summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Weiske <cweiske@cweiske.de>2011-08-17 18:24:26 +0200
committerChristian Weiske <cweiske@cweiske.de>2011-09-05 18:51:22 +0200
commit000daf70ca8e3301b88be310949d4cd6cbadce4e (patch)
tree8d3d1941b284de5acc78a208abe35f649daeaa12
parent34600fe502c625217776c909903035d9ab937dea (diff)
downloadsemanticscuttle-000daf70ca8e3301b88be310949d4cd6cbadce4e.tar.gz
semanticscuttle-000daf70ca8e3301b88be310949d4cd6cbadce4e.tar.bz2
Fix bug: Subtitle was not escaped
-rw-r--r--data/templates/default/top.inc.php2
-rw-r--r--doc/ChangeLog1
2 files changed, 2 insertions, 1 deletions
diff --git a/data/templates/default/top.inc.php b/data/templates/default/top.inc.php
index 17ec982..f2adba4 100644
--- a/data/templates/default/top.inc.php
+++ b/data/templates/default/top.inc.php
@@ -49,7 +49,7 @@ if(!isset($_GET['popup'])) {
<?php
if (isset($subtitle)) {
- echo '<h2>'. $subtitle ."</h2>\n";
+ echo '<h2>'. htmlspecialchars($subtitle) ."</h2>\n";
}
if(DEBUG_MODE) {
echo '<p class="error">'. T_('Admins, your installation is in "Debug Mode" ($debugMode = true). To go in "Normal Mode" and hide debugging messages, change $debugMode to false into config.php.') ."</p>\n";
diff --git a/doc/ChangeLog b/doc/ChangeLog
index 1c5f36f..05a6405 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -6,6 +6,7 @@ ChangeLog for SemantiScuttle
0.98.4 - 2011-XX-XX
-------------------
- Fix bug: URLs were escaped too often in bookmark list
+- Fix bug: Subtitle was not escaped
0.98.3 - 2011-08-09