Encode special HTML characters

john · Apr 24, 2017 · 2202b45 · 2202b45
1 parent 84fd2e5
commit 2202b45
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/public/messages.php b/public/messages.php
@@ -43,11 +43,11 @@ class="material-icons">check
                                        class="material-icons red-text">fiber_new
                                     </i>
                                 <?php } ?>
-                                <?php echo $message->sender()->username ?>
+                                <?php echo htmlspecialchars($message->sender()->username) ?>
                             </div>
                             <div class="collapsible-body">
                                 <span>
-                                    <?php echo $message->message ?>
+                                    <?php echo htmlspecialchars($message->message) ?>
                                 </span>
                             </div>
                         </li>
@@ -64,11 +64,11 @@ class="material-icons red-text">fiber_new
                                 <?php } else { ?>
                                     <i class="material-icons">arrow_forward</i>
                                 <?php } ?>
-                                <?php echo $message->receiver()->username ?>
+                                <?php echo htmlspecialchars($message->receiver()->username) ?>
                             </div>
                             <div class="collapsible-body">
                                 <span>
-                                    <?php echo $message->message ?>
+                                    <?php echo htmlspecialchars($message->message) ?>
                                 </span>
                             </div>
                         </li>