From d8964568d69488de02f0a0a58acc822eeb5c3cb1 Mon Sep 17 00:00:00 2001
From: Thorsten Rinne <thorsten@phpmyfaq.de>
Date: Mon, 23 Jan 2023 10:53:29 +0100
Subject: [PATCH] fix: added missing conversion to HTML entities

---
 phpmyfaq/admin/assets/js/tags.js | 6 +++++-
 phpmyfaq/admin/tags.php          | 4 ++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/phpmyfaq/admin/assets/js/tags.js b/phpmyfaq/admin/assets/js/tags.js
index 1cc214cacb..87e4f75337 100644
--- a/phpmyfaq/admin/assets/js/tags.js
+++ b/phpmyfaq/admin/assets/js/tags.js
@@ -36,6 +36,10 @@ document.addEventListener('DOMContentLoaded', () => {
     const tag = input.val();
     const csrf = $('input[name=csrf]').val();
 
+    const escape = (unsafe) => {
+      return unsafe.replaceAll('&', '&amp;').replaceAll('<', '&lt;').replaceAll('>', '&gt;').replaceAll('"', '&quot;').replaceAll("'", '&#039;');
+    }
+
     $.ajax({
       url: 'index.php?action=ajax&ajax=tags&ajaxaction=update',
       type: 'POST',
@@ -47,7 +51,7 @@ document.addEventListener('DOMContentLoaded', () => {
         );
       },
       success: function (message) {
-        input.replaceWith('<span data-tag-id="' + id + '">' + input.val().replace(/\//g, '&#x2F;') + '</span>');
+        input.replaceWith('<span data-tag-id="' + id + '">' + escape(input.val().replace(/\//g, '&#x2F;')) + '</span>');
         $('span[data-tag-id="' + id + '"]');
         $('#pmf-admin-saving-data-indicator').html(message);
       },
diff --git a/phpmyfaq/admin/tags.php b/phpmyfaq/admin/tags.php
index 6122e75c82..ceb2b941ec 100644
--- a/phpmyfaq/admin/tags.php
+++ b/phpmyfaq/admin/tags.php
@@ -55,7 +55,7 @@
 
             $tagData = $tags->getAllTags();
 
-            if (count($tagData)) {
+            if (count($tagData) === 0) {
               printf('<p class="alert alert-warning" role="alert">%s</p>', $PMF_LANG['ad_news_nodata']);
             }
 
@@ -64,7 +64,7 @@
 
             foreach ($tagData as $key => $tag) {
                 echo '<tr>';
-                echo '<td><span data-tag-id="' . $key . '">' . Strings::htmlspecialchars($tag) . '</span></td>';
+                echo '<td><span data-tag-id="' . $key . '">' . Strings::htmlentities($tag) . '</span></td>';
                 printf(
                     '<td><a class="btn btn-primary btn-edit" data-btn-id="%d" title="%s">' .
                     '<i aria-hidden="true" class="fa fa-edit"></i></a></td>',