From 854fef47192b45517d112e630fe2afa830432253 Mon Sep 17 00:00:00 2001 From: Laria Carolin Chabowski Date: Fri, 25 Sep 2020 22:26:52 +0200 Subject: Cast POSTed data into strings before passing it into Esc::esc --- ratatoeskr/frontend.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'ratatoeskr/frontend.php') diff --git a/ratatoeskr/frontend.php b/ratatoeskr/frontend.php index f49e61e..0bac1e4 100644 --- a/ratatoeskr/frontend.php +++ b/ratatoeskr/frontend.php @@ -454,9 +454,9 @@ $ste->register_tag("comment_form", function ($ste, $params, $sub) { $previewbtn = $ste->evalbool(@$params["previewbtn"]) ? " " : ""; if ($ste->evalbool(@$params["default"])) { - $form_body = "

{$translation["comment_form_name"]}:

-

{$translation["comment_form_mail"]}:

-

{$translation["comment_form_text"]}:

+ $form_body = "

{$translation["comment_form_name"]}:

+

{$translation["comment_form_mail"]}:

+

{$translation["comment_form_text"]}:

$previewbtn

"; } else { $ste->vars["current"]["oldcomment"] = [ -- cgit v1.2.3-70-g09d2