Commit cb451bae authored by Leigh B. Stoller's avatar Leigh B. Stoller

Add html escaping.

parent 888f222c
<?php <?php
# #
# EMULAB-COPYRIGHT # EMULAB-COPYRIGHT
# Copyright (c) 2000-2005 University of Utah and the Flux Group. # Copyright (c) 2000-2006 University of Utah and the Flux Group.
# All rights reserved. # All rights reserved.
# #
include("defs.php3"); include("defs.php3");
...@@ -250,6 +250,7 @@ if (isset($idx)) { ...@@ -250,6 +250,7 @@ if (isset($idx)) {
USERERROR("No such knowledge_base entry: $idx", 1); USERERROR("No such knowledge_base entry: $idx", 1);
} }
$defaults = mysql_fetch_array($query_result); $defaults = mysql_fetch_array($query_result);
$defaults[body] = htmlspecialchars($defaults[body], ENT_QUOTES);
} }
# #
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment