sanitize title/comments/link too

This commit is contained in:
Andrew Dolgov 2006-08-05 13:07:21 +01:00
parent b1524dc605
commit 183ad07bc2
1 changed files with 16 additions and 5 deletions

View File

@ -531,11 +531,11 @@
}
# sanitize content
$entry_content = preg_replace('/<script.*?>/i',
"<p class=\"scriptWarn\">", $entry_content);
$entry_content = preg_replace('/<\/script>/i',
"</p>", $entry_content);
$entry_content = sanitize_rss($entry_content);
$entry_title = sanitize_rss($entry_title);
$entry_link = sanitize_rss($entry_link);
$entry_comments = sanitize_rss($entry_comments);
db_query($link, "BEGIN");
@ -2309,4 +2309,15 @@
}
}
function sanitize_rss($str) {
$res = "";
$res = preg_replace('/<script.*?>/i',
"<p class=\"scriptWarn\">", $str);
$res = preg_replace('/<\/script>/i',
"</p>", $res);
return $res;
}
?>