Commit ec105f3a02e20bee2bfcf99de49bc122a3ea756d
1 parent
b49ec3a9
Merged in from STABLE trunk...
KTS-4314 "RSS is not shown when folder/fiename/workflowname contains diacritic letters" Fixed. Added htmlspecialchars to effected strings. Committed By: Kevin Fourie Reviewed By: Megan Watson git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/STABLE/branches/3.5.3-Release-Branch@8960 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
9 additions
and
9 deletions
plugins/rssplugin/KTrss.inc.php
| @@ -393,18 +393,18 @@ class KTrss{ | @@ -393,18 +393,18 @@ class KTrss{ | ||
| 393 | 393 | ||
| 394 | <table width='95%'>\n | 394 | <table width='95%'>\n |
| 395 | <tr>\n | 395 | <tr>\n |
| 396 | - <td>"._kt('Filename').": ".$aItem[0][0][filename]."</td>\n | 396 | + <td>"._kt('Filename').": ".htmlspecialchars($aItem[0][0][filename], ENT_QUOTES, 'UTF-8')."</td>\n |
| 397 | </tr>\n | 397 | </tr>\n |
| 398 | <tr>\n | 398 | <tr>\n |
| 399 | - <td>"._kt('Author').": ".$aItem[0][0][author]."</td>\n | 399 | + <td>"._kt('Author').": ".htmlspecialchars($aItem[0][0][author], ENT_QUOTES, 'UTF-8')."</td>\n |
| 400 | </tr>\n | 400 | </tr>\n |
| 401 | <tr>\n | 401 | <tr>\n |
| 402 | - <td>"._kt('Owner').": ".$owner."</td>\n | 402 | + <td>"._kt('Owner').": ".htmlspecialchars($owner, ENT_QUOTES, 'UTF-8')."</td>\n |
| 403 | <td></td>\n | 403 | <td></td>\n |
| 404 | </tr>\n | 404 | </tr>\n |
| 405 | ".$type."\n | 405 | ".$type."\n |
| 406 | <tr>\n | 406 | <tr>\n |
| 407 | - <td>"._kt('Workflow status').": ".$workflow."</td>\n | 407 | + <td>"._kt('Workflow status').": ".htmlspecialchars($workflow, ENT_QUOTES, 'UTF-8')."</td>\n |
| 408 | <td></td>\n | 408 | <td></td>\n |
| 409 | </tr>\n | 409 | </tr>\n |
| 410 | </table><br>\n | 410 | </table><br>\n |
| @@ -417,19 +417,19 @@ class KTrss{ | @@ -417,19 +417,19 @@ class KTrss{ | ||
| 417 | foreach($aItem[1] as $item){ | 417 | foreach($aItem[1] as $item){ |
| 418 | $htmlItem .= "<tr>\n | 418 | $htmlItem .= "<tr>\n |
| 419 | <td>".$item[type]." name:</td>\n | 419 | <td>".$item[type]." name:</td>\n |
| 420 | - <td>".$item[name]."</td>\n | 420 | + <td>".htmlspecialchars($item[name], ENT_QUOTES, 'UTF-8')."</td>\n |
| 421 | </tr>\n | 421 | </tr>\n |
| 422 | <tr>\n | 422 | <tr>\n |
| 423 | <td>Path:</td>\n | 423 | <td>Path:</td>\n |
| 424 | - <td>".$item[fullpath]."</td>\n | 424 | + <td>".htmlspecialchars($item[fullpath], ENT_QUOTES, 'UTF-8')."</td>\n |
| 425 | </tr>\n | 425 | </tr>\n |
| 426 | <tr>\n | 426 | <tr>\n |
| 427 | <td>Transaction:</td>\n | 427 | <td>Transaction:</td>\n |
| 428 | - <td>".$item[transaction_name]."</td>\n | 428 | + <td>".htmlspecialchars($item[transaction_name], ENT_QUOTES, 'UTF-8')."</td>\n |
| 429 | </tr>\n | 429 | </tr>\n |
| 430 | <tr>\n | 430 | <tr>\n |
| 431 | <td>Comment:</td>\n | 431 | <td>Comment:</td>\n |
| 432 | - <td>".$item[comment]."</td>\n | 432 | + <td>".htmlspecialchars($item[comment], ENT_QUOTES, 'UTF-8')."</td>\n |
| 433 | </tr>\n | 433 | </tr>\n |
| 434 | <tr>\n"; | 434 | <tr>\n"; |
| 435 | 435 | ||
| @@ -444,7 +444,7 @@ class KTrss{ | @@ -444,7 +444,7 @@ class KTrss{ | ||
| 444 | </tr>\n | 444 | </tr>\n |
| 445 | <tr>\n | 445 | <tr>\n |
| 446 | <td>User:</td>\n | 446 | <td>User:</td>\n |
| 447 | - <td>".$item[user_name]."</td>\n | 447 | + <td>".htmlspecialchars($item[user_name], ENT_QUOTES, 'UTF-8')."</td>\n |
| 448 | </tr>\n | 448 | </tr>\n |
| 449 | <tr>\n | 449 | <tr>\n |
| 450 | <td colspan='2'><hr width='100' align='left'></td>\n | 450 | <td colspan='2'><hr width='100' align='left'></td>\n |