diff options
| author | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-02-10 18:36:31 +0000 |
|---|---|---|
| committer | marcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2009-02-10 18:36:31 +0000 |
| commit | 2dafe0c1880b922d75a288f371fa976066589fd7 (patch) | |
| tree | db0704ce5abbb65812c56745532b12358bcd0264 /views/default/output/url.php | |
| parent | 5788ca8fea363eb5b5298a46b7f087ff3bec953d (diff) | |
| download | elgg-2dafe0c1880b922d75a288f371fa976066589fd7.tar.gz elgg-2dafe0c1880b922d75a288f371fa976066589fd7.tar.bz2 | |
Closes #756: htmlentities on all output forms
git-svn-id: https://code.elgg.org/elgg/trunk@2711 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'views/default/output/url.php')
| -rw-r--r-- | views/default/output/url.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/views/default/output/url.php b/views/default/output/url.php index d4c6ce9fa..af4582fba 100644 --- a/views/default/output/url.php +++ b/views/default/output/url.php @@ -20,7 +20,7 @@ if ((substr_count($val, "http://") == 0) && (substr_count($val, "https://") == 0)) {
$val = "http://" . $val;
}
- echo "<a href=\"{$val}\" target=\"_blank\">{$val}</a>";
+ echo "<a href=\"{$val}\" target=\"_blank\">". htmlentities($val, null, 'UTF-8'). "</a>";
}
?>
\ No newline at end of file |