diff options
author | Bharat Mediratta <bharat@menalto.com> | 2009-05-31 01:02:51 -0700 |
---|---|---|
committer | Bharat Mediratta <bharat@menalto.com> | 2009-05-31 01:02:51 -0700 |
commit | 9369ccab7fb3413d63e218cec81b4cf43442fd98 (patch) | |
tree | 22066e2335c6aa2d81fadc56fbdbea8e7694069c /modules/rss | |
parent | a049de28ace48a3970371caf24d7c389d8d93cd7 (diff) |
Run all variables that come from user-entered data through p::clean()
Diffstat (limited to 'modules/rss')
-rw-r--r-- | modules/rss/views/comment.mrss.php | 14 | ||||
-rw-r--r-- | modules/rss/views/feed.mrss.php | 14 |
2 files changed, 14 insertions, 14 deletions
diff --git a/modules/rss/views/comment.mrss.php b/modules/rss/views/comment.mrss.php index 8b7e4f70..d2177026 100644 --- a/modules/rss/views/comment.mrss.php +++ b/modules/rss/views/comment.mrss.php @@ -6,9 +6,9 @@ xmlns:fh="http://purl.org/syndication/history/1.0"> <channel> <generator>gallery3</generator> - <title><?= $title ?></title> + <title><?= p::clean($title) ?></title> <link><?= $link ?></link> - <description><?= htmlspecialchars($description) ?></description> + <description><?= p::clean($description) ?></description> <language>en-us</language> <atom:link rel="self" href="<?= $feed_link ?>" type="application/rss+xml" /> <fh:complete/> @@ -22,17 +22,17 @@ <lastBuildDate><?= $pub_date ?></lastBuildDate> <? foreach ($children as $child): ?> <item> - <title><?= $child["title"]?></title> - <link><?= $child["item_link"] ?></link> - <author><?= $child["author"] ?></author> + <title><?= p::clean($child["title"]) ?></title> + <link><?= p::clean($child["item_link"]) ?></link> + <author><?= p::clean($child["author"]) ?></author> <guid isPermaLink="true"><?= $child["item_link"] ?></guid> <pubDate><?= $child["pub_date"] ?></pubDate> <content:encoded> <![CDATA[ - <p><?= $child["text"] ?></p> + <p><?= p::clean($child["text"]) ?></p> <p> <img alt="" src="<?= $child["thumb_url"] ?>" - height="<?= $child["thumb_height"] ?>" width="<?= $child["thumb_width"] ?>" /> + height="<?= $child["thumb_height"] ?>" width="<?= $child["thumb_width"] ?>" /> <br /> </p> ]]> diff --git a/modules/rss/views/feed.mrss.php b/modules/rss/views/feed.mrss.php index c581e5e0..0beebbcf 100644 --- a/modules/rss/views/feed.mrss.php +++ b/modules/rss/views/feed.mrss.php @@ -6,9 +6,9 @@ xmlns:fh="http://purl.org/syndication/history/1.0"> <channel> <generator>gallery3</generator> - <title><?= htmlspecialchars($title) ?></title> + <title><?= p::clean($title) ?></title> <link><?= $link ?></link> - <description><?= htmlspecialchars($description) ?></description> + <description><?= p::clean($description) ?></description> <language>en-us</language> <atom:link rel="self" href="<?= $feed_link ?>" type="application/rss+xml" /> <fh:complete/> @@ -22,25 +22,25 @@ <lastBuildDate><?= $pub_date ?></lastBuildDate> <? foreach ($children as $child): ?> <item> - <title><?= htmlspecialchars($child->title) ?></title> + <title><?= p::clean($child->title) ?></title> <link><?= url::abs_site("{$child->type}s/{$child->id}") ?></link> <guid isPermaLink="true"><?= url::abs_site("{$child->type}s/{$child->id}") ?></guid> <pubDate><?= date("D, d M Y H:i:s T", $child->created); ?></pubDate> <content:encoded> <![CDATA[ - <span><?= $child->description ?></span> + <span><?= p::clean($child->description) ?></span> <p> <? if ($child->type == "photo" || $child->type == "album"): ?> <img alt="" src="<?= $child->resize_url(true) ?>" - title="<?= htmlspecialchars($child->title) ?>" + title="<?= p::clean($child->title) ?>" height="<?= $child->resize_height ?>" width="<?= $child->resize_width ?>" /><br /> <? else: ?> <a href="<?= url::abs_site("{$child->type}s/{$child->id}") ?>"> <img alt="" src="<?= $child->thumb_url(true) ?>" - title="<?= htmlspecialchars($child->title) ?>" + title="<?= p::clean($child->title) ?>" height="<?= $child->thumb_height ?>" width="<?= $child->thumb_width ?>" /></a><br /> <? endif ?> - <?= $child->description ?> + <?= p::clean($child->description) ?> </p> ]]> </content:encoded> |