Skip to content

Commit

Permalink
Escape values written to HTML attributes
Browse files Browse the repository at this point in the history
  • Loading branch information
@benthemonkey
benthemonkey committed Feb 26, 2016
1 parent b7c1c7e commit 2eb019e
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions spc-committee-headquarters.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,8 +129,8 @@ function getFullName($slivkans, $nu_email)
} elseif ($i == $rowcount - 1) {
echo '<td class="totals">';
} else {
echo '<td data-event="'.$points_table['events'][$i].'" data-contributions="'.$td['contributions'].'" ';
echo 'data-comments="'.$td['comments'].'" class="pts';
echo '<td data-event="'.htmlentities($points_table['events'][$i]).'" data-contributions="'.$td['contributions'].'" ';
echo 'data-comments="'.htmlentities($td['comments']).'" class="pts';

if ($td['filled_by']) {
echo ' blue';
Expand Down

0 comments on commit 2eb019e

Please sign in to comment.