From 8657d3fb5cbd25f78bc668ea9a0a8b17913dd490 Mon Sep 17 00:00:00 2001
From: neoraider <devnull@localhost>
Date: Tue, 18 Apr 2006 19:57:05 +0000
Subject: Ein paar unn?tige Aufrufe von strtr durch htmlspecialchars ersetzt.

---
 pages/content/Users:Handle.xml | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'pages/content/Users:Handle.xml')

diff --git a/pages/content/Users:Handle.xml b/pages/content/Users:Handle.xml
index abed354..69339bc 100644
--- a/pages/content/Users:Handle.xml
+++ b/pages/content/Users:Handle.xml
@@ -28,7 +28,7 @@
                 $res = $GLOBALS['db']->Execute('SELECT * FROM groups ORDER BY name');
                 
                 while($group = $res->FetchRow()) {
-                  echo '<option value="' . $group[0] . '">' . strtr($group[1], array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;')) . '</option>';
+                  echo '<option value="' . $group[0] . '">' . htmlspecialchars($group[1]) . '</option>';
                 }
               ?>
             </select><br />
@@ -43,7 +43,7 @@
           }
           elseif(isset($_POST['group'])) {
             if($_POST['id']) {
-              $name = strtr($GLOBALS['user']->GetName($_POST['id']), array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+              $name = htmlspecialchars($GLOBALS['user']->GetName($_POST['id']));
               $gid = $GLOBALS['user']->GetGid($_POST['id']);
               
               $title = 'Gruppe von \'' . $name . '\' ändern';
@@ -63,7 +63,7 @@
               foreach($groups as $group) {
                 echo '<option value="' . $group[0] . '"';
                 if($group[0] == $gid) echo ' selected="selected"';
-                echo '>' . strtr($group[1], array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;')) . '</option>';
+                echo '>' . htmlspecialchars($group[1]) . '</option>';
               }
               
               echo '</select><br />';
@@ -75,7 +75,7 @@
           }
           elseif(isset($_POST['password'])) {
             if($_POST['id']) {
-              $name = strtr($GLOBALS['user']->GetName($_POST['id']), array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+              $name = htmlspecialchars($GLOBALS['user']->GetName($_POST['id']));
               
               $title = 'Passwort von \'' . $name . '\' ändern';
               
@@ -94,7 +94,7 @@
           }
           elseif(isset($_POST['rename'])) {
             if($_POST['id']) {
-              $name = strtr($GLOBALS['user']->GetName($_POST['id']), array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+              $name = htmlspecialchars($GLOBALS['user']->GetName($_POST['id']));
               
               $title = '\'' . $name . '\' umbenennen';
               
@@ -111,7 +111,7 @@
           }
           elseif(isset($_POST['delete'])) {
             if($_POST['id']) {
-              $name = strtr($GLOBALS['user']->GetName($_POST['id']), array('<' => '&lt;', '>' => '&gt;', '&' => '&amp;', '"' => '&quot;'));
+              $name = htmlspecialchars($GLOBALS['user']->GetName($_POST['id']));
               
               $title = '\'' . $name . '\' löschen';
               
-- 
cgit v1.2.3