From d7ee552c570f4fca760c3d1573f32c005cf73bb8 Mon Sep 17 00:00:00 2001 From: friendica Date: Wed, 20 Nov 2013 15:20:12 -0800 Subject: Protocol: now set data['alg'] on all encapsulated encrypted packets, so that we can more easily retire 'aes256cbc' once it is no longer viable. --- mod/editpost.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'mod/editpost.php') diff --git a/mod/editpost.php b/mod/editpost.php index b01afe9b3..f25d6d21d 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -57,9 +57,9 @@ function editpost_content(&$a) { if($itm[0]['item_flags'] & ITEM_OBSCURED) { $key = get_config('system','prvkey'); if($itm[0]['title']) - $itm[0]['title'] = aes_unencapsulate(json_decode_plus($itm[0]['title']),$key); + $itm[0]['title'] = crypto_unencapsulate(json_decode_plus($itm[0]['title']),$key); if($itm[0]['body']) - $itm[0]['body'] = aes_unencapsulate(json_decode_plus($itm[0]['body']),$key); + $itm[0]['body'] = crypto_unencapsulate(json_decode_plus($itm[0]['body']),$key); } $tpl = get_markup_template("jot.tpl"); -- cgit v1.2.3 From 941f81eb300074b203dd480924f9cf8b9d41a08d Mon Sep 17 00:00:00 2001 From: friendica Date: Thu, 12 Dec 2013 02:01:42 -0800 Subject: check that every invocation of htmlspecialchars has the right arg list --- mod/editpost.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'mod/editpost.php') diff --git a/mod/editpost.php b/mod/editpost.php index f25d6d21d..e731c04fe 100644 --- a/mod/editpost.php +++ b/mod/editpost.php @@ -114,7 +114,7 @@ function editpost_content(&$a) { '$pvisit' => 'none', '$public' => t('Public post'), '$jotnets' => $jotnets, - '$title' => htmlspecialchars($itm[0]['title']), + '$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'), '$placeholdertitle' => t('Set title'), '$category' => $category, '$placeholdercategory' => t('Categories (comma-separated list)'), -- cgit v1.2.3