diff options
| author | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-11-15 23:55:52 +0000 |
|---|---|---|
| committer | Gábor Hojtsy <gabor@hojtsy.hu> | 2007-11-15 23:55:52 +0000 |
| commit | 9c6e88636803dbdd660991e2d9458be5a74dfbd2 (patch) | |
| tree | e996a7077ad6a78d30dd45b088e2bb76e95203b1 /modules | |
| parent | 2934e7834aea1093179f6fbdd715e8b15f3d5e21 (diff) | |
| download | brdo-9c6e88636803dbdd660991e2d9458be5a74dfbd2.tar.gz brdo-9c6e88636803dbdd660991e2d9458be5a74dfbd2.tar.bz2 | |
#189409 by Arancaytar: use filter_xss() to filter content type descriptions, instead of printing them verbatim (on one occassion) and printing them with check_plain() erroneusly on another
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/node/content_types.inc | 2 | ||||
| -rw-r--r-- | modules/node/node.pages.inc | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/modules/node/content_types.inc b/modules/node/content_types.inc index 85b1bb1d3..c5950815b 100644 --- a/modules/node/content_types.inc +++ b/modules/node/content_types.inc @@ -23,7 +23,7 @@ function node_overview_types() { $row = array( l($name, 'admin/content/types/'. $type_url_str), check_plain($type->type), - check_plain($type->description), + filter_xss($type->description), ); // Set the edit column. $row[] = array('data' => l(t('edit'), 'admin/content/types/'. $type_url_str)); diff --git a/modules/node/node.pages.inc b/modules/node/node.pages.inc index fe112af8c..cceb6bdf8 100644 --- a/modules/node/node.pages.inc +++ b/modules/node/node.pages.inc @@ -29,7 +29,7 @@ function theme_node_add_list($content) { $output = '<dl class="node-type-list">'; foreach ($content as $item) { $output .= '<dt>'. l($item['title'], $item['href'], $item['options']) .'</dt>'; - $output .= '<dd>'. $item['description'] .'</dd>'; + $output .= '<dd>'. filter_xss($item['description']) .'</dd>'; } $output .= '</dl>'; } |