badmanners/shimmie2
badmanners/shimmie2
Archived
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

html_escape on build_selector

Browse source
This commit is contained in:
Luana 2023-06-25 20:48:03 -03:00 committed by Shish
parent 819a5b16e9
commit 969a1eeab1
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
core/basethemelet.php
View file

@ -201,7 +201,7 @@ class BaseThemelet
* @param bool $empty_option Whether the first option should be an empty one. * @param bool $empty_option Whether the first option should be an empty one.
* @param array $selected_options The values of options that should be pre-selected. * @param array $selected_options The values of options that should be pre-selected.
*/ */
protected function build_selector(string $name, array $options, string $attributes, bool $empty_option=false, array $selected_options=[]): string protected function build_selector(string $name, array $options, string $attributes="", bool $empty_option=false, array $selected_options=[]): string
{ {
$output = "<select name='" . $name . "' " . $attributes . ">"; $output = "<select name='" . $name . "' " . $attributes . ">";
@ -211,9 +211,9 @@ class BaseThemelet
foreach ($options as $value => $op) { foreach ($options as $value => $op) {
if (in_array($value, $selected_options)) { if (in_array($value, $selected_options)) {
$output .= "<option value='" . $value . "' selected>" . $op . "</option>"; $output .= "<option value='" . $value . "' selected>" . html_escape($op) . "</option>";
} else { } else {
$output .= "<option value='" . $value . "' >" . $op . "</option>"; $output .= "<option value='" . $value . "' >" . html_escape($op) . "</option>";
} }
} }