aboutsummaryrefslogtreecommitdiff
path: root/views/default/output/email.php
diff options
context:
space:
mode:
Diffstat (limited to 'views/default/output/email.php')
-rw-r--r--views/default/output/email.php38
1 files changed, 17 insertions, 21 deletions
diff --git a/views/default/output/email.php b/views/default/output/email.php
index 0a4abe658..f5a8bc4b8 100644
--- a/views/default/output/email.php
+++ b/views/default/output/email.php
@@ -1,21 +1,17 @@
-<?php
-
- /**
- * Elgg email output
- * Displays an email address that was entered using an email input field
- *
- * @package Elgg
- * @subpackage Core
- * @license http://www.gnu.org/licenses/old-licenses/gpl-2.0.html GNU Public License version 2
- * @author Curverider Ltd
- * @copyright Curverider Ltd 2008
- * @link http://elgg.org/
- *
- * @uses $vars['value'] The email address to display
- *
- */
-
- if (!empty($vars['value'])) {
- echo "<a href=\"mailto:" . $vars['value'] . "\">". $vars['value'] ."</a>";
- }
-?> \ No newline at end of file
+<?php
+/**
+ * Elgg email output
+ * Displays an email address that was entered using an email input field
+ *
+ * @package Elgg
+ * @subpackage Core
+ *
+ * @uses $vars['value'] The email address to display
+ *
+ */
+
+$encoded_value = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8');
+
+if (!empty($vars['value'])) {
+ echo "<a href=\"mailto:$encoded_value\">$encoded_value</a>";
+} \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-15 17:17:10 +0000