instiki/app/views/file/file.rhtml
Jacques Distler 0aafedb2df More XSS fixes.
Started fixing file uploads.
2007-02-21 12:10:47 -06:00

31 lines
1.3 KiB
Text

<%
@title = "Upload #{h @file_name}"
@hide_navigation = false
%>
<%= error_messages_for 'file' %>
<%= form_tag({ :controller => 'file', :web => @web_name, :action => 'file' },
{ 'multipart' => true , 'accept-charset' => 'utf-8' }) %>
<div class="inputFieldWithPrompt">
<%= hidden_field 'file', 'file_name' %>
<label for="file_content"><b>Content of <%= h @file_name %> to upload</b> (required):</label>
<br />
<input type="file" id="file_content" name="file[content]" size="40" />
<br />
Please note that the file you are uploading will be named <%= h @file_name %> on the wiki -
regardless of how it is named on your computer. To change the wiki name of the file, please go
<%= link_to :back %> and edit the wiki page that refers to the file.
</div>
<div class="inputFieldWithPrompt">
<label for="file_description"><b>Description</b> (optional):</label>
<br/>
<%= text_field "file", "description", "size" => 40 %>
</div>
<div>
<input type="submit" value="Upload" /> as
<%= text_field_tag :author, @author,
:onfocus => "this.value == 'AnonymousCoward' ? this.value = '' : true;",
:onblur => "this.value == '' ? this.value = 'AnonymousCoward' : true" %>
</div>
<%= end_form_tag %>