diff options
author | Mario Vavti <mario@mariovavti.com> | 2022-03-29 11:42:53 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2022-03-29 11:42:53 +0200 |
commit | 0784cd593a39a4fc297e8a82f7e79bc8019a0868 (patch) | |
tree | 22182afb37cf460f8208fff9d276a0672add3185 /include/text.php | |
parent | 0e2e9321025f87fe9587f3d183adaea6185e4e20 (diff) | |
parent | 9c5d2ee5630dd7033904039dcd1e92db8821b644 (diff) | |
download | volse-hubzilla-0784cd593a39a4fc297e8a82f7e79bc8019a0868.tar.gz volse-hubzilla-0784cd593a39a4fc297e8a82f7e79bc8019a0868.tar.bz2 volse-hubzilla-0784cd593a39a4fc297e8a82f7e79bc8019a0868.zip |
Merge branch '7.2RC'7.2
Diffstat (limited to 'include/text.php')
-rw-r--r-- | include/text.php | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/include/text.php b/include/text.php index 29a2ab3b1..0c806d009 100644 --- a/include/text.php +++ b/include/text.php @@ -108,9 +108,24 @@ function notags($string) { * @return string */ function escape_tags($string) { - return(htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false)); + if (!$string) { + return EMPTY_STR; + } + return (htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false)); } +/** + * Escape URL's so they're safe for use in HTML and in HTML element attributes. + */ +function escape_url($input) { + if (empty($input)) { + return EMPTY_STR; + } + + // This is a bit crude but seems to do the trick for now. It makes no + // guarantees that the URL is valid for use after escaping. + return htmlspecialchars($input, ENT_HTML5 | ENT_QUOTES); +} function z_input_filter($s,$type = 'text/bbcode',$allow_code = false) { @@ -3531,7 +3546,7 @@ function text_highlight($s, $lang) { // echo (($xml->asXML('data.xml')) ? 'Your XML file has been generated successfully!' : 'Error generating XML file!'); function arrtoxml($root_elem,$arr) { - $xml = new SimpleXMLElement('<?xml version="1.0" encoding="UTF-8"?><' . $root_elem . '></' . $root_elem . '>', null, false); + $xml = new SimpleXMLElement('<?xml version="1.0" encoding="UTF-8"?><' . $root_elem . '></' . $root_elem . '>', 0, false); array2XML($xml,$arr); return $xml->asXML(); @@ -4054,9 +4069,10 @@ function sanitize_text_field($str) { */ function substr_words($str, $max_length, $suffix = '...') { + $ret = ''; + if (strlen($str) > $max_length) { $words = preg_split('/\s/', $str); - $ret = ''; $i = 0; while (true) { $length = (strlen($ret) + strlen($words[$i])); |