PrivateCoffee/wishthis
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix: #80 special characters in wishlist dropdown

Browse source
This commit is contained in:
grandeljay 2023-08-25 13:11:43 +02:00
parent 7027012539
commit 0523000708
3 changed files with 5 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/assets/js/parts/wishlists.js
View file

@ -47,7 +47,8 @@ $(function () {
$('.ui.dropdown.wishlists') $('.ui.dropdown.wishlists')
.dropdown({ .dropdown({
onChange : function(wishlist_id, text, choice) { 'preserveHTML' : false,
'onChange' : function(wishlist_id, text, choice) {
wishthis.$_GET.id = wishlist_id; wishthis.$_GET.id = wishlist_id;
if (wishlist_id) { if (wishlist_id) {

4
src/classes/wishthis/Wishlist.php
View file

@ -44,8 +44,8 @@ class Wishlist
$this->exists = true; $this->exists = true;
foreach ($columns as $key => $value) { foreach ($columns as $key => $value) {
if ('string' === gettype($value)) { if (is_string($value)) {
$this->$key = Sanitiser::render($value); $this->$key = html_entity_decode($value);
} else { } else {
$this->$key = $value; $this->$key = $value;
} }

2
src/pages/register.php
View file

@ -173,7 +173,7 @@ if (isset($_POST['email'], $_POST['password']) && !empty($_POST['planet'])) {
*/ */
if ($userRegistered) { if ($userRegistered) {
$user_id = $database->lastInsertID(); $user_id = $database->lastInsertID();
$wishlist_name = Sanitiser::getTitle(__('My hopes and dreams')); $wishlist_name = addslashes(filter_var(__('My hopes and dreams'), FILTER_SANITIZE_SPECIAL_CHARS));
$wishlist_hash = sha1(time() . $user_id . $wishlist_name); $wishlist_hash = sha1(time() . $user_id . $wishlist_name);
$database $database