summaryrefslogtreecommitdiffstats
path: root/frontends/php/include/classes
diff options
context:
space:
mode:
Diffstat (limited to 'frontends/php/include/classes')
-rw-r--r--frontends/php/include/classes/ctag.inc.php2
-rw-r--r--frontends/php/include/classes/cvar.inc.php4
2 files changed, 4 insertions, 2 deletions
diff --git a/frontends/php/include/classes/ctag.inc.php b/frontends/php/include/classes/ctag.inc.php
index 587bd1c9..2b462617 100644
--- a/frontends/php/include/classes/ctag.inc.php
+++ b/frontends/php/include/classes/ctag.inc.php
@@ -216,6 +216,8 @@
function SetHint($text, $width='', $class='')
{
+ insert_showhint_javascript();
+
$text = addslashes(htmlspecialchars($text));
if($width != '' || $class!= '')
{
diff --git a/frontends/php/include/classes/cvar.inc.php b/frontends/php/include/classes/cvar.inc.php
index 7b7c3a11..8703a559 100644
--- a/frontends/php/include/classes/cvar.inc.php
+++ b/frontends/php/include/classes/cvar.inc.php
@@ -27,11 +27,11 @@
parent::CTag('input','no');
$this->options['type'] = 'hidden';
$this->options['name'] = $name;
- $this->options['value'] = $value;
+ $this->SetValue($value);
}
function SetValue($value)
{
- $this->options['value'] = $value;
+ $this->options['value'] = htmlspecialchars($value);
}
}
generated by cgit (git 2.34.1) at 2026-03-03 21:37:52 +0000