FilterEditor: escape values correctly

refs #12330
This commit is contained in:
Alexander A. Klimov 2016-12-15 16:27:50 +01:00
parent 80d3abed9d
commit 96f0a8c24e
1 changed files with 1 additions and 1 deletions

View File

@ -521,7 +521,7 @@ class FilterEditor extends AbstractWidget
return sprintf(
'<input type="text" name="%s" value="%s" />',
$this->elementId('value', $filter),
$value
$this->view()->escape($value)
);
}