From: Michael M Slusarz Date: Tue, 8 Sep 2009 21:55:03 +0000 (-0600) Subject: Fix escaping title (tooltip) text X-Git-Url: https://git.internetallee.de/?a=commitdiff_plain;h=a1ba596addce9de898ff5df0d00ca5025bfea02a;p=horde.git Fix escaping title (tooltip) text --- diff --git a/framework/Core/lib/Horde.php b/framework/Core/lib/Horde.php index 28b15b28c..09bb92b98 100644 --- a/framework/Core/lib/Horde.php +++ b/framework/Core/lib/Horde.php @@ -1314,7 +1314,7 @@ HTML; * @param string $class The CSS class of the link * @param string $target The window target to point to. * @param string $onclick JavaScript action for the 'onclick' event. - * @param string $title The link title (tooltip). + * @param string $title The link title (tooltip). Unescaped. * @param string $accesskey The access key to use. * @param array $attributes Any other name/value pairs to add to the * tag. @@ -1327,10 +1327,7 @@ HTML; $attributes = array()) { if (!empty($title)) { - $charset = Horde_Nls::getCharset(); - $old_error = error_reporting(0); - $title = '<pre>' . preg_replace(array('/\n/', '/((?))/em', '/

/', '/
/'), array('', 'str_repeat(" ", strlen("$1"))', '<br /> <br />', '<br />'), nl2br(htmlspecialchars(htmlspecialchars($title, ENT_QUOTES, $charset), ENT_QUOTES, $charset))) . '</pre>'; - error_reporting($old_error); + $title = htmlspecialchars($title, ENT_QUOTES, Horde_Nls::getCharset()); } return self::link($url, $title, $class, $target, $onclick, null, $accesskey, $attributes, false);