From: garvinhicking Date: Tue, 26 Jul 2005 19:31:15 +0000 (+0000) Subject: Backport: Show category description on mouse over X-Git-Tag: 0.8.3~21 X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=3e3b23c01a4a53df15596b25476d9d005ac32ebe;p=s9y.git Backport: Show category description on mouse over --- diff --git a/docs/NEWS b/docs/NEWS index 521e991..94919fa 100644 --- a/docs/NEWS +++ b/docs/NEWS @@ -14,6 +14,9 @@ Version 0.8.3 () XML_RPC to 1.3.3 Fixing several bugs and vulnerabilities. (nohn) + * Make categories sidebar plugin show categories' description, not the + name on mouse over (garvinhicking) + * Fix possible exploit that sends comments to the blog owner and others with arbitrary mailheaders and a link to invalid entries. Thanks to Sebastian Raible! (garvinhicking) diff --git a/include/plugin_internal.inc.php b/include/plugin_internal.inc.php index 2c4ca7c..afd2f50 100644 --- a/include/plugin_internal.inc.php +++ b/include/plugin_internal.inc.php @@ -991,7 +991,7 @@ class serendipity_categories_plugin extends serendipity_plugin { if ( !empty($image) ) { $html .= 'XML '; } - $html .= ''. $cat['category_name'] .''; + $html .= ''. htmlspecialchars($cat['category_name']) .''; $html .= '' . "\n"; } }