nsinnovations/fusionpbx
2
0
Fork 0
mirror of https://github.com/fusionpbx/fusionpbx.git synced 2025-12-30 00:53:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Escape characters for button link (#7409)

Browse Source
This commit is contained in:
frytimo
2025-07-03 15:19:12 -03:00
committed by GitHub
parent 7f89f4d98e
commit ec47489f4e
1 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
resources/classes/button.php
View File

@@ -109,7 +109,7 @@ if (!class_exists('button')) {
//link
if (!empty($array['link'])) {
$anchor = "<a ";
$anchor .= "href='".$array['link']."' ";
$anchor .= "href='" . self::escape_href($array['link']) . "' ";
$anchor .= "target='".(!empty($array['target']) ? $array['target'] : '_self')."' ";
//ensure only margin* styles are applied to the anchor element
if (!empty($array['style']) && is_array($array['style']) && @sizeof($array['style']) != 0) {
@@ -134,6 +134,12 @@ if (!class_exists('button')) {
return substr_count($value, "'") ? '"'.$value.'"' : "'".$value."'";
}
private static function escape_href(string $url): string {
// clear whitespace
$url = trim($url);
return htmlspecialchars($url, ENT_QUOTES, 'UTF-8');
}
}
}