diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2013-02-27 21:19:11 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2013-02-27 21:19:11 +0100 |
| commit | 85209287bba82cbc274ac624737248fe27aae8a2 (patch) | |
| tree | 75677a9fe072477731d848351dd7e22b6cd0267c /apps/files/templates | |
| parent | 4860d03270a9caa9c5e686c6eeb31fd8adfbedf5 (diff) | |
| download | nextcloud-server-85209287bba82cbc274ac624737248fe27aae8a2.tar.gz nextcloud-server-85209287bba82cbc274ac624737248fe27aae8a2.zip | |
[Files] Use htmlspecialchars()
Diffstat (limited to 'apps/files/templates')
| -rw-r--r-- | apps/files/templates/part.list.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/apps/files/templates/part.list.php b/apps/files/templates/part.list.php index 25763da57a8..86c2cc70766 100644 --- a/apps/files/templates/part.list.php +++ b/apps/files/templates/part.list.php @@ -34,9 +34,9 @@ <?php endif; ?> <span class="nametext"> <?php if($file['type'] == 'dir'):?> - <?php p($file['name']);?> + <?php print_unescaped(htmlspecialchars($file['name']));?> <?php else:?> - <?php p($file['basename']);?><span + <?php print_unescaped(htmlspecialchars($file['basename']));?><span class='extension'><?php p($file['extension']);?></span> <?php endif;?> </span> |