update: feed escaping issue

This commit is contained in:
Andrew Dolgov 2012-12-16 13:38:50 +04:00
parent 02872c30ed
commit 2bbd699475
1 changed files with 6 additions and 6 deletions

View File

@ -631,7 +631,6 @@
print "\n"; print "\n";
} }
$entry_content_unescaped = $entry_content;
$entry_cached_content = ""; $entry_cached_content = "";
if ($use_simplepie) { if ($use_simplepie) {
@ -675,10 +674,6 @@
$result = db_query($link, "SELECT id FROM ttrss_entries $result = db_query($link, "SELECT id FROM ttrss_entries
WHERE guid = '$entry_guid'"); WHERE guid = '$entry_guid'");
$entry_content = db_escape_string($entry_content, false);
$entry_title = db_escape_string($entry_title);
$entry_link = db_escape_string($entry_link);
$entry_comments = mb_substr(db_escape_string($entry_comments), 0, 250); $entry_comments = mb_substr(db_escape_string($entry_comments), 0, 250);
$entry_author = mb_substr($entry_author, 0, 250); $entry_author = mb_substr($entry_author, 0, 250);
@ -762,7 +757,7 @@
$entry_tags = null; $entry_tags = null;
preg_match_all("/<a.*?rel=['\"]tag['\"].*?\>([^<]+)<\/a>/i", preg_match_all("/<a.*?rel=['\"]tag['\"].*?\>([^<]+)<\/a>/i",
$entry_content_unescaped, $entry_tags); $entry_content, $entry_tags);
$entry_tags = $entry_tags[1]; $entry_tags = $entry_tags[1];
@ -804,6 +799,11 @@
$entry_author = $article["author"]; $entry_author = $article["author"];
} }
$entry_content = db_escape_string($entry_content, false);
$entry_title = db_escape_string($entry_title);
$entry_author = db_escape_string($entry_author);
$entry_link = db_escape_string($entry_link);
$content_hash = "SHA1:" . sha1(strip_tags($entry_content)); $content_hash = "SHA1:" . sha1(strip_tags($entry_content));
db_query($link, "BEGIN"); db_query($link, "BEGIN");