diff options
| author | Andrew Dolgov <[email protected]> | 2006-08-05 13:00:01 +0100 |
|---|---|---|
| committer | Andrew Dolgov <[email protected]> | 2006-08-05 13:00:01 +0100 |
| commit | d48d160c64f104785a6a52372271100e1a9803c6 (patch) | |
| tree | 5a17a47f340884ca6879b51bb0acd7d73ae50169 /functions.php | |
| parent | 5c365f6055ffe61ddcc5f2e306499945e34ddf09 (diff) | |
disable scripts in rss entry content
Diffstat (limited to 'functions.php')
| -rw-r--r-- | functions.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/functions.php b/functions.php index 2e65f7a35..133a8ccf9 100644 --- a/functions.php +++ b/functions.php @@ -530,6 +530,13 @@ } + # sanitize content + $entry_content = preg_replace('/<script.*?>/i', + "<p class=\"scriptWarn\">", $entry_content); + + $entry_content = preg_replace('/<\/script>/i', + "</p>", $entry_content); + db_query($link, "BEGIN"); if (db_num_rows($result) == 0) { |