diff options
| author | Fabio Comuni <fabrix.xm@gmail.com> | 2011-09-26 11:42:48 +0200 |
|---|---|---|
| committer | Fabio Comuni <fabrix.xm@gmail.com> | 2011-09-26 11:42:48 +0200 |
| commit | 5792b3d3580b9f09460305858293398d8d8a9abf (patch) | |
| tree | 90d60e9db4ed733a60c2890c7305d45ddd48be42 /mod/message.php | |
| parent | 991656a3ef396d9a6bd43ddb752627c2880b17ba (diff) | |
| parent | 428e6766411d2c6708ad25f726c4bcf1d64af1cc (diff) | |
| download | volse-hubzilla-5792b3d3580b9f09460305858293398d8d8a9abf.tar.gz volse-hubzilla-5792b3d3580b9f09460305858293398d8d8a9abf.tar.bz2 volse-hubzilla-5792b3d3580b9f09460305858293398d8d8a9abf.zip | |
Merge branch 'master' into newui
Diffstat (limited to 'mod/message.php')
| -rw-r--r-- | mod/message.php | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/mod/message.php b/mod/message.php index cc94730bc..1bee45d48 100644 --- a/mod/message.php +++ b/mod/message.php @@ -159,10 +159,10 @@ function message_content(&$a) { '$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'], '$sparkle' => ' sparkle', '$from_photo' => $rr['thumb'], - '$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), + '$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')), '$delete' => t('Delete conversation'), - '$body' => $rr['body'], - '$to_name' => $rr['name'], + '$body' => template_escape($rr['body']), + '$to_name' => template_escape($rr['name']), '$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A')) )); } @@ -221,14 +221,14 @@ function message_content(&$a) { } $o .= replace_macros($tpl, array( '$id' => $message['id'], - '$from_name' =>$message['from-name'], + '$from_name' => template_escape($message['from-name']), '$from_url' => $from_url, '$sparkle' => $sparkle, '$from_photo' => $message['from-photo'], - '$subject' => $message['title'], - '$body' => smilies(bbcode($message['body'])), + '$subject' => template_escape($message['title']), + '$body' => template_escape(smilies(bbcode($message['body']))), '$delete' => t('Delete message'), - '$to_name' => $message['name'], + '$to_name' => template_escape($message['name']), '$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A') )); @@ -240,7 +240,7 @@ function message_content(&$a) { '$header' => t('Send Reply'), '$to' => t('To:'), '$subject' => t('Subject:'), - '$subjtxt' => $message['title'], + '$subjtxt' => template_escape($message['title']), '$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ', '$yourmessage' => t('Your message:'), '$select' => $select, |