specialchars() text in search results

darcs-hash:20080709225942-84dde-80c201825f566af717456f13d17e7382ce234692.gz
This commit is contained in:
Evan Prodromou 2008-07-09 18:59:42 -04:00
parent 09e1b247f9
commit 7469d14787

View File

@ -158,7 +158,7 @@ class PeoplesearchAction extends Action {
function highlight($text, $terms) { function highlight($text, $terms) {
$pattern = '/('.implode('|',array_map('htmlspecialchars', $terms)).')/i'; $pattern = '/('.implode('|',array_map('htmlspecialchars', $terms)).')/i';
$result = preg_replace($pattern, '<strong>\\1</strong>', $text); $result = preg_replace($pattern, '<strong>\\1</strong>', htmlspecialchars($text));
return $result; return $result;
} }
} }