escape strings

author Christian Weiske <christian.weiske@netresearch.de>

Thu, 13 Feb 2014 07:32:28 +0000 (08:32 +0100)

committer Christian Weiske <christian.weiske@netresearch.de>

Thu, 13 Feb 2014 07:32:28 +0000 (08:32 +0100)
author Christian Weiske <christian.weiske@netresearch.de>
Thu, 13 Feb 2014 07:32:28 +0000 (08:32 +0100)
committer Christian Weiske <christian.weiske@netresearch.de>
Thu, 13 Feb 2014 07:32:28 +0000 (08:32 +0100)
diff --git a/src/bdrem/Renderer/HtmlTable.php b/src/bdrem/Renderer/HtmlTable.php

index bcfa9fe0d3e893aaf506b557f1f18fc7e11a6a03..d8a723e6e556570b0fce4ea80d24158e175e81e8 100644 (file)
--- a/src/bdrem/Renderer/HtmlTable.php
+++ b/src/bdrem/Renderer/HtmlTable.php
@@ -43,8 +43,8 @@ HTM;
                  . "</tr>\n",
                  $event->days,
                  $event->age,
-                $event->title,
-                $event->type,
+                htmlspecialchars($event->title),
+                htmlspecialchars($event->type),
                  $event->date,
                  strftime('%a', strtotime($event->localDate))
              );
author	Christian Weiske <christian.weiske@netresearch.de>
	Thu, 13 Feb 2014 07:32:28 +0000 (08:32 +0100)
committer	Christian Weiske <christian.weiske@netresearch.de>
	Thu, 13 Feb 2014 07:32:28 +0000 (08:32 +0100)