- Improved security: Removed most [ns_conn form] calls in the system.

www/new-cost-center-select.tcl

@@ -49,13 +49,10 @@ set bgcolor(1) " class=roweven"
 # from the HTTP session.
 # -----------------------------------------------------------
 
-set form_vars [ns_conn form]
 set pass_through_html ""
 foreach var $pass_through_variables {
-    set value [ns_set get $form_vars $var]
-   append pass_through_html "
-        <input type=hidden name=\"$var\" value=\"[ns_quotehtml $value]\">
-   "
+    set value [im_opt_val -limit_to nohtml $var]
+    append pass_through_html "<input type=hidden name=\"$var\" value=\"[ns_quotehtml $value]\">\n"
 }
 
 # ---------------------------------------------------------------