==== Wikka Mod 028 ====
Type: Bug Fix
----
===Credit:=== 
**[[JsnX | Jason Tourtelotte]]**
----

Found out that the Category action relied on the double doublequote insecurity for html formatting.

Fixed with the code below.

**actions/category.php**

%%(php)

<?php
if ($cattag = $_REQUEST["wakka"])
{
	$str ="";
	if (!$col) { $col=1;}
	if ($page=="/") { 
		$page="Category Category"; // Remove the space between the two category words. 
	} else 
	{
		$page=$this->getPageTag(); 
	}
//	$page= preg_replace( "/(\w+)\s(\w+)/", "$1$2",$page);
	if ($class) {$class="class=\"$class\"";}
	if (!$page) {$page=$cattag;}
	 
	if ($results = $this->FullCategoryTextSearch($page))
	{
		if (!$compact) $str .= 'The following '.(count($results)-1).' pages belong to ' . $page . ': <br /><br /><table '.$class.' width="100%"><tr>';
		else $str .= '<div '.$class.'><ul>';
		
		$count = 0; $list = array();
		foreach ($results as $i => $cpage) if($cpage['tag'] != $page) { array_push($list,$cpage['tag']);}
		sort($list);
		while (list($key, $val) = each($list)) {
			if ($count == $col & !$compact)  { $str .= "</tr><tr>"; $count=0; }
			if (!$compact) $str .= '<td>'.$this->Format('[['.$val.']]').'</td>';
			else $str .= '<li>'.$this->Format('[['.$val.' | '.preg_replace( "/Category/", "",$val).']]').'</li>';
			$count++;
		}
		if (!$compact)  $str .= '</tr></table>'; else $str .= '</ul></div>';
	}
	else $str .= 'Sorry, no Items found for ' . $page .'.';
	print($str);
}
?>

%%