Permalink
Browse files

run htmlentities() before putting contents into a file

  • Loading branch information...
1 parent a738b5c commit 4ac544fe8f84369dd3374d71e50b910b5f5cf042 @BaylorRae committed Mar 26, 2012
Showing with 5 additions and 1 deletion.
  1. +5 −1 lib/gist.php
View
@@ -82,7 +82,7 @@ public function noscript_tag() {
* then display it
*/
if( $this->source !== null ) {
- return sprintf('<noscript><pre><code>%s</code></pre></noscript>', htmlentities($this->source));
+ return sprintf('<noscript><pre><code>%s</code></pre></noscript>', $this->source);
}
}
@@ -119,6 +119,10 @@ private function download_raw_source() {
// if successful then save it
if( $this->source ) {
+
+ // turn into an html ready source before caching
+ $this->source = htmlentities($this->source);
+
file_put_contents($this->get_cache_name(), $this->source);
}
}

0 comments on commit 4ac544f

Please sign in to comment.