summaryrefslogtreecommitdiff
path: root/classes
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2010-03-12 01:12:30 +0000
committerZach Copley <zach@status.net>2010-03-12 01:12:30 +0000
commit78f0d6bbd21ed84733e960201c4652e69c565450 (patch)
tree22cbb14401301be9a2cba6927c21aee3c4afaab0 /classes
parent7cdcb89dc9d8dcc04848928c5b765f99566d2a4d (diff)
Scrub all atom output with common_xml_safe_str()
Diffstat (limited to 'classes')
-rw-r--r--classes/Notice.php8
-rw-r--r--classes/User_group.php8
2 files changed, 12 insertions, 4 deletions
diff --git a/classes/Notice.php b/classes/Notice.php
index 40a6263e5..a704053a0 100644
--- a/classes/Notice.php
+++ b/classes/Notice.php
@@ -1151,7 +1151,7 @@ class Notice extends Memcached_DataObject
$xs->elementEnd('source');
}
- $xs->element('title', null, $this->content);
+ $xs->element('title', null, common_xml_safe_str($this->content));
if ($author) {
$xs->raw($profile->asAtomAuthor());
@@ -1227,7 +1227,11 @@ class Notice extends Memcached_DataObject
}
}
- $xs->element('content', array('type' => 'html'), $this->rendered);
+ $xs->element(
+ 'content',
+ array('type' => 'html'),
+ common_xml_safe_str($this->rendered)
+ );
$tag = new Notice_tag();
$tag->notice_id = $this->id;
diff --git a/classes/User_group.php b/classes/User_group.php
index f29594502..63a407b4c 100644
--- a/classes/User_group.php
+++ b/classes/User_group.php
@@ -379,7 +379,7 @@ class User_group extends Memcached_DataObject
}
$xs->element('title', null, $this->nickname);
- $xs->element('summary', null, $this->description);
+ $xs->element('summary', null, common_xml_safe_str($this->description));
$xs->element('link', array('rel' => 'alternate',
'href' => $this->permalink()));
@@ -389,7 +389,11 @@ class User_group extends Memcached_DataObject
$xs->element('published', null, common_date_w3dtf($this->created));
$xs->element('updated', null, common_date_w3dtf($this->modified));
- $xs->element('content', array('type' => 'html'), $this->description);
+ $xs->element(
+ 'content',
+ array('type' => 'html'),
+ common_xml_safe_str($this->description)
+ );
$xs->elementEnd('entry');