diff options
author | Steve Clay <steve@mrclay.org> | 2012-10-11 15:49:02 -0400 |
---|---|---|
committer | Steve Clay <steve@mrclay.org> | 2012-11-07 16:55:38 -0500 |
commit | 6648304aa71067a05b0d4166396f5f93c0f66628 (patch) | |
tree | acc332d05de9199b59dc2b7320a530d801ea95f4 /views | |
parent | d134beadb79fcc90a75bda8bbcbfb9987b27470c (diff) | |
download | elgg-6648304aa71067a05b0d4166396f5f93c0f66628.tar.gz elgg-6648304aa71067a05b0d4166396f5f93c0f66628.tar.bz2 |
Better HTML decoding and output/email encoding
Diffstat (limited to 'views')
-rw-r--r-- | views/default/output/email.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/views/default/output/email.php b/views/default/output/email.php index 00eefad1f..f5a8bc4b8 100644 --- a/views/default/output/email.php +++ b/views/default/output/email.php @@ -10,6 +10,8 @@ * */ +$encoded_value = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8'); + if (!empty($vars['value'])) { - echo "<a href=\"mailto:" . $vars['value'] . "\">". htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false) ."</a>"; + echo "<a href=\"mailto:$encoded_value\">$encoded_value</a>"; }
\ No newline at end of file |