aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorplegall <plg@piwigo.org>2011-08-26 12:20:51 +0000
committerplegall <plg@piwigo.org>2011-08-26 12:20:51 +0000
commit540c1d5aa0eadcab446f6e71b5b25f8c9c165ac4 (patch)
treed92f12c18521e93d4b4d77cadca9e0f81b7f1f2e /include
parent12ec1dcf5b47eb1df9e2a9a5ccef497d85090a31 (diff)
feature 1729: protect thumbnail title against HTML special chars
git-svn-id: http://piwigo.org/svn/trunk@11998 68402e56-0260-453c-a942-63ccdbb3a9ee
Diffstat (limited to 'include')
-rw-r--r--include/functions.inc.php2
1 files changed, 1 insertions, 1 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index fb0671e6b..25cce8b70 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -818,7 +818,7 @@ function get_thumbnail_title($info)
$title.= ' '.substr($info['comment'], 0, 100).'...';
}
- $title = strip_tags($title);
+ $title = htmlspecialchars(strip_tags($title));
$title = trigger_event('get_thumbnail_title', $title, $info);