diff options
| -rw-r--r-- | Zotlabs/Update/_1216.php | 19 | ||||
| -rwxr-xr-x | boot.php | 2 | ||||
| -rw-r--r-- | include/network.php | 16 |
3 files changed, 28 insertions, 9 deletions
diff --git a/Zotlabs/Update/_1216.php b/Zotlabs/Update/_1216.php new file mode 100644 index 000000000..843567633 --- /dev/null +++ b/Zotlabs/Update/_1216.php @@ -0,0 +1,19 @@ +<?php + +namespace Zotlabs\Update; + +class _1215 { + + function run() { + + $r = q("UPDATE xchan set xchan_name = 'unknown' where xchan_name like '%<%' "); + + if($r) { + return UPDATE_SUCCESS; + } + else { + return UPDATE_FAILED; + } + } + +} @@ -54,7 +54,7 @@ define ( 'STD_VERSION', '3.7' ); define ( 'ZOT_REVISION', '6.0a' ); -define ( 'DB_UPDATE_VERSION', 1215 ); +define ( 'DB_UPDATE_VERSION', 1216 ); define ( 'PROJECT_BASE', __DIR__ ); diff --git a/include/network.php b/include/network.php index 91a39a6cb..0d37db58d 100644 --- a/include/network.php +++ b/include/network.php @@ -1923,23 +1923,23 @@ function scrape_vcard($url) { $level2 = $item->getElementsByTagName('*'); foreach($level2 as $x) { if(attribute_contains($x->getAttribute('id'),'pod_location')) - $ret['pod_location'] = $x->textContent; + $ret['pod_location'] = escape_tags($x->textContent); if(attribute_contains($x->getAttribute('class'),'fn')) - $ret['fn'] = $x->textContent; + $ret['fn'] = escape_tags($x->textContent); if(attribute_contains($x->getAttribute('class'),'uid')) - $ret['uid'] = $x->textContent; + $ret['uid'] = escape_tags($x->textContent); if(attribute_contains($x->getAttribute('class'),'nickname')) - $ret['nick'] = $x->textContent; + $ret['nick'] = escape_tags($x->textContent); if(attribute_contains($x->getAttribute('class'),'searchable')) - $ret['searchable'] = $x->textContent; + $ret['searchable'] = escape_tags($x->textContent); if(attribute_contains($x->getAttribute('class'),'key')) $ret['public_key'] = $x->textContent; if(attribute_contains($x->getAttribute('class'),'given_name')) - $ret['given_name'] = $x->textContent; + $ret['given_name'] = escape_tags($x->textContent); if(attribute_contains($x->getAttribute('class'),'family_name')) - $ret['family_name'] = $x->textContent; + $ret['family_name'] = escxape_tags($x->textContent); if(attribute_contains($x->getAttribute('class'),'url')) - $ret['url'] = $x->textContent; + $ret['url'] = escape_tags($x->textContent); if((attribute_contains($x->getAttribute('class'),'photo')) || (attribute_contains($x->getAttribute('class'),'avatar'))) { |