X-Git-Url: https://git.p6c8.net/form-email.git/blobdiff_plain/a2e35aed2b2920454ece2fd3aef9404a923dc238..e727168305eaf781e5640690a0369eaa4614ffc6:/form-email/functions.php?ds=inline diff --git a/form-email/functions.php b/form-email/functions.php index eb7f920..d8d6f71 100644 --- a/form-email/functions.php +++ b/form-email/functions.php @@ -67,7 +67,7 @@ function formdata($param) { # Rueckgabe: Bearbeiteter Text (String) function &plain(&$text,$linebreak='
') { - $htmltext = htmlentities($text); + $htmltext = htmlspecialchars($text); $htmltext = preg_replace("/\015\012|\012|\015/",$linebreak,$htmltext); for($x=0;$xparse_if_block('CAPTCHA',$captcha_enable); - $tpl->set_var('EMAIL', htmlentities($email)); + $tpl->set_var('EMAIL', htmlspecialchars($email)); $tpl->set_var('ERROR', $errmsg); - $tpl->set_var('NAME', htmlentities($name)); - $tpl->set_var('SUBJECT',htmlentities($subject)); - $tpl->set_var('TEXT', htmlentities($text)); + $tpl->set_var('NAME', htmlspecialchars($name)); + $tpl->set_var('SUBJECT',htmlspecialchars($subject)); + $tpl->set_var('TEXT', htmlspecialchars($text)); reset($user_fields); while(list($user_field,$user_field_data) = each($user_fields)) { - $tpl->set_var($user_field_data['tpl_var'],htmlentities(formdata($user_field))); + $tpl->set_var($user_field_data['tpl_var'],htmlspecialchars(formdata($user_field))); } $tpl->parse();