escape strings

[bdrem.git] / src / bdrem / Renderer / HtmlTable.php

diff --git a/src/bdrem/Renderer/HtmlTable.php b/src/bdrem/Renderer/HtmlTable.php
index 574036fdb8c1fda9746313ce10f9e15f7bf73058..d8a723e6e556570b0fce4ea80d24158e175e81e8 100644 (file)
--- a/src/bdrem/Renderer/HtmlTable.php
+++ b/src/bdrem/Renderer/HtmlTable.php
@@ -1,8 +1,10 @@
 <?php
 namespace bdrem;
 
-class Renderer_HtmlTable
+class Renderer_HtmlTable extends Renderer
 {
+    protected $httpContentType = 'text/html; charset=utf-8';
+
     public function render($arEvents)
     {
         $s = <<<HTM
@@ -41,8 +43,8 @@ HTM;
                 . "</tr>\n",
                 $event->days,
                 $event->age,
-                $event->title,
-                $event->type,
+                htmlspecialchars($event->title),
+                htmlspecialchars($event->type),
                 $event->date,
                 strftime('%a', strtotime($event->localDate))
             );