summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorFrederic Guillot <fred@kanboard.net>2017-02-23 18:51:11 -0500
committerFrederic Guillot <fred@kanboard.net>2017-02-23 18:51:11 -0500
commitdd579937e36ec494372d8d99b49d0943ea2b721d (patch)
treebb6817dc1c8269ac1ddac6561b48ecca0057b01f /app
parent73b2f51fe53a9227fbea2ef8455672ec53e636ce (diff)
Add helper method to use implode() with HTML escaping
Diffstat (limited to 'app')
-rw-r--r--app/Helper/TextHelper.php13
-rw-r--r--app/Template/project_overview/information.php4
2 files changed, 15 insertions, 2 deletions
diff --git a/app/Helper/TextHelper.php b/app/Helper/TextHelper.php
index 66583cd1..89c1a8f3 100644
--- a/app/Helper/TextHelper.php
+++ b/app/Helper/TextHelper.php
@@ -25,6 +25,19 @@ class TextHelper extends Base
}
/**
+ * Join with HTML escaping
+ *
+ * @param $glue
+ * @param array $list
+ * @return string
+ */
+ public function implode($glue, array $list)
+ {
+ array_walk($list, function (&$value) { $value = htmlspecialchars($value, ENT_QUOTES, 'UTF-8', false); });
+ return implode($glue, $list);
+ }
+
+ /**
* Markdown transformation
*
* @param string $text
diff --git a/app/Template/project_overview/information.php b/app/Template/project_overview/information.php
index 0fe53e08..e8c20903 100644
--- a/app/Template/project_overview/information.php
+++ b/app/Template/project_overview/information.php
@@ -13,8 +13,8 @@
<?php foreach ($roles as $role => $role_name): ?>
<?php if (isset($users[$role])): ?>
<li>
- <?= $role_name ?>:
- <strong><?= implode(', ', $users[$role]) ?></strong>
+ <?= $this->text->e($role_name) ?>:
+ <strong><?= $this->text->implode(', ', $users[$role]) ?></strong>
</li>
<?php endif ?>
<?php endforeach ?>