htmlspecialchars the text for the text box so things like <a href>'s work.

2008-07-02 15:52:51 +00:00 · 2008-07-02 15:52:51 +00:00 · 66ec01cd60
commit 66ec01cd60
parent a8fadb3046
1 changed files with 1 additions and 1 deletions
--- a/admin/translations.php
+++ b/admin/translations.php
@ -117,7 +117,7 @@ while($r=mysql_fetch_object($q))
 	echo "<td rowspan=\"2\" valign=\"middle\" ><input type=\"submit\" value=\"".i18n("Save")."\" /></td>";
 	echo "</tr>";
 	echo "<tr>";
-	echo "<td valign=\"top\"><input style=\"width: 95%\" type=\"text\" name=\"val\" value=\"$r->val\" /></td>";
+	echo "<td valign=\"top\"><input style=\"width: 95%\" type=\"text\" name=\"val\" value=\"".htmlspecialchars($r->val)."\" /></td>";
 	echo "</tr>";
 	echo "<tr><td colspan=\"2\"><hr /></td></tr>";
 	echo "</form>\n";