From a086745ec021add5638a0527d4e8e14835591e93 Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 18 Mar 2019 13:19:24 +0100 Subject: ENT_COMPAT will only take care of double-quotes. Use double-quotes here to prevent XSS --- Zotlabs/Module/Viewconnections.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs/Module/Viewconnections.php') diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php index 0a5e86907..14a5ccb86 100644 --- a/Zotlabs/Module/Viewconnections.php +++ b/Zotlabs/Module/Viewconnections.php @@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ""; + $o .= ''; $tpl = get_markup_template("viewcontact_template.tpl"); $o .= replace_macros($tpl, array( '$title' => t('View Connections'), -- cgit v1.2.3 From 2ec3e4a912777501f232d6255fe8ba5d0c147eee Mon Sep 17 00:00:00 2001 From: Mario Vavti Date: Mon, 18 Mar 2019 13:29:08 +0100 Subject: use urlencode --- Zotlabs/Module/Viewconnections.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'Zotlabs/Module/Viewconnections.php') diff --git a/Zotlabs/Module/Viewconnections.php b/Zotlabs/Module/Viewconnections.php index 14a5ccb86..30df0b9e4 100644 --- a/Zotlabs/Module/Viewconnections.php +++ b/Zotlabs/Module/Viewconnections.php @@ -107,7 +107,7 @@ class Viewconnections extends \Zotlabs\Web\Controller { killme(); } else { - $o .= ''; + $o .= ""; $tpl = get_markup_template("viewcontact_template.tpl"); $o .= replace_macros($tpl, array( '$title' => t('View Connections'), -- cgit v1.2.3