diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-05-31 00:11:48 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-31 00:11:48 -0700 |
| commit | 708f27f483d70660446ea2132b02cb7b39225f98 (patch) | |
| tree | c1f6231ea024565be6c2a41ad092eea05b30d7fc /modules/comment/views/admin_block_recent_comments.html.php | |
| parent | ad81861c331f60ec8c19ea11e47e2826660fa142 (diff) | |
Run p::clean() on any variables that contain data entered by users.
Diffstat (limited to 'modules/comment/views/admin_block_recent_comments.html.php')
| -rw-r--r-- | modules/comment/views/admin_block_recent_comments.html.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/comment/views/admin_block_recent_comments.html.php b/modules/comment/views/admin_block_recent_comments.html.php index d7b8d2b0..d5aab84c 100644 --- a/modules/comment/views/admin_block_recent_comments.html.php +++ b/modules/comment/views/admin_block_recent_comments.html.php @@ -4,13 +4,13 @@ <li class="<?= ($i % 2 == 0) ? "gEvenRow" : "gOddRow" ?>"> <img src="<?= $comment->author()->avatar_url(32, $theme->url("images/avatar.jpg", true)) ?>" class="gAvatar" - alt="<?= $comment->author_name() ?>" + alt="<?= p::clean($comment->author_name()) ?>" width="32" height="32" /> <?= date("Y-M-d H:i:s", $comment->created) ?> <?= t("<a href=#>%author_name</a> said <em>%comment_text</em>", - array("author_name" => $comment->author_name(), - "comment_text" => text::limit_words($comment->text, 50))); ?> + array("author_name" => p::clean($comment->author_name()), + "comment_text" => text::limit_words(p::clean($comment->text), 50))); ?> </li> <? endforeach ?> </ul> |