Index: branches/5.2.x/core/units/admin/admin_tag_processor.php
===================================================================
diff -u -N -r15618 -r15856
--- branches/5.2.x/core/units/admin/admin_tag_processor.php (.../admin_tag_processor.php) (revision 15618)
+++ branches/5.2.x/core/units/admin/admin_tag_processor.php (.../admin_tag_processor.php) (revision 15856)
@@ -1,6 +1,6 @@
Application->Phrase($params['label']);
- $ret = str_replace(Array('<', '>', 'br/', 'br /', "\n", "\r"), Array('<', '>', 'br', 'br', '', ''), $ret);
- if (getArrayValue($params, 'escape')) {
- $ret = addslashes($ret);
- }
- $ret = str_replace('
', '\n', $ret);
- return $ret;
- }
-
/**
* Draws section tabs using block name passed
*
@@ -978,10 +967,9 @@
foreach ($a_data as $a_row) {
$cells = '';
- $a_row = array_map('htmlspecialchars', $a_row);
foreach ($a_row as $value) {
- $cells .= '' . $value . ' | ';
+ $cells .= '' . kUtil::escape($value, kUtil::ESCAPE_HTML) . ' | ';
}
$ret .= $this->Application->ParseBlock(Array ('name' => $block, 'cells' => $cells));