diff options
| author | Frédéric Guillot <contact@fredericguillot.com> | 2014-02-24 18:29:09 -0500 |
|---|---|---|
| committer | Frédéric Guillot <contact@fredericguillot.com> | 2014-02-24 18:29:09 -0500 |
| commit | 8159cc99a64cfe563dccea6821348764fc40fb85 (patch) | |
| tree | 9904848c2d517ff8e5a28e47d31aa17e7cfd9c70 /templates/user_index.php | |
| parent | 64e2e072294563b7c834382c2de631687f235fe8 (diff) | |
Improve HTML escaping
Diffstat (limited to 'templates/user_index.php')
| -rw-r--r-- | templates/user_index.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/templates/user_index.php b/templates/user_index.php index 4b539599..ccc955fc 100644 --- a/templates/user_index.php +++ b/templates/user_index.php @@ -27,7 +27,7 @@ <?= $user['is_admin'] ? t('Yes') : t('No') ?> </td> <td> - <?= (isset($user['default_project_id']) && isset($projects[$user['default_project_id']])) ? $projects[$user['default_project_id']] : t('None'); ?> + <?= (isset($user['default_project_id']) && isset($projects[$user['default_project_id']])) ? Helper\escape($projects[$user['default_project_id']]) : t('None'); ?> </td> <td> <?php if (Helper\is_admin() || Helper\is_current_user($user['id'])): ?> |