product_id" value="<!--{$arrForm.search_product_id|escape}-->" size="30" class="box30" style="<!--{$arrErr.search_product_id|sfGetErrorColor}-->"/>
+ <input type="text" name="search_product_id" value="<!--{$arrForm.search_product_id|h}-->" size="30" class="box30" style="<!--{$arrErr.search_product_id|sfGetErrorColor}-->"/>
</td>
<th>規格名称</th>
<td>
<!--{if $arrErr.search_product_class_name}-->
<span class="attention"><!--{$arrErr.search_product_class_name}--></span>
<!--{/if}-->
- <input type="text" name="search_product_class_name" value="<!--{$arrForm.search_product_class_name|escape}-->" size="30" class="box30"style="<!--{$arrErr.search_product_class_name|sfGetErrorColor}-->" />
+ <input type="text" name="search_product_class_name" value="<!--{$arrForm.search_product_class_name|h}-->" size="30" class="box30"style="<!--{$arrErr.search_product_class_name|sfGetErrorColor}-->" />
</td>
</tr>
<tr>
<th>商品コード</th>
- <td><input type="text" name="search_product_code" value="<!--{$arrForm.search_product_code|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_product_code" value="<!--{$arrForm.search_product_code|h}-->" size="30" class="box30" /></td>
<th>商品名</th>
- <td><input type="text" name="search_name" value="<!--{$arrForm.search_name|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_name" value="<!--{$arrForm.search_name|h}-->" size="30" class="box30" /></td>
</tr>
<tr>
<th>カテゴリ</th>
@@ -163,7 +163,7 @@
<input type="hidden" name="product_id" value="" />
<input type="hidden" name="category_id" value="" />
<!--{foreach key=key item=item from=$arrHidden}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<h2>検索結果一覧</h2>
<div class="btn">
@@ -206,11 +206,11 @@
<tr style="background:<!--{$arrPRODUCTSTATUS_COLOR[$status]}-->;">
<td class="id" rowspan="2"><!--{$arrProducts[cnt].product_id}--></td>
<td class="thumbnail" rowspan="2">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProducts[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProducts[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65">
</td>
- <td rowspan="2"><!--{$arrProducts[cnt].product_code_min|escape}-->
+ <td rowspan="2"><!--{$arrProducts[cnt].product_code_min|h}-->
<!--{if $arrProducts[cnt].product_code_min != $arrProducts[cnt].product_code_max}-->
- <br />〜 <!--{$arrProducts[cnt].product_code_max|escape}-->
+ <br />〜 <!--{$arrProducts[cnt].product_code_max|h}-->
<!--{/if}-->
</td>
<!--{* 価格 *}-->
@@ -220,7 +220,7 @@
<br />〜 <!--{$arrProducts[cnt].price02_max|number_format}-->
<!--{/if}-->
</td>
- <td><!--{$arrProducts[cnt].name|escape}--></td>
+ <td><!--{$arrProducts[cnt].name|h}--></td>
<!--{* 在庫 *}-->
<!--{* XXX 複数規格でかつ、全ての在庫数量が等しい場合は先頭に「各」と入れたれたら良いと思う。 *}-->
<td class="menu" rowspan="2">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/maker.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/maker.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/maker.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -31,7 +31,7 @@
<th>メーカー名<span class="attention"> *</span></th>
<td>
<!--{if $arrErr.name}--><span class="attention"><!--{$arrErr.name}--></span><!--{/if}-->
- <input type="text" name="name" value="<!--{$arrForm.name|escape}-->" maxlength="<!--{$smarty.const.SMTEXT_LEN}-->" style="" size="60" class="box60"/>
+ <input type="text" name="name" value="<!--{$arrForm.name|h}-->" maxlength="<!--{$smarty.const.SMTEXT_LEN}-->" style="" size="60" class="box60"/>
<span class="attention"> (上限<!--{$smarty.const.SMTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -49,7 +49,7 @@
<!--{section name=cnt loop=$arrMaker}-->
<tr style="background:<!--{if $tpl_class_id != $arrMaker[cnt].maker_id}-->#ffffff<!--{else}--><!--{$smarty.const.SELECT_RGB}--><!--{/if}-->;">
<!--{assign var=maker_id value=$arrMaker[cnt].maker_id}-->
- <td><!--{$arrMaker[cnt].name|escape}--></td>
+ <td><!--{$arrMaker[cnt].name|h}--></td>
<td class="center">
<!--{if $tpl_maker_id != $arrMaker[cnt].maker_id}-->
<a href="?" onclick="fnModeSubmit('pre_edit', 'maker_id', <!--{$arrMaker[cnt].maker_id}-->); return false;">編集</a>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/product.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/product.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/product.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -59,7 +59,7 @@
<form name="form1" id="form1" method="post" action="?" enctype="multipart/form-data">
<!--{foreach key=key item=item from=$arrSearchHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<input type="hidden" name="mode" value="edit" />
<input type="hidden" name="image_key" value="" />
@@ -69,7 +69,7 @@
<input type="hidden" name="copy_product_id" value="<!--{$arrForm.copy_product_id}-->" />
<input type="hidden" name="anchor_key" value="" />
<!--{foreach key=key item=item from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<div id="products" class="contents-main">
<h2>基本情報</h2>
@@ -83,7 +83,7 @@
<th>商品名<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.name}--></span>
- <input type="text" name="name" value="<!--{$arrForm.name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />
+ <input type="text" name="name" value="<!--{$arrForm.name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -135,7 +135,7 @@
<th>ダウンロードファイル名<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.down_filename}--></span>
- <input type="text" name="down_filename" value="<!--{$arrForm.down_filename|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.down_filename != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}--><!--{/if}-->" size="60" class="box60" />
+ <input type="text" name="down_filename" value="<!--{$arrForm.down_filename|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.down_filename != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}--><!--{/if}-->" size="60" class="box60" />
<span class="red"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -145,7 +145,7 @@
<td>
<span class="attention"><!--{$arrErr[$key]}--><!--{$arrErr.down_realfilename}--></span>
<!--{if $arrForm.down_realfilename != ""}-->
- <!--{$arrForm.down_realfilename|escape}--><input type="hidden" name="down_realfilename" value="<!--{$arrForm.down_realfilename|escape}-->">
+ <!--{$arrForm.down_realfilename|h}--><input type="hidden" name="down_realfilename" value="<!--{$arrForm.down_realfilename|h}-->">
<a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_down', 'down_key', '<!--{$key}-->'); return false;">[ファイルの取り消し]</a><br>
<!--{/if}-->
<input type="file" name="down_file" size="50" class="box50" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
@@ -156,7 +156,7 @@
<th>商品コード<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.product_code}--></span>
- <input type="text" name="product_code" value="<!--{$arrForm.product_code|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.product_code != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />
+ <input type="text" name="product_code" value="<!--{$arrForm.product_code|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr.product_code != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" size="60" class="box60" />
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -164,7 +164,7 @@
<th><!--{$smarty.const.NORMAL_PRICE_TITLE}--></th>
<td>
<span class="attention"><!--{$arrErr.price01}--></span>
- <input type="text" name="price01" value="<!--{$arrForm.price01|escape}-->" size="6" class="box6" maxlength="<!--{$smarty.const.PRICE_LEN}-->" style="<!--{if $arrErr.price01 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>円
+ <input type="text" name="price01" value="<!--{$arrForm.price01|h}-->" size="6" class="box6" maxlength="<!--{$smarty.const.PRICE_LEN}-->" style="<!--{if $arrErr.price01 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>円
<span class="attention"> (半角数字で入力)</span>
</td>
</tr>
@@ -172,7 +172,7 @@
<th><!--{$smarty.const.SALE_PRICE_TITLE}--><span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.price02}--></span>
- <input type="text" name="price02" value="<!--{$arrForm.price02|escape}-->" size="6" class="box6" maxlength="<!--{$smarty.const.PRICE_LEN}-->" style="<!--{if $arrErr.price02 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>円
+ <input type="text" name="price02" value="<!--{$arrForm.price02|h}-->" size="6" class="box6" maxlength="<!--{$smarty.const.PRICE_LEN}-->" style="<!--{if $arrErr.price02 != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>円
<span class="attention"> (半角数字で入力)</span>
</td>
</tr>
@@ -180,7 +180,7 @@
<th>在庫数<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.stock}--></span>
- <input type="text" name="stock" value="<!--{$arrForm.stock|escape}-->" size="6" class="box6" maxlength="<!--{$smarty.const.AMOUNT_LEN}-->" style="<!--{if $arrErr.stock != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
+ <input type="text" name="stock" value="<!--{$arrForm.stock|h}-->" size="6" class="box6" maxlength="<!--{$smarty.const.AMOUNT_LEN}-->" style="<!--{if $arrErr.stock != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
<input type="checkbox" name="stock_unlimited" value="1" <!--{if $arrForm.stock_unlimited == "1"}-->checked<!--{/if}--> onclick="fnCheckStockLimit('<!--{$smarty.const.DISABLED_RGB}-->');"/>無制限
</td>
</tr>
@@ -197,7 +197,7 @@
<th>商品送料</th>
<td>
<span class="attention"><!--{$arrErr.deliv_fee}--></span>
- <input type="text" name="deliv_fee" value="<!--{$arrForm.deliv_fee|escape}-->" size="6" class="box6" maxlength="<!--{$smarty.const.PRICE_LEN}-->" style="<!--{if $arrErr.deliv_fee != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>円
+ <input type="text" name="deliv_fee" value="<!--{$arrForm.deliv_fee|h}-->" size="6" class="box6" maxlength="<!--{$smarty.const.PRICE_LEN}-->" style="<!--{if $arrErr.deliv_fee != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>円
<span class="attention"> (半角数字で入力)</span>
<!--{if $smarty.const.OPTION_PRODUCT_DELIV_FEE != 1}--><br /><span class="attention">※現在無効です</span> (パラメータ OPTION_PRODUCT_DELIV_FEE)<!--{/if}-->
</td>
@@ -206,7 +206,7 @@
<th>ポイント付与率<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.point_rate}--></span>
- <input type="text" name="point_rate" value="<!--{$arrForm.point_rate|escape|default:$arrInfo.point_rate}-->" size="6" class="box6" maxlength="<!--{$smarty.const.PERCENTAGE_LEN}-->" style="<!--{if $arrErr.point_rate != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>%
+ <input type="text" name="point_rate" value="<!--{$arrForm.point_rate|default:$arrInfo.point_rate|h}-->" size="6" class="box6" maxlength="<!--{$smarty.const.PERCENTAGE_LEN}-->" style="<!--{if $arrErr.point_rate != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>%
<span class="attention"> (半角数字で入力)</span>
</td>
</tr>
@@ -224,7 +224,7 @@
<th>購入制限</th>
<td>
<span class="attention"><!--{$arrErr.sale_limit}--></span>
- <input type="text" name="sale_limit" value="<!--{$arrForm.sale_limit|escape}-->" size="6" class="box6" maxlength="<!--{$smarty.const.AMOUNT_LEN}-->" style="<!--{if $arrErr.sale_limit != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
+ <input type="text" name="sale_limit" value="<!--{$arrForm.sale_limit|h}-->" size="6" class="box6" maxlength="<!--{$smarty.const.AMOUNT_LEN}-->" style="<!--{if $arrErr.sale_limit != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->"/>
<span class="attention"> (半角数字で入力)</span>
</td>
</tr>
@@ -242,7 +242,7 @@
<th>メーカーURL</th>
<td>
<span class="attention"><!--{$arrErr.comment1}--></span>
- <input type="text" name="comment1" value="<!--{$arrForm.comment1|escape}-->" maxlength="<!--{$smarty.const.URL_LEN}-->" size="60" class="box60" style="<!--{$arrErr.comment1|sfGetErrorColor}-->" />
+ <input type="text" name="comment1" value="<!--{$arrForm.comment1|h}-->" maxlength="<!--{$smarty.const.URL_LEN}-->" size="60" class="box60" style="<!--{$arrErr.comment1|sfGetErrorColor}-->" />
<span class="attention"> (上限<!--{$smarty.const.URL_LEN}-->文字)</span>
</td>
</tr>
@@ -250,7 +250,7 @@
<th>検索ワード<br />※複数の場合は、カンマ( , )区切りで入力して下さい</th>
<td>
<span class="attention"><!--{$arrErr.comment3}--></span>
- <textarea name="comment3" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.LLTEXT_LEN}-->" style="<!--{$arrErr.comment3|sfGetErrorColor}-->"><!--{$arrForm.comment3|escape}--></textarea><br />
+ <textarea name="comment3" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.LLTEXT_LEN}-->" style="<!--{$arrErr.comment3|sfGetErrorColor}-->"><!--{$arrForm.comment3|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.LLTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -258,7 +258,7 @@
<th>備考欄(SHOP専用)</th>
<td>
<span class="attention"><!--{$arrErr.note}--></span>
- <textarea name="note" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.LLTEXT_LEN}-->" style="<!--{$arrErr.note|sfGetErrorColor}-->"><!--{$arrForm.note|escape}--></textarea><br />
+ <textarea name="note" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.LLTEXT_LEN}-->" style="<!--{$arrErr.note|sfGetErrorColor}-->"><!--{$arrForm.note|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.LLTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -266,7 +266,7 @@
<th>一覧-メインコメント<span class="attention"> *</span></th>
<td>
<span class="attention"><!--{$arrErr.main_list_comment}--></span>
- <textarea name="main_list_comment" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" style="<!--{if $arrErr.main_list_comment != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" cols="60" rows="8" class="area60"><!--{$arrForm.main_list_comment|escape}--></textarea><br />
+ <textarea name="main_list_comment" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" style="<!--{if $arrErr.main_list_comment != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" cols="60" rows="8" class="area60"><!--{$arrForm.main_list_comment|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.MTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -274,7 +274,7 @@
<th>詳細-メインコメント<span class="attention">(タグ許可)*</span></th>
<td>
<span class="attention"><!--{$arrErr.main_comment}--></span>
- <textarea name="main_comment" value="<!--{$arrForm.main_comment|escape}-->" maxlength="<!--{$smarty.const.LLTEXT_LEN}-->" style="<!--{if $arrErr.main_comment != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" cols="60" rows="8" class="area60"><!--{$arrForm.main_comment|escape}--></textarea><br />
+ <textarea name="main_comment" value="<!--{$arrForm.main_comment|h}-->" maxlength="<!--{$smarty.const.LLTEXT_LEN}-->" style="<!--{if $arrErr.main_comment != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" cols="60" rows="8" class="area60"><!--{$arrForm.main_comment|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.LLTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -287,7 +287,7 @@
<a name="main_large_image"></a>
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
<!--{/if}-->
<input type="file" name="main_list_image" size="50" class="box50" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
<a class="btn-normal" href="javascript:;" name="btn" onclick="selectAll('category_id'); fnModeSubmit('upload_image', 'image_key', '<!--{$key}-->')">アップロード</a>
@@ -299,7 +299,7 @@
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
<!--{/if}-->
<input type="file" name="main_image" size="50" class="box50" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
<a class="btn-normal" href="javascript:;" name="btn" onclick="selectAll('category_id'); fnModeSubmit('upload_image', 'image_key', '<!--{$key}-->')">アップロード</a>
@@ -311,7 +311,7 @@
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
<!--{/if}-->
<input type="file" name="<!--{$key}-->" size="50" class="box50" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
<a class="btn-normal" href="javascript:;" name="btn" onclick="selectAll('category_id'); fnModeSubmit('upload_image', 'image_key', '<!--{$key}-->')">アップロード</a>
@@ -342,7 +342,7 @@
<!--{assign var=key value="sub_title`$smarty.section.cnt.iteration`"}-->
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="sub_title<!--{$smarty.section.cnt.iteration}-->" value="<!--{$arrForm[$key]|escape}-->" size="60" class="box60" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"/>
+ <input type="text" name="sub_title<!--{$smarty.section.cnt.iteration}-->" value="<!--{$arrForm[$key]|h}-->" size="60" class="box60" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"/>
<span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -351,7 +351,7 @@
<!--{assign var=key value="sub_comment`$smarty.section.cnt.iteration`"}-->
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="sub_comment<!--{$smarty.section.cnt.iteration}-->" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.LLTEXT_LEN}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"><!--{$arrForm[$key]|escape}--></textarea><br />
+ <textarea name="sub_comment<!--{$smarty.section.cnt.iteration}-->" cols="60" rows="8" class="area60" maxlength="<!--{$smarty.const.LLTEXT_LEN}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"><!--{$arrForm[$key]|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.LLTEXT_LEN}-->文字)</span>
</td>
</tr>
@@ -364,7 +364,7 @@
<a name="<!--{$largekey}-->"></a>
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
<!--{/if}-->
<input type="file" name="<!--{$key}-->" size="50" class="box50" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"/>
<a class="btn-normal" href="javascript:;" name="btn" onclick="selectAll('category_id'); fnModeSubmit('upload_image', 'image_key', '<!--{$key}-->')">アップロード</a>
@@ -376,7 +376,7 @@
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{if $arrFile[$key].filepath != ""}-->
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|escape}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrForm.name|h}-->" /> <a href="" onclick="selectAll('category_id'); fnModeSubmit('delete_image', 'image_key', '<!--{$key}-->'); return false;">[画像の取り消し]</a><br />
<!--{/if}-->
<input type="file" name="<!--{$key}-->" size="50" class="box50" style="<!--{$arrErr[$key]|sfGetErrorColor}-->"/>
<a class="btn-normal" href="javascript:;" name="btn" onclick="selectAll('category_id'); fnModeSubmit('upload_image', 'image_key', '<!--{$key}-->')">アップロード</a>
@@ -407,20 +407,20 @@
<!--{assign var=anckey value="recommend_no`$smarty.section.cnt.iteration`"}-->
<th>関連商品(<!--{$smarty.section.cnt.iteration}-->)<br />
<!--{if $arrRecommend[$recommend_no].product_id}-->
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[$recommend_no].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrRecommend[$recommend_no].name|escape}-->" />
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[$recommend_no].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrRecommend[$recommend_no].name|h}-->" />
<!--{/if}-->
</th>
<td>
<a name="<!--{$anckey}-->"></a>
- <input type="hidden" name="<!--{$key}-->" value="<!--{$arrRecommend[$recommend_no].product_id|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$arrRecommend[$recommend_no].product_id|h}-->" />
<a class="btn-normal" href="javascript:;" name="change" onclick="selectAll('category_id'); win03('./product_select.php?no=<!--{$smarty.section.cnt.iteration}-->', 'search', '500', '500'); ">変更</a>
<!--{assign var=key value="recommend_delete`$smarty.section.cnt.iteration`"}-->
<input type="checkbox" name="<!--{$key}-->" value="1" />削除<br />
商品コード:<!--{$arrRecommend[$recommend_no].product_code_min}--><br />
- 商品名:<!--{$arrRecommend[$recommend_no].name|escape}--><br />
+ 商品名:<!--{$arrRecommend[$recommend_no].name|h}--><br />
<!--{assign var=key value="recommend_comment`$smarty.section.cnt.iteration`"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$key}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrRecommend[$recommend_no].comment|escape}--></textarea><br />
+ <textarea name="<!--{$key}-->" cols="60" rows="8" class="area60" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" ><!--{$arrRecommend[$recommend_no].comment|h}--></textarea><br />
<span class="attention"> (上限<!--{$smarty.const.LTEXT_LEN}-->文字)</span>
</td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/product_class.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/product_class.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/product_class.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,21 +24,21 @@
<h2>商品規格登録</h2>
<form name="form1" id="form1" method="post" action="" enctype="multipart/form-data">
<!--{foreach key=key item=item from=$arrSearchHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<input type="hidden" name="mode" value="edit" />
<input type="hidden" name="product_id" value="<!--{$tpl_product_id}-->" />
<input type="hidden" name="pageno" value="<!--{$tpl_pageno}-->" />
<input type="hidden" name="down_key" value="">
<!--{foreach key=key item=item from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<div id="products" class="contents-main">
<table>
<tr>
<th>商品名</th>
- <td><!--{$arrForm.product_name|escape}--></td>
+ <td><!--{$arrForm.product_name|h}--></td>
</tr>
<tr>
<th>規格1<span class="attention">*</span></th>
@@ -149,13 +149,13 @@
<td>
<!--{assign var=key value="down_filename:`$smarty.section.cnt.iteration`"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key]|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr[$key] != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}--><!--{/if}-->" size="30" class="box30" />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key]|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{if $arrErr[$key] != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}--><!--{/if}-->" size="30" class="box30" />
</td>
<!--{assign var=key value="down_realfilename:`$smarty.section.cnt.iteration`"}-->
<td>
<span class="attention"><!--{$arrErr[$key]}--></span>
<!--{if $arrForm[$key] != ""}-->
- <!--{$arrForm[$key]|escape}--><input type="hidden" name="<!--{$key}-->" value="<!--{$arrForm[$key]|escape}-->">
+ <!--{$arrForm[$key]|h}--><input type="hidden" name="<!--{$key}-->" value="<!--{$arrForm[$key]|h}-->">
<a href="" onclick="fnModeSubmit('delete_down', 'down_key', '<!--{$key}-->'); return false;">[ファイルの取り消し]</a><br>
<!--{/if}-->
<input type="file" name="<!--{$key}-->" size="50" class="box50" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" />
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/product_class_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/product_class_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/product_class_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,15 +26,15 @@
<!--{foreach key=key item=item from=$arrForm}-->
<!--{if '/payment_ids:/'|preg_match:$key}-->
<!--{foreach item=paymentsVal from=$item}-->
- <input type="hidden" name="<!--{$key}-->[]" value="<!--{$paymentsVal|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->[]" value="<!--{$paymentsVal|h}-->" />
<!--{/foreach}-->
<!--{else}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<!--{foreach key=key item=item from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<div id="products" class="contents-main">
@@ -83,7 +83,7 @@
<!--{assign var=key value="payment_ids:`$smarty.section.cnt.iteration`"}-->
<td>
<!--{foreach from=$arrForm[$key] item=payment_id}-->
- <!--{$arrPayments[$payment_id]|escape}-->
+ <!--{$arrPayments[$payment_id]|h}-->
<!--{/foreach}-->
</td>
<!--{assign var=key value="down_filename:`$smarty.section.cnt.iteration`"}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/product_rank.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/product_rank.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/product_rank.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -52,7 +52,7 @@
<!--{else}-->
<img src="<!--{$smarty.const.URL_DIR}-->misc/closef.gif">
<!--{/if}-->
- <!--{$disp_name|sfCutString:20|escape}-->(<!--{$arrTree[cnt].product_count|default:0}-->)</a>
+ <!--{$disp_name|sfCutString:20|h}-->(<!--{$arrTree[cnt].product_count|default:0}-->)</a>
<br />
<!--{if $arrTree[cnt].display == true}-->
<div id="f<!--{$arrTree[cnt].category_id}-->">
@@ -99,10 +99,10 @@
<td><!--{from_to from=$arrProductsList[cnt].product_code_min to=$arrProductsList[cnt].product_code_max separator="〜<br />"}--></td>
<td align="center">
<!--{* 商品画像 *}-->
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProductsList[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrProducts[cnt].name|escape}-->">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProductsList[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrProducts[cnt].name|h}-->">
</td>
<td align="center">
- <!--{$arrProductsList[cnt].name|escape}-->
+ <!--{$arrProductsList[cnt].name|h}-->
</td>
<td align="center">
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/product_select.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/product_select.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/product_select.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -40,7 +40,7 @@
</script>
<!--▼検索フォーム-->
-<form name="form1" id="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|escape}-->">
+<form name="form1" id="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|h}-->">
<input name="mode" type="hidden" value="search" />
<input name="anchor_key" type="hidden" value="" />
<input name="search_pageno" type="hidden" value="" />
@@ -83,10 +83,10 @@
<!--{assign var=status value="`$arrProducts[cnt].status`"}-->
<tr style="background:<!--{$arrPRODUCTSTATUS_COLOR[$status]}-->;">
<td align="center">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProducts[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrRecommend[$recommend_no].name|escape}-->" />
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrProducts[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrRecommend[$recommend_no].name|h}-->" />
</td>
- <td><!--{$arrProducts[cnt].product_code|escape|default:"-"}--></td>
- <td><!--{$arrProducts[cnt].name|escape}--></td>
+ <td><!--{$arrProducts[cnt].product_code|default:"-"|h}--></td>
+ <td><!--{$arrProducts[cnt].name|h}--></td>
<td align="center"><a href="#" onclick="return func_submit(<!--{$arrProducts[cnt].product_id}-->)">決定</a></td>
</tr>
<!--▲商品<!--{$smarty.section.cnt.iteration}-->-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/review.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/review.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/review.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -30,15 +30,15 @@
<table>
<tr>
<th>投稿者名</th>
- <td><input type="text" name="search_reviewer_name" value="<!--{$arrForm.search_reviewer_name|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_reviewer_name" value="<!--{$arrForm.search_reviewer_name|h}-->" size="30" class="box30" /></td>
<th>投稿者URL</th>
<td><input type="text" name="search_reviewer_url" value="<!--{$arrForm.search_reviewer_url}-->" size="30" class="box30" /></td>
</tr>
<tr>
<th>商品名</th>
- <td><input type="text" name="search_name" value="<!--{$arrForm.search_name|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_name" value="<!--{$arrForm.search_name|h}-->" size="30" class="box30" /></td>
<th>商品コード</th>
- <td><input type="text" name="search_product_code" value="<!--{$arrForm.search_product_code|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_product_code" value="<!--{$arrForm.search_product_code|h}-->" size="30" class="box30" /></td>
</tr>
<tr>
<th>性別</th>
@@ -139,8 +139,8 @@
<!--{section name=cnt loop=$arrReview}-->
<tr>
<td><!--{$arrReview[cnt].create_date|sfDispDBDate}--></td>
- <td><!--{$arrReview[cnt].reviewer_name|escape}--></td>
- <td><!--{$arrReview[cnt].name|escape}--></td>
+ <td><!--{$arrReview[cnt].reviewer_name|h}--></td>
+ <td><!--{$arrReview[cnt].name|h}--></td>
<!--{assign var=key value="`$arrReview[cnt].recommend_level`"}-->
<td><!--{$arrRECOMMEND[$key]}--></td>
<td class="menu"><!--{if $arrReview[cnt].status eq 1}-->表示<!--{elseif $arrReview[cnt].status eq 2}-->非表示<!--{/if}--></td>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/review_edit.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/review_edit.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/review_edit.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,9 +23,9 @@
*}-->
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete" />
- <input type="hidden" name="review_id" value="<!--{$arrReview.review_id|escape}-->" />
+ <input type="hidden" name="review_id" value="<!--{$arrReview.review_id|h}-->" />
<!--{foreach key=key item=item from=$arrSearchHidden}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<div id="products" class="contents-main">
@@ -34,7 +34,7 @@
<table>
<tr>
<th>商品名</th>
- <td><!--{$arrReview.name|escape}--></td>
+ <td><!--{$arrReview.name|h}--></td>
</tr>
<tr>
<th>レビュー表示</th>
@@ -51,14 +51,14 @@
<th>投稿者名 <span class="attention">*</span></th>
<td>
<!--{if $arrErr.reviewer_name}--><span class="attention"><!--{$arrErr.reviewer_name}--></span><!--{/if}-->
- <input type="text" class="box60" name="reviewer_name" value="<!--{$arrReview.reviewer_name|escape}-->" style="<!--{$arrErr.reviewer_name|sfGetErrorColor}-->" size=30>
+ <input type="text" class="box60" name="reviewer_name" value="<!--{$arrReview.reviewer_name|h}-->" style="<!--{$arrErr.reviewer_name|sfGetErrorColor}-->" size=30>
</td>
</tr>
<tr>
<th>投稿者URL</th>
<td>
<!--{if $arrErr.reviewer_url}--><span class="attention"><!--{$arrErr.reviewer_url}--></span><!--{/if}-->
- <input type="text" class="box60" name="reviewer_url" maxlength="<!--{$smarty.const.URL_LEN}-->" value="<!--{$arrReview.reviewer_url|escape}-->" style="<!--{$arrErr.reviewer_url|sfGetErrorColor}-->" size=30>
+ <input type="text" class="box60" name="reviewer_url" maxlength="<!--{$smarty.const.URL_LEN}-->" value="<!--{$arrReview.reviewer_url|h}-->" style="<!--{$arrErr.reviewer_url|sfGetErrorColor}-->" size=30>
</td>
</tr>
<tr>
@@ -82,14 +82,14 @@
<th>タイトル <span class="attention">*</span></th>
<td>
<!--{if $arrErr.title}--><span class="attention"><!--{$arrErr.title}--></span><!--{/if}-->
- <input type="text" class="box60" name="title" value="<!--{$arrReview.title|escape}-->" style="<!--{$arrErr.title|sfGetErrorColor}-->" size=30><span class="attention">
+ <input type="text" class="box60" name="title" value="<!--{$arrReview.title|h}-->" style="<!--{$arrErr.title|sfGetErrorColor}-->" size=30><span class="attention">
</td>
</tr>
<tr>
<th>コメント <span class="attention">*</span></th>
<td>
<!--{if $arrErr.comment}--><span class="attention"><!--{$arrErr.comment}--></span><!--{/if}-->
- <textarea name="comment" rows="20" cols="60" class="area60" wrap="soft" style="<!--{$arrErr.comment|sfGetErrorColor}-->" ><!--{$arrReview.comment|escape}--></textarea>
+ <textarea name="comment" rows="20" cols="60" class="area60" wrap="soft" style="<!--{$arrErr.comment|sfGetErrorColor}-->" ><!--{$arrReview.comment|h}--></textarea>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/trackback.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/trackback.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/trackback.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -29,13 +29,13 @@
<table class="form">
<tr>
<th>ブログ名</th>
- <td><input type="text" name="search_blog_name" value="<!--{$arrForm.search_blog_name|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_blog_name" value="<!--{$arrForm.search_blog_name|h}-->" size="30" class="box30" /></td>
<th>ブログ記事タイトル</th>
- <td><input type="text" name="search_blog_title" value="<!--{$arrForm.search_blog_title|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_blog_title" value="<!--{$arrForm.search_blog_title|h}-->" size="30" class="box30" /></td>
</tr>
<tr>
<th>URL</th>
- <td><input type="text" name="search_blog_url" value="<!--{$arrForm.search_blog_url|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_blog_url" value="<!--{$arrForm.search_blog_url|h}-->" size="30" class="box30" /></td>
<th>状態</th>
<td>
<select name="search_status" style="<!--{$arrErr.search_status|sfGetErrorColor}-->">
@@ -46,9 +46,9 @@
</tr>
<tr>
<th>商品名</th>
- <td><input type="text" name="search_name" value="<!--{$arrForm.search_name|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_name" value="<!--{$arrForm.search_name|h}-->" size="30" class="box30" /></td>
<th>商品コード</th>
- <td><input type="text" name="search_product_code" value="<!--{$arrForm.search_product_code|escape}-->" size="30" class="box30" /></td>
+ <td><input type="text" name="search_product_code" value="<!--{$arrForm.search_product_code|h}-->" size="30" class="box30" /></td>
</tr>
<tr>
<th>投稿日</th>
@@ -139,9 +139,9 @@
<!--{section name=cnt loop=$arrTrackback}-->
<tr>
<td><!--{$arrTrackback[cnt].create_date|sfDispDBDate}--></td>
- <td><!--{$arrTrackback[cnt].name|escape}--></td>
- <td><a href="<!--{$arrTrackback[cnt].url|escape}-->"><!--{$arrTrackback[cnt].blog_name|escape}--></a></td>
- <td><!--{$arrTrackback[cnt].title|escape}--></td>
+ <td><!--{$arrTrackback[cnt].name|h}--></td>
+ <td><a href="<!--{$arrTrackback[cnt].url|h}-->"><!--{$arrTrackback[cnt].blog_name|h}--></a></td>
+ <td><!--{$arrTrackback[cnt].title|h}--></td>
<td><!--{if $arrTrackback[cnt].status eq 1}-->表示<!--{elseif $arrTrackback[cnt].status eq 2}-->非表示<!--{elseif $arrTrackback[cnt].status eq 3}-->スパム<!--{/if}--></td>
<td><a class="btn-normal" href="javascript:;" onclick="fnChangeAction('./trackback_edit.php'); fnModeSubmit('','trackback_id','<!--{$arrTrackback[cnt].trackback_id}-->');"><span>編集</span></a></td>
<td><a class="btn-normal" href="javascript:;" onclick="fnModeSubmit('delete','trackback_id','<!--{$arrTrackback[cnt].trackback_id}-->'); return false;"><span>削除</span></a></td>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/products/trackback_edit.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/products/trackback_edit.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/products/trackback_edit.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,11 +25,11 @@
<input type="hidden" name="mode" value="complete" />
<!--{foreach key=key item=item from=$arrTrackback}-->
<!--{if $key ne "mode"}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<!--{foreach key=key item=item from=$arrSearchHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<div id="products" class="contents-main">
@@ -39,23 +39,23 @@
<table>
<tr>
<th>商品名</th>
- <td><!--{$arrTrackback.name|escape}--></td>
+ <td><!--{$arrTrackback.name|h}--></td>
</tr>
<tr>
<th>ブログ名</th>
- <td><!--{$arrTrackback.blog_name|escape}--></td>
+ <td><!--{$arrTrackback.blog_name|h}--></td>
</tr>
<tr>
<th>ブログ記事タイトル</th>
- <td><!--{$arrTrackback.title|escape}--></td>
+ <td><!--{$arrTrackback.title|h}--></td>
</tr>
<tr>
<th>ブログ記事内容</th>
- <td><!--{$arrTrackback.excerpt|escape}--></td>
+ <td><!--{$arrTrackback.excerpt|h}--></td>
</tr>
<tr>
<th>ブログURL</th>
- <td><!--{$arrTrackback.url|escape}--></td>
+ <td><!--{$arrTrackback.url|h}--></td>
</tr>
<tr>
<th>投稿日</th>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/system/bkup.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/system/bkup.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/system/bkup.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -36,7 +36,7 @@
<!--{if $arrErr.bkup_name}-->
<span class="attention"><!--{$arrErr.bkup_name}--></span>
<!--{/if}-->
- <input type="text" name="bkup_name" value="<!--{$arrForm.bkup_name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.bkup_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}--> ime-mode: disabled;" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
+ <input type="text" name="bkup_name" value="<!--{$arrForm.bkup_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" size="60" class="box60" style="<!--{if $arrErr.bkup_name != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}--> ime-mode: disabled;" /><span class="attention"> (上限<!--{$smarty.const.STEXT_LEN}-->文字)</span>
</td>
</tr>
<tr>
@@ -45,7 +45,7 @@
<!--{if $arrErr.bkup_memo}-->
<span class="attention"><!--{$arrErr.bkup_memo}--></span>
<!--{/if}-->
- <textarea name="bkup_memo" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" cols="60" rows="5" class="area60" style="<!--{if $arrErr.bkup_memo != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" ><!--{$arrForm.bkup_memo|escape}--></textarea>
