diff options
author | Steve Clay <steve@mrclay.org> | 2013-01-17 11:05:16 -0500 |
---|---|---|
committer | Steve Clay <steve@mrclay.org> | 2013-01-17 11:23:28 -0500 |
commit | 2d365ba900e40494abeb306e3a881c91e2099ba6 (patch) | |
tree | 0764f23d77753a7404fbbbad4b4f78ac1abf425a /views/default | |
parent | 3bbd27a2ed8281983e7af10fc9c5b326723c59a3 (diff) | |
download | elgg-2d365ba900e40494abeb306e3a881c91e2099ba6.tar.gz elgg-2d365ba900e40494abeb306e3a881c91e2099ba6.tar.bz2 |
Allow friend collection names to store arbitrary plain text
Diffstat (limited to 'views/default')
-rw-r--r-- | views/default/output/access.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/views/default/output/access.php b/views/default/output/access.php index 91c5c721e..5c8d62c4d 100644 --- a/views/default/output/access.php +++ b/views/default/output/access.php @@ -11,7 +11,7 @@ if (isset($vars['entity']) && elgg_instanceof($vars['entity'])) { $access_id = $vars['entity']->access_id; $access_class = 'elgg-access'; $access_id_string = get_readable_access_level($access_id); - $access_id_string = htmlentities($access_id_string, ENT_QUOTES, 'UTF-8'); + $access_id_string = htmlspecialchars($access_id_string, ENT_QUOTES, 'UTF-8', false); // if within a group or shared access collection display group name and open/closed membership status // @todo have a better way to do this instead of checking against subtype / class. |