From: Glenn H. <thr...@us...> - 2004-12-17 02:42:31
|
Update of /cvsroot/mantisbt/mantisbt/core In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv15111/core Modified Files: custom_function_api.php my_view_inc.php Log Message: fix for 0004983: <pre>HTML should not be allowed in the Summary field, even if it is part of the allowed HTML list in the configuration</pre> Index: custom_function_api.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/core/custom_function_api.php,v retrieving revision 1.10 retrieving revision 1.11 diff -u -d -r1.10 -r1.11 --- custom_function_api.php 1 Dec 2004 13:10:39 -0000 1.10 +++ custom_function_api.php 17 Dec 2004 02:42:09 -0000 1.11 @@ -31,7 +31,7 @@ # Prints one entry in the changelog. function custom_function_default_changelog_print_issue( $p_issue_id ) { $t_bug = bug_get( $p_issue_id ); - echo '- ', string_get_bug_view_link( $p_issue_id ), ': <b>[', $t_bug->category, ']</b> ', string_display( $t_bug->summary ); + echo '- ', string_get_bug_view_link( $p_issue_id ), ': <b>[', $t_bug->category, ']</b> ', string_attribute( $t_bug->summary ); if ( $t_bug->handler_id != 0 ) { echo ' (', prepare_user_name( $t_bug->handler_id ), ')'; Index: my_view_inc.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/core/my_view_inc.php,v retrieving revision 1.4 retrieving revision 1.5 diff -u -d -r1.4 -r1.5 --- my_view_inc.php 11 Aug 2004 09:22:23 -0000 1.4 +++ my_view_inc.php 17 Dec 2004 02:42:10 -0000 1.5 @@ -223,7 +223,7 @@ <td class="left" valign="top" width="100%"> <span class="small"> <?php - echo $v_summary; + echo string_attribute( $v_summary ); ?> <br /> <?php |