SECURITY: Fixed several XSS vulns reported by Secunia, mostly in Private Messaging. Also backported CSRF protection API from 1.1.x, and protected Private Messaging and logout functions.
// UK lang variables
tinyMCE.addToLang('',{
bold_desc : 'Bold (Ctrl+B)',
italic_desc : 'Italic (Ctrl+I)',
underline_desc : 'Underline (Ctrl+U)',
striketrough_desc : 'Strikethrough',
justifyleft_desc : 'Align left',
justifycenter_desc : 'Align center',
justifyright_desc : 'Align right',
justifyfull_desc : 'Align full',
bullist_desc : 'Unordered list',
numlist_desc : 'Ordered list',
outdent_desc : 'Outdent',
indent_desc : 'Indent',
undo_desc : 'Undo (Ctrl+Z)',
redo_desc : 'Redo (Ctrl+Y)',
link_desc : 'Insert/edit link',
unlink_desc : 'Unlink',
image_desc : 'Insert/edit image',
cleanup_desc : 'Cleanup messy code',
focus_alert : 'A editor instance must be focused before using this command.',
edit_confirm : 'Do you want to use the WYSIWYG mode for this textarea?',
insert_link_title : 'Insert/edit link',
insert : 'Insert',
update : 'Update',
cancel : 'Cancel',
insert_link_url : 'Link URL',
insert_link_target : 'Target',
insert_link_target_same : 'Open link in the same window',
insert_link_target_blank : 'Open link in a new window',
insert_image_title : 'Insert/edit image',
insert_image_src : 'Image URL',
insert_image_alt : 'Image description',
help_desc : 'Help',
bold_img : "bold.gif",
italic_img : "italic.gif",
underline_img : "underline.gif",
clipboard_msg : 'Copy/Cut/Paste is not available in Mozilla and Firefox.\nDo you want more information about this issue?',
popup_blocked : 'Sorry, but we have noticed that your popup-blocker has disabled a window that provides application functionality. You will need to disable popup blocking on this site in order to fully utilize this tool.'
});