From 67f77fa3fab1636936e6a5735373296685c894d4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zden=C4=9Bk=20Borovec?= Date: Sun, 21 Jul 2024 00:38:51 +0200 Subject: [PATCH] fix article editor not escaping html --- docs/www/blog/writearticle.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/www/blog/writearticle.php b/docs/www/blog/writearticle.php index b76e34d..1a7e141 100644 --- a/docs/www/blog/writearticle.php +++ b/docs/www/blog/writearticle.php @@ -288,7 +288,7 @@ if(isset($_GET["guid"])) { $title_prefill = $result["title"]; $address_prefill = $result["readable_address"]; $abstract_prefill = $result["abstract"]; - $content_prefill = $result["content"]; + $content_prefill = sanitize_input($result["content"]); // select the tags for this article from the database $stmt = $conn->prepare("SELECT blogpost_tags.name FROM