/**
* Set the caption
- * What's passed is used as HTML so don't do anything stupid
*
* @param $caption Caption
*/
$s = '<table class="gallery" cellspacing="0" cellpadding="0">';
if( $this->mCaption )
- $s .= '<td class="galleryheader" colspan="4"><big>' . $this->mCaption . '</big></td>';
+ $s .= '<td class="galleryheader" colspan="4"><big>' . htmlspecialchars( $this->mCaption ) . '</big></td>';
$i = 0;
foreach ( $this->mImages as $pair ) {
$ig->useSkin( $this->mOptions->getSkin() );
if( isset( $params['caption'] ) )
- $ig->setCaption( $this->replaceInternalLinks( $params['caption'] ) );
+ $ig->setCaption( $params['caption'] );
$lines = explode( "\n", $text );
foreach ( $lines as $line ) {