diff options
author | Andrew Dolgov <[email protected]> | 2012-12-16 13:38:50 +0400 |
---|---|---|
committer | Andrew Dolgov <[email protected]> | 2012-12-16 13:38:50 +0400 |
commit | 2bbd6994753d25e6118de3916e07336ef622b2b9 (patch) | |
tree | 1924f398951c425c7d1b834f2079152c3933551d /include/rssfuncs.php | |
parent | 02872c30ed96a7556233fe3c6e3fc2913217fbdb (diff) |
update: feed escaping issue
Diffstat (limited to 'include/rssfuncs.php')
-rw-r--r-- | include/rssfuncs.php | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/include/rssfuncs.php b/include/rssfuncs.php index 1b39efec1..eaa975a5a 100644 --- a/include/rssfuncs.php +++ b/include/rssfuncs.php @@ -631,7 +631,6 @@ print "\n"; } - $entry_content_unescaped = $entry_content; $entry_cached_content = ""; if ($use_simplepie) { @@ -675,10 +674,6 @@ $result = db_query($link, "SELECT id FROM ttrss_entries WHERE guid = '$entry_guid'"); - $entry_content = db_escape_string($entry_content, false); - - $entry_title = db_escape_string($entry_title); - $entry_link = db_escape_string($entry_link); $entry_comments = mb_substr(db_escape_string($entry_comments), 0, 250); $entry_author = mb_substr($entry_author, 0, 250); @@ -762,7 +757,7 @@ $entry_tags = null; preg_match_all("/<a.*?rel=['\"]tag['\"].*?\>([^<]+)<\/a>/i", - $entry_content_unescaped, $entry_tags); + $entry_content, $entry_tags); $entry_tags = $entry_tags[1]; @@ -804,6 +799,11 @@ $entry_author = $article["author"]; } + $entry_content = db_escape_string($entry_content, false); + $entry_title = db_escape_string($entry_title); + $entry_author = db_escape_string($entry_author); + $entry_link = db_escape_string($entry_link); + $content_hash = "SHA1:" . sha1(strip_tags($entry_content)); db_query($link, "BEGIN"); |