htmlentities -> htmlspecialchars
This commit is contained in:
@@ -37,7 +37,7 @@ if(isset($_POST['pid'])){
|
||||
if($pieces[0]=="") unset($pieces[0]);
|
||||
$plist=implode(",",$pieces);
|
||||
|
||||
$content="[plist=".$plist."]".htmlentities($_POST['keyword'],ENT_QUOTES,"utf-8")."[/plist]";
|
||||
$content="[plist=".$plist."]".htmlspecialchars($_POST['keyword'],ENT_QUOTES,"utf-8")."[/plist]";
|
||||
}
|
||||
?>
|
||||
|
||||
|
||||
Reference in New Issue
Block a user