From 2bbd6994753d25e6118de3916e07336ef622b2b9 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Sun, 16 Dec 2012 13:38:50 +0400
Subject: update: feed escaping issue

---
 include/rssfuncs.php | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

(limited to 'include/rssfuncs.php')

diff --git a/include/rssfuncs.php b/include/rssfuncs.php
index 1b39efec1..eaa975a5a 100644
--- a/include/rssfuncs.php
+++ b/include/rssfuncs.php
@@ -631,7 +631,6 @@
 					print "\n";
 				}
 
-				$entry_content_unescaped = $entry_content;
 				$entry_cached_content = "";
 
 				if ($use_simplepie) {
@@ -675,10 +674,6 @@
 				$result = db_query($link, "SELECT id FROM	ttrss_entries
 					WHERE guid = '$entry_guid'");
 
-				$entry_content = db_escape_string($entry_content, false);
-
-				$entry_title = db_escape_string($entry_title);
-				$entry_link = db_escape_string($entry_link);
 				$entry_comments = mb_substr(db_escape_string($entry_comments), 0, 250);
 				$entry_author = mb_substr($entry_author, 0, 250);
 
@@ -762,7 +757,7 @@
 				$entry_tags = null;
 
 				preg_match_all("/<a.*?rel=['\"]tag['\"].*?\>([^<]+)<\/a>/i",
-					$entry_content_unescaped, $entry_tags);
+					$entry_content, $entry_tags);
 
 				$entry_tags = $entry_tags[1];
 
@@ -804,6 +799,11 @@
 					$entry_author = $article["author"];
 				}
 
+				$entry_content = db_escape_string($entry_content, false);
+				$entry_title = db_escape_string($entry_title);
+				$entry_author = db_escape_string($entry_author);
+				$entry_link = db_escape_string($entry_link);
+
 				$content_hash = "SHA1:" . sha1(strip_tags($entry_content));
 
 				db_query($link, "BEGIN");
-- 
cgit v1.2.3