s4
changeset 920:7149f283294b
Header string in SQL should not be htmlescaped
author | HIROSE Yuuji <yuuji@gentei.org> |
---|---|
date | Sun, 10 Jan 2021 10:13:44 +0900 |
parents | 27edbd91022c |
children | 7b887bea6ecd |
files | s4-blog.sh |
diffstat | 1 files changed, 3 insertions(+), 2 deletions(-) [+] |
line diff
1.1 --- a/s4-blog.sh Fri Jan 08 20:44:40 2021 +0900 1.2 +++ b/s4-blog.sh Sun Jan 10 10:13:44 2021 +0900 1.3 @@ -762,12 +762,13 @@ 1.4 brid=$(($brid + 0)) # Ensure to be a number 1.5 [ $brid = 0 ] && continue 1.6 time=`getvalbyid blog ctime $brid|colrm 11` 1.7 - title=`getvalbyid blog title $brid|htmlescape` 1.8 + title=`getvalbyid blog title $brid` 1.9 + titleH=`echo "$title"|htmlescape` 1.10 state=`getvalbyid blog state $brid|htmlescape` 1.11 tt="handout_$brid" 1.12 [ "$state" = "frozen" ] && frozen=" $FROZEN_TAG" || frozen="" 1.13 if [ -z "$CATCSV" ]; then 1.14 - echo "<h2>$time - <a href=\"?replyblog+$brid\">$title</a>$frozen</h2>" 1.15 + echo "<h2>$time - <a href=\"?replyblog+$brid\">$titleH</a>$frozen</h2>" 1.16 lshandoutsub "$owner" $brid "$tt" 1.17 else 1.18 lshandoutsub "$owner" $brid "$tt" >/dev/null # Only create temp.table