htmlentities -> htmlspecialchars

This commit is contained in:
2024-12-06 15:35:38 +08:00
parent daa005f029
commit d9b2d13caa
184 changed files with 410 additions and 405 deletions

View File

@@ -127,7 +127,7 @@ include_once("kindeditor.php");
$password = $row['password'];
$langmask = $row['langmask'];
$description = $row['description'];
$title = htmlentities($row['title'], ENT_QUOTES, "UTF-8");
$title = htmlspecialchars($row['title'], ENT_QUOTES, "UTF-8");
$plist = "";
$sql = "SELECT `problem_id` FROM `contest_problem` WHERE `contest_id`=? ORDER BY `num`";
@@ -183,7 +183,7 @@ include_once("kindeditor.php");
<p align=left>
<?php echo "<h4>" . $MSG_CONTEST . "-" . $MSG_Description . "</h4>" ?>
<textarea class=kindeditor rows=13 name=description cols=80>
<?php echo htmlentities($description, ENT_QUOTES, 'UTF-8') ?>
<?php echo htmlspecialchars($description, ENT_QUOTES, 'UTF-8') ?>
</textarea>
<br>
<table width="100%">
@@ -222,7 +222,7 @@ include_once("kindeditor.php");
</select>
<?php echo $MSG_CONTEST . "-" . $MSG_PASSWORD ?>:
<input type=text name=password style="width:150px;"
value='<?php echo htmlentities($password, ENT_QUOTES, 'utf-8') ?>'>
value='<?php echo htmlspecialchars($password, ENT_QUOTES, 'utf-8') ?>'>
</p>
</td>
</tr>