[moodle] / moodle / mod / data / lib.php Repository:

Diff of /moodle/mod/data/lib.php

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 1.147, Fri Apr 4 10:54:37 2008 WST revision 1.148, Wed Apr 9 14:08:23 2008 WST

By dongsheng:

MDL-14137, replace htmlentities with htmlspecialchars, merged from MOODLE_19_STABLE

# Line 1812  Line 1812 
1812    
1813      $presetxml .= "<settings>\n";      $presetxml .= "<settings>\n";
1814      foreach ($settingssaved as $setting) {      foreach ($settingssaved as $setting) {
1815          $presetxml .= "<$setting>".htmlentities($data->$setting)."</$setting>\n";          $presetxml .= "<$setting>".htmlspecialchars($data->$setting, ENT_QUOTES)."</$setting>\n";
1816      }      }
1817      $presetxml .= "</settings>\n\n";      $presetxml .= "</settings>\n\n";
1818    
# Line 1822  Line 1822 
1822              $presetxml .= "<field>\n";              $presetxml .= "<field>\n";
1823              foreach ($field as $key => $value) {              foreach ($field as $key => $value) {
1824                  if ($value != '' && $key != 'id' && $key != 'dataid') {                  if ($value != '' && $key != 'id' && $key != 'dataid') {
1825                      $presetxml .= "<$key>".htmlentities($value)."</$key>\n";                      $presetxml .= "<$key>".htmlspecialchars($value, ENT_QUOTES)."</$key>\n";
1826                  }                  }
1827              }              }
1828              $presetxml .= "</field>\n\n";              $presetxml .= "</field>\n\n";
Legend:
Removed from v.1.147  
changed lines
  Added in v.1.148
Moodle CVS Admin
 ViewVC Help
Powered by ViewVC 1.0.7