+ <textarea name="bkup_memo" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" cols="60" rows="5" class="area60" style="<!--{if $arrErr.bkup_memo != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" ><!--{$arrForm.bkup_memo|h}--></textarea>
<span class="attention"> (上限<!--{$smarty.const.MTEXT_LEN}-->文字)</span>
</td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/system/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/system/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/system/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -43,9 +43,9 @@
</tr>
<!--{section name=data loop=$list_data}--><!--▼メンバー<!--{$smarty.section.data.iteration}-->-->
<tr>
- <!--{assign var="auth" value=$list_data[data].authority}--><td><!--{$arrAUTHORITY[$auth]|escape}--></td>
- <td><!--{$list_data[data].name|escape}--></td>
- <td><!--{$list_data[data].department|escape}--></td>
+ <!--{assign var="auth" value=$list_data[data].authority}--><td><!--{$arrAUTHORITY[$auth]|h}--></td>
+ <td><!--{$list_data[data].name|h}--></td>
+ <td><!--{$list_data[data].department|h}--></td>
<td align="center"><!--{if $list_data[data].work eq 1}--><input type="radio" name="radio<!--{$smarty.section.data.iteration}-->" value="稼動" onclick="fnChangeRadio(this.name, 1, <!--{$list_data[data].member_id}-->, <!--{$tpl_disppage}-->);" checked /><!--{else}--><input type="radio" name="radio<!--{$smarty.section.data.iteration}-->" value="稼動" onclick="fnChangeRadio(this.name, 1, <!--{$list_data[data].member_id}-->, <!--{$tpl_disppage}-->);"/><!--{/if}--></td>
<td align="center"><!--{if $list_data[data].work eq 0}--><input type="radio" name="radio<!--{$smarty.section.data.iteration}-->" value="非稼動" onclick="fnChangeRadio(this.name, 0, <!--{$list_data[data].member_id}-->, <!--{$tpl_disppage}-->);" checked /><!--{else}--><input type="radio" name="radio<!--{$smarty.section.data.iteration}-->" value="非稼動" onclick="fnChangeRadio(this.name, 0, <!--{$list_data[data].member_id}-->, <!--{$tpl_disppage}-->);" <!--{if $workmax <= 1 }-->disabled<!--{/if}--> /><!--{/if}--></td>
<td align="center"><a href="#" onClick="win01('./input.php?id=<!--{$list_data[data].member_id}-->&pageno=<!--{$tpl_disppage}-->','member_edit','500','420'); return false;">編集</a></td>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/system/input.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/system/input.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/system/input.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -30,11 +30,11 @@
</script>
<form name="form1" id="form1" method="post" action="" onsubmit="return fnRegistMember();">
-<input type="hidden" name="mode" value="<!--{$tpl_mode|escape}-->">
-<input type="hidden" name="member_id" value="<!--{$tpl_member_id|escape}-->">
-<input type="hidden" name="pageno" value="<!--{$tpl_pageno|escape}-->">
-<input type="hidden" name="old_login_id" value="<!--{$tpl_old_login_id|escape}-->">
-<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid|escape}-->">
+<input type="hidden" name="mode" value="<!--{$tpl_mode|h}-->">
+<input type="hidden" name="member_id" value="<!--{$tpl_member_id|h}-->">
+<input type="hidden" name="pageno" value="<!--{$tpl_pageno|h}-->">
+<input type="hidden" name="old_login_id" value="<!--{$tpl_old_login_id|h}-->">
+<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid|h}-->">
<h2>メンバー登録/編集</h2>
<table>
@@ -84,7 +84,7 @@
</tr>
</table>
-<div class="btn"><a class="btn-normal" href="javascript:;" onclick="fnFormModeSubmit('form1', '<!--{$tpl_mode|escape}-->', '', '');"><span>この内容で登録する</span></a></div>
+<div class="btn"><a class="btn-normal" href="javascript:;" onclick="fnFormModeSubmit('form1', '<!--{$tpl_mode|h}-->', '', '');"><span>この内容で登録する</span></a></div>
</form>
<!--{include file="`$smarty.const.TEMPLATE_ADMIN_DIR`admin_popup_footer.tpl"}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/system/log.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/system/log.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/system/log.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -31,9 +31,9 @@
</tr>
<!--{foreach from=$tpl_ec_log item=line}-->
<tr>
- <td class="date"><!--{$line.date|escape}--></td>
- <td class="path"><!--{$line.path|escape}--></td>
- <td class="body"><!--{$line.body|escape|nl2br}--></td>
+ <td class="date"><!--{$line.date|h}--></td>
+ <td class="path"><!--{$line.path|h}--></td>
+ <td class="body"><!--{$line.body|h|nl2br}--></td>
</tr>
<!--{/foreach}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/system/masterdata.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/system/masterdata.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/system/masterdata.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -52,8 +52,8 @@
<table class="form">
<!--{foreach from=$arrMasterData item=val key=key}-->
<tr>
- <th>ID:<input type="text" name="id[]" value="<!--{$key|escape}-->" size="6" /></th>
- <td>値:<input type="text" name="name[]" value="<!--{$val|escape}-->" style="" size="60" class="box60" /></td>
+ <th>ID:<input type="text" name="id[]" value="<!--{$key|h}-->" size="6" /></th>
+ <td>値:<input type="text" name="name[]" value="<!--{$val|h}-->" style="" size="60" class="box60" /></td>
</tr>
<!--{/foreach}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/system/parameter.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/system/parameter.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/system/parameter.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -38,13 +38,13 @@
<!--{section name=cnt loop=$arrKeys}-->
<tr>
<th>
- <!--{$arrKeys[cnt]|escape}-->
+ <!--{$arrKeys[cnt]|h}-->
</th>
<td>
- <div style="font-size: 80%; color: #666666"><!--{$arrComments[cnt]|escape}--></div>
+ <div style="font-size: 80%; color: #666666"><!--{$arrComments[cnt]|h}--></div>
<div>
<!--{assign var=key value=$arrKeys[cnt]}-->
- <input type="text" name="<!--{$arrKeys[cnt]|escape}-->" value="<!--{$arrValues[cnt]|escape}-->" style="width: 370px; <!--{if $arrErr.$key != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
+ <input type="text" name="<!--{$arrKeys[cnt]|h}-->" value="<!--{$arrValues[cnt]|h}-->" style="width: 370px; <!--{if $arrErr.$key != ""}-->background-color: <!--{$smarty.const.ERR_COLOR}-->;<!--{/if}-->" />
<!--{if $arrErr.$key}-->
<span class="attention"><!--{$arrErr.$key}--></span>
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/system/plugin.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/system/plugin.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/system/plugin.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -19,8 +19,8 @@
<!--{section name=data loop=$plugins}-->
<!--▼メンバー<!--{$smarty.section.data.iteration}-->-->
<tr>
- <td><!--{$plugins[data].plugin_name|escape}--></td>
- <td><!--{$plugins[data].plugin_name|escape}--></td>
+ <td><!--{$plugins[data].plugin_name|h}--></td>
+ <td><!--{$plugins[data].plugin_name|h}--></td>
<td>
<!--{if $plugins[data].create_date == null }-->
<input type="hidden" name="plugin_name" value="<!--{$plugins[data].plugin_name}-->" />
変更: branches/version-2_5-dev/data/Smarty/templates/admin/system/system.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/system/system.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/system/system.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,10 +26,10 @@
<!--{foreach from=$arrSystemInfo item=info}-->
<tr>
<th>
- <!--{$info.title|escape}-->
+ <!--{$info.title|h}-->
</td>
<td>
- <!--{$info.value|escape|nl2br}-->
+ <!--{$info.value|h|nl2br}-->
</td>
</tr>
<!--{/foreach}-->
変更: branches/version-2_5-dev/data/Smarty/templates/admin/total/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/total/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/total/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -97,7 +97,7 @@
<input type="hidden" name="type" value="<!--{$arrForm.type.value}-->" />
<input type="hidden" name="page" value="<!--{$arrForm.page.value}-->" />
<!--{foreach key=key item=item from=$arrHidden}-->
-<input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+<input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<!--検索結果表示テーブル-->
@@ -111,7 +111,7 @@
<!--{if $install_GD}-->
<div id="graph-image">
<!--{* <img src="<!--{$tpl_image}-->?<!--{$cashtime}-->" alt="グラフ"> *}-->
- <img src="<!--{$smarty.server.PHP_SELF|escape}-->?draw_image=true&type=<!--{$smarty.post.type}-->&mode=search&page=<!--{$smarty.post.page}-->&search_startyear_m=<!--{$smarty.post.search_startyear_m}-->&search_startmonth_m=<!--{$smarty.post.search_startmonth_m}-->&search_startyear=<!--{$smarty.post.search_startyear}-->&search_startmonth=<!--{$smarty.post.search_startmonth}-->&search_startday=<!--{$smarty.post.search_startday}-->&search_endyear=<!--{$smarty.post.search_endyear}-->&search_endmonth=<!--{$smarty.post.search_endmonth}-->&search_endday=<!--{$smarty.post.search_endday}-->" alt="グラフ" />
+ <img src="<!--{$smarty.server.PHP_SELF|h}-->?draw_image=true&type=<!--{$smarty.post.type}-->&mode=search&page=<!--{$smarty.post.page}-->&search_startyear_m=<!--{$smarty.post.search_startyear_m}-->&search_startmonth_m=<!--{$smarty.post.search_startmonth_m}-->&search_startyear=<!--{$smarty.post.search_startyear}-->&search_startmonth=<!--{$smarty.post.search_startmonth}-->&search_startday=<!--{$smarty.post.search_startday}-->&search_endyear=<!--{$smarty.post.search_endyear}-->&search_endmonth=<!--{$smarty.post.search_endmonth}-->&search_endday=<!--{$smarty.post.search_endday}-->" alt="グラフ" />
</div>
<!--{/if}-->
<!--{* グラフ表示 *}-->
@@ -128,7 +128,7 @@
<input type="hidden" name="type" value="<!--{$arrForm.type.value}-->" />
<input type="hidden" name="page" value="<!--{$arrForm.page.value}-->" />
<!--{foreach key=key item=item from=$arrHidden}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<!--検索結果表示テーブル-->
<h2><!--{include file=$tpl_graphsubtitle}--></h2>
変更: branches/version-2_5-dev/data/Smarty/templates/admin/total/page_products.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/admin/total/page_products.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/admin/total/page_products.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -45,8 +45,8 @@
<tr class="<!--{$color}-->">
<td class="center"><!--{*順位*}--><!--{$smarty.section.cnt.iteration}--></td>
- <td class="right"><!--{*商品コード*}--><!--{$arrResults[cnt].product_code|escape}--></td>
- <td class="left"><!--{*商品名*}--><!--{$arrResults[cnt].product_name|sfCutString:40|escape}--></td>
+ <td class="right"><!--{*商品コード*}--><!--{$arrResults[cnt].product_code|h}--></td>
+ <td class="left"><!--{*商品名*}--><!--{$arrResults[cnt].product_name|sfCutString:40|h}--></td>
<td class="right"><!--{*購入件数*}--><!--{$arrResults[cnt].order_count}-->件</td>
<td class="right"><!--{*点数*}--><!--{$arrResults[cnt].products_count}--></td>
<td class="right"><!--{*単価*}--><!--{$arrResults[cnt].price|number_format}-->円</td>
変更: branches/version-2_5-dev/data/Smarty/templates/default/abouts/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/abouts/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/abouts/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -50,42 +50,42 @@
<div id="undercolumn">
<div id="undercolumn_aboutus">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<table summary="当サイトについて">
<!--{if strlen($objSiteInfo->data.shop_name)}-->
<tr>
<th>店名</th>
- <td><!--{$objSiteInfo->data.shop_name|escape}--></td>
+ <td><!--{$objSiteInfo->data.shop_name|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.company_name)}-->
<tr>
<th>会社名</th>
- <td><!--{$objSiteInfo->data.company_name|escape}--></td>
+ <td><!--{$objSiteInfo->data.company_name|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.zip01)}-->
<tr>
<th>住所</th>
- <td>〒<!--{$objSiteInfo->data.zip01|escape}-->-<!--{$objSiteInfo->data.zip02|escape}--><br /><!--{$objSiteInfo->data.pref|escape}--><!--{$objSiteInfo->data.addr01|escape}--><!--{$objSiteInfo->data.addr02|escape}--></td>
+ <td>〒<!--{$objSiteInfo->data.zip01|h}-->-<!--{$objSiteInfo->data.zip02|h}--><br /><!--{$objSiteInfo->data.pref|h}--><!--{$objSiteInfo->data.addr01|h}--><!--{$objSiteInfo->data.addr02|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.tel01)}-->
<tr>
<th>電話番号</th>
- <td><!--{$objSiteInfo->data.tel01|escape}-->-<!--{$objSiteInfo->data.tel02|escape}-->-<!--{$objSiteInfo->data.tel03|escape}--></td>
+ <td><!--{$objSiteInfo->data.tel01|h}-->-<!--{$objSiteInfo->data.tel02|h}-->-<!--{$objSiteInfo->data.tel03|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.fax01)}-->
<tr>
<th>FAX番号</th>
- <td><!--{$objSiteInfo->data.fax01|escape}-->-<!--{$objSiteInfo->data.fax02|escape}-->-<!--{$objSiteInfo->data.fax03|escape}--></td>
+ <td><!--{$objSiteInfo->data.fax01|h}-->-<!--{$objSiteInfo->data.fax02|h}-->-<!--{$objSiteInfo->data.fax03|h}--></td>
</tr>
<!--{/if}-->
@@ -99,21 +99,21 @@
<!--{if strlen($objSiteInfo->data.business_hour)}-->
<tr>
<th>営業時間</th>
- <td><!--{$objSiteInfo->data.business_hour|escape}--></td>
+ <td><!--{$objSiteInfo->data.business_hour|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.good_traded)}-->
<tr>
<th>取扱商品</th>
- <td><!--{$objSiteInfo->data.good_traded|escape|nl2br}--></td>
+ <td><!--{$objSiteInfo->data.good_traded|h|nl2br}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.message)}-->
<tr>
<th>メッセージ</th>
- <td><!--{$objSiteInfo->data.message|escape|nl2br}--></td>
+ <td><!--{$objSiteInfo->data.message|h|nl2br}--></td>
</tr>
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/bloc/best5.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/bloc/best5.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/bloc/best5.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,11 +27,11 @@
<div class="recomendblock">
<div class="recomendleft">
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[cnt].product_id|escape:url}-->">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrBestProducts[cnt].main_list_image|sfNoImageMainList|escape}-->&width=48&height=48" alt="<!--{$arrBestProducts[cnt].name|escape}-->" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[cnt].product_id|u}-->">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrBestProducts[cnt].main_list_image|sfNoImageMainList|h}-->&width=48&height=48" alt="<!--{$arrBestProducts[cnt].name|h}-->" /></a>
<h3>
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[cnt].product_id|escape:url}-->"><!--{$arrBestProducts[cnt].name|escape}--></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[cnt].product_id|u}-->"><!--{$arrBestProducts[cnt].name|h}--></a>
</h3>
<!--{assign var=price01 value=`$arrBestProducts[cnt].price01_min`}-->
@@ -41,18 +41,18 @@
<span class="price"><!--{$price02|sfCalcIncTax:$arrInfo.tax:$arrInfo.tax_rule|number_format}--> 円</span>
</p>
- <p class="mini comment"><!--{$arrBestProducts[cnt].comment|escape|nl2br}--></p>
+ <p class="mini comment"><!--{$arrBestProducts[cnt].comment|h|nl2br}--></p>
</div>
<div class="recomendright">
<!--{assign var=cnt2 value=`$smarty.section.cnt.iteration*$smarty.section.cnt.step-1`}-->
<!--{if $arrBestProducts[$cnt2]|count > 0}-->
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[$cnt2].product_id|escape:url}-->">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrBestProducts[$cnt2].main_list_image|sfNoImageMainList|escape}-->&width=48&height=48" alt="<!--{$arrBestProducts[$cnt2].name|escape}-->" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[$cnt2].product_id|u}-->">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrBestProducts[$cnt2].main_list_image|sfNoImageMainList|h}-->&width=48&height=48" alt="<!--{$arrBestProducts[$cnt2].name|h}-->" /></a>
<h3>
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[$cnt2].product_id|escape:url}-->"><!--{$arrBestProducts[$cnt2].name|escape}--></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[$cnt2].product_id|u}-->"><!--{$arrBestProducts[$cnt2].name|h}--></a>
</h3>
<!--{assign var=price01 value=`$arrBestProducts[$cnt2].price01_min`}-->
@@ -62,7 +62,7 @@
<span class="price"><!--{$price02|sfCalcIncTax:$arrInfo.tax:$arrInfo.tax_rule|number_format}--> 円</span>
</p>
- <p class="mini comment"><!--{$arrBestProducts[$cnt2].comment|escape|nl2br}--></p>
+ <p class="mini comment"><!--{$arrBestProducts[$cnt2].comment|h|nl2br}--></p>
<!--{/if}-->
</div>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/default/bloc/category.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/bloc/category.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/bloc/category.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -43,7 +43,7 @@
<!--{/section}-->
</li>
<!--{/if}-->
- <li class="level<!--{$level}--><!--{if in_array($arrTree[cnt].category_id, $tpl_category_id) }--> onmark<!--{/if}-->"><a href="<!--{$smarty.const.URL_DIR}-->products/list.php?category_id=<!--{$arrTree[cnt].category_id}-->"<!--{if in_array($arrTree[cnt].category_id, $tpl_category_id) }--> class="onlink"<!--{/if}-->><!--{$arrTree[cnt].category_name|escape}-->(<!--{$arrTree[cnt].product_count|default:0}-->)</a>
+ <li class="level<!--{$level}--><!--{if in_array($arrTree[cnt].category_id, $tpl_category_id) }--> onmark<!--{/if}-->"><a href="<!--{$smarty.const.URL_DIR}-->products/list.php?category_id=<!--{$arrTree[cnt].category_id}-->"<!--{if in_array($arrTree[cnt].category_id, $tpl_category_id) }--> class="onlink"<!--{/if}-->><!--{$arrTree[cnt].category_name|h}-->(<!--{$arrTree[cnt].product_count|default:0}-->)</a>
<!--{if $firstdone == 0}--><!--{assign var=firstdone value=1}--><!--{/if}-->
<!--{assign var=preLev value=`$level`}-->
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/bloc/login.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/bloc/login.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/bloc/login.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,11 +26,11 @@
<form name="login_form" id="login_form" method="post" action="<!--{$smarty.const.SSL_URL}-->frontparts/login_check.php" onsubmit="return fnCheckLogin('login_form')">
<input type="hidden" name="mode" value="login" />
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
- <input type="hidden" name="url" value="<!--{$smarty.server.PHP_SELF|escape}-->" />
+ <input type="hidden" name="url" value="<!--{$smarty.server.PHP_SELF|h}-->" />
<div id="login">
<!--{if $tpl_login}-->
<p>ようこそ<br />
- <!--{$tpl_name1|escape}--> <!--{$tpl_name2|escape}--> 様<br />
+ <!--{$tpl_name1|h}--> <!--{$tpl_name2|h}--> 様<br />
<!--{if $smarty.const.USE_POINT !== false}-->
所持ポイント:<span class="price"> <!--{$tpl_user_point|number_format|default:0}--> pt</span>
<!--{/if}-->
@@ -43,7 +43,7 @@
</div>
<!--{/if}-->
<!--{else}-->
- <p><img src="<!--{$TPL_DIR}-->img/icon/ico_mail.gif" width="40" height="21" alt="メールアドレス" /><input type="text" name="login_email" class="box96" value="<!--{$tpl_login_email|escape}-->" style="ime-mode: disabled;"/></p>
+ <p><img src="<!--{$TPL_DIR}-->img/icon/ico_mail.gif" width="40" height="21" alt="メールアドレス" /><input type="text" name="login_email" class="box96" value="<!--{$tpl_login_email|h}-->" style="ime-mode: disabled;"/></p>
<p><img src="<!--{$TPL_DIR}-->img/icon/ico_password.gif" width="40" height="22" alt="パスワード" /><input type="password" name="login_pass" class="box96" /></p>
</div>
<p class="mini">
変更: branches/version-2_5-dev/data/Smarty/templates/default/bloc/news.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/bloc/news.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/bloc/news.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -38,8 +38,8 @@
<!--{/if}-->
<!--{/if}-->
>
- <!--{$arrNews[data].news_title|escape|nl2br}--></a><br />
- <!--{$arrNews[data].news_comment|escape|nl2br}-->
+ <!--{$arrNews[data].news_title|h|nl2br}--></a><br />
+ <!--{$arrNews[data].news_comment|h|nl2br}-->
</dd>
</dl>
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/bloc/search_products.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/bloc/search_products.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/bloc/search_products.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -42,7 +42,7 @@
</p>
<!--{/if}-->
<p class="mini">商品名を入力
- <input type="text" name="name" class="box142" maxlength="50" value="<!--{$smarty.get.name|escape}-->" /></p>
+ <input type="text" name="name" class="box142" maxlength="50" value="<!--{$smarty.get.name|h}-->" /></p>
<p class="btn"><input type="image" onmouseover="chgImgImageSubmit('<!--{$TPL_DIR}-->img/button/btn_block_search_on.gif',this)" onmouseout="chgImgImageSubmit('<!--{$TPL_DIR}-->img/button/btn_block_search.gif',this)" src="<!--{$TPL_DIR}-->img/button/btn_block_search.gif" class="box51" alt="検索" name="search" /></p>
</form>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/default/cart/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/cart/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/cart/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -32,13 +32,13 @@
<!--▼CONTENTS-->
<div id="under02column">
<div id="under02column_cart">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{if $smarty.const.USE_POINT !== false || count($arrProductsClass) > 0}-->
<p class="totalmoneyarea">
<!--★ポイント案内★-->
<!--{if $smarty.const.USE_POINT !== false}-->
<!--{if $tpl_login}-->
- <!--{$tpl_name|escape}--> 様の、現在の所持ポイントは「<em><!--{$tpl_user_point|number_format|default:0}--> pt</em>」です。<br />
+ <!--{$tpl_name|h}--> 様の、現在の所持ポイントは「<em><!--{$tpl_user_point|number_format|default:0}--> pt</em>」です。<br />
<!--{else}-->
ポイント制度をご利用になられる場合は、会員登録後ログインしていだだきますようお願い致します。<br />
<!--{/if}-->
@@ -62,11 +62,11 @@
<!--{/if}-->
<!--{if strlen($tpl_error) != 0}-->
- <p class="attention"><!--{$tpl_error|escape}--></p>
+ <p class="attention"><!--{$tpl_error|h}--></p>
<!--{/if}-->
<!--{if strlen($tpl_message) != 0}-->
- <p class="attention"><!--{$tpl_message|escape|nl2br}--></p>
+ <p class="attention"><!--{$tpl_message|h|nl2br}--></p>
<!--{/if}-->
<!--{if count($cartItems) > 0}-->
@@ -96,14 +96,14 @@
<td class="phototd">
<a
<!--{if $item.productsClass.main_image|strlen >= 1}-->
- href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$item.productsClass.main_image|sfNoImageMainList|escape}-->"
+ href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$item.productsClass.main_image|sfNoImageMainList|h}-->"
class="expansion"
target="_blank"
<!--{/if}-->
>
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$item.productsClass.main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$item.productsClass.name|escape}-->" /></a>
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$item.productsClass.main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$item.productsClass.name|h}-->" /></a>
</td>
- <td><!--{* 商品名 *}--><strong><!--{$item.productsClass.name|escape}--></strong><br />
+ <td><!--{* 商品名 *}--><strong><!--{$item.productsClass.name|h}--></strong><br />
<!--{if $item.productsClass.classcategory_name1 != ""}-->
<!--{$item.productsClass.class_name1}-->:<!--{$item.productsClass.classcategory_name1}--><br />
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/contact/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/contact/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/contact/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,12 +22,12 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_contact">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<div id="completetext">
お問い合わせ内容の送信が完了いたしました。<br />
万一、ご回答メールが届かない場合は、トラブルの可能性もありますので大変お手数ではございますがもう一度お問い合わせいただくか、お電話にてお問い合わせください。<br />
今後ともご愛顧賜りますようよろしくお願い申し上げます。
- <p><!--{$arrSiteInfo.company_name|escape}--><br />
+ <p><!--{$arrSiteInfo.company_name|h}--><br />
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}-->
<!--{if $arrSiteInfo.business_hour != ""}-->
(受付時間/<!--{$arrSiteInfo.business_hour}-->)
変更: branches/version-2_5-dev/data/Smarty/templates/default/contact/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/contact/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/contact/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,42 +22,42 @@
<div id="undercolumn">
<div id="undercolumn_contact">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記入力内容で送信してもよろしいでしょうか?<br />
よろしければ、一番下の「送信」ボタンをクリックしてください。</p>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete" />
<!--{foreach key=key item=item from=$arrForm}-->
<!--{if $key ne 'mode'}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<table summary="お問い合わせ内容確認">
<tr>
<th>お名前<span class="attention">※</span></th>
- <td><!--{$arrForm.name01|escape}--> <!--{$arrForm.name02|escape}--></td>
+ <td><!--{$arrForm.name01|h}--> <!--{$arrForm.name02|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)<span class="attention">※</span></th>
- <td><!--{$arrForm.kana01|escape}--> <!--{$arrForm.kana02|escape}--></td>
+ <td><!--{$arrForm.kana01|h}--> <!--{$arrForm.kana02|h}--></td>
</tr>
<tr>
<th>郵便番号</th>
<td>
<!--{if strlen($arrForm.zip01) > 0 && strlen($arrForm.zip02) > 0}-->
- 〒<!--{$arrForm.zip01|escape}-->-<!--{$arrForm.zip02|escape}-->
+ 〒<!--{$arrForm.zip01|h}-->-<!--{$arrForm.zip02|h}-->
<!--{/if}-->
</td>
</tr>
<tr>
<th>住所</th>
- <td><!--{$arrPref[$arrForm.pref]}--><!--{$arrForm.addr01|escape}--><!--{$arrForm.addr02|escape}--></td>
+ <td><!--{$arrPref[$arrForm.pref]}--><!--{$arrForm.addr01|h}--><!--{$arrForm.addr02|h}--></td>
</tr>
<tr>
<th>電話番号</th>
<td>
<!--{if strlen($arrForm.tel01) > 0 && strlen($arrForm.tel02) > 0 && strlen($arrForm.tel03) > 0}-->
- <!--{$arrForm.tel01|escape}-->-<!--{$arrForm.tel02|escape}-->-<!--{$arrForm.tel03|escape}-->
+ <!--{$arrForm.tel01|h}-->-<!--{$arrForm.tel02|h}-->-<!--{$arrForm.tel03|h}-->
<!--{/if}-->
</td>
</tr>
@@ -68,7 +68,7 @@
<tr>
<th>お問い合わせ内容<span class="attention">※</span><br />
<span class="mini">(全角1000字以下)</span></th>
- <td><!--{$arrForm.contents|escape|nl2br}--></td>
+ <td><!--{$arrForm.contents|h|nl2br}--></td>
</tr>
</table>
<div class="tblareabtn">
変更: branches/version-2_5-dev/data/Smarty/templates/default/contact/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/contact/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/contact/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,7 +22,7 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_contact">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>お問い合わせはメールにて承っています。<br />
内容によっては回答をさしあげるのにお時間をいただくこともございます。また、土日、祝祭日、年末年始、夏期休暇期間は翌営業日以降の対応となりますのでご了承ください。</p>
@@ -40,11 +40,11 @@
姓 <input type="text"
class="box120"
name="name01"
- value="<!--{$arrForm.name01|default:$arrData.name01|escape}-->"
+ value="<!--{$arrForm.name01|default:$arrData.name01|h}-->"
maxlength="<!--{$smarty.const.STEXT_LEN}-->"
style="<!--{$arrErr.name01|sfGetErrorColor}-->; ime-mode: active;" />
名 <input type="text" class="box120" name="name02"
- value="<!--{$arrForm.name02|default:$arrData.name02|escape}-->"
+ value="<!--{$arrForm.name02|default:$arrData.name02|h}-->"
maxlength="<!--{$smarty.const.STEXT_LEN}-->"
style="<!--{$arrErr.name02|sfGetErrorColor}-->; ime-mode: active;" />
</td>
@@ -56,13 +56,13 @@
セイ <input type="text"
class="box120"
name="kana01"
- value="<!--{$arrForm.kana01|default:$arrData.kana01|escape}-->"
+ value="<!--{$arrForm.kana01|default:$arrData.kana01|h}-->"
maxlength="<!--{$smarty.const.STEXT_LEN}-->"
style="<!--{$arrErr.kana01|sfGetErrorColor}-->; ime-mode: active;" />
メイ <input type="text"
class="box120"
name="kana02"
- value="<!--{$arrForm.kana02|default:$arrData.kana02|escape}-->"
+ value="<!--{$arrForm.kana02|default:$arrData.kana02|h}-->"
maxlength="<!--{$smarty.const.STEXT_LEN}-->"
style="<!--{$arrErr.kana02|sfGetErrorColor}-->; ime-mode: active;" />
</td>
@@ -76,13 +76,13 @@
<input type="text"
name="zip01"
class="box60"
- value="<!--{$arrForm.zip01|default:$arrData.zip01|escape}-->"
+ value="<!--{$arrForm.zip01|default:$arrData.zip01|h}-->"
maxlength="<!--{$smarty.const.ZIP01_LEN}-->"
style="<!--{$arrErr.zip01|sfGetErrorColor}-->; ime-mode: disabled;" /> -
<input type="text"
name="zip02"
class="box60"
- value="<!--{$arrForm.zip02|default:$arrData.zip02|escape}-->"
+ value="<!--{$arrForm.zip02|default:$arrData.zip02|h}-->"
maxlength="<!--{$smarty.const.ZIP02_LEN}-->"
style="<!--{$arrErr.zip02|sfGetErrorColor}-->; ime-mode: disabled;" />
<a href="http://search.post.japanpost.jp/zipcode/" target="_blank"><span class="fs12">郵便番号検索</span></a>
@@ -101,14 +101,14 @@
<select name="pref" style="<!--{$arrErr.pref|sfGetErrorColor}-->">
<option value="">都道府県を選択</option>
- <!--{html_options options=$arrPref selected=$arrForm.pref|default:$arrData.pref|escape}-->
+ <!--{html_options options=$arrPref selected=$arrForm.pref|default:$arrData.pref|h}-->
</select>
<p class="mini">
<input type="text"
class="box380"
name="addr01"
- value="<!--{$arrForm.addr01|default:$arrData.addr01|escape}-->"
+ value="<!--{$arrForm.addr01|default:$arrData.addr01|h}-->"
style="<!--{$arrErr.addr01|sfGetErrorColor}-->; ime-mode: active;" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}-->
</p>
@@ -117,7 +117,7 @@
<input type="text"
class="box380"
name="addr02"
- value="<!--{$arrForm.addr02|default:$arrData.addr02|escape}-->"
+ value="<!--{$arrForm.addr02|default:$arrData.addr02|h}-->"
style="<!--{$arrErr.addr02|sfGetErrorColor}-->; ime-mode: active;" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}-->
</p>
@@ -132,19 +132,19 @@
<input type="text"
class="box60"
name="tel01"
- value="<!--{$arrForm.tel01|default:$arrData.tel01|escape}-->"
+ value="<!--{$arrForm.tel01|default:$arrData.tel01|h}-->"
maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->"
style="<!--{$arrErr.tel01|sfGetErrorColor}-->; ime-mode: disabled;" /> -
<input type="text"
class="box60"
name="tel02"
- value="<!--{$arrForm.tel02|default:$arrData.tel02|escape}-->"
+ value="<!--{$arrForm.tel02|default:$arrData.tel02|h}-->"
maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->"
style="<!--{$arrErr.tel02|sfGetErrorColor}-->; ime-mode: disabled;" /> -
<input type="text"
class="box60"
name="tel03"
- value="<!--{$arrForm.tel03|default:$arrData.tel03|escape}-->"
+ value="<!--{$arrForm.tel03|default:$arrData.tel03|h}-->"
maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->"
style="<!--{$arrErr.tel03|sfGetErrorColor}-->; ime-mode: disabled;" />
</td>
@@ -156,7 +156,7 @@
<input type="text"
class="box380"
name="email"
- value="<!--{$arrForm.email|default:$arrData.email|escape}-->"
+ value="<!--{$arrForm.email|default:$arrData.email|h}-->"
maxlength="<!--{$smarty.const.MTEXT_LEN}-->"
style="<!--{$arrErr.email|sfGetErrorColor}-->; ime-mode: disabled;" /><br />
<!--{* ログインしていれば入力済みにする *}-->
@@ -166,7 +166,7 @@
<input type="text"
class="box380"
name="email02"
- value="<!--{$arrForm.email02|escape}-->"
+ value="<!--{$arrForm.email02|h}-->"
maxlength="<!--{$smarty.const.MTEXT_LEN}-->"
style="<!--{$arrErr.email02|sfGetErrorColor}-->; ime-mode: disabled;" /><br />
<p class="mini"><em>確認のため2度入力してください。</em></p>
@@ -181,7 +181,7 @@
class="area380"
cols="60"
rows="20"
- style="<!--{$arrErr.contents|sfGetErrorColor}-->; ime-mode: active;"><!--{$arrForm.contents|escape}--></textarea>
+ style="<!--{$arrErr.contents|sfGetErrorColor}-->; ime-mode: active;"><!--{$arrForm.contents|h}--></textarea>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/default/entry/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/entry/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/entry/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,14 +22,14 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<div id="completetext">
<em>会員登録の受付が完了いたしました。</em>
<p>現在<em>仮会員</em>の状態です。<br />
ご入力いただいたメールアドレス宛てに、ご連絡が届いておりますので、本会員登録になった上でお買い物をお楽しみください。<br />
今後ともご愛顧賜りますようよろしくお願い申し上げます。</p>
- <p><!--{$arrSiteInfo.company_name|escape}--><br />
+ <p><!--{$arrSiteInfo.company_name|h}--><br />
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}--> <!--{if $arrSiteInfo.business_hour != ""}-->(受付時間/<!--{$arrSiteInfo.business_hour}-->)<!--{/if}--><br />
E-mail:<a href="mailto:<!--{$arrSiteInfo.email02|escape:'hex'}-->"><!--{$arrSiteInfo.email02|escape:'hexentity'}--></a>
</p>
変更: branches/version-2_5-dev/data/Smarty/templates/default/entry/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/entry/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/entry/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,13 +22,13 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記の内容で送信してもよろしいでしょうか?<br />
よろしければ、一番下の「会員登録完了へ」ボタンをクリックしてください。</p>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
@@ -36,40 +36,40 @@
<tr>
<th>お名前<span class="attention">※</span></th>
<td>
- <!--{$list_data.name01|escape}-->
- <!--{$list_data.name02|escape}-->
+ <!--{$list_data.name01|h}-->
+ <!--{$list_data.name02|h}-->
</td>
</tr>
<tr>
<th>お名前(フリガナ)<span class="attention">※</span></th>
<td>
- <!--{$list_data.kana01|escape}-->
- <!--{$list_data.kana02|escape}-->
+ <!--{$list_data.kana01|h}-->
+ <!--{$list_data.kana02|h}-->
</td>
</tr>
<tr>
<th>郵便番号<span class="attention">※</span></th>
<td>
- 〒<!--{$list_data.zip01|escape}--> - <!--{$list_data.zip02|escape}-->
+ 〒<!--{$list_data.zip01|h}--> - <!--{$list_data.zip02|h}-->
</td>
</tr>
<tr>
<th>住所<span class="attention">※</span></th>
<td>
- <!--{$arrPref[$list_data.pref]|escape}--><!--{$list_data.addr01|escape}--><!--{$list_data.addr02|escape}-->
+ <!--{$arrPref[$list_data.pref]|h}--><!--{$list_data.addr01|h}--><!--{$list_data.addr02|h}-->
</td>
</tr>
<tr>
<th>電話番号<span class="attention">※</span></th>
<td>
- <!--{$list_data.tel01|escape}--> - <!--{$list_data.tel02|escape}--> - <!--{$list_data.tel03|escape}-->
+ <!--{$list_data.tel01|h}--> - <!--{$list_data.tel02|h}--> - <!--{$list_data.tel03|h}-->
</td>
</tr>
<tr>
<th>FAX</th>
<td>
<!--{if strlen($list_data.fax01) > 0 && strlen($list_data.fax02) > 0 && strlen($list_data.fax03) > 0}-->
- <!--{$list_data.fax01|escape}--> - <!--{$list_data.fax02|escape}--> - <!--{$list_data.fax03|escape}-->
+ <!--{$list_data.fax01|h}--> - <!--{$list_data.fax02|h}--> - <!--{$list_data.fax03|h}-->
<!--{else}-->
未登録
<!--{/if}-->
@@ -93,13 +93,13 @@
</tr>
<tr>
<th>職業</th>
- <td><!--{$arrJob[$list_data.job]|escape|default:"未登録"}--></td>
+ <td><!--{$arrJob[$list_data.job]|default:"未登録"|h}--></td>
</tr>
<tr>
<th>生年月日</th>
<td>
<!--{if strlen($list_data.year) > 0 && strlen($list_data.month) > 0 && strlen($list_data.day) > 0}-->
- <!--{$list_data.year|escape}-->年<!--{$list_data.month|escape}-->月<!--{$list_data.day|escape}-->日
+ <!--{$list_data.year|h}-->年<!--{$list_data.month|h}-->月<!--{$list_data.day|h}-->日
<!--{else}-->
未登録
<!--{/if}-->
@@ -113,8 +113,8 @@
<tr>
<th>パスワードを忘れた時のヒント<span class="attention">※</span></th>
<td>
- 質問:<!--{$arrReminder[$list_data.reminder]|escape}--><br />
- 答え:<!--{$list_data.reminder_answer|escape}-->
+ 質問:<!--{$arrReminder[$list_data.reminder]|h}--><br />
+ 答え:<!--{$list_data.reminder_answer|h}-->
</td>
</tr>
<tr>
変更: branches/version-2_5-dev/data/Smarty/templates/default/entry/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/entry/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/entry/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,7 +22,7 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{if $smarty.const.CUSTOMER_CONFIRM_MAIL}-->
<p>ご登録されますと、まずは仮会員となります。<br />
入力されたメールアドレスに、ご連絡が届きますので、本会員になった上でお買い物をお楽しみください。</p>
変更: branches/version-2_5-dev/data/Smarty/templates/default/entry/kiyaku.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/entry/kiyaku.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/entry/kiyaku.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -21,7 +21,7 @@
*}-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p><em>【重要】 会員登録をされる前に、下記ご利用規約をよくお読みください。</em><br />
規約には、本サービスを使用するに当たってのあなたの権利と義務が規定されております。<br />
「規約に同意して会員登録」ボタン をクリックすると、あなたが本規約の全ての条件に同意したことになります。</p>
変更: branches/version-2_5-dev/data/Smarty/templates/default/footer.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/footer.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/footer.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,7 +26,7 @@
<!--{if $smarty.const.RELEASE_YEAR != $smarty.now|date_format:"%Y"}-->
<!--{$smarty.const.RELEASE_YEAR}-->-
<!--{/if}-->
- <!--{$smarty.now|date_format:"%Y"}--> <!--{$arrSiteInfo.shop_name_eng|default:$arrSiteInfo.shop_name|escape}--> All rights reserved.
+ <!--{$smarty.now|date_format:"%Y"}--> <!--{$arrSiteInfo.shop_name_eng|default:$arrSiteInfo.shop_name|h}--> All rights reserved.
