From: Mischa POSLAWSKY <perl@shiar.org>
Date: Sat, 30 Nov 2019 23:00:15 +0000 (+0100)
Subject: page: convert error messages to html strings
X-Git-Tag: v4.3~14
X-Git-Url: http://git.shiar.nl/minimedit.git/commitdiff_plain/2516e2570bb7c607a5c0eb76851c2486679223e4

page: convert error messages to html strings

Exception objects need to be converted to strings for usage as placeholders,
and while at it, xml characters should be escaped for proper display.
---

diff --git a/page.php b/page.php
index d2532a5..fb0c4dd 100644
--- a/page.php
+++ b/page.php
@@ -91,7 +91,7 @@ function fail($error)
 	include_once 'page.inc.php';
 	ob_start();
 	require '500.inc.html';
-	print getoutput(['debug' => $error]);
+	print getoutput(['debug' => htmlspecialchars($error)]);
 }
 
 set_exception_handler('fail');