aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMax Kostikov <max@kostikov.co>2019-11-06 16:07:04 +0100
committerMax Kostikov <max@kostikov.co>2019-11-06 16:07:04 +0100
commit36f707b25ee04f3641c5d13290cc6297e28b1f47 (patch)
tree7315d3919961dae71d914ec7465ab3bc3a2f43cd
parent09ad48c12bf9eba0bf44229bb8028029102ecfa5 (diff)
downloadvolse-hubzilla-36f707b25ee04f3641c5d13290cc6297e28b1f47.tar.gz
volse-hubzilla-36f707b25ee04f3641c5d13290cc6297e28b1f47.tar.bz2
volse-hubzilla-36f707b25ee04f3641c5d13290cc6297e28b1f47.zip
Sanitize title on Atom/RSS feed import
-rw-r--r--include/feedutils.php12
1 files changed, 12 insertions, 0 deletions
diff --git a/include/feedutils.php b/include/feedutils.php
index 5e52828c3..e7fcad02a 100644
--- a/include/feedutils.php
+++ b/include/feedutils.php
@@ -436,6 +436,18 @@ function get_atom_elements($feed, $item) {
if($summary === $res['body'])
$summary = '';
+ else {
+ $res['title'] = bbcode($res['title'], [ 'tryoembed' => false ]);
+ $res['title'] = html2plain($res['title'], 0, true);
+ $res['title'] = html_entity_decode($res['title'], ENT_QUOTES, 'UTF-8');
+ $res['title'] = preg_replace("/https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@]+/", "", $res['title']);
+ while (strpos($res['title'], "\n") !== false)
+ $res['title'] = str_replace("\n", " ", $res['title']);
+ while (strpos($res['title'], " ") !== false)
+ $res['title'] = str_replace(" ", " ", $res['title']);
+ $res['title'] = trim($res['title']);
+ }
+
if(($summary) && ((strpos($summary,'<') !== false) || (strpos($summary,'>') !== false))) {
$summary = purify_html($summary);