diff options
| author | Thomas Tanghus <thomas@tanghus.net> | 2012-02-20 14:36:21 +0100 |
|---|---|---|
| committer | Thomas Tanghus <thomas@tanghus.net> | 2012-02-20 14:36:21 +0100 |
| commit | 456ada01fa44a5de3146f58ea5de60baffe31521 (patch) | |
| tree | c3d6035639735df0ef6fd857afd3581cbe415f14 | |
| parent | 12bcbcdc62989bec8222888320aa22aeda06c82c (diff) | |
| download | nextcloud-server-456ada01fa44a5de3146f58ea5de60baffe31521.tar.gz nextcloud-server-456ada01fa44a5de3146f58ea5de60baffe31521.zip | |
Contacts: Apply strip_tags on compound values.
| -rw-r--r-- | apps/contacts/ajax/addproperty.php | 1 | ||||
| -rw-r--r-- | apps/contacts/ajax/saveproperty.php | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/apps/contacts/ajax/addproperty.php b/apps/contacts/ajax/addproperty.php index 03a45532f9b..028974e1c66 100644 --- a/apps/contacts/ajax/addproperty.php +++ b/apps/contacts/ajax/addproperty.php @@ -66,6 +66,7 @@ foreach($current as $item) { if(is_array($value)) { ksort($value); // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form! + $value = array_map('strip_tags', $value); } else { $value = strip_tags($value); } diff --git a/apps/contacts/ajax/saveproperty.php b/apps/contacts/ajax/saveproperty.php index 6c8132c1dbf..0c9e0cc7836 100644 --- a/apps/contacts/ajax/saveproperty.php +++ b/apps/contacts/ajax/saveproperty.php @@ -52,6 +52,7 @@ $checksum = isset($_POST['checksum'])?$_POST['checksum']:null; // } if(is_array($value)){ // FIXME: How to strip_tags for compound values? + $value = array_map('strip_tags', $value); ksort($value); // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form! $value = OC_VObject::escapeSemicolons($value); } else { |