* use htmlspecialchars instead of htmlentities

git-svn-id: svn://netflint.net/xmpphp@17 ef36c318-a008-4979-b6e8-6b496270793b
2008-04-06 22:50:29 +00:00 · 2008-04-06 22:50:29 +00:00 · 912a17ac07
commit 912a17ac07
parent d4876b1702
2 changed files with 7 additions and 7 deletions
--- a/xmlobj.php
+++ b/xmlobj.php
@ -49,7 +49,7 @@ class XMLObj {
 		$str .= "<{$this->name} xmlns='{$this->ns}' ";
 		foreach($this->attrs as $key => $value) {
 			if($key != 'xmlns') {
-				$value = htmlentities($value);
+				$value = htmlspecialchars($value);
 				$str .= "$key='$value' ";
 			}
 		}
@ -57,7 +57,7 @@ class XMLObj {
 		foreach($this->subs as $sub) {
 			$str .= $sub->tostring();
 		}
-		$body = htmlentities($this->data);
+		$body = htmlspecialchars($this->data);
 		$str .= "$body</{$this->name}>";
 		return $str;
 	}
--- a/xmpp.php
+++ b/xmpp.php
@ -56,9 +56,9 @@ class XMPP extends XMLStream {
 	}
 	function message($to, $body, $type='chat', $subject=Null) {
-		$to = htmlentities($to);
+		$to = htmlspecialchars($to);
-		$body = htmlentities($body);
+		$body = htmlspecialchars($body);
-		$subject = htmlentities($subject);
+		$subject = htmlspecialchars($subject);
 		$out = "<message from='{$this->fulljid}' to='$to' type='$type'>";
 		if($subject) $out .= "<subject>$subject</subject>";
 		$out .= "<body>$body</body></message>";
@ -66,8 +66,8 @@ class XMPP extends XMLStream {
 	}
 	function presence($status=Null, $show='available', $to=Null) {
-		$to = htmlentities($to);
+		$to = htmlspecialchars($to);
-		$status = htmlentities($status);
+		$status = htmlspecialchars($status);
 		if($show == 'unavailable') $type = 'unavailable';
 		$out = "<presence";
 		if($to) $out .= " to='$to'";