From 475cf32235428e64f0cd060b8a430e70ea49f4aa Mon Sep 17 00:00:00 2001
From: Tom Lake <tswsl1989@sucs.org>
Date: Mon, 21 Sep 2009 12:20:15 +0000
Subject: [PATCH] Tweaks and escaping things properly

---
 templates/library-addbook.tpl | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/templates/library-addbook.tpl b/templates/library-addbook.tpl
index 87ddcc5..0301668 100644
--- a/templates/library-addbook.tpl
+++ b/templates/library-addbook.tpl
@@ -30,15 +30,15 @@
 
 	<div class="row">	
 		<label for="title">Title</label>
-		<span class="textinput"><input type="text" name="title" width="200" value="{$book.title}" /></span>
+		<span class="textinput"><input type="text" name="title" width="200" value="{$book.title|escape}" /></span>
 	</div>
 	<div class="row">	
 		<label for="author">Author</label>
-		<span class="textinput"><input type="text" name="author" value="{$book.author}" /></span>
+		<span class="textinput"><input type="text" name="author" value="{$book.author|escape}" /></span>
 	</div>
 	<div class="row">	
 		<label for="publisher">Publisher</label>
-		<span class="textinput"><input type="text" name="publisher" value="{$book.publisher}" /></span>
+		<span class="textinput"><input type="text" name="publisher" value="{$book.publisher|escape}" /></span>
 	</div>
 	<div class="row">	
 		<label for="comments">Comments</label>
-- 
GitLab