From c0c5c0f81f40b5d72048e74842a650f974cefcd7 Mon Sep 17 00:00:00 2001
From: Brett Profitt <brett.profitt@gmail.com>
Date: Tue, 1 May 2012 17:15:42 -0700
Subject: Fixes #1835. Passing tagcloud URLs through output/url for proper
 escaping.

---
 views/default/output/tagcloud.php | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

(limited to 'views/default/output/tagcloud.php')

diff --git a/views/default/output/tagcloud.php b/views/default/output/tagcloud.php
index 22b6cf49d..a212becd8 100644
--- a/views/default/output/tagcloud.php
+++ b/views/default/output/tagcloud.php
@@ -47,9 +47,15 @@ if (!empty($vars['tagcloud']) && is_array($vars['tagcloud'])) {
 		if ($size < 100) {
 			$size = 100;
 		}
-		$url = elgg_get_site_url()."search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype";
-		$url = elgg_format_url($url);
-		$cloud .= "<a href=\"$url\" style=\"font-size: $size%\" title=\"".addslashes($tag->tag)." ($tag->total)\">" . htmlspecialchars($tag->tag, ENT_QUOTES, 'UTF-8') . "</a>";
+		$url = "search?q=". urlencode($tag->tag) . "&search_type=tags$type$subtype";
+
+		$cloud .= elgg_view('output/url', array(
+			'text' => $tag->tag,
+			'href' => $url,
+			'style' => "font-size: $size%;",
+			'title' => "$tag->tag ($tag->total)",
+			'rel' => 'tag'
+		));
 	}
 	
 	$cloud .= elgg_view('tagcloud/extend');
-- 
cgit v1.2.3