Escape title.

author Jan Schneider <jan@horde.org>

Fri, 15 Oct 2010 12:31:59 +0000 (14:31 +0200)

committer Jan Schneider <jan@horde.org>

Fri, 15 Oct 2010 12:31:59 +0000 (14:31 +0200)
author Jan Schneider <jan@horde.org>
Fri, 15 Oct 2010 12:31:59 +0000 (14:31 +0200)
committer Jan Schneider <jan@horde.org>
Fri, 15 Oct 2010 12:31:59 +0000 (14:31 +0200)
diff --git a/wicked/templates/edit/create.inc b/wicked/templates/edit/create.inc

index 93c33e9..4830f40 100644 (file)
--- a/wicked/templates/edit/create.inc
+++ b/wicked/templates/edit/create.inc
@@ -10,7 +10,7 @@
  <div class="headerbox" style="padding:5px">
  <?php if ($search_results): ?>
   <p>
-  <?php printf(_("%s does not exist, but maybe you were looking for one of the following pages?"), $this->referrer()) ?>
+  <?php printf(_("%s does not exist, but maybe you were looking for one of the following pages?"), htmlspecialchars($this->referrer())) ?>
   </p>
   <table class="linedRow" style="width:100%" cellspacing="0">
    <tr class="item leftAlign">
@@ -27,7 +27,7 @@
   </p>
  <?php else: ?>
   <p>
-  <?php printf(_("%s does not exist. Click on \"Create\" below if you want to create this page now and start editing."), $this->referrer()) ?>
+      <?php printf(_("%s does not exist. Click on \"Create\" below if you want to create this page now and start editing."), htmlspecialchars($this->referrer())) ?>
   </p>
  <?php endif; ?>
author	Jan Schneider <jan@horde.org>
	Fri, 15 Oct 2010 12:31:59 +0000 (14:31 +0200)
committer	Jan Schneider <jan@horde.org>
	Fri, 15 Oct 2010 12:31:59 +0000 (14:31 +0200)