diff options
Diffstat (limited to 'views/default/output/access.php')
| -rw-r--r-- | views/default/output/access.php | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/views/default/output/access.php b/views/default/output/access.php index f312608d5..5c8d62c4d 100644 --- a/views/default/output/access.php +++ b/views/default/output/access.php @@ -11,6 +11,7 @@ if (isset($vars['entity']) && elgg_instanceof($vars['entity'])) { $access_id = $vars['entity']->access_id; $access_class = 'elgg-access'; $access_id_string = get_readable_access_level($access_id); + $access_id_string = htmlspecialchars($access_id_string, ENT_QUOTES, 'UTF-8', false); // if within a group or shared access collection display group name and open/closed membership status // @todo have a better way to do this instead of checking against subtype / class. @@ -20,7 +21,7 @@ if (isset($vars['entity']) && elgg_instanceof($vars['entity'])) { // we decided to show that the item is in a group, rather than its actual access level // not required. Group ACLs are prepended with "Group: " when written. //$access_id_string = elgg_echo('groups:group') . $container->name; - $membership = $is_group->membership; + $membership = $container->membership; if ($membership == ACCESS_PUBLIC) { $access_class .= ' elgg-access-group-open'; @@ -35,5 +36,7 @@ if (isset($vars['entity']) && elgg_instanceof($vars['entity'])) { $access_class .= ' elgg-access-private'; } - echo "<span class=\"$access_class\">$access_id_string</span>"; + $help_text = elgg_echo('access:help'); + + echo "<span title=\"$help_text\" class=\"$access_class\">$access_id_string</span>"; } |