aboutsummaryrefslogtreecommitdiff
path: root/mod/profile
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-02-10 18:34:14 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-02-10 18:34:14 +0000
commit5788ca8fea363eb5b5298a46b7f087ff3bec953d (patch)
tree981336b31718e07654e106c215d23be7acbde918 /mod/profile
parent32ff3c6ef94119299a51e77ca97193a46e9c224b (diff)
downloadelgg-5788ca8fea363eb5b5298a46b7f087ff3bec953d.tar.gz
elgg-5788ca8fea363eb5b5298a46b7f087ff3bec953d.tar.bz2
XSS filtering on output
git-svn-id: https://code.elgg.org/elgg/trunk@2710 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'mod/profile')
-rw-r--r--mod/profile/views/default/profile/userdetails.php4
1 files changed, 2 insertions, 2 deletions
diff --git a/mod/profile/views/default/profile/userdetails.php b/mod/profile/views/default/profile/userdetails.php
index f22301aef..58baa66e3 100644
--- a/mod/profile/views/default/profile/userdetails.php
+++ b/mod/profile/views/default/profile/userdetails.php
@@ -101,8 +101,8 @@
$even_odd = ( 'odd' != $even_odd ) ? 'odd' : 'even';
- echo "<p class=\"{$even_odd}\">";
?>
+ <p class="<?php echo $even_odd; ?>">
<b><?php
echo elgg_echo("profile:{$shortname}");
@@ -133,7 +133,7 @@
<td colspan="2">
<div id="profile_info_column_right">
<p class="profile_aboutme_title"><b><?php echo elgg_echo("profile:aboutme"); ?></b></p>
- <?php echo autop($vars['entity']->description); ?>
+ <?php echo autop(filter_tags($vars['entity']->description)); ?>
<?php if ($vars['entity']->isBanned()) { ?>
<div id="profile_banned">