From 22e647b7679838413edd3376741ca1e35d56d86a Mon Sep 17 00:00:00 2001
From: Heikki Hokkanen <hoxu@users.sf.net>
Date: Tue, 24 Jan 2012 18:11:53 +0200
Subject: [PATCH] Wrap notices using htmlentities_wrapper().

Just in case user input ends up in notices.
---
 templates/header.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/header.php b/templates/header.php
index dccf056..cccb53e 100644
--- a/templates/header.php
+++ b/templates/header.php
@@ -22,7 +22,7 @@ VGPlugin::call_hooks('page_start');
 if (isset($page['notices'])) {
 	echo '<div class="notices">';
 	foreach ($page['notices'] as $n) {
-		echo "<p class=\"$n[class]\">$n[message]</p>";
+		echo "<p class=\"$n[class]\">". htmlentities_wrapper($n['message']) ."</p>";
 	}
 	echo '</div>';
 }
-- 
2.11.4.GIT