</div>
<!--{/strip}-->
<!--▲FOOTER-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/forgot/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/forgot/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/forgot/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -28,7 +28,7 @@
<form action="?" method="post" name="form1">
<input type="hidden" name="mode" value="mail_check" />
<div id="completebox">
- <p>メールアドレス: <!--★メールアドレス入力★--><input type="text" name="email" value="<!--{$tpl_login_email|escape}-->" size="40" class="box300" style="<!--{$errmsg|sfGetErrorColor}-->; ime-mode: disabled;" /></p>
+ <p>メールアドレス: <!--★メールアドレス入力★--><input type="text" name="email" value="<!--{$tpl_login_email|h}-->" size="40" class="box300" style="<!--{$errmsg|sfGetErrorColor}-->; ime-mode: disabled;" /></p>
<span class="attention"><!--{$errmsg}--></span>
</div>
<div class="btn">
変更: branches/version-2_5-dev/data/Smarty/templates/default/frontparts/form_personal_input.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/frontparts/form_personal_input.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/frontparts/form_personal_input.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -29,8 +29,8 @@
<!--{if $arrErr[$key1] || $arrErr[$key2]}-->
<div class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></div>
<!--{/if}-->
- 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
- 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -41,8 +41,8 @@
<!--{if $arrErr[$key1] || $arrErr[$key2]}-->
<div class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></div>
<!--{/if}-->
- セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
- メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -56,7 +56,7 @@
<!--{if $arrErr[$key1] || $arrErr[$key2]}-->
<div class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></div>
<!--{/if}-->
- 〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|escape}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|escape}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
+ 〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|h}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|h}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
<a href="http://search.post.japanpost.jp/zipcode/" target="_blank"><span class="fs12">郵便番号検索</span></a>
<p class="zipimg"><a href="<!--{$smarty.const.URL_DIR}-->input_zip.php" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', '<!--{$key1}-->', '<!--{$key2}-->', '<!--{$key3}-->', '<!--{$key4}-->'); return false;" target="_blank"><img src="<!--{$TPL_DIR}-->img/button/btn_address_input.gif" width="86" height="20" alt="住所自動入力" /></a>
<span class="mini"> 郵便番号を入力後、クリックしてください。</span></p>
@@ -72,9 +72,9 @@
<option value="" selected="selected">都道府県を選択</option>
<!--{html_options options=$arrPref selected=$arrForm[$key3]}-->
</select>
- <p class="mini"><input type="text" name="<!--{$key4}-->" value="<!--{$arrForm[$key4]|escape}-->" size="60" class="box300" style="<!--{$arrErr[$key4]|sfGetErrorColor}-->; ime-mode: active;" /><br />
+ <p class="mini"><input type="text" name="<!--{$key4}-->" value="<!--{$arrForm[$key4]|h}-->" size="60" class="box300" style="<!--{$arrErr[$key4]|sfGetErrorColor}-->; ime-mode: active;" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}--></p>
- <p class="mini"><input type="text" name="<!--{$key5}-->" value="<!--{$arrForm[$key5]|escape}-->" size="60" class="box300" style="<!--{$arrErr[$key5]|sfGetErrorColor}-->; ime-mode: active;" /><br />
+ <p class="mini"><input type="text" name="<!--{$key5}-->" value="<!--{$arrForm[$key5]|h}-->" size="60" class="box300" style="<!--{$arrErr[$key5]|sfGetErrorColor}-->; ime-mode: active;" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}--></p>
<p class="mini"><em>住所は2つに分けてご記入ください。マンション名は必ず記入してください。</em></p>
</td>
@@ -88,7 +88,7 @@
<!--{if $arrErr[$key1] || $arrErr[$key2] || $arrErr[$key3]}-->
<div class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--><!--{$arrErr[$key3]}--></div>
<!--{/if}-->
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" /> - <input type="text" name="<!--{$key3}-->" value="<!--{$arrForm[$key3]|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" /> - <input type="text" name="<!--{$key3}-->" value="<!--{$arrForm[$key3]|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" />
</td>
</tr>
<!--{if $flgFields > 1}-->
@@ -101,7 +101,7 @@
<!--{if $arrErr[$key1] || $arrErr[$key2] || $arrErr[$key3]}-->
<div class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--><!--{$arrErr[$key3]}--></div>
<!--{/if}-->
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" /> - <input type="text" name="<!--{$key3}-->" value="<!--{$arrForm[$key3]|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" /> - <input type="text" name="<!--{$key3}-->" value="<!--{$arrForm[$key3]|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" size="6" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" class="box60" />
</td>
</tr>
<tr>
@@ -112,8 +112,8 @@
<!--{if $arrErr[$key1] || $arrErr[$key2]}-->
<div class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></div>
<!--{/if}-->
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|escape}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="40" class="box300" /><br />
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|escape}-->" style="<!--{$arrErr[$key1]|cat:$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="40" class="box300" /><br />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|h}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="40" class="box300" /><br />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|h}-->" style="<!--{$arrErr[$key1]|cat:$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="40" class="box300" /><br />
<p class="mini"><em>確認のため2度入力してください。</em></p>
</td>
</tr>
@@ -126,8 +126,8 @@
<!--{if $arrErr[$key1] || $arrErr[$key2]}-->
<div class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></div>
<!--{/if}-->
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|escape}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="40" class="box300" /><br />
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|escape}-->" style="<!--{$arrErr[$key1]|cat:$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="40" class="box300" /><br />
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1]|h}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="40" class="box300" /><br />
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2]|h}-->" style="<!--{$arrErr[$key1]|cat:$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" size="40" class="box300" /><br />
<p class="mini"><em>確認のため2度入力してください。</em></p>
</td>
</tr>
@@ -184,9 +184,9 @@
<!--{if $arrErr.password || $arrErr.password02}-->
<div class="attention"><!--{$arrErr.password}--><!--{$arrErr.password02}--></div>
<!--{/if}-->
- <input type="password" name="password" value="<!--{$arrForm.password|escape}-->" maxlength="<!--{$smarty.const.PASSWORD_LEN2}-->" style="<!--{$arrErr.password|sfGetErrorColor}-->" size="15" class="box120" />
+ <input type="password" name="password" value="<!--{$arrForm.password|h}-->" maxlength="<!--{$smarty.const.PASSWORD_LEN2}-->" style="<!--{$arrErr.password|sfGetErrorColor}-->" size="15" class="box120" />
<p><em>半角英数字<!--{$smarty.const.PASSWORD_LEN1}-->〜<!--{$smarty.const.PASSWORD_LEN2}-->文字でお願いします。(記号不可)</em></p>
- <input type="password" name="password02" value="<!--{$arrForm.password02|escape}-->" maxlength="<!--{$smarty.const.PASSWORD_LEN2}-->" style="<!--{$arrErr.password|cat:$arrErr.password02|sfGetErrorColor}-->" size="15" class="box120" />
+ <input type="password" name="password02" value="<!--{$arrForm.password02|h}-->" maxlength="<!--{$smarty.const.PASSWORD_LEN2}-->" style="<!--{$arrErr.password|cat:$arrErr.password02|sfGetErrorColor}-->" size="15" class="box120" />
<p><em>確認のために2度入力してください。</em></p>
</td>
</tr>
@@ -202,7 +202,7 @@
<!--{html_options options=$arrReminder selected=$arrForm.reminder}-->
</select>
<br />
- 答え:<input type="text" name="reminder_answer" value="<!--{$arrForm.reminder_answer|escape}-->" style="<!--{$arrErr.reminder_answer|sfGetErrorColor}-->; ime-mode: active;" size="40" class="box260" />
+ 答え:<input type="text" name="reminder_answer" value="<!--{$arrForm.reminder_answer|h}-->" style="<!--{$arrErr.reminder_answer|sfGetErrorColor}-->; ime-mode: active;" size="40" class="box260" />
</td>
</tr>
<tr>
変更: branches/version-2_5-dev/data/Smarty/templates/default/header.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/header.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/header.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
<div id="header">
<h1>
<a href="<!--{$smarty.const.URL_SITE_TOP}-->">
- <em><!--{$arrSiteInfo.shop_name|escape}-->/<!--{$tpl_title|escape}--></em></a>
+ <em><!--{$arrSiteInfo.shop_name|h}-->/<!--{$tpl_title|h}--></em></a>
</h1>
<!--{* ▼HeaderInternal COLUMN*}-->
<!--{if $arrPageLayout.HeaderInternalNavi|@count > 0}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/change.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/change.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/change.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,16 +23,16 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<p>下記項目にご入力ください。「<span class="attention">※</span>」印は入力必須項目です。<br />
入力後、一番下の「確認ページへ」ボタンをクリックしてください。</p>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="confirm" />
- <input type="hidden" name="customer_id" value="<!--{$arrForm.customer_id|escape}-->" />
+ <input type="hidden" name="customer_id" value="<!--{$arrForm.customer_id|h}-->" />
<table summary="会員登録内容変更 " class="delivname">
<!--{include file="`$smarty.const.TEMPLATE_DIR`frontparts/form_personal_input.tpl" flgFields=3 emailMobile=true prefix=""}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/change_complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/change_complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/change_complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,10 +23,10 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<div id="completetext">
<p class="changetext">会員登録内容の変更が完了いたしました。<br />
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/change_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/change_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/change_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,30 +23,30 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<p>下記の内容で送信してもよろしいでしょうか?<br />
よろしければ、一番下の「会員登録完了へ」ボタンをクリックしてください。</p>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete" />
- <input type="hidden" name="customer_id" value="<!--{$arrForm.customer_id|escape}-->" />
+ <input type="hidden" name="customer_id" value="<!--{$arrForm.customer_id|h}-->" />
<!--{foreach from=$arrForm key=key item=item}-->
<!--{if $key ne "mode" && $key ne "subm"}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<table summary=" " class="delivname">
<tr>
<th>お名前<span class="attention">※</span></th>
- <td><!--{$arrForm.name01|escape}--> <!--{$arrForm.name02|escape}--></td>
+ <td><!--{$arrForm.name01|h}--> <!--{$arrForm.name02|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)<span class="attention">※</span></th>
- <td><!--{$arrForm.kana01|escape}--> <!--{$arrForm.kana02|escape}--></td>
+ <td><!--{$arrForm.kana01|h}--> <!--{$arrForm.kana02|h}--></td>
</tr>
<tr>
<th>郵便番号<span class="attention">※</span></th>
@@ -54,11 +54,11 @@
</tr>
<tr>
<th>住所<span class="attention">※</span></th>
- <td><!--{$arrPref[$arrForm.pref]}--><!--{$arrForm.addr01|escape}--><!--{$arrForm.addr02|escape}--></td>
+ <td><!--{$arrPref[$arrForm.pref]}--><!--{$arrForm.addr01|h}--><!--{$arrForm.addr02|h}--></td>
</tr>
<tr>
<th>電話番号<span class="attention">※</span></th>
- <td><!--{$arrForm.tel01|escape}-->-<!--{$arrForm.tel02}-->-<!--{$arrForm.tel03}--></td>
+ <td><!--{$arrForm.tel01|h}-->-<!--{$arrForm.tel02}-->-<!--{$arrForm.tel03}--></td>
</tr>
<tr>
<th>FAX</th>
@@ -84,11 +84,11 @@
</tr>
<tr>
<th>職業</th>
- <td><!--{$arrJob[$arrForm.job]|escape|default:"未登録"}--></td>
+ <td><!--{$arrJob[$arrForm.job]|default:"未登録"|h}--></td>
</tr>
<tr>
<th>生年月日</th>
- <td><!--{if strlen($arrForm.year) > 0 && strlen($arrForm.month) > 0 && strlen($arrForm.day) > 0}--><!--{$arrForm.year|escape}-->年<!--{$arrForm.month|escape}-->月<!--{$arrForm.day|escape}-->日<!--{else}-->未登録<!--{/if}--></td>
+ <td><!--{if strlen($arrForm.year) > 0 && strlen($arrForm.month) > 0 && strlen($arrForm.day) > 0}--><!--{$arrForm.year|h}-->年<!--{$arrForm.month|h}-->月<!--{$arrForm.day|h}-->日<!--{else}-->未登録<!--{/if}--></td>
</tr>
<tr>
<th>希望するパスワード<br />
@@ -97,8 +97,8 @@
</tr>
<tr>
<th>パスワードを忘れた時のヒント<span class="attention">※</span></th>
- <td>質問: <!--{$arrReminder[$arrForm.reminder]|escape}--><br />
- 答え: <!--{$arrForm.reminder_answer|escape}--></td>
+ <td>質問: <!--{$arrReminder[$arrForm.reminder]|h}--><br />
+ 答え: <!--{$arrForm.reminder_answer|h}--></td>
</tr>
<tr>
<th>メールマガジン送付について<span class="attention">※</span></th>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/delivery.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/delivery.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/delivery.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,12 +23,12 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<p>登録住所以外への住所へ送付される場合等にご利用いただくことができます。</p>
- <p>※最大<!--{$smarty.const.DELIV_ADDR_MAX|escape}-->件まで登録できます。</p>
+ <p>※最大<!--{$smarty.const.DELIV_ADDR_MAX|h}-->件まで登録できます。</p>
<!--{if $tpl_linemax < $smarty.const.DELIV_ADDR_MAX}-->
<!--{* 退会時非表示 *}-->
@@ -56,8 +56,8 @@
<td><label for="add<!--{$smarty.section.cnt.iteration}-->">お届け先住所</label></td>
<td>
〒<!--{$arrOtherDeliv[cnt].zip01}-->-<!--{$arrOtherDeliv[cnt].zip02}--><br />
- <!--{$arrPref[$OtherPref]|escape}--><!--{$arrOtherDeliv[cnt].addr01|escape}--><!--{$arrOtherDeliv[cnt].addr02|escape}--><br />
- <!--{$arrOtherDeliv[cnt].name01|escape}--> <!--{$arrOtherDeliv[cnt].name02|escape}-->
+ <!--{$arrPref[$OtherPref]|h}--><!--{$arrOtherDeliv[cnt].addr01|h}--><!--{$arrOtherDeliv[cnt].addr02|h}--><br />
+ <!--{$arrOtherDeliv[cnt].name01|h}--> <!--{$arrOtherDeliv[cnt].name02|h}-->
</td>
<td class="centertd">
<a href="./delivery_addr.php" onclick="win02('./delivery_addr.php?other_deliv_id=<!--{$arrOtherDeliv[cnt].other_deliv_id}-->','deliv_disp','600','640'); return false;">変更</a>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/delivery_addr.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/delivery_addr.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/delivery_addr.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<!--{include file="`$smarty.const.TEMPLATE_DIR`popup_header.tpl" subtitle="新しいお届け先の追加・変更"}-->
<div id="windowarea">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記項目にご入力ください。「<span class="attention">※</span>」印は入力必須項目です。</p>
<p>入力後、一番下の「登録する」ボタンをクリックしてください。</p>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/favorite.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/favorite.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/favorite.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,7 +22,7 @@
*/
*}-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{if $tpl_navi != ""}-->
<!--{include file=$tpl_navi}-->
<!--{else}-->
@@ -33,7 +33,7 @@
<form name="form1" method="post" action="?">
<input type="hidden" name="order_id" value="" />
<input type="hidden" name="pageno" value="<!--{$tpl_pageno}-->" />
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<!--{if $tpl_linemax > 0}-->
@@ -57,9 +57,9 @@
<!--{section name=cnt loop=$arrFavorite}-->
<!--{assign var=product_id value="`$arrFavorite[cnt].product_id`"}-->
<tr>
- <td><a href="javascript:fnModeSubmit('delete_favorite','product_id','<!--{$product_id|escape}-->');">削除</a></td>
- <td><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$product_id|escape:url}-->"><img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrFavorite[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65"></a></td>
- <td><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$product_id|escape:url}-->"><!--{$arrFavorite[cnt].name}--></a></td>
+ <td><a href="javascript:fnModeSubmit('delete_favorite','product_id','<!--{$product_id|h}-->');">削除</a></td>
+ <td><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$product_id|u}-->"><img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrFavorite[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65"></a></td>
+ <td><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$product_id|u}-->"><!--{$arrFavorite[cnt].name}--></a></td>
<td class="right sale_price">
<span class="price">
<!--{if $arrFavorite[cnt].price02_min == $arrFavorite[cnt].price02_max}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/history.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/history.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/history.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,19 +23,19 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<p class="myconditionarea">
<strong>購入日時: </strong><!--{$arrDisp.create_date|sfDispDBDate}--><br />
<strong>注文番号: </strong><!--{$arrDisp.order_id}--><br />
- <strong>お支払い方法: </strong><!--{$arrPayment[$arrDisp.payment_id]|escape}-->
+ <strong>お支払い方法: </strong><!--{$arrPayment[$arrDisp.payment_id]|h}-->
<!--{if $arrDisp.deliv_time_id != ""}--><br />
- <strong>お届け時間: </strong><!--{$arrDelivTime[$arrDisp.deliv_time_id]|escape}-->
+ <strong>お届け時間: </strong><!--{$arrDelivTime[$arrDisp.deliv_time_id]|h}-->
<!--{/if}-->
<!--{if $arrDisp.deliv_date != ""}--><br />
- <strong>お届け日: </strong><!--{$arrDisp.deliv_date|escape}-->
+ <strong>お届け日: </strong><!--{$arrDisp.deliv_date|h}-->
<!--{/if}-->
</p>
@@ -57,8 +57,8 @@
</tr>
<!--{foreach from=$tpl_arrOrderDetail item=orderDetail}-->
<tr>
- <td><!--{$orderDetail.product_code|escape}--></td>
- <td><a<!--{if $orderDetail.enable}--> href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$orderDetail.product_id|escape:url}-->"<!--{/if}-->><!--{$orderDetail.product_name|escape}--></a></td>
+ <td><!--{$orderDetail.product_code|h}--></td>
+ <td><a<!--{if $orderDetail.enable}--> href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$orderDetail.product_id|u}-->"<!--{/if}-->><!--{$orderDetail.product_name|h}--></a></td>
<td>
<!--{ if $orderDetail.product_type_id == PRODUCT_TYPE_DOWNLOAD}-->
<!--{ if $orderDetail.price == "0" || ( $orderDetail.status >= "4" && $orderDetail.effective == "1" )}-->
@@ -74,8 +74,8 @@
</td>
<!--{assign var=price value=`$orderDetail.price`}-->
<!--{assign var=quantity value=`$orderDetail.quantity`}-->
- <td class="pricetd"><!--{$price|escape|number_format}-->円</td>
- <td><!--{$quantity|escape}--></td>
+ <td class="pricetd"><!--{$price|number_format|h}-->円</td>
+ <td><!--{$quantity|h}--></td>
<td class="pricetd"><!--{$price|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|sfMultiply:$quantity|number_format}-->円</td>
</tr>
<!--{/foreach}-->
@@ -99,12 +99,12 @@
<!--{/if}-->
<tr>
<th colspan="5" class="resulttd">送料</th>
- <td class="pricetd"><!--{assign var=key value="deliv_fee"}--><!--{$arrDisp[$key]|escape|number_format}-->円</td>
+ <td class="pricetd"><!--{assign var=key value="deliv_fee"}--><!--{$arrDisp[$key]|number_format|h}-->円</td>
</tr>
<tr>
<th colspan="5" class="resulttd">手数料</th>
<!--{assign var=key value="charge"}-->
- <td class="pricetd"><!--{$arrDisp[$key]|escape|number_format}-->円</td>
+ <td class="pricetd"><!--{$arrDisp[$key]|number_format|h}-->円</td>
</tr>
<tr>
<th colspan="5" class="resulttd">合計</th>
@@ -138,13 +138,13 @@
<th>お名前</th>
<!--{assign var=key1 value="deliv_name01"}-->
<!--{assign var=key2 value="deliv_name02"}-->
- <td><!--{$arrDisp[$key1]|escape}--> <!--{$arrDisp[$key2]|escape}--></td>
+ <td><!--{$arrDisp[$key1]|h}--> <!--{$arrDisp[$key2]|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)</th>
<!--{assign var=key1 value="deliv_kana01"}-->
<!--{assign var=key2 value="deliv_kana02"}-->
- <td><!--{$arrDisp[$key1]|escape}--> <!--{$arrDisp[$key2]|escape}--></td>
+ <td><!--{$arrDisp[$key1]|h}--> <!--{$arrDisp[$key2]|h}--></td>
</tr>
<tr>
<th>郵便番号</th>
@@ -156,7 +156,7 @@
<th>住所</th>
<!--{assign var=pref value=`$arrDisp.deliv_pref`}-->
<!--{assign var=key value="deliv_addr01"}-->
- <td><!--{$arrPref[$pref]}--><!--{$arrDisp[$key]|escape}--><!--{assign var=key value="deliv_addr02"}--><!--{$arrDisp[$key]|escape}--></td>
+ <td><!--{$arrPref[$pref]}--><!--{$arrDisp[$key]|h}--><!--{assign var=key value="deliv_addr02"}--><!--{$arrDisp[$key]|h}--></td>
</tr>
<tr>
<th>電話番号</th>
@@ -179,10 +179,10 @@
</tr>
<!--{section name=cnt loop=$arrMailHistory}-->
<tr class="center">
- <td><!--{$arrMailHistory[cnt].send_date|sfDispDBDate|escape}--></td>
+ <td><!--{$arrMailHistory[cnt].send_date|sfDispDBDate|h}--></td>
<!--{assign var=key value="`$arrMailHistory[cnt].template_id`"}-->
- <td><!--{$arrMAILTEMPLATE[$key]|escape}--></td>
- <td><a href="<!--{$smarty.server.PHP_SELF|escape}-->" onclick="win02('./mail_view.php?send_id=<!--{$arrMailHistory[cnt].send_id}-->','mail_view','650','800'); return false;"><!--{$arrMailHistory[cnt].subject|escape}--></a></td>
+ <td><!--{$arrMAILTEMPLATE[$key]|h}--></td>
+ <td><a href="<!--{$smarty.server.PHP_SELF|h}-->" onclick="win02('./mail_view.php?send_id=<!--{$arrMailHistory[cnt].send_id}-->','mail_view','650','800'); return false;"><!--{$arrMailHistory[cnt].subject|h}--></a></td>
</tr>
<!--{/section}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{if $tpl_navi != ""}-->
<!--{include file=$tpl_navi}-->
<!--{else}-->
@@ -33,7 +33,7 @@
<form name="form1" method="post" action="?">
<input type="hidden" name="order_id" value="" />
<input type="hidden" name="pageno" value="<!--{$tpl_pageno}-->" />
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<!--{if $tpl_linemax > 0}-->
@@ -57,7 +57,7 @@
<td><!--{$arrOrder[cnt].create_date|sfDispDBDate}--></td>
<td><!--{$arrOrder[cnt].order_id}--></td>
<!--{assign var=payment_id value="`$arrOrder[cnt].payment_id`"}-->
- <td><!--{$arrPayment[$payment_id]|escape}--></td>
+ <td><!--{$arrPayment[$payment_id]|h}--></td>
<td class="pricetd"><!--{$arrOrder[cnt].payment_total|number_format}-->円</td>
<td class="centertd"><a href="<!--{$smarty.const.URL_DIR}-->mypage/history.php?order_id=<!--{$arrOrder[cnt].order_id}-->">詳細</a></td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/login.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/login.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/login.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<!--▼CONTENTS-->
<div id="under02column">
<div id="under02column_login">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<form name="login_mypage" id="login_mypage" method="post" action="./login_check.php" onsubmit="return fnCheckLogin('login_mypage')">
<input type="hidden" name="mode" value="login" />
<div class="loginarea">
@@ -35,7 +35,7 @@
<span class="attention"><!--{$arrErr[$key]}--></span>
<p>メールアドレス:
<input type="text" name="<!--{$key}-->"
- value="<!--{$tpl_login_email|escape}-->"
+ value="<!--{$tpl_login_email|h}-->"
maxlength="<!--{$arrForm[$key].length}-->"
style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: disabled;"
size="40" class="box300" />
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/mail_view.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/mail_view.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/mail_view.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -3,11 +3,11 @@
<table class="form">
<tr>
<th>件名</th>
- <td><!--{$tpl_subject|escape}--></td>
+ <td><!--{$tpl_subject|h}--></td>
</tr>
<tr>
<th>本文</th>
- <td><!--{$tpl_body|escape|nl2br}--></td>
+ <td><!--{$tpl_body|h|nl2br}--></td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/navi.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/navi.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/navi.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -62,9 +62,9 @@
<!--{if $point_disp !== false}-->
<ul>
<li>ようこそ <br />
- <!--{$CustomerName1|escape}--> <!--{$CustomerName2|escape}-->様
+ <!--{$CustomerName1|h}--> <!--{$CustomerName2|h}-->様
<!--{if $smarty.const.USE_POINT !== false}-->
- <br />現在の所持ポイントは<em><!--{$CustomerPoint|number_format|escape|default:"0"}-->pt</em>です。
+ <br />現在の所持ポイントは<em><!--{$CustomerPoint|number_format|default:"0"|h}-->pt</em>です。
<!--{/if}-->
</li>
</ul>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,10 +23,10 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<form name="form1" method="post" action="?">
<input type="hidden" name="mode" value="confirm" />
<div id="completetext">
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal_complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal_complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal_complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,15 +23,15 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file = $tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<div id="completetext">
<p class="changetext">退会手続きが完了いたしました。<br />
MYページをご利用いただき誠にありがとうございました。<br />
またのご利用を心よりお待ち申し上げます。<br />
- <!--{$arrSiteInfo.company_name|escape}--><br />
+ <!--{$arrSiteInfo.company_name|h}--><br />
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}--> <!--{if $arrSiteInfo.business_hour != ""}-->(受付時間/<!--{$arrSiteInfo.business_hour}-->)<!--{/if}--><br />
E-mail:<a href="mailto:<!--{$arrSiteInfo.email02|escape:'hex'}-->"><!--{$arrSiteInfo.email02|escape:'hexentity'}--></a></p>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/mypage/refusal_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,13 +23,13 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<form name="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete" />
<input type="hidden" name="uniqid" value="<!--{$tpl_uniqid}-->" />
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<div id="completetext">
<p>退会手続きを実行してもよろしいでしょうか?</p>
<div class="tblareabtn">
変更: branches/version-2_5-dev/data/Smarty/templates/default/order/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/order/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/order/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,27 +22,27 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_order">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<table summary="特定商取引に関する法律に基づく表記">
<tr>
<th>販売業者</th>
- <td><!--{$arrRet.law_company|escape}--></td>
+ <td><!--{$arrRet.law_company|h}--></td>
</tr>
<tr>
<th>運営責任者</th>
- <td><!--{$arrRet.law_manager|escape}--></td>
+ <td><!--{$arrRet.law_manager|h}--></td>
</tr>
<tr>
<th>住所</th>
- <td>〒<!--{$arrRet.law_zip01|escape}-->-<!--{$arrRet.law_zip02|escape}--><br /><!--{$arrPref[$arrRet.law_pref]|escape}--><!--{$arrRet.law_addr01|escape}--><!--{$arrRet.law_addr02|escape}--></td>
+ <td>〒<!--{$arrRet.law_zip01|h}-->-<!--{$arrRet.law_zip02|h}--><br /><!--{$arrPref[$arrRet.law_pref]|h}--><!--{$arrRet.law_addr01|h}--><!--{$arrRet.law_addr02|h}--></td>
</tr>
<tr>
<th>電話番号</th>
- <td><!--{$arrRet.law_tel01|escape}-->-<!--{$arrRet.law_tel02|escape}-->-<!--{$arrRet.law_tel03|escape}--></td>
+ <td><!--{$arrRet.law_tel01|h}-->-<!--{$arrRet.law_tel02|h}-->-<!--{$arrRet.law_tel03|h}--></td>
</tr>
<tr>
<th>FAX番号</th>
- <td><!--{$arrRet.law_fax01|escape}-->-<!--{$arrRet.law_fax02|escape}-->-<!--{$arrRet.law_fax03|escape}--></td>
+ <td><!--{$arrRet.law_fax01|h}-->-<!--{$arrRet.law_fax02|h}-->-<!--{$arrRet.law_fax03|h}--></td>
</tr>
<tr>
<th>メールアドレス</th>
@@ -50,31 +50,31 @@
</tr>
<tr>
<th>URL</th>
- <td><a href="<!--{$arrRet.law_url|escape}-->"><!--{$arrRet.law_url|escape}--></a></td>
+ <td><a href="<!--{$arrRet.law_url|h}-->"><!--{$arrRet.law_url|h}--></a></td>
</tr>
<tr>
<th>商品以外の必要代金</th>
- <td><!--{$arrRet.law_term01|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term01|h|nl2br}--></td>
</tr>
<tr>
<th>注文方法</th>
- <td><!--{$arrRet.law_term02|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term02|h|nl2br}--></td>
</tr>
<tr>
<th>支払方法</th>
- <td><!--{$arrRet.law_term03|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term03|h|nl2br}--></td>
</tr>
<tr>
<th>支払期限</th>
- <td><!--{$arrRet.law_term04|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term04|h|nl2br}--></td>
</tr>
<tr>
<th>引渡し時期</th>
- <td><!--{$arrRet.law_term05|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term05|h|nl2br}--></td>
</tr>
<tr>
<th>返品・交換について</th>
- <td><!--{$arrRet.law_term06|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term06|h|nl2br}--></td>
</tr>
</table>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/default/popup_header.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/popup_header.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/popup_header.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -31,10 +31,17 @@
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/win_op.js"></script>
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/site.js"></script>
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/jquery-1.4.2.min.js"></script>
-<title><!--{$arrSiteInfo.shop_name}-->/<!--{$subtitle|escape}--></title>
+<title><!--{$arrSiteInfo.shop_name}-->/<!--{$subtitle|h}--></title>
+<script type="text/javascript">//<![CDATA[
+ <!--{$tpl_javascript}-->
+ $(function(){
+ <!--{$tpl_onload}-->
+ });
+//]]>
+</script>
</head>
-<body onload="<!--{$tpl_onload}--> <!--{$tpl_start}-->">
+<body>
<noscript>
<p><em>JavaScriptを有効にしてご利用下さい.</em></p>
</noscript>
変更: branches/version-2_5-dev/data/Smarty/templates/default/products/detail.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/products/detail.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/products/detail.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -163,7 +163,7 @@
<div id="undercolumn" class="product product_detail">
<!--★タイトル★-->
- <h2 class="title"><!--{$tpl_subtitle|escape}--></h2>
+ <h2 class="title"><!--{$tpl_subtitle|h}--></h2>
<!--★詳細メインコメント★-->
<div class="main_comment"><!--{$arrProduct.main_comment|nl2br_html}--></div>
@@ -176,14 +176,14 @@
<!--★画像★-->
<a
<!--{if $arrProduct.main_large_image|strlen >= 1}-->
- href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrProduct.main_large_image|escape}-->"
+ href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrProduct.main_large_image|h}-->"
class="expansion"
onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_expansion_on.gif','expansion01');"
onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_expansion.gif','expansion01');"
target="_blank"
<!--{/if}-->
>
- <img src="<!--{$arrFile[$key].filepath|escape}-->" width="<!--{$arrFile[$key].width}-->" height="<!--{$arrFile[$key].height}-->" alt="<!--{$arrProduct.name|escape}-->" class="picture" /><br />
+ <img src="<!--{$arrFile[$key].filepath|h}-->" width="<!--{$arrFile[$key].width}-->" height="<!--{$arrFile[$key].height}-->" alt="<!--{$arrProduct.name|h}-->" class="picture" /><br />
<!--★拡大する★-->
<!--{if $arrProduct.main_large_image|strlen >= 1}-->
<img src="<!--{$TPL_DIR}-->img/button/btn_expansion.gif" width="85" height="13" alt="画像を拡大する" name="expansion01" id="expansion01" />
@@ -214,15 +214,15 @@
<div>商品コード:
<span id="product_code_default">
<!--{if $arrProduct.product_code_min == $arrProduct.product_code_max}-->
- <!--{$arrProduct.product_code_min|escape}-->
+ <!--{$arrProduct.product_code_min|h}-->
<!--{else}-->
- <!--{$arrProduct.product_code_min|escape}-->〜<!--{$arrProduct.product_code_max|escape}-->
+ <!--{$arrProduct.product_code_min|h}-->〜<!--{$arrProduct.product_code_max|h}-->
<!--{/if}-->
</span><span id="product_code_dynamic"></span>
</div>
<!--★商品名★-->
- <h2><!--{$arrProduct.name|escape}--></h2>
+ <h2><!--{$arrProduct.name|h}--></h2>
<!--★販売価格★-->
<div class="sale_price"><!--{$smarty.const.SALE_PRICE_TITLE}--><span class="mini">(税込)</span>:
@@ -277,8 +277,8 @@
<!--▼メーカーURL-->
<!--{if $arrProduct.comment1|strlen >= 1}-->
<div><span class="comment1">メーカーURL:
- <a href="<!--{$arrProduct.comment1|escape}-->">
- <!--{$arrProduct.comment1|escape}--></a>
+ <a href="<!--{$arrProduct.comment1|h}-->">
+ <!--{$arrProduct.comment1|h}--></a>
</div>
<!--{/if}-->
<!--▲メーカーURL-->
@@ -307,7 +307,7 @@
<dl>
<!--{if $tpl_classcat_find1}-->
<!--▼規格1-->
- <dt><!--{$tpl_class_name1|escape}--></dt>
+ <dt><!--{$tpl_class_name1|h}--></dt>
<dd>
<select name="classcategory_id1"
style="<!--{$arrErr.classcategory_id1|sfGetErrorColor}-->"
@@ -324,7 +324,7 @@
<!--{if $tpl_classcat_find2}-->
<!--▼規格2-->
- <dt><!--{$tpl_class_name2|escape}--></dt>
+ <dt><!--{$tpl_class_name2|h}--></dt>
<dd>
<select name="classcategory_id2"
style="<!--{$arrErr.classcategory_id2|sfGetErrorColor}-->"
@@ -355,7 +355,7 @@
<!--{if $arrErr[$add_favorite]}--><div class="attention"><!--{$arrErr[$add_favorite]}--></div><!--{/if}-->
<!--{if !$arrProduct.favorite_count}-->
<a
- href="javascript:fnModeSubmit('add_favorite','favorite_product_id','<!--{$arrProduct.product_id|escape}-->');"
+ href="javascript:fnModeSubmit('add_favorite','favorite_product_id','<!--{$arrProduct.product_id|h}-->');"
onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_favorite_on.gif','add_favolite_product');"
onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_favorite.gif','add_favolite_product');"
><img src="<!--{$TPL_DIR}-->img/button/btn_add_favorite.gif" width="115" height="20" alt="お気に入りに追加" name="add_favolite_product" id="add_favolite_product" /></a>
@@ -397,7 +397,7 @@
<!--{assign var=key value="sub_title`$smarty.section.cnt.index+1`"}-->
<!--{if $arrProduct[$key] != ""}-->
<div class="subarea">
- <h3><!--★サブタイトル★--><!--{$arrProduct[$key]|escape}--></h3>
+ <h3><!--★サブタイトル★--><!--{$arrProduct[$key]|h}--></h3>
<!--{assign var=ckey value="sub_comment`$smarty.section.cnt.index+1`"}-->
<div class="subtext"><!--★サブテキスト★--><!--{$arrProduct[$ckey]|nl2br_html}--></div>
@@ -409,16 +409,16 @@
<div class="subphotoimg">
<a
<!--{if $arrProduct[$lkey]|strlen >= 1}-->
- href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrProduct[$lkey]|escape}-->"
+ href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrProduct[$lkey]|h}-->"
class="expansion"
- onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_expansion_on.gif', 'expansion_<!--{$lkey|escape}-->');"
- onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_expansion.gif', 'expansion_<!--{$lkey|escape}-->');"
+ onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_expansion_on.gif', 'expansion_<!--{$lkey|h}-->');"
+ onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_expansion.gif', 'expansion_<!--{$lkey|h}-->');"
target="_blank"
<!--{/if}-->
>
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrProduct.name|escape}-->" width="<!--{$arrFile[$key].width}-->" height="<!--{$arrFile[$key].height}-->" /><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrProduct.name|h}-->" width="<!--{$arrFile[$key].width}-->" height="<!--{$arrFile[$key].height}-->" /><br />
<!--{if $arrProduct[$lkey]|strlen >= 1}-->
- <img src="<!--{$TPL_DIR}-->img/button/btn_expansion.gif" width="85" height="13" alt="画像を拡大する" id="expansion_<!--{$lkey|escape}-->" />
+ <img src="<!--{$TPL_DIR}-->img/button/btn_expansion.gif" width="85" height="13" alt="画像を拡大する" id="expansion_<!--{$lkey|h}-->" />
<!--{/if}-->
</a>
</div>
@@ -447,9 +447,9 @@
<ul>
<!--{section name=cnt loop=$arrReview}-->
<li>
- <p class="voicedate"><!--{$arrReview[cnt].create_date|sfDispDBDate:false}--> 投稿者:<!--{if $arrReview[cnt].reviewer_url}--><a href="<!--{$arrReview[cnt].reviewer_url}-->" target="_blank"><!--{$arrReview[cnt].reviewer_name|escape}--></a><!--{else}--><!--{$arrReview[cnt].reviewer_name|escape}--><!--{/if}--> おすすめレベル:<span class="recommend_level"><!--{assign var=level value=$arrReview[cnt].recommend_level}--><!--{$arrRECOMMEND[$level]|escape}--></span></p>
- <p class="voicetitle"><!--{$arrReview[cnt].title|escape}--></p>
- <p class="voicecomment"><!--{$arrReview[cnt].comment|escape|nl2br}--></p>
+ <p class="voicedate"><!--{$arrReview[cnt].create_date|sfDispDBDate:false}--> 投稿者:<!--{if $arrReview[cnt].reviewer_url}--><a href="<!--{$arrReview[cnt].reviewer_url}-->" target="_blank"><!--{$arrReview[cnt].reviewer_name|h}--></a><!--{else}--><!--{$arrReview[cnt].reviewer_name|h}--><!--{/if}--> おすすめレベル:<span class="recommend_level"><!--{assign var=level value=$arrReview[cnt].recommend_level}--><!--{$arrRECOMMEND[$level]|h}--></span></p>
+ <p class="voicetitle"><!--{$arrReview[cnt].title|h}--></p>
+ <p class="voicecomment"><!--{$arrReview[cnt].comment|h|nl2br}--></p>
</li>
<!--{/section}-->
</ul>
@@ -468,8 +468,8 @@
<!--{if $arrTrackback}-->
<ul>
<!--{section name=cnt loop=$arrTrackback}-->
- <li><strong><!--{$arrTrackback[cnt].create_date|sfDispDBDate:false}--> <a href="<!--{$arrTrackback[cnt].url}-->" target="_blank"><!--{$arrTrackback[cnt].title|escape}--></a> from <!--{$arrTrackback[cnt].blog_name|escape}--></strong>
- <p><!--{$arrTrackback[cnt].excerpt|escape|mb_strimwidth:0:200:"..."}--></p></li>
+ <li><strong><!--{$arrTrackback[cnt].create_date|sfDispDBDate:false}--> <a href="<!--{$arrTrackback[cnt].url}-->" target="_blank"><!--{$arrTrackback[cnt].title|h}--></a> from <!--{$arrTrackback[cnt].blog_name|h}--></strong>
+ <p><!--{$arrTrackback[cnt].excerpt|mb_strimwidth:0:200:"..."|h}--></p></li>
<!--{/section}-->
</ul>
<!--{/if}-->
@@ -490,12 +490,12 @@
<!-- 左列 -->
<div class="whoboughtleft">
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|escape:url}-->">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|escape}-->" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|u}-->">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|h}-->" /></a>
<!--{assign var=price02_min value=`$arrRecommend[cnt].price02_min`}-->
<!--{assign var=price02_max value=`$arrRecommend[cnt].price02_max`}-->
- <h3><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|escape:url}-->"><!--{$arrRecommend[cnt].name|escape}--></a></h3>
+ <h3><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|u}-->"><!--{$arrRecommend[cnt].name|h}--></a></h3>
<p class="sale_price"><!--{$smarty.const.SALE_PRICE_TITLE}--><span class="mini">(税込)</span>:<span class="price">
<!--{if $price02_min == $price02_max}-->
@@ -503,7 +503,7 @@
<!--{else}-->
<!--{$price02_min|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|number_format}-->〜<!--{$price02_max|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|number_format}-->
