7 files changed, 40 insertions, 23 deletions

diff --git a/views/default/output/access.php b/views/default/output/access.php
index 91c5c721e..5c8d62c4d 100644
--- a/views/default/output/access.php
+++ b/views/default/output/access.php
@@ -11,7 +11,7 @@ if (isset($vars['entity']) && elgg_instanceof($vars['entity'])) {
 	$access_id = $vars['entity']->access_id;
 	$access_class = 'elgg-access';
 	$access_id_string = get_readable_access_level($access_id);
-	$access_id_string = htmlentities($access_id_string, ENT_QUOTES, 'UTF-8');
+	$access_id_string = htmlspecialchars($access_id_string, ENT_QUOTES, 'UTF-8', false);
 
 	// if within a group or shared access collection display group name and open/closed membership status
 	// @todo have a better way to do this instead of checking against subtype / class.
diff --git a/views/default/output/email.php b/views/default/output/email.php
index 00eefad1f..f5a8bc4b8 100644
--- a/views/default/output/email.php
+++ b/views/default/output/email.php
@@ -10,6 +10,8 @@
  *
  */
 
+$encoded_value = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8');
+
 if (!empty($vars['value'])) {
-	echo "<a href=\"mailto:" . $vars['value'] . "\">". htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false) ."</a>";
+	echo "<a href=\"mailto:$encoded_value\">$encoded_value</a>";
 }
\ No newline at end of file
diff --git a/views/default/output/location.php b/views/default/output/location.php
index e3619d2e1..e1009f17d 100644
--- a/views/default/output/location.php
+++ b/views/default/output/location.php
@@ -11,4 +11,9 @@ if (isset($vars['entity'])) {
 	unset($vars['entity']);
 }
 
+// Fixes #4566 we used to allow arrays of strings for location
+if (is_array($vars['value'])) {
+	$vars['value'] = implode(', ', $vars['value']);
+}
+
 echo elgg_view('output/tag', $vars);
diff --git a/views/default/output/longtext.php b/views/default/output/longtext.php
index 200f27de5..589100c4f 100644
--- a/views/default/output/longtext.php
+++ b/views/default/output/longtext.php
@@ -31,7 +31,7 @@ if ($parse_urls) {
 
 $text = filter_tags($text);
 
-$text = autop($text);
+$text = elgg_autop($text);
 
 $attributes = elgg_format_attributes($vars);
 
diff --git a/views/default/output/tag.php b/views/default/output/tag.php
index 3c002a31b..6bd9a72a7 100644
--- a/views/default/output/tag.php
+++ b/views/default/output/tag.php
@@ -8,24 +8,25 @@
  *
  */
 
+if (!empty($vars['type'])) {
+	$type = "&type=" . rawurlencode($vars['type']);
+} else {
+	$type = "";
+}
 if (!empty($vars['subtype'])) {
-	$subtype = "&subtype=" . urlencode($vars['subtype']);
+	$subtype = "&subtype=" . rawurlencode($vars['subtype']);
 } else {
 	$subtype = "";
 }
 if (!empty($vars['object'])) {
-	$object = "&object=" . urlencode($vars['object']);
+	$object = "&object=" . rawurlencode($vars['object']);
 } else {
 	$object = "";
 }
 
 if (isset($vars['value'])) {
-	if (!empty($vars['type'])) {
-		$type = "&type={$vars['type']}";
-	} else {
-		$type = "";
-	}
-	$url = elgg_get_site_url() . 'search?q=' . urlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}";
+	$url = elgg_get_site_url() . 'search?q=' . rawurlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}";
+	$vars['value'] = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false);
 	echo elgg_view('output/url', array(
 		'href' => $url,
 		'text' => $vars['value'],
diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php
index 22b6cf49d..2fbf1cd0a 100644
--- a/views/default/output/tagcloud.php
+++ b/views/default/output/tagcloud.php
@@ -39,6 +39,8 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) {
 	
 	$cloud = '';
 	foreach ($vars['tagcloud'] as $tag) {
+		$tag->tag = htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8', false);
+
 		if ($cloud != '') {
 			$cloud .= ', ';
 		}
@@ -47,9 +49,15 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) {
 		if ($size < 100) {
 			$size = 100;
 		}
-		$url = elgg_get_site_url()."search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype";
-		$url = elgg_format_url($url);
-		$cloud .= "<a href=\"$url\" style=\"font-size: $size%\" title=\"".addslashes($tag->tag)." ($tag->total)\">" . htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>";
+		$url = "search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype";
+
+		$cloud .= elgg_view('output/url', array(
+			'text' => $tag->tag,
+			'href' => $url,
+			'style' => "font-size: $size%;",
+			'title' => "$tag->tag ($tag->total)",
+			'rel' => 'tag'
+		));
 	}
 	
 	$cloud .= elgg_view('tagcloud/extend');
diff --git a/views/default/output/tags.php b/views/default/output/tags.php
index 3082dd41e..db096a3be 100644
--- a/views/default/output/tags.php
+++ b/views/default/output/tags.php
@@ -17,13 +17,18 @@ if (isset($vars['entity'])) {
 	unset($vars['entity']);
 }
 
+if (!empty($vars['type'])) {
+	$type = "&type=" . rawurlencode($vars['type']);
+} else {
+	$type = "";
+}
 if (!empty($vars['subtype'])) {
-	$subtype = "&subtype=" . urlencode($vars['subtype']);
+	$subtype = "&subtype=" . rawurlencode($vars['subtype']);
 } else {
 	$subtype = "";
 }
 if (!empty($vars['object'])) {
-	$object = "&object=" . urlencode($vars['object']);
+	$object = "&object=" . rawurlencode($vars['object']);
 } else {
 	$object = "";
 }
@@ -53,15 +58,11 @@ if (!empty($vars['tags'])) {
 
 	$icon_class = elgg_extract('icon_class', $vars);
 	$list_items = '<li>' . elgg_view_icon('tag', $icon_class) . '</li>';
-
+		
 	foreach($vars['tags'] as $tag) {
-		if (!empty($vars['type'])) {
-			$type = "&type={$vars['type']}";
-		} else {
-			$type = "";
-		}
-		$url = elgg_get_site_url() . 'search?q=' . urlencode($tag) . "&search_type=tags{$type}{$subtype}{$object}";
+		$url = elgg_get_site_url() . 'search?q=' . rawurlencode($tag) . "&search_type=tags{$type}{$subtype}{$object}";
 		if (is_string($tag)) {
+			$tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false);
 			$list_items .= "<li class=\"$item_class\">";
 			$list_items .= elgg_view('output/url', array('href' => $url, 'text' => $tag, 'rel' => 'tag'));
 			$list_items .= '</li>';