Escape values to input fields (and some 'title' and 'alt')

2015-02-16 09:30:12 +01:00 · 2015-02-16 09:30:12 +01:00 · 9d3fb417c2
commit 9d3fb417c2
parent e051da8203
64 changed files with 209 additions and 186 deletions
--- a/view/templates/invite.tpl
+++ b/view/templates/invite.tpl
@ -24,7 +24,7 @@
 </div>

 <div id="invite-submit-wrapper">
-<input type="submit" name="submit" value="{{$submit}}" />
+<input type="submit" name="submit" value="{{$submit|escape:'html'}}" />
 </div>

 </div>