[Pkg-owncloud-commits] [owncloud] 03/11: [external] Encode HTML

[David Prévot]

This is an automated email from the git hooks/post-receive script.

taffit pushed a commit to annotated tag v4.0.12
in repository owncloud.

commit 1fbb89a661abfb1ebbafee5fb8d72bd2fcde73a1
Author: Lukas Reschke <lukas at statuscode.ch>
Date:   Tue Feb 12 11:03:58 2013 +0100

    [external] Encode HTML
---
 apps/external/templates/settings.php |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/external/templates/settings.php b/apps/external/templates/settings.php
index b813972..38d7ab2 100644
--- a/apps/external/templates/settings.php
+++ b/apps/external/templates/settings.php
@@ -6,8 +6,8 @@
 		<?php
 		$sites = OC_External::getSites();
 		for($i = 0; $i < sizeof($sites); $i++) {
-			echo '<li><input type="text" name="site_name[]" class="site_name" value="'.$sites[$i][0].'" placeholder="'.$l->t('Name').'" />
-			<input type="text" class="site_url" name="site_url[]"  value="'.$sites[$i][1].'"  placeholder="'.$l->t('URL').'" />
+			echo '<li><input type="text" name="site_name[]" class="site_name" value="'.OC_Util::sanitizeHTML($sites[$i][0]).'" placeholder="'.$l->t('Name').'" />
+			<input type="text" class="site_url" name="site_url[]"  value="'.OC_Util::sanitizeHTML($sites[$i][1]).'"  placeholder="'.$l->t('URL').'" />
 			<img class="svg action delete_button" src="'.OCP\image_path("", "actions/delete.svg") .'" title="'.$l->t("Remove site").'" />
 			</li>';
 		}

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-owncloud/owncloud.git