diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-05-31 00:11:48 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-31 00:11:48 -0700 |
| commit | 708f27f483d70660446ea2132b02cb7b39225f98 (patch) | |
| tree | c1f6231ea024565be6c2a41ad092eea05b30d7fc /modules/comment/views/comment.html.php | |
| parent | ad81861c331f60ec8c19ea11e47e2826660fa142 (diff) | |
Run p::clean() on any variables that contain data entered by users.
Diffstat (limited to 'modules/comment/views/comment.html.php')
| -rw-r--r-- | modules/comment/views/comment.html.php | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/modules/comment/views/comment.html.php b/modules/comment/views/comment.html.php index 1a674142..0337173b 100644 --- a/modules/comment/views/comment.html.php +++ b/modules/comment/views/comment.html.php @@ -4,14 +4,14 @@ <a href="#"> <img src="<?= $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true)) ?>" class="gAvatar" - alt="<?= $comment->author_name() ?>" + alt="<?= p::clean($comment->author_name()) ?>" width="40" height="40" /> </a> <?= t("on ") . date("Y-M-d H:i:s", $comment->created) ?> - <a href="#"><?= $comment->author_name() ?></a> <?= t("said") ?> + <a href="#"><?= p::clean($comment->author_name()) ?></a> <?= t("said") ?> </p> <div> - <?= $comment->text ?> + <?= p::clean($comment->text) ?> </div> </li> |