Time-Tracker Demo: Escape html entities in output.

author: wei <> 2006-07-28 07:56:03 +0000
committer: wei <> 2006-07-28 07:56:03 +0000
commit: fbf05a159bc1a688940c16dc304eaaf140188b01 (patch)
tree: 9346b49526b9ef908e59039244b2f3c220f5a530 /demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl
parent: ff6db29dff9b4778b97d2234d08cdcc10770562a (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl b/demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl
index 7a19dadb..0b62300c 100644
--- a/demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl
+++ b/demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl
@@ -16,9 +16,9 @@
 
 	<prop:ItemTemplate>
 	  <tr>
-	  	<td class="categoryName"><%# $this->DataItem->Name %></td>
-	  	<td class="abbrev"><%# $this->DataItem->Abbreviation %></td>
-	  	<td class="duration"><%# $this->DataItem->EstimateDuration %></td>
+	  	<td class="categoryName"><%# h($this->DataItem->Name) %></td>
+	  	<td class="abbrev"><%# h($this->DataItem->Abbreviation) %></td>
+	  	<td class="duration"><%# h($this->DataItem->EstimateDuration) %></td>
 	  	<td class="edit">
 	  		<com:TButton Text="Edit" CommandName="edit"/>	  			
 	  		<com:TButton Text="Delete" CommandName="delete"
author	wei <>	2006-07-28 07:56:03 +0000
committer	wei <>	2006-07-28 07:56:03 +0000
commit	fbf05a159bc1a688940c16dc304eaaf140188b01 (patch)
tree	9346b49526b9ef908e59039244b2f3c220f5a530 /demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl
parent	ff6db29dff9b4778b97d2234d08cdcc10770562a (diff)