From fbf05a159bc1a688940c16dc304eaaf140188b01 Mon Sep 17 00:00:00 2001
From: wei <>
Date: Fri, 28 Jul 2006 07:56:03 +0000
Subject: Time-Tracker Demo: Escape html entities in output.

---
 demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl')

diff --git a/demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl b/demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl
index 7a19dadb..0b62300c 100644
--- a/demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl
+++ b/demos/time-tracker/protected/pages/TimeTracker/CategoryDataList.tpl
@@ -16,9 +16,9 @@
 
 	<prop:ItemTemplate>
 	  <tr>
-	  	<td class="categoryName"><%# $this->DataItem->Name %></td>
-	  	<td class="abbrev"><%# $this->DataItem->Abbreviation %></td>
-	  	<td class="duration"><%# $this->DataItem->EstimateDuration %></td>
+	  	<td class="categoryName"><%# h($this->DataItem->Name) %></td>
+	  	<td class="abbrev"><%# h($this->DataItem->Abbreviation) %></td>
+	  	<td class="duration"><%# h($this->DataItem->EstimateDuration) %></td>
 	  	<td class="edit">
 	  		<com:TButton Text="Edit" CommandName="edit"/>	  			
 	  		<com:TButton Text="Delete" CommandName="delete"
-- 
cgit v1.2.3