diff options
author | Thomas Tanghus <thomas@tanghus.net> | 2012-02-02 17:53:46 +0100 |
---|---|---|
committer | Thomas Tanghus <thomas@tanghus.net> | 2012-02-02 17:54:30 +0100 |
commit | 6225b5ec869922a8e292610794bfda0f4dfdd77d (patch) | |
tree | 929acb50081df2e4b170fea4dba197e6e5afb818 /apps/contacts/templates/part.chooseaddressbook.rowfields.php | |
parent | 66b96e4440961483d026473fc6242599b3d51550 (diff) | |
download | nextcloud-server-6225b5ec869922a8e292610794bfda0f4dfdd77d.tar.gz nextcloud-server-6225b5ec869922a8e292610794bfda0f4dfdd77d.zip |
More in-/output sanitation,
Diffstat (limited to 'apps/contacts/templates/part.chooseaddressbook.rowfields.php')
-rw-r--r-- | apps/contacts/templates/part.chooseaddressbook.rowfields.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/apps/contacts/templates/part.chooseaddressbook.rowfields.php b/apps/contacts/templates/part.chooseaddressbook.rowfields.php index 0cbfe2bf803..95a4b2362aa 100644 --- a/apps/contacts/templates/part.chooseaddressbook.rowfields.php +++ b/apps/contacts/templates/part.chooseaddressbook.rowfields.php @@ -1,5 +1,5 @@ <?php // FIXME: Make this readable. echo "<td width=\"20px\"><input id=\"active_" . $_['addressbook']["id"] . "\" type=\"checkbox\" onClick=\"Contacts.UI.Addressbooks.activation(this, " . $_['addressbook']["id"] . ")\"" . (OC_Contacts_Addressbook::isActive($_['addressbook']["id"]) ? ' checked="checked"' : '') . "></td>"; - echo "<td><label for=\"active_" . $_['addressbook']["id"] . "\">" . $_['addressbook']["displayname"] . "</label></td>"; + echo "<td><label for=\"active_" . $_['addressbook']["id"] . "\">" . htmlspecialchars($_['addressbook']["displayname"]) . "</label></td>"; echo "<td width=\"20px\"><a href=\"#\" onclick=\"Contacts.UI.showCardDAVUrl('" . OC_User::getUser() . "', '" . $_['addressbook']["uri"] . "');\" title=\"" . $l->t("CardDav Link") . "\" class=\"action\"><img class=\"svg action\" src=\"../../core/img/actions/public.svg\"></a></td><td width=\"20px\"><a href=\"export.php?bookid=" . $_['addressbook']["id"] . "\" title=\"" . $l->t("Download") . "\" class=\"action\"><img class=\"svg action\" src=\"../../core/img/actions/download.svg\"></a></td><td width=\"20px\"><a href=\"#\" title=\"" . $l->t("Edit") . "\" class=\"action\" onclick=\"Contacts.UI.Addressbooks.editAddressbook(this, " . $_['addressbook']["id"] . ");\"><img class=\"svg action\" src=\"../../core/img/actions/rename.svg\"></a></td><td width=\"20px\"><a href=\"#\" onclick=\"Contacts.UI.Addressbooks.deleteAddressbook('" . $_['addressbook']["id"] . "');\" title=\"" . $l->t("Delete") . "\" class=\"action\"><img class=\"svg action\" src=\"../../core/img/actions/delete.svg\"></a></td>"; |