diff options
author | friendica <info@friendica.com> | 2014-08-14 18:00:48 -0700 |
---|---|---|
committer | friendica <info@friendica.com> | 2014-08-14 18:00:48 -0700 |
commit | b9dffa91073c2d20f81562c5d79fa9c0546aa6df (patch) | |
tree | ad2d11ae809006d05d73a6b4333cd2c2b6f1a24f | |
parent | 414d86d3a92cc9645c5fac7c4569e3fe2822c051 (diff) | |
download | volse-hubzilla-b9dffa91073c2d20f81562c5d79fa9c0546aa6df.tar.gz volse-hubzilla-b9dffa91073c2d20f81562c5d79fa9c0546aa6df.tar.bz2 volse-hubzilla-b9dffa91073c2d20f81562c5d79fa9c0546aa6df.zip |
escape tags when using markdown. Strange things happen if you put HTML entities in the text.
-rw-r--r-- | mod/item.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/mod/item.php b/mod/item.php index 0e2456df3..92dc3e7c6 100644 --- a/mod/item.php +++ b/mod/item.php @@ -430,8 +430,8 @@ function item_post(&$a) { if($mimetype === 'text/bbcode') { if(local_user() && local_user() == $profile_uid && feature_enabled(local_user(),'markdown')) { - require_once('include/bb2diaspora.php'); - $body = diaspora2bb($body,true); + require_once('include/bb2diaspora.php'); + $body = diaspora2bb(escape_tags($body),true); } |