Skip to content
This repository has been archived by the owner on Sep 10, 2021. It is now read-only.

Commit

Permalink
Escape variables in landingpage module
Browse files Browse the repository at this point in the history
  • Loading branch information
Jamie Snape committed Dec 8, 2014
1 parent c8c82e3 commit 9148049
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion modules/landingpage/controllers/IndexCoreController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ public function indexAction()
$textDaos = $this->Landingpage_Text->getAll();
if (isset($textDaos[0])) {
$textDao = $textDaos[0];
$this->view->landingText = UtilityComponent::markdown($textDao->getText());
$this->view->landingText = UtilityComponent::markdown(htmlspecialchars($textDao->getText(), ENT_QUOTES, 'UTF-8'));
} else {
$this->callCoreAction();
}
Expand Down

0 comments on commit 9148049

Please sign in to comment.