Menu
▾
▴
[phpBT-dev] CVS: phpbt bug.php,1.87,1.88
|
From: Benjamin C. <bc...@us...> - 2002-03-26 17:21:22
|
Update of /cvsroot/phpbt/phpbt
In directory usw-pr-cvs1:/tmp/cvs-serv23124
Modified Files:
bug.php
Log Message:
Handle html chars
Index: bug.php
===================================================================
RCS file: /cvsroot/phpbt/phpbt/bug.php,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -r1.87 -r1.88
--- bug.php 21 Mar 2002 13:44:54 -0000 1.87
+++ bug.php 26 Mar 2002 17:21:19 -0000 1.88
@@ -554,8 +554,8 @@
$t->set_var(array(
'bugid' => $bugid,
'TITLE' => $TITLE['editbug'],
- 'title' => stripslashes($row['title']),
- 'description' => stripslashes($row['description']),
+ 'title' => htmlentities(stripslashes($row['title'])),
+ 'description' => htmlentities(stripslashes($row['description'])),
'url' => $row['url'],
'urllabel' => $row['url'] ? "<a href='{$row['url']}'>URL</a>" : 'URL',
'severity' => build_select('severity',$row['severity_id']),
@@ -577,8 +577,9 @@
'TITLE' => $TITLE['enterbug'],
'error' => $error,
'bugid' => $bugid,
- 'title' => isset($title) ? stripslashes($title) : '',
- 'description' => isset($description) ? stripslashes($description) : '',
+ 'title' => isset($title) ? htmlentities(stripslashes($title)) : '',
+ 'description' => isset($description) ?
+ htmlentities(stripslashes($description)) : '',
'url' => isset($url) ? $url : 'http://',
'urllabel' => isset($url) ? "<a href='$url'>URL</a>" : 'URL',
'severity' => build_select('severity',(isset($severity) ? $severity : 0)),
@@ -754,8 +755,8 @@
'vote_error' => isset($error['vote']) ? "<div class=\"error\">{$error['vote']}</div>" : '',
'bugid' => $bugid,
'TITLE' => "{$TITLE['editbug']} #$bugid",
- 'title' => stripslashes($row['title']),
- 'description' => nl2br(stripslashes($row['description'])),
+ 'title' => htmlentities(stripslashes($row['title'])),
+ 'description' => nl2br(htmlentities(stripslashes($row['description']))),
'url' => $row['url'],
'urllabel' => $row['url'] ? "<a href='{$row['url']}'>URL</a>" : 'URL',
'severity' => build_select('severity',$row['severity_id']),
|
