Skip to content
Permalink
Browse files

メールフォームの確認画面でユーザーの入力値をエスケープする (#990)

  • Loading branch information...
seto1 authored and ryuring committed Jan 24, 2019
1 parent f456427 commit 0c7c750c002543d7b1b280aa7bf34dc8da6bd72d
Showing with 3 additions and 3 deletions.
  1. +3 −3 lib/Baser/View/Helper/BcFreezeHelper.php
@@ -60,7 +60,7 @@ public function text($fieldName, $attributes = []) {
} else {
$value = $this->request->data[$model][$field];
}
return parent::text($fieldName, $attributes) . $value;
return parent::text($fieldName, $attributes) . h($value);
} else {
return parent::text($fieldName, $attributes);
}
@@ -329,7 +329,7 @@ public function textarea($fieldName, $attributes = []) {
$value = $this->request->data[$model][$field];
}
if ($value) {
return parent::text($fieldName, $attributes) . nl2br($value);
return parent::text($fieldName, $attributes) . nl2br(h($value));
} else {
return " ";
}
@@ -463,7 +463,7 @@ public function tel($fieldName, $attributes = []) {
$value = $this->request->data[$model][$field];
}
$attributes['type'] = 'hidden';
return parent::tel($fieldName, $attributes) . $value;
return parent::tel($fieldName, $attributes) . h($value);
} else {
return parent::tel($fieldName, $attributes);
}

0 comments on commit 0c7c750

Please sign in to comment.
You can’t perform that action at this time.