Fix XSS vulnerability, get rid of unnecessary curly braces.

author: Bharat Mediratta <bharat@menalto.com> 2009-06-27 14:29:58 -0700
committer: Bharat Mediratta <bharat@menalto.com> 2009-06-27 14:29:58 -0700
commit: e78f91c91a178f564dc845905ea4b21928e57c3c (patch)
tree: 5637fe2236b7f08c68e12f6305c0a0abd001cbd4
parent: bbba0a67c22436aa166b1a882f35ddc093faae7c (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/digibug/views/digibug_album.html.php b/modules/digibug/views/digibug_album.html.php
index 2d9cf641..2fd8803b 100644
--- a/modules/digibug/views/digibug_album.html.php
+++ b/modules/digibug/views/digibug_album.html.php
@@ -1,8 +1,8 @@
 <?php defined("SYSPATH") or die("No direct script access.") ?>
 <div class="gDigibugPrintButton">
   <a class="gButtonLink ui-corner-all ui-state-default ui-icon-left"
-     href="<?= url::site("digibug/print_photo/$id?csrf={$csrf}") ?>"
+     href="<?= url::site("digibug/print_photo/$id?csrf=$csrf") ?>"
      title="<?= p::clean($title) ?>">
-    <span class="ui-icon ui-icon-print"><?= $title ?></span>
+    <span class="ui-icon ui-icon-print"><?= p::clean($title) ?></span>
   </a>
-</div>
-\ No newline at end of file
+</div>
author	Bharat Mediratta <bharat@menalto.com>	2009-06-27 14:29:58 -0700
committer	Bharat Mediratta <bharat@menalto.com>	2009-06-27 14:29:58 -0700
commit	e78f91c91a178f564dc845905ea4b21928e57c3c (patch)
tree	5637fe2236b7f08c68e12f6305c0a0abd001cbd4
parent	bbba0a67c22436aa166b1a882f35ddc093faae7c (diff)