diff options
author | Lukas Reschke <lukas@statuscode.ch> | 2013-02-12 14:03:58 +0400 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2013-02-12 14:03:58 +0400 |
commit | 1fbb89a661abfb1ebbafee5fb8d72bd2fcde73a1 (patch) | |
tree | 78dac4b097075e1a16cb5a30af0b7eae564a032c | |
parent | 74e73bc8021b71cc3b89ea6ca204e1cab42257c3 (diff) |
[external] Encode HTML
-rw-r--r-- | apps/external/templates/settings.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/external/templates/settings.php b/apps/external/templates/settings.php index b8139727eb6..38d7ab27e26 100644 --- a/apps/external/templates/settings.php +++ b/apps/external/templates/settings.php @@ -6,8 +6,8 @@ <?php $sites = OC_External::getSites(); for($i = 0; $i < sizeof($sites); $i++) { - echo '<li><input type="text" name="site_name[]" class="site_name" value="'.$sites[$i][0].'" placeholder="'.$l->t('Name').'" /> - <input type="text" class="site_url" name="site_url[]" value="'.$sites[$i][1].'" placeholder="'.$l->t('URL').'" /> + echo '<li><input type="text" name="site_name[]" class="site_name" value="'.OC_Util::sanitizeHTML($sites[$i][0]).'" placeholder="'.$l->t('Name').'" /> + <input type="text" class="site_url" name="site_url[]" value="'.OC_Util::sanitizeHTML($sites[$i][1]).'" placeholder="'.$l->t('URL').'" /> <img class="svg action delete_button" src="'.OCP\image_path("", "actions/delete.svg") .'" title="'.$l->t("Remove site").'" /> </li>'; } |