From 054af3ca4cc668b2455a45740ccd40982314a3b7 Mon Sep 17 00:00:00 2001 From: Evgeny Gryaznov Date: Wed, 22 Aug 2007 20:03:43 +0000 Subject: [PATCH] 1.0.7 RC2 (fix html escaping in ajax & operator window) git-svn-id: https://webim.svn.sourceforge.net/svnroot/webim/trunk@19 c66351dc-e62f-0410-b875-e3a5c0b9693f --- src/webim/operator/update.php | 6 +++--- src/webim/view/chat_ajaxed.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/src/webim/operator/update.php b/src/webim/operator/update.php index 6ff7efc0..91abdc2e 100644 --- a/src/webim/operator/update.php +++ b/src/webim/operator/update.php @@ -49,9 +49,9 @@ function thread_to_xml($thread) { $result .= " canopen=\"true\""; $result .= " state=\"$state\">"; - $result .= "".htmlspecialchars(get_user_name($thread['userName'])).""; - $result .= "".htmlspecialchars($thread['remote']).""; - $result .= "".htmlspecialchars($threadoperator).""; + $result .= "".htmlspecialchars(htmlspecialchars(get_user_name($thread['userName']))).""; + $result .= "".htmlspecialchars(htmlspecialchars($thread['remote'])).""; + $result .= "".htmlspecialchars(htmlspecialchars($threadoperator)).""; $result .= ""; $result .= "".$thread['unix_timestamp(dtmmodified)']."000"; $result .= ""; diff --git a/src/webim/view/chat_ajaxed.php b/src/webim/view/chat_ajaxed.php index 0e4b4f90..a614648e 100644 --- a/src/webim/view/chat_ajaxed.php +++ b/src/webim/view/chat_ajaxed.php @@ -87,7 +87,7 @@ var threadParams = { servl:"/webim/thread.php",frequency:2, - ">
+ ">