Fixes #2036: using htmlspecialchars in output views

git-svn-id: http://code.elgg.org/elgg/trunk@7368 36083f99-b078-4883-b0ff-0f9b5a30f544
author: ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544> 2010-11-20 08:25:52 +0000
committer: ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544> 2010-11-20 08:25:52 +0000
commit: 9f41e8b1a34044d654ce3c6381efe3b3e2030c35 (patch)
tree: 28ac27966e2c0b7726a865138eb6a21f7f38dad1 /views/default/output/confirmlink.php
parent: a906ef7dcc58bce7f54b5b3a2c2692b84f6a1b54 (diff)
download: elgg-9f41e8b1a34044d654ce3c6381efe3b3e2030c35.tar.gz
elgg-9f41e8b1a34044d654ce3c6381efe3b3e2030c35.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/views/default/output/confirmlink.php b/views/default/output/confirmlink.php
index 4d1bc0ab9..bce06305a 100644
--- a/views/default/output/confirmlink.php
+++ b/views/default/output/confirmlink.php
@@ -26,4 +26,4 @@ if (isset($vars['class']) && $vars['class']) {
 	$class = '';
 }
 ?>
-<a href="<?php echo $link; ?>" <?php echo $class; ?> onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlentities($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
+<a href="<?php echo $link; ?>" <?php echo $class; ?> onclick="return confirm('<?php echo addslashes($confirm); ?>');"><?php echo htmlspecialchars($vars['text'], ENT_QUOTES, 'UTF-8'); ?></a>
author	ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544>	2010-11-20 08:25:52 +0000
committer	ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544>	2010-11-20 08:25:52 +0000
commit	9f41e8b1a34044d654ce3c6381efe3b3e2030c35 (patch)
tree	28ac27966e2c0b7726a865138eb6a21f7f38dad1 /views/default/output/confirmlink.php
parent	a906ef7dcc58bce7f54b5b3a2c2692b84f6a1b54 (diff)
download	elgg-9f41e8b1a34044d654ce3c6381efe3b3e2030c35.tar.gz elgg-9f41e8b1a34044d654ce3c6381efe3b3e2030c35.tar.bz2