aboutsummaryrefslogtreecommitdiff
path: root/views/default/output/tag.php
diff options
context:
space:
mode:
Diffstat (limited to 'views/default/output/tag.php')
-rw-r--r--views/default/output/tag.php17
1 files changed, 9 insertions, 8 deletions
diff --git a/views/default/output/tag.php b/views/default/output/tag.php
index 3c002a31b..6bd9a72a7 100644
--- a/views/default/output/tag.php
+++ b/views/default/output/tag.php
@@ -8,24 +8,25 @@
*
*/
+if (!empty($vars['type'])) {
+ $type = "&type=" . rawurlencode($vars['type']);
+} else {
+ $type = "";
+}
if (!empty($vars['subtype'])) {
- $subtype = "&subtype=" . urlencode($vars['subtype']);
+ $subtype = "&subtype=" . rawurlencode($vars['subtype']);
} else {
$subtype = "";
}
if (!empty($vars['object'])) {
- $object = "&object=" . urlencode($vars['object']);
+ $object = "&object=" . rawurlencode($vars['object']);
} else {
$object = "";
}
if (isset($vars['value'])) {
- if (!empty($vars['type'])) {
- $type = "&type={$vars['type']}";
- } else {
- $type = "";
- }
- $url = elgg_get_site_url() . 'search?q=' . urlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}";
+ $url = elgg_get_site_url() . 'search?q=' . rawurlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}";
+ $vars['value'] = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false);
echo elgg_view('output/url', array(
'href' => $url,
'text' => $vars['value'],