XSS review fixes (mostly adding missing html::mark_clean()) calls.

author: Andy Staudacher <andy.st@gmail.com> 2009-08-31 02:12:01 -0700
committer: Andy Staudacher <andy.st@gmail.com> 2009-08-31 02:12:01 -0700
commit: 8312eb116e65195e3fc70d59b3b0817b9c807287 (patch)
tree: 1a7191e21d19c92cd5fa843144356a8bd950ef06 /modules/gallery/helpers/graphics.php
parent: 26f6d8192ffdfd0280987ec2b9df0305e983746d (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/gallery/helpers/graphics.php b/modules/gallery/helpers/graphics.php
index acbcb9b2..521dc5a4 100644
--- a/modules/gallery/helpers/graphics.php
+++ b/modules/gallery/helpers/graphics.php
@@ -326,9 +326,9 @@ class graphics_Core {
           t2("One of your photos is out of date. <a %attrs>Click here to fix it</a>",
              "%count of your photos are out of date. <a %attrs>Click here to fix them</a>",
              $count,
-             array("attrs" => sprintf(
+             array("attrs" => html::mark_clean(sprintf(
                'href="%s" class="gDialogLink"',
-               url::site("admin/maintenance/start/gallery_task::rebuild_dirty_images?csrf=__CSRF__")))),
+               url::site("admin/maintenance/start/gallery_task::rebuild_dirty_images?csrf=__CSRF__"))))),
           "graphics_dirty");
     }
   }
author	Andy Staudacher <andy.st@gmail.com>	2009-08-31 02:12:01 -0700
committer	Andy Staudacher <andy.st@gmail.com>	2009-08-31 02:12:01 -0700
commit	8312eb116e65195e3fc70d59b3b0817b9c807287 (patch)
tree	1a7191e21d19c92cd5fa843144356a8bd950ef06 /modules/gallery/helpers/graphics.php
parent	26f6d8192ffdfd0280987ec2b9df0305e983746d (diff)