current/SOURCES/Add_htmlspecialchars.patch

From 6057f47313819fa346dce7b72cf3922ba7931f1a Mon Sep 17 00:00:00 2001
From: Phy <i@phy25.com>
Date: Tue, 1 Aug 2017 13:07:29 +0800
Subject: [PATCH] Add htmlspecialchars when showing $DATE_AT

Fixes #2061
---
 doku.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doku.php b/doku.php
index 42624fd2e8..cbb4959142 100644
--- a/doku.php
+++ b/doku.php
@@ -62,7 +62,7 @@
     } else { // check for UNIX Timestamp
         $date_parse = @date('Ymd',$DATE_AT);
         if(!$date_parse || $date_parse === '19700101') {
-            msg(sprintf($lang['unable_to_parse_date'], $DATE_AT));
+            msg(sprintf($lang['unable_to_parse_date'], htmlspecialchars($DATE_AT)));
             $DATE_AT = null;
         }
     }
1	From 6057f47313819fa346dce7b72cf3922ba7931f1a Mon Sep 17 00:00:00 2001
2	From: Phy <i@phy25.com>
3	Date: Tue, 1 Aug 2017 13:07:29 +0800
4	Subject: [PATCH] Add htmlspecialchars when showing $DATE_AT
5
6	Fixes #2061
7	---
8	doku.php \| 2 +-
9	1 file changed, 1 insertion(+), 1 deletion(-)
10
11	diff --git a/doku.php b/doku.php
12	index 42624fd2e8..cbb4959142 100644
13	--- a/doku.php
14	+++ b/doku.php
15	@@ -62,7 +62,7 @@
16	} else { // check for UNIX Timestamp
17	$date_parse = @date('Ymd',$DATE_AT);
18	if(!$date_parse \|\| $date_parse === '19700101') {
19	- msg(sprintf($lang['unable_to_parse_date'], $DATE_AT));
20	+ msg(sprintf($lang['unable_to_parse_date'], htmlspecialchars($DATE_AT)));
21	$DATE_AT = null;
22	}
23	}