Merge branch 'master' of github.com:kivitendo/kivitendo-erp

[kivitendo-erp.git] / templates / webpages / report_generator / html_report.html

diff --git a/templates/webpages/report_generator/html_report.html b/templates/webpages/report_generator/html_report.html
index a35cfb6..2b169ab 100644 (file)
--- a/templates/webpages/report_generator/html_report.html
+++ b/templates/webpages/report_generator/html_report.html
@@ -1,6 +1,5 @@
 [%- USE T8 %]
-[% USE HTML %]<body[% IF onload %] onload="[% onload %]"[% END %]>
-
+[%- USE HTML %]
  <style type="text/css">
   <!--
 .top_border {
@@ -18,7 +17,7 @@
   <p>[% MESSAGE %]</p>
  [% END %]
 
- <div class="listtop" width="100%">[% TITLE %]</div>
+ <h1>[% TITLE %]</h1>
 
  [% IF TOP_INFO_TEXT %]
   <p>[% TOP_INFO_TEXT %]</p>
@@ -36,7 +35,7 @@
      [%- IF col.align %] align="[% HTML.escape(col.align) %]" style="text-align: [% HTML.escape(col.align) %]"[% END -%]
      [%- IF col.colspan && col.colspan > 1 %] colspan="[% HTML.escape(col.colspan) %]"[% END -%]
      >
-      [%- IF col.link -%]<a class='report-generator-header-link' href="[% col.link %]">[%- END -%]
+      [%- IF col.link -%]<a class='report-generator-header-link' href="[% HTML.escape(col.link) %]">[%- END -%]
       [%- col.text -%]
       [%- IF col.show_sort_indicator -%]<img border="0" src="image/[% IF col.sort_indicator_direction %]down[% ELSE %]up[% END %].png">[%- END -%]
       [%- IF col.link -%]</a>[%- END -%]
@@ -64,7 +63,7 @@
        [%- ELSE %]
         [%- USE iterator(col.CELL_ROWS) %][%- FOREACH cell_row = iterator %]
          [%- IF cell_row.data != '' %]
-          [%- IF cell_row.link %]<a href="[% cell_row.link %]">[%- END %]
+          [%- IF cell_row.link %]<a href="[% HTML.escape(cell_row.link) %]">[%- END %]
           [%- cell_row.data %]
           [%- IF cell_row.link %]</a>[%- END %]
          [%- END %]
@@ -129,4 +128,3 @@
   </form>
  [% END %]
 
-</body>