From f477983bffeb5542322028df731495195fd649ff Mon Sep 17 00:00:00 2001
From: Ingo Schommer <ingo@silverstripe.com>
Date: Tue, 24 Sep 2013 12:12:57 +0200
Subject: [PATCH] Clearer escaping in CMSMain

No direct security issue, but makes intent clearer
---
 code/controllers/CMSMain.php | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/code/controllers/CMSMain.php b/code/controllers/CMSMain.php
index 86cedb15..68c0b0d9 100644
--- a/code/controllers/CMSMain.php
+++ b/code/controllers/CMSMain.php
@@ -783,13 +783,21 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 				if($num) {
 					return sprintf(
 						'<a class="cms-panel-link list-children-link" data-pjax-target="ListViewForm,Breadcrumbs" href="%s">%s</a>',
-						Controller::join_links($controller->Link(), "?ParentID={$item->ID}&view=list"),
+						Controller::join_links(
+							$controller->Link(), 
+							sprintf("?ParentID=%d&view=list", (int)$item->ID)
+						),
 						$num
 					);
 				}
 			},
 			'getTreeTitle' => function($value, &$item) use($controller) {
-				return '<a class="action-detail" href="' . singleton('CMSPageEditController')->Link('show') . '/' . $item->ID . '">' . $item->TreeTitle . '</a>';
+				return sprintf(
+					'<a class="action-detail" href="%s/%d">%s</a>',
+					singleton('CMSPageEditController')->Link('show'),
+					(int)$item->ID,
+					$item->TreeTitle // returns HTML, does its own escaping
+				);
 			}
 		));