From: Barış Metin <Talip-Baris.Metin@sophia.inria.fr>
Date: Thu, 10 Jun 2010 16:09:53 +0000 (+0200)
Subject: encode special chars
X-Git-Tag: plewww-4.3-45~1
X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=d180de224e9fc3c3a8e4647204520d1eaffb0fb4;p=plewww.git

encode special chars
---

diff --git a/plekit/php/linetabs.php b/plekit/php/linetabs.php
index ce5e808..d2be029 100644
--- a/plekit/php/linetabs.php
+++ b/plekit/php/linetabs.php
@@ -95,10 +95,10 @@ function plekit_linetabs ($tabs, $id=NULL) {
     } else {
       $type="type='button' value='$label'";
     }
-    $bubble=$todo['bubble'];
+    $bubble=htmlspecialchars($todo['bubble'], ENT_QUOTES);
     print "<span title='$bubble'>";
     $message="";
-    if ($todo['confirm']) $message=$todo['confirm'] . " ?";
+    if ($todo['confirm']) $message=htmlspecialchars($todo['confirm'], ENT_QUOTES) . " ?";
     print "<input $tracer $type onclick='linetabs_namespace.submit(\"$id\",\"$message\")' />";
     print "</span>";
     print "</fieldset></form></li>\n";