diff options
Diffstat (limited to 'functions.php')
-rw-r--r-- | functions.php | 21 |
1 files changed, 16 insertions, 5 deletions
diff --git a/functions.php b/functions.php index 133a8ccf9..d1212499b 100644 --- a/functions.php +++ b/functions.php @@ -531,11 +531,11 @@ } # sanitize content - $entry_content = preg_replace('/<script.*?>/i', - "<p class=\"scriptWarn\">", $entry_content); - - $entry_content = preg_replace('/<\/script>/i', - "</p>", $entry_content); + + $entry_content = sanitize_rss($entry_content); + $entry_title = sanitize_rss($entry_title); + $entry_link = sanitize_rss($entry_link); + $entry_comments = sanitize_rss($entry_comments); db_query($link, "BEGIN"); @@ -2309,4 +2309,15 @@ } } + function sanitize_rss($str) { + $res = ""; + + $res = preg_replace('/<script.*?>/i', + "<p class=\"scriptWarn\">", $str); + + $res = preg_replace('/<\/script>/i', + "</p>", $res); + + return $res; + } ?> |