projects / GitHub / WoltLab / WCF.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 64c0d1e)
Encode trophy description in received trophy user activity event
authorMatthias Schmidt <gravatronics@live.com>
Wed, 16 Aug 2017 15:32:54 +0000 (17:32 +0200)
committerMatthias Schmidt <gravatronics@live.com>
Wed, 16 Aug 2017 15:32:54 +0000 (17:32 +0200)
wcfsetup/install/files/lib/system/user/activity/event/TrophyReceivedUserActivityEvent.class.php patch | blob | blame | history

diff --git a/wcfsetup/install/files/lib/system/user/activity/event/TrophyReceivedUserActivityEvent.class.php b/wcfsetup/install/files/lib/system/user/activity/event/TrophyReceivedUserActivityEvent.class.php
index db723f3243d241025e01999210ec296a2e5b3be9..5bf88e9119f90df38b8fb8071b6c5a98730d92f2 100644 (file)
--- a/wcfsetup/install/files/lib/system/user/activity/event/TrophyReceivedUserActivityEvent.class.php
+++ b/wcfsetup/install/files/lib/system/user/activity/event/TrophyReceivedUserActivityEvent.class.php
@@ -3,6 +3,7 @@ namespace wcf\system\user\activity\event;
 use wcf\data\user\trophy\UserTrophyList;
 use wcf\system\SingletonFactory;
 use wcf\system\WCF;
+use wcf\util\StringUtil;
 
 /**
  * User activity event implementation for receiving a trophy.
@@ -38,7 +39,7 @@ class TrophyReceivedUserActivityEvent extends SingletonFactory implements IUserA
                                $event->setIsAccessible();
                                
                                $event->setTitle(WCF::getLanguage()->getDynamicVariable('wcf.user.trophy.recentActivity.received', ['userTrophy' => $trophies[$event->objectID]]));
-                               $event->setDescription($trophies[$event->objectID]->getDescription());
+                               $event->setDescription(StringUtil::encodeHTML($trophies[$event->objectID]->getDescription()));
                        }
                        else {
                                $event->setIsOrphaned();
WoltLab Suite Core (previously WoltLab Community Framework)