<!--{/if}-->円</span></p>
- <p class="mini"><!--{$arrRecommend[cnt].comment|escape|nl2br}--></p>
+ <p class="mini"><!--{$arrRecommend[cnt].comment|h|nl2br}--></p>
</div>
<!-- 左列 -->
<!--{/if}-->
@@ -515,12 +515,12 @@
<!-- 右列 -->
<div class="whoboughtright">
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|escape:url}-->">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|escape}-->" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|u}-->">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|h}-->" /></a>
<!--{assign var=price02_min value=`$arrRecommend[cnt].price02_min`}-->
<!--{assign var=price02_max value=`$arrRecommend[cnt].price02_max`}-->
- <h3><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|escape:url}-->"><!--{$arrRecommend[cnt].name|escape}--></a></h3>
+ <h3><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|u}-->"><!--{$arrRecommend[cnt].name|h}--></a></h3>
<p class="sale_price"><!--{$smarty.const.SALE_PRICE_TITLE}--><span class="mini">(税込)</span>:<span class="price">
@@ -529,7 +529,7 @@
<!--{else}-->
<!--{$price02_min|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|number_format}-->〜<!--{$price02_max|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|number_format}-->
<!--{/if}-->円</span></p>
- <p class="mini"><!--{$arrRecommend[cnt].comment|escape|nl2br}--></p>
+ <p class="mini"><!--{$arrRecommend[cnt].comment|h|nl2br}--></p>
</div>
<!-- 右列 -->
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/products/list.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/products/list.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/products/list.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -139,16 +139,16 @@
<!--▼CONTENTS-->
<div id="undercolumn" class="product product_list">
<form name="form1" id="form1" method="get" action="?">
- <input type="hidden" name="mode" value="<!--{$mode|escape}-->" />
+ <input type="hidden" name="mode" value="<!--{$mode|h}-->" />
<!--{* ▼検索条件 *}-->
- <input type="hidden" name="category_id" value="<!--{$arrSearchData.category_id|escape}-->" />
- <input type="hidden" name="maker_id" value="<!--{$arrSearchData.maker_id|escape}-->" />
- <input type="hidden" name="name" value="<!--{$arrSearchData.name|escape}-->" />
+ <input type="hidden" name="category_id" value="<!--{$arrSearchData.category_id|h}-->" />
+ <input type="hidden" name="maker_id" value="<!--{$arrSearchData.maker_id|h}-->" />
+ <input type="hidden" name="name" value="<!--{$arrSearchData.name|h}-->" />
<!--{* ▲検索条件 *}-->
<!--{* ▼ページナビ関連 *}-->
- <input type="hidden" name="orderby" value="<!--{$orderby|escape}-->" />
- <input type="hidden" name="disp_number" value="<!--{$disp_number|escape}-->" />
- <input type="hidden" name="pageno" value="<!--{$tpl_pageno|escape}-->" />
+ <input type="hidden" name="orderby" value="<!--{$orderby|h}-->" />
+ <input type="hidden" name="disp_number" value="<!--{$disp_number|h}-->" />
+ <input type="hidden" name="pageno" value="<!--{$tpl_pageno|h}-->" />
<!--{* ▲ページナビ関連 *}-->
<!--{* ▼注文関連 *}-->
<input type="hidden" name="product_id" value="" />
@@ -158,18 +158,18 @@
<input type="hidden" name="product_type" value="" />
<input type="hidden" name="quantity" value="" />
<!--{* ▲注文関連 *}-->
- <input type="hidden" name="rnd" value="<!--{$tpl_rnd|escape}-->" />
+ <input type="hidden" name="rnd" value="<!--{$tpl_rnd|h}-->" />
</form>
<!--★タイトル★-->
- <h2 class="title"><!--{$tpl_subtitle|escape}--></h2>
+ <h2 class="title"><!--{$tpl_subtitle|h}--></h2>
<!--▼検索条件-->
<!--{if $tpl_subtitle == "検索結果"}-->
<ul class="pagecondarea">
- <li><strong>商品カテゴリ:</strong><!--{$arrSearch.category|escape}--></li>
- <!--{if $arrSearch.maker|strlen >= 1}--><li><strong>メーカー:</strong><!--{$arrSearch.maker|escape}--></li><!--{/if}-->
- <li><strong>商品名:</strong><!--{$arrSearch.name|escape}--></li>
+ <li><strong>商品カテゴリ:</strong><!--{$arrSearch.category|h}--></li>
+ <!--{if $arrSearch.maker|strlen >= 1}--><li><strong>メーカー:</strong><!--{$arrSearch.maker|h}--></li><!--{/if}-->
+ <li><strong>商品名:</strong><!--{$arrSearch.name|h}--></li>
</ul>
<!--{/if}-->
<!--▲検索条件-->
@@ -224,10 +224,10 @@
<!--{assign var=arrErr value=$arrProduct.arrErr}-->
<!--▼商品-->
<div class="listarea">
- <a name="product<!--{$id|escape}-->" />
+ <a name="product<!--{$id|h}-->" />
<div class="listphoto">
<!--★画像★-->
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|escape:url}-->" class="over"><!--商品写真--><img src="<!--{$smarty.const.IMAGE_SAVE_URL|sfTrimURL}-->/<!--{$arrProduct.main_list_image|sfNoImageMainList|escape}-->" alt="<!--{$arrProduct.name|escape}-->" class="picture" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|u}-->" class="over"><!--商品写真--><img src="<!--{$smarty.const.IMAGE_SAVE_URL|sfTrimURL}-->/<!--{$arrProduct.main_list_image|sfNoImageMainList|h}-->" alt="<!--{$arrProduct.name|h}-->" class="picture" /></a>
</div>
<div class="listrightblock">
@@ -245,11 +245,11 @@
<!--★商品名★-->
<h3>
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|escape:url}-->" name="product<!--{$arrProduct.product_id}-->"><!--{$arrProduct.name|escape}--></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|u}-->" name="product<!--{$arrProduct.product_id}-->"><!--{$arrProduct.name|h}--></a>
</h3>
<!--★コメント★-->
- <p class="listcomment"><!--{$arrProduct.main_list_comment|escape|nl2br}--></p>
+ <p class="listcomment"><!--{$arrProduct.main_list_comment|h|nl2br}--></p>
<p>
<span class="pricebox sale_price">
@@ -268,22 +268,22 @@
<!--★詳細ボタン★-->
<span class="btnbox">
<!--{assign var=name value="detail`$id`"}-->
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|escape:url}-->" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_detail_on.gif','<!--{$name}-->');" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_detail.gif','<!--{$name}-->');">
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|u}-->" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_detail_on.gif','<!--{$name}-->');" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_detail.gif','<!--{$name}-->');">
<img src="<!--{$TPL_DIR}-->img/button/btn_detail.gif" width="115" height="25" alt="詳しくはこちら" name="<!--{$name}-->" id="<!--{$name}-->" /></a>
</span>
</p>
<!--▼買い物かご-->
- <form name="product_form<!--{$id|escape}-->" action="?" onsubmit="return false;">
- <input type="hidden" name="product_id" value="<!--{$id|escape}-->" />
- <input type="hidden" name="product_class_id" id="product_class_id<!--{$id|escape}-->" value="<!--{$tpl_product_class_id[$id]}-->" />
- <input type="hidden" name="product_type" id="product_type<!--{$id|escape}-->" value="<!--{$tpl_product_type[$id]}-->" />
+ <form name="product_form<!--{$id|h}-->" action="?" onsubmit="return false;">
+ <input type="hidden" name="product_id" value="<!--{$id|h}-->" />
+ <input type="hidden" name="product_class_id" id="product_class_id<!--{$id|h}-->" value="<!--{$tpl_product_class_id[$id]}-->" />
+ <input type="hidden" name="product_type" id="product_type<!--{$id|h}-->" value="<!--{$tpl_product_type[$id]}-->" />
<div class="in_cart">
<!--{if $tpl_stock_find[$id]}-->
<dl>
<!--{if $tpl_classcat_find1[$id]}-->
<!--▼規格1-->
- <dt><!--{$tpl_class_name1[$id]|escape}-->:</dt>
+ <dt><!--{$tpl_class_name1[$id]|h}-->:</dt>
<dd>
<select name="classcategory_id1"
style="<!--{$arrErr.classcategory_id1|sfGetErrorColor}-->"
@@ -299,7 +299,7 @@
<!--{/if}-->
<!--{if $tpl_classcat_find2[$id]}-->
<!--▼規格2-->
- <dt><!--{$tpl_class_name2[$id]|escape}-->:</dt>
+ <dt><!--{$tpl_class_name2[$id]|h}-->:</dt>
<dd>
<select name="classcategory_id2"
style="<!--{$arrErr.classcategory_id2|sfGetErrorColor}-->"
@@ -315,7 +315,7 @@
<dt>数量:</dt>
<dd>
- <input type="text" name="quantity" class="box54" value="<!--{$arrProduct.quantity|default:1|escape}-->" maxlength="<!--{$smarty.const.INT_LEN}-->" style="<!--{$arrErr.quantity|sfGetErrorColor}-->" />
+ <input type="text" name="quantity" class="box54" value="<!--{$arrProduct.quantity|default:1|h}-->" maxlength="<!--{$smarty.const.INT_LEN}-->" style="<!--{$arrErr.quantity|sfGetErrorColor}-->" />
<!--{if $arrErr.quantity != ""}-->
<br /><span class="attention"><!--{$arrErr.quantity}--></span>
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/products/review.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/products/review.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/products/review.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -28,22 +28,22 @@
<p class="windowtext">以下の商品について、お客様のご意見、ご感想をどしどしお寄せください。<br />
「<span class="attention">※</span>」印は入力必須項目です。<br />
ご入力後、一番下の「確認ページへ」ボタンをクリックしてください。</p>
- <form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+ <form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="confirm" />
<input type="hidden" name="product_id" value="<!--{$arrForm.product_id}-->" />
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
<table summary="お客様の声書き込み">
<tr>
<th>商品名</th>
- <td><!--{$arrForm.name|escape}--></td>
+ <td><!--{$arrForm.name|h}--></td>
</tr>
<tr>
<th>投稿者名<span class="attention">※</span></th>
- <td><span class="attention"><!--{$arrErr.reviewer_name}--></span><input type="text" name="reviewer_name" value="<!--{$arrForm.reviewer_name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr.reviewer_name|sfGetErrorColor}-->" size="40" class="box350" /></td>
+ <td><span class="attention"><!--{$arrErr.reviewer_name}--></span><input type="text" name="reviewer_name" value="<!--{$arrForm.reviewer_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr.reviewer_name|sfGetErrorColor}-->" size="40" class="box350" /></td>
</tr>
<tr>
<th>投稿者URL</th>
- <td><span class="attention"><!--{$arrErr.reviewer_url}--></span><input type="text" name="reviewer_url" value="<!--{$arrForm.reviewer_url|escape}-->" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" style="<!--{$arrErr.reviewer_url|sfGetErrorColor}-->" size="40" class="box350" /></td>
+ <td><span class="attention"><!--{$arrErr.reviewer_url}--></span><input type="text" name="reviewer_url" value="<!--{$arrForm.reviewer_url|h}-->" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" style="<!--{$arrErr.reviewer_url|sfGetErrorColor}-->" size="40" class="box350" /></td>
</tr>
<tr>
<th>性別</th>
@@ -66,14 +66,14 @@
<th>タイトル<span class="attention">※</span></th>
<td>
<span class="attention"><!--{$arrErr.title}--></span>
- <input type="text" name="title" value="<!--{$arrForm.title|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr.title|sfGetErrorColor}-->" size="40" class="box350" />
+ <input type="text" name="title" value="<!--{$arrForm.title|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr.title|sfGetErrorColor}-->" size="40" class="box350" />
</td>
</tr>
<tr>
<th>コメント<span class="attention">※</span></th>
<td>
<span class="attention"><!--{$arrErr.comment}--></span>
- <textarea name="comment" cols="50" rows="10" style="<!--{$arrErr.comment|sfGetErrorColor}-->" class="area350"><!--{$arrForm.comment|escape}--></textarea>
+ <textarea name="comment" cols="50" rows="10" style="<!--{$arrErr.comment|sfGetErrorColor}-->" class="area350"><!--{$arrForm.comment|h}--></textarea>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/default/products/review_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/products/review_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/products/review_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,22 +27,22 @@
<input type="hidden" name="mode" value="complete" />
<!--{foreach from=$arrForm key=key item=item}-->
<!--{if $key ne "mode"}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->" /><!--{/if}-->
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->" /><!--{/if}-->
<!--{/foreach}-->
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
<table summary="お客様の声書き込み">
<tr>
<th>商品名</th>
- <td><!--{$arrForm.name|escape}--></td>
+ <td><!--{$arrForm.name|h}--></td>
</tr>
<tr>
<th>投稿者名<span class="attention">※</span></th>
- <td><!--{$arrForm.reviewer_name|escape}--></td>
+ <td><!--{$arrForm.reviewer_name|h}--></td>
</tr>
<tr>
<th>投稿者URL</th>
- <td><!--{$arrForm.reviewer_url|escape}--></td>
+ <td><!--{$arrForm.reviewer_url|h}--></td>
</tr>
<tr>
<th>性別</th>
@@ -54,11 +54,11 @@
</tr>
<tr>
<th>タイトル<span class="attention">※</span></th>
- <td><!--{$arrForm.title|escape}--></td>
+ <td><!--{$arrForm.title|h}--></td>
</tr>
<tr>
<th>コメント<span class="attention">※</span></th>
- <td><!--{$arrForm.comment|escape|nl2br}--></td>
+ <td><!--{$arrForm.comment|h|nl2br}--></td>
</tr>
</table>
<div class="btn">
変更: branches/version-2_5-dev/data/Smarty/templates/default/regist/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/regist/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/regist/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,14 +22,14 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<div id="completetext">
<em>本登録が完了いたしました。<br />
それではショッピングをお楽しみください。</em>
<p>今後ともご愛顧賜りますようよろしくお願い申し上げます。</p>
- <p><!--{$arrSiteInfo.company_name|escape}--><br />
+ <p><!--{$arrSiteInfo.company_name|h}--><br />
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}--> <!--{if $arrSiteInfo.business_hour != ""}-->(受付時間/<!--{$arrSiteInfo.business_hour}-->)<!--{/if}--><br />
E-mall:<a href="mailto:<!--{$arrSiteInfo.email02|escape:'hex'}-->"><!--{$arrSiteInfo.email02|escape:'hexentity'}--></a></p>
変更: branches/version-2_5-dev/data/Smarty/templates/default/rss/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/rss/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/rss/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,12 +22,12 @@
*}-->
<rss version="2.0">
<channel>
- <title><!--{$site_title|sf_mb_convert_encoding:$encode|escape}--></title>
+ <title><!--{$site_title|sf_mb_convert_encoding:$encode|h}--></title>
<link><!--{$smarty.const.SITE_URL}--></link>
- <description><!--{$description|sf_mb_convert_encoding:$encode|escape}--></description>
+ <description><!--{$description|sf_mb_convert_encoding:$encode|h}--></description>
<language>ja</language>
- <managingEditor><!--{$email|escape}--></managingEditor>
- <webMaster><!--{$email|escape}--></webMaster>
+ <managingEditor><!--{$email|h}--></managingEditor>
+ <webMaster><!--{$email|h}--></webMaster>
<generator>web shoppings v1.0</generator>
<copyright>(c) COPYRIGHT</copyright>
<category>WEB SHOPPING</category>
@@ -38,11 +38,11 @@
<!--{if $arrNews[cnt].news_url == '' }-->
<link><!--{$smarty.const.SITE_URL}--></link>
<!--{else}-->
- <link><!--{$arrNews[cnt].news_url|escape}--></link>
+ <link><!--{$arrNews[cnt].news_url|h}--></link>
<!--{/if}-->
<title><!--{ $arrNews[cnt].news_title|sf_mb_convert_encoding:$encode|escape }--></title>
- <description><!--{$arrNews[cnt].news_comment|truncate:256|sf_mb_convert_encoding:$encode|escape}--></description>
- <pubDate><!--{$arrNews[cnt].news_date|escape}--></pubDate>
+ <description><!--{$arrNews[cnt].news_comment|truncate:256|sf_mb_convert_encoding:$encode|h}--></description>
+ <pubDate><!--{$arrNews[cnt].news_date|h}--></pubDate>
</item>
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/rss/product.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/rss/product.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/rss/product.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -36,7 +36,7 @@
<item>
<link><!--{$smarty.const.SITE_URL}-->rss/product.php?product_id=<!--{$arrProduct[cnt].product_id}--></link>
<!--{foreach key=key item=item from=$arrProductKeys}-->
- <<!--{$item}-->><!--{$arrProduct[cnt][$item]|escape|sf_mb_convert_encoding:$encode}--></<!--{$item}-->>
+ <<!--{$item}-->><!--{$arrProduct[cnt][$item]|h|sf_mb_convert_encoding:$encode}--></<!--{$item}-->>
<!--{/foreach}-->
</item>
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/shopping/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/shopping/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/shopping/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<p class="flowarea">
<img src="<!--{$TPL_DIR}-->img/picture/img_flow_04.gif" width="700" height="36" alt="購入手続きの流れ" />
</p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!-- ▼その他決済情報を表示する場合は表示 -->
<!--{if $arrOther.title.value }-->
@@ -43,13 +43,13 @@
<!-- ▲コンビに決済の場合には表示 -->
<div id="completetext">
- <em><!--{$arrInfo.shop_name|escape}-->の商品をご購入いただき、ありがとうございました。</em>
+ <em><!--{$arrInfo.shop_name|h}-->の商品をご購入いただき、ありがとうございました。</em>
<p>ただいま、ご注文の確認メールをお送りさせていただきました。<br />
万一、ご確認メールが届かない場合は、トラブルの可能性もありますので大変お手数ではございますがもう一度お問い合わせいただくか、お電話にてお問い合わせくださいませ。<br />
今後ともご愛顧賜りますようよろしくお願い申し上げます。</p>
- <p><!--{$arrInfo.shop_name|escape}--><br />
+ <p><!--{$arrInfo.shop_name|h}--><br />
TEL:<!--{$arrInfo.tel01}-->-<!--{$arrInfo.tel02}-->-<!--{$arrInfo.tel03}--> <!--{if $arrInfo.business_hour != ""}-->(受付時間/<!--{$arrInfo.business_hour}-->)<!--{/if}--><br />
E-mail:<a href="mailto:<!--{$arrInfo.email02|escape:'hex'}-->"><!--{$arrInfo.email02|escape:'hexentity'}--></a></p>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/default/shopping/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/shopping/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/shopping/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -45,7 +45,7 @@
<div id="under02column">
<div id="under02column_shopping">
<p class="flowarea"><img src="<!--{$TPL_DIR}-->img/picture/img_flow_03.gif" width="700" height="36" alt="購入手続きの流れ" /></p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記ご注文内容で送信してもよろしいでしょうか?<br />
よろしければ、「<!--{if $payment_type != ""}-->次へ<!--{else}-->ご注文完了ページへ<!--{/if}-->」ボタンをクリックしてください。</p>
@@ -75,16 +75,16 @@
<td class="phototd">
<a
<!--{if $item.productsClass.main_image|strlen >= 1}-->
- href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$item.productsClass.main_image|sfNoImageMainList|escape}-->"
+ href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$item.productsClass.main_image|sfNoImageMainList|h}-->"
class="expansion"
target="_blank"
<!--{/if}-->
>
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$item.productsClass.main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$item.productsClass.name|escape}-->" /></a>
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$item.productsClass.main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$item.productsClass.name|h}-->" /></a>
</td>
<td>
<ul>
- <li><strong><!--{$item.productsClass.name|escape}--></strong></li>
+ <li><strong><!--{$item.productsClass.name|h}--></strong></li>
<!--{if $item.productsClass.classcategory_name1 != ""}-->
<li><!--{$item.productsClass.class_name1}-->:<!--{$item.productsClass.classcategory_name1}--></li>
<!--{/if}-->
@@ -170,19 +170,19 @@
<!--{if $arrData.deliv_check >= 1}-->
<tr>
<th>お名前</th>
- <td><!--{$arrData.deliv_name01|escape}--> <!--{$arrData.deliv_name02|escape}--></td>
+ <td><!--{$arrData.deliv_name01|h}--> <!--{$arrData.deliv_name02|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)</th>
- <td><!--{$arrData.deliv_kana01|escape}--> <!--{$arrData.deliv_kana02|escape}--></td>
+ <td><!--{$arrData.deliv_kana01|h}--> <!--{$arrData.deliv_kana02|h}--></td>
</tr>
<tr>
<th>郵便番号</th>
- <td>〒<!--{$arrData.deliv_zip01|escape}-->-<!--{$arrData.deliv_zip02|escape}--></td>
+ <td>〒<!--{$arrData.deliv_zip01|h}-->-<!--{$arrData.deliv_zip02|h}--></td>
</tr>
<tr>
<th>住所</th>
- <td><!--{$arrPref[$arrData.deliv_pref]}--><!--{$arrData.deliv_addr01|escape}--><!--{$arrData.deliv_addr02|escape}--></td>
+ <td><!--{$arrPref[$arrData.deliv_pref]}--><!--{$arrData.deliv_addr01|h}--><!--{$arrData.deliv_addr02|h}--></td>
</tr>
<tr>
<th>電話番号</th>
@@ -191,19 +191,19 @@
<!--{else}-->
<tr>
<th>お名前</th>
- <td><!--{$arrData.order_name01|escape}--> <!--{$arrData.order_name02|escape}--></td>
+ <td><!--{$arrData.order_name01|h}--> <!--{$arrData.order_name02|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)</th>
- <td><!--{$arrData.order_kana01|escape}--> <!--{$arrData.order_kana02|escape}--></td>
+ <td><!--{$arrData.order_kana01|h}--> <!--{$arrData.order_kana02|h}--></td>
</tr>
<tr>
<th>郵便番号</th>
- <td>〒<!--{$arrData.order_zip01|escape}-->-<!--{$arrData.order_zip02|escape}--></td>
+ <td>〒<!--{$arrData.order_zip01|h}-->-<!--{$arrData.order_zip02|h}--></td>
</tr>
<tr>
<th>住所</th>
- <td><!--{$arrPref[$arrData.order_pref]}--><!--{$arrData.order_addr01|escape}--><!--{$arrData.order_addr02|escape}--></td>
+ <td><!--{$arrPref[$arrData.order_pref]}--><!--{$arrData.order_addr01|h}--><!--{$arrData.order_addr02|h}--></td>
</tr>
<tr>
<th>電話番号</th>
@@ -224,22 +224,22 @@
<tbody>
<tr>
<th>お支払方法</th>
- <td><!--{$arrData.payment_method|escape}--></td>
+ <td><!--{$arrData.payment_method|h}--></td>
</tr>
<!--{* 販売方法判定(ダウンロード販売のみの場合はお届け日、時間を表示しない) *}-->
<!--{if $cartdown != "2"}-->
<tr>
<th>お届け日</th>
- <td><!--{$arrData.deliv_date|escape|default:"指定なし"}--></td>
+ <td><!--{$arrData.deliv_date|default:"指定なし"|h}--></td>
</tr>
<tr>
<th>お届け時間</th>
- <td><!--{$arrData.deliv_time|escape|default:"指定なし"}--></td>
+ <td><!--{$arrData.deliv_time|default:"指定なし"|h}--></td>
</tr>
<!--{/if}-->
<tr>
<th>その他お問い合わせ</th>
- <td><!--{$arrData.message|escape|nl2br}--></td>
+ <td><!--{$arrData.message|h|nl2br}--></td>
</tr>
</tbody>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/default/shopping/deliv.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/shopping/deliv.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/shopping/deliv.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,17 +25,17 @@
<p class="flowarea">
<img src="<!--{$TPL_DIR}-->img/picture/img_flow_01.gif" width="700" height="36" alt="購入手続きの流れ" />
</p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記一覧よりお届け先住所を選択して、「選択したお届け先に送る」ボタンをクリックしてください。</p>
<!--{if $tpl_addrmax < $smarty.const.DELIV_ADDR_MAX}-->
<p>一覧にご希望の住所が無い場合は、「新しいお届け先を追加する」より追加登録してください。</p>
<!--{/if}-->
- <p>※最大<!--{$smarty.const.DELIV_ADDR_MAX|escape}-->件まで登録できます。</p>
+ <p>※最大<!--{$smarty.const.DELIV_ADDR_MAX|h}-->件まで登録できます。</p>
<!--{if $tpl_addrmax < $smarty.const.DELIV_ADDR_MAX}-->
<p class="addbtn">
- <a href="<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php" onclick="win02('<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php?page=<!--{$smarty.server.PHP_SELF|escape}-->','new_deiv','600','640'); return false;" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_address_on.gif','addition');" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_address.gif','addition');"><img src="<!--{$TPL_DIR}-->img/button/btn_add_address.gif" width="160" height="22" alt="新しいお届け先を追加する" name="addition" id="addition" /></a>
+ <a href="<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php" onclick="win02('<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php?page=<!--{$smarty.server.PHP_SELF|h}-->','new_deiv','600','640'); return false;" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_address_on.gif','addition');" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_address.gif','addition');"><img src="<!--{$TPL_DIR}-->img/button/btn_add_address.gif" width="160" height="22" alt="新しいお届け先を追加する" name="addition" id="addition" /></a>
</p>
<!--{/if}-->
<form name="form1" id="form1" method="post" action="?">
@@ -73,12 +73,12 @@
</td>
<td>
<!--{assign var=key value=$arrAddr[cnt].pref}-->
- <!--{$arrPref[$key]}--><!--{$arrAddr[cnt].addr01|escape}--><!--{$arrAddr[cnt].addr02|escape}--><br />
- <!--{$arrAddr[cnt].name01|escape}--> <!--{$arrAddr[cnt].name02|escape}-->
+ <!--{$arrPref[$key]}--><!--{$arrAddr[cnt].addr01|h}--><!--{$arrAddr[cnt].addr02|h}--><br />
+ <!--{$arrAddr[cnt].name01|h}--> <!--{$arrAddr[cnt].name02|h}-->
</td>
<td class="centertd">
<!--{if !$smarty.section.cnt.first}-->
- <a href="<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php" onclick="win02('<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php?page=<!--{$smarty.server.PHP_SELF|escape}-->&other_deliv_id=<!--{$arrAddr[cnt].other_deliv_id}-->','new_deiv','600','640'); return false;">変更</a>
+ <a href="<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php" onclick="win02('<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php?page=<!--{$smarty.server.PHP_SELF|h}-->&other_deliv_id=<!--{$arrAddr[cnt].other_deliv_id}-->','new_deiv','600','640'); return false;">変更</a>
<!--{/if}-->
</td>
<td class="centertd">
変更: branches/version-2_5-dev/data/Smarty/templates/default/shopping/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/shopping/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/shopping/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,7 +22,7 @@
<!--▼CONTENTS-->
<div id="under02column">
<div id="under02column_login">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<form name="member_form" id="member_form" method="post" action="./deliv.php" onsubmit="return fnCheckLogin('member_form')">
<div class="loginarea">
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
@@ -33,7 +33,7 @@
<!--{assign var=key value="login_email"}--><span class="attention"><!--{$arrErr[$key]}--></span>
<p>メールアドレス:
<input type="text" name="<!--{$key}-->"
- value="<!--{$tpl_login_email|escape}-->"
+ value="<!--{$tpl_login_email|h}-->"
maxlength="<!--{$arrForm[$key].length}-->"
style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: disabled;"
size="40" class="box300" />
変更: branches/version-2_5-dev/data/Smarty/templates/default/shopping/nonmember_input.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/shopping/nonmember_input.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/shopping/nonmember_input.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
<div id="under02column">
<div id="under02column_customer">
<p class="flowarea"><img src="<!--{$TPL_DIR}-->img/picture/img_flow_01.gif" width="700" height="36" alt="購入手続きの流れ" /></p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記項目にご入力ください。「<span class="attention">※</span>」印は入力必須項目です。<br />
入力後、一番下の「確認ページへ」ボタンをクリックしてください。</p>
@@ -38,8 +38,8 @@
<!--{assign var=key1 value="order_name01"}-->
<!--{assign var=key2 value="order_name02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
- 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -48,8 +48,8 @@
<!--{assign var=key1 value="order_kana01"}-->
<!--{assign var=key2 value="order_kana02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
- メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -58,7 +58,7 @@
<!--{assign var=key1 value="order_zip01"}-->
<!--{assign var=key2 value="order_zip02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- <p>〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
+ <p>〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
<a href="http://search.post.japanpost.jp/zipcode/" target="_blank"><span class="fs12">郵便番号検索</span></a></p>
<p class="zipimg"><a href="<!--{$smarty.const.URL_DIR}-->address/<!--{$smarty.const.DIR_INDEX_URL}-->" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'order_zip01', 'order_zip02', 'order_pref', 'order_addr01'); return false;" target="_blank"><img src="<!--{$TPL_DIR}-->img/button/btn_address_input.gif" width="86" height="20" alt="住所自動入力" /></a>
@@ -76,11 +76,11 @@
</select>
<p class="mini">
<!--{assign var=key value="order_addr01"}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: active;" class="box380" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: active;" class="box380" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}--></p>
<p class="mini">
<!--{assign var=key value="order_addr02"}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: active;" class="box380" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: active;" class="box380" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}--></p>
<p class="mini"><em>住所は2つに分けてご記入ください。マンション名は必ず記入してください。</em></p></td>
</tr>
@@ -93,9 +93,9 @@
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
</td>
</tr>
<tr>
@@ -107,9 +107,9 @@
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
</td>
</tr>
<tr>
@@ -117,10 +117,10 @@
<td>
<!--{assign var=key value="order_email"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: disabled;" size="40" class="box380" /><br />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: disabled;" size="40" class="box380" /><br />
<!--{assign var=key value="order_email02"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: disabled;" size="40" class="box380" /><br />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: disabled;" size="40" class="box380" /><br />
<p class="mini"><em>確認のため2度入力してください。</em></p>
</td>
</tr>
@@ -177,8 +177,8 @@
<!--{assign var=key1 value="deliv_name01"}-->
<!--{assign var=key2 value="deliv_name02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
- 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -187,8 +187,8 @@
<!--{assign var=key1 value="deliv_kana01"}-->
<!--{assign var=key2 value="deliv_kana02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
- メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
+ メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: active;" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -197,7 +197,7 @@
<!--{assign var=key1 value="deliv_zip01"}-->
<!--{assign var=key2 value="deliv_zip02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- <p>〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
+ <p>〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
<a href="http://search.post.japanpost.jp/zipcode/" target="_blank"><span class="fs12">郵便番号検索</span></a></p>
<p class="zipimg"><a href="<!--{$smarty.const.URL_DIR}-->address/<!--{$smarty.const.DIR_INDEX_URL}-->" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'deliv_zip01', 'deliv_zip02', 'deliv_pref', 'deliv_addr01'); return false;" target="_blank"><img src="<!--{$TPL_DIR}-->img/button/btn_address_input.gif" width="86" height="20" alt="住所自動入力" /></a>
@@ -215,11 +215,11 @@
</select>
<p class="mini">
<!--{assign var=key value="deliv_addr01"}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: active;" class="box380" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: active;" class="box380" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}--></p>
<p class="mini">
<!--{assign var=key value="deliv_addr02"}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: active;" class="box380" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: active;" class="box380" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}--></p>
<p class="mini"><em>住所は2つに分けてご記入ください。マンション名は必ず記入してください。</em></p>
@@ -234,9 +234,9 @@
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->; ime-mode: disabled;" size="6" class="box60" />
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/default/shopping/payment.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/shopping/payment.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/shopping/payment.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<p class="flowarea">
<img src="<!--{$TPL_DIR}-->img/picture/img_flow_02.gif" width="700" height="36" alt="購入手続きの流れ" />
</p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="confirm" />
@@ -48,7 +48,7 @@
<td class="centertd"><input type="radio" id="pay_<!--{$smarty.section.cnt.iteration}-->" name="<!--{$key}-->" onclick="fnSetDelivTime('payment','<!--{$key}-->','deliv_time_id');" value="<!--{$arrPayment[cnt].payment_id}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" <!--{$arrPayment[cnt].payment_id|sfGetChecked:$arrForm[$key].value}--> />
</td>
<td>
- <label for="pay_<!--{$smarty.section.cnt.iteration}-->"><!--{$arrPayment[cnt].payment_method|escape}--><!--{if $arrPayment[cnt].note != ""}--><!--{/if}--></label>
+ <label for="pay_<!--{$smarty.section.cnt.iteration}-->"><!--{$arrPayment[cnt].payment_method|h}--><!--{if $arrPayment[cnt].note != ""}--><!--{/if}--></label>
</td>
<!--{if $img_show}-->
<td>
@@ -98,7 +98,7 @@
<!--★その他お問い合わせ事項★-->
<!--{assign var=key value="message"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$key}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" cols="80" rows="8" class="area660" wrap="head"><!--{$arrForm[$key].value|escape}--></textarea>
+ <textarea name="<!--{$key}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" cols="80" rows="8" class="area660" wrap="head"><!--{$arrForm[$key].value|h}--></textarea>
<span class="attention"> (<!--{$smarty.const.LTEXT_LEN}-->文字まで)</span>
</div>
</div>
@@ -111,7 +111,7 @@
<p><span class="attention">1ポイントを1円</span>として使用する事ができます。<br />
使用する場合は、「ポイントを使用する」にチェックを入れた後、使用するポイントをご記入ください。</p>
<div>
- <p><!--{$objCustomer->getValue('name01')|escape}--> <!--{$objCustomer->getValue('name02')|escape}-->様の、現在の所持ポイントは「<em><!--{$tpl_user_point|default:0}-->Pt</em>」です。</p>
+ <p><!--{$objCustomer->getValue('name01')|h}--> <!--{$objCustomer->getValue('name02')|h}-->様の、現在の所持ポイントは「<em><!--{$tpl_user_point|default:0}-->Pt</em>」です。</p>
<p>今回ご購入合計金額:<span class="price"><!--{$arrData.subtotal|number_format}-->円</span> <span class="attention">(送料、手数料を含みません。)</span></p>
<ul>
<li><input type="radio" id="point_on" name="point_check" value="1" <!--{$arrForm.point_check.value|sfGetChecked:1}--> onclick="fnCheckInputPoint();" /><label for="point_on">ポイントを使用する</label></li>
@@ -126,7 +126,7 @@
<!-- ▲ポイント使用 ここまで -->
<div class="tblareabtn">
- <a href="<!--{$tpl_back_url|escape}-->" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_back_on.gif','back03')" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_back.gif','back03')">
+ <a href="<!--{$tpl_back_url|h}-->" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_back_on.gif','back03')" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_back.gif','back03')">
<img src="<!--{$TPL_DIR}-->img/button/btn_back.gif" width="150" height="30" alt="戻る" border="0" name="back03" id="back03" /></a>
<input type="image" onmouseover="chgImgImageSubmit('<!--{$TPL_DIR}-->img/button/btn_next_on.gif',this)" onmouseout="chgImgImageSubmit('<!--{$TPL_DIR}-->img/button/btn_next.gif',this)" src="<!--{$TPL_DIR}-->img/button/btn_next.gif" class="box150" alt="次へ" name="next" id="next" />
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/default/site_frame.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/site_frame.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/site_frame.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -37,19 +37,22 @@
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/win_op.js"></script>
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/site.js"></script>
<script type="text/javascript" src="<!--{$smarty.const.URL_DIR}-->js/jquery-1.4.2.min.js"></script>
-<title><!--{$arrSiteInfo.shop_name|escape}--><!--{if $tpl_subtitle|strlen >= 1}--> / <!--{$tpl_subtitle|escape}--><!--{elseif $tpl_title|strlen >= 1}--> / <!--{$tpl_title|escape}--><!--{/if}--></title>
+<title><!--{$arrSiteInfo.shop_name|h}--><!--{if $tpl_subtitle|strlen >= 1}--> / <!--{$tpl_subtitle|h}--><!--{elseif $tpl_title|strlen >= 1}--> / <!--{$tpl_title|h}--><!--{/if}--></title>
<!--{if $arrPageLayout.author|strlen >= 1}-->
- <meta name="author" content="<!--{$arrPageLayout.author|escape}-->" />
+ <meta name="author" content="<!--{$arrPageLayout.author|h}-->" />
<!--{/if}-->
<!--{if $arrPageLayout.description|strlen >= 1}-->
- <meta name="description" content="<!--{$arrPageLayout.description|escape}-->" />
+ <meta name="description" content="<!--{$arrPageLayout.description|h}-->" />
<!--{/if}-->
<!--{if $arrPageLayout.keyword|strlen >= 1}-->
- <meta name="keywords" content="<!--{$arrPageLayout.keyword|escape}-->" />
+ <meta name="keywords" content="<!--{$arrPageLayout.keyword|h}-->" />
<!--{/if}-->
<script type="text/javascript">//<![CDATA[
<!--{$tpl_javascript}-->
+ $(function(){
+ <!--{$tpl_onload}-->
+ });
//]]>
</script>
<!--{* ▼Head COLUMN*}-->
変更: branches/version-2_5-dev/data/Smarty/templates/default/site_main.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/default/site_main.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/default/site_main.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -19,7 +19,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*}-->
-<body onload="<!--{$tpl_onload}-->">
+<body>
<!--{* A8タグ表示用 *}-->
<!--{if "sfPrintA8Tag"|function_exists === TRUE}-->
<!--{include file=`$smarty.const.MODULE_PATH`mdl_a8/print_a8_tag.tpl}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/cart/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/cart/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/cart/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -28,13 +28,13 @@
<!--{$tpl_message}--><br>
<!--{/if}-->
<!--{if count($arrProductsClass) > 0}-->
-<form name="form1" id="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->" utn>
+<form name="form1" id="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->" utn>
<input type="hidden" name="mode" value="confirm">
<input type="hidden" name="cart_no" value="">
<!--ご注文内容ここから-->
<hr>
<!--{section name=cnt loop=$arrProductsClass}-->
- <!--{* 商品名 *}--><!--{$arrProductsClass[cnt].name|escape}--><br>
+ <!--{* 商品名 *}--><!--{$arrProductsClass[cnt].name|h}--><br>
<!--{* 販売価格 *}-->
\<!--{$arrProductsClass[cnt].price02|sfCalcIncTax:$arrInfo.tax:$arrInfo.tax_rule|number_format}-->
× <!--{$arrProductsClass[cnt].quantity}--><br>
@@ -48,12 +48,12 @@
<br>
<!--{* 数量 *}-->
数量:<!--{$arrProductsClass[cnt].quantity}-->
- <a href="<!--{$smarty.server.PHP_SELF|escape}-->?mode=up&cart_no=<!--{$arrProductsClass[cnt].cart_no}-->">+</a>
- <a href="<!--{$smarty.server.PHP_SELF|escape}-->?mode=down&cart_no=<!--{$arrProductsClass[cnt].cart_no}-->">-</a>
- <a href="<!--{$smarty.server.PHP_SELF|escape}-->?mode=delete&cart_no=<!--{$arrProductsClass[cnt].cart_no}-->">削除</a><br>
+ <a href="<!--{$smarty.server.PHP_SELF|h}-->?mode=up&cart_no=<!--{$arrProductsClass[cnt].cart_no}-->">+</a>
+ <a href="<!--{$smarty.server.PHP_SELF|h}-->?mode=down&cart_no=<!--{$arrProductsClass[cnt].cart_no}-->">-</a>
+ <a href="<!--{$smarty.server.PHP_SELF|h}-->?mode=delete&cart_no=<!--{$arrProductsClass[cnt].cart_no}-->">削除</a><br>
<!--{* 合計 *}-->
小計:<!--{$arrProductsClass[cnt].total_inctax|number_format}-->円<br>
- <div align="right"><a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrProductsClass[cnt].product_id|escape:url}-->">商品詳細へ→</a></div>
+ <div align="right"><a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrProductsClass[cnt].product_id|u}-->">商品詳細へ→</a></div>
<HR>
<!--{/section}-->
商品合計:<!--{$tpl_total_inctax|number_format}-->円<br>
@@ -65,7 +65,7 @@
<br>
<center><input type="submit" value="注文する"></center>
</form>
