From cfb10dc58c37a2bd9f4fda57b765de07a13b32b8 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Wed, 6 Mar 2013 13:05:22 +0100
Subject: [PATCH] Add warning about sanitization

---
 lib/template.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/template.php b/lib/template.php
index 398f9de065..434c1e9e99 100644
--- a/lib/template.php
+++ b/lib/template.php
@@ -519,12 +519,13 @@ class OC_Template{
 	/**
 		* @brief Print a fatal error page and terminates the script
 		* @param string $error The error message to show
-		* @param string $hint An option hint message
+		* @param string $hint An optional hint message 
+		* Warning: All data passed to $hint needs to get sanitized using OC_Util::sanitizeHTML
 		*/
 	public static function printErrorPage( $error_msg, $hint = '' ) {
 		$content = new OC_Template( '', 'error', 'error' );
 		$errors = array(array('error' => $error_msg, 'hint' => $hint));
-		$content->assign( 'errors', $errors, false );
+		$content->assign( 'errors', $errors );
 		$content->printPage();
 		die();
 	}
-- 
GitLab