diff options
author | Thomas Lange <code@nerdmind.de> | 2021-08-26 20:42:05 +0200 |
---|---|---|
committer | Thomas Lange <code@nerdmind.de> | 2021-08-26 20:47:18 +0200 |
commit | 6bee39204b737591214ca9f1f12949dfeeac34c6 (patch) | |
tree | 8451b03fdeb40afdbd4a6f847f64a312e62f3aa2 /core/include | |
parent | d09433b4f11a44fe23b9b6e9415a1011296d6a8d (diff) | |
download | blog-6bee39204b737591214ca9f1f12949dfeeac34c6.tar.gz blog-6bee39204b737591214ca9f1f12949dfeeac34c6.tar.xz blog-6bee39204b737591214ca9f1f12949dfeeac34c6.zip |
Don't use wrapper function "escapeHTML" internally
Don't use the template function "escapeHTML" internally and replace all
occurrences outside of the template files with "htmlspecialchars".
Diffstat (limited to 'core/include')
-rw-r--r-- | core/include/search/main.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/core/include/search/main.php b/core/include/search/main.php index 9e7c0a7..de7be9a 100644 --- a/core/include/search/main.php +++ b/core/include/search/main.php @@ -29,7 +29,7 @@ if($search = HTTP::GET('q')) { try { if (!$posts = $PostRepository->search($search, $filter, $site_size, $offset)) { - $message = $Language->text('search_no_results', escapeHTML($search)); + $message = $Language->text('search_no_results', htmlspecialchars($search)); } } catch(PDOException $Exception) { $message = $Exception->getMessage(); @@ -84,7 +84,7 @@ if(!empty($posts)) { $MainTemplate = Template\Factory::build('main'); $MainTemplate->set('HTML', $ResultTemplate); $MainTemplate->set('HEAD', [ - 'NAME' => $Language->text('title_search_results', escapeHTML($search)), + 'NAME' => $Language->text('title_search_results', htmlspecialchars($search)), 'PERM' => Application::getURL('search/') ]); } |