-<form method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="continue">
<center><input type="submit" value="お買物を続ける"></center>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/contact/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/contact/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/contact/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -33,7 +33,7 @@
電話番号:<br>
<!--{$tel01}-->-<!--{$tel02}-->-<!--{$tel03}--><br>
【E-mail】<br>
-<a href="mailto:<!--{$email02|escape:'url'}-->"><!--{$email02|escape}--></a><br>
+<a href="mailto:<!--{$email02|u}-->"><!--{$email02|h}--></a><br>
※お急ぎの場合には、お電話にてお問い合せ下さい。<br>
<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/entry/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/entry/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/entry/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,30 +23,30 @@
*}-->
<div align="center">登録確認</div>
<hr>
-<form name="form1" id="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->" utn>
+<form name="form1" id="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->" utn>
<input type="hidden" name="mode" value="complete">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
下記の内容でご登録してもよろしいですか?<br>
<br>
【メールアドレス】<br>
- <!--{$list_data.email|escape}--><br>
+ <!--{$list_data.email|h}--><br>
【パスワード確認用質問】<br>
- <!--{$arrReminder[$list_data.reminder]|escape}--><br>
+ <!--{$arrReminder[$list_data.reminder]|h}--><br>
【質問の答え】<br>
- <!--{$list_data.reminder_answer|escape}--><br>
+ <!--{$list_data.reminder_answer|h}--><br>
【個人情報】<br>
- <!--{$list_data.name01|escape}--> <!--{$list_data.name02|escape}--><br>
- <!--{$list_data.kana01|escape}--> <!--{$list_data.kana02|escape}--><br>
+ <!--{$list_data.name01|h}--> <!--{$list_data.name02|h}--><br>
+ <!--{$list_data.kana01|h}--> <!--{$list_data.kana02|h}--><br>
<!--{if $list_data.sex eq 1}-->男性<!--{else}-->女性<!--{/if}--><br>
- <!--{if strlen($list_data.year) > 0 && strlen($list_data.month) > 0 && strlen($list_data.day) > 0}--><!--{$list_data.year|escape}-->年<!--{$list_data.month|escape}-->月<!--{$list_data.day|escape}-->日生まれ<!--{else}-->生年月日 未登録<!--{/if}--><br>
- 〒<!--{$list_data.zip01|escape}--> - <!--{$list_data.zip02|escape}--><br>
- <!--{$arrPref[$list_data.pref]|escape}--><!--{$list_data.addr01|escape}--><!--{$list_data.addr02|escape}--><br>
- <!--{$list_data.tel01|escape}-->-<!--{$list_data.tel02|escape}-->-<!--{$list_data.tel03|escape}--><br>
+ <!--{if strlen($list_data.year) > 0 && strlen($list_data.month) > 0 && strlen($list_data.day) > 0}--><!--{$list_data.year|h}-->年<!--{$list_data.month|h}-->月<!--{$list_data.day|h}-->日生まれ<!--{else}-->生年月日 未登録<!--{/if}--><br>
+ 〒<!--{$list_data.zip01|h}--> - <!--{$list_data.zip02|h}--><br>
+ <!--{$arrPref[$list_data.pref]|h}--><!--{$list_data.addr01|h}--><!--{$list_data.addr02|h}--><br>
+ <!--{$list_data.tel01|h}-->-<!--{$list_data.tel02|h}-->-<!--{$list_data.tel03|h}--><br>
【メールマガジン゛】<br>
<!--{if $list_data.mailmaga_flg eq 2}-->希望する<!--{else}-->希望しない<!--{/if}--><br>
@@ -56,7 +56,7 @@
<input type="submit" name="return" value="戻る">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/entry/email_mobile.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/entry/email_mobile.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/entry/email_mobile.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<hr>
-<!--{$tpl_name|escape}-->様<br>
+<!--{$tpl_name|h}-->様<br>
いつもご利用いただきありがとうございます。ご使用の携帯電話のメールアドレスをご登録下さい。<br>
<br>
@@ -34,12 +34,12 @@
<!--{if @$tpl_kara_mail_to != ''}-->
<font color="#ff0000"><!--{$arrErr[$key]|default:''}--></font>
次のリンクをクリックして空メールを送信してください。<br>
-<center><a href="mailto:<!--{$tpl_kara_mail_to|escape:'url'}-->">メール送信</a></center>
+<center><a href="mailto:<!--{$tpl_kara_mail_to|u}-->">メール送信</a></center>
<!--{else}-->
-<form method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
▼メールアドレス<br>
<font color="#ff0000"><!--{$arrErr[$key]|default:''}--></font>
-<input type="text" name="email_mobile" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" istyle="3"><br>
+<input type="text" name="email_mobile" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" istyle="3"><br>
<center><input type="submit" value="送信"></center>
<center><a href="../mypage/<!--{$smarty.const.DIR_INDEX_URL}-->" accesskey="0">今は登録しない</a></center>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/entry/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/entry/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/entry/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">会員情報入力 1/3</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="set1">
<font color="#FF0000">*は必須項目です。</font><br>
@@ -32,9 +32,9 @@
【メールアドレス】<font color="#FF0000">※</font><br>
<font color="#FF0000"><!--{$arrErr.email}--></font>
<!--{if @$tpl_kara_mail_from}-->
- <!--{$tpl_kara_mail_from|escape}-->
+ <!--{$tpl_kara_mail_from|h}-->
<!--{else}-->
- <input type="text" name="email" value="<!--{$email|escape}-->" istyle="3">
+ <input type="text" name="email" value="<!--{$email|h}-->" istyle="3">
<!--{/if}-->
<br>
@@ -53,27 +53,27 @@
【質問の答え】<font color="#FF0000">※</font><br>
<font color="#FF0000"><!--{$arrErr.reminder_answer}--></font>
- <input type="text" name="reminder_answer" value="<!--{$reminder_answer|escape}-->" istyle="1"><br>
+ <input type="text" name="reminder_answer" value="<!--{$reminder_answer|h}-->" istyle="1"><br>
【お名前】<font color="#FF0000">※</font><br>
<font color="#FF0000"><!--{$arrErr.name01}--><!--{$arrErr.name02}--></font>
姓(例:渋谷)<br>
- <input type="text" name="name01" value="<!--{$name01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
+ <input type="text" name="name01" value="<!--{$name01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
名(例:花子)<br>
- <input type="text" name="name02" value="<!--{$name02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
+ <input type="text" name="name02" value="<!--{$name02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
<font color="#FF0000"><!--{$arrErr.kana01}--><!--{$arrErr.kana02}--></font>
カナ/姓(例:シブヤ)<br>
- <input type="text" name="kana01" value="<!--{$kana01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
+ <input type="text" name="kana01" value="<!--{$kana01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
カナ/名(例:ハナコ)<br>
- <input type="text" name="kana02" value="<!--{$kana02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
+ <input type="text" name="kana02" value="<!--{$kana02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
<input type="submit" name="submit" value="次へ">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/entry/kiyaku.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/entry/kiyaku.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/entry/kiyaku.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">ご利用規約</div>
<hr>
-<!--{$tpl_kiyaku_text|escape|nl2br}--><br>
+<!--{$tpl_kiyaku_text|h|nl2br}--><br>
<BR>
<!--{if $offset != -1}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/entry/mail.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/entry/mail.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/entry/mail.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,12 +27,12 @@
次のリンクをクリックして空メールを送信してください。
すぐにご案内のメールが送信されますので、メール内のリンクをクリックして会員情報の入力に進んでください。<br>
-<font color="#ff0000">※ドメイン指定受信機能を利用されている方は、メールを送信する前に必ず「<!--{$tpl_from_address|escape}-->」からのメールが受信できるように設定しておいてください。</font><br>
+<font color="#ff0000">※ドメイン指定受信機能を利用されている方は、メールを送信する前に必ず「<!--{$tpl_from_address|h}-->」からのメールが受信できるように設定しておいてください。</font><br>
<br>
<br>
-<center><a href="mailto:<!--{$tpl_kara_mail_to|escape:'url'}-->">メール送信</a></center>
+<center><a href="mailto:<!--{$tpl_kara_mail_to|u}-->">メール送信</a></center>
<br>
<hr>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/entry/set1.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/entry/set1.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/entry/set1.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">会員情報入力 2/3</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="set2">
<font color="#FF0000">*は必須項目です。</font><br>
@@ -35,7 +35,7 @@
【生年月日】<br>
<font color="#FF0000"><!--{$arrErr.year}--><!--{$arrErr.month}--><!--{$arrErr.day}--></font>
- <input type="text" name="year" value="<!--{$year|escape}-->" size="4" maxlength="4" istyle="4">年<br>
+ <input type="text" name="year" value="<!--{$year|h}-->" size="4" maxlength="4" istyle="4">年<br>
<select name="month">
<!--{html_options options=$arrMonth selected=$month}-->
</select>月<br>
@@ -49,15 +49,15 @@
<font color="#FF0000"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></font>
<!--{assign var="size1" value="`$smarty.const.ZIP01_LEN+2`"}-->
<!--{assign var="size2" value="`$smarty.const.ZIP02_LEN+2`"}-->
- <input size="<!--{$size1}-->" type="text" name="zip01" value="<!--{if $zip01 == ""}--><!--{$arrOtherDeliv.zip01|escape}--><!--{else}--><!--{$zip01|escape}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" istyle="4">
+ <input size="<!--{$size1}-->" type="text" name="zip01" value="<!--{if $zip01 == ""}--><!--{$arrOtherDeliv.zip01|h}--><!--{else}--><!--{$zip01|h}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" istyle="4">
-
- <input size="<!--{$size2}-->" type="text" name="zip02" value="<!--{if $zip02 == ""}--><!--{$arrOtherDeliv.zip02|escape}--><!--{else}--><!--{$zip02|escape}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" istyle="4"><br>
+ <input size="<!--{$size2}-->" type="text" name="zip02" value="<!--{if $zip02 == ""}--><!--{$arrOtherDeliv.zip02|h}--><!--{else}--><!--{$zip02|h}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" istyle="4"><br>
<input type="submit" name="submit" value="次へ"><br>
<input type="submit" name="return" value="戻る">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/entry/set2.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/entry/set2.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/entry/set2.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">会員情報入力 3/3</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="confirm">
<font color="#FF0000">*は必須項目です。</font><br>
@@ -38,20 +38,20 @@
【住所1】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.addr01}--></font>
- <input type="text" name="addr01" value="<!--{$addr01|escape}-->" istyle="1"><br>
+ <input type="text" name="addr01" value="<!--{$addr01|h}-->" istyle="1"><br>
【住所2】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.addr02}--></font>
- <input type="text" name="addr02" value="<!--{$addr02|escape}-->" istyle="1"><br>
+ <input type="text" name="addr02" value="<!--{$addr02|h}-->" istyle="1"><br>
【電話番号】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.tel01}--><!--{$arrErr.tel02}--><!--{$arrErr.tel03}--></font>
<!--{assign var="size" value="`$smarty.const.TEL_ITEM_LEN+2`"}-->
- <input type="text" size="<!--{$size}-->" name="tel01" value="<!--{$tel01|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
+ <input type="text" size="<!--{$size}-->" name="tel01" value="<!--{$tel01|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
-
- <input type="text" size="<!--{$size}-->" name="tel02" value="<!--{$tel02|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
+ <input type="text" size="<!--{$size}-->" name="tel02" value="<!--{$tel02|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
-
- <input type="text" size="<!--{$size}-->" name="tel03" value="<!--{$tel03|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4"><br>
+ <input type="text" size="<!--{$size}-->" name="tel03" value="<!--{$tel03|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4"><br>
【メールマガジン】<br>
お得な情報を希望されますか?<br>
@@ -63,7 +63,7 @@
<input type="submit" name="return" value="戻る">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/footer.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/footer.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/footer.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,4 +25,4 @@
<!--{if $smarty.const.RELEASE_YEAR != $smarty.now|date_format:"%Y"}-->
<!--{$smarty.const.RELEASE_YEAR}-->-
<!--{/if}-->
-<!--{$smarty.now|date_format:"%Y"}--> <!--{$arrSiteInfo.shop_name_eng|escape}--> All rights reserved.</font></center>
+<!--{$smarty.now|date_format:"%Y"}--> <!--{$arrSiteInfo.shop_name_eng|h}--> All rights reserved.</font></center>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/forgot/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/forgot/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/forgot/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -33,7 +33,7 @@
<!--{if @$tpl_kara_mail_to != ''}-->
■ご登録時のメールアドレスからメールを送れる方は、次のリンクをクリックして空メールを送信してください。<br>
-<center><a href="mailto:<!--{$tpl_kara_mail_to|escape:'url'}-->">メール送信</a></center>
+<center><a href="mailto:<!--{$tpl_kara_mail_to|u}-->">メール送信</a></center>
<br>
@@ -42,10 +42,10 @@
ご登録時のメールアドレスを入力して「次へ」ボタンをクリックしてください。<br>
<!--{/if}-->
-<form action="<!--{$smarty.server.PHP_SELF|escape}-->" method="post">
+<form action="<!--{$smarty.server.PHP_SELF|h}-->" method="post">
<input type="hidden" name="mode" value="mail_check">
-メールアドレス:<input type="text" name="email" value="<!--{$tpl_login_email|escape}-->" size="50" istyle="3"><br>
+メールアドレス:<input type="text" name="email" value="<!--{$tpl_login_email|h}-->" size="50" istyle="3"><br>
<center><input type="submit" value="次へ" name="next"></center>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/forgot/secret.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/forgot/secret.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/forgot/secret.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -30,12 +30,12 @@
<!--{/if}-->
ご登録時に入力した下記質問の答えを入力して「次へ」ボタンをクリックしてください。<br>
-※下記質問の答えをお忘れになられた場合は、<a href="mailto:<!--{$arrSiteInfo.email02|escape}-->"><!--{$arrSiteInfo.email02|escape}--></a>までご連絡ください。<br>
+※下記質問の答えをお忘れになられた場合は、<a href="mailto:<!--{$arrSiteInfo.email02|h}-->"><!--{$arrSiteInfo.email02|h}--></a>までご連絡ください。<br>
-<form action="<!--{$smarty.server.PHP_SELF|escape}-->" method="post">
+<form action="<!--{$smarty.server.PHP_SELF|h}-->" method="post">
<input type="hidden" name="mode" value="secret_check">
-<!--{$Reminder|escape}-->:<input type="text" name="input_reminder" value="" size="40"><br>
+<!--{$Reminder|h}-->:<input type="text" name="input_reminder" value="" size="40"><br>
<center><input type="submit" value="次へ" name="next"></center>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/best5.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/best5.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/best5.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,8 +26,8 @@
<!--{foreach from=$arrBestProducts item=arrProduct name=best_products}-->
<!-- ▼おすすめ商品コメント ここから -->
-<a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrProduct.product_id|escape:url}-->">
-<!--{$arrProduct.comment|escape|nl2br}--></a>
+<a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrProduct.product_id|u}-->">
+<!--{$arrProduct.comment|h|nl2br}--></a>
<!-- ▲おすすめ商品コメント ここまで -->
<!--{if !$smarty.foreach.best_products.last}--><br><br><!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/category.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/category.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/category.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -29,6 +29,6 @@
<!--{else}-->
<!--{assign var=path value="`$smarty.const.MOBILE_URL_DIR`products/list.php"}-->
<!--{/if}-->
- <font color="<!--{cycle values="#000000,#880000,#8888ff,#88ff88,#ff0000"}-->">■</font><a href="<!--{$path}-->?category_id=<!--{$arrCat[cnt].category_id}-->"><!--{$disp_name|sfCutString:20|escape}--></a><br>
+ <font color="<!--{cycle values="#000000,#880000,#8888ff,#88ff88,#ff0000"}-->">■</font><a href="<!--{$path}-->?category_id=<!--{$arrCat[cnt].category_id}-->"><!--{$disp_name|sfCutString:20|h}--></a><br>
<!--{/section}-->
<!--▲商品カテゴリーここまで-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/news.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/news.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/frontparts/bloc/news.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,8 +25,8 @@
<center>
―――――――――<br>
<!--{marquee}-->
-<!--{if $arrNews[0].news_url}--><a href="<!--{$arrNews[0].news_url|escape}-->"><!--{/if}-->
-<!--{$arrNews[0].news_title|escape}-->
+<!--{if $arrNews[0].news_url}--><a href="<!--{$arrNews[0].news_url|h}-->"><!--{/if}-->
+<!--{$arrNews[0].news_title|h}-->
<!--{if $arrNews[0].news_url}--></a><!--{/if}-->
<!--{/marquee}-->
―――――――――<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/guide/about.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/guide/about.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/guide/about.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -28,40 +28,40 @@
<!-- ▼本文 ここから -->
<!--{if $arrSiteInfo.shop_name != ""}-->
[emoji:38]<font color="#800000">店名</font><br>
-<!--{$arrSiteInfo.shop_name|escape}--><br>
+<!--{$arrSiteInfo.shop_name|h}--><br>
<!--{/if}-->
<!--{if $arrSiteInfo.company_name != ""}-->
[emoji:39]<font color="#800000">会社名</font><br>
-<!--{$arrSiteInfo.company_name|escape}--><br>
+<!--{$arrSiteInfo.company_name|h}--><br>
<!--{/if}-->
<!--{if $arrSiteInfo.zip01 != ""}-->
[emoji:121]<font color="#800000">住所</font><br>
-〒<!--{$arrSiteInfo.zip01|escape}-->-<!--{$arrSiteInfo.zip02|escape}--><br>
-<!--{$arrSiteInfo.pref|escape}--><!--{$arrSiteInfo.addr01|escape}--><!--{$arrSiteInfo.addr02|escape}--><br>
+〒<!--{$arrSiteInfo.zip01|h}-->-<!--{$arrSiteInfo.zip02|h}--><br>
+<!--{$arrSiteInfo.pref|h}--><!--{$arrSiteInfo.addr01|h}--><!--{$arrSiteInfo.addr02|h}--><br>
<!--{/if}-->
<!--{if $arrSiteInfo.tel01 != ""}-->
[emoji:74]<font color="#800000">電話番号</font><br>
-<!--{$arrSiteInfo.tel01|escape}-->-<!--{$arrSiteInfo.tel02|escape}-->-<!--{$arrSiteInfo.tel03|escape}--><br>
+<!--{$arrSiteInfo.tel01|h}-->-<!--{$arrSiteInfo.tel02|h}-->-<!--{$arrSiteInfo.tel03|h}--><br>
<!--{/if}-->
<!--{if $arrSiteInfo.fax01 != ""}-->
[emoji:76]<font color="#800000">FAX番号</font><br>
-<!--{$arrSiteInfo.fax01|escape}-->-<!--{$arrSiteInfo.fax02|escape}-->-<!--{$arrSiteInfo.fax03|escape}--><br>
+<!--{$arrSiteInfo.fax01|h}-->-<!--{$arrSiteInfo.fax02|h}-->-<!--{$arrSiteInfo.fax03|h}--><br>
<!--{/if}-->
<!--{if $arrSiteInfo.business_hour != ""}-->
[emoji:176]<font color="#800000">営業時間</font><br>
-<!--{$arrSiteInfo.business_hour|escape}--><br>
+<!--{$arrSiteInfo.business_hour|h}--><br>
<!--{/if}-->
<!--{if $arrSiteInfo.email02 != ""}-->
[emoji:110]<font color="#800000">メールアドレス</font><br>
-<a href="mailto:<!--{$arrSiteInfo.email02|escape}-->"><!--{$arrSiteInfo.email02|escape}--></a><br>
+<a href="mailto:<!--{$arrSiteInfo.email02|h}-->"><!--{$arrSiteInfo.email02|h}--></a><br>
<!--{/if}-->
<!--{if $arrSiteInfo.good_traded != ""}-->
[emoji:72]<font color="#800000">取扱商品</font><br>
-<!--{$arrSiteInfo.good_traded|escape|nl2br}--><br>
+<!--{$arrSiteInfo.good_traded|h|nl2br}--><br>
<!--{/if}-->
<!--{if $arrSiteInfo.message != ""}-->
[emoji:70]<font color="#800000">メッセージ</font><br>
-<!--{$arrSiteInfo.message|escape|nl2br}--><br>
+<!--{$arrSiteInfo.message|h|nl2br}--><br>
<!--{/if}-->
<!-- ▲本文 ここまで -->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/guide/kiyaku.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/guide/kiyaku.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/guide/kiyaku.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,8 +26,8 @@
<hr>
<!-- ▼本文 ここから -->
-<font color="#ff0000"><!--{$tpl_kiyaku_title|escape}--></font><br>
-<!--{$tpl_kiyaku_text|escape}--><br>
+<font color="#ff0000"><!--{$tpl_kiyaku_title|h}--></font><br>
+<!--{$tpl_kiyaku_text|h}--><br>
<!-- ▲本文 ここまで -->
<!--{if !$tpl_kiyaku_is_first || !$tpl_kiyaku_is_last}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order1.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order1.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order1.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,20 +27,20 @@
<!-- ▼本文 ここから -->
[emoji:39]<font color="#800000">販売業者</font><br>
-<!--{$arrRet.law_company|escape}--><br>
+<!--{$arrRet.law_company|h}--><br>
[emoji:63]<font color="#800000">運営責任者</font><br>
-<!--{$arrRet.law_manager|escape}--><br>
+<!--{$arrRet.law_manager|h}--><br>
[emoji:38]<font color="#800000">住所</font><br>
-〒<!--{$arrRet.law_zip01|escape}-->-<!--{$arrRet.law_zip02|escape}--><br>
-<!--{$arrPref[$arrRet.law_pref]|escape}--><!--{$arrRet.law_addr01|escape}--><!--{$arrRet.law_addr02|escape}--><br>
+〒<!--{$arrRet.law_zip01|h}-->-<!--{$arrRet.law_zip02|h}--><br>
+<!--{$arrPref[$arrRet.law_pref]|h}--><!--{$arrRet.law_addr01|h}--><!--{$arrRet.law_addr02|h}--><br>
[emoji:74]<font color="#800000">電話番号</font><br>
-<!--{$arrRet.law_tel01|escape}-->-<!--{$arrRet.law_tel02|escape}-->-<!--{$arrRet.law_tel03|escape}--><br>
+<!--{$arrRet.law_tel01|h}-->-<!--{$arrRet.law_tel02|h}-->-<!--{$arrRet.law_tel03|h}--><br>
[emoji:76]<font color="#800000">FAX番号</font><br>
-<!--{$arrRet.law_fax01|escape}-->-<!--{$arrRet.law_fax02|escape}-->-<!--{$arrRet.law_fax03|escape}--><br>
+<!--{$arrRet.law_fax01|h}-->-<!--{$arrRet.law_fax02|h}-->-<!--{$arrRet.law_fax03|h}--><br>
[emoji:120]<font color="#800000">メールアドレス</font><br>
<a href="mailto:<!--{$arrRet.law_email|escape:'hex'}-->"><!--{$arrRet.law_email|escape:'hexentity'}--></a><br>
[emoji:e11]<font color="#800000">URL</font><br>
-<a href="<!--{$arrRet.law_url|escape}-->"><!--{$arrRet.law_url|escape}--></a><br>
+<a href="<!--{$arrRet.law_url|h}-->"><!--{$arrRet.law_url|h}--></a><br>
<!-- ▲本文 ここまで -->
<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order2.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order2.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order2.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,11 +27,11 @@
<!-- ▼本文 ここから -->
[emoji:e44]<font color="#800000">商品以外の必要代金</font><br>
-<!--{$arrRet.law_term01|escape|nl2br}--><br>
+<!--{$arrRet.law_term01|h|nl2br}--><br>
[emoji:115]<font color="#800000">注文方法</font><br>
-<!--{$arrRet.law_term02|escape|nl2br}--><br>
+<!--{$arrRet.law_term02|h|nl2br}--><br>
[emoji:e10]<font color="#800000">支払方法</font><br>
-<!--{$arrRet.law_term03|escape|nl2br}--><br>
+<!--{$arrRet.law_term03|h|nl2br}--><br>
<!-- ▲本文 ここまで -->
<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order3.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order3.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/guide/order3.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,11 +27,11 @@
<!-- ▼本文 ここから -->
[emoji:114]<font color="#800000">支払期限</font><br>
-<!--{$arrRet.law_term04|escape|nl2br}--><br>
+<!--{$arrRet.law_term04|h|nl2br}--><br>
[emoji:72]<font color="#800000">引渡し時期</font><br>
-<!--{$arrRet.law_term05|escape|nl2br}--><br>
+<!--{$arrRet.law_term05|h|nl2br}--><br>
[emoji:167]<font color="#800000">返品・交換について</font><br>
-<!--{$arrRet.law_term06|escape|nl2br}--><br>
+<!--{$arrRet.law_term06|h|nl2br}--><br>
<!-- ▲本文 ここまで -->
<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/guide/privacy.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/guide/privacy.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/guide/privacy.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -26,7 +26,7 @@
<hr>
<!-- ▼本文 ここから -->
-<!--{$arrSiteInfo.company_name|escape}-->は、個人情報保護の重要性に鑑み、「個人情報の保護に関する法律」及び本プライバシーポリシーを遵守し、お客さまのプライバシー保護に努めます。<br>
+<!--{$arrSiteInfo.company_name|h}-->は、個人情報保護の重要性に鑑み、「個人情報の保護に関する法律」及び本プライバシーポリシーを遵守し、お客さまのプライバシー保護に努めます。<br>
個人情報の定義<br>
お客さま個人に関する情報(以下「個人情報」といいます)であって、お客さまのお名前、住所、電話番号など当該お客さま個人を識別することができる情報をさします。他の情報と組み合わせて照合することにより個人を識別することができる情報も含まれます。<br>
<!-- ▲本文 ここまで -->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/magazine/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/magazine/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/magazine/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -21,17 +21,17 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
*}-->
-<div align="center"><!--{$arrForm.kind|escape}-->確認</div>
+<div align="center"><!--{$arrForm.kind|h}-->確認</div>
<hr>
-<!--{$arrForm.kind|escape}-->を行います。<br>
+<!--{$arrForm.kind|h}-->を行います。<br>
以下の内容でよろしいでしょうか。<br>
<br>
<form action="confirm.php" method="post">
<input type="hidden" name="mode" value="<!--{$arrForm.type}-->">
- <input type="hidden" name="email" value="<!--{$arrForm.mail|escape}-->">
+ <input type="hidden" name="email" value="<!--{$arrForm.mail|h}-->">
■メールアドレス<br>
- <!--{$arrForm.mail|escape}--><br>
+ <!--{$arrForm.mail|h}--><br>
<br>
<div align="center"><input type="submit" name="submit" value="決定"></div>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/magazine/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/magazine/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/magazine/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,19 +23,19 @@
*}-->
<div align="center">メルマガ登録</div>
<hr>
-ご登録いただいたお客様へは<!--{if $arrSiteInfo.shop_name != ""}--><!--{$arrSiteInfo.shop_name|escape}-->より<!--{/if}-->商品やキャンペーン情報をメールでお届けいたします。<br>
-※<!--{if $arrSiteInfo.shop_name != ""}--><!--{$arrSiteInfo.shop_name|escape}-->では<!--{/if}-->ご利用規約に従い利用者のアドレスを保護しています。<br>
+ご登録いただいたお客様へは<!--{if $arrSiteInfo.shop_name != ""}--><!--{$arrSiteInfo.shop_name|h}-->より<!--{/if}-->商品やキャンペーン情報をメールでお届けいたします。<br>
+※<!--{if $arrSiteInfo.shop_name != ""}--><!--{$arrSiteInfo.shop_name|h}-->では<!--{/if}-->ご利用規約に従い利用者のアドレスを保護しています。<br>
<br>
<form action="confirm.php" method="post">
■登録<br>
<font color="#FF0000"><!--{$arrErr.regist}--></font>
- <input type="text" name="regist" value="<!--{$arrForm.regist|escape}-->" istyle="3"><br>
+ <input type="text" name="regist" value="<!--{$arrForm.regist|h}-->" istyle="3"><br>
<div align="center"><input type="submit" name="btnRegist" value="次へ"></div>
<br>
■解除<br>
<font color="#FF0000"><!--{$arrErr.cancel}--></font>
- <input type="text" name="cancel" value="<!--{$arrForm.cancel|escape}-->" istyle="3"><br>
+ <input type="text" name="cancel" value="<!--{$arrForm.cancel|h}-->" istyle="3"><br>
<div align="center"><input type="submit" name="btnCancel" value="次へ"></div>
<br>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/change.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/change.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/change.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">登録内容変更 1/3</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="set1">
<font color="#FF0000">*は必須項目です。</font><br>
@@ -32,12 +32,12 @@
【メールアドレス】<font color="#FF0000">※</font><br>
<font color="#FF0000"><!--{$arrErr.email}--></font>
- <input type="text" name="email" value="<!--{$arrForm.email|escape}-->" istyle="3">
+ <input type="text" name="email" value="<!--{$arrForm.email|h}-->" istyle="3">
<br>
【携帯メールアドレス】<br>
<font color="#FF0000"><!--{$arrErr.email_mobile}--></font>
- <input type="text" name="email_mobile" value="<!--{$arrForm.email_mobile|escape}-->" istyle="3">
+ <input type="text" name="email_mobile" value="<!--{$arrForm.email_mobile|h}-->" istyle="3">
<br>
【パスワード】<font color="#FF0000">※</font><br>
@@ -55,27 +55,27 @@
【質問の答え】<font color="#FF0000">※</font><br>
<font color="#FF0000"><!--{$arrErr.reminder_answer}--></font>
- <input type="text" name="reminder_answer" value="<!--{$arrForm.reminder_answer|escape}-->" istyle="1"><br>
+ <input type="text" name="reminder_answer" value="<!--{$arrForm.reminder_answer|h}-->" istyle="1"><br>
【お名前】<font color="#FF0000">※</font><br>
<font color="#FF0000"><!--{$arrErr.name01}--><!--{$arrErr.name02}--></font>
姓(例:渋谷)<br>
- <input type="text" name="name01" value="<!--{$arrForm.name01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
+ <input type="text" name="name01" value="<!--{$arrForm.name01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
名(例:花子)<br>
- <input type="text" name="name02" value="<!--{$arrForm.name02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
+ <input type="text" name="name02" value="<!--{$arrForm.name02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
<font color="#FF0000"><!--{$arrErr.kana01}--><!--{$arrErr.kana02}--></font>
カナ/姓(例:シブヤ)<br>
- <input type="text" name="kana01" value="<!--{$arrForm.kana01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
+ <input type="text" name="kana01" value="<!--{$arrForm.kana01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
カナ/名(例:ハナコ)<br>
- <input type="text" name="kana02" value="<!--{$arrForm.kana02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
+ <input type="text" name="kana02" value="<!--{$arrForm.kana02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
<input type="submit" name="confirm" value="次へ">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/change_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/change_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/change_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,37 +23,37 @@
*}-->
<div align="center">変更確認</div>
<hr>
-<form name="form1" id="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" id="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="complete">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
下記の内容でご登録してもよろしいですか?<br>
<br>
【メールアドレス】<br>
- <!--{$list_data.email|escape}--><br>
+ <!--{$list_data.email|h}--><br>
<br>
【携帯メールアドレス】<br>
- <!--{$list_data.email_mobile|escape|default:"未登録"}--><br>
+ <!--{$list_data.email_mobile|default:"未登録"|h}--><br>
<br>
【パスワード確認用質問】<br>
- <!--{$arrReminder[$list_data.reminder]|escape}--><br>
+ <!--{$arrReminder[$list_data.reminder]|h}--><br>
<br>
【質問の答え】<br>
- <!--{$list_data.reminder_answer|escape}--><br>
+ <!--{$list_data.reminder_answer|h}--><br>
<br>
【個人情報】<br>
- <!--{$list_data.name01|escape}--> <!--{$list_data.name02|escape}--><br>
- <!--{$list_data.kana01|escape}--> <!--{$list_data.kana02|escape}--><br>
+ <!--{$list_data.name01|h}--> <!--{$list_data.name02|h}--><br>
+ <!--{$list_data.kana01|h}--> <!--{$list_data.kana02|h}--><br>
<!--{if $list_data.sex eq 1}-->男性<!--{else}-->女性<!--{/if}--><br>
- <!--{if strlen($list_data.year) > 0 && strlen($list_data.month) > 0 && strlen($list_data.day) > 0}--><!--{$list_data.year|escape}-->年<!--{$list_data.month|escape}-->月<!--{$list_data.day|escape}-->日生まれ<!--{else}-->生年月日 未登録<!--{/if}--><br>
- 〒<!--{$list_data.zip01|escape}--> - <!--{$list_data.zip02|escape}--><br>
- <!--{$arrPref[$list_data.pref]|escape}--><!--{$list_data.addr01|escape}--><!--{$list_data.addr02|escape}--><br>
- <!--{$list_data.tel01|escape}-->-<!--{$list_data.tel02|escape}-->-<!--{$list_data.tel03|escape}--><br>
+ <!--{if strlen($list_data.year) > 0 && strlen($list_data.month) > 0 && strlen($list_data.day) > 0}--><!--{$list_data.year|h}-->年<!--{$list_data.month|h}-->月<!--{$list_data.day|h}-->日生まれ<!--{else}-->生年月日 未登録<!--{/if}--><br>
+ 〒<!--{$list_data.zip01|h}--> - <!--{$list_data.zip02|h}--><br>
+ <!--{$arrPref[$list_data.pref]|h}--><!--{$list_data.addr01|h}--><!--{$list_data.addr02|h}--><br>
+ <!--{$list_data.tel01|h}-->-<!--{$list_data.tel02|h}-->-<!--{$list_data.tel03|h}--><br>
<br>
【メールマガジン゛】<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/history_detail.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/history_detail.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/history_detail.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -29,32 +29,32 @@
<br>
【お届け先】<br>
<!--{assign var=key1 value="deliv_name01"}--><!--{assign var=key2 value="deliv_name02"}-->
- <!--{$arrDisp[$key1]|escape}--> <!--{$arrDisp[$key2]|escape}--><br>
+ <!--{$arrDisp[$key1]|h}--> <!--{$arrDisp[$key2]|h}--><br>
<!--{assign var=key1 value="deliv_zip01"}--><!--{assign var=key2 value="deliv_zip02"}-->
〒<!--{$arrDisp[$key1]}-->-<!--{$arrDisp[$key2]}--><br>
<!--{assign var=pref value=`$arrDisp.deliv_pref`}--><!--{$arrPref[$pref]}-->
- <!--{assign var=key value="deliv_addr01"}--><!--{$arrDisp[$key]|escape}-->
- <!--{assign var=key value="deliv_addr02"}--><!--{$arrDisp[$key]|escape}--><br>
+ <!--{assign var=key value="deliv_addr01"}--><!--{$arrDisp[$key]|h}-->
+ <!--{assign var=key value="deliv_addr02"}--><!--{$arrDisp[$key]|h}--><br>
<br>
【お届け日時指定】<br>
<!--{if $arrDisp.deliv_date eq "" and $arrDelivTime[$arrDisp.deliv_time_id] eq ""}-->
指定なし<br>
<!--{else}-->
- <!--{$arrDisp.deliv_date|escape}--> <!--{$arrDelivTime[$arrDisp.deliv_time_id]|escape}--><br>
+ <!--{$arrDisp.deliv_date|h}--> <!--{$arrDelivTime[$arrDisp.deliv_time_id]|h}--><br>
<!--{/if}-->
<br>
【お支払い方法】<br>
-<!--{$arrPayment[$arrDisp.payment_id]|escape}--><br>
+<!--{$arrPayment[$arrDisp.payment_id]|h}--><br>
<br>
【ご注文内容】<br>
<!--{section name=cnt loop=$arrDisp.quantity}-->
-<!--{$arrDisp.product_name[cnt]|escape}--><br>
-<a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrDisp.product_id[cnt]|escape:url}-->">商品詳細→</a><br>
+<!--{$arrDisp.product_name[cnt]|h}--><br>
+<a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrDisp.product_id[cnt]|u}-->">商品詳細→</a><br>
<!--{/section}-->
<br>
【購入金額】<br>
商品合計:<!--{$arrDisp.subtotal|number_format}-->円<br>
-送料:<!--{assign var=key value="deliv_fee"}--><!--{$arrDisp[$key]|escape|number_format}-->円<br>
+送料:<!--{assign var=key value="deliv_fee"}--><!--{$arrDisp[$key]|number_format|h}-->円<br>
合計:<!--{$arrDisp.payment_total|number_format}-->円<br>
<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<div align="center">MYページTOP</div>
<hr>
-<!--{$CustomerName1|escape}--> <!--{$CustomerName2|escape}-->様<br>
+<!--{$CustomerName1|h}--> <!--{$CustomerName2|h}-->様<br>
いつもご利用いただきありがとうございます。<br>
<br>
<a href="history.php" accesskey="1"><!--{1|numeric_emoji}-->購入履歴</a><br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/login.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/login.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/login.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -31,7 +31,7 @@
▼メールアドレス<br>
<!--{assign var=key value="login_email"}-->
<font color="#FF0000"><!--{$arrErr[$key]}--></font>
- <input type="text" name="<!--{$key}-->" value="<!--{$login_email|escape}-->"
+ <input type="text" name="<!--{$key}-->" value="<!--{$login_email|h}-->"
size="40" istyle="3"><br>
<!--{else}-->
<input type="hidden" name="login_email" value="dummy">
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/refusal.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/refusal.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/refusal.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,10 +23,10 @@
*}-->
<div align="center">退会確認</div>
<hr>
-<!--{$CustomerName1|escape}--> <!--{$CustomerName2|escape}-->様、会員から退会をされますと、登録されているお届け先の情報など全て削除されますがよろしいでしょうか。<br>
+<!--{$CustomerName1|h}--> <!--{$CustomerName2|h}-->様、会員から退会をされますと、登録されているお届け先の情報など全て削除されますがよろしいでしょうか。<br>
<br>
<div align="center">
-<form action="<!--{$smarty.server.PHP_SELF|escape}-->" method="post">
+<form action="<!--{$smarty.server.PHP_SELF|h}-->" method="post">
<input type="submit" name="no" value="いいえ">
<input type="submit" name="complete" value="はい">
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/set1.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/set1.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/set1.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">登録内容変更 2/3</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="set2">
<font color="#FF0000">*は必須項目です。</font><br>
@@ -36,7 +36,7 @@
【生年月日】<br>
<font color="#FF0000"><!--{$arrErr.year}--><!--{$arrErr.month}--><!--{$arrErr.day}--></font>
- <input type="text" name="year" value="<!--{$arrForm.year|escape}-->" size="4" maxlength="4" istyle="4">年<br>
+ <input type="text" name="year" value="<!--{$arrForm.year|h}-->" size="4" maxlength="4" istyle="4">年<br>
<select name="month">
<!--{html_options options=$arrMonth selected=$arrForm.month}-->
</select>月<br>
@@ -50,15 +50,15 @@
<font color="#FF0000"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></font>
<!--{assign var="size1" value="`$smarty.const.ZIP01_LEN+2`"}-->
<!--{assign var="size2" value="`$smarty.const.ZIP02_LEN+2`"}-->
- <input size="<!--{$size1}-->" type="text" name="zip01" value="<!--{if $arrForm.zip01 == ""}--><!--{$arrForm.zip01|escape}--><!--{else}--><!--{$arrForm.zip01|escape}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" istyle="4">
+ <input size="<!--{$size1}-->" type="text" name="zip01" value="<!--{if $arrForm.zip01 == ""}--><!--{$arrForm.zip01|h}--><!--{else}--><!--{$arrForm.zip01|h}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" istyle="4">
-
- <input size="<!--{$size2}-->" type="text" name="zip02" value="<!--{if $arrForm.zip02 == ""}--><!--{$arrForm.zip02|escape}--><!--{else}--><!--{$arrForm.zip02|escape}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" istyle="4"><br>
+ <input size="<!--{$size2}-->" type="text" name="zip02" value="<!--{if $arrForm.zip02 == ""}--><!--{$arrForm.zip02|h}--><!--{else}--><!--{$arrForm.zip02|h}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" istyle="4"><br>
<input type="submit" name="confirm" value="次へ"><br>
<input type="submit" name="return" value="戻る">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/set2.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/set2.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/mypage/set2.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">登録内容変更 3/3</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="confirm">
<font color="#FF0000">*は必須項目です。</font><br>
@@ -38,20 +38,20 @@
【住所1】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.addr01}--></font>
- <input type="text" name="addr01" value="<!--{$arrForm.addr01|escape}-->" istyle="1"><br>
+ <input type="text" name="addr01" value="<!--{$arrForm.addr01|h}-->" istyle="1"><br>
【住所2】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.addr02}--></font>
- <input type="text" name="addr02" value="<!--{$arrForm.addr02|escape}-->" istyle="1"><br>
+ <input type="text" name="addr02" value="<!--{$arrForm.addr02|h}-->" istyle="1"><br>
【電話番号】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.tel01}--><!--{$arrErr.tel02}--><!--{$arrErr.tel03}--></font>
<!--{assign var="size" value="`$smarty.const.TEL_ITEM_LEN+2`"}-->
- <input type="text" size="<!--{$size}-->" name="tel01" value="<!--{$arrForm.tel01|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
+ <input type="text" size="<!--{$size}-->" name="tel01" value="<!--{$arrForm.tel01|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
-
