[development] Drupal 6.x hook_menu question regarding use of wildcards - Resolved

[Karoly Negyesi]

<?php
function _agenda_list($node) {
  return agenda_list($node->nid);
}
?>
why not make agenda_list accept a $node instead of a nid and change inside? Why a whole wrapper?

<?php
function agenda_page_title($node, $text) {
$return = $text . $node->title;
return $return;
}
?>

Welcome to the wonderful word of XSS holes!!!!! You want check_plain($node->title) and likely check_plain ($text . $node->title)