NEW - bug 220625: "<input>" in string resulted in an input box on translation page
https://bugs.eclipse.org/bugs/show_bug.cgi?id=220625
diff --git a/html/callback/getCurrentStringTranslation.php b/html/callback/getCurrentStringTranslation.php
index 7c15453..6b3ad99 100644
--- a/html/callback/getCurrentStringTranslation.php
+++ b/html/callback/getCurrentStringTranslation.php
@@ -13,12 +13,17 @@
require_once("cb_global.php");
-
$string_id = $App->getHTTPParameter("string_id", "POST");
-$language = $_SESSION['language'];
-$version = $_SESSION['version'];
-$project_id = $_SESSION['project'];
+
+if(isset($_SESSION['language']) and isset($_SESSION['version']) and isset($_SESSION['project'])){
+ $language = $_SESSION['language'];
+ $version = $_SESSION['version'];
+ $project_id = $_SESSION['project'];
+}else{
+ return false;
+}
+
$query = "select
strings.string_id,
@@ -129,7 +134,7 @@
<div id="english-area" class="side-component">
<h4>English String</h4>
<div style='margin-bottom: .5em;'>
- <b><?= nl2br($line['string_value']);?></b>
+ <b><?= htmlspecialchars_decode(nl2br($line['string_value']));?></b>
</div>
<h4>Externalized Token</h4>
<div>