diff options
| author | David T. Sadler <davidtsadler@googlemail.com> | 2021-11-09 20:34:18 +0000 |
|---|---|---|
| committer | David T. Sadler <davidtsadler@googlemail.com> | 2021-11-09 20:34:18 +0000 |
| commit | 5c7b4099e2815089cb7bfe49f6b07158c23a8b2f (patch) | |
| tree | c4d53a069187f333b4665cdd61c1d97fd1e9cdf5 /src | |
| parent | 4a40b41f386af23da54cd35b8abac1f27c8e5ef7 (diff) | |
Add missing htmlentities
Diffstat (limited to 'src')
| -rw-r--r-- | src/templates/form_fields.php | 6 | ||||
| -rw-r--r-- | src/templates/index.php | 2 |
2 files changed, 4 insertions, 4 deletions
diff --git a/src/templates/form_fields.php b/src/templates/form_fields.php index 3005ee8..0bfe076 100644 --- a/src/templates/form_fields.php +++ b/src/templates/form_fields.php @@ -1,12 +1,12 @@ <label>URL<input type="text" name="url" maxlength="512" value="<?php echo htmlspecialchars($old->get('url', $bookmark->url)); ?>" autofocus></label> <?php if ($errors->has('url')) { ?> - <p><?php echo implode(', ', $errors->get('url')); ?></p> + <p><?php echo htmlentities(implode(', ', $errors->get('url'))); ?></p> <?php } ?> <label>Title<input type="text" name="title" maxlength="256" value="<?php echo htmlspecialchars($old->get('title', $bookmark->title)); ?>"></label> <?php if ($errors->has('title')) { ?> - <p><?php echo implode(', ', $errors->get('title')); ?></p> + <p><?php echo htmlentities(implode(', ', $errors->get('title'))); ?></p> <?php } ?> <label>Tag<input type="text" name="tag" maxlength="8" value="<?php echo htmlspecialchars($old->get('tag', $bookmark->tag)); ?>"></label> <?php if ($errors->has('tag')) { ?> - <p><?php echo implode(', ', $errors->get('tag')); ?></p> + <p><?php echo htmlentities(implode(', ', $errors->get('tag'))); ?></p> <?php } ?> diff --git a/src/templates/index.php b/src/templates/index.php index 796bc26..f078bbd 100644 --- a/src/templates/index.php +++ b/src/templates/index.php @@ -18,7 +18,7 @@ <ul> <a href="/">All</a> <?php foreach($bookmarks->tags() as $tag) { ?> - <li><a href="/?tag=<?php echo htmlentities($tag); ?>"><?php echo $tag; ?></a></li> + <li><a href="/?tag=<?php echo htmlentities($tag); ?>"><?php echo htmlentities($tag); ?></a></li> <?php } ?> </ul> <h2>Bookmarks</h2> |