From 9369ccab7fb3413d63e218cec81b4cf43442fd98 Mon Sep 17 00:00:00 2001
From: Bharat Mediratta <bharat@menalto.com>
Date: Sun, 31 May 2009 01:02:51 -0700
Subject: Run all variables that come from user-entered data through p::clean()

---
 modules/user/views/login.html.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'modules/user/views/login.html.php')

diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php
index d9a558b5..cce2fb54 100644
--- a/modules/user/views/login.html.php
+++ b/modules/user/views/login.html.php
@@ -11,7 +11,7 @@
                 '<a href="' . url::site("form/edit/users/{$user->id}") .
                 '" title="' . t("Edit Your Profile") .
                 '" id="gUserProfileLink" class="gDialogLink">' .
-                (empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?></li>
+                p::clean(empty($user->full_name) ? $user->name : $user->full_name) . '</a>')) ?></li>
   <li><a href="<?= url::site("logout?continue=" . url::current(true)) ?>"
       id="gLogoutLink"><?= t("Logout") ?></a></li>
   <? endif; ?>
-- 
cgit v1.2.3