summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
Diffstat (limited to 'apps')
-rw-r--r--apps/contacts/ajax/addproperty.php1
-rw-r--r--apps/contacts/ajax/saveproperty.php1
2 files changed, 2 insertions, 0 deletions
diff --git a/apps/contacts/ajax/addproperty.php b/apps/contacts/ajax/addproperty.php
index 03a45532f9b..028974e1c66 100644
--- a/apps/contacts/ajax/addproperty.php
+++ b/apps/contacts/ajax/addproperty.php
@@ -66,6 +66,7 @@ foreach($current as $item) {
if(is_array($value)) {
ksort($value); // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form!
+ $value = array_map('strip_tags', $value);
} else {
$value = strip_tags($value);
}
diff --git a/apps/contacts/ajax/saveproperty.php b/apps/contacts/ajax/saveproperty.php
index 6c8132c1dbf..0c9e0cc7836 100644
--- a/apps/contacts/ajax/saveproperty.php
+++ b/apps/contacts/ajax/saveproperty.php
@@ -52,6 +52,7 @@ $checksum = isset($_POST['checksum'])?$_POST['checksum']:null;
// }
if(is_array($value)){ // FIXME: How to strip_tags for compound values?
+ $value = array_map('strip_tags', $value);
ksort($value); // NOTE: Important, otherwise the compound value will be set in the order the fields appear in the form!
$value = OC_VObject::escapeSemicolons($value);
} else {
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-28 13:42:13 +0000