diff options
| author | neoraider <devnull@localhost> | 2006-04-18 21:57:05 +0200 |
|---|---|---|
| committer | neoraider <devnull@localhost> | 2006-04-18 21:57:05 +0200 |
| commit | c7f6fd8ff1bc6c46ffbb157446939f12e5d6e12f (patch) | |
| tree | 58ad553494bb9a3ab821a08ef23e171ed4623189 | |
| parent | bb6425e2a811445cde6c502d79c2904251393948 (diff) | |
| download | bbcode-c7f6fd8ff1bc6c46ffbb157446939f12e5d6e12f.tar bbcode-c7f6fd8ff1bc6c46ffbb157446939f12e5d6e12f.zip | |
Ein paar unn?tige Aufrufe von strtr durch htmlspecialchars ersetzt.
| -rw-r--r-- | pages/editor/bbcode.xml | 8 | ||||
| -rw-r--r-- | templates/bbcode.inc.php | 2 |
2 files changed, 5 insertions, 5 deletions
diff --git a/pages/editor/bbcode.xml b/pages/editor/bbcode.xml index 3dcc901..198d433 100644 --- a/pages/editor/bbcode.xml +++ b/pages/editor/bbcode.xml @@ -10,22 +10,22 @@ <code> <![CDATA[ <?PHP - require_once('code/links.inc.php') + require_once('code/links.inc.php'); $title = 'Edit \'' . $data['_data']['_page'] . '\''; echo '<h2>' . $title . '</h2>'; ?> -<form method="post" action="<?PHP echo $GLOBALS['links']->GetNeonLink('Pages:Edit:Do'); ?>"> +<form method="post" action="<?PHP echo $GLOBALS['links']->GetNeonLink('Pages:Edit'); ?>"> <input type="hidden" name="name" value="<?PHP echo $data['_data']['_page'] ?>" /> <input type="hidden" name="type" value="<?PHP echo $data['_data']['_type']; ?>" /> <input type="hidden" name="backlink" value="<?PHP echo htmlspecialchars($data['_backlink']); ?>" /> Titel: <input type="text" name="data_title" value="<?PHP - echo strtr($data['_data']['title'], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + echo htmlspecialchars($data['_data']['title']); ?>" size="70" /><br /> <textarea name="data_code" class="pageedit spaced-top spaced-bottom" rows="25" cols="70"><?PHP - echo strtr($data['_data']['code'], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + echo htmlspecialchars($data['_data']['code']); ?></textarea><br /> <input type="submit" value="Änderungen übernehmen" /> <input type="submit" name="back" value="Zurück" /> diff --git a/templates/bbcode.inc.php b/templates/bbcode.inc.php index e04d575..8a41d46 100644 --- a/templates/bbcode.inc.php +++ b/templates/bbcode.inc.php @@ -7,7 +7,7 @@ class bbcode_template { function Get($data) { if($data['title']) - $title = strtr($data['title'], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $title = htmlspecialchars($data['title']); else $title = strtr($data['_page'], array(':' => ' - ')); $content = '<h2>' . $title . '</h2>' . $GLOBALS['bbcode']->Parse($data['code']); |