htmlentities -> htmlspecialchars
This commit is contained in:
@@ -81,7 +81,7 @@ if (isset($_POST['do'])) {
|
||||
|
||||
$sql = "insert into `privilege`(user_id,rightstr,valuestr,defunct) values(?,?,?,'N')";
|
||||
$rows = pdo_query($sql,$user_id,$rightstr,$valuestr);
|
||||
echo "<center><h4 class='text-danger'>User ".htmlentities($_POST['user_id'], ENT_QUOTES, 'UTF-8')."'s Privilege Added!</h4></center>";
|
||||
echo "<center><h4 class='text-danger'>User ".htmlspecialchars($_POST['user_id'], ENT_QUOTES, 'UTF-8')."'s Privilege Added!</h4></center>";
|
||||
}
|
||||
?>
|
||||
<form method=post>
|
||||
|
||||
Reference in New Issue
Block a user