- <input type="text" size="<!--{$size}-->" name="tel02" value="<!--{$arrForm.tel02|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
+ <input type="text" size="<!--{$size}-->" name="tel02" value="<!--{$arrForm.tel02|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
-
- <input type="text" size="<!--{$size}-->" name="tel03" value="<!--{$arrForm.tel03|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4"><br>
+ <input type="text" size="<!--{$size}-->" name="tel03" value="<!--{$arrForm.tel03|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4"><br>
【メールマガジン】<br>
お得な情報を希望されますか?<br>
@@ -59,16 +59,16 @@
(希望されない場合はチェックをはずしてください)<br>
<br>
- <input type="hidden" name="fax01" value="<!--{$arrForm.fax01|escape}-->">
- <input type="hidden" name="fax02" value="<!--{$arrForm.fax02|escape}-->">
- <input type="hidden" name="fax03" value="<!--{$arrForm.fax03|escape}-->">
- <input type="hidden" name="job" value="<!--{$arrForm.job|escape}-->">
+ <input type="hidden" name="fax01" value="<!--{$arrForm.fax01|h}-->">
+ <input type="hidden" name="fax02" value="<!--{$arrForm.fax02|h}-->">
+ <input type="hidden" name="fax03" value="<!--{$arrForm.fax03|h}-->">
+ <input type="hidden" name="job" value="<!--{$arrForm.job|h}-->">
<input type="submit" name="confirm" value="次へ"><br>
<input type="submit" name="return" value="戻る">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/order/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/order/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/order/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -21,30 +21,30 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
*}-->
-<center><font color="#008080"><b><!--{$tpl_title|escape}--></b></font></center>
+<center><font color="#008080"><b><!--{$tpl_title|h}--></b></font></center>
<hr>
[emoji:39]<font color="#800000">販売業者</font><br>
-<!--{$arrRet.law_company|escape}--><br>
+<!--{$arrRet.law_company|h}--><br>
<hr>
[emoji:170]<font color="#800000">運営責任者</font><br>
-<!--{$arrRet.law_manager|escape}--><br>
+<!--{$arrRet.law_manager|h}--><br>
<hr>
[emoji:38]<font color="#800000">住所</font><br>
-〒<!--{$arrRet.law_zip01|escape}-->-<!--{$arrRet.law_zip02|escape}--><br>
-<!--{$arrPref[$arrRet.law_pref]|escape}--><!--{$arrRet.law_addr01|escape}--><br>
-<!--{$arrRet.law_addr02|escape}--><br>
+〒<!--{$arrRet.law_zip01|h}-->-<!--{$arrRet.law_zip02|h}--><br>
+<!--{$arrPref[$arrRet.law_pref]|h}--><!--{$arrRet.law_addr01|h}--><br>
+<!--{$arrRet.law_addr02|h}--><br>
<hr>
[emoji:74]<font color="#800000">電話番号</font><br>
-<a href="tel:<!--{$arrRet.law_tel01|escape}-->-<!--{$arrRet.law_tel02|escape}-->-<!--{$arrRet.law_tel03|escape}-->"><!--{$arrRet.law_tel01|escape}-->-<!--{$arrRet.law_tel02|escape}-->-<!--{$arrRet.law_tel03|escape}--></a><br>
+<a href="tel:<!--{$arrRet.law_tel01|h}-->-<!--{$arrRet.law_tel02|h}-->-<!--{$arrRet.law_tel03|h}-->"><!--{$arrRet.law_tel01|h}-->-<!--{$arrRet.law_tel02|h}-->-<!--{$arrRet.law_tel03|h}--></a><br>
<hr>
[emoji:107]<font color="#800000">FAX番号</font><br>
-<!--{$arrRet.law_fax01|escape}-->-<!--{$arrRet.law_fax02|escape}-->-<!--{$arrRet.law_fax03|escape}--><br>
+<!--{$arrRet.law_fax01|h}-->-<!--{$arrRet.law_fax02|h}-->-<!--{$arrRet.law_fax03|h}--><br>
<hr>
[emoji:110]<font color="#800000">メールアドレス</font><br>
@@ -52,31 +52,31 @@
<hr>
[emoji:e11]<font color="#800000">サイトURL</font><br>
-<a href="<!--{$arrRet.law_url|escape}-->"><!--{$arrRet.law_url|escape}--></a><br>
+<a href="<!--{$arrRet.law_url|h}-->"><!--{$arrRet.law_url|h}--></a><br>
<hr>
[emoji:113]<font color="#800000">商品以外の必要代金</font><br>
-<!--{$arrRet.law_term01|escape|nl2br}--><br>
+<!--{$arrRet.law_term01|h|nl2br}--><br>
<hr>
[emoji:146]<font color="#800000">注文方法</font><br>
-<!--{$arrRet.law_term02|escape|nl2br}--><br>
+<!--{$arrRet.law_term02|h|nl2br}--><br>
<hr>
[emoji:42]<font color="#800000">支払方法</font><br>
-<!--{$arrRet.law_term03|escape|nl2br}--><br>
+<!--{$arrRet.law_term03|h|nl2br}--><br>
<hr>
[emoji:176]<font color="#800000">支払期限</font><br>
-<!--{$arrRet.law_term04|escape|nl2br}--><br>
+<!--{$arrRet.law_term04|h|nl2br}--><br>
<hr>
[emoji:72]<font color="#800000">引渡し時期</font><br>
-<!--{$arrRet.law_term05|escape|nl2br}--><br>
+<!--{$arrRet.law_term05|h|nl2br}--><br>
<hr>
[emoji:e42]<font color="#800000">返品・交換について</font><br>
-<!--{$arrRet.law_term06|escape|nl2br}--><br>
+<!--{$arrRet.law_term06|h|nl2br}--><br>
<hr>
<a href="<!--{$smarty.const.MOBILE_URL_CART_TOP}-->" accesskey="9"><!--{9|numeric_emoji}-->カート見る</a><br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/products/category_list.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/products/category_list.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/products/category_list.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -21,7 +21,7 @@
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*/
*}-->
-<center><!--{$arrCategory.category_name|escape}--></center>
+<center><!--{$arrCategory.category_name|h}--></center>
<hr>
@@ -32,9 +32,9 @@
<!--{assign var=path value="`$smarty.const.MOBILE_URL_DIR`products/list.php"}-->
<!--{/if}-->
<!--{if $i+1<9}-->
-<a href="<!--{$path}-->?category_id=<!--{$arrChild.category_id}-->" accesskey="<!--{$i+1}-->"><!--{$i+1|numeric_emoji}--><!--{$arrChild.category_name|escape}-->(<!--{$arrChild.product_count}-->)</a><br>
+<a href="<!--{$path}-->?category_id=<!--{$arrChild.category_id}-->" accesskey="<!--{$i+1}-->"><!--{$i+1|numeric_emoji}--><!--{$arrChild.category_name|h}-->(<!--{$arrChild.product_count}-->)</a><br>
<!--{else}-->
-[<!--{$i+1}-->]<a href="<!--{$path}-->?category_id=<!--{$arrChild.category_id}-->"><!--{$arrChild.category_name|escape}-->(<!--{$arrChild.product_count}-->)</a><br>
+[<!--{$i+1}-->]<a href="<!--{$path}-->?category_id=<!--{$arrChild.category_id}-->"><!--{$arrChild.category_name|h}-->(<!--{$arrChild.product_count}-->)</a><br>
<!--{/if}-->
<!--{/foreach}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/products/detail.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/products/detail.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/products/detail.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<!--▼MAIN CONTENTS-->
<!--タイトルここから-->
<!--★商品名★-->
-<div align="center"><!--{$arrProduct.name|escape}--></div>
+<div align="center"><!--{$arrProduct.name|h}--></div>
<hr>
<!--タイトルここまで-->
<!--詳細ここから-->
@@ -40,7 +40,7 @@
<!--{if ($smarty.get.image == "" || $smarty.get.image == "main_image")}-->
[1]
<!--{else}-->
-[<a href="<!--{$smarty.server.PHP_SELF|escape}-->?product_id=<!--{$smarty.get.product_id}-->&image=main_image">1</a>]
+[<a href="<!--{$smarty.server.PHP_SELF|h}-->?product_id=<!--{$smarty.get.product_id}-->&image=main_image">1</a>]
<!--{/if}-->
<!--{assign var=num value="2"}-->
@@ -50,7 +50,7 @@
<!--{if $key == $smarty.get.image}-->
[<!--{$num}-->]
<!--{else}-->
-[<a href="<!--{$smarty.server.PHP_SELF|escape}-->?product_id=<!--{$smarty.get.product_id}-->&image=<!--{$key}-->"><!--{$num}--></a>]
+[<a href="<!--{$smarty.server.PHP_SELF|h}-->?product_id=<!--{$smarty.get.product_id}-->&image=<!--{$key}-->"><!--{$num}--></a>]
<!--{/if}-->
<!--{assign var=num value="`$num+1`"}-->
<!--{/if}-->
@@ -83,7 +83,7 @@
<!--{/if}-->
円</font><br>
<!--{/if}-->
-<form name="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.REQUEST_URI|h}-->">
<input type="hidden" name="mode" value="select">
<input type="hidden" name="product_id" value="<!--{$tpl_product_id}-->">
<!--{if $tpl_stock_find}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/products/list.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/products/list.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/products/list.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,20 +22,20 @@
*/
*}-->
<!-- ▼タイトル ここから -->
-<center><!--{$tpl_subtitle|escape}--></center>
+<center><!--{$tpl_subtitle|h}--></center>
<!-- ▲タイトル ここまで -->
<hr>
<!--{if isset($tpl_previous_page|smarty:nodefaults) || isset($tpl_next_page|smarty:nodefaults)}-->
<!--{if isset($tpl_previous_page|smarty:nodefaults)}-->
-<a href="<!--{$tpl_previous_page|escape}-->">前へ</a>
+<a href="<!--{$tpl_previous_page|h}-->">前へ</a>
<!--{/if}-->
<!--{if isset($tpl_previous_page|smarty:nodefaults) && isset($tpl_next_page|smarty:nodefaults)}-->
|
<!--{/if}-->
<!--{if isset($tpl_next_page|smarty:nodefaults)}-->
-<a href="<!--{$tpl_next_page|escape}-->">次へ</a>
+<a href="<!--{$tpl_next_page|h}-->">次へ</a>
<!--{/if}-->
<br><br>
<!--{/if}-->
@@ -43,7 +43,7 @@
<!--{foreach from=$arrProducts key=i item=arrProduct}-->
<!-- ▼商品 ここから -->
<!--{if $i+1<9}--><!--{$i+1|numeric_emoji}--><!--{else}-->[<!--{$i+1}-->]<!--{/if}-->
-<!-- 商品名 --><!--{$arrProduct.name|escape}--><br>
+<!-- 商品名 --><!--{$arrProduct.name|h}--><br>
<!--{$smarty.const.SALE_PRICE_TITLE}-->:
<!--{if $arrProduct.price02_min == $arrProduct.price02_max}-->
@@ -55,9 +55,9 @@
<div align="right">
<!--{if $i+1<9}-->
-<a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrProduct.product_id|escape:url}-->" accesskey="<!--{$i+1}-->">商品詳細へ→</a>
+<a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrProduct.product_id|u}-->" accesskey="<!--{$i+1}-->">商品詳細へ→</a>
<!--{else}-->
-<a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrProduct.product_id|escape:url}-->">商品詳細へ→</a>
+<a href="<!--{$smarty.const.MOBILE_DETAIL_P_HTML}--><!--{$arrProduct.product_id|u}-->">商品詳細へ→</a>
<!--{/if}-->
</div>
@@ -73,13 +73,13 @@
<!--{if isset($tpl_previous_page|smarty:nodefaults) || isset($tpl_next_page|smarty:nodefaults)}-->
<!--{if isset($tpl_previous_page|smarty:nodefaults)}-->
-<a href="<!--{$tpl_previous_page|escape}-->">前へ</a>
+<a href="<!--{$tpl_previous_page|h}-->">前へ</a>
<!--{/if}-->
<!--{if isset($tpl_previous_page|smarty:nodefaults) && isset($tpl_next_page|smarty:nodefaults)}-->
|
<!--{/if}-->
<!--{if isset($tpl_next_page|smarty:nodefaults)}-->
-<a href="<!--{$tpl_next_page|escape}-->">次へ</a>
+<a href="<!--{$tpl_next_page|h}-->">次へ</a>
<!--{/if}-->
<br>
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/products/search.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/products/search.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/products/search.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -30,7 +30,7 @@
<form method="get" action="<!--{$smarty.const.MOBILE_URL_DIR}-->products/list.php">
<center>
<input type="hidden" name="mode" value="search">
-<input type="text" name="name" size="18" maxlength="50" value="<!--{$smarty.get.name|escape}-->"><br>
+<input type="text" name="name" size="18" maxlength="50" value="<!--{$smarty.get.name|h}-->"><br>
<input type="submit" name="search" value="検索">
</center>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_find1.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_find1.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_find1.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,7 +27,7 @@
<!--{if $arrErr.classcategory_id1 != ""}-->
<font color="#FF0000">※<!--{$tpl_class_name1}-->を入力して下さい。</font><br>
<!--{/if}-->
-<form method="post" action="<!--{$smarty.server.REQUEST_URI|escape}-->">
+<form method="post" action="<!--{$smarty.server.REQUEST_URI|h}-->">
<select name="classcategory_id1">
<option value="">選択してください</option>
<!--{html_options options=$arrClassCat1 selected=$arrForm.classcategory_id1.value}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_find2.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_find2.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_find2.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,7 +27,7 @@
<!--{if $arrErr.classcategory_id2 != ""}-->
<font color="#FF0000">※<!--{$tpl_class_name2}-->を入力して下さい。</font><br>
<!--{/if}-->
-<form method="post" action="<!--{$smarty.server.REQUEST_URI|escape}-->">
+<form method="post" action="<!--{$smarty.server.REQUEST_URI|h}-->">
<select name="classcategory_id2">
<option value="">選択してください</option>
<!--{html_options options=$arrClassCat2 selected=$arrForm.classcategory_id2.value}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_item.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_item.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/products/select_item.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,7 +27,7 @@
<!--{if $arrErr.classcategory_id2 != ""}-->
<font color="#FF0000">※数量を入力して下さい。</font><br>
<!--{/if}-->
-<form method="post" action="<!--{$smarty.server.REQUEST_URI|escape}-->">
+<form method="post" action="<!--{$smarty.server.REQUEST_URI|h}-->">
<input type="text" name="quantity" size="3" value="<!--{$arrForm.quantity.value|default:1}-->" maxlength=<!--{$smarty.const.INT_LEN}--> istyle="4"><br>
<input type="hidden" name="mode" value="cart">
<input type="hidden" name="classcategory_id1" value="<!--{$arrForm.classcategory_id1.value}-->">
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/regist/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/regist/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/regist/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -34,9 +34,9 @@
<br>
-<!--{$arrSiteInfo.company_name|escape}--><br>
+<!--{$arrSiteInfo.company_name|h}--><br>
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}--> <!--{if $arrSiteInfo.business_hour != ""}-->(受付時間/<!--{$arrSiteInfo.business_hour}-->)<!--{/if}--><br>
-E-mail:<a href="mailto:<!--{$arrSiteInfo.email02|escape}-->"><!--{$arrSiteInfo.email02|escape}--></a><br>
+E-mail:<a href="mailto:<!--{$arrSiteInfo.email02|h}-->"><!--{$arrSiteInfo.email02|h}--></a><br>
<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,7 +27,7 @@
ご注文、有り難うございました。<br>
商品到着をお楽しみにお待ち下さいませ。<br>
-どうぞ、今後とも、<!--{$arrInfo.shop_name|escape}-->をよろしくお願いします。<br>
+どうぞ、今後とも、<!--{$arrInfo.shop_name|h}-->をよろしくお願いします。<br>
<br>
<!--{if $arrOther.title.value }-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<hr>
-<form method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="confirm">
<input type="hidden" name="uniqid" value="<!--{$tpl_uniqid}-->">
@@ -36,25 +36,25 @@
【お届け先】<br>
<!--{* 別のお届け先が選択されている場合 *}-->
<!--{if $arrData.deliv_check >= 1}-->
-<!--{$arrData.deliv_name01|escape}--> <!--{$arrData.deliv_name02|escape}--><br>
-〒<!--{$arrData.deliv_zip01|escape}-->-<!--{$arrData.deliv_zip02|escape}--><br>
-<!--{$arrPref[$arrData.deliv_pref]}--><!--{$arrData.deliv_addr01|escape}--><!--{$arrData.deliv_addr02|escape}--><br>
+<!--{$arrData.deliv_name01|h}--> <!--{$arrData.deliv_name02|h}--><br>
+〒<!--{$arrData.deliv_zip01|h}-->-<!--{$arrData.deliv_zip02|h}--><br>
+<!--{$arrPref[$arrData.deliv_pref]}--><!--{$arrData.deliv_addr01|h}--><!--{$arrData.deliv_addr02|h}--><br>
<!--{else}-->
-<!--{$arrData.order_name01|escape}--> <!--{$arrData.order_name02|escape}--><br>
-〒<!--{$arrData.order_zip01|escape}-->-<!--{$arrData.order_zip02|escape}--><br>
-<!--{$arrPref[$arrData.order_pref]}--><!--{$arrData.order_addr01|escape}--><!--{$arrData.order_addr02|escape}--><br>
+<!--{$arrData.order_name01|h}--> <!--{$arrData.order_name02|h}--><br>
+〒<!--{$arrData.order_zip01|h}-->-<!--{$arrData.order_zip02|h}--><br>
+<!--{$arrPref[$arrData.order_pref]}--><!--{$arrData.order_addr01|h}--><!--{$arrData.order_addr02|h}--><br>
<!--{/if}-->
<br>
【お届け日時指定】<br>
-日:<!--{$arrData.deliv_date|escape|default:"指定なし"}--><br>
-時間:<!--{$arrData.deliv_time|escape|default:"指定なし"}--><br>
+日:<!--{$arrData.deliv_date|default:"指定なし"|h}--><br>
+時間:<!--{$arrData.deliv_time|default:"指定なし"|h}--><br>
<br>
【お支払い方法】<br>
-<!--{$arrData.payment_method|escape}--><br>
+<!--{$arrData.payment_method|h}--><br>
<br>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -31,7 +31,7 @@
<!--▼CONTENTS-->
<!--{section name=cnt loop=$arrAddr}-->
-<form method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="uniqid" value="<!--{$tpl_uniqid}-->">
<input type="hidden" name="deli" value="<!--{$smarty.section.cnt.iteration}-->">
<!--{if $smarty.section.cnt.first}-->
@@ -43,9 +43,9 @@
<!--{/if}-->
■お届け先<!--{$smarty.section.cnt.iteration}--><br>
〒<!--{$arrAddr[cnt].zip01}-->-<!--{$arrAddr[cnt].zip02}--><br>
-<!--{assign var=key value=$arrAddr[cnt].pref}--><!--{$arrPref[$key]}--><!--{$arrAddr[cnt].addr01|escape}--><br>
+<!--{assign var=key value=$arrAddr[cnt].pref}--><!--{$arrPref[$key]}--><!--{$arrAddr[cnt].addr01|h}--><br>
<!--{if $arrAddr[cnt].addr02 != ""}-->
-<!--{$arrAddr[cnt].addr02|escape}--><br>
+<!--{$arrAddr[cnt].addr02|h}--><br>
<!--{/if}-->
<center><input type="submit" value="ここに送る"></center>
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv_addr.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv_addr.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv_addr.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">お届け先登録</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="set1">
<font color="#FF0000">*は必須項目です。</font><br>
@@ -32,17 +32,17 @@
【お名前】<font color="#FF0000">※</font><br>
<font color="#FF0000"><!--{$arrErr.name01}--><!--{$arrErr.name02}--></font>
姓(例:渋谷)<br>
- <input type="text" name="name01" value="<!--{$arrForm.name01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
+ <input type="text" name="name01" value="<!--{$arrForm.name01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
名(例:花子)<br>
- <input type="text" name="name02" value="<!--{$arrForm.name02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
+ <input type="text" name="name02" value="<!--{$arrForm.name02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="1"><br>
<font color="#FF0000"><!--{$arrErr.kana01}--><!--{$arrErr.kana02}--></font>
カナ/姓(例:シブヤ)<br>
- <input type="text" name="kana01" value="<!--{$arrForm.kana01|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
+ <input type="text" name="kana01" value="<!--{$arrForm.kana01|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
カナ/名(例:ハナコ)<br>
- <input type="text" name="kana02" value="<!--{$arrForm.kana02|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
+ <input type="text" name="kana02" value="<!--{$arrForm.kana02|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" istyle="2"><br>
<br>
@@ -52,9 +52,9 @@
<font color="#FF0000"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></font>
<!--{assign var="size1" value="`$smarty.const.ZIP01_LEN+2`"}-->
<!--{assign var="size2" value="`$smarty.const.ZIP02_LEN+2`"}-->
- <input size="<!--{$size1}-->" type="text" name="zip01" value="<!--{if $arrForm.zip01 != ""}--><!--{$arrForm.zip01|escape}--><!--{else}--><!--{$zip01|escape}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" istyle="4">
+ <input size="<!--{$size1}-->" type="text" name="zip01" value="<!--{if $arrForm.zip01 != ""}--><!--{$arrForm.zip01|h}--><!--{else}--><!--{$zip01|h}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP01_LEN}-->" istyle="4">
-
- <input size="<!--{$size2}-->" type="text" name="zip02" value="<!--{if $arrForm.zip02 != ""}--><!--{$arrForm.zip02|escape}--><!--{else}--><!--{$zip02|escape}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" istyle="4"><br>
+ <input size="<!--{$size2}-->" type="text" name="zip02" value="<!--{if $arrForm.zip02 != ""}--><!--{$arrForm.zip02|h}--><!--{else}--><!--{$zip02|h}--><!--{/if}-->" maxlength="<!--{$smarty.const.ZIP02_LEN}-->" istyle="4"><br>
<br>
@@ -62,7 +62,7 @@
<div align="center"><input type="submit" name="return" value="戻る"></div>
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv_date.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv_date.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/deliv_date.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<hr>
-<form method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="confirm">
<input type="hidden" name="uniqid" value="<!--{$tpl_uniqid}-->">
<input type="hidden" name="payment_id" value="<!--{$arrForm.payment_id.value}-->">
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -44,7 +44,7 @@
▼メールアドレス<br>
<!--{assign var=key value="login_email"}-->
<font color="#FF0000"><!--{$arrErr[$key]}--></font>
- <input type="text" name="<!--{$key}-->" value="<!--{$tpl_login_email|escape}-->"
+ <input type="text" name="<!--{$key}-->" value="<!--{$tpl_login_email|h}-->"
size="40" istyle="3"><br>
<!--{else}-->
<input type="hidden" name="login_email" value="dummy">
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/payment.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/payment.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/payment.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<hr>
-<form method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="deliv_date">
<input type="hidden" name="uniqid" value="<!--{$tpl_uniqid}-->">
<input type="hidden" name="deliv_date" value="<!--{$arrForm.deliv_date.value}-->">
@@ -41,7 +41,7 @@
<!--{/if}-->
<!--{section name=cnt loop=$arrPayment}-->
<input type="radio" name="<!--{$key}-->" value="<!--{$arrPayment[cnt].payment_id}-->" <!--{$arrPayment[cnt].payment_id|sfGetChecked:$arrForm[$key].value}-->>
-<!--{$arrPayment[cnt].payment_method|escape}-->
+<!--{$arrPayment[cnt].payment_method|h}-->
<br>
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/set1.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/set1.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/set1.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<div align="center">お届け先登録</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="set2">
<font color="#FF0000">*は必須項目です。</font><br>
@@ -38,20 +38,20 @@
【住所1】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.addr01}--></font>
- <input type="text" name="addr01" value="<!--{$arrForm.addr01|escape}-->" istyle="1"><br>
+ <input type="text" name="addr01" value="<!--{$arrForm.addr01|h}-->" istyle="1"><br>
【住所2】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.addr02}--></font>
- <input type="text" name="addr02" value="<!--{$arrForm.addr02|escape}-->" istyle="1"><br>
+ <input type="text" name="addr02" value="<!--{$arrForm.addr02|h}-->" istyle="1"><br>
【電話番号】<font color="#FF0000">*</font><br>
<font color="#FF0000"><!--{$arrErr.tel01}--><!--{$arrErr.tel02}--><!--{$arrErr.tel03}--></font>
<!--{assign var="size" value="`$smarty.const.TEL_ITEM_LEN+2`"}-->
- <input type="text" size="<!--{$size}-->" name="tel01" value="<!--{$arrForm.tel01|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
+ <input type="text" size="<!--{$size}-->" name="tel01" value="<!--{$arrForm.tel01|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
-
- <input type="text" size="<!--{$size}-->" name="tel02" value="<!--{$arrForm.tel02|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
+ <input type="text" size="<!--{$size}-->" name="tel02" value="<!--{$arrForm.tel02|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4">
-
- <input type="text" size="<!--{$size}-->" name="tel03" value="<!--{$arrForm.tel03|escape}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4"><br>
+ <input type="text" size="<!--{$size}-->" name="tel03" value="<!--{$arrForm.tel03|h}-->" maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->" istyle="4"><br>
<br>
@@ -59,7 +59,7 @@
<div align="center"><input type="submit" name="return" value="戻る"></div>
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/set2.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/set2.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/shopping/set2.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,21 +23,21 @@
*}-->
<div align="center">お届け先登録確認</div>
<hr>
-<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="complete">
【個人情報】<br>
- <!--{$list_data.name01|escape}--> <!--{$list_data.name02|escape}--><br>
- <!--{$list_data.kana01|escape}--> <!--{$list_data.kana02|escape}--><br>
- 〒<!--{$list_data.zip01|escape}--> - <!--{$list_data.zip02|escape}--><br>
- <!--{$arrPref[$list_data.pref]|escape}--><!--{$list_data.addr01|escape}--><!--{$list_data.addr02|escape}--><br>
- <!--{$list_data.tel01|escape}-->-<!--{$list_data.tel02|escape}-->-<!--{$list_data.tel03|escape}--><br>
+ <!--{$list_data.name01|h}--> <!--{$list_data.name02|h}--><br>
+ <!--{$list_data.kana01|h}--> <!--{$list_data.kana02|h}--><br>
+ 〒<!--{$list_data.zip01|h}--> - <!--{$list_data.zip02|h}--><br>
+ <!--{$arrPref[$list_data.pref]|h}--><!--{$list_data.addr01|h}--><!--{$list_data.addr02|h}--><br>
+ <!--{$list_data.tel01|h}-->-<!--{$list_data.tel02|h}-->-<!--{$list_data.tel03|h}--><br>
<div align="center"><input type="submit" name="submit" value="次へ"></div>
<div align="center"><input type="submit" name="return" value="戻る"></div>
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->">
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->">
<!--{/foreach}-->
</form>
変更: branches/version-2_5-dev/data/Smarty/templates/mobile/site_frame.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/mobile/site_frame.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/mobile/site_frame.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,10 +24,10 @@
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=shift_jis">
-<title><!--{$arrSiteInfo.shop_name|escape}--><!--{if $tpl_subtitle|strlen >= 1}-->/<!--{$tpl_subtitle|escape}--><!--{elseif $tpl_title|strlen >= 1}-->/<!--{$tpl_title|escape}--><!--{/if}--></title>
-<meta name="author" content="<!--{$arrPageLayout.author|escape}-->">
-<meta name="description" content="<!--{$arrPageLayout.description|escape}-->">
-<meta name="keywords" content="<!--{$arrPageLayout.keyword|escape}-->">
+<title><!--{$arrSiteInfo.shop_name|h}--><!--{if $tpl_subtitle|strlen >= 1}-->/<!--{$tpl_subtitle|h}--><!--{elseif $tpl_title|strlen >= 1}-->/<!--{$tpl_title|h}--><!--{/if}--></title>
+<meta name="author" content="<!--{$arrPageLayout.author|h}-->">
+<meta name="description" content="<!--{$arrPageLayout.description|h}-->">
+<meta name="keywords" content="<!--{$arrPageLayout.keyword|h}-->">
</head>
<!-- ▼ BODY部 スタート -->
<!--{include file='./site_main.tpl'}-->
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/abouts/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/abouts/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/abouts/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -50,42 +50,42 @@
<div id="undercolumn">
<div id="undercolumn_aboutus">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<table summary="当サイトについて">
<!--{if strlen($objSiteInfo->data.shop_name)}-->
<tr>
<th>店名</th>
- <td><!--{$objSiteInfo->data.shop_name|escape}--></td>
+ <td><!--{$objSiteInfo->data.shop_name|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.company_name)}-->
<tr>
<th>会社名</th>
- <td><!--{$objSiteInfo->data.company_name|escape}--></td>
+ <td><!--{$objSiteInfo->data.company_name|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.zip01)}-->
<tr>
<th>住所</th>
- <td>〒<!--{$objSiteInfo->data.zip01|escape}-->-<!--{$objSiteInfo->data.zip02|escape}--><br /><!--{$objSiteInfo->data.pref|escape}--><!--{$objSiteInfo->data.addr01|escape}--><!--{$objSiteInfo->data.addr02|escape}--></td>
+ <td>〒<!--{$objSiteInfo->data.zip01|h}-->-<!--{$objSiteInfo->data.zip02|h}--><br /><!--{$objSiteInfo->data.pref|h}--><!--{$objSiteInfo->data.addr01|h}--><!--{$objSiteInfo->data.addr02|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.tel01)}-->
<tr>
<th>電話番号</th>
- <td><!--{$objSiteInfo->data.tel01|escape}-->-<!--{$objSiteInfo->data.tel02|escape}-->-<!--{$objSiteInfo->data.tel03|escape}--></td>
+ <td><!--{$objSiteInfo->data.tel01|h}-->-<!--{$objSiteInfo->data.tel02|h}-->-<!--{$objSiteInfo->data.tel03|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.fax01)}-->
<tr>
<th>FAX番号</th>
- <td><!--{$objSiteInfo->data.fax01|escape}-->-<!--{$objSiteInfo->data.fax02|escape}-->-<!--{$objSiteInfo->data.fax03|escape}--></td>
+ <td><!--{$objSiteInfo->data.fax01|h}-->-<!--{$objSiteInfo->data.fax02|h}-->-<!--{$objSiteInfo->data.fax03|h}--></td>
</tr>
<!--{/if}-->
@@ -99,21 +99,21 @@
<!--{if strlen($objSiteInfo->data.business_hour)}-->
<tr>
<th>営業時間</th>
- <td><!--{$objSiteInfo->data.business_hour|escape}--></td>
+ <td><!--{$objSiteInfo->data.business_hour|h}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.good_traded)}-->
<tr>
<th>取扱商品</th>
- <td><!--{$objSiteInfo->data.good_traded|escape|nl2br}--></td>
+ <td><!--{$objSiteInfo->data.good_traded|h|nl2br}--></td>
</tr>
<!--{/if}-->
<!--{if strlen($objSiteInfo->data.message)}-->
<tr>
<th>メッセージ</th>
- <td><!--{$objSiteInfo->data.message|escape|nl2br}--></td>
+ <td><!--{$objSiteInfo->data.message|h|nl2br}--></td>
</tr>
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/best5.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/best5.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/best5.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,12 +27,12 @@
<div class="recomendblock">
<div class="recomendleft">
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[cnt].product_id|escape:url}-->">
- <img src="<!--{$smarty.const.SMARTPHONE_URL_DIR}-->resize_image.php?image=<!--{$arrBestProducts[cnt].main_list_image|sfNoImageMainList|escape}-->&width=80&height=80" alt="<!--{$arrBestProducts[cnt].name|escape}-->" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[cnt].product_id|u}-->">
+ <img src="<!--{$smarty.const.SMARTPHONE_URL_DIR}-->resize_image.php?image=<!--{$arrBestProducts[cnt].main_list_image|sfNoImageMainList|h}-->&width=80&height=80" alt="<!--{$arrBestProducts[cnt].name|h}-->" /></a>
<div class="recomendrightblock">
<h3>
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[cnt].product_id|escape:url}-->"><!--{$arrBestProducts[cnt].name|escape}--></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[cnt].product_id|u}-->"><!--{$arrBestProducts[cnt].name|h}--></a>
</h3>
<!--{assign var=price01 value=`$arrBestProducts[cnt].price01_min`}-->
@@ -42,19 +42,19 @@
<span class="price"><!--{$price02|sfCalcIncTax:$arrInfo.tax:$arrInfo.tax_rule|number_format}--> 円</span>
</p>
- <p class="mini comment"><!--{$arrBestProducts[cnt].comment|escape|nl2br}--></p>
+ <p class="mini comment"><!--{$arrBestProducts[cnt].comment|h|nl2br}--></p>
</div>
</div>
<!--{assign var=cnt2 value=`$smarty.section.cnt.iteration*$smarty.section.cnt.step-1`}-->
<!--{if $arrBestProducts[$cnt2]|count > 0}-->
<div class="recomendright">
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[$cnt2].product_id|escape:url}-->">
- <img src="<!--{$smarty.const.SMARTPHONE_URL_DIR}-->resize_image.php?image=<!--{$arrBestProducts[$cnt2].main_list_image|sfNoImageMainList|escape}-->&width=80&height=80" alt="<!--{$arrBestProducts[$cnt2].name|escape}-->" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[$cnt2].product_id|u}-->">
+ <img src="<!--{$smarty.const.SMARTPHONE_URL_DIR}-->resize_image.php?image=<!--{$arrBestProducts[$cnt2].main_list_image|sfNoImageMainList|h}-->&width=80&height=80" alt="<!--{$arrBestProducts[$cnt2].name|h}-->" /></a>
<div class="recomendrightblock">
<h3>
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[$cnt2].product_id|escape:url}-->"><!--{$arrBestProducts[$cnt2].name|escape}--></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrBestProducts[$cnt2].product_id|u}-->"><!--{$arrBestProducts[$cnt2].name|h}--></a>
</h3>
<!--{assign var=price01 value=`$arrBestProducts[$cnt2].price01_min`}-->
@@ -64,7 +64,7 @@
<span class="price"><!--{$price02|sfCalcIncTax:$arrInfo.tax:$arrInfo.tax_rule|number_format}--> 円</span>
</p>
- <p class="mini comment"><!--{$arrBestProducts[$cnt2].comment|escape|nl2br}--></p>
+ <p class="mini comment"><!--{$arrBestProducts[$cnt2].comment|h|nl2br}--></p>
</div>
</div>
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/category.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/category.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/category.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -48,7 +48,7 @@
</li>
<!--{/if}-->
- <li class="level<!--{$level}--><!--{if in_array($arrTree[cnt].category_id, $tpl_category_id) }--> onmark<!--{/if}-->"><span class="category_header"></span><span class="category_body"><a href="<!--{$smarty.const.SMARTPHONE_URL_DIR}-->products/list.php?category_id=<!--{$arrTree[cnt].category_id}-->"<!--{if in_array($arrTree[cnt].category_id, $tpl_category_id) }--> class="onlink"<!--{/if}-->><!--{$arrTree[cnt].category_name|escape}-->(<!--{$arrTree[cnt].product_count|default:0}-->)</a></span>
+ <li class="level<!--{$level}--><!--{if in_array($arrTree[cnt].category_id, $tpl_category_id) }--> onmark<!--{/if}-->"><span class="category_header"></span><span class="category_body"><a href="<!--{$smarty.const.SMARTPHONE_URL_DIR}-->products/list.php?category_id=<!--{$arrTree[cnt].category_id}-->"<!--{if in_array($arrTree[cnt].category_id, $tpl_category_id) }--> class="onlink"<!--{/if}-->><!--{$arrTree[cnt].category_name|h}-->(<!--{$arrTree[cnt].product_count|default:0}-->)</a></span>
<!--{if $firstdone == 0}--><!--{assign var=firstdone value=1}--><!--{/if}-->
<!--{assign var=preLev value=`$level`}-->
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/news.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/news.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/bloc/news.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -29,8 +29,8 @@
<!--{section name=data loop=$arrNews max=3}-->
<div class="anews">
<span><!--{$arrNews[data].news_date_disp|date_format:"%m.%d"}--></span>
-<!--{if $arrNews[data].news_url}--><a href="<!--{$arrNews[data].news_url|escape}-->"><!--{/if}-->
-<!--{$arrNews[data].news_title|escape}-->
+<!--{if $arrNews[data].news_url}--><a href="<!--{$arrNews[data].news_url|h}-->"><!--{/if}-->
+<!--{$arrNews[data].news_title|h}-->
<!--{if $arrNews[data].news_url}--></a><!--{/if}-->
</div>
<!--{/section}-->
@@ -55,8 +55,8 @@
<!--{section name=data loop=$arrMemberNews max=3}-->
<div class=" ">
<span><!--{$arrMemberNews[data].news_date_disp|date_format:"%m.%d"}--></span>
-<!--{if $arrMemberNews[data].news_url}--><a href="<!--{$arrMemberNews[data].news_url|escape}-->"><!--{/if}-->
-<!--{$arrMemberNews[data].news_title|escape}-->
+<!--{if $arrMemberNews[data].news_url}--><a href="<!--{$arrMemberNews[data].news_url|h}-->"><!--{/if}-->
+<!--{$arrMemberNews[data].news_title|h}-->
<!--{if $arrMemberNews[data].news_url}--></a><!--{/if}-->
</div>
<!--{/section}-->
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/cart/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/cart/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/cart/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -32,13 +32,13 @@
<!--▼CONTENTS-->
<div id="under02column">
<div id="under02column_cart">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{if $smarty.const.USE_POINT !== false || count($arrProductsClass) > 0}-->
<p class="totalmoneyarea">
<!--★ポイント案内★-->
<!--{if $smarty.const.USE_POINT !== false}-->
<!--{if $tpl_login}-->
- <!--{$tpl_name|escape}--> 様の、現在の所持ポイントは「<em><!--{$tpl_user_point|number_format|default:0}--> pt</em>」です。<br />
+ <!--{$tpl_name|h}--> 様の、現在の所持ポイントは「<em><!--{$tpl_user_point|number_format|default:0}--> pt</em>」です。<br />
<!--{else}-->
ポイント制度をご利用になられる場合は、会員登録後ログインしていだだきますようお願い致します。<br />
<!--{/if}-->
@@ -62,11 +62,11 @@
<!--{/if}-->
<!--{if strlen($tpl_error) != 0}-->
- <p class="attention"><!--{$tpl_error|escape}--></p>
+ <p class="attention"><!--{$tpl_error|h}--></p>
<!--{/if}-->
<!--{if strlen($tpl_message) != 0}-->
- <p class="attention"><!--{$tpl_message|escape|nl2br}--></p>
+ <p class="attention"><!--{$tpl_message|h|nl2br}--></p>
<!--{/if}-->
<!--{if count($cartItems) > 0}-->
@@ -96,14 +96,14 @@
<td class="phototd">
<a
<!--{if $item.productsClass.main_image|strlen >= 1}-->
- href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$item.productsClass.main_image|sfNoImageMainList|escape}-->"
+ href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$item.productsClass.main_image|sfNoImageMainList|h}-->"
class="expansion"
target="_blank"
<!--{/if}-->
>
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$item.productsClass.main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$item.productsClass.name|escape}-->" /></a>
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$item.productsClass.main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$item.productsClass.name|h}-->" /></a>
</td>
- <td><!--{* 商品名 *}--><strong><!--{$item.productsClass.name|escape}--></strong><br />
+ <td><!--{* 商品名 *}--><strong><!--{$item.productsClass.name|h}--></strong><br />
<!--{if $item.productsClass.classcategory_name1 != ""}-->
<!--{$item.productsClass.class_name1}-->:<!--{$item.productsClass.classcategory_name1}--><br />
<!--{/if}-->
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/contact/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/contact/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/contact/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,12 +22,12 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_contact">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<div id="completetext">
お問い合わせ内容の送信が完了いたしました。<br />
万一、ご回答メールが届かない場合は、トラブルの可能性もありますので大変お手数ではございますがもう一度お問い合わせいただくか、お電話にてお問い合わせください。<br />
今後ともご愛顧賜りますようよろしくお願い申し上げます。
- <p><!--{$arrSiteInfo.company_name|escape}--><br />
+ <p><!--{$arrSiteInfo.company_name|h}--><br />
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}-->
<!--{if $arrSiteInfo.business_hour != ""}-->
(受付時間/<!--{$arrSiteInfo.business_hour}-->)
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/contact/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/contact/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/contact/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,42 +22,42 @@
<div id="undercolumn">
<div id="undercolumn_contact">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記入力内容で送信してもよろしいでしょうか?<br />
よろしければ、一番下の「送信」ボタンをクリックしてください。</p>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete" />
<!--{foreach key=key item=item from=$arrForm}-->
<!--{if $key ne 'mode'}-->
- <input type="hidden" name="<!--{$key}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<table summary="お問い合わせ内容確認">
<tr>
<th>お名前<span class="attention">※</span></th>
- <td><!--{$arrForm.name01|escape}--> <!--{$arrForm.name02|escape}--></td>
+ <td><!--{$arrForm.name01|h}--> <!--{$arrForm.name02|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)<span class="attention">※</span></th>
- <td><!--{$arrForm.kana01|escape}--> <!--{$arrForm.kana02|escape}--></td>
+ <td><!--{$arrForm.kana01|h}--> <!--{$arrForm.kana02|h}--></td>
</tr>
<tr>
<th>郵便番号</th>
<td>
<!--{if strlen($arrForm.zip01) > 0 && strlen($arrForm.zip02) > 0}-->
- 〒<!--{$arrForm.zip01|escape}-->-<!--{$arrForm.zip02|escape}-->
