commit 7fb7d962937b6e577d36e02c3407cb029831bf12
parent deb1ef885bb77cbceb20dbe6cfe1ca2c297000ab
Author: dankert <devnull@localhost>
Date: Thu, 18 Mar 2010 02:53:34 +0100
Ausgabe-Variablen ggf. escapen.
Diffstat:
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/themes/default/include/html/text.inc.php b/themes/default/include/html/text.inc.php
@@ -44,11 +44,7 @@
#END-IF#
?><<?php echo $tmp_tag ?> class="<?php echo $attr_class ?>" title="<?php echo $attr_title ?>"><?php
- #IF-ATTR escape#
$langF = $attr_escape?'langHtml':'lang';
- #ELSE
- $langF = 'langHtml';
- #END-IF
#IF-ATTR array#
//geht nicht:
@@ -81,7 +77,7 @@
#END-IF
#IF-ATTR value#
- $tmp_text = $attr_value;
+ $tmp_text = $attr_escape?htmlentities($attr_value):$attr_value;
#END-IF
#IF-ATTR maxlength#