diff options
| author | chrisaga <chrisaga@piwigo.org> | 2006-04-22 15:25:59 +0000 |
|---|---|---|
| committer | chrisaga <chrisaga@piwigo.org> | 2006-04-22 15:25:59 +0000 |
| commit | 456b2bda5a2c931646d537ca3202b25c78c14e16 (patch) | |
| tree | ea87ae046347496096a7752f57ac1c1f71311dc8 /include/functions_html.inc.php | |
| parent | 5ee3924189668f7deee4c0e69dc9ed8c438e383c (diff) | |
- improve : add some htmlentities() to clean category names and descripion. Still more to do.
git-svn-id: http://piwigo.org/svn/trunk@1259 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to '')
| -rw-r--r-- | include/functions_html.inc.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/include/functions_html.inc.php b/include/functions_html.inc.php index 3afed2322..21784654b 100644 --- a/include/functions_html.inc.php +++ b/include/functions_html.inc.php @@ -450,7 +450,7 @@ function get_html_menu_category($categories) { $menu.= ' rel="up"'; } - $menu.= '>'.$category['name'].'</a>'; + $menu.= '>'.htmlentities($category['name'],ENT_QUOTES).'</a>'; if ($category['nb_images'] > 0) { @@ -500,7 +500,7 @@ function parse_comment_content($content) $replacement = '<span style="font-style:italic;">$1$2</span>'; $content = preg_replace($pattern, $replacement, $content); - $content = '<div>'.$content.'</div>'; + $content = '<div>'.htmlentities($content,ENT_QUOTES).'</div>'; return $content; } @@ -550,7 +550,7 @@ function get_html_tag_selection( $output.= ' />' - .' '.$tag['name'] + .' '. htmlentities($tag['name'],ENT_QUOTES) .'</label>' .'</li>' ."\n" |