encode special chars

author Barış Metin <Talip-Baris.Metin@sophia.inria.fr>

Thu, 10 Jun 2010 16:09:53 +0000 (18:09 +0200)

committer Barış Metin <Talip-Baris.Metin@sophia.inria.fr>

Thu, 10 Jun 2010 16:09:53 +0000 (18:09 +0200)
author Barış Metin <Talip-Baris.Metin@sophia.inria.fr>
Thu, 10 Jun 2010 16:09:53 +0000 (18:09 +0200)
committer Barış Metin <Talip-Baris.Metin@sophia.inria.fr>
Thu, 10 Jun 2010 16:09:53 +0000 (18:09 +0200)
diff --git a/plekit/php/linetabs.php b/plekit/php/linetabs.php

index ce5e808..d2be029 100644 (file)
--- a/plekit/php/linetabs.php
+++ b/plekit/php/linetabs.php
@@ -95,10 +95,10 @@ function plekit_linetabs ($tabs, $id=NULL) {
      } else {
        $type="type='button' value='$label'";
      }
-    $bubble=$todo['bubble'];
+    $bubble=htmlspecialchars($todo['bubble'], ENT_QUOTES);
      print "<span title='$bubble'>";
      $message="";
-    if ($todo['confirm']) $message=$todo['confirm'] . " ?";
+    if ($todo['confirm']) $message=htmlspecialchars($todo['confirm'], ENT_QUOTES) . " ?";
      print "<input $tracer $type onclick='linetabs_namespace.submit(\"$id\",\"$message\")' />";
      print "</span>";
      print "</fieldset></form></li>\n";
author	Barış Metin <Talip-Baris.Metin@sophia.inria.fr>
	Thu, 10 Jun 2010 16:09:53 +0000 (18:09 +0200)
committer	Barış Metin <Talip-Baris.Metin@sophia.inria.fr>
	Thu, 10 Jun 2010 16:09:53 +0000 (18:09 +0200)