gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-02-11 17:44:56 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

- call htmlspecialchars() before output

Browse Source
This commit is contained in:
steinm 2011-12-03 11:08:26 +00:00
parent a027d7c962
commit 5cf50ab13e
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
inc/inc.Utils.php
View File

@ -261,11 +261,11 @@ function _add_log_line($msg="") { /* {{{ */
for ($i = 0; $i < count($path); $i++) {
if ($i +1 < count($path)) {
$txtpath .= "<a href=\"../out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\">".
$path[$i]->getName()."</a> / ";
htmlspecialchars($path[$i]->getName())."</a> / ";
}
else {
$txtpath .= ($tagAll ? "<a href=\"../out/out.ViewFolder.php?folderid=".$path[$i]->getID()."&showtree=".showtree()."\">".
$path[$i]->getName()."</a>" : $path[$i]->getName());
htmlspecialchars($path[$i]->getName())."</a>" : htmlspecialchars($path[$i]->getName()));
}
}
return $txtpath;