@@ -661,7 +661,7 @@ public function addItem()
661661 });
662662 $( \'#add_portfolio_template \').on( \'change \', function () {
663663 $( \'#portfolio-spinner \').show();
664-
664+
665665 $.getJSON(_p.web_ajax + \'portfolio.ajax.php?a=find_template&item= \' + this.value)
666666 .done(function(response) {
667667 if (CKEDITOR.instances.title) {
@@ -3994,7 +3994,7 @@ private function createCommentForm(Portfolio $item): string
39943994 $(function() {
39953995 $( \'#frm_comment_template \').on( \'change \', function () {
39963996 $( \'#portfolio-spinner \').show();
3997-
3997+
39983998 $.getJSON(_p.web_ajax + \'portfolio.ajax.php?a=find_template_comment&comment= \' + this.value)
39993999 .done(function(response) {
40004000 CKEDITOR.instances.content.setData(response.content);
@@ -4094,7 +4094,7 @@ private function generateItemContent(Portfolio $item): string
40944094 $ origin$ emfind (Portfolio::class, $ itemgetOrigin ());
40954095
40964096 if ($ origin
4097- $ originContent$ origingetContent ();
4097+ $ originContentSecurity:: remove_XSS ( $ origingetContent () );
40984098 $ originContentFootervsprintf (
40994099 get_lang ('OriginallyPublishedAsXTitleByYUser ' ),
41004100 [
@@ -4107,7 +4107,7 @@ private function generateItemContent(Portfolio $item): string
41074107 $ origin$ emfind (PortfolioComment::class, $ itemgetOrigin ());
41084108
41094109 if ($ origin
4110- $ originContent$ origingetContent ();
4110+ $ originContentSecurity:: remove_XSS ( $ origingetContent () );
41114111 $ originContentFootervsprintf (
41124112 get_lang ('OriginallyCommentedByXUserInYItem ' ),
41134113 [
0 commit comments