X-Git-Url: https://git.p6c8.net/form-email.git/blobdiff_plain/a2e35aed2b2920454ece2fd3aef9404a923dc238..e727168305eaf781e5640690a0369eaa4614ffc6:/form-email/functions.php?ds=inline
diff --git a/form-email/functions.php b/form-email/functions.php
index eb7f920..d8d6f71 100644
--- a/form-email/functions.php
+++ b/form-email/functions.php
@@ -67,7 +67,7 @@ function formdata($param) {
# Rueckgabe: Bearbeiteter Text (String)
function &plain(&$text,$linebreak='
') {
- $htmltext = htmlentities($text);
+ $htmltext = htmlspecialchars($text);
$htmltext = preg_replace("/\015\012|\012|\015/",$linebreak,$htmltext);
for($x=0;$xparse_if_block('CAPTCHA',$captcha_enable);
- $tpl->set_var('EMAIL', htmlentities($email));
+ $tpl->set_var('EMAIL', htmlspecialchars($email));
$tpl->set_var('ERROR', $errmsg);
- $tpl->set_var('NAME', htmlentities($name));
- $tpl->set_var('SUBJECT',htmlentities($subject));
- $tpl->set_var('TEXT', htmlentities($text));
+ $tpl->set_var('NAME', htmlspecialchars($name));
+ $tpl->set_var('SUBJECT',htmlspecialchars($subject));
+ $tpl->set_var('TEXT', htmlspecialchars($text));
reset($user_fields);
while(list($user_field,$user_field_data) = each($user_fields)) {
- $tpl->set_var($user_field_data['tpl_var'],htmlentities(formdata($user_field)));
+ $tpl->set_var($user_field_data['tpl_var'],htmlspecialchars(formdata($user_field)));
}
$tpl->parse();