EuskadiTech/Axia4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Escape special characters in alumno name

Browse Source
This commit is contained in:
Naiel
2026-02-14 15:02:02 +01:00
committed by GitHub
parent c8e6c617e2
commit 618fc6679b
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
public_html/entreaulas/paneldiario.php
View File

@@ -204,7 +204,7 @@ switch ($_GET["action"]) {
$photo_path = $alumno_path . "/photo.jpg";
$photo_exists = file_exists($photo_path);
?>
<a href="#" class="card grid-item" style="color: black;" onclick="seleccionarAlumno(this, <?php echo json_encode(['n' => $alumno_name]); ?>);" aria-label="Seleccionar alumno <?php echo htmlspecialchars($alumno_name); ?>">
<a href="#" class="card grid-item" style="color: black;" onclick="seleccionarAlumno(this, '<?php echo htmlspecialchars($alumno_name, ENT_QUOTES); ?>');" aria-label="Seleccionar alumno <?php echo htmlspecialchars($alumno_name); ?>">
<?php if ($photo_exists): ?>
<img src="_filefetch.php?type=alumno_photo&alumno=<?php echo urlencode($alumno_name); ?>&centro=<?php echo urlencode($centro_id); ?>&aulario=<?php echo urlencode($aulario_id); ?>" height="150" class="bg-white" alt="Foto de <?php echo htmlspecialchars($alumno_name); ?>">
<?php else: ?>