mirror of
https://github.com/sbrl/Pepperminty-Wiki.git
synced 2024-12-22 13:45:02 +00:00
Use rawurlencode / htmlentities in more places
This commit is contained in:
parent
674963c64b
commit
a90b72e3ad
2 changed files with 3 additions and 3 deletions
|
@ -136,7 +136,7 @@ register_module([
|
|||
|
||||
/// Search Box ///
|
||||
$content .= "<form method='get' action=''>\n";
|
||||
$content .= " <input type='search' id='search-box' name='query' placeholder='Type your query here and then press enter.' value='" . $_GET["query"] . "' />\n";
|
||||
$content .= " <input type='search' id='search-box' name='query' placeholder='Type your query here and then press enter.' value='" . htmlentities($_GET["query"], ENT_HTML5 | ENT_QUOTES) . "' />\n";
|
||||
$content .= " <input type='hidden' name='action' value='search' />\n";
|
||||
$content .= "</form>";
|
||||
|
||||
|
|
|
@ -130,11 +130,11 @@ register_module([
|
|||
|
||||
}
|
||||
|
||||
$content .= "<form method='post' name='edit-form' action='index.php?action=preview-edit&page=$env->page' class='editform'>
|
||||
$content .= "<form method='post' name='edit-form' action='index.php?action=preview-edit&page=" . rawurlencode($env->page) . "' class='editform'>
|
||||
<input type='hidden' name='prev-content-hash' value='" . ((isset($old_pagetext)) ? sha1($old_pagetext) : sha1($pagetext)) . "' />
|
||||
<textarea name='content' autofocus tabindex='1'>$pagetext</textarea>
|
||||
<pre class='fit-text-mirror'></pre>
|
||||
<input type='text' name='tags' value='$page_tags' placeholder='Enter some tags for the page here. Separate them with commas.' title='Enter some tags for the page here. Separate them with commas.' tabindex='2' />
|
||||
<input type='text' name='tags' value='" . htmlentities($page_tags) . "' placeholder='Enter some tags for the page here. Separate them with commas.' title='Enter some tags for the page here. Separate them with commas.' tabindex='2' />
|
||||
<p class='editing-message'>$settings->editing_message</p>
|
||||
<input name='preview-edit' class='edit-page-button' type='submit' value='Preview Changes' tabindex='4' />
|
||||
<input name='submit-edit' class='edit-page-button' type='submit' value='Save Page' tabindex='3' />
|
||||
|
|
Loading…
Reference in a new issue