Fix for ticket #477. Use nl2br method when rendering comment::text and

item::description. In addition add p::clean or p::purify to places that xss cleaning had missed (i.e. rss feeds)
author: Tim Almdal <tnalmdal@shaw.ca> 2009-07-04 08:17:12 -0700
committer: Tim Almdal <tnalmdal@shaw.ca> 2009-07-04 08:17:12 -0700
commit: d6648c0affd122407b7567442aa924e9138104e7 (patch)
tree: 015f10205d96618edcf210ad93c672a74956d979 /modules/comment/controllers
parent: 54ffea24196e8f5d88cf9d8607455f0f6aab305c (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php
index 2840ba67..02c38491 100644
--- a/modules/comment/controllers/comments.php
+++ b/modules/comment/controllers/comments.php
@@ -41,7 +41,7 @@ class Comments_Controller extends REST_Controller {
           "id" => $comment->id,
           "author_name" => p::clean($comment->author_name()),
           "created" => $comment->created,
-          "text" => p::purify($comment->text));
+          "text" => nl2br(p::purify($comment->text)));
       }
       print json_encode($data);
       break;
@@ -128,7 +128,7 @@ class Comments_Controller extends REST_Controller {
                 "id" => $comment->id,
                 "author_name" => p::clean($comment->author_name()),
                 "created" => $comment->created,
-                "text" => p::purify($comment->text))));
+                "text" => nl2br(p::purify($comment->text)))));
     } else {
       $view = new Theme_View("comment.html", "fragment");
       $view->comment = $comment;
author	Tim Almdal <tnalmdal@shaw.ca>	2009-07-04 08:17:12 -0700
committer	Tim Almdal <tnalmdal@shaw.ca>	2009-07-04 08:17:12 -0700
commit	d6648c0affd122407b7567442aa924e9138104e7 (patch)
tree	015f10205d96618edcf210ad93c672a74956d979 /modules/comment/controllers
parent	54ffea24196e8f5d88cf9d8607455f0f6aab305c (diff)