How to see the problem: create an entry with a title that uses some character that htmlspecialchars() would escape (a double quote works, a left angle bracket works, etc.). Look at that entry's title in the Recent Entries plugin.
What the problem is: it seems everywhere else the title is escaped with htmlspecialchars() before display, and the body of the link generated by the Recent Entries plugin should also escape the title before display (this is on line 226 of plugins/serendipity_plugin_recententries/serendipity_plugin_recententries.php). You'll note that it's run on $entry['title'] for the title attribute of the article link, but it's not run on the body of the link itself.
Recent Entries plugin displays titles incorrectly
-
garvinhicking
- Core Developer
- Posts: 30022
- Joined: Tue Sep 16, 2003 9:45 pm
- Location: Cologne, Germany
- Contact:
Re: Recent Entries plugin displays titles incorrectly
Hi!
A good catch, many thanks. I've committed your change!
Regards,
Garvin
A good catch, many thanks. I've committed your change!
Regards,
Garvin
# Garvin Hicking (s9y Developer)
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/
# Did I help you? Consider making me happy: http://wishes.garv.in/
# or use my PayPal account "paypal {at} supergarv (dot) de"
# My "other" hobby: http://flickr.garv.in/