(mostly harmless) XSS fix in server add

This commit is contained in:
Andy Staudacher
2009-08-30 21:34:55 -07:00
parent fc294c2777
commit bd52a85f98
@@ -9,7 +9,7 @@
<? foreach ($parents as $dir): ?>
<li class="ui-icon-left">
<span class="ui-icon ui-icon-folder-open"></span>
<span ondblclick="open_dir('<?= $dir ?>')">
<span ondblclick="open_dir(<?= html::js_string($dir) ?>)">
<?= html::clean(basename($dir)) ?>
</span>
<ul>
@@ -22,7 +22,7 @@
<? if (is_dir($file)): ?>
ondblclick="open_dir($(this).attr('file'))"
<? endif ?>
file="<?= strtr($file, array('"' => '\\"')) ?>"
file="<?= html::clean_attribute($file) ?>"
>
<?= html::clean(basename($file)) ?>
</span>