diff options
| author | Friendika <info@friendika.com> | 2011-09-19 19:46:18 -0700 |
|---|---|---|
| committer | Friendika <info@friendika.com> | 2011-09-19 19:46:18 -0700 |
| commit | 63277b57fc6557c5f59fefd1ae738ad3c3e2a9f1 (patch) | |
| tree | 9c77d63b3081f379181cce1a1aad62b28cd94549 /include/conversation.php | |
| parent | d6d24f3b6a2fcd853387ff5338a89687e498300c (diff) | |
| download | volse-hubzilla-63277b57fc6557c5f59fefd1ae738ad3c3e2a9f1.tar.gz volse-hubzilla-63277b57fc6557c5f59fefd1ae738ad3c3e2a9f1.tar.bz2 volse-hubzilla-63277b57fc6557c5f59fefd1ae738ad3c3e2a9f1.zip | |
template escapes
Diffstat (limited to 'include/conversation.php')
| -rw-r--r-- | include/conversation.php | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/include/conversation.php b/include/conversation.php index 7cea54db5..b7fba9154 100644 --- a/include/conversation.php +++ b/include/conversation.php @@ -485,7 +485,7 @@ function conversation(&$a, $items, $mode, $update) { $tmp_item = replace_macros($template,array( - '$body' => $body, + '$body' => template_escape($body), '$id' => $item['item_id'], '$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), '$olinktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), @@ -494,18 +494,18 @@ function conversation(&$a, $items, $mode, $update) { '$vwall' => t('via Wall-To-Wall:'), '$profile_url' => $profile_link, '$item_photo_menu' => item_photo_menu($item), - '$name' => $profile_name, + '$name' => template_escape($profile_name), '$thumb' => $profile_avatar, '$osparkle' => $osparkle, '$sparkle' => $sparkle, - '$title' => $item['title'], + '$title' => template_escape($item['title']), '$ago' => ((($item['app']) && ($item['id'] == $item['parent'])) ? sprintf( t('%s from %s'),relative_date($item['created']),$item['app']) : relative_date($item['created'])), '$lock' => $lock, - '$location' => $location, + '$location' => template_escape($location), '$indent' => $indent, '$owner_url' => $owner_url, '$owner_photo' => $owner_photo, - '$owner_name' => $owner_name, + '$owner_name' => template_escape($owner_name), '$plink' => get_plink($item), '$edpost' => $edpost, '$star' => $star, |