p() and print_unescaped() also take arrays as parameter

This fixes some scrutinizer issues.
2014-04-13 16:18:05 +02:00 · 2014-04-13 16:18:05 +02:00 · eecc400698
parent 9de3c1b59d
commit eecc400698
1 changed files with 5 additions and 4 deletions
--- a/lib/private/template/functions.php
+++ b/lib/private/template/functions.php
@ -7,16 +7,17 @@
 */

 /**
- * Prints an XSS escaped string
- * @param string $string the string which will be escaped and printed
+ * Prints a sanitized string
+ * @param string|array $string the string which will be escaped and printed
 */
 function p($string) {
 	print(OC_Util::sanitizeHTML($string));
 }

 /**
- * Prints an unescaped string
- * @param string $string the string which will be printed as it is
+ * Prints an unsanitized string - usage of this function may result into XSS.
+ * Consider using p() instead.
+ * @param string|array $string the string which will be printed as it is
 */
 function print_unescaped($string) {
 	print($string);