diff options
author | fwenzel@mozilla.com <fwenzel@mozilla.com@4eb1ac78-321c-0410-a911-ec516a8615a5> | 2007-03-23 18:32:06 (GMT) |
---|---|---|
committer | fwenzel@mozilla.com <fwenzel@mozilla.com@4eb1ac78-321c-0410-a911-ec516a8615a5> | 2007-03-23 18:32:06 (GMT) |
commit | af9bc7cde8356165491ff11414e3fc1d2324cd97 (patch) | |
tree | a4b5d0beb12353c9ff6f0d6dfb54057e4096dc4f /site/app/app_controller.php | |
parent | b7b9fcca470f422c0fdb58c524619faa46a42962 (diff) |
replacing htmlentities() by sanitize->html() for about the 500th time now
git-svn-id: http://svn.mozilla.org/addons/trunk@2875 4eb1ac78-321c-0410-a911-ec516a8615a5
Diffstat (limited to 'site/app/app_controller.php')
-rw-r--r-- | site/app/app_controller.php | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/site/app/app_controller.php b/site/app/app_controller.php index 44f187d..20eb491 100644 --- a/site/app/app_controller.php +++ b/site/app/app_controller.php @@ -232,6 +232,8 @@ class AppController extends Controller */ function publish($viewvar, $value, $sanitizeme = true) { if ($sanitizeme) { + uses('Sanitize'); + if (!isset($this->Sanitize)) $this->Sanitize = new Sanitize(); $this->_sanitizeArray($value); } $this->set($viewvar, $value); @@ -261,7 +263,7 @@ class AppController extends Controller } elseif (is_string($data)) { // encode the string - $data = htmlentities($data, ENT_QUOTES, 'UTF-8'); + $data = $this->Sanitize->html($data); } // otherwise, we don't do anything (with ints or null etc.). } |