sync with Rev1187

security fix from Katsumi: sanitize output of the blog name

git-svn-id: https://svn.sourceforge.jp/svnroot/nucleus-jp/nucleus-jp/branches/branch-3-3@316 1ca29b6e-896d-4ea0-84a5-967f57386b96

diff --git a/utf8/nucleus/libs/PAGEFACTORY.php b/utf8/nucleus/libs/PAGEFACTORY.php
index 92f1ec7..6171690 100755 (executable)
--- a/utf8/nucleus/libs/PAGEFACTORY.php
+++ b/utf8/nucleus/libs/PAGEFACTORY.php
@@ -12,8 +12,8 @@
 /**
  * @license http://nucleuscms.org/license.txt GNU General Public License
  * @copyright Copyright (C) 2002-2007 The Nucleus Group
- * @version $Id: PAGEFACTORY.php,v 1.8 2007-03-22 03:30:14 kmorimatsu Exp $
- * $NucleusJP: PAGEFACTORY.php,v 1.7 2007/02/04 06:28:46 kimitake Exp $
+ * @version $Id: PAGEFACTORY.php,v 1.8.2.1 2007-09-05 07:35:26 kimitake Exp $
+ * $NucleusJP: PAGEFACTORY.php,v 1.8 2007/03/22 03:30:14 kmorimatsu Exp $
  */
 
 /**
@@ -179,7 +179,7 @@ class PAGEFACTORY extends BaseActions {
        }
 
        function parse_bloglink() {
-               echo '<a href="'.htmlspecialchars($this->blog->getURL()).'">'.$this->blog->getName().'</a>';
+               echo '<a href="'.htmlspecialchars($this->blog->getURL()).'">'.htmlspecialchars($this->blog->getName()).'</a>';
        }
 
        function parse_authorname() {