Sanitizing user input

This commit is contained in:
Lukas Reschke 2012-06-11 00:36:58 +02:00
parent c898a8a6c9
commit 8f09299e24
2 changed files with 3 additions and 3 deletions

View File

@ -141,7 +141,7 @@ class TileStack extends TileBase {
}
public function get() {
$r = '<div class="title gallery_div">'.$this->stack_name.'</div>';
$r = '<div class="title gallery_div">'.htmlentities($this->stack_name).'</div>';
for ($i = 0; $i < count($this->tiles_array); $i++) {
$top = rand(-5, 5);
$left = rand(-5, 5);
@ -168,7 +168,7 @@ class TileStack extends TileBase {
}
public function getOnClickAction() {
return 'javascript:openNewGal(\''.$this->stack_name.'\');';
return 'javascript:openNewGal(\''.htmlentities($this->stack_name).'\');';
}
private $tiles_array;

View File

@ -14,7 +14,7 @@ div.visible { opacity: 0.8;}
</style>
<script type="text/javascript">
var root = "<?php echo $root; ?>";
var root = "<?php echo htmlentities($root); ?>";
function explode(element) {
$('div', element).each(function(index, elem) {