$sth->execute() || die "execute: $sql; ".$self->{dbh}->errstr();
my @arr;
while (my $row = $sth->fetchrow_hashref) {
- $row->{item} = HTML::Entities::encode($row->{item});
+ $row->{item} = HTML::Entities::encode($row->{item},'<>&"');
push @arr,$row;
}
return @arr;