summaryrefslogtreecommitdiff
path: root/modules/rss
diff options
context:
space:
mode:
authorBharat Mediratta <bharat@menalto.com>2009-05-31 01:02:51 -0700
committerBharat Mediratta <bharat@menalto.com>2009-05-31 01:02:51 -0700
commit9369ccab7fb3413d63e218cec81b4cf43442fd98 (patch)
tree22066e2335c6aa2d81fadc56fbdbea8e7694069c /modules/rss
parenta049de28ace48a3970371caf24d7c389d8d93cd7 (diff)
Run all variables that come from user-entered data through p::clean()
Diffstat (limited to 'modules/rss')
-rw-r--r--modules/rss/views/comment.mrss.php14
-rw-r--r--modules/rss/views/feed.mrss.php14
2 files changed, 14 insertions, 14 deletions
diff --git a/modules/rss/views/comment.mrss.php b/modules/rss/views/comment.mrss.php
index 8b7e4f70..d2177026 100644
--- a/modules/rss/views/comment.mrss.php
+++ b/modules/rss/views/comment.mrss.php
@@ -6,9 +6,9 @@
xmlns:fh="http://purl.org/syndication/history/1.0">
<channel>
<generator>gallery3</generator>
- <title><?= $title ?></title>
+ <title><?= p::clean($title) ?></title>
<link><?= $link ?></link>
- <description><?= htmlspecialchars($description) ?></description>
+ <description><?= p::clean($description) ?></description>
<language>en-us</language>
<atom:link rel="self" href="<?= $feed_link ?>" type="application/rss+xml" />
<fh:complete/>
@@ -22,17 +22,17 @@
<lastBuildDate><?= $pub_date ?></lastBuildDate>
<? foreach ($children as $child): ?>
<item>
- <title><?= $child["title"]?></title>
- <link><?= $child["item_link"] ?></link>
- <author><?= $child["author"] ?></author>
+ <title><?= p::clean($child["title"]) ?></title>
+ <link><?= p::clean($child["item_link"]) ?></link>
+ <author><?= p::clean($child["author"]) ?></author>
<guid isPermaLink="true"><?= $child["item_link"] ?></guid>
<pubDate><?= $child["pub_date"] ?></pubDate>
<content:encoded>
<![CDATA[
- <p><?= $child["text"] ?></p>
+ <p><?= p::clean($child["text"]) ?></p>
<p>
<img alt="" src="<?= $child["thumb_url"] ?>"
- height="<?= $child["thumb_height"] ?>" width="<?= $child["thumb_width"] ?>" />
+ height="<?= $child["thumb_height"] ?>" width="<?= $child["thumb_width"] ?>" />
<br />
</p>
]]>
diff --git a/modules/rss/views/feed.mrss.php b/modules/rss/views/feed.mrss.php
index c581e5e0..0beebbcf 100644
--- a/modules/rss/views/feed.mrss.php
+++ b/modules/rss/views/feed.mrss.php
@@ -6,9 +6,9 @@
xmlns:fh="http://purl.org/syndication/history/1.0">
<channel>
<generator>gallery3</generator>
- <title><?= htmlspecialchars($title) ?></title>
+ <title><?= p::clean($title) ?></title>
<link><?= $link ?></link>
- <description><?= htmlspecialchars($description) ?></description>
+ <description><?= p::clean($description) ?></description>
<language>en-us</language>
<atom:link rel="self" href="<?= $feed_link ?>" type="application/rss+xml" />
<fh:complete/>
@@ -22,25 +22,25 @@
<lastBuildDate><?= $pub_date ?></lastBuildDate>
<? foreach ($children as $child): ?>
<item>
- <title><?= htmlspecialchars($child->title) ?></title>
+ <title><?= p::clean($child->title) ?></title>
<link><?= url::abs_site("{$child->type}s/{$child->id}") ?></link>
<guid isPermaLink="true"><?= url::abs_site("{$child->type}s/{$child->id}") ?></guid>
<pubDate><?= date("D, d M Y H:i:s T", $child->created); ?></pubDate>
<content:encoded>
<![CDATA[
- <span><?= $child->description ?></span>
+ <span><?= p::clean($child->description) ?></span>
<p>
<? if ($child->type == "photo" || $child->type == "album"): ?>
<img alt="" src="<?= $child->resize_url(true) ?>"
- title="<?= htmlspecialchars($child->title) ?>"
+ title="<?= p::clean($child->title) ?>"
height="<?= $child->resize_height ?>" width="<?= $child->resize_width ?>" /><br />
<? else: ?>
<a href="<?= url::abs_site("{$child->type}s/{$child->id}") ?>">
<img alt="" src="<?= $child->thumb_url(true) ?>"
- title="<?= htmlspecialchars($child->title) ?>"
+ title="<?= p::clean($child->title) ?>"
height="<?= $child->thumb_height ?>" width="<?= $child->thumb_width ?>" /></a><br />
<? endif ?>
- <?= $child->description ?>
+ <?= p::clean($child->description) ?>
</p>
]]>
</content:encoded>