Ignore:
Timestamp:
Apr 22, 2006, 5:25:59 PM (18 years ago)
Author:
chrisaga
Message:
  • improve : add some htmlentities() to clean category names and descripion. Still more to do.
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/include/functions_html.inc.php

    r1201 r1259  
    451451      $menu.= ' rel="up"';
    452452    }
    453     $menu.= '>'.$category['name'].'</a>';
     453    $menu.= '>'.htmlentities($category['name'],ENT_QUOTES).'</a>';
    454454
    455455    if ($category['nb_images'] > 0)
     
    501501  $content = preg_replace($pattern, $replacement, $content);
    502502
    503   $content = '<div>'.$content.'</div>';
     503  $content = '<div>'.htmlentities($content,ENT_QUOTES).'</div>';
    504504  return $content;
    505505}
     
    551551    $output.=
    552552      ' />'
    553       .' '.$tag['name']
     553      .' '. htmlentities($tag['name'],ENT_QUOTES)
    554554      .'</label>'
    555555      .'</li>'
Note: See TracChangeset for help on using the changeset viewer.