HTML escape substituted parameter values to avoid injection attacks.
authorTom Hughes <tom@compton.nu>
Fri, 23 Nov 2007 00:49:55 +0000 (00:49 +0000)
committerTom Hughes <tom@compton.nu>
Fri, 23 Nov 2007 00:49:55 +0000 (00:49 +0000)
commit2cbcabb3f6992904903a72dfbcef624bd391a314
treee01c347adbc4a176ebaf2afe4cef82d4d2aa201a
parent7b172efeb62dca337e356dab0d14c69ec51216b7
HTML escape substituted parameter values to avoid injection attacks.
app/views/diary_entry/new.rhtml
app/views/message/new.rhtml
app/views/site/_search.rhtml
app/views/site/edit.rhtml
app/views/site/index.rhtml
app/views/user/account.rhtml
app/views/user/login.rhtml