Skip to content
Permalink
Browse files Browse the repository at this point in the history
Sanitizing user input
  • Loading branch information
LukasReschke committed Jun 11, 2012
1 parent c898a8a commit 8f09299
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
4 changes: 2 additions & 2 deletions apps/gallery/lib/tiles.php
Expand Up @@ -141,7 +141,7 @@ public function getWidth() {
}

public function get() {
$r = '<div class="title gallery_div">'.$this->stack_name.'</div>';
$r = '<div class="title gallery_div">'.htmlentities($this->stack_name).'</div>';
for ($i = 0; $i < count($this->tiles_array); $i++) {
$top = rand(-5, 5);
$left = rand(-5, 5);
Expand All @@ -168,7 +168,7 @@ public function getCount() {
}

public function getOnClickAction() {
return 'javascript:openNewGal(\''.$this->stack_name.'\');';
return 'javascript:openNewGal(\''.htmlentities($this->stack_name).'\');';
}

private $tiles_array;
Expand Down
2 changes: 1 addition & 1 deletion apps/gallery/templates/index.php
Expand Up @@ -14,7 +14,7 @@
</style>
<script type="text/javascript">

var root = "<?php echo $root; ?>";
var root = "<?php echo htmlentities($root); ?>";

function explode(element) {
$('div', element).each(function(index, elem) {
Expand Down

0 comments on commit 8f09299

Please sign in to comment.