diff options
author | Zach Copley <zach@status.net> | 2010-03-12 01:12:30 +0000 |
---|---|---|
committer | Zach Copley <zach@status.net> | 2010-03-12 01:12:30 +0000 |
commit | 78f0d6bbd21ed84733e960201c4652e69c565450 (patch) | |
tree | 22cbb14401301be9a2cba6927c21aee3c4afaab0 /classes | |
parent | 7cdcb89dc9d8dcc04848928c5b765f99566d2a4d (diff) |
Scrub all atom output with common_xml_safe_str()
Diffstat (limited to 'classes')
-rw-r--r-- | classes/Notice.php | 8 | ||||
-rw-r--r-- | classes/User_group.php | 8 |
2 files changed, 12 insertions, 4 deletions
diff --git a/classes/Notice.php b/classes/Notice.php index 40a6263e5..a704053a0 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -1151,7 +1151,7 @@ class Notice extends Memcached_DataObject $xs->elementEnd('source'); } - $xs->element('title', null, $this->content); + $xs->element('title', null, common_xml_safe_str($this->content)); if ($author) { $xs->raw($profile->asAtomAuthor()); @@ -1227,7 +1227,11 @@ class Notice extends Memcached_DataObject } } - $xs->element('content', array('type' => 'html'), $this->rendered); + $xs->element( + 'content', + array('type' => 'html'), + common_xml_safe_str($this->rendered) + ); $tag = new Notice_tag(); $tag->notice_id = $this->id; diff --git a/classes/User_group.php b/classes/User_group.php index f29594502..63a407b4c 100644 --- a/classes/User_group.php +++ b/classes/User_group.php @@ -379,7 +379,7 @@ class User_group extends Memcached_DataObject } $xs->element('title', null, $this->nickname); - $xs->element('summary', null, $this->description); + $xs->element('summary', null, common_xml_safe_str($this->description)); $xs->element('link', array('rel' => 'alternate', 'href' => $this->permalink())); @@ -389,7 +389,11 @@ class User_group extends Memcached_DataObject $xs->element('published', null, common_date_w3dtf($this->created)); $xs->element('updated', null, common_date_w3dtf($this->modified)); - $xs->element('content', array('type' => 'html'), $this->description); + $xs->element( + 'content', + array('type' => 'html'), + common_xml_safe_str($this->description) + ); $xs->elementEnd('entry'); |