diff options
author | Alib <aliboba@free.fr> | 2010-03-16 18:54:56 +0100 |
---|---|---|
committer | Alib <aliboba@free.fr> | 2010-03-16 18:54:56 +0100 |
commit | 6438cd8b0c064336caeeed57ed544e76cfde9636 (patch) | |
tree | 35e0e8521b378c9e5ff2316c0f23c264d01b955a /js | |
parent | 6b41d76948b8b3eafff695ce797d6fa96127c300 (diff) | |
download | istreamdev-6438cd8b0c064336caeeed57ed544e76cfde9636.tar.gz istreamdev-6438cd8b0c064336caeeed57ed544e76cfde9636.tar.bz2 |
encodeURIComponent for all non numeric submited values
Diffstat (limited to 'js')
-rw-r--r-- | js/istreamdev.js | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/js/istreamdev.js b/js/istreamdev.js index 331aea2..4fd86c8 100644 --- a/js/istreamdev.js +++ b/js/istreamdev.js @@ -239,7 +239,7 @@ function gen_streamchannel(channame,channumber) { }
function gen_streamrec(folder,path) {
- var dataString = "action=getRecInfo&rec=" + path + folder;
+ var dataString = "action=getRecInfo&rec=" + encodeURIComponent(path) + encodeURIComponent(folder);
//Json call to get rec info
$.getJSON("bin/backend.php",
dataString,
@@ -257,7 +257,7 @@ function gen_streamrec(folder,path) { }
function gen_streamvid(filename,path) {
- var dataString = "action=getVidInfo&file=" + path + filename;
+ var dataString = "action=getVidInfo&file=" + encodeURIComponent(path) + encodeURIComponent(filename);
//Json call to get rec info
$.getJSON("bin/backend.php",
dataString,
@@ -324,7 +324,7 @@ function gen_streaming(session) { //Start broadcast
function start_broadcast(type,url,mode) {
- var dataString = 'action=startBroadcast&type='+type+'&url='+url+'&mode=' + mode;
+ var dataString = 'action=startBroadcast&type='+type+'&url='+encodeURIComponent(url)+'&mode=' + mode;
$.getJSON("bin/backend.php",
dataString,
function(data){
@@ -384,7 +384,7 @@ function playvideo(session,name) { }
var status_Start = function(session,prevmsg) {
- dataString = "action=getStreamStatus&session=" + session + "&msg=" + prevmsg;
+ dataString = "action=getStreamStatus&session=" + session + "&msg=" + encodeURIComponent(prevmsg);
$.getJSON("bin/backend.php",
dataString,
function(data){
@@ -494,7 +494,7 @@ function gen_browser(path,browser,name,foldertype) { }
$('#browser' + browser + ' div[class="toolbar"]').html(toolbar);
}
- var dataString = 'action=browseFolder&path='+path+'&browser=' + browser;
+ var dataString = 'action=browseFolder&path='+encodeURIComponent(path)+'&browser=' + browser;
$.getJSON("bin/backend.php",
dataString,
function(data) {
@@ -529,7 +529,7 @@ function addplayer(button) { $('#browser'+browser+' #div_player').remove();
$('#browser'+browser).append('<div style="position:absolute; left:0; top:0" name="div_player" id="div_player"></div>');
//get playlist data
- dataString = 'action=streamAudio&path=' + path + '&file=' + name;
+ dataString = 'action=streamAudio&path=' + encodeURIComponent(path) + '&file=' + encodeURIComponent(name);
$.ajax({
url: "bin/backend.php",
dataType: 'json',
@@ -718,7 +718,7 @@ $('.submit_form').tap(function(event) { var timer_id = $("input#timer_id").val();
var timer_chan = $("select#timer_chan").val();
var timer_active = $("input#timer_active").val();
- var dataString = 'action=editTimer&id=' + timer_id + '&active=' + timer_active + '&channumber=' + timer_chan + '&date=' + timer_date + '&starttime=' + timer_starttime + '&endtime=' + timer_endtime;
+ var dataString = 'action=editTimer&id=' + timer_id + '&active=' + timer_active + '&name=' + encodeURIComponent(timer_name) + '&channumber=' + timer_chan + '&date=' + timer_date + '&starttime=' + timer_starttime + '&endtime=' + timer_endtime;
$.getJSON("bin/backend.php",
dataString,
function(data) {
|