Commit 7c06d91d authored by anthonylindsay's avatar anthonylindsay

Sanitize block heading on display.

parent 0df9ba30
......@@ -203,7 +203,7 @@ function commerce_popular_products_settings_form($form, &$form_state) {
$time = variable_get('commerce_popular_products_time', 'month');
$number = variable_get('commerce_popular_products_number', '1');
$products = variable_get('commerce_popular_products_products');
$title = variable_get('commerce_popular_products_title', 'Popular Products This Month');
$title = check_plain(variable_get('commerce_popular_products_title', 'Popular Products This Month'));
$product_types = commerce_popular_products_get_product_types();
$form['block_title'] = array(
'#type' => 'textfield',
