diff --git a/admin/pages/menus.php b/admin/pages/menus.php
index 7562d20f..573f683d 100644
--- a/admin/pages/menus.php
+++ b/admin/pages/menus.php
@@ -89,7 +89,7 @@ if (isset($_REQUEST['template'])) {
if (isset($menus[$id])) {
$i = 0;
foreach ($menus[$id] as $menu) {
- echo '
+ echo '
@@ -134,4 +134,4 @@ if (isset($_REQUEST['template'])) {
$twig->display('admin.menus.form.html.twig', array(
'templates' => $templates
));
-}
\ No newline at end of file
+}
diff --git a/admin/pages/news.php b/admin/pages/news.php
index 8838780a..20c2bbb8 100644
--- a/admin/pages/news.php
+++ b/admin/pages/news.php
@@ -117,7 +117,7 @@ if($action == 'edit' || $action == 'new') {
'news_link_form' => '?p=news&action=' . ($action == 'edit' ? 'edit' : 'add'),
'news_id' => isset($id) ? $id : null,
'title' => isset($p_title) ? $p_title : '',
- 'body' => isset($body) ? htmlentities($body, ENT_COMPAT, 'UTF-8') : '',
+ 'body' => isset($body) ? escapeHtml($body) : '',
'type' => isset($type) ? $type : null,
'player' => isset($player) && $player->isLoaded() ? $player : null,
'player_id' => isset($player_id) ? $player_id : null,
diff --git a/admin/pages/pages.php b/admin/pages/pages.php
index 50ae59f4..68ca1d98 100644
--- a/admin/pages/pages.php
+++ b/admin/pages/pages.php
@@ -105,7 +105,7 @@ $twig->display('admin.pages.form.html.twig', array(
'title' => $p_title,
'php' => $php,
'enable_tinymce' => $enable_tinymce,
- 'body' => isset($body) ? htmlentities($body, ENT_COMPAT, 'UTF-8') : '',
+ 'body' => isset($body) ? escapeHtml($body) : '',
'groups' => $groups->getGroups(),
'access' => $access
));
diff --git a/system/functions.php b/system/functions.php
index a332666d..49e31b2a 100644
--- a/system/functions.php
+++ b/system/functions.php
@@ -1244,6 +1244,10 @@ function getCustomPage($page, &$success)
return $content;
}
+function escapeHtml($html) {
+ return htmlentities($html, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
+}
+
// validator functions
require_once LIBS . 'validator.php';
require_once SYSTEM . 'compat/base.php';