Changeset 6713 for branches/2.1/admin/element_set_unit.php

Timestamp:

Jul 27, 2010, 2:37:12 PM (14 years ago)

Author:

plg

Message:

bug 1757 fixed: ability to use HTML in author field

File:

• branches/2.1/admin/element_set_unit.php (modified) (2 diffs)

branches/2.1/admin/element_set_unit.php

@@ -68 +68 @@
     $data['level'] = $_POST['level-'.$row['id']];
 
-    foreach (array('name', 'author', 'level') as $field)
+    foreach (array('name', 'level') as $field)
     {
       if (!empty($_POST[$field.'-'.$row['id']]))
@@ -239 +239 @@
             '&image_id='.$row['id'],
         'NAME' => !empty($row['name'])?$row['name']:'',
-        'AUTHOR' => !empty($row['author'])?$row['author']:'',
+        'AUTHOR' => !empty($row['author'])?htmlspecialchars($row['author']):'',
         'LEVEL' => !empty($row['level'])?$row['level']:'0',
         'DESCRIPTION' => !empty($row['comment'])?$row['comment']:'',