AbstractException.php: Error messages are no 'htmlspecialchars()' encoded....

AbstractException.php: Error messages are no 'htmlspecialchars()' encoded. Error output don't break the formatting anymore.

extension/qfq/qfq/exceptions/AbstractException.php

@@ -46,29 +46,29 @@ class AbstractException extends \Exception {
             $this->messageArray['Content Id'] = $store->getVar(TYPO3_TT_CONTENT_UID, STORE_TYPO3);
         }
 
-        $html .= "Code: " . $this->messageArray['Code'] . "<br>";
-        $html .= "Message: " . Support::wrapTag("<strong>", $this->messageArray['Message']) . "</br>";
+        $html .= "Code: " . htmlspecialchars($this->messageArray['Code']) . "<br>";
+        $html .= "Message: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray['Message'])) . "</br>";
 
         // Form
         if (isset($this->messageArray['Form'])) {
-            $html .= "Form: " . Support::wrapTag("<strong>", $this->messageArray['Form']) . "</br>";
+            $html .= "Form: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray['Form'])) . "</br>";
         }
 
         if (isset($this->messageArray['Form Element'])) {
-            $html .= "Form Element: " . Support::wrapTag("<strong>", $this->messageArray['Form Element']) . "</br>";
+            $html .= "Form Element: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray['Form Element'])) . "</br>";
         }
 
         // Report
         if (isset($this->messageArray[SYSTEM_REPORT_COLUMN_INDEX])) {
-            $html .= "Column index: " . Support::wrapTag("<strong>", $this->messageArray[SYSTEM_REPORT_COLUMN_INDEX]) . "</br>";
+            $html .= "Column index: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray[SYSTEM_REPORT_COLUMN_INDEX])) . "</br>";
         }
 
         if (isset($this->messageArray[SYSTEM_REPORT_COLUMN_NAME])) {
-            $html .= "Column name: " . Support::wrapTag("<strong>", $this->messageArray[SYSTEM_REPORT_COLUMN_NAME]) . "</br>";
+            $html .= "Column name: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray[SYSTEM_REPORT_COLUMN_NAME])) . "</br>";
         }
 
         if (isset($this->messageArray[SYSTEM_REPORT_COLUMN_VALUE])) {
-            $html .= "Column value: " . Support::wrapTag("<strong>", $this->messageArray[SYSTEM_REPORT_COLUMN_VALUE]) . "</br>";
+            $html .= "Column value: " . Support::wrapTag("<strong>", htmlspecialchars($this->messageArray[SYSTEM_REPORT_COLUMN_VALUE])) . "</br>";
         }
 
         $html = "<h2>Error</h2>" . Support::wrapTag('<p>', $html);
@@ -86,7 +86,7 @@ class AbstractException extends \Exception {
                 }
 
                 if ($value !== '' && $value !== false)
-                    $debug .= "<tr>" . "<td>$key</td>" . "<td>$value</td>" . "</tr>";
+                    $debug .= "<tr>" . "<td>$key</td>" . "<td>" . htmlspecialchars($value) . "</td>" . "</tr>";
             }
             $debug = "<table border=1>" . $debug . "</table>";
         }