</p>
<form action="/cgi-bin/koha/reports/guided_reports.pl" method="post">
-<input type="hidden" name="sql" value="<!-- TMPL_VAR NAME="sql" -->" />
+<input type="hidden" name="sql" value="<!-- TMPL_VAR NAME="sql" ESCAPE="html" -->" />
<input type="hidden" name="type" value="<!-- TMPL_VAR NAME="type" -->" />
<p>You will need to save the report before you can execute it</p>
<fieldset class="action"><input type="hidden" name="phase" value="Save" />
<!-- TMPL_IF NAME="save" -->
<form action="/cgi-bin/koha/reports/guided_reports.pl" method="post">
-<input type="hidden" name="sql" value="<!-- TMPL_VAR NAME="sql" -->" />
+<input type="hidden" name="sql" value="<!-- TMPL_VAR NAME="sql" ESCAPE="html" -->" />
<input type="hidden" name="type" value="<!-- TMPL_VAR NAME="type" -->" />
<fieldset class="rows">
<legend>Save Your Custom Report</legend>
<!-- /TMPL_IF -->
<!-- /TMPL_LOOP -->
</div>
-<fieldset class="action"><input type="hidden" name="phase" value="Use saved" />
-<input type="submit" name="submit" value="Saved Reports" /></fieldset>
+<input type="hidden" name="sql" value="<!-- TMPL_VAR NAME="sql" ESCAPE="html" -->" />
+<input type="hidden" name="reportname" value="<!-- TMPL_VAR NAME="reportname" -->" />
+<input type="hidden" name="type" value="<!-- TMPL_VAR NAME="type" -->" />
+<input type="hidden" name="notes" value="<!-- TMPL_VAR NAME="notes" -->" />
+<fieldset class="action"><input type="hidden" name="phase" value="Create report from SQL" />
+<input type="submit" name="submit" value="Edit SQL" /></fieldset>
</form>
<!-- /TMPL_IF -->