Fixed bug #15516: htmlArea RTE: Safari does not support WISIWYG editing on iPad
[Packages/TYPO3.CMS.git] / typo3 / wizard_table.php
index c3df549..5407073 100644 (file)
@@ -2,7 +2,7 @@
 /***************************************************************
 *  Copyright notice
 *
-*  (c) 1999-2009 Kasper Skaarhoj (kasperYYYY@typo3.com)
+*  (c) 1999-2010 Kasper Skaarhoj (kasperYYYY@typo3.com)
 *  All rights reserved
 *
 *  This script is part of the TYPO3 project. The TYPO3 project is
@@ -209,7 +209,7 @@ class SC_wizard_table {
                        $buttons['csh_buttons'] = t3lib_BEfunc::cshItem('xMOD_csh_corebe', 'wizard_table_wiz_buttons', $GLOBALS['BACK_PATH'], '');
 
                        // Close
-                       $buttons['close'] = '<a href="#" onclick="' . htmlspecialchars('jumpToUrl(unescape(\'' . rawurlencode($this->P['returnUrl']) . '\')); return false;') . '">' .
+                       $buttons['close'] = '<a href="#" onclick="' . htmlspecialchars('jumpToUrl(unescape(\'' . rawurlencode(t3lib_div::sanitizeLocalUrl($this->P['returnUrl'])) . '\')); return false;') . '">' .
                                t3lib_iconWorks::getSpriteIcon('actions-document-close', array('title' => $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.php:rm.closeDoc', TRUE))) .
                  '</a>';
 
@@ -319,7 +319,7 @@ class SC_wizard_table {
 
                                        // If the save/close button was pressed, then redirect the screen:
                                if ($_POST['saveandclosedok_x']) {
-                                       t3lib_utility_Http::redirect($this->P['returnUrl']);
+                                       t3lib_utility_Http::redirect(t3lib_div::sanitizeLocalUrl($this->P['returnUrl']));
                                }
                        }
                } else {        // If nothing has been submitted, load the $bodyText variable from the selected database row: