]> git.mxchange.org Git - friendica.git/blobdiff - view/templates/install_settings.tpl
projects / friendica.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Escape values to input fields (and some 'title' and 'alt')
[friendica.git] / view / templates / install_settings.tpl
diff --git a/view/templates/install_settings.tpl b/view/templates/install_settings.tpl
index 53450141d40b0aa9345c9856a3514557f978501a..735672fe6e749f3e01dd7299c57ccc8dbb1e406a 100644 (file)
--- a/view/templates/install_settings.tpl
+++ b/view/templates/install_settings.tpl
@@ -10,17 +10,17 @@
 
 <form id="install-form" action="{{$baseurl}}/install" method="post">
 
-<input type="hidden" name="phpath" value="{{$phpath}}" />
-<input type="hidden" name="dbhost" value="{{$dbhost}}" />
-<input type="hidden" name="dbuser" value="{{$dbuser}}" />
-<input type="hidden" name="dbpass" value="{{$dbpass}}" />
-<input type="hidden" name="dbdata" value="{{$dbdata}}" />
+<input type="hidden" name="phpath" value="{{$phpath|escape:'html'}}" />
+<input type="hidden" name="dbhost" value="{{$dbhost|escape:'html'}}" />
+<input type="hidden" name="dbuser" value="{{$dbuser|escape:'html'}}" />
+<input type="hidden" name="dbpass" value="{{$dbpass|escape:'html'}}" />
+<input type="hidden" name="dbdata" value="{{$dbdata|escape:'html'}}" />
 <input type="hidden" name="pass" value="4" />
 
 {{include file="field_input.tpl" field=$adminmail}}
 {{$timezone}}
 
-<input id="install-submit" type="submit" name="submit" value="{{$submit}}" /> 
+<input id="install-submit" type="submit" name="submit" value="{{$submit|escape:'html'}}" /> 
 
 </form>
 
Unnamed repository; edit this file 'description' to name the repository.