mark var escaped

2015-09-14 18:18:51 +02:00
parent 5a6e1868a8
commit 72bfb9a515
1 changed files with 9 additions and 9 deletions
--- a/plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php
+++ b/plugins/serendipity_event_entryproperties/serendipity_event_entryproperties.php
@ -467,22 +467,22 @@ class serendipity_event_entryproperties extends serendipity_event
                foreach($fields AS $fieldname) {
                    $fieldparts = explode(':', $fieldname);
                    $fieldname = $fieldparts[0];
-                    $fieldname = serendipity_specialchars(trim($fieldname));
+                    $_fieldname = serendipity_specialchars(trim($fieldname));

-                    if (isset($serendipity['POST']['properties'][$fieldname])) {
-                        $value = $serendipity['POST']['properties'][$fieldname];
-                    } elseif (!empty($eventData['properties']['ep_' . $fieldname])) {
-                        $value = $eventData['properties']['ep_' . $fieldname];
+                    if (isset($serendipity['POST']['properties'][$_fieldname])) {
+                        $value = $serendipity['POST']['properties'][$_fieldname];
+                    } elseif (!empty($eventData['properties']['ep_' . $_fieldname])) {
+                        $value = $eventData['properties']['ep_' . $_fieldname];
                    } else {
                        $value = trim(str_replace($special_to, $special_read, $fieldparts[1]));
                    }
 ?>
-                    <div id="ep_column_<?php echo $fieldname; ?>" class="clearfix form_area media_choose">
-                        <label for="prop<?php echo $fieldname; ?>"><?php echo $fieldname; ?></label>
-                        <textarea id="prop<?php echo $fieldname; ?>" class="change_preview" name="serendipity[properties][<?php echo $fieldname; ?>]" data-configitem="prop<?php echo $fieldname; ?>"><?php echo serendipity_specialchars($value); ?></textarea>
+                    <div id="ep_column_<?php echo $_fieldname; ?>" class="clearfix form_area media_choose">
+                        <label for="prop<?php echo $_fieldname; ?>"><?php echo $_fieldname; ?></label>
+                        <textarea id="prop<?php echo $_fieldname; ?>" class="change_preview" name="serendipity[properties][<?php echo $_fieldname; ?>]" data-configitem="prop<?php echo $_fieldname; ?>"><?php echo serendipity_specialchars($value); ?></textarea>
                        <button class="customfieldMedia" type="button" name="insImage" title="<?php echo MEDIA ; ?>"><span class="icon-picture"></span><span class="visuallyhidden"><?php echo MEDIA ; ?></span></button>
                        <?php if (preg_match('/(\.jpg|\.png|\.bmp)$/', $value)) { ?>
-                        <figure id="prop<?php echo $fieldname; ?>_preview">
+                        <figure id="prop<?php echo $_fieldname; ?>_preview">
                            <figcaption><?php echo PREVIEW; ?></figcaption>
                            <img src="<?php echo $value; ?>"  alt=""/>
                        </figure>