diff options
| author | Andrew Dolgov <[email protected]> | 2012-10-22 01:19:06 +0400 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2012-10-22 01:19:11 +0400 |
| commit | 5c5689734955ced9ca81690ad9c1b76b71a8712a (patch) | |
| tree | cf5222c861ffa4906e96e99d8345eec081ee47c9 /classes | |
| parent | 008ebad92815685c7d43125941e16dba1f135946 (diff) | |
properly escape article link/PTITLEs (refs #472)
Diffstat (limited to 'classes')
| -rw-r--r-- | classes/feeds.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/classes/feeds.php b/classes/feeds.php index 31224d1db..5280502c4 100644 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -503,7 +503,7 @@ class Feeds extends Handler_Protected { $reply['content'] .= "</div>";
$reply['content'] .= "<div id=\"PTITLE-FULL-$id\" style=\"display : none\">" .
- strip_tags($line['title']) . "</div>";
+ htmlspecialchars(strip_tags($line['title'])) . "</div>";
$reply['content'] .= "<span id=\"RTITLE-$id\"
onclick=\"return cdmClicked(event, $id);\"
|