* use htmlspecialchars instead of htmlentities

git-svn-id: svn://netflint.net/xmpphp@17 ef36c318-a008-4979-b6e8-6b496270793b

xmlobj.php

@@ -49,7 +49,7 @@ class XMLObj {
 		$str .= "<{$this->name} xmlns='{$this->ns}' ";
 		foreach($this->attrs as $key => $value) {
 			if($key != 'xmlns') {
-				$value = htmlentities($value);
+				$value = htmlspecialchars($value);
 				$str .= "$key='$value' ";
 			}
 		}
@@ -57,7 +57,7 @@ class XMLObj {
 		foreach($this->subs as $sub) {
 			$str .= $sub->tostring();
 		}
-		$body = htmlentities($this->data);
+		$body = htmlspecialchars($this->data);
 		$str .= "$body</{$this->name}>";
 		return $str;
 	}

xmpp.php

@@ -56,9 +56,9 @@ class XMPP extends XMLStream {
 	}
 
 	function message($to, $body, $type='chat', $subject=Null) {
-		$to = htmlentities($to);
-		$body = htmlentities($body);
-		$subject = htmlentities($subject);
+		$to = htmlspecialchars($to);
+		$body = htmlspecialchars($body);
+		$subject = htmlspecialchars($subject);
 		$out = "<message from='{$this->fulljid}' to='$to' type='$type'>";
 		if($subject) $out .= "<subject>$subject</subject>";
 		$out .= "<body>$body</body></message>";
@@ -66,8 +66,8 @@ class XMPP extends XMLStream {
 	}
 
 	function presence($status=Null, $show='available', $to=Null) {
-		$to = htmlentities($to);
-		$status = htmlentities($status);
+		$to = htmlspecialchars($to);
+		$status = htmlspecialchars($status);
 		if($show == 'unavailable') $type = 'unavailable';
 		$out = "<presence";
 		if($to) $out .= " to='$to'";