diff options
| author | neoraider <devnull@localhost> | 2006-04-18 21:57:05 +0200 |
|---|---|---|
| committer | neoraider <devnull@localhost> | 2006-04-18 21:57:05 +0200 |
| commit | 8657d3fb5cbd25f78bc668ea9a0a8b17913dd490 (patch) | |
| tree | 4d4f15af80bf0bad4027e288f867767daea108cc /pages/content/Users:Handle.xml | |
| parent | 7b622dca2d4a24221202d85c15ba68d0974b432c (diff) | |
| download | neon-8657d3fb5cbd25f78bc668ea9a0a8b17913dd490.tar neon-8657d3fb5cbd25f78bc668ea9a0a8b17913dd490.zip | |
Ein paar unn?tige Aufrufe von strtr durch htmlspecialchars ersetzt.
Diffstat (limited to 'pages/content/Users:Handle.xml')
| -rw-r--r-- | pages/content/Users:Handle.xml | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/pages/content/Users:Handle.xml b/pages/content/Users:Handle.xml index abed354..69339bc 100644 --- a/pages/content/Users:Handle.xml +++ b/pages/content/Users:Handle.xml @@ -28,7 +28,7 @@ $res = $GLOBALS['db']->Execute('SELECT * FROM groups ORDER BY name'); while($group = $res->FetchRow()) { - echo '<option value="' . $group[0] . '">' . strtr($group[1], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')) . '</option>'; + echo '<option value="' . $group[0] . '">' . htmlspecialchars($group[1]) . '</option>'; } ?> </select><br /> @@ -43,7 +43,7 @@ } elseif(isset($_POST['group'])) { if($_POST['id']) { - $name = strtr($GLOBALS['user']->GetName($_POST['id']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars($GLOBALS['user']->GetName($_POST['id'])); $gid = $GLOBALS['user']->GetGid($_POST['id']); $title = 'Gruppe von \'' . $name . '\' ändern'; @@ -63,7 +63,7 @@ foreach($groups as $group) { echo '<option value="' . $group[0] . '"'; if($group[0] == $gid) echo ' selected="selected"'; - echo '>' . strtr($group[1], array('<' => '<', '>' => '>', '&' => '&', '"' => '"')) . '</option>'; + echo '>' . htmlspecialchars($group[1]) . '</option>'; } echo '</select><br />'; @@ -75,7 +75,7 @@ } elseif(isset($_POST['password'])) { if($_POST['id']) { - $name = strtr($GLOBALS['user']->GetName($_POST['id']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars($GLOBALS['user']->GetName($_POST['id'])); $title = 'Passwort von \'' . $name . '\' ändern'; @@ -94,7 +94,7 @@ } elseif(isset($_POST['rename'])) { if($_POST['id']) { - $name = strtr($GLOBALS['user']->GetName($_POST['id']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars($GLOBALS['user']->GetName($_POST['id'])); $title = '\'' . $name . '\' umbenennen'; @@ -111,7 +111,7 @@ } elseif(isset($_POST['delete'])) { if($_POST['id']) { - $name = strtr($GLOBALS['user']->GetName($_POST['id']), array('<' => '<', '>' => '>', '&' => '&', '"' => '"')); + $name = htmlspecialchars($GLOBALS['user']->GetName($_POST['id'])); $title = '\'' . $name . '\' löschen'; |