diff options
author | Andrew Dolgov <[email protected]> | 2013-03-23 09:44:52 +0400 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2013-03-23 09:44:52 +0400 |
commit | d6ce708930cb838af3ed1cf585d3ca62b7036d9b (patch) | |
tree | 0a7fd2b21081a4b7561106cac7771d073994f2ea /classes/feeds.php | |
parent | 01dffac771a64b2e8b87d0c3d76c09ccc51f125f (diff) |
title escaping: do not double-encode entities
Diffstat (limited to 'classes/feeds.php')
-rw-r--r-- | classes/feeds.php | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/classes/feeds.php b/classes/feeds.php index 3657a0564..f67321177 100644 --- a/classes/feeds.php +++ b/classes/feeds.php @@ -432,7 +432,8 @@ class Feeds extends Handler_Protected { $reply['content'] .= "<div onclick='return hlClicked(event, $id)' class=\"hlTitle\"><span class='hlContent$hlc_suffix'>"; $reply['content'] .= "<a id=\"RTITLE-$id\" - href=\"" . htmlspecialchars($line["link"]) . "\" + href=\"" . htmlspecialchars($line["link"], ENT_COMPAT | ENT_HTML401, + 'utf-8', false) . "\" onclick=\"\">" . truncate_string($line["title"], 200); |