From db98ed31a14cab35de600781b78e788e7b2ddf05 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Sun, 6 Jul 2003 11:01:40 +0000 Subject: [PATCH] replaced htmlentities with htmlspecialchars --- etemplate/inc/class.uietemplate.inc.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/etemplate/inc/class.uietemplate.inc.php b/etemplate/inc/class.uietemplate.inc.php index 32401a14ea..c58f5c81b3 100644 --- a/etemplate/inc/class.uietemplate.inc.php +++ b/etemplate/inc/class.uietemplate.inc.php @@ -543,7 +543,7 @@ break; list($style,$extra_link) = explode(',',$cell_options); $value = strlen($value) > 1 && !$cell['no_lang'] ? lang($value) : $value; - $value = nl2br(htmlentities($value)); + $value = nl2br(htmlspecialchars($value)); if ($value != '' && strstr($style,'b')) $value = $this->html->bold($value); if ($value != '' && strstr($style,'i')) $value = $this->html->italic($value); $html .= $value; @@ -563,7 +563,7 @@ case 'text': // size: [length][,maxLength] if ($readonly) { - $html .= $this->html->bold(htmlentities($value)); + $html .= $this->html->bold(htmlspecialchars($value)); } else {