diff options
author | Andrew Dolgov <[email protected]> | 2010-11-09 13:14:59 +0300 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2010-11-09 13:15:26 +0300 |
commit | 10249c41b763a373926d9b1f78b7b8cef68e411b (patch) | |
tree | f969dd9850b6c6ad9db3896d81d06ad7824dd6ad /modules/pref-filters.php | |
parent | 3acc0da647b27a78d65c01ca98e6201d14b021c6 (diff) |
properly handle on-the-fly adding of labels
Diffstat (limited to 'modules/pref-filters.php')
-rw-r--r-- | modules/pref-filters.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/modules/pref-filters.php b/modules/pref-filters.php index c629f9c18..18d25a82f 100644 --- a/modules/pref-filters.php +++ b/modules/pref-filters.php @@ -523,14 +523,14 @@ $result = db_query($link, "SELECT caption FROM ttrss_labels2 WHERE owner_uid = '".$_SESSION["uid"]."' ORDER BY caption"); - print "<select default=\"$value\" name=\"$name\" style=\"$style\" - onchange=\"labelSelectOnChange(this)\" >"; + print "<select default=\"$value\" name=\"" . htmlspecialchars($name) . + "\" style=\"$style\" onchange=\"labelSelectOnChange(this)\" >"; while ($line = db_fetch_assoc($result)) { - $issel = ($line["caption"] == $value) ? "selected" : ""; + $issel = ($line["caption"] == $value) ? "selected=\"1\"" : ""; - print "<option $issel>" . $line["caption"] . "</option>"; + print "<option $issel>" . htmlspecialchars($line["caption"]) . "</option>"; } |