aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Update/_1216.php19
-rwxr-xr-xboot.php2
-rw-r--r--include/network.php16
3 files changed, 28 insertions, 9 deletions
diff --git a/Zotlabs/Update/_1216.php b/Zotlabs/Update/_1216.php
new file mode 100644
index 000000000..843567633
--- /dev/null
+++ b/Zotlabs/Update/_1216.php
@@ -0,0 +1,19 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1215 {
+
+ function run() {
+
+ $r = q("UPDATE xchan set xchan_name = 'unknown' where xchan_name like '%<%' ");
+
+ if($r) {
+ return UPDATE_SUCCESS;
+ }
+ else {
+ return UPDATE_FAILED;
+ }
+ }
+
+}
diff --git a/boot.php b/boot.php
index 8e4877b8e..a873371b1 100755
--- a/boot.php
+++ b/boot.php
@@ -54,7 +54,7 @@ define ( 'STD_VERSION', '3.7' );
define ( 'ZOT_REVISION', '6.0a' );
-define ( 'DB_UPDATE_VERSION', 1215 );
+define ( 'DB_UPDATE_VERSION', 1216 );
define ( 'PROJECT_BASE', __DIR__ );
diff --git a/include/network.php b/include/network.php
index 91a39a6cb..0d37db58d 100644
--- a/include/network.php
+++ b/include/network.php
@@ -1923,23 +1923,23 @@ function scrape_vcard($url) {
$level2 = $item->getElementsByTagName('*');
foreach($level2 as $x) {
if(attribute_contains($x->getAttribute('id'),'pod_location'))
- $ret['pod_location'] = $x->textContent;
+ $ret['pod_location'] = escape_tags($x->textContent);
if(attribute_contains($x->getAttribute('class'),'fn'))
- $ret['fn'] = $x->textContent;
+ $ret['fn'] = escape_tags($x->textContent);
if(attribute_contains($x->getAttribute('class'),'uid'))
- $ret['uid'] = $x->textContent;
+ $ret['uid'] = escape_tags($x->textContent);
if(attribute_contains($x->getAttribute('class'),'nickname'))
- $ret['nick'] = $x->textContent;
+ $ret['nick'] = escape_tags($x->textContent);
if(attribute_contains($x->getAttribute('class'),'searchable'))
- $ret['searchable'] = $x->textContent;
+ $ret['searchable'] = escape_tags($x->textContent);
if(attribute_contains($x->getAttribute('class'),'key'))
$ret['public_key'] = $x->textContent;
if(attribute_contains($x->getAttribute('class'),'given_name'))
- $ret['given_name'] = $x->textContent;
+ $ret['given_name'] = escape_tags($x->textContent);
if(attribute_contains($x->getAttribute('class'),'family_name'))
- $ret['family_name'] = $x->textContent;
+ $ret['family_name'] = escxape_tags($x->textContent);
if(attribute_contains($x->getAttribute('class'),'url'))
- $ret['url'] = $x->textContent;
+ $ret['url'] = escape_tags($x->textContent);
if((attribute_contains($x->getAttribute('class'),'photo'))
|| (attribute_contains($x->getAttribute('class'),'avatar'))) {