| commit | 2ff5031c1d223b10b74738519833122d08595fa6 | |
| author | bradymiller <bradymiller@users.sourceforge.net> | |
| Sat, 12 Mar 2011 21:55:45 +0000 (12 13:55 -0800) | ||
| committer | bradymiller <bradymiller@users.sourceforge.net> | |
| Sat, 19 Mar 2011 03:14:10 +0000 (18 20:14 -0700) | ||
| tree | 4cc086c1b48f24cee40f4882b31db136f056d106 | treesnapshot (tar.gz zip) |
| parent | 86e35386f34098bd05c6ab780594234a0a7902b8 | commitdiff |
Quick bug fix: Escaping of a string literal within an onClick tag.
Pretty tough fix. For some reason, it works if run through addslashes()
and htmlspecialchars(). Pretty weird. We should avoid ever displaying
javascript code that needs to be escaped if within the onClick tag to
avoid this situation.
Further discussed here:
http://stackoverflow.com/questions/97578/how-do-i-escape-a-string-inside-javascript-inside-an-onclick-handler
Pretty tough fix. For some reason, it works if run through addslashes()
and htmlspecialchars(). Pretty weird. We should avoid ever displaying
javascript code that needs to be escaped if within the onClick tag to
avoid this situation.
Further discussed here:
http://stackoverflow.com/questions/97578/how-do-i-escape-a-string-inside-javascript-inside-an-onclick-handler
| library/ajax/payment_ajax.php | diffblobblamehistory |