diff options
-rw-r--r-- | actions/peoplesearch.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actions/peoplesearch.php b/actions/peoplesearch.php index 045d99e39..5d1014017 100644 --- a/actions/peoplesearch.php +++ b/actions/peoplesearch.php @@ -158,7 +158,7 @@ class PeoplesearchAction extends Action { function highlight($text, $terms) { $pattern = '/('.implode('|',array_map('htmlspecialchars', $terms)).')/i'; - $result = preg_replace($pattern, '<strong>\\1</strong>', $text); + $result = preg_replace($pattern, '<strong>\\1</strong>', htmlspecialchars($text)); return $result; } } |