Commit: f1ad1ad5c54b095ff98d433c26a45455439a9795 Author: Peter Cowburn <[email protected]> Mon, 26 Nov 2012 23:38:57 +0000 Parents: 2a6762d4cb9855f45bd270e4aab762427614d1ab Branches: master
Link: http://git.php.net/?p=web/master.git;a=commitdiff;h=f1ad1ad5c54b095ff98d433c26a45455439a9795 Log: better cleaning for profile text Changed paths: M manage/users.php Diff: diff --git a/manage/users.php b/manage/users.php index 4a20c52..f741702 100644 --- a/manage/users.php +++ b/manage/users.php @@ -349,7 +349,7 @@ table.useredit tr { <th align="right">People Profile<br>(<a href="http://people.php.net/user.php?username=<?php echo urlencode($row['username']);?>"><?php echo hscr($row['username']);?>'s page</a>)</th> <td> <p>Use <a href="http://michelf.ca/projects/php-markdown/dingus/"; title="PHP Markdown: Dingus">Markdown</a>. Type as much as you like.</p> - <div><textarea cols="100" rows="20" name="in[profile_markdown]"><?php echo escape(html_entity_decode($row['profile_markdown'], ENT_QUOTES)); ?></textarea></div> + <div><textarea cols="100" rows="20" name="in[profile_markdown]"><?php echo clean($row['profile_markdown']); ?></textarea></div> </td> </tr> <?php -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
