diff --git a/application/helpers/html_helper.php b/application/helpers/html_helper.php index 226ce529..7fc46faa 100644 --- a/application/helpers/html_helper.php +++ b/application/helpers/html_helper.php @@ -11,6 +11,25 @@ * @since v1.4.0 * ---------------------------------------------------------------------------- */ +if ( ! function_exists('e')) +{ + /** + * HTML escape function for templates. + * + * Use this helper function to easily escape all the outputted HTML markup. + * + * Example: + * + * = e($string) ?> + * + * @param mixed $string Provide anything that can be converted to a string. + */ + function e(mixed $string): string + { + return htmlspecialchars($string, ENT_QUOTES, 'UTF-8'); + } +} + if ( ! function_exists('component')) { /** diff --git a/application/helpers/language_helper.php b/application/helpers/language_helper.php index c79fa811..0b7b5984 100644 --- a/application/helpers/language_helper.php +++ b/application/helpers/language_helper.php @@ -37,6 +37,6 @@ if ( ! function_exists('lang')) $result = ''; } - return $result ?: $line; + return e($result ?: $line); } } diff --git a/application/views/components/booking_header.php b/application/views/components/booking_header.php index f42b4f13..e0501295 100644 --- a/application/views/components/booking_header.php +++ b/application/views/components/booking_header.php @@ -1,7 +1,7 @@ @@ -9,11 +9,11 @@