diff options
| author | Max Kostikov <max@kostikov.co> | 2019-11-06 16:07:04 +0100 |
|---|---|---|
| committer | Max Kostikov <max@kostikov.co> | 2019-11-06 16:07:04 +0100 |
| commit | 36f707b25ee04f3641c5d13290cc6297e28b1f47 (patch) | |
| tree | 7315d3919961dae71d914ec7465ab3bc3a2f43cd | |
| parent | 09ad48c12bf9eba0bf44229bb8028029102ecfa5 (diff) | |
| download | volse-hubzilla-36f707b25ee04f3641c5d13290cc6297e28b1f47.tar.gz volse-hubzilla-36f707b25ee04f3641c5d13290cc6297e28b1f47.tar.bz2 volse-hubzilla-36f707b25ee04f3641c5d13290cc6297e28b1f47.zip | |
Sanitize title on Atom/RSS feed import
| -rw-r--r-- | include/feedutils.php | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/include/feedutils.php b/include/feedutils.php index 5e52828c3..e7fcad02a 100644 --- a/include/feedutils.php +++ b/include/feedutils.php @@ -436,6 +436,18 @@ function get_atom_elements($feed, $item) { if($summary === $res['body']) $summary = ''; + else { + $res['title'] = bbcode($res['title'], [ 'tryoembed' => false ]); + $res['title'] = html2plain($res['title'], 0, true); + $res['title'] = html_entity_decode($res['title'], ENT_QUOTES, 'UTF-8'); + $res['title'] = preg_replace("/https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@]+/", "", $res['title']); + while (strpos($res['title'], "\n") !== false) + $res['title'] = str_replace("\n", " ", $res['title']); + while (strpos($res['title'], " ") !== false) + $res['title'] = str_replace(" ", " ", $res['title']); + $res['title'] = trim($res['title']); + } + if(($summary) && ((strpos($summary,'<') !== false) || (strpos($summary,'>') !== false))) { $summary = purify_html($summary); |