From c404ae54007690dca3a501c3042e9c8ac56e1d64 Mon Sep 17 00:00:00 2001
From: Mark Story <mark@mark-story.com>
Date: Thu, 22 Apr 2010 23:36:20 -0400
Subject: [PATCH] Adding htmlentities() to all parameters passed into the
 HtmlReporter.

---
 cake/tests/lib/reporter/cake_html_reporter.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/cake/tests/lib/reporter/cake_html_reporter.php b/cake/tests/lib/reporter/cake_html_reporter.php
index 1144a3f0084..e202a80ccd1 100755
--- a/cake/tests/lib/reporter/cake_html_reporter.php
+++ b/cake/tests/lib/reporter/cake_html_reporter.php
@@ -27,7 +27,17 @@
  * @subpackage cake.tests.lib
  */
 class CakeHtmlReporter extends CakeBaseReporter {
-
+/**
+ * Constructor
+ *
+ * @param string $charset 
+ * @param string $params 
+ * @return void
+ */
+	function CakeHtmlReporter($charset = 'utf-8', $params = array()) {
+		$params = array_map(array($this, '_htmlEntities'), $params);
+		$this->CakeBaseReporter($charset, $params);
+	}
 /**
  * Paints the top of the web page setting the
  * title to the name of the starting test.
@@ -40,7 +50,7 @@ function paintHeader($testName) {
 		$this->sendNoCacheHeaders();
 		$this->paintDocumentStart();
 		$this->paintTestMenu();
-		echo "<h2>$testName</h2>\n";
+		printf("<h2>%s</h2>\n", $this->_htmlEntities($testName));
 		echo "<ul class='tests'>\n";
 	}