From d90b342cc9b161cf84ea9e4f9f86b1ddd534ee89 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Thu, 20 Aug 2015 14:34:08 +0200
Subject: [PATCH] Fix use dedicated escapment function

---
 htdocs/contact/list.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php
index 85fdbc2870f..cf65c1c5456 100644
--- a/htdocs/contact/list.php
+++ b/htdocs/contact/list.php
@@ -269,7 +269,7 @@ if ($result)
 
     print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
     print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
-    print '<input type="hidden" name="view" value="'.htmlspecialchars($view).'">';
+    print '<input type="hidden" name="view" value="'.dol_escape_htmltag($view).'">';
     print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
     print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
 
-- 
GitLab