Allow safe HTML in admin menu editor

2026-04-21 19:32:15 +09:00 · 2017-01-31 11:46:03 +09:00 · 2017-01-31 11:46:03 +09:00 · 3b56c142bd
commit 3b56c142bd
parent 0f9b8cc3d6
2 changed files with 2 additions and 3 deletions
--- a/modules/menu/menu.admin.controller.php
+++ b/modules/menu/menu.admin.controller.php
@ -1987,7 +1987,7 @@ class menuAdminController extends menu
 				}
 				else
 				{
-					$name_arr_str .= sprintf('"%s"=>\'%s\',', $key, str_replace(array('\\','\''), array('\\\\','\\\''), strip_tags($val)));
+					$name_arr_str .= sprintf('"%s"=>\'%s\',', $key, str_replace(array('\\','\''), array('\\\\','\\\''), Rhymix\Framework\Filters\HTMLFilter::clean($val, true)));
 				}
 			}
 			$name_str = sprintf('$_menu_names[%d] = array(%s); %s', $node->menu_item_srl, $name_arr_str, $child_output['name']);