diff options
author | Vinzenz Rosenkranz <vinzenz.rosenkranz@uni-tuebingen.de> | 2017-11-08 12:28:47 +0300 |
---|---|---|
committer | Vinzenz Rosenkranz <vinzenz.rosenkranz@uni-tuebingen.de> | 2017-11-08 12:28:47 +0300 |
commit | 6cddcd9163ecb1eab2fe4f308b63855da842c5ce (patch) | |
tree | 6ffdbf73937e7a9f3a8741fd8524cf478d94df56 /lib | |
parent | 16b39a63e1485f2677da3e4b5fc39004817603d9 (diff) |
use p() again, remove html tags from title and desc
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Controller/PageController.php | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php index cecc30be..9d33540f 100644 --- a/lib/Controller/PageController.php +++ b/lib/Controller/PageController.php @@ -324,8 +324,8 @@ class PageController extends Controller { $hideNames ) { $event = $this->eventMapper->find($pollId); - $event->setTitle(htmlspecialchars($pollTitle)); - $event->setDescription(htmlspecialchars($pollDesc)); + $event->setTitle(htmlspecialchars(strip_tags($pollTitle))); + $event->setDescription(htmlspecialchars(strip_tags($pollDesc))); $event->setIsAnonymous($isAnonymous ? 1 : 0); $event->setFullAnonymous($isAnonymous && $hideNames ? 1 : 0); @@ -424,8 +424,8 @@ class PageController extends Controller { $hideNames ) { $event = new Event(); - $event->setTitle(htmlspecialchars($pollTitle)); - $event->setDescription(htmlspecialchars($pollDesc)); + $event->setTitle(htmlspecialchars(strip_tags($pollTitle))); + $event->setDescription(htmlspecialchars(strip_tags($pollDesc))); $event->setOwner($userId); $event->setCreated(date('Y-m-d H:i:s')); $event->setHash(\OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(16, |