Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/polls.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorVinzenz Rosenkranz <vinzenz.rosenkranz@uni-tuebingen.de>2017-11-08 12:28:47 +0300
committerVinzenz Rosenkranz <vinzenz.rosenkranz@uni-tuebingen.de>2017-11-08 12:28:47 +0300
commit6cddcd9163ecb1eab2fe4f308b63855da842c5ce (patch)
tree6ffdbf73937e7a9f3a8741fd8524cf478d94df56 /lib
parent16b39a63e1485f2677da3e4b5fc39004817603d9 (diff)
use p() again, remove html tags from title and desc
Diffstat (limited to 'lib')
-rw-r--r--lib/Controller/PageController.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/Controller/PageController.php b/lib/Controller/PageController.php
index cecc30be..9d33540f 100644
--- a/lib/Controller/PageController.php
+++ b/lib/Controller/PageController.php
@@ -324,8 +324,8 @@ class PageController extends Controller {
$hideNames
) {
$event = $this->eventMapper->find($pollId);
- $event->setTitle(htmlspecialchars($pollTitle));
- $event->setDescription(htmlspecialchars($pollDesc));
+ $event->setTitle(htmlspecialchars(strip_tags($pollTitle)));
+ $event->setDescription(htmlspecialchars(strip_tags($pollDesc)));
$event->setIsAnonymous($isAnonymous ? 1 : 0);
$event->setFullAnonymous($isAnonymous && $hideNames ? 1 : 0);
@@ -424,8 +424,8 @@ class PageController extends Controller {
$hideNames
) {
$event = new Event();
- $event->setTitle(htmlspecialchars($pollTitle));
- $event->setDescription(htmlspecialchars($pollDesc));
+ $event->setTitle(htmlspecialchars(strip_tags($pollTitle)));
+ $event->setDescription(htmlspecialchars(strip_tags($pollDesc)));
$event->setOwner($userId);
$event->setCreated(date('Y-m-d H:i:s'));
$event->setHash(\OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(16,
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 22:51:04 +0300