$sum += $row['time'];
$d = explode(' ', $row['start']);
- printf($table_row, $color, $d[0], min2hour($row['time']), $row['kurz'], $row['oid'], $row['task']);
+ printf($table_row, $color, $d[0], min2hour($row['time']), $row['kurz'], $row['oid'], htmlspecialchars($row['task']));
$color = !$color;
}
printf($table_sum, $color, min2hour($sum));
$d = explode(' ', $row['start']);
$check = sprintf('<input type="checkbox" class="checkbox" name="oid_'.$fieldnr++.'" value="'.$row['oid'].'" onclick="add_sum(%d,this)">',$form);
- printf($table_row, $color, $check.$d[0], min2hour($row['time']), $row['kurz'], $row['task']);
+ printf($table_row, $color, $check.$d[0], min2hour($row['time']), $row['kurz'], htmlspecialchars($row['task']));
$color = !$color;
}
if (pg_num_rows($sth) > 0) {