trac533 Removed redundant calls to htmlspecialcharacters().

XMLWriter::writeAttribute() already takes care of the escaping for
us, although that doesn't seem to be well documented.

diff --git a/lib/htmloutputter.php b/lib/htmloutputter.php
index f9245414f29348a90628363a21e7aeee879e6d38..7780b1c19d0c3af05980860ea1d3ae46efcb8a84 100644 (file)
--- a/lib/htmloutputter.php
+++ b/lib/htmloutputter.php
@@ -172,7 +172,7 @@ class HTMLOutputter extends XMLOutputter
                        'type' => 'text',
                        'id' => $id);
         if ($value) {
-            $attrs['value'] = htmlspecialchars($value);
+            $attrs['value'] = $value;
         }
         $this->element('input', $attrs);
         if ($instructions) {
@@ -206,7 +206,7 @@ class HTMLOutputter extends XMLOutputter
                        'class' => 'checkbox',
                        'id' => $id);
         if ($value) {
-            $attrs['value'] = htmlspecialchars($value);
+            $attrs['value'] = $value;
         }
         if ($checked) {
             $attrs['checked'] = 'checked';