summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--pages/editor/bbcode.xml8
-rw-r--r--templates/bbcode.inc.php2
2 files changed, 5 insertions, 5 deletions
diff --git a/pages/editor/bbcode.xml b/pages/editor/bbcode.xml
index 3dcc901..198d433 100644
--- a/pages/editor/bbcode.xml
+++ b/pages/editor/bbcode.xml
@@ -10,22 +10,22 @@
<code>
<![CDATA[
<?PHP
- require_once('code/links.inc.php')
+ require_once('code/links.inc.php');
$title = 'Edit \'' . $data['_data']['_page'] . '\'';
echo '<h2>' . $title . '</h2>';
?>
-<form method="post" action="<?PHP echo $GLOBALS['links']->GetNeonLink('Pages:Edit:Do'); ?>">
+<form method="post" action="<?PHP echo $GLOBALS['links']->GetNeonLink('Pages:Edit'); ?>">
<input type="hidden" name="name" value="<?PHP echo $data['_data']['_page'] ?>" />
<input type="hidden" name="type" value="<?PHP echo $data['_data']['_type']; ?>" />
<input type="hidden" name="backlink" value="<?PHP echo htmlspecialchars($data['_backlink']); ?>" />
Titel: <input type="text" name="data_title" value="<?PHP
- echo strtr($data['_data']['title'], array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+ echo htmlspecialchars($data['_data']['title']);
?>" size="70" /><br />
<textarea name="data_code" class="pageedit spaced-top spaced-bottom" rows="25" cols="70"><?PHP
- echo strtr($data['_data']['code'], array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+ echo htmlspecialchars($data['_data']['code']);
?></textarea><br />
<input type="submit" value="Änderungen übernehmen" />
<input type="submit" name="back" value="Zurück" />
diff --git a/templates/bbcode.inc.php b/templates/bbcode.inc.php
index e04d575..8a41d46 100644
--- a/templates/bbcode.inc.php
+++ b/templates/bbcode.inc.php
@@ -7,7 +7,7 @@
class bbcode_template {
function Get($data) {
if($data['title'])
- $title = strtr($data['title'], array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+ $title = htmlspecialchars($data['title']);
else
$title = strtr($data['_page'], array(':' => ' - '));
$content = '<h2>' . $title . '</h2>' . $GLOBALS['bbcode']->Parse($data['code']);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 07:58:31 +0100