From 85209287bba82cbc274ac624737248fe27aae8a2 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Wed, 27 Feb 2013 21:19:11 +0100
Subject: [PATCH] [Files] Use htmlspecialchars()

---
 apps/files/templates/part.list.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/apps/files/templates/part.list.php b/apps/files/templates/part.list.php
index 25763da57a..86c2cc7076 100644
--- a/apps/files/templates/part.list.php
+++ b/apps/files/templates/part.list.php
@@ -34,9 +34,9 @@
 		<?php endif; ?>
 			<span class="nametext">
 				<?php if($file['type'] == 'dir'):?>
-					<?php p($file['name']);?>
+					<?php print_unescaped(htmlspecialchars($file['name']));?>
 				<?php else:?>
-					<?php p($file['basename']);?><span
+					<?php print_unescaped(htmlspecialchars($file['basename']));?><span
 						class='extension'><?php p($file['extension']);?></span>
 				<?php endif;?>
 			</span>
-- 
GitLab