From: Alexandre Gravel-Raymond Date: Sat, 19 May 2012 18:26:09 +0000 (+0200) Subject: Escape quotes in bookmarklet confirm message X-Git-Tag: 1.5.11~1^2 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=b1e592d37f3b8b82cbfb033ba755e75e7415f112;p=tt-rss.git Escape quotes in bookmarklet confirm message --- diff --git a/classes/pref_feeds.php b/classes/pref_feeds.php index db1161c3..61eeb598 100644 --- a/classes/pref_feeds.php +++ b/classes/pref_feeds.php @@ -1501,7 +1501,7 @@ class Pref_Feeds extends Protected_Handler { $bm_subscribe_url = str_replace('%s', '', add_feed_url()); - $confirm_str = __('Subscribe to %s in Tiny Tiny RSS?'); + $confirm_str = str_replace("'", "\'", __('Subscribe to %s in Tiny Tiny RSS?')); $bm_url = htmlspecialchars("javascript:{if(confirm('$confirm_str'.replace('%s',window.location.href)))window.location.href='$bm_subscribe_url'+window.location.href}");