Update rsssubcategoryupdate.php (#95)

content/rsssubcategoryupdate.php

@@ -91,27 +91,27 @@ echo "<form method='post' action=''>";
 echo "<table>";
 echo "	<tr>";
 echo "		<td>rss_category</td>";
-echo "		<td><input type='text' name='rss_category' value='$rss_category'></td>";
+echo "		<td><input type='text' name='rss_category' value='".escape($rss_category)."'></td>";
 echo "	</tr>";
 echo "	<tr>";
 echo "		<td>rss_sub_category</td>";
-echo "		<td><input type='text' name='rss_sub_category' value='$rss_sub_category'></td>";
+echo "		<td><input type='text' name='rss_sub_category' value='".escape($rss_sub_category)."'></td>";
 echo "	</tr>";
 echo "	<tr>";
 echo "		<td>rss_sub_category_description</td>";
-echo "		<td><input type='text' name='rss_sub_category_description' value='$rss_sub_category_description'></td>";
+echo "		<td><input type='text' name='rss_sub_category_description' value='".escape($rss_sub_category_description)."'></td>";
 echo "	</tr>";
 echo "	<tr>";
 echo "		<td>rss_add_user</td>";
-echo "		<td><input type='text' name='rss_add_user' value='$rss_add_user'></td>";
+echo "		<td><input type='text' name='rss_add_user' value='".escape($rss_add_user)."'></td>";
 echo "	</tr>";
 echo "	<tr>";
 echo "		<td>rss_add_date</td>";
-echo "		<td><input type='text' name='rss_add_date' value='$rss_add_date'></td>";
+echo "		<td><input type='text' name='rss_add_date' value='".escape($rss_add_date)."'></td>";
 echo "	</tr>";
 echo "	<tr>";
 echo "		<td colspan='2' align='right'>";
-echo "     <input type='hidden' name='rss_sub_category_uuid' value='$rss_sub_category_uuid'>";
+echo "     <input type='hidden' name='rss_sub_category_uuid' value='".escape($rss_sub_category_uuid)."'>";
 echo "		<br><br>";
 echo "     <input type='submit' name='submit' value='".$text['button-update']."'>";
 echo "		</td>";