diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2009-05-31 01:02:51 -0700 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-31 01:02:51 -0700 |
| commit | 9369ccab7fb3413d63e218cec81b4cf43442fd98 (patch) | |
| tree | 22066e2335c6aa2d81fadc56fbdbea8e7694069c /modules/tag | |
| parent | a049de28ace48a3970371caf24d7c389d8d93cd7 (diff) | |
Run all variables that come from user-entered data through p::clean()
Diffstat (limited to 'modules/tag')
| -rw-r--r-- | modules/tag/views/admin_tags.html.php | 2 | ||||
| -rw-r--r-- | modules/tag/views/tag_cloud.html.php | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/modules/tag/views/admin_tags.html.php b/modules/tag/views/admin_tags.html.php index 133b452f..62e3a2a1 100644 --- a/modules/tag/views/admin_tags.html.php +++ b/modules/tag/views/admin_tags.html.php @@ -48,7 +48,7 @@ <? endif ?> <li> - <span id="gTag-<?= $tag->id ?>" class="gEditable tag-name"><?= $tag->name ?></span> + <span id="gTag-<?= $tag->id ?>" class="gEditable tag-name"><?= p::clean($tag->name) ?></span> <span class="understate">(<?= $tag->count ?>)</span> <a href="<?= url::site("admin/tags/form_delete/$tag->id") ?>" class="gDialogLink delete-link gButtonLink"> diff --git a/modules/tag/views/tag_cloud.html.php b/modules/tag/views/tag_cloud.html.php index 9deedb20..eba615fc 100644 --- a/modules/tag/views/tag_cloud.html.php +++ b/modules/tag/views/tag_cloud.html.php @@ -3,7 +3,7 @@ <? foreach ($tags as $tag): ?> <li class="size<?=(int)(($tag->count / $max_count) * 7) ?>"> <span><?= $tag->count ?> photos are tagged with </span> - <a href="<?=url::site("tags/$tag->id") ?>"><?= $tag->name ?></a> + <a href="<?= url::site("tags/$tag->id") ?>"><?= p::clean($tag->name) ?></a> </li> <? endforeach ?> </ul> |