feature 1729: protect thumbnail title against HTML special chars

git-svn-id: http://piwigo.org/svn/trunk@11998 68402e56-0260-453c-a942-63ccdbb3a9ee
Piwigo · Aug 26, 2011 · 540c1d5 · 540c1d5
1 parent 12ec1dc
commit 540c1d5
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/include/functions.inc.php b/include/functions.inc.php
@@ -818,7 +818,7 @@ function get_thumbnail_title($info)
     $title.= ' '.substr($info['comment'], 0, 100).'...';
   }
 
-  $title = strip_tags($title);
+  $title = htmlspecialchars(strip_tags($title));
 
   $title = trigger_event('get_thumbnail_title', $title, $info);