aboutsummaryrefslogtreecommitdiff
path: root/views/default/output
diff options
context:
space:
mode:
authorBrett Profitt <brett.profitt@gmail.com>2012-05-01 17:15:42 -0700
committerBrett Profitt <brett.profitt@gmail.com>2012-05-01 17:15:42 -0700
commitc0c5c0f81f40b5d72048e74842a650f974cefcd7 (patch)
treebc929b43f4dd2b36e5d11a52687a3caaf5ff25cb /views/default/output
parent72f0c8462e79333667ebddd885500e5efddd1c28 (diff)
downloadelgg-c0c5c0f81f40b5d72048e74842a650f974cefcd7.tar.gz
elgg-c0c5c0f81f40b5d72048e74842a650f974cefcd7.tar.bz2
Fixes #1835. Passing tagcloud URLs through output/url for proper escaping.
Diffstat (limited to 'views/default/output')
-rw-r--r--views/default/output/tagcloud.php12
1 files changed, 9 insertions, 3 deletions
diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php
index 22b6cf49d..a212becd8 100644
--- a/views/default/output/tagcloud.php
+++ b/views/default/output/tagcloud.php
@@ -47,9 +47,15 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) {
if ($size < 100) {
$size = 100;
}
- $url = elgg_get_site_url()."search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype";
- $url = elgg_format_url($url);
- $cloud .= "<a href=\"$url\" style=\"font-size: $size%\" title=\"".addslashes($tag->tag)." ($tag->total)\">" . htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>";
+ $url = "search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype";
+
+ $cloud .= elgg_view('output/url', array(
+ 'text' => $tag->tag,
+ 'href' => $url,
+ 'style' => "font-size: $size%;",
+ 'title' => "$tag->tag ($tag->total)",
+ 'rel' => 'tag'
+ ));
}
$cloud .= elgg_view('tagcloud/extend');