aboutsummaryrefslogtreecommitdiffstats
path: root/boot.php
diff options
context:
space:
mode:
authorMike Macgirvin <mike@macgirvin.com>2010-07-19 06:58:03 -0700
committerMike Macgirvin <mike@macgirvin.com>2010-07-19 06:58:03 -0700
commit6695b4a203ab03941c8b3305a3e55cc02b85a5ac (patch)
tree47af4ee89d71b4c0584ae30da1883d5ae9e933a2 /boot.php
parentbbe53699f26bfa4e4d17da097fd8f2fc14da47dd (diff)
downloadvolse-hubzilla-6695b4a203ab03941c8b3305a3e55cc02b85a5ac.tar.gz
volse-hubzilla-6695b4a203ab03941c8b3305a3e55cc02b85a5ac.tar.bz2
volse-hubzilla-6695b4a203ab03941c8b3305a3e55cc02b85a5ac.zip
more bugs
Diffstat (limited to 'boot.php')
-rw-r--r--boot.php6
1 files changed, 2 insertions, 4 deletions
diff --git a/boot.php b/boot.php
index 1a60ee173..56d85f638 100644
--- a/boot.php
+++ b/boot.php
@@ -205,12 +205,10 @@ function notags($string) {
return(str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string));
}}
-// The PHP built-in tag escape function has traditionally been buggy
if(! function_exists('escape_tags')) {
function escape_tags($string) {
- return(str_replace(
- array('&', '"', "'", '<', '>'),
- array('&amp;', '&quot;', '&#39;', '&lt;', '&gt;'), $string));
+
+ return(htmlspecialchars($string));
}}
if(! function_exists('login')) {