fix merge conflicts

author: Georg Ehrke <ownclouddev@georgswebsite.de> 2012-02-02 17:48:29 +0100
committer: Georg Ehrke <ownclouddev@georgswebsite.de> 2012-02-02 17:48:29 +0100
commit: f81ac815506f385b2258a60f7cab9ca611ef29a1 (patch)
tree: 4df22690c65ef48b061df2c6ad3f739a61ad2977 /apps/calendar/ajax
parent: f870f9efcf36a3c7e839b8c37195d94bfa92d6fe (diff)
parent: 92b8f3238658782e6eb5a4285185a8fae6665f05 (diff)
download: nextcloud-server-f81ac815506f385b2258a60f7cab9ca611ef29a1.tar.gz
nextcloud-server-f81ac815506f385b2258a60f7cab9ca611ef29a1.zip
3 files changed, 4 insertions, 4 deletions
diff --git a/apps/calendar/ajax/createcalendar.php b/apps/calendar/ajax/createcalendar.php
index b719b207c74..08bf7b4ee49 100644
--- a/apps/calendar/ajax/createcalendar.php
+++ b/apps/calendar/ajax/createcalendar.php
@@ -25,7 +25,7 @@ foreach($calendars as $cal){
 }
 
 $userid = OC_User::getUser();
-$calendarid = OC_Calendar_Calendar::addCalendar($userid, $_POST['name'], 'VEVENT,VTODO,VJOURNAL', null, 0, $_POST['color']);
+$calendarid = OC_Calendar_Calendar::addCalendar($userid, htmlspecialchars($_POST['name']), 'VEVENT,VTODO,VJOURNAL', null, 0, $_POST['color']);
 OC_Calendar_Calendar::setCalendarActive($calendarid, 1);
 
 $calendar = OC_Calendar_Calendar::find($calendarid);
diff --git a/apps/calendar/ajax/events.php b/apps/calendar/ajax/events.php
index 73bdfcc270b..dd593ddec99 100644
--- a/apps/calendar/ajax/events.php
+++ b/apps/calendar/ajax/events.php
@@ -11,8 +11,8 @@ require_once('../../../3rdparty/when/When.php');
 
 function addoutput($event, $vevent, $return_event){
 	$return_event['id'] = (int)$event['id'];
-	$return_event['title'] = $event['summary'];
-	$return_event['description'] = isset($vevent->DESCRIPTION)?$vevent->DESCRIPTION->value:'';
+	$return_event['title'] = htmlspecialchars($event['summary']);
+	$return_event['description'] = isset($vevent->DESCRIPTION)?htmlspecialchars($vevent->DESCRIPTION->value):'';
 	$last_modified = $vevent->__get('LAST-MODIFIED');
 	if ($last_modified){
 		$lastmodified = $last_modified->getDateTime()->format('U');
diff --git a/apps/calendar/ajax/updatecalendar.php b/apps/calendar/ajax/updatecalendar.php
index 269b7b7ca06..90dafd35b68 100644
--- a/apps/calendar/ajax/updatecalendar.php
+++ b/apps/calendar/ajax/updatecalendar.php
@@ -26,7 +26,7 @@ foreach($calendars as $cal){
 
 $calendarid = $_POST['id'];
 $calendar = OC_Calendar_App::getCalendar($calendarid);//access check
-OC_Calendar_Calendar::editCalendar($calendarid, $_POST['name'], null, null, null, $_POST['color']);
+OC_Calendar_Calendar::editCalendar($calendarid, htmlspecialchars($_POST['name']), null, null, null, $_POST['color']);
 OC_Calendar_Calendar::setCalendarActive($calendarid, $_POST['active']);
 
 $calendar = OC_Calendar_App::getCalendar($calendarid);
author	Georg Ehrke <ownclouddev@georgswebsite.de>	2012-02-02 17:48:29 +0100
committer	Georg Ehrke <ownclouddev@georgswebsite.de>	2012-02-02 17:48:29 +0100
commit	f81ac815506f385b2258a60f7cab9ca611ef29a1 (patch)
tree	4df22690c65ef48b061df2c6ad3f739a61ad2977 /apps/calendar/ajax
parent	f870f9efcf36a3c7e839b8c37195d94bfa92d6fe (diff)
parent	92b8f3238658782e6eb5a4285185a8fae6665f05 (diff)
download	nextcloud-server-f81ac815506f385b2258a60f7cab9ca611ef29a1.tar.gz nextcloud-server-f81ac815506f385b2258a60f7cab9ca611ef29a1.zip