Skip to content

Commit 960fd1f

Browse files
committed
Properly escape zoom search column type
Signed-off-by: Michal Čihař <michal@cihar.com>
1 parent 36df83a commit 960fd1f

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

Diff for: templates/table/search/rows_zoom.phtml

+1-1
Original file line numberDiff line numberDiff line change
@@ -78,7 +78,7 @@ for ($i = 0; $i < 4; $i++): ?>
7878
name="criteriaColumnTypes[<?= $i; ?>]"
7979
id="types_<?= $i; ?>"
8080
<?php if (isset($_POST['criteriaColumnTypes'][$i])): ?>
81-
value="<?= $_POST['criteriaColumnTypes'][$i]; ?>"
81+
value="<?= htmlspecialchars($_POST['criteriaColumnTypes'][$i]); ?>"
8282
<?php endif; ?> />
8383
<input type="hidden"
8484
name="criteriaColumnCollations[<?= $i; ?>]"

0 commit comments

Comments
 (0)