From ce915d40a3b9151dcf03067eeac23a581efff897 Mon Sep 17 00:00:00 2001
From: cash <cash@36083f99-b078-4883-b0ff-0f9b5a30f544>
Date: Sun, 21 Feb 2010 20:30:13 +0000
Subject: Refs #1517: only encode <,>, and & for strings in xml

git-svn-id: http://code.elgg.org/elgg/trunk@3961 36083f99-b078-4883-b0ff-0f9b5a30f544
---
 engine/lib/xml.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'engine/lib/xml.php')

diff --git a/engine/lib/xml.php b/engine/lib/xml.php
index cbc936555..f691b2475 100644
--- a/engine/lib/xml.php
+++ b/engine/lib/xml.php
@@ -58,7 +58,7 @@
 			} else if (gettype($value) == "boolean") {
 				$output .= $value ? "true" : "false";
 			} else {
-				$output .= htmlentities($value);
+				$output .= htmlspecialchars($value, ENT_NOQUOTES, 'UTF-8');
 			}
 			
 			$output .= "</$key>\n";
@@ -103,7 +103,7 @@
 			} else if (gettype($value) == "boolean") {
 				$output .= $value ? "true" : "false";
 			} else {
-				$output .= htmlentities($value);
+				$output .= htmlspecialchars($value, ENT_NOQUOTES, 'UTF-8');
 			}
 			
 			$output .= "</$item>\n";
-- 
cgit v1.2.3