diff --git a/lam/lib/modules.inc b/lam/lib/modules.inc
index 622de971..8badd0a8 100644
--- a/lam/lib/modules.inc
+++ b/lam/lib/modules.inc
@@ -563,8 +563,12 @@ function parseHtml($module, $input, $values, $restricted, &$tabindex, &$tabindex
$output = "";
- if (isset($values[$input[$i][$j]['name']])) echo $values[$input[$i][$j]['name']];
- else echo $input[$i][$j]['value'];
+ if (isset($values[$input[$i][$j]['name']])) {
+ echo htmlspecialchars($values[$input[$i][$j]['name']], ENT_QUOTES, "UTF-8");
+ }
+ else {
+ echo htmlspecialchars($input[$i][$j]['value'], ENT_QUOTES, "UTF-8");
+ }
echo "";
break;
// inner fieldset
@@ -650,12 +660,20 @@ function parseHtml($module, $input, $values, $restricted, &$tabindex, &$tabindex
}
foreach ($options as $option) {
if (isset($input[$i][$j]['descriptiveOptions']) && ($input[$i][$j]['descriptiveOptions'] === true)) {
- if (in_array($option[0], $input[$i][$j]['options_selected'])) echo "\n";
- else echo "\n";
+ if (in_array($option[0], $input[$i][$j]['options_selected'])) {
+ echo "\n";
+ }
+ else {
+ echo "\n";
+ }
}
elseif ($option!='') {
- if (in_array($option, $input[$i][$j]['options_selected'])) echo "\n";
- else echo "\n";
+ if (in_array($option, $input[$i][$j]['options_selected'])) {
+ echo "\n";
+ }
+ else {
+ echo "\n";
+ }
}
}
echo "\n";