Nearly all <FORM> blocks now contain a hidden input

[citadel.git] / webcit / preferences.c

diff --git a/webcit/preferences.c b/webcit/preferences.c
index 987b2ac2c625857add7b921a9369baa2d602eabd..fac58a6b45e04ff3eadd69c9c87ff36ffb396941 100644 (file)
--- a/webcit/preferences.c
+++ b/webcit/preferences.c
@@ -199,7 +199,7 @@ void display_preferences(void)
        int i;
 
        wprintf("<div id=\"banner\">\n");
-       wprintf("<TABLE WIDTH=100%% BORDER=0 BGCOLOR=\"#444455\"><TR><TD>");
+       wprintf("<TABLE class=\"preferences_banner\"><TR><TD>");
        wprintf("<img src=\"static/advanpage2_48x.gif\" ALT=\" \" ALIGN=MIDDLE>");
        wprintf("<SPAN CLASS=\"titlebar\">&nbsp;");
        wprintf(_("Preferences and settings"));
@@ -210,13 +210,14 @@ void display_preferences(void)
                "<div id=\"content\">\n");
 
        wprintf("<div class=\"fix_scrollbar_bug\">"
-               "<table border=0 width=100%% bgcolor=\"#ffffff\"><tr><td>\n");
+               "<table class=\"preferences_background\"><tr><td>\n");
 
        /** begin form */
        wprintf("<center>\n"
                "<form name=\"prefform\" action=\"set_preferences\" "
                "method=\"post\">\n"
                "<table border=0 cellspacing=5 cellpadding=5>\n");
+       wprintf("<input type=\"hidden\" name=\"nonce\" value=\"%ld\">\n", WC->nonce);
 
        /**
         * Room list view
@@ -377,7 +378,9 @@ void display_preferences(void)
        wprintf("<tr><td>");
        wprintf(_("Default character set for email headers:"));
        wprintf("</td><td>");
-       wprintf("<input type=\"text\" NAME=\"default_header_charset\" MAXLENGTH=\"32\" VALUE=\"%s\">", buf);
+       wprintf("<input type=\"text\" NAME=\"default_header_charset\" MAXLENGTH=\"32\" VALUE=\"");
+       escputs(buf);
+       wprintf("\">");
        wprintf("</td></tr>");
 
        /** submit buttons */