We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
1 parent fb88fe5 commit 53099a9Copy full SHA for 53099a9
phpmyfaq/admin/record.comments.php
@@ -20,6 +20,7 @@
20
use phpMyFAQ\Date;
21
use phpMyFAQ\Entity\CommentType;
22
use phpMyFAQ\Faq;
23
+use phpMyFAQ\Strings;
24
25
if (!defined('IS_VALID_PHPMYFAQ')) {
26
http_response_code(400);
@@ -73,7 +74,7 @@
73
74
<td>
75
<span style="font-weight: bold;">
76
<a href="mailto:<?= $faqComment->getEmail() ?>">
- <?= $faqComment->getUsername() ?>
77
+ <?= Strings::htmlentities($faqComment->getUsername()) ?>
78
</a> |
79
<?= $date->format(date('Y-m-d H:i', $faqComment->getDate())) ?> |
80
<a href="<?php printf(
@@ -84,8 +85,8 @@
84
85
) ?>">
86
<?= $faq->getRecordTitle($faqComment->getRecordId()) ?>
87
</a>
- </span><br/>
88
- <?= $faqComment->getComment() ?>
+ </span><br>
89
+ <?= Strings::htmlentities($faqComment->getComment()) ?>
90
</td>
91
</tr>
92
<?php
0 commit comments