diff options
author | friendica <info@friendica.com> | 2013-12-12 02:01:42 -0800 |
---|---|---|
committer | friendica <info@friendica.com> | 2013-12-12 02:01:42 -0800 |
commit | 941f81eb300074b203dd480924f9cf8b9d41a08d (patch) | |
tree | 0492f70620c1ed2001153632b95fa976bbe967fd | |
parent | b3fe221b7fe9c6ecc151d9c00f36d3913526f6a3 (diff) | |
download | volse-hubzilla-941f81eb300074b203dd480924f9cf8b9d41a08d.tar.gz volse-hubzilla-941f81eb300074b203dd480924f9cf8b9d41a08d.tar.bz2 volse-hubzilla-941f81eb300074b203dd480924f9cf8b9d41a08d.zip |
check that every invocation of htmlspecialchars has the right arg list
-rw-r--r-- | mod/editblock.php | 2 | ||||
-rw-r--r-- | mod/editlayout.php | 2 | ||||
-rw-r--r-- | mod/editpost.php | 2 | ||||
-rw-r--r-- | mod/editwebpage.php | 2 | ||||
-rw-r--r-- | mod/message.php | 2 | ||||
-rw-r--r-- | mod/network.php | 2 | ||||
-rw-r--r-- | mod/search.php | 6 | ||||
-rw-r--r-- | version.inc | 2 |
8 files changed, 10 insertions, 10 deletions
diff --git a/mod/editblock.php b/mod/editblock.php index 9c691640b..8b5b2d16c 100644 --- a/mod/editblock.php +++ b/mod/editblock.php @@ -132,7 +132,7 @@ function editblock_content(&$a) { '$pvisit' => 'none', '$public' => t('Public post'), '$jotnets' => $jotnets, - '$title' => htmlspecialchars($itm[0]['title']), + '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), '$placeholdertitle' => t('Set title'), '$category' => '', '$placeholdercategory' => t('Categories (comma-separated list)'), diff --git a/mod/editlayout.php b/mod/editlayout.php index f8906d981..542bb8357 100644 --- a/mod/editlayout.php +++ b/mod/editlayout.php @@ -117,7 +117,7 @@ function editlayout_content(&$a) { '$pvisit' => 'none', '$public' => t('Public post'), '$jotnets' => $jotnets, - '$title' => htmlspecialchars($itm[0]['title']), + '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), '$placeholdertitle' => t('Set title'), '$category' => '', '$placeholdercategory' => t('Categories (comma-separated list)'), diff --git a/mod/editpost.php b/mod/editpost.php index f25d6d21d..e731c04fe 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -114,7 +114,7 @@ function editpost_content(&$a) { '$pvisit' => 'none', '$public' => t('Public post'), '$jotnets' => $jotnets, - '$title' => htmlspecialchars($itm[0]['title']), + '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), '$placeholdertitle' => t('Set title'), '$category' => $category, '$placeholdercategory' => t('Categories (comma-separated list)'), diff --git a/mod/editwebpage.php b/mod/editwebpage.php index 840bda336..85bd9e918 100644 --- a/mod/editwebpage.php +++ b/mod/editwebpage.php @@ -164,7 +164,7 @@ function editwebpage_content(&$a) { '$jotnets' => $jotnets, '$mimeselect' => $mimeselect, '$layoutselect' => $layoutselect, - '$title' => htmlspecialchars($itm[0]['title']), + '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), '$placeholdertitle' => t('Set title'), '$category' => '', '$placeholdercategory' => t('Categories (comma-separated list)'), diff --git a/mod/message.php b/mod/message.php index bee3b68f3..b5420e5b3 100644 --- a/mod/message.php +++ b/mod/message.php @@ -321,7 +321,7 @@ function message_content(&$a) { '$preid' => $preid, '$subject' => t('Subject:'), '$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''), - '$text' => ((x($_REQUEST,'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''), + '$text' => ((x($_REQUEST,'body')) ? htmlspecialchars($_REQUEST['body'], ENT_COMPAT, 'UTF-8') : ''), '$readonly' => '', '$yourmessage' => t('Your message:'), '$select' => $select, diff --git a/mod/network.php b/mod/network.php index 1da5524c9..072f718ec 100644 --- a/mod/network.php +++ b/mod/network.php @@ -115,7 +115,7 @@ function network_content(&$a, $update = 0, $load = false) { // search terms header if($search) - $o .= '<h2>' . t('Search Results For:') . ' ' . htmlspecialchars($search) . '</h2>'; + $o .= '<h2>' . t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') . '</h2>'; nav_set_selected('network'); diff --git a/mod/search.php b/mod/search.php index 7651b3a4e..2b31002fa 100644 --- a/mod/search.php +++ b/mod/search.php @@ -17,7 +17,7 @@ function search_saved_searches() { $o .= '<h3>' . t('Saved Searches') . '</h3>' . "\r\n"; $o .= '<ul id="saved-search-ul">' . "\r\n"; foreach($r as $rr) { - $o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . rawurlencode($rr['term']) . '" title="' . t('Remove term') . '" onclick="return confirmDelete();"><i class="icon-remove drop-icons"></i></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . htmlspecialchars($rr['term']) . '</a></li>' . "\r\n"; + $o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . rawurlencode($rr['term']) . '" title="' . t('Remove term') . '" onclick="return confirmDelete();"><i class="icon-remove drop-icons"></i></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8') . '</a></li>' . "\r\n"; } $o .= '</ul><div class="clear"></div></div>' . "\r\n"; } @@ -272,9 +272,9 @@ function search_content(&$a,$update = 0, $load = false) { if($tag) - $o .= '<h2>Items tagged with: ' . htmlspecialchars($search) . '</h2>'; + $o .= '<h2>Items tagged with: ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') . '</h2>'; else - $o .= '<h2>Search results for: ' . htmlspecialchars($search) . '</h2>'; + $o .= '<h2>Search results for: ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') . '</h2>'; $o .= conversation($a,$items,'search',$update,'client'); diff --git a/version.inc b/version.inc index 7a72887e8..64336785f 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2013-12-11.524 +2013-12-12.525 |