diff options
Diffstat (limited to 'modules/pref-filters.php')
-rw-r--r-- | modules/pref-filters.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/modules/pref-filters.php b/modules/pref-filters.php index c629f9c18..18d25a82f 100644 --- a/modules/pref-filters.php +++ b/modules/pref-filters.php @@ -523,14 +523,14 @@ $result = db_query($link, "SELECT caption FROM ttrss_labels2 WHERE owner_uid = '".$_SESSION["uid"]."' ORDER BY caption"); - print "<select default=\"$value\" name=\"$name\" style=\"$style\" - onchange=\"labelSelectOnChange(this)\" >"; + print "<select default=\"$value\" name=\"" . htmlspecialchars($name) . + "\" style=\"$style\" onchange=\"labelSelectOnChange(this)\" >"; while ($line = db_fetch_assoc($result)) { - $issel = ($line["caption"] == $value) ? "selected" : ""; + $issel = ($line["caption"] == $value) ? "selected=\"1\"" : ""; - print "<option $issel>" . $line["caption"] . "</option>"; + print "<option $issel>" . htmlspecialchars($line["caption"]) . "</option>"; } |