From: Martin Mares <mj@ucw.cz>
Date: Mon, 19 Jul 2010 18:48:11 +0000 (+0200)
Subject: UCW::CGI: html_escape() should escape single quotes, too
X-Git-Tag: v5.0~145
X-Git-Url: http://mj.ucw.cz/gitweb/?a=commitdiff_plain;h=99ba408e120be4d3e1b3979a63df273ff0653a6e;p=libucw.git

UCW::CGI: html_escape() should escape single quotes, too
---

diff --git a/ucw/perl/UCW/CGI.pm b/ucw/perl/UCW/CGI.pm
index af5e2c5c..10650729 100644
--- a/ucw/perl/UCW/CGI.pm
+++ b/ucw/perl/UCW/CGI.pm
@@ -1,6 +1,6 @@
 #	Poor Man's CGI Module for Perl
 #
-#	(c) 2002--2009 Martin Mares <mj@ucw.cz>
+#	(c) 2002--2010 Martin Mares <mj@ucw.cz>
 #	Slightly modified by Tomas Valla <tom@ucw.cz>
 #
 #	This software may be freely distributed and used according to the terms
@@ -93,6 +93,7 @@ sub html_escape($) {
 	$x =~ s/</&lt;/g;
 	$x =~ s/>/&gt;/g;
 	$x =~ s/"/&quot;/g;
+	$x =~ s/'/&#39;/g;
 	return $x;
 }