filter editor uses prototype

[tt-rss.git] / functions.php

diff --git a/functions.php b/functions.php
index 73ef85774d9296cf513ac1f32abb886d64b30151..0c1a959a7bd4fe924d8aa272d196221cee0528e2 100644 (file)
--- a/functions.php
+++ b/functions.php
@@ -1601,7 +1601,7 @@
                                $is_selected = "";
                        }
                        printf("<option $is_selected value='%d'>%s</option>", 
-                               $line["id"], db_unescape_string($line["title"]));
+                               $line["id"], htmlspecialchars(db_unescape_string($line["title"])));
                }
        
                print "</select>";
@@ -1630,7 +1630,7 @@
                                $is_selected = "";
                        }
                        printf("<option $is_selected value='%d'>%s</option>", 
-                               $line["id"], $line["title"]);
+                               $line["id"], htmlspecialchars(db_unescape_string($line["title"])));
                }
 
                print "</select>";