diff options
author | Christoph Brill <egore911@egore911.de> | 2012-02-02 19:42:56 +0100 |
---|---|---|
committer | Christoph Brill <egore911@egore911.de> | 2012-03-26 00:17:34 +0200 |
commit | 764577780285fde694b7e460fd6bc02c94b56167 (patch) | |
tree | 03bd8f8da04ae7abb794452f99a23e337b7b34c5 /index.php | |
parent | 4dfb7217125573470d9c6667139dbb5f0dc28398 (diff) |
Porperly escape HTML special chars in IRC
Diffstat (limited to 'index.php')
-rw-r--r-- | index.php | 3 |
1 files changed, 2 insertions, 1 deletions
@@ -223,11 +223,12 @@ if (!isset($date)) { if (!filter_join($line)) { $user = get_user($line); $user_clean = substr($user, 2, -1); + $user = htmlentities($user, ENT_QUOTES); $isUser = array_search($user_clean, $users); if ($isUser !== false) { echo '<span style="color: '.$colors[$isUser].'">'; } - $line = str_replace('&', '&', $line); + $line = htmlentities($line, ENT_QUOTES); if ($show_html == 'true') { $line = preg_replace($pattern, "\\1<a href=\"\\2\\3\">\\2\\3</a>\\4", $line); } |