]> gitweb.fluxo.info Git - lorea/elgg.git/commitdiff
projects / lorea / elgg.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0767904)
Closes #1113: Htmlentities made UTF-8 and quotes safe.
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Thu, 9 Jul 2009 09:08:37 +0000 (09:08 +0000)
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>
Thu, 9 Jul 2009 09:08:37 +0000 (09:08 +0000)
git-svn-id: https://code.elgg.org/elgg/trunk@3399 36083f99-b078-4883-b0ff-0f9b5a30f544

views/default/canvas/layouts/widgets.php patch | blob | history

diff --git a/views/default/canvas/layouts/widgets.php b/views/default/canvas/layouts/widgets.php
index 8b77898519049a9e7b030092b558371b84a2c36f..22e7bd8dd43f7fdd405775fddd4a3d27cc98efb3 100644 (file)
--- a/views/default/canvas/layouts/widgets.php
+++ b/views/default/canvas/layouts/widgets.php
@@ -50,8 +50,8 @@
                <input type="hidden" name="multiple" value="<?php if ((isset($widget->handler)) && (isset($widgettypes[$widget->handler]->multiple))) echo $widgettypes[$widget->handler]->multiple; ?>" />
                <input type="hidden" name="side" value="<?php if ((isset($widget->handler)) && (isset($widgettypes[$widget->handler])) && (is_array($widgettypes[$widget->handler]->positions))) echo in_array('side',$widgettypes[$widget->handler]->positions); ?>" />
                <input type="hidden" name="main" value="<?php if ((isset($widget->handler)) && (isset($widgettypes[$widget->handler])) && (is_array($widgettypes[$widget->handler]->positions))) echo in_array('main',$widgettypes[$widget->handler]->positions); ?>" />
-               <input type="hidden" name="handler" value="<?php echo htmlentities($handler); ?>" />
-               <input type="hidden" name="description" value="<?php echo htmlentities($widget->description, null, 'UTF-8'); ?>" />
+               <input type="hidden" name="handler" value="<?php echo htmlentities($handler, ENT_QUOTES, 'UTF-8'); ?>" />
+               <input type="hidden" name="description" value="<?php echo htmlentities($widget->description, ENT_QUOTES, 'UTF-8'); ?>" />
                <input type="hidden" name="guid" value="0" />
        </h3>
 </td>
@@ -118,7 +118,7 @@
                                <input type="hidden" name="multiple" value="<?php echo $widgettypes[$widget->handler]->multiple; ?>" />
                                <input type="hidden" name="side" value="<?php echo in_array('side',$widgettypes[$widget->handler]->positions); ?>" />
                                <input type="hidden" name="main" value="<?php echo in_array('main',$widgettypes[$widget->handler]->positions); ?>" />
-                               <input type="hidden" name="description" value="<?php echo htmlentities($widgettypes[$widget->handler]->description); ?>" />
+                               <input type="hidden" name="description" value="<?php echo htmlentities($widgettypes[$widget->handler]->description, ENT_QUOTES, 'UTF-8'); ?>" />
                                <input type="hidden" name="guid" value="<?php echo $widget->getGUID(); ?>" />
                        </h3>
                </td>
@@ -163,7 +163,7 @@
                <input type="hidden" name="multiple" value="<?php echo $widgettypes[$widget->handler]->multiple; ?>" />
                <input type="hidden" name="side" value="<?php echo in_array('side',$widgettypes[$widget->handler]->positions); ?>" />
                <input type="hidden" name="main" value="<?php echo in_array('main',$widgettypes[$widget->handler]->positions); ?>" />
-               <input type="hidden" name="description" value="<?php echo htmlentities($widgettypes[$widget->handler]->description); ?>" />
+               <input type="hidden" name="description" value="<?php echo htmlentities($widgettypes[$widget->handler]->description, ENT_QUOTES, 'UTF-8'); ?>" />
                <input type="hidden" name="guid" value="<?php echo $widget->getGUID(); ?>" />
        </h3>
 </td>
@@ -204,7 +204,7 @@
                <input type="hidden" name="multiple" value="<?php echo $widgettypes[$widget->handler]->multiple; ?>" />
                <input type="hidden" name="side" value="<?php echo in_array('side',$widgettypes[$widget->handler]->positions); ?>" />
                <input type="hidden" name="main" value="<?php echo in_array('main',$widgettypes[$widget->handler]->positions); ?>" />
-               <input type="hidden" name="description" value="<?php echo htmlentities($widgettypes[$widget->handler]->description); ?>" />
+               <input type="hidden" name="description" value="<?php echo htmlentities($widgettypes[$widget->handler]->description, ENT_QUOTES, 'UTF-8'); ?>" />
                <input type="hidden" name="guid" value="<?php echo $widget->getGUID(); ?>" />
        </h3>
 </td>
Social Networking Engine