diff options
| author | Steven Wittens <steven@10.no-reply.drupal.org> | 2006-04-07 11:34:09 +0000 |
|---|---|---|
| committer | Steven Wittens <steven@10.no-reply.drupal.org> | 2006-04-07 11:34:09 +0000 |
| commit | c5cb3059607b3961ece274a3608145f14305a485 (patch) | |
| tree | f66f7adb347c6dd8bcdfd5f632eea0322f85669e /modules | |
| parent | c706d11a0d1c69805937ff703b0a93951ae2c5e7 (diff) | |
| download | brdo-c5cb3059607b3961ece274a3608145f14305a485.tar.gz brdo-c5cb3059607b3961ece274a3608145f14305a485.tar.bz2 | |
- Menu titles were not escaped properly
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/menu.module | 8 | ||||
| -rw-r--r-- | modules/menu/menu.module | 8 |
2 files changed, 8 insertions, 8 deletions
diff --git a/modules/menu.module b/modules/menu.module index f3556548e..c36e68798 100644 --- a/modules/menu.module +++ b/modules/menu.module @@ -120,14 +120,14 @@ function menu_block($op = 'list', $delta = 0) { foreach ($root_menus as $mid => $title) { // Default "Navigation" block is handled by user.module. if ($mid != 1) { - $blocks[$mid]['info'] = $title; + $blocks[$mid]['info'] = check_plain($title); } } return $blocks; } else if ($op == 'view') { $item = menu_get_item($delta); - $data['subject'] = $item['title']; + $data['subject'] = check_plain($item['title']); $data['content'] = theme('menu_tree', $delta); return $data; } @@ -611,7 +611,7 @@ function menu_overview_tree() { $operations[] = l(t('add item'), 'admin/menu/item/add/'. $mid); $table = theme('item_list', $operations); $table .= theme('table', $header, menu_overview_tree_rows($mid)); - $output .= theme('box', $title, $table); + $output .= theme('box', check_plain($title), $table); } return $output; } @@ -628,7 +628,7 @@ function menu_overview_tree_rows($pid = 0, $depth = 0) { $title = ''; if ($pid == 0) { // Top-level items are menu names, and don't have an associated path. - $title .= $item['title']; + $title .= check_plain($item['title']); } else { $title .= l($item['title'], $item['path']); diff --git a/modules/menu/menu.module b/modules/menu/menu.module index f3556548e..c36e68798 100644 --- a/modules/menu/menu.module +++ b/modules/menu/menu.module @@ -120,14 +120,14 @@ function menu_block($op = 'list', $delta = 0) { foreach ($root_menus as $mid => $title) { // Default "Navigation" block is handled by user.module. if ($mid != 1) { - $blocks[$mid]['info'] = $title; + $blocks[$mid]['info'] = check_plain($title); } } return $blocks; } else if ($op == 'view') { $item = menu_get_item($delta); - $data['subject'] = $item['title']; + $data['subject'] = check_plain($item['title']); $data['content'] = theme('menu_tree', $delta); return $data; } @@ -611,7 +611,7 @@ function menu_overview_tree() { $operations[] = l(t('add item'), 'admin/menu/item/add/'. $mid); $table = theme('item_list', $operations); $table .= theme('table', $header, menu_overview_tree_rows($mid)); - $output .= theme('box', $title, $table); + $output .= theme('box', check_plain($title), $table); } return $output; } @@ -628,7 +628,7 @@ function menu_overview_tree_rows($pid = 0, $depth = 0) { $title = ''; if ($pid == 0) { // Top-level items are menu names, and don't have an associated path. - $title .= $item['title']; + $title .= check_plain($item['title']); } else { $title .= l($item['title'], $item['path']); |