+ 〒<!--{$arrForm.zip01|h}-->-<!--{$arrForm.zip02|h}-->
<!--{/if}-->
</td>
</tr>
<tr>
<th>住所</th>
- <td><!--{$arrPref[$arrForm.pref]}--><!--{$arrForm.addr01|escape}--><!--{$arrForm.addr02|escape}--></td>
+ <td><!--{$arrPref[$arrForm.pref]}--><!--{$arrForm.addr01|h}--><!--{$arrForm.addr02|h}--></td>
</tr>
<tr>
<th>電話番号</th>
<td>
<!--{if strlen($arrForm.tel01) > 0 && strlen($arrForm.tel02) > 0 && strlen($arrForm.tel03) > 0}-->
- <!--{$arrForm.tel01|escape}-->-<!--{$arrForm.tel02|escape}-->-<!--{$arrForm.tel03|escape}-->
+ <!--{$arrForm.tel01|h}-->-<!--{$arrForm.tel02|h}-->-<!--{$arrForm.tel03|h}-->
<!--{/if}-->
</td>
</tr>
@@ -68,7 +68,7 @@
<tr>
<th>お問い合わせ内容<span class="attention">※</span><br />
<span class="mini">(全角1000字以下)</span></th>
- <td><!--{$arrForm.contents|escape|nl2br}--></td>
+ <td><!--{$arrForm.contents|h|nl2br}--></td>
</tr>
</table>
<div class="tblareabtn">
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/contact/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/contact/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/contact/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,7 +22,7 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_contact">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>お問い合わせはメールにて承っています。<br />
内容によっては回答をさしあげるのにお時間をいただくこともございます。また、土日、祝祭日、年末年始、夏期休暇期間は翌営業日以降の対応となりますのでご了承ください。</p>
@@ -40,11 +40,11 @@
姓 <input type="text"
class="box120"
name="name01"
- value="<!--{$arrForm.name01|default:$arrData.name01|escape}-->"
+ value="<!--{$arrForm.name01|default:$arrData.name01|h}-->"
maxlength="<!--{$smarty.const.STEXT_LEN}-->"
style="<!--{$arrErr.name01|sfGetErrorColor}-->" />
名 <input type="text" class="box120" name="name02"
- value="<!--{$arrForm.name02|default:$arrData.name02|escape}-->"
+ value="<!--{$arrForm.name02|default:$arrData.name02|h}-->"
maxlength="<!--{$smarty.const.STEXT_LEN}-->"
style="<!--{$arrErr.name02|sfGetErrorColor}-->" />
</td>
@@ -56,13 +56,13 @@
セイ <input type="text"
class="box120"
name="kana01"
- value="<!--{$arrForm.kana01|default:$arrData.kana01|escape}-->"
+ value="<!--{$arrForm.kana01|default:$arrData.kana01|h}-->"
maxlength="<!--{$smarty.const.STEXT_LEN}-->"
style="<!--{$arrErr.kana01|sfGetErrorColor}-->" />
メイ <input type="text"
class="box120"
name="kana02"
- value="<!--{$arrForm.kana02|default:$arrData.kana02|escape}-->"
+ value="<!--{$arrForm.kana02|default:$arrData.kana02|h}-->"
maxlength="<!--{$smarty.const.STEXT_LEN}-->"
style="<!--{$arrErr.kana02|sfGetErrorColor}-->" />
</td>
@@ -76,13 +76,13 @@
<input type="text"
name="zip01"
class="box60"
- value="<!--{$arrForm.zip01|default:$arrData.zip01|escape}-->"
+ value="<!--{$arrForm.zip01|default:$arrData.zip01|h}-->"
maxlength="<!--{$smarty.const.ZIP01_LEN}-->"
style="<!--{$arrErr.zip01|sfGetErrorColor}-->" /> -
<input type="text"
name="zip02"
class="box60"
- value="<!--{$arrForm.zip02|default:$arrData.zip02|escape}-->"
+ value="<!--{$arrForm.zip02|default:$arrData.zip02|h}-->"
maxlength="<!--{$smarty.const.ZIP02_LEN}-->"
style="<!--{$arrErr.zip02|sfGetErrorColor}-->" />
<a href="http://search.post.japanpost.jp/zipcode/" target="_blank"><span class="fs12">郵便番号検索</span></a>
@@ -101,14 +101,14 @@
<select name="pref" style="<!--{$arrErr.pref|sfGetErrorColor}-->">
<option value="">都道府県を選択</option>
- <!--{html_options options=$arrPref selected=$arrForm.pref|default:$arrData.pref|escape}-->
+ <!--{html_options options=$arrPref selected=$arrForm.pref|default:$arrData.pref|h}-->
</select>
<p class="mini">
<input type="text"
class="box380"
name="addr01"
- value="<!--{$arrForm.addr01|default:$arrData.addr01|escape}-->"
+ value="<!--{$arrForm.addr01|default:$arrData.addr01|h}-->"
style="<!--{$arrErr.addr01|sfGetErrorColor}-->" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}-->
</p>
@@ -117,7 +117,7 @@
<input type="text"
class="box380"
name="addr02"
- value="<!--{$arrForm.addr02|default:$arrData.addr02|escape}-->"
+ value="<!--{$arrForm.addr02|default:$arrData.addr02|h}-->"
style="<!--{$arrErr.addr02|sfGetErrorColor}-->" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}-->
</p>
@@ -132,19 +132,19 @@
<input type="text"
class="box60"
name="tel01"
- value="<!--{$arrForm.tel01|default:$arrData.tel01|escape}-->"
+ value="<!--{$arrForm.tel01|default:$arrData.tel01|h}-->"
maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->"
style="<!--{$arrErr.tel01|sfGetErrorColor}-->" /> -
<input type="text"
class="box60"
name="tel02"
- value="<!--{$arrForm.tel02|default:$arrData.tel02|escape}-->"
+ value="<!--{$arrForm.tel02|default:$arrData.tel02|h}-->"
maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->"
style="<!--{$arrErr.tel02|sfGetErrorColor}-->" /> -
<input type="text"
class="box60"
name="tel03"
- value="<!--{$arrForm.tel03|default:$arrData.tel03|escape}-->"
+ value="<!--{$arrForm.tel03|default:$arrData.tel03|h}-->"
maxlength="<!--{$smarty.const.TEL_ITEM_LEN}-->"
style="<!--{$arrErr.tel03|sfGetErrorColor}-->" />
</td>
@@ -156,7 +156,7 @@
<input type="text"
class="box380"
name="email"
- value="<!--{$arrForm.email|default:$arrData.email|escape}-->"
+ value="<!--{$arrForm.email|default:$arrData.email|h}-->"
maxlength="<!--{$smarty.const.MTEXT_LEN}-->"
style="<!--{$arrErr.email|sfGetErrorColor}-->" /><br />
<!--{* ログインしていれば入力済みにする *}-->
@@ -166,7 +166,7 @@
<input type="text"
class="box380"
name="email02"
- value="<!--{$arrForm.email02|escape}-->"
+ value="<!--{$arrForm.email02|h}-->"
maxlength="<!--{$smarty.const.MTEXT_LEN}-->"
style="<!--{$arrErr.email02|sfGetErrorColor}-->" /><br />
<p class="mini"><em>確認のため2度入力してください。</em></p>
@@ -181,7 +181,7 @@
class="area380"
cols="60"
rows="20"
- style="<!--{$arrErr.contents|sfGetErrorColor}-->"><!--{$arrForm.contents|escape}--></textarea>
+ style="<!--{$arrErr.contents|sfGetErrorColor}-->"><!--{$arrForm.contents|h}--></textarea>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/entry/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/entry/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/entry/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,14 +22,14 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<div id="completetext">
<em>会員登録の受付が完了いたしました。</em>
<p>現在<em>仮会員</em>の状態です。<br />
ご入力いただいたメールアドレス宛てに、ご連絡が届いておりますので、本会員登録になった上でお買い物をお楽しみください。<br />
今後ともご愛顧賜りますようよろしくお願い申し上げます。</p>
- <p><!--{$arrSiteInfo.company_name|escape}--><br />
+ <p><!--{$arrSiteInfo.company_name|h}--><br />
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}--> <!--{if $arrSiteInfo.business_hour != ""}-->(受付時間/<!--{$arrSiteInfo.business_hour}-->)<!--{/if}--><br />
E-mail:<a href="mailto:<!--{$arrSiteInfo.email02|escape:'hex'}-->"><!--{$arrSiteInfo.email02|escape:'hexentity'}--></a>
</p>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/entry/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/entry/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/entry/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,13 +22,13 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記の内容で送信してもよろしいでしょうか?<br />
よろしければ、一番下の「会員登録完了へ」ボタンをクリックしてください。</p>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete">
<!--{foreach from=$list_data key=key item=item}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->" />
<!--{/foreach}-->
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
@@ -36,40 +36,40 @@
<tr>
<th>お名前<span class="attention">※</span></th>
<td>
- <!--{$list_data.name01|escape}-->
- <!--{$list_data.name02|escape}-->
+ <!--{$list_data.name01|h}-->
+ <!--{$list_data.name02|h}-->
</td>
</tr>
<tr>
<th>お名前(フリガナ)<span class="attention">※</span></th>
<td>
- <!--{$list_data.kana01|escape}-->
- <!--{$list_data.kana02|escape}-->
+ <!--{$list_data.kana01|h}-->
+ <!--{$list_data.kana02|h}-->
</td>
</tr>
<tr>
<th>郵便番号<span class="attention">※</span></th>
<td>
- 〒<!--{$list_data.zip01|escape}--> - <!--{$list_data.zip02|escape}-->
+ 〒<!--{$list_data.zip01|h}--> - <!--{$list_data.zip02|h}-->
</td>
</tr>
<tr>
<th>住所<span class="attention">※</span></th>
<td>
- <!--{$arrPref[$list_data.pref]|escape}--><!--{$list_data.addr01|escape}--><!--{$list_data.addr02|escape}-->
+ <!--{$arrPref[$list_data.pref]|h}--><!--{$list_data.addr01|h}--><!--{$list_data.addr02|h}-->
</td>
</tr>
<tr>
<th>電話番号<span class="attention">※</span></th>
<td>
- <!--{$list_data.tel01|escape}--> - <!--{$list_data.tel02|escape}--> - <!--{$list_data.tel03|escape}-->
+ <!--{$list_data.tel01|h}--> - <!--{$list_data.tel02|h}--> - <!--{$list_data.tel03|h}-->
</td>
</tr>
<tr>
<th>FAX</th>
<td>
<!--{if strlen($list_data.fax01) > 0 && strlen($list_data.fax02) > 0 && strlen($list_data.fax03) > 0}-->
- <!--{$list_data.fax01|escape}--> - <!--{$list_data.fax02|escape}--> - <!--{$list_data.fax03|escape}-->
+ <!--{$list_data.fax01|h}--> - <!--{$list_data.fax02|h}--> - <!--{$list_data.fax03|h}-->
<!--{else}-->
未登録
<!--{/if}-->
@@ -93,13 +93,13 @@
</tr>
<tr>
<th>職業</th>
- <td><!--{$arrJob[$list_data.job]|escape|default:"未登録"}--></td>
+ <td><!--{$arrJob[$list_data.job]|default:"未登録"|h}--></td>
</tr>
<tr>
<th>生年月日</th>
<td>
<!--{if strlen($list_data.year) > 0 && strlen($list_data.month) > 0 && strlen($list_data.day) > 0}-->
- <!--{$list_data.year|escape}-->年<!--{$list_data.month|escape}-->月<!--{$list_data.day|escape}-->日
+ <!--{$list_data.year|h}-->年<!--{$list_data.month|h}-->月<!--{$list_data.day|h}-->日
<!--{else}-->
未登録
<!--{/if}-->
@@ -113,8 +113,8 @@
<tr>
<th>パスワードを忘れた時のヒント<span class="attention">※</span></th>
<td>
- 質問:<!--{$arrReminder[$list_data.reminder]|escape}--><br />
- 答え:<!--{$list_data.reminder_answer|escape}-->
+ 質問:<!--{$arrReminder[$list_data.reminder]|h}--><br />
+ 答え:<!--{$list_data.reminder_answer|h}-->
</td>
</tr>
<tr>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/entry/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/entry/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/entry/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,7 +22,7 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{if $smarty.const.CUSTOMER_CONFIRM_MAIL}-->
<p>ご登録されますと、まずは仮会員となります。<br />
入力されたメールアドレスに、ご連絡が届きますので、本会員になった上でお買い物をお楽しみください。</p>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/entry/kiyaku.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/entry/kiyaku.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/entry/kiyaku.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -21,7 +21,7 @@
*}-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p><em>【重要】 会員登録をされる前に、下記ご利用規約をよくお読みください。</em><br />
規約には、本サービスを使用するに当たってのあなたの権利と義務が規定されております。<br />
「規約に同意して会員登録」ボタン をクリックすると、あなたが本規約の全ての条件に同意したことになります。</p>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/footer.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/footer.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/footer.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -59,7 +59,7 @@
<li class="end"><a href="<!--{$smarty.const.SMARTPHONE_SITE_URL}-->order/index.php">特定商取引法に基づく表記</a></li>
</ul>
-<div id="copyright">(C) <!--{$arrSiteInfo.shop_name|escape}-->.</div>
+<div id="copyright">(C) <!--{$arrSiteInfo.shop_name|h}-->.</div>
</div>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/forgot/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/forgot/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/forgot/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -28,7 +28,7 @@
<form action="?" method="post" name="form1">
<input type="hidden" name="mode" value="mail_check" />
<div id="completebox">
- <p>メールアドレス: <!--★メールアドレス入力★--><input type="text" name="email" value="<!--{$tpl_login_email|escape}-->" size="40" class="box300" style="<!--{$errmsg|sfGetErrorColor}-->; ime-mode: disabled;" /></p>
+ <p>メールアドレス: <!--★メールアドレス入力★--><input type="text" name="email" value="<!--{$tpl_login_email|h}-->" size="40" class="box300" style="<!--{$errmsg|sfGetErrorColor}-->; ime-mode: disabled;" /></p>
<span class="attention"><!--{$errmsg}--></span>
</div>
<div class="btn">
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<div id="header">
<h1>
<a href="<!--{$smarty.const.SMARTPHONE_SSL_URL}-->">
- <em><!--{$arrSiteInfo.shop_name|escape}-->/<!--{$tpl_title|escape}--></em></a>
+ <em><!--{$arrSiteInfo.shop_name|h}-->/<!--{$tpl_title|h}--></em></a>
</h1>
</div>
<!--{* ▲ロゴ ここまで *}-->
@@ -36,7 +36,7 @@
<!--{* 検索 *}-->
<div id="searchbar">
<form method="get" action="<!--{$smarty.const.SMARTPHONE_SITE_URL}-->products/list.php">
-<input type="text" name="name" maxlength="50" value="<!--{$smarty.get.name|escape}-->" placeholder="商品検索" ><input type="submit" name="search" value="検索">
+<input type="text" name="name" maxlength="50" value="<!--{$smarty.get.name|h}-->" placeholder="商品検索" ><input type="submit" name="search" value="検索">
</form>
<!--{* searchmenu *}--></div>
<!--{* headmenu *}--></div>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,16 +23,16 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<p>下記項目にご入力ください。「<span class="attention">※</span>」印は入力必須項目です。<br />
入力後、一番下の「確認ページへ」ボタンをクリックしてください。</p>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="confirm" />
- <input type="hidden" name="customer_id" value="<!--{$arrForm.customer_id|escape}-->" />
+ <input type="hidden" name="customer_id" value="<!--{$arrForm.customer_id|h}-->" />
<table summary="会員登録内容変更 " class="delivname">
<!--{include file="`$smarty.const.TEMPLATE_DIR`frontparts/form_personal_input.tpl" flgFields=3 emailMobile=true prefix=""}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change_complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change_complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change_complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,10 +23,10 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<div id="completetext">
<p class="changetext">会員登録内容の変更が完了いたしました。<br />
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/change_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,30 +23,30 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<p>下記の内容で送信してもよろしいでしょうか?<br />
よろしければ、一番下の「会員登録完了へ」ボタンをクリックしてください。</p>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete" />
- <input type="hidden" name="customer_id" value="<!--{$arrForm.customer_id|escape}-->" />
+ <input type="hidden" name="customer_id" value="<!--{$arrForm.customer_id|h}-->" />
<!--{foreach from=$arrForm key=key item=item}-->
<!--{if $key ne "mode" && $key ne "subm"}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->" />
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->" />
<!--{/if}-->
<!--{/foreach}-->
<table summary=" " class="delivname">
<tr>
<th>お名前<span class="attention">※</span></th>
- <td><!--{$arrForm.name01|escape}--> <!--{$arrForm.name02|escape}--></td>
+ <td><!--{$arrForm.name01|h}--> <!--{$arrForm.name02|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)<span class="attention">※</span></th>
- <td><!--{$arrForm.kana01|escape}--> <!--{$arrForm.kana02|escape}--></td>
+ <td><!--{$arrForm.kana01|h}--> <!--{$arrForm.kana02|h}--></td>
</tr>
<tr>
<th>郵便番号<span class="attention">※</span></th>
@@ -54,11 +54,11 @@
</tr>
<tr>
<th>住所<span class="attention">※</span></th>
- <td><!--{$arrPref[$arrForm.pref]}--><!--{$arrForm.addr01|escape}--><!--{$arrForm.addr02|escape}--></td>
+ <td><!--{$arrPref[$arrForm.pref]}--><!--{$arrForm.addr01|h}--><!--{$arrForm.addr02|h}--></td>
</tr>
<tr>
<th>電話番号<span class="attention">※</span></th>
- <td><!--{$arrForm.tel01|escape}-->-<!--{$arrForm.tel02}-->-<!--{$arrForm.tel03}--></td>
+ <td><!--{$arrForm.tel01|h}-->-<!--{$arrForm.tel02}-->-<!--{$arrForm.tel03}--></td>
</tr>
<tr>
<th>FAX</th>
@@ -84,11 +84,11 @@
</tr>
<tr>
<th>職業</th>
- <td><!--{$arrJob[$arrForm.job]|escape|default:"未登録"}--></td>
+ <td><!--{$arrJob[$arrForm.job]|default:"未登録"|h}--></td>
</tr>
<tr>
<th>生年月日</th>
- <td><!--{if strlen($arrForm.year) > 0 && strlen($arrForm.month) > 0 && strlen($arrForm.day) > 0}--><!--{$arrForm.year|escape}-->年<!--{$arrForm.month|escape}-->月<!--{$arrForm.day|escape}-->日<!--{else}-->未登録<!--{/if}--></td>
+ <td><!--{if strlen($arrForm.year) > 0 && strlen($arrForm.month) > 0 && strlen($arrForm.day) > 0}--><!--{$arrForm.year|h}-->年<!--{$arrForm.month|h}-->月<!--{$arrForm.day|h}-->日<!--{else}-->未登録<!--{/if}--></td>
</tr>
<tr>
<th>希望するパスワード<br />
@@ -97,8 +97,8 @@
</tr>
<tr>
<th>パスワードを忘れた時のヒント<span class="attention">※</span></th>
- <td>質問: <!--{$arrReminder[$arrForm.reminder]|escape}--><br />
- 答え: <!--{$arrForm.reminder_answer|escape}--></td>
+ <td>質問: <!--{$arrReminder[$arrForm.reminder]|h}--><br />
+ 答え: <!--{$arrForm.reminder_answer|h}--></td>
</tr>
<tr>
<th>メールマガジン送付について<span class="attention">※</span></th>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/delivery.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/delivery.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/delivery.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,12 +23,12 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<p>登録住所以外への住所へ送付される場合等にご利用いただくことができます。</p>
- <p>※最大<!--{$smarty.const.DELIV_ADDR_MAX|escape}-->件まで登録できます。</p>
+ <p>※最大<!--{$smarty.const.DELIV_ADDR_MAX|h}-->件まで登録できます。</p>
<!--{if $tpl_linemax < $smarty.const.DELIV_ADDR_MAX}-->
<!--{* 退会時非表示 *}-->
@@ -56,8 +56,8 @@
<td><label for="add<!--{$smarty.section.cnt.iteration}-->">お届け先住所</label></td>
<td>
〒<!--{$arrOtherDeliv[cnt].zip01}-->-<!--{$arrOtherDeliv[cnt].zip02}--><br />
- <!--{$arrPref[$OtherPref]|escape}--><!--{$arrOtherDeliv[cnt].addr01|escape}--><!--{$arrOtherDeliv[cnt].addr02|escape}--><br />
- <!--{$arrOtherDeliv[cnt].name01|escape}--> <!--{$arrOtherDeliv[cnt].name02|escape}-->
+ <!--{$arrPref[$OtherPref]|h}--><!--{$arrOtherDeliv[cnt].addr01|h}--><!--{$arrOtherDeliv[cnt].addr02|h}--><br />
+ <!--{$arrOtherDeliv[cnt].name01|h}--> <!--{$arrOtherDeliv[cnt].name02|h}-->
</td>
<td class="centertd">
<a href="./delivery_addr.php" onclick="win02('./delivery_addr.php?other_deliv_id=<!--{$arrOtherDeliv[cnt].other_deliv_id}-->','deliv_disp','600','640'); return false;">変更</a>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/delivery_addr.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/delivery_addr.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/delivery_addr.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<!--{include file="`$smarty.const.TEMPLATE_DIR`popup_header.tpl" subtitle="新しいお届け先の追加・変更"}-->
<div id="windowarea">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記項目にご入力ください。「<span class="attention">※</span>」印は入力必須項目です。</p>
<p>入力後、一番下の「登録する」ボタンをクリックしてください。</p>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/favorite.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/favorite.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/favorite.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,7 +22,7 @@
*/
*}-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{if $tpl_navi != ""}-->
<!--{include file=$tpl_navi}-->
<!--{else}-->
@@ -33,7 +33,7 @@
<form name="form1" method="post" action="?">
<input type="hidden" name="order_id" value="" />
<input type="hidden" name="pageno" value="<!--{$tpl_pageno}-->" />
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<!--{if $tpl_linemax > 0}-->
@@ -57,9 +57,9 @@
<!--{section name=cnt loop=$arrFavorite}-->
<!--{assign var=product_id value="`$arrFavorite[cnt].product_id`"}-->
<tr>
- <td><a href="javascript:fnModeSubmit('delete_favorite','product_id','<!--{$product_id|escape}-->');">削除</a></td>
- <td><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$product_id|escape:url}-->"><img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrFavorite[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65"></a></td>
- <td><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$product_id|escape:url}-->"><!--{$arrFavorite[cnt].name}--></a></td>
+ <td><a href="javascript:fnModeSubmit('delete_favorite','product_id','<!--{$product_id|h}-->');">削除</a></td>
+ <td><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$product_id|u}-->"><img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrFavorite[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65"></a></td>
+ <td><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$product_id|u}-->"><!--{$arrFavorite[cnt].name}--></a></td>
<td class="right sale_price">
<span class="price">
<!--{if $arrFavorite[cnt].price02_min == $arrFavorite[cnt].price02_max}-->
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/history.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/history.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/history.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,19 +23,19 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<p class="myconditionarea">
<strong>購入日時: </strong><!--{$arrDisp.create_date|sfDispDBDate}--><br />
<strong>注文番号: </strong><!--{$arrDisp.order_id}--><br />
- <strong>お支払い方法: </strong><!--{$arrPayment[$arrDisp.payment_id]|escape}-->
+ <strong>お支払い方法: </strong><!--{$arrPayment[$arrDisp.payment_id]|h}-->
<!--{if $arrDisp.deliv_time_id != ""}--><br />
- <strong>お届け時間: </strong><!--{$arrDelivTime[$arrDisp.deliv_time_id]|escape}-->
+ <strong>お届け時間: </strong><!--{$arrDelivTime[$arrDisp.deliv_time_id]|h}-->
<!--{/if}-->
<!--{if $arrDisp.deliv_date != ""}--><br />
- <strong>お届け日: </strong><!--{$arrDisp.deliv_date|escape}-->
+ <strong>お届け日: </strong><!--{$arrDisp.deliv_date|h}-->
<!--{/if}-->
</p>
@@ -57,8 +57,8 @@
</tr>
<!--{foreach from=$tpl_arrOrderDetail item=orderDetail}-->
<tr>
- <td><!--{$orderDetail.product_code|escape}--></td>
- <td><a<!--{if $orderDetail.enable}--> href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$orderDetail.product_id|escape:url}-->"<!--{/if}-->><!--{$orderDetail.product_name|escape}--></a></td>
+ <td><!--{$orderDetail.product_code|h}--></td>
+ <td><a<!--{if $orderDetail.enable}--> href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$orderDetail.product_id|u}-->"<!--{/if}-->><!--{$orderDetail.product_name|h}--></a></td>
<td>
<!--{ if $orderDetail.product_type_id == PRODUCT_TYPE_DOWNLOAD}-->
<!--{ if $orderDetail.price == "0" || ( $orderDetail.status >= "4" && $orderDetail.effective == "1" )}-->
@@ -74,8 +74,8 @@
</td>
<!--{assign var=price value=`$orderDetail.price`}-->
<!--{assign var=quantity value=`$orderDetail.quantity`}-->
- <td class="pricetd"><!--{$price|escape|number_format}-->円</td>
- <td><!--{$quantity|escape}--></td>
+ <td class="pricetd"><!--{$price|number_format|h}-->円</td>
+ <td><!--{$quantity|h}--></td>
<td class="pricetd"><!--{$price|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|sfMultiply:$quantity|number_format}-->円</td>
</tr>
<!--{/foreach}-->
@@ -99,12 +99,12 @@
<!--{/if}-->
<tr>
<th colspan="5" class="resulttd">送料</th>
- <td class="pricetd"><!--{assign var=key value="deliv_fee"}--><!--{$arrDisp[$key]|escape|number_format}-->円</td>
+ <td class="pricetd"><!--{assign var=key value="deliv_fee"}--><!--{$arrDisp[$key]|number_format|h}-->円</td>
</tr>
<tr>
<th colspan="5" class="resulttd">手数料</th>
<!--{assign var=key value="charge"}-->
- <td class="pricetd"><!--{$arrDisp[$key]|escape|number_format}-->円</td>
+ <td class="pricetd"><!--{$arrDisp[$key]|number_format|h}-->円</td>
</tr>
<tr>
<th colspan="5" class="resulttd">合計</th>
@@ -138,13 +138,13 @@
<th>お名前</th>
<!--{assign var=key1 value="deliv_name01"}-->
<!--{assign var=key2 value="deliv_name02"}-->
- <td><!--{$arrDisp[$key1]|escape}--> <!--{$arrDisp[$key2]|escape}--></td>
+ <td><!--{$arrDisp[$key1]|h}--> <!--{$arrDisp[$key2]|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)</th>
<!--{assign var=key1 value="deliv_kana01"}-->
<!--{assign var=key2 value="deliv_kana02"}-->
- <td><!--{$arrDisp[$key1]|escape}--> <!--{$arrDisp[$key2]|escape}--></td>
+ <td><!--{$arrDisp[$key1]|h}--> <!--{$arrDisp[$key2]|h}--></td>
</tr>
<tr>
<th>郵便番号</th>
@@ -156,7 +156,7 @@
<th>住所</th>
<!--{assign var=pref value=`$arrDisp.deliv_pref`}-->
<!--{assign var=key value="deliv_addr01"}-->
- <td><!--{$arrPref[$pref]}--><!--{$arrDisp[$key]|escape}--><!--{assign var=key value="deliv_addr02"}--><!--{$arrDisp[$key]|escape}--></td>
+ <td><!--{$arrPref[$pref]}--><!--{$arrDisp[$key]|h}--><!--{assign var=key value="deliv_addr02"}--><!--{$arrDisp[$key]|h}--></td>
</tr>
<tr>
<th>電話番号</th>
@@ -179,10 +179,10 @@
</tr>
<!--{section name=cnt loop=$arrMailHistory}-->
<tr class="center">
- <td><!--{$arrMailHistory[cnt].send_date|sfDispDBDate|escape}--></td>
+ <td><!--{$arrMailHistory[cnt].send_date|sfDispDBDate|h}--></td>
<!--{assign var=key value="`$arrMailHistory[cnt].template_id`"}-->
- <td><!--{$arrMAILTEMPLATE[$key]|escape}--></td>
- <td><a href="<!--{$smarty.server.PHP_SELF|escape}-->" onclick="win02('./mail_view.php?send_id=<!--{$arrMailHistory[cnt].send_id}-->','mail_view','650','800'); return false;"><!--{$arrMailHistory[cnt].subject|escape}--></a></td>
+ <td><!--{$arrMAILTEMPLATE[$key]|h}--></td>
+ <td><a href="<!--{$smarty.server.PHP_SELF|h}-->" onclick="win02('./mail_view.php?send_id=<!--{$arrMailHistory[cnt].send_id}-->','mail_view','650','800'); return false;"><!--{$arrMailHistory[cnt].subject|h}--></a></td>
</tr>
<!--{/section}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{if $tpl_navi != ""}-->
<!--{include file=$tpl_navi}-->
<!--{else}-->
@@ -33,7 +33,7 @@
<form name="form1" method="post" action="?">
<input type="hidden" name="order_id" value="" />
<input type="hidden" name="pageno" value="<!--{$tpl_pageno}-->" />
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<!--{if $tpl_linemax > 0}-->
@@ -57,7 +57,7 @@
<td><!--{$arrOrder[cnt].create_date|sfDispDBDate}--></td>
<td><!--{$arrOrder[cnt].order_id}--></td>
<!--{assign var=payment_id value="`$arrOrder[cnt].payment_id`"}-->
- <td><!--{$arrPayment[$payment_id]|escape}--></td>
+ <td><!--{$arrPayment[$payment_id]|h}--></td>
<td class="pricetd"><!--{$arrOrder[cnt].payment_total|number_format}-->円</td>
<td class="centertd"><a href="<!--{$smarty.const.URL_DIR}-->mypage/history.php?order_id=<!--{$arrOrder[cnt].order_id}-->">詳細</a></td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/login.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/login.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/login.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -24,7 +24,7 @@
<!--▼CONTENTS-->
<div id="under02column">
<div id="under02column_login">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<form name="login_mypage" id="login_mypage" method="post" action="./login_check.php" onsubmit="return fnCheckLogin('login_mypage')">
<input type="hidden" name="mode" value="login" />
<div class="loginarea">
@@ -35,7 +35,7 @@
<span class="attention"><!--{$arrErr[$key]}--></span>
<p>メールアドレス:
<input type="text" name="<!--{$key}-->"
- value="<!--{$tpl_login_email|escape}-->"
+ value="<!--{$tpl_login_email|h}-->"
maxlength="<!--{$arrForm[$key].length}-->"
style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: disabled;"
size="40" class="box300" />
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/mail_view.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/mail_view.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/mail_view.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -3,11 +3,11 @@
<table class="form">
<tr>
<th>件名</th>
- <td><!--{$tpl_subject|escape}--></td>
+ <td><!--{$tpl_subject|h}--></td>
</tr>
<tr>
<th>本文</th>
- <td><!--{$tpl_body|escape|nl2br}--></td>
+ <td><!--{$tpl_body|h|nl2br}--></td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/navi.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/navi.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/navi.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -62,9 +62,9 @@
<!--{if $point_disp !== false}-->
<ul>
<li>ようこそ <br />
- <!--{$CustomerName1|escape}--> <!--{$CustomerName2|escape}-->様
+ <!--{$CustomerName1|h}--> <!--{$CustomerName2|h}-->様
<!--{if $smarty.const.USE_POINT !== false}-->
- <br />現在の所持ポイントは<em><!--{$CustomerPoint|number_format|escape|default:"0"}-->pt</em>です。
+ <br />現在の所持ポイントは<em><!--{$CustomerPoint|number_format|default:"0"|h}-->pt</em>です。
<!--{/if}-->
</li>
</ul>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,10 +23,10 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<form name="form1" method="post" action="?">
<input type="hidden" name="mode" value="confirm" />
<div id="completetext">
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal_complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal_complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal_complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,15 +23,15 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file = $tpl_navi}-->
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<div id="completetext">
<p class="changetext">退会手続きが完了いたしました。<br />
MYページをご利用いただき誠にありがとうございました。<br />
またのご利用を心よりお待ち申し上げます。<br />
- <!--{$arrSiteInfo.company_name|escape}--><br />
+ <!--{$arrSiteInfo.company_name|h}--><br />
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}--> <!--{if $arrSiteInfo.business_hour != ""}-->(受付時間/<!--{$arrSiteInfo.business_hour}-->)<!--{/if}--><br />
E-mail:<a href="mailto:<!--{$arrSiteInfo.email02|escape:'hex'}-->"><!--{$arrSiteInfo.email02|escape:'hexentity'}--></a></p>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/mypage/refusal_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,13 +23,13 @@
*}-->
<!--▼CONTENTS-->
<div id="mypagecolumn">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!--{include file=$tpl_navi}-->
<form name="form1" method="post" action="?">
<input type="hidden" name="mode" value="complete" />
<input type="hidden" name="uniqid" value="<!--{$tpl_uniqid}-->" />
<div id="mycontentsarea">
- <h3><!--{$tpl_subtitle|escape}--></h3>
+ <h3><!--{$tpl_subtitle|h}--></h3>
<div id="completetext">
<p>退会手続きを実行してもよろしいでしょうか?</p>
<div class="tblareabtn">
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/order/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/order/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/order/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,27 +22,27 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_order">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<table summary="特定商取引に関する法律に基づく表記">
<tr>
<th>販売業者</th>
- <td><!--{$arrRet.law_company|escape}--></td>
+ <td><!--{$arrRet.law_company|h}--></td>
</tr>
<tr>
<th>運営責任者</th>
- <td><!--{$arrRet.law_manager|escape}--></td>
+ <td><!--{$arrRet.law_manager|h}--></td>
</tr>
<tr>
<th>住所</th>
- <td>〒<!--{$arrRet.law_zip01|escape}-->-<!--{$arrRet.law_zip02|escape}--><br /><!--{$arrPref[$arrRet.law_pref]|escape}--><!--{$arrRet.law_addr01|escape}--><!--{$arrRet.law_addr02|escape}--></td>
+ <td>〒<!--{$arrRet.law_zip01|h}-->-<!--{$arrRet.law_zip02|h}--><br /><!--{$arrPref[$arrRet.law_pref]|h}--><!--{$arrRet.law_addr01|h}--><!--{$arrRet.law_addr02|h}--></td>
</tr>
<tr>
<th>電話番号</th>
- <td><!--{$arrRet.law_tel01|escape}-->-<!--{$arrRet.law_tel02|escape}-->-<!--{$arrRet.law_tel03|escape}--></td>
+ <td><!--{$arrRet.law_tel01|h}-->-<!--{$arrRet.law_tel02|h}-->-<!--{$arrRet.law_tel03|h}--></td>
</tr>
<tr>
<th>FAX番号</th>
- <td><!--{$arrRet.law_fax01|escape}-->-<!--{$arrRet.law_fax02|escape}-->-<!--{$arrRet.law_fax03|escape}--></td>
+ <td><!--{$arrRet.law_fax01|h}-->-<!--{$arrRet.law_fax02|h}-->-<!--{$arrRet.law_fax03|h}--></td>
</tr>
<tr>
<th>メールアドレス</th>
@@ -50,31 +50,31 @@
</tr>
<tr>
<th>URL</th>
- <td><a href="<!--{$arrRet.law_url|escape}-->"><!--{$arrRet.law_url|escape}--></a></td>
+ <td><a href="<!--{$arrRet.law_url|h}-->"><!--{$arrRet.law_url|h}--></a></td>
</tr>
<tr>
<th>商品以外の必要代金</th>
- <td><!--{$arrRet.law_term01|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term01|h|nl2br}--></td>
</tr>
<tr>
<th>注文方法</th>
- <td><!--{$arrRet.law_term02|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term02|h|nl2br}--></td>
</tr>
<tr>
<th>支払方法</th>
- <td><!--{$arrRet.law_term03|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term03|h|nl2br}--></td>
</tr>
<tr>
<th>支払期限</th>
- <td><!--{$arrRet.law_term04|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term04|h|nl2br}--></td>
</tr>
<tr>
<th>引渡し時期</th>
- <td><!--{$arrRet.law_term05|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term05|h|nl2br}--></td>
</tr>
<tr>
<th>返品・交換について</th>
- <td><!--{$arrRet.law_term06|escape|nl2br}--></td>
+ <td><!--{$arrRet.law_term06|h|nl2br}--></td>
</tr>
</table>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/products/detail.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/products/detail.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/products/detail.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -163,7 +163,7 @@
<div id="undercolumn" class="product product_detail">
<!--★タイトル★-->
- <h2 class="title"><!--{$tpl_subtitle|escape}--></h2>
+ <h2 class="title"><!--{$tpl_subtitle|h}--></h2>
<div id="detailarea">
<div id="detailphotoblock">
@@ -173,14 +173,14 @@
<!--★画像★-->
<a
<!--{if $arrProduct.main_large_image|strlen >= 1}-->
- href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrProduct.main_large_image|escape}-->"
+ href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrProduct.main_large_image|h}-->"
class="expansion"
onmouseover="chgImg('<!--{$TPL_DIR}-->img/products/b_expansion_on.gif','expansion01');"
onmouseout="chgImg('<!--{$TPL_DIR}-->img/products/b_expansion.gif','expansion01');"
target="_blank"
<!--{/if}-->
>
- <img src="<!--{$arrFile[$key].filepath|escape}-->" width="<!--{$arrFile[$key].width}-->" height="<!--{$arrFile[$key].height}-->" alt="<!--{$arrProduct.name|escape}-->" class="picture" /><br />
+ <img src="<!--{$arrFile[$key].filepath|h}-->" width="<!--{$arrFile[$key].width}-->" height="<!--{$arrFile[$key].height}-->" alt="<!--{$arrProduct.name|h}-->" class="picture" /><br />
<!--★拡大する★-->
<!--{if $arrProduct.main_large_image|strlen >= 1}-->
<img src="<!--{$TPL_DIR}-->img/products/b_expansion.gif" width="85" height="13" alt="画像を拡大する" name="expansion01" id="expansion01" />
@@ -211,7 +211,7 @@
<tr>
<th colspan="2">
<!--★商品名★-->
- <h2><!--{$arrProduct.name|escape}--></h2>
+ <h2><!--{$arrProduct.name|h}--></h2>
</th>
</tr>
<tr>
@@ -287,8 +287,8 @@
<span class="comment1">メーカーURL:
</th>
<td>
- <a href="<!--{$arrProduct.comment1|escape}-->">
- <!--{$arrProduct.comment1|escape}--></a>
+ <a href="<!--{$arrProduct.comment1|h}-->">
+ <!--{$arrProduct.comment1|h}--></a>
</td>
</tr>
<!--{/if}-->
@@ -330,7 +330,7 @@
<dl>
<!--{if $tpl_classcat_find1}-->
<!--▼規格1-->
- <dt><!--{$tpl_class_name1|escape}--></dt>
+ <dt><!--{$tpl_class_name1|h}--></dt>
<dd>
<select name="classcategory_id1"
style="<!--{$arrErr.classcategory_id1|sfGetErrorColor}-->"
@@ -347,7 +347,7 @@
<!--{if $tpl_classcat_find2}-->
<!--▼規格2-->
- <dt><!--{$tpl_class_name2|escape}--></dt>
+ <dt><!--{$tpl_class_name2|h}--></dt>
<dd>
<select name="classcategory_id2"
style="<!--{$arrErr.classcategory_id2|sfGetErrorColor}-->"
@@ -378,7 +378,7 @@
<!--{if $arrErr[$add_favorite]}--><div class="attention"><!--{$arrErr[$add_favorite]}--></div><!--{/if}-->
<!--{if !$arrProduct.favorite_count}-->
<a
- href="javascript:fnModeSubmit('add_favorite','favorite_product_id','<!--{$arrProduct.product_id|escape}-->');"
+ href="javascript:fnModeSubmit('add_favorite','favorite_product_id','<!--{$arrProduct.product_id|h}-->');"
onmouseover="chgImg('<!--{$TPL_DIR}-->img/products/add_favolite_product_on.gif','add_favolite_product');"
onmouseout="chgImg('<!--{$TPL_DIR}-->img/products/add_favolite_product.gif','add_favolite_product');"
><img src="<!--{$TPL_DIR}-->img/products/add_favolite_product.gif" width="115" height="20" alt="お気に入りに追加" name="add_favolite_product" id="add_favolite_product" /></a>
@@ -421,7 +421,7 @@
<!--{assign var=key value="sub_title`$smarty.section.cnt.index+1`"}-->
<!--{if $arrProduct[$key] != ""}-->
<div class="subarea">
- <h3><!--★サブタイトル★--><!--{$arrProduct[$key]|escape}--></h3>
+ <h3><!--★サブタイトル★--><!--{$arrProduct[$key]|h}--></h3>
<!--{assign var=ckey value="sub_comment`$smarty.section.cnt.index+1`"}-->
<div class="subtext"><!--★サブテキスト★--><!--{$arrProduct[$ckey]|nl2br_html}--></div>
@@ -433,16 +433,16 @@
<div class="subphotoimg">
<a
<!--{if $arrProduct[$lkey]|strlen >= 1}-->
- href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrProduct[$lkey]|escape}-->"
+ href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$arrProduct[$lkey]|h}-->"
class="expansion"
- onmouseover="chgImg('<!--{$TPL_DIR}-->img/products/b_expansion_on.gif', 'expansion_<!--{$lkey|escape}-->');"
- onmouseout="chgImg('<!--{$TPL_DIR}-->img/products/b_expansion.gif', 'expansion_<!--{$lkey|escape}-->');"
+ onmouseover="chgImg('<!--{$TPL_DIR}-->img/products/b_expansion_on.gif', 'expansion_<!--{$lkey|h}-->');"
+ onmouseout="chgImg('<!--{$TPL_DIR}-->img/products/b_expansion.gif', 'expansion_<!--{$lkey|h}-->');"
target="_blank"
<!--{/if}-->
>
- <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrProduct.name|escape}-->" width="<!--{$arrFile[$key].width}-->" height="<!--{$arrFile[$key].height}-->" /><br />
+ <img src="<!--{$arrFile[$key].filepath}-->" alt="<!--{$arrProduct.name|h}-->" width="<!--{$arrFile[$key].width}-->" height="<!--{$arrFile[$key].height}-->" /><br />
<!--{if $arrProduct[$lkey]|strlen >= 1}-->
- <img src="<!--{$TPL_DIR}-->img/products/b_expansion.gif" width="85" height="13" alt="画像を拡大する" id="expansion_<!--{$lkey|escape}-->" />
+ <img src="<!--{$TPL_DIR}-->img/products/b_expansion.gif" width="85" height="13" alt="画像を拡大する" id="expansion_<!--{$lkey|h}-->" />
<!--{/if}-->
</a>
</div>
@@ -465,13 +465,13 @@
<!-- 左列 -->
<div class="whoboughtleft">
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|escape:url}-->">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|escape}-->" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|u}-->">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|h}-->" /></a>
<div class="whoboughtrightblock">
<!--{assign var=price02_min value=`$arrRecommend[cnt].price02_min`}-->
<!--{assign var=price02_max value=`$arrRecommend[cnt].price02_max`}-->
- <h3><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|escape:url}-->"><!--{$arrRecommend[cnt].name|escape}--></a></h3>
+ <h3><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|u}-->"><!--{$arrRecommend[cnt].name|h}--></a></h3>
<p class="sale_price"><!--{$smarty.const.SALE_PRICE_TITLE}--><span class="mini">(税込)</span>:<span class="price">
<!--{if $price02_min == $price02_max}-->
@@ -479,7 +479,7 @@
