Skip to content
Browse files

escaping textarea values

  • Loading branch information...
1 parent 8d07839 commit 53fae6e54b3664492a4e41ba1e05e4f65b2be1c0 @Zeelot committed
Showing with 1 addition and 1 deletion.
  1. +1 −1 views/yform/themes/default/input/textarea.php
2 views/yform/themes/default/input/textarea.php
@@ -5,7 +5,7 @@
<label for="<?php echo Arr::get($attributes, 'id'); ?>" ><?php echo $label; ?></label>
<?php endif; ?>
- <textarea <?php echo HTML::attributes($attributes); ?>><?php echo $object->value; ?></textarea>
+ <textarea <?php echo HTML::attributes($attributes); ?>><?php echo HTML::chars($object->value); ?></textarea>
<?php foreach (Arr::get($messages, 'errors', array()) as $error): ?>
<div class="error"><?php echo $error; ?></div>

0 comments on commit 53fae6e

Please sign in to comment.
Something went wrong with that request. Please try again.