htmlentities -> htmlspecialchars

This commit is contained in:
2024-12-06 15:35:38 +08:00
parent daa005f029
commit d9b2d13caa
184 changed files with 410 additions and 405 deletions

View File

@@ -121,7 +121,7 @@ if(isset($_POST['startdate'])){
$password = $row['password'];
$langmask = $row['langmask'];
$description = $row['description'];
$title = htmlentities($row['title'],ENT_QUOTES,"UTF-8");
$title = htmlspecialchars($row['title'],ENT_QUOTES,"UTF-8");
$plist = "";
$sql = "SELECT `problem_id` FROM `contest_problem` WHERE `contest_id`=? ORDER BY `num`";
@@ -173,7 +173,7 @@ if(isset($_POST['startdate'])){
<p align=left>
<?php echo "<h4>".$MSG_CONTEST."-".$MSG_Description."</h4>"?>
<textarea class=kindeditor rows=13 name=description cols=80>
<?php echo htmlentities($description,ENT_QUOTES,'UTF-8')?>
<?php echo htmlspecialchars($description,ENT_QUOTES,'UTF-8')?>
</textarea>
<br>
<table width="100%">
@@ -206,7 +206,7 @@ if(isset($_POST['startdate'])){
<option value=1 <?php echo $private=='1'?'selected=selected':''?>><?php echo $MSG_Private?></option>
</select>
<?php echo $MSG_CONTEST."-".$MSG_PASSWORD?>:
<input type=text name=password style="width:150px;" value='<?php echo htmlentities($password,ENT_QUOTES,'utf-8')?>'>
<input type=text name=password style="width:150px;" value='<?php echo htmlspecialchars($password,ENT_QUOTES,'utf-8')?>'>
</p>
</td>
</tr>