Fix encoding of username in plain `user` output
authorMatthias Schmidt <gravatronics@live.com>
Sun, 6 Sep 2020 12:53:46 +0000 (14:53 +0200)
committerMatthias Schmidt <gravatronics@live.com>
Sun, 6 Sep 2020 12:53:46 +0000 (14:53 +0200)
wcfsetup/install/files/lib/system/template/plugin/UserFunctionTemplatePlugin.class.php

index 0b856353927c8555760d3476fa5337fdadc3815c..4587380eb78c3640d50d9f2e2882a927df0249e0 100644 (file)
@@ -58,7 +58,7 @@ class UserFunctionTemplatePlugin implements IFunctionTemplatePlugin {
                        unset($tagArgs['type']);
                        
                        if ($type === 'plain') {
-                               $content = $object->getTitle();
+                               $content = StringUtil::encodeHTML($object->getTitle());
                        }
                        else if (preg_match('~^avatar(\d+)$~', $type, $matches)) {
                                $content = $object->getAvatar()->getImageTag($matches[1]);