Fixes #2036: using htmlspecialchars in output views

git-svn-id: http://code.elgg.org/elgg/trunk@7368 36083f99-b078-4883-b0ff-0f9b5a30f544
author: ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544> 2010-11-20 08:25:52 +0000
committer: ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544> 2010-11-20 08:25:52 +0000
commit: 9f41e8b1a34044d654ce3c6381efe3b3e2030c35 (patch)
tree: 28ac27966e2c0b7726a865138eb6a21f7f38dad1 /views/default/output/tagcloud.php
parent: a906ef7dcc58bce7f54b5b3a2c2692b84f6a1b54 (diff)
download: elgg-9f41e8b1a34044d654ce3c6381efe3b3e2030c35.tar.gz
elgg-9f41e8b1a34044d654ce3c6381efe3b3e2030c35.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php
index c7e87f688..d28fbf05f 100644
--- a/views/default/output/tagcloud.php
+++ b/views/default/output/tagcloud.php
@@ -58,7 +58,7 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) {
 			$size = 100;
 		}
 		$url = elgg_get_site_url()."pg/search/?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype";
-		$list .= "<a href=\"$url\" style=\"font-size: $size%\" title=\"".addslashes($tag->tag)." ($tag->total)\" style=\"text-decoration:none;\">" . htmlentities($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>";
+		$list .= "<a href=\"$url\" style=\"font-size: $size%\" title=\"".addslashes($tag->tag)." ($tag->total)\" style=\"text-decoration:none;\">" . htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>";
 	}
 	
 	$cloud .= "$list</div>";
author	ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544>	2010-11-20 08:25:52 +0000
committer	ewinslow <ewinslow@36083f99-b078-4883-b0ff-0f9b5a30f544>	2010-11-20 08:25:52 +0000
commit	9f41e8b1a34044d654ce3c6381efe3b3e2030c35 (patch)
tree	28ac27966e2c0b7726a865138eb6a21f7f38dad1 /views/default/output/tagcloud.php
parent	a906ef7dcc58bce7f54b5b3a2c2692b84f6a1b54 (diff)
download	elgg-9f41e8b1a34044d654ce3c6381efe3b3e2030c35.tar.gz elgg-9f41e8b1a34044d654ce3c6381efe3b3e2030c35.tar.bz2