From 5b594de42ccb468007b688200c8fcfc78d398eaa Mon Sep 17 00:00:00 2001
From: Tim Steiner <tsteiner2@unl.edu>
Date: Fri, 25 Jan 2008 21:49:25 +0000
Subject: [PATCH] Added a couple of htmlspecialchar filters.
---
application/views/approval_chain_manager.xhtml | 2 +-
application/views/home.xhtml | 5 +++--
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/application/views/approval_chain_manager.xhtml b/application/views/approval_chain_manager.xhtml
index 0687ae60..294f8e3d 100644
--- a/application/views/approval_chain_manager.xhtml
+++ b/application/views/approval_chain_manager.xhtml
@@ -9,7 +9,7 @@
<?php foreach ($this->approvalChains as $approvalChain) { ?>
<li>
<a href="/ApprovalChainManager/EditChain/<?php echo $approvalChain->getPrimaryKey(); ?>">
- <?php echo $approvalChain->name; ?>
+ <?php echo htmlspecialchars($approvalChain->name); ?>
</a>
</li>
<?php } ?>
diff --git a/application/views/home.xhtml b/application/views/home.xhtml
index 83bd648d..01948678 100755
--- a/application/views/home.xhtml
+++ b/application/views/home.xhtml
@@ -130,7 +130,7 @@
</td>
<td><?php echo $originalCourse->getHomeCollege()->name; ?></td>
<td><?php echo $request->type->name; ?></td>
- <td><?php echo $request->getCurrentApprovalBody()->name; ?></td>
+ <td><?php echo htmlspecialchars($request->getCurrentApprovalBody()->name); ?></td>
<td>
<?php
if ($request->complete == 'yes') {
@@ -138,7 +138,8 @@
} else {
echo $request->getCurrentAction()->name;
}
- ?> </td>
+ ?>
+ </td>
<td>
<a href="/Request/View/<?php echo $request->getPrimaryKey(); ?>">View</a>
<a href="/Request/Load/<?php echo $request->getPrimaryKey(); ?>">Edit</a>
--
GitLab