<!--{else}-->
<!--{$price02_min|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|number_format}-->〜<!--{$price02_max|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|number_format}-->
<!--{/if}-->円</span></p>
- <p class="mini"><!--{$arrRecommend[cnt].comment|escape|nl2br}--></p>
+ <p class="mini"><!--{$arrRecommend[cnt].comment|h|nl2br}--></p>
</div>
</div>
<!-- 左列 -->
@@ -492,13 +492,13 @@
<!-- 右列 -->
<div class="whoboughtright">
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|escape:url}-->">
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[cnt].main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|escape}-->" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|u}-->">
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$arrRecommend[cnt].main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$arrRecommend[cnt].name|h}-->" /></a>
<div class="whoboughtrightblock">
<!--{assign var=price02_min value=`$arrRecommend[cnt].price02_min`}-->
<!--{assign var=price02_max value=`$arrRecommend[cnt].price02_max`}-->
- <h3><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|escape:url}-->"><!--{$arrRecommend[cnt].name|escape}--></a></h3>
+ <h3><a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrRecommend[cnt].product_id|u}-->"><!--{$arrRecommend[cnt].name|h}--></a></h3>
<p class="sale_price"><!--{$smarty.const.SALE_PRICE_TITLE}--><span class="mini">(税込)</span>:<span class="price">
@@ -507,7 +507,7 @@
<!--{else}-->
<!--{$price02_min|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|number_format}-->〜<!--{$price02_max|sfCalcIncTax:$arrSiteInfo.tax:$arrSiteInfo.tax_rule|number_format}-->
<!--{/if}-->円</span></p>
- <p class="mini"><!--{$arrRecommend[cnt].comment|escape|nl2br}--></p>
+ <p class="mini"><!--{$arrRecommend[cnt].comment|h|nl2br}--></p>
</div>
</div>
<!-- 右列 -->
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/products/list.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/products/list.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/products/list.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -139,16 +139,16 @@
<!--▼CONTENTS-->
<div id="undercolumn" class="product product_list">
<form name="form1" id="form1" method="get" action="?">
- <input type="hidden" name="mode" value="<!--{$mode|escape}-->" />
+ <input type="hidden" name="mode" value="<!--{$mode|h}-->" />
<!--{* ▼検索条件 *}-->
- <input type="hidden" name="category_id" value="<!--{$arrSearchData.category_id|escape}-->" />
- <input type="hidden" name="maker_id" value="<!--{$arrSearchData.maker_id|escape}-->" />
- <input type="hidden" name="name" value="<!--{$arrSearchData.name|escape}-->" />
+ <input type="hidden" name="category_id" value="<!--{$arrSearchData.category_id|h}-->" />
+ <input type="hidden" name="maker_id" value="<!--{$arrSearchData.maker_id|h}-->" />
+ <input type="hidden" name="name" value="<!--{$arrSearchData.name|h}-->" />
<!--{* ▲検索条件 *}-->
<!--{* ▼ページナビ関連 *}-->
- <input type="hidden" name="orderby" value="<!--{$orderby|escape}-->" />
- <input type="hidden" name="disp_number" value="<!--{$disp_number|escape}-->" />
- <input type="hidden" name="pageno" value="<!--{$tpl_pageno|escape}-->" />
+ <input type="hidden" name="orderby" value="<!--{$orderby|h}-->" />
+ <input type="hidden" name="disp_number" value="<!--{$disp_number|h}-->" />
+ <input type="hidden" name="pageno" value="<!--{$tpl_pageno|h}-->" />
<!--{* ▲ページナビ関連 *}-->
<!--{* ▼注文関連 *}-->
<input type="hidden" name="product_id" value="" />
@@ -158,18 +158,18 @@
<input type="hidden" name="product_type" value="" />
<input type="hidden" name="quantity" value="" />
<!--{* ▲注文関連 *}-->
- <input type="hidden" name="rnd" value="<!--{$tpl_rnd|escape}-->" />
+ <input type="hidden" name="rnd" value="<!--{$tpl_rnd|h}-->" />
</form>
<!--★タイトル★-->
- <h2 class="title"><!--{$tpl_subtitle|escape}--></h2>
+ <h2 class="title"><!--{$tpl_subtitle|h}--></h2>
<!--▼検索条件-->
<!--{if $tpl_subtitle == "検索結果"}-->
<ul class="pagecondarea">
- <li><strong>商品カテゴリ:</strong><!--{$arrSearch.category|escape}--></li>
- <!--{if $arrSearch.maker|strlen >= 1}--><li><strong>メーカー:</strong><!--{$arrSearch.maker|escape}--></li><!--{/if}-->
- <li><strong>商品名:</strong><!--{$arrSearch.name|escape}--></li>
+ <li><strong>商品カテゴリ:</strong><!--{$arrSearch.category|h}--></li>
+ <!--{if $arrSearch.maker|strlen >= 1}--><li><strong>メーカー:</strong><!--{$arrSearch.maker|h}--></li><!--{/if}-->
+ <li><strong>商品名:</strong><!--{$arrSearch.name|h}--></li>
</ul>
<!--{/if}-->
<!--▲検索条件-->
@@ -224,10 +224,10 @@
<!--{assign var=arrErr value=$arrProduct.arrErr}-->
<!--▼商品-->
<div class="listarea">
- <a name="product<!--{$id|escape}-->" />
+ <a name="product<!--{$id|h}-->" />
<div class="listphoto">
<!--★画像★-->
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|escape:url}-->" class="over"><!--商品写真--><img src="<!--{$smarty.const.IMAGE_SAVE_URL|sfTrimURL}-->/<!--{$arrProduct.main_list_image|sfNoImageMainList|escape}-->" alt="<!--{$arrProduct.name|escape}-->" class="picture" /></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|u}-->" class="over"><!--商品写真--><img src="<!--{$smarty.const.IMAGE_SAVE_URL|sfTrimURL}-->/<!--{$arrProduct.main_list_image|sfNoImageMainList|h}-->" alt="<!--{$arrProduct.name|h}-->" class="picture" /></a>
</div>
<div class="listrightblock">
@@ -245,11 +245,11 @@
<!--★商品名★-->
<h3>
- <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|escape:url}-->" name="product<!--{$arrProduct.product_id}-->"><!--{$arrProduct.name|escape}--></a>
+ <a href="<!--{$smarty.const.DETAIL_P_HTML}--><!--{$arrProduct.product_id|u}-->" name="product<!--{$arrProduct.product_id}-->"><!--{$arrProduct.name|h}--></a>
</h3>
<!--★コメント★-->
- <p class="listcomment"><!--{$arrProduct.main_list_comment|escape|nl2br}--></p>
+ <p class="listcomment"><!--{$arrProduct.main_list_comment|h|nl2br}--></p>
<p>
<span class="pricebox sale_price">
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/products/review.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/products/review.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/products/review.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -28,22 +28,22 @@
<p class="windowtext">以下の商品について、お客様のご意見、ご感想をどしどしお寄せください。<br />
「<span class="attention">※</span>」印は入力必須項目です。<br />
ご入力後、一番下の「確認ページへ」ボタンをクリックしてください。</p>
- <form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|escape}-->">
+ <form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF|h}-->">
<input type="hidden" name="mode" value="confirm" />
<input type="hidden" name="product_id" value="<!--{$arrForm.product_id}-->" />
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
<table summary="お客様の声書き込み">
<tr>
<th>商品名</th>
- <td><!--{$arrForm.name|escape}--></td>
+ <td><!--{$arrForm.name|h}--></td>
</tr>
<tr>
<th>投稿者名<span class="attention">※</span></th>
- <td><span class="attention"><!--{$arrErr.reviewer_name}--></span><input type="text" name="reviewer_name" value="<!--{$arrForm.reviewer_name|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr.reviewer_name|sfGetErrorColor}-->" size="40" class="box350" /></td>
+ <td><span class="attention"><!--{$arrErr.reviewer_name}--></span><input type="text" name="reviewer_name" value="<!--{$arrForm.reviewer_name|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr.reviewer_name|sfGetErrorColor}-->" size="40" class="box350" /></td>
</tr>
<tr>
<th>投稿者URL</th>
- <td><span class="attention"><!--{$arrErr.reviewer_url}--></span><input type="text" name="reviewer_url" value="<!--{$arrForm.reviewer_url|escape}-->" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" style="<!--{$arrErr.reviewer_url|sfGetErrorColor}-->" size="40" class="box350" /></td>
+ <td><span class="attention"><!--{$arrErr.reviewer_url}--></span><input type="text" name="reviewer_url" value="<!--{$arrForm.reviewer_url|h}-->" maxlength="<!--{$smarty.const.MTEXT_LEN}-->" style="<!--{$arrErr.reviewer_url|sfGetErrorColor}-->" size="40" class="box350" /></td>
</tr>
<tr>
<th>性別</th>
@@ -66,14 +66,14 @@
<th>タイトル<span class="attention">※</span></th>
<td>
<span class="attention"><!--{$arrErr.title}--></span>
- <input type="text" name="title" value="<!--{$arrForm.title|escape}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr.title|sfGetErrorColor}-->" size="40" class="box350" />
+ <input type="text" name="title" value="<!--{$arrForm.title|h}-->" maxlength="<!--{$smarty.const.STEXT_LEN}-->" style="<!--{$arrErr.title|sfGetErrorColor}-->" size="40" class="box350" />
</td>
</tr>
<tr>
<th>コメント<span class="attention">※</span></th>
<td>
<span class="attention"><!--{$arrErr.comment}--></span>
- <textarea name="comment" cols="50" rows="10" style="<!--{$arrErr.comment|sfGetErrorColor}-->" class="area350"><!--{$arrForm.comment|escape}--></textarea>
+ <textarea name="comment" cols="50" rows="10" style="<!--{$arrErr.comment|sfGetErrorColor}-->" class="area350"><!--{$arrForm.comment|h}--></textarea>
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/products/review_confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/products/review_confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/products/review_confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -27,22 +27,22 @@
<input type="hidden" name="mode" value="complete" />
<!--{foreach from=$arrForm key=key item=item}-->
<!--{if $key ne "mode"}-->
- <input type="hidden" name="<!--{$key|escape}-->" value="<!--{$item|escape}-->" /><!--{/if}-->
+ <input type="hidden" name="<!--{$key|h}-->" value="<!--{$item|h}-->" /><!--{/if}-->
<!--{/foreach}-->
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
<table summary="お客様の声書き込み">
<tr>
<th>商品名</th>
- <td><!--{$arrForm.name|escape}--></td>
+ <td><!--{$arrForm.name|h}--></td>
</tr>
<tr>
<th>投稿者名<span class="attention">※</span></th>
- <td><!--{$arrForm.reviewer_name|escape}--></td>
+ <td><!--{$arrForm.reviewer_name|h}--></td>
</tr>
<tr>
<th>投稿者URL</th>
- <td><!--{$arrForm.reviewer_url|escape}--></td>
+ <td><!--{$arrForm.reviewer_url|h}--></td>
</tr>
<tr>
<th>性別</th>
@@ -54,11 +54,11 @@
</tr>
<tr>
<th>タイトル<span class="attention">※</span></th>
- <td><!--{$arrForm.title|escape}--></td>
+ <td><!--{$arrForm.title|h}--></td>
</tr>
<tr>
<th>コメント<span class="attention">※</span></th>
- <td><!--{$arrForm.comment|escape|nl2br}--></td>
+ <td><!--{$arrForm.comment|h|nl2br}--></td>
</tr>
</table>
<div class="btn">
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/regist/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/regist/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/regist/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,14 +22,14 @@
<!--▼CONTENTS-->
<div id="undercolumn">
<div id="undercolumn_entry">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<div id="completetext">
<em>本登録が完了いたしました。<br />
それではショッピングをお楽しみください。</em>
<p>今後ともご愛顧賜りますようよろしくお願い申し上げます。</p>
- <p><!--{$arrSiteInfo.company_name|escape}--><br />
+ <p><!--{$arrSiteInfo.company_name|h}--><br />
TEL:<!--{$arrSiteInfo.tel01}-->-<!--{$arrSiteInfo.tel02}-->-<!--{$arrSiteInfo.tel03}--> <!--{if $arrSiteInfo.business_hour != ""}-->(受付時間/<!--{$arrSiteInfo.business_hour}-->)<!--{/if}--><br />
E-mall:<a href="mailto:<!--{$arrSiteInfo.email02|escape:'hex'}-->"><!--{$arrSiteInfo.email02|escape:'hexentity'}--></a></p>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/card.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/card.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/card.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -77,10 +77,10 @@
<span class="red"><!--{$arrErr[$key2]}--></span>
<span class="red"><!--{$arrErr[$key3]}--></span>
<span class="red"><!--{$arrErr[$key4]}--></span>
- <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6"> -
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6"> -
- <input type="text" name="<!--{$key3}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6"> -
- <input type="text" name="<!--{$key4}-->" value="<!--{$arrForm[$key4].value|escape}-->" maxlength="<!--{$arrForm[$key4].length}-->" style="<!--{$arrErr[$key4]|sfGetErrorColor}-->" size="6">
+ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6"> -
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6"> -
+ <input type="text" name="<!--{$key3}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6"> -
+ <input type="text" name="<!--{$key4}-->" value="<!--{$arrForm[$key4].value|h}-->" maxlength="<!--{$arrForm[$key4].length}-->" style="<!--{$arrErr[$key4]|sfGetErrorColor}-->" size="6">
</td>
</tr>
<tr><td height="5"></td></tr>
@@ -102,11 +102,11 @@
<td class="fs12n">
<span class="red"><!--{$arrErr[$key1]}--></span>
<span class="red"><!--{$arrErr[$key2]}--></span>
- <select name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" >
+ <select name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" >
<option value="">--</option>
<!--{html_options options=$arrMonth selected=$arrForm[$key1].value}-->
</select>月/
- <select name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" >
+ <select name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" >
<option value="">--</option>
<!--{html_options options=$arrYear selected=$arrForm[$key2].value}-->
</select>年</td>
@@ -130,8 +130,8 @@
<td class="fs12n">
<span class="red"><!--{$arrErr[$key1]}--></span>
<span class="red"><!--{$arrErr[$key2]}--></span>
- 名 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="20" class="bo20"> 姓
- <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="20" class="bo20"></td>
+ 名 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="20" class="bo20"> 姓
+ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="20" class="bo20"></td>
</tr>
<tr><td height="5"></td></tr>
<tr>
@@ -148,7 +148,7 @@
<tr>
<!--{assign var=key value="jpo_info"}-->
<td class="fs12n">
- <select name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" >
+ <select name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" >
<!--{html_options options=$arrJPO_INFO selected=$arrForm[$key].value}-->
</select></td>
</tr>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/complete.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/complete.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/complete.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<p class="flowarea">
<img src="<!--{$TPL_DIR}-->img/picture/img_flow_04.gif" width="700" height="36" alt="購入手続きの流れ" />
</p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<!-- ▼その他決済情報を表示する場合は表示 -->
<!--{if $arrOther.title.value }-->
@@ -43,13 +43,13 @@
<!-- ▲コンビに決済の場合には表示 -->
<div id="completetext">
- <em><!--{$arrInfo.shop_name|escape}-->の商品をご購入いただき、ありがとうございました。</em>
+ <em><!--{$arrInfo.shop_name|h}-->の商品をご購入いただき、ありがとうございました。</em>
<p>ただいま、ご注文の確認メールをお送りさせていただきました。<br />
万一、ご確認メールが届かない場合は、トラブルの可能性もありますので大変お手数ではございますがもう一度お問い合わせいただくか、お電話にてお問い合わせくださいませ。<br />
今後ともご愛顧賜りますようよろしくお願い申し上げます。</p>
- <p><!--{$arrInfo.shop_name|escape}--><br />
+ <p><!--{$arrInfo.shop_name|h}--><br />
TEL:<!--{$arrInfo.tel01}-->-<!--{$arrInfo.tel02}-->-<!--{$arrInfo.tel03}--> <!--{if $arrInfo.business_hour != ""}-->(受付時間/<!--{$arrInfo.business_hour}-->)<!--{/if}--><br />
E-mail:<a href="mailto:<!--{$arrInfo.email02|escape:'hex'}-->"><!--{$arrInfo.email02|escape:'hexentity'}--></a></p>
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/confirm.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/confirm.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/confirm.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -45,7 +45,7 @@
<div id="under02column">
<div id="under02column_shopping">
<p class="flowarea"><img src="<!--{$TPL_DIR}-->img/picture/img_flow_03.gif" width="700" height="36" alt="購入手続きの流れ" /></p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記ご注文内容で送信してもよろしいでしょうか?<br />
よろしければ、「<!--{if $payment_type != ""}-->次へ<!--{else}-->ご注文完了ページへ<!--{/if}-->」ボタンをクリックしてください。</p>
@@ -75,16 +75,16 @@
<td class="phototd">
<a
<!--{if $item.productsClass.main_image|strlen >= 1}-->
- href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$item.productsClass.main_image|sfNoImageMainList|escape}-->"
+ href="<!--{$smarty.const.IMAGE_SAVE_URL}--><!--{$item.productsClass.main_image|sfNoImageMainList|h}-->"
class="expansion"
target="_blank"
<!--{/if}-->
>
- <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$item.productsClass.main_list_image|sfNoImageMainList|escape}-->&width=65&height=65" alt="<!--{$item.productsClass.name|escape}-->" /></a>
+ <img src="<!--{$smarty.const.URL_DIR}-->resize_image.php?image=<!--{$item.productsClass.main_list_image|sfNoImageMainList|h}-->&width=65&height=65" alt="<!--{$item.productsClass.name|h}-->" /></a>
</td>
<td>
<ul>
- <li><strong><!--{$item.productsClass.name|escape}--></strong></li>
+ <li><strong><!--{$item.productsClass.name|h}--></strong></li>
<!--{if $item.productsClass.classcategory_name1 != ""}-->
<li><!--{$item.productsClass.class_name1}-->:<!--{$item.productsClass.classcategory_name1}--></li>
<!--{/if}-->
@@ -170,19 +170,19 @@
<!--{if $arrData.deliv_check >= 1}-->
<tr>
<th>お名前</th>
- <td><!--{$arrData.deliv_name01|escape}--> <!--{$arrData.deliv_name02|escape}--></td>
+ <td><!--{$arrData.deliv_name01|h}--> <!--{$arrData.deliv_name02|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)</th>
- <td><!--{$arrData.deliv_kana01|escape}--> <!--{$arrData.deliv_kana02|escape}--></td>
+ <td><!--{$arrData.deliv_kana01|h}--> <!--{$arrData.deliv_kana02|h}--></td>
</tr>
<tr>
<th>郵便番号</th>
- <td>〒<!--{$arrData.deliv_zip01|escape}-->-<!--{$arrData.deliv_zip02|escape}--></td>
+ <td>〒<!--{$arrData.deliv_zip01|h}-->-<!--{$arrData.deliv_zip02|h}--></td>
</tr>
<tr>
<th>住所</th>
- <td><!--{$arrPref[$arrData.deliv_pref]}--><!--{$arrData.deliv_addr01|escape}--><!--{$arrData.deliv_addr02|escape}--></td>
+ <td><!--{$arrPref[$arrData.deliv_pref]}--><!--{$arrData.deliv_addr01|h}--><!--{$arrData.deliv_addr02|h}--></td>
</tr>
<tr>
<th>電話番号</th>
@@ -191,19 +191,19 @@
<!--{else}-->
<tr>
<th>お名前</th>
- <td><!--{$arrData.order_name01|escape}--> <!--{$arrData.order_name02|escape}--></td>
+ <td><!--{$arrData.order_name01|h}--> <!--{$arrData.order_name02|h}--></td>
</tr>
<tr>
<th>お名前(フリガナ)</th>
- <td><!--{$arrData.order_kana01|escape}--> <!--{$arrData.order_kana02|escape}--></td>
+ <td><!--{$arrData.order_kana01|h}--> <!--{$arrData.order_kana02|h}--></td>
</tr>
<tr>
<th>郵便番号</th>
- <td>〒<!--{$arrData.order_zip01|escape}-->-<!--{$arrData.order_zip02|escape}--></td>
+ <td>〒<!--{$arrData.order_zip01|h}-->-<!--{$arrData.order_zip02|h}--></td>
</tr>
<tr>
<th>住所</th>
- <td><!--{$arrPref[$arrData.order_pref]}--><!--{$arrData.order_addr01|escape}--><!--{$arrData.order_addr02|escape}--></td>
+ <td><!--{$arrPref[$arrData.order_pref]}--><!--{$arrData.order_addr01|h}--><!--{$arrData.order_addr02|h}--></td>
</tr>
<tr>
<th>電話番号</th>
@@ -224,22 +224,22 @@
<tbody>
<tr>
<th>お支払方法</th>
- <td><!--{$arrData.payment_method|escape}--></td>
+ <td><!--{$arrData.payment_method|h}--></td>
</tr>
<!--{* 販売方法判定(ダウンロード販売のみの場合はお届け日、時間を表示しない) *}-->
<!--{if $cartdown != "2"}-->
<tr>
<th>お届け日</th>
- <td><!--{$arrData.deliv_date|escape|default:"指定なし"}--></td>
+ <td><!--{$arrData.deliv_date|default:"指定なし"|h}--></td>
</tr>
<tr>
<th>お届け時間</th>
- <td><!--{$arrData.deliv_time|escape|default:"指定なし"}--></td>
+ <td><!--{$arrData.deliv_time|default:"指定なし"|h}--></td>
</tr>
<!--{/if}-->
<tr>
<th>その他お問い合わせ</th>
- <td><!--{$arrData.message|escape|nl2br}--></td>
+ <td><!--{$arrData.message|h|nl2br}--></td>
</tr>
</tbody>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/convenience.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/convenience.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/convenience.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -65,7 +65,7 @@
<!--{foreach key=key item=item from=$arrCONVENIENCE}-->
<tr>
<td id="select_c"><input type="radio" name="convenience" value="<!--{$key}-->" style="<!--{$arrErr.convenience|sfGetErrorColor}-->"></td>
- <td class="fs12n" id="payment_c"><!--{$item|escape}--></td>
+ <td class="fs12n" id="payment_c"><!--{$item|h}--></td>
</tr>
<!--{/foreach}-->
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/deliv.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/deliv.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/deliv.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,17 +25,17 @@
<p class="flowarea">
<img src="<!--{$TPL_DIR}-->img/picture/img_flow_01.gif" width="700" height="36" alt="購入手続きの流れ" />
</p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記一覧よりお届け先住所を選択して、「選択したお届け先に送る」ボタンをクリックしてください。</p>
<!--{if $tpl_addrmax < $smarty.const.DELIV_ADDR_MAX}-->
<p>一覧にご希望の住所が無い場合は、「新しいお届け先を追加する」より追加登録してください。</p>
<!--{/if}-->
- <p>※最大<!--{$smarty.const.DELIV_ADDR_MAX|escape}-->件まで登録できます。</p>
+ <p>※最大<!--{$smarty.const.DELIV_ADDR_MAX|h}-->件まで登録できます。</p>
<!--{if $tpl_addrmax < $smarty.const.DELIV_ADDR_MAX}-->
<p class="addbtn">
- <a href="<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php" onclick="win02('<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php?page=<!--{$smarty.server.PHP_SELF|escape}-->','new_deiv','600','640'); return false;" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_address_on.gif','addition');" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_address.gif','addition');"><img src="<!--{$TPL_DIR}-->img/button/btn_add_address.gif" width="160" height="22" alt="新しいお届け先を追加する" name="addition" id="addition" /></a>
+ <a href="<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php" onclick="win02('<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php?page=<!--{$smarty.server.PHP_SELF|h}-->','new_deiv','600','640'); return false;" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_address_on.gif','addition');" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_add_address.gif','addition');"><img src="<!--{$TPL_DIR}-->img/button/btn_add_address.gif" width="160" height="22" alt="新しいお届け先を追加する" name="addition" id="addition" /></a>
</p>
<!--{/if}-->
<form name="form1" id="form1" method="post" action="?">
@@ -73,12 +73,12 @@
</td>
<td>
<!--{assign var=key value=$arrAddr[cnt].pref}-->
- <!--{$arrPref[$key]}--><!--{$arrAddr[cnt].addr01|escape}--><!--{$arrAddr[cnt].addr02|escape}--><br />
- <!--{$arrAddr[cnt].name01|escape}--> <!--{$arrAddr[cnt].name02|escape}-->
+ <!--{$arrPref[$key]}--><!--{$arrAddr[cnt].addr01|h}--><!--{$arrAddr[cnt].addr02|h}--><br />
+ <!--{$arrAddr[cnt].name01|h}--> <!--{$arrAddr[cnt].name02|h}-->
</td>
<td class="centertd">
<!--{if !$smarty.section.cnt.first}-->
- <a href="<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php" onclick="win02('<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php?page=<!--{$smarty.server.PHP_SELF|escape}-->&other_deliv_id=<!--{$arrAddr[cnt].other_deliv_id}-->','new_deiv','600','640'); return false;">変更</a>
+ <a href="<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php" onclick="win02('<!--{$smarty.const.URL_DIR}-->mypage/delivery_addr.php?page=<!--{$smarty.server.PHP_SELF|h}-->&other_deliv_id=<!--{$arrAddr[cnt].other_deliv_id}-->','new_deiv','600','640'); return false;">変更</a>
<!--{/if}-->
</td>
<td class="centertd">
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/index.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/index.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/index.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -22,7 +22,7 @@
<!--▼CONTENTS-->
<div id="under02column">
<div id="under02column_login">
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<form name="member_form" id="member_form" method="post" action="./deliv.php" onsubmit="return fnCheckLogin('member_form')">
<div class="loginarea">
<input type="hidden" name="<!--{$smarty.const.TRANSACTION_ID_NAME}-->" value="<!--{$transactionid}-->" />
@@ -33,7 +33,7 @@
<!--{assign var=key value="login_email"}--><span class="attention"><!--{$arrErr[$key]}--></span>
<p>メールアドレス:
<input type="text" name="<!--{$key}-->"
- value="<!--{$tpl_login_email|escape}-->"
+ value="<!--{$tpl_login_email|h}-->"
maxlength="<!--{$arrForm[$key].length}-->"
style="<!--{$arrErr[$key]|sfGetErrorColor}-->; ime-mode: disabled;"
size="40" class="box300" />
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/nonmember_input.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/nonmember_input.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/nonmember_input.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -23,7 +23,7 @@
<div id="under02column">
<div id="under02column_customer">
<p class="flowarea"><img src="<!--{$TPL_DIR}-->img/picture/img_flow_01.gif" width="700" height="36" alt="購入手続きの流れ" /></p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<p>下記項目にご入力ください。「<span class="attention">※</span>」印は入力必須項目です。<br />
入力後、一番下の「確認ページへ」ボタンをクリックしてください。</p>
@@ -38,8 +38,8 @@
<!--{assign var=key1 value="order_name01"}-->
<!--{assign var=key2 value="order_name02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box120" />
- 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box120" />
+ 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box120" />
+ 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -48,8 +48,8 @@
<!--{assign var=key1 value="order_kana01"}-->
<!--{assign var=key2 value="order_kana02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box120" />
- メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box120" />
+ セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box120" />
+ メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -58,7 +58,7 @@
<!--{assign var=key1 value="order_zip01"}-->
<!--{assign var=key2 value="order_zip02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- <p>〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" />
+ <p>〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" />
<a href="http://search.post.japanpost.jp/zipcode/" target="_blank"><span class="fs12">郵便番号検索</span></a></p>
<p class="zipimg"><a href="<!--{$smarty.const.URL_DIR}-->address/<!--{$smarty.const.DIR_INDEX_URL}-->" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'order_zip01', 'order_zip02', 'order_pref', 'order_addr01'); return false;" target="_blank"><img src="<!--{$TPL_DIR}-->img/button/btn_address_input.gif" width="86" height="20" alt="住所自動入力" /></a>
@@ -76,11 +76,11 @@
</select>
<p class="mini">
<!--{assign var=key value="order_addr01"}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box380" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box380" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}--></p>
<p class="mini">
<!--{assign var=key value="order_addr02"}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box380" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box380" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}--></p>
<p class="mini"><em>住所は2つに分けてご記入ください。マンション名は必ず記入してください。</em></p></td>
</tr>
@@ -93,9 +93,9 @@
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box60" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box60" />
</td>
</tr>
<tr>
@@ -107,9 +107,9 @@
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box60" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box60" />
</td>
</tr>
<tr>
@@ -117,10 +117,10 @@
<td>
<!--{assign var=key value="order_email"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="40" class="box380" /><br />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="40" class="box380" /><br />
<!--{assign var=key value="order_email02"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|escape}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="40" class="box380" /><br />
+ <input type="text" name="<!--{$arrForm[$key].keyname}-->" value="<!--{$arrForm[$key].value|h}-->" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" size="40" class="box380" /><br />
<p class="mini"><em>確認のため2度入力してください。</em></p>
</td>
</tr>
@@ -177,8 +177,8 @@
<!--{assign var=key1 value="deliv_name01"}-->
<!--{assign var=key2 value="deliv_name02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box120" />
- 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box120" />
+ 姓 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box120" />
+ 名 <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -187,8 +187,8 @@
<!--{assign var=key1 value="deliv_kana01"}-->
<!--{assign var=key2 value="deliv_kana02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box120" />
- メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box120" />
+ セイ <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="15" class="box120" />
+ メイ <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="15" class="box120" />
</td>
</tr>
<tr>
@@ -197,7 +197,7 @@
<!--{assign var=key1 value="deliv_zip01"}-->
<!--{assign var=key2 value="deliv_zip02"}-->
<span class="attention"><!--{$arrErr[$key1]}--><!--{$arrErr[$key2]}--></span>
- <p>〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" />
+ <p>〒 <input type="text" name="<!--{$key1}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> - <input type="text" name="<!--{$key2}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" />
<a href="http://search.post.japanpost.jp/zipcode/" target="_blank"><span class="fs12">郵便番号検索</span></a></p>
<p class="zipimg"><a href="<!--{$smarty.const.URL_DIR}-->address/<!--{$smarty.const.DIR_INDEX_URL}-->" onclick="fnCallAddress('<!--{$smarty.const.URL_INPUT_ZIP}-->', 'deliv_zip01', 'deliv_zip02', 'deliv_pref', 'deliv_addr01'); return false;" target="_blank"><img src="<!--{$TPL_DIR}-->img/button/btn_address_input.gif" width="86" height="20" alt="住所自動入力" /></a>
@@ -215,11 +215,11 @@
</select>
<p class="mini">
<!--{assign var=key value="deliv_addr01"}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box380" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box380" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS1}--></p>
<p class="mini">
<!--{assign var=key value="deliv_addr02"}-->
- <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|escape}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box380" /><br />
+ <input type="text" name="<!--{$key}-->" value="<!--{$arrForm[$key].value|h}-->" size="40" maxlength="<!--{$arrForm[$key].length}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" class="box380" /><br />
<!--{$smarty.const.SAMPLE_ADDRESS2}--></p>
<p class="mini"><em>住所は2つに分けてご記入ください。マンション名は必ず記入してください。</em></p>
@@ -234,9 +234,9 @@
<span class="attention"><!--{$arrErr[$key1]}--></span>
<span class="attention"><!--{$arrErr[$key2]}--></span>
<span class="attention"><!--{$arrErr[$key3]}--></span>
- <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|escape}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|escape}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" /> -
- <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|escape}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box60" />
+ <input type="text" name="<!--{$arrForm[$key1].keyname}-->" value="<!--{$arrForm[$key1].value|h}-->" maxlength="<!--{$arrForm[$key1].length}-->" style="<!--{$arrErr[$key1]|sfGetErrorColor}-->" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key2].keyname}-->" value="<!--{$arrForm[$key2].value|h}-->" maxlength="<!--{$arrForm[$key2].length}-->" style="<!--{$arrErr[$key2]|sfGetErrorColor}-->" size="6" class="box60" /> -
+ <input type="text" name="<!--{$arrForm[$key3].keyname}-->" value="<!--{$arrForm[$key3].value|h}-->" maxlength="<!--{$arrForm[$key3].length}-->" style="<!--{$arrErr[$key3]|sfGetErrorColor}-->" size="6" class="box60" />
</td>
</tr>
</table>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/payment.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/payment.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/shopping/payment.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -25,7 +25,7 @@
<p class="flowarea">
<img src="<!--{$TPL_DIR}-->img/picture/img_flow_02.gif" width="700" height="36" alt="購入手続きの流れ" />
</p>
- <h2 class="title"><!--{$tpl_title|escape}--></h2>
+ <h2 class="title"><!--{$tpl_title|h}--></h2>
<form name="form1" id="form1" method="post" action="?">
<input type="hidden" name="mode" value="confirm" />
@@ -48,7 +48,7 @@
<td class="centertd"><input type="radio" id="pay_<!--{$smarty.section.cnt.iteration}-->" name="<!--{$key}-->" onclick="fnSetDelivTime('payment','<!--{$key}-->','deliv_time_id');" value="<!--{$arrPayment[cnt].payment_id}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" <!--{$arrPayment[cnt].payment_id|sfGetChecked:$arrForm[$key].value}--> />
</td>
<td>
- <label for="pay_<!--{$smarty.section.cnt.iteration}-->"><!--{$arrPayment[cnt].payment_method|escape}--><!--{if $arrPayment[cnt].note != ""}--><!--{/if}--></label>
+ <label for="pay_<!--{$smarty.section.cnt.iteration}-->"><!--{$arrPayment[cnt].payment_method|h}--><!--{if $arrPayment[cnt].note != ""}--><!--{/if}--></label>
</td>
<!--{if $img_show}-->
<td>
@@ -98,7 +98,7 @@
<!--★その他お問い合わせ事項★-->
<!--{assign var=key value="message"}-->
<span class="attention"><!--{$arrErr[$key]}--></span>
- <textarea name="<!--{$key}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" cols="80" rows="8" class="area660" wrap="head"><!--{$arrForm[$key].value|escape}--></textarea>
+ <textarea name="<!--{$key}-->" style="<!--{$arrErr[$key]|sfGetErrorColor}-->" cols="80" rows="8" class="area660" wrap="head"><!--{$arrForm[$key].value|h}--></textarea>
<span class="attention"> (<!--{$smarty.const.LTEXT_LEN}-->文字まで)</span>
</div>
</div>
@@ -111,7 +111,7 @@
<p><span class="attention">1ポイントを1円</span>として使用する事ができます。<br />
使用する場合は、「ポイントを使用する」にチェックを入れた後、使用するポイントをご記入ください。</p>
<div>
- <p><!--{$objCustomer->getValue('name01')|escape}--> <!--{$objCustomer->getValue('name02')|escape}-->様の、現在の所持ポイントは「<em><!--{$tpl_user_point|default:0}-->Pt</em>」です。</p>
+ <p><!--{$objCustomer->getValue('name01')|h}--> <!--{$objCustomer->getValue('name02')|h}-->様の、現在の所持ポイントは「<em><!--{$tpl_user_point|default:0}-->Pt</em>」です。</p>
<p>今回ご購入合計金額:<span class="price"><!--{$arrData.subtotal|number_format}-->円</span> <span class="attention">(送料、手数料を含みません。)</span></p>
<ul>
<li><input type="radio" id="point_on" name="point_check" value="1" <!--{$arrForm.point_check.value|sfGetChecked:1}--> onclick="fnCheckInputPoint();" /><label for="point_on">ポイントを使用する</label></li>
@@ -126,7 +126,7 @@
<!-- ▲ポイント使用 ここまで -->
<div class="tblareabtn">
- <a href="<!--{$tpl_back_url|escape}-->" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_back_on.gif','back03')" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_back.gif','back03')">
+ <a href="<!--{$tpl_back_url|h}-->" onmouseover="chgImg('<!--{$TPL_DIR}-->img/button/btn_back_on.gif','back03')" onmouseout="chgImg('<!--{$TPL_DIR}-->img/button/btn_back.gif','back03')">
<img src="<!--{$TPL_DIR}-->img/button/btn_back.gif" width="150" height="30" alt="戻る" border="0" name="back03" id="back03" /></a>
<input type="image" onmouseover="chgImgImageSubmit('<!--{$TPL_DIR}-->img/button/btn_next_on.gif',this)" onmouseout="chgImgImageSubmit('<!--{$TPL_DIR}-->img/button/btn_next.gif',this)" src="<!--{$TPL_DIR}-->img/button/btn_next.gif" class="box150" alt="次へ" name="next" id="next" />
</div>
変更: branches/version-2_5-dev/data/Smarty/templates/sphone/site_frame.tpl
===================================================================
--- branches/version-2_5-dev/data/Smarty/templates/sphone/site_frame.tpl 2010-12-29 03:44:55 UTC (rev 19784)
+++ branches/version-2_5-dev/data/Smarty/templates/sphone/site_frame.tpl 2010-12-29 04:10:01 UTC (rev 19785)
@@ -40,21 +40,24 @@
<script type="text/javascript" src="<!--{$TPL_DIR}-->js/category.js"></script>
<script type="text/javascript" src="<!--{$TPL_DIR}-->js/news.js"></script>
-<title><!--{$arrSiteInfo.shop_name|escape}--><!--{if $tpl_subtitle|strlen >= 1}--> / <!--{$tpl_subtitle|escape}--><!--{elseif $tpl_title|strlen >= 1}--> / <!--{$tpl_title|escape}--><!--{/if}--></title>
+<title><!--{$arrSiteInfo.shop_name|h}--><!--{if $tpl_subtitle|strlen >= 1}--> / <!--{$tpl_subtitle|h}--><!--{elseif $tpl_title|strlen >= 1}--> / <!--{$tpl_title|h}--><!--{/if}--></title>
<!--{if $arrPageLayout.author|strlen >= 1}-->
- <meta name="author" content="<!--{$arrPageLayout.author|escape}-->" />
+ <meta name="author" content="<!--{$arrPageLayout.author|h}-->" />
<!--{/if}-->
<!--{if $arrPageLayout.description|strlen >= 1}-->
- <meta name="description" content="<!--{$arrPageLayout.description|escape}-->" />
+ <meta name="description" content="<!--{$arrPageLayout.description|h}-->" />
<!--{/if}-->
<!--{if $arrPageLayout.keyword|strlen >= 1}-->
- <meta name="keywords" content="<!--{$arrPageLayout.keyword|escape}-->" />
+ <meta name="keywords" content="<!--{$arrPageLayout.keyword|h}-->" />
<!--{/if}-->
<!--{* iPhone用アイコン画像 *}-->
<link rel="apple-touch-icon" href="<!--{$smarty.const.SMARTPHONE_URL_DIR}-->sphone/apple-touch-icon.png" />
<script type="text/javascript">//<![CDATA[
<!--{$tpl_javascript}-->
+ $(function(){
+ <!--{$tpl_onload}-->
+ });
//]]>
</script>
追加: branches/version-2_5-dev/data/smarty_extends/modifier.h.php
===================================================================
--- branches/version-2_5-dev/data/smarty_extends/modifier.h.php (rev 0)
+++ branches/version-2_5-dev/data/smarty_extends/modifier.h.php 2010-12-29 04:10:01 UTC (rev 19785)
@@ -0,0 +1,23 @@
+<?php
+/**
+ * Smarty plugin
+ * @package Smarty
+ * @subpackage plugins
+ */
+
+
+/**
+ * Smarty plugin
+ *
+ * Type: modifier<br>
+ * Name: h<br>
+ * Date: Dec 28, 2010<br>
+ * Purpose: HTML エスケープを行う<br>
+ * Example: {$text|h}
+ * @author Seasoft 塚田将久
+ * @param string $string
+ * @return string
+ */
+function smarty_modifier_h($string) {
+ return htmlspecialchars($string, ENT_QUOTES);
+}
追加: branches/version-2_5-dev/data/smarty_extends/modifier.u.php
===================================================================
--- branches/version-2_5-dev/data/smarty_extends/modifier.u.php (rev 0)
+++ branches/version-2_5-dev/data/smarty_extends/modifier.u.php 2010-12-29 04:10:01 UTC (rev 19785)
@@ -0,0 +1,23 @@
+<?php
+/**
+ * Smarty plugin
+ * @package Smarty
+ * @subpackage plugins
+ */
+
+
+/**
+ * Smarty plugin
+ *
+ * Type: modifier<br>
+ * Name: u<br>
+ * Date: Dec 28, 2010<br>
+ * Purpose: URL エンコードを行った後で、HTML エスケープを行う<br>
+ * Example: {$text|u}
+ * @author Seasoft 塚田将久
+ * @param string $string
+ * @return string
+ */
+function smarty_modifier_u($string) {
+ return htmlspecialchars(rawurlencode($string), ENT_QUOTES);
+}
Svn-src-all メーリングリストの案内