* use htmlspecialchars instead of htmlentities
git-svn-id: svn://netflint.net/xmpphp@17 ef36c318-a008-4979-b6e8-6b496270793b
This commit is contained in:
parent
d4876b1702
commit
912a17ac07
@ -49,7 +49,7 @@ class XMLObj {
|
||||
$str .= "<{$this->name} xmlns='{$this->ns}' ";
|
||||
foreach($this->attrs as $key => $value) {
|
||||
if($key != 'xmlns') {
|
||||
$value = htmlentities($value);
|
||||
$value = htmlspecialchars($value);
|
||||
$str .= "$key='$value' ";
|
||||
}
|
||||
}
|
||||
@ -57,7 +57,7 @@ class XMLObj {
|
||||
foreach($this->subs as $sub) {
|
||||
$str .= $sub->tostring();
|
||||
}
|
||||
$body = htmlentities($this->data);
|
||||
$body = htmlspecialchars($this->data);
|
||||
$str .= "$body</{$this->name}>";
|
||||
return $str;
|
||||
}
|
||||
|
10
xmpp.php
10
xmpp.php
@ -56,9 +56,9 @@ class XMPP extends XMLStream {
|
||||
}
|
||||
|
||||
function message($to, $body, $type='chat', $subject=Null) {
|
||||
$to = htmlentities($to);
|
||||
$body = htmlentities($body);
|
||||
$subject = htmlentities($subject);
|
||||
$to = htmlspecialchars($to);
|
||||
$body = htmlspecialchars($body);
|
||||
$subject = htmlspecialchars($subject);
|
||||
$out = "<message from='{$this->fulljid}' to='$to' type='$type'>";
|
||||
if($subject) $out .= "<subject>$subject</subject>";
|
||||
$out .= "<body>$body</body></message>";
|
||||
@ -66,8 +66,8 @@ class XMPP extends XMLStream {
|
||||
}
|
||||
|
||||
function presence($status=Null, $show='available', $to=Null) {
|
||||
$to = htmlentities($to);
|
||||
$status = htmlentities($status);
|
||||
$to = htmlspecialchars($to);
|
||||
$status = htmlspecialchars($status);
|
||||
if($show == 'unavailable') $type = 'unavailable';
|
||||
$out = "<presence";
|
||||
if($to) $out .= " to='$to'";
|
||||
|
Loading…
Reference in New Issue
Block a user