diff options
| author | cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-02-21 20:30:13 +0000 |
|---|---|---|
| committer | cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544> | 2010-02-21 20:30:13 +0000 |
| commit | ce915d40a3b9151dcf03067eeac23a581efff897 (patch) | |
| tree | d4cb66e941f0f84001a8cc46e1081b35e89f2c38 | |
| parent | f8ffe33a5eb4d81d60c8ba5cc615ee49b1ea239d (diff) | |
| download | elgg-ce915d40a3b9151dcf03067eeac23a581efff897.tar.gz elgg-ce915d40a3b9151dcf03067eeac23a581efff897.tar.bz2 | |
Refs #1517: only encode <,>, and & for strings in xml
git-svn-id: http://code.elgg.org/elgg/trunk@3961 36083f99-b078-4883-b0ff-0f9b5a30f544
| -rw-r--r-- | engine/lib/xml.php | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/engine/lib/xml.php b/engine/lib/xml.php index cbc936555..f691b2475 100644 --- a/engine/lib/xml.php +++ b/engine/lib/xml.php @@ -58,7 +58,7 @@ } else if (gettype($value) == "boolean") { $output .= $value ? "true" : "false"; } else { - $output .= htmlentities($value); + $output .= htmlspecialchars($value, ENT_NOQUOTES, 'UTF-8'); } $output .= "</$key>\n"; @@ -103,7 +103,7 @@ } else if (gettype($value) == "boolean") { $output .= $value ? "true" : "false"; } else { - $output .= htmlentities($value); + $output .= htmlspecialchars($value, ENT_NOQUOTES, 'UTF-8'); } $output .= "</$item>\n"; |