htmlentities -> htmlspecialchars
This commit is contained in:
@@ -29,7 +29,7 @@ if (isset($_GET['pid'])){
|
||||
|
||||
if ($result){
|
||||
$row=$result[0];
|
||||
echo "<a href='userinfo.php?user=".htmlentities($row['user_id'],ENT_QUOTES,'utf-8')."'>".htmlentities($row['user_id'],ENT_QUOTES,'utf-8')."</a>";
|
||||
echo "<a href='userinfo.php?user=".htmlspecialchars($row['user_id'],ENT_QUOTES,'utf-8')."'>".htmlspecialchars($row['user_id'],ENT_QUOTES,'utf-8')."</a>";
|
||||
}else{
|
||||
echo "$MSG_IMPORTED";
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user