diff options
| author | ivan <ivan> | 2003-07-30 22:16:36 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2003-07-30 22:16:36 +0000 |
| commit | 3c7fb6a60c385fece59ef0bc663cfcf1b3c6ae9c (patch) | |
| tree | 7c9343f8f2706a68a96afc187a56e32521b16484 | |
| parent | 766daf46f28869a1199056ef3a5335eaa0f93154 (diff) | |
escape HTML entities when showing in printable format
| -rwxr-xr-x | shift.cgi | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -2,7 +2,7 @@ #!/usr/bin/perl -Tw # (Text::Template can't do -T, but no user input is used dangerously) # -# $Id: shift.cgi,v 1.5 2002-07-10 01:08:49 ivan Exp $ +# $Id: shift.cgi,v 1.6 2003-07-30 22:16:36 ivan Exp $ # # Copyright (C) 2000 Adam Gould # Copyright (C) 2000 Michal Migurski @@ -49,6 +49,7 @@ use Text::Template; use Mail::Internet; use Mail::Header; use Date::Format; +use HTML::Entities; $cgi = new CGI; @@ -209,7 +210,7 @@ sub form { sub inputbox { my $field = shift; - return $shifthash{$field} || " " + return encode_entities($shifthash{$field}) || " " if $magic eq 'print'; $shifthash{$field}='' unless defined $shifthash{$field}; $warning{$field}='' unless defined $warning{$field}; |