@@ -258,13 +258,13 @@ function form_thold_filter() {
258258
259259 function applyFilter() {
260260 strURL = 'thold_graph.php?header=false&action=thold';
261- strURL += '&state=' + $('#state').val();
262- strURL += '&thold_template_id=' + $('#thold_template_id').val();
263- strURL += '&data_template_id=' + $('#data_template_id').val();
264- strURL += '&host_id=' + $('#host_id').val();
265- strURL += '&site_id=' + $('#site_id').val();
266- strURL += '&rows=' + $('#rows').val();
267- strURL += '&rfilter=' + base64_encode($('#rfilter').val());
261+ strURL += '&state=' + encodeURIComponent( $('#state').val() );
262+ strURL += '&thold_template_id=' + encodeURIComponent( $('#thold_template_id').val() );
263+ strURL += '&data_template_id=' + encodeURIComponent( $('#data_template_id').val() );
264+ strURL += '&host_id=' + encodeURIComponent( $('#host_id').val() );
265+ strURL += '&site_id=' + encodeURIComponent( $('#site_id').val() );
266+ strURL += '&rows=' + encodeURIComponent( $('#rows').val() );
267+ strURL += '&rfilter=' + encodeURIComponent( base64_encode($('#rfilter').val() ));
268268 loadPageNoHeader(strURL);
269269 }
270270
@@ -1268,11 +1268,11 @@ function form_host_filter() {
12681268
12691269 function applyFilter() {
12701270 strURL = 'thold_graph.php?header=false&action=hoststat';
1271- strURL += '&host_status=' + $('#host_status').val();
1272- strURL += '&host_template_id=' + $('#host_template_id').val();
1273- strURL += '&site_id=' + $('#site_id').val();
1274- strURL += '&rows=' + $('#rows').val();
1275- strURL += '&rfilter=' + base64_encode($('#rfilter').val());
1271+ strURL += '&host_status=' + encodeURIComponent( $('#host_status').val() );
1272+ strURL += '&host_template_id=' + encodeURIComponent( $('#host_template_id').val() );
1273+ strURL += '&site_id=' + encodeURIComponent( $('#site_id').val() );
1274+ strURL += '&rows=' + encodeURIComponent( $('#rows').val() );
1275+ strURL += '&rfilter=' + encodeURIComponent( base64_encode($('#rfilter').val() ));
12761276 loadPageNoHeader(strURL);
12771277 }
12781278
@@ -1734,13 +1734,13 @@ function form_thold_log_filter() {
17341734
17351735 function applyFilter() {
17361736 strURL = 'thold_graph.php?header=false&action=log';
1737- strURL += '&status=' + $('#status').val();
1738- strURL += '&threshold_id=' + $('#threshold_id').val();
1739- strURL += '&thold_template_id=' + $('#thold_template_id').val();
1740- strURL += '&host_id=' + $('#host_id').val();
1741- strURL += '&site_id=' + $('#site_id').val();
1742- strURL += '&rows=' + $('#rows').val();
1743- strURL += '&rfilter=' + base64_encode($('#rfilter').val());
1737+ strURL += '&status=' + encodeURIComponent( $('#status').val() );
1738+ strURL += '&threshold_id=' + encodeURIComponent( $('#threshold_id').val() );
1739+ strURL += '&thold_template_id=' + encodeURIComponent( $('#thold_template_id').val() );
1740+ strURL += '&host_id=' + encodeURIComponent( $('#host_id').val() );
1741+ strURL += '&site_id=' + encodeURIComponent( $('#site_id').val() );
1742+ strURL += '&rows=' + encodeURIComponent( $('#rows').val() );
1743+ strURL += '&rfilter=' + encodeURIComponent( base64_encode($('#rfilter').val() ));
17441744 loadPageNoHeader(strURL);
17451745 }
17461746
@@ -1751,13 +1751,13 @@ function clearFilter() {
17511751
17521752 function exportLog() {
17531753 strURL = 'thold_graph.php?action=exportlog';
1754- strURL += '&status=' + $('#status').val();
1755- strURL += '&threshold_id=' + $('#threshold_id').val();
1756- strURL += '&thold_template_id=' + $('#thold_template_id').val();
1757- strURL += '&host_id=' + $('#host_id').val();
1758- strURL += '&site_id=' + $('#site_id').val();
1759- strURL += '&rows=' + $('#rows').val();
1760- strURL += '&rfilter=' + base64_encode($('#rfilter').val());
1754+ strURL += '&status=' + encodeURIComponent( $('#status').val() );
1755+ strURL += '&threshold_id=' + encodeURIComponent( $('#threshold_id').val() );
1756+ strURL += '&thold_template_id=' + encodeURIComponent( $('#thold_template_id').val() );
1757+ strURL += '&host_id=' + encodeURIComponent( $('#host_id').val() );
1758+ strURL += '&site_id=' + encodeURIComponent( $('#site_id').val() );
1759+ strURL += '&rows=' + encodeURIComponent( $('#rows').val() );
1760+ strURL += '&rfilter=' + encodeURIComponent( base64_encode($('#rfilter').val() ));
17611761 document.location = strURL;
17621762 Pace.stop();
17631763 }
0 commit comments