XSS fixes in admin_comments.html.php

gallery · Aug 31, 2009 · fc294c2 · fc294c2
1 parent 0a0c7a7
commit fc294c2
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/modules/comment/views/admin_comments.html.php b/modules/comment/views/admin_comments.html.php
@@ -108,12 +108,12 @@ function(data) {
         <a href="#">
           <img src="<?= $comment->author()->avatar_url(40, $theme->url("images/avatar.jpg", true)) ?>"
                class="gAvatar"
-               alt="<?= html::clean($comment->author_name()) ?>"
+               alt="<?= html::clean_attribute($comment->author_name()) ?>"
                width="40"
                height="40" />
         </a>
-        <p><a href="mailto:<?= html::clean($comment->author_email()) ?>"
-              title="<?= html::clean($comment->author_email()) ?>"> <?= html::clean($comment->author_name()) ?> </a></p>
+        <p><a href="mailto:<?= html::clean_attribute($comment->author_email()) ?>"
+              title="<?= html::clean_attribute($comment->author_email()) ?>"> <?= html::clean($comment->author_name()) ?> </a></p>
       </td>
       <td>
         <div class="right">