From 18cf1358e03322cbecd535b16f4a39f788f644af Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Sun, 9 Sep 2012 21:47:58 +0400
Subject: create_published_article: validate url

---
 include/functions.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'include')

diff --git a/include/functions.php b/include/functions.php
index 701949fd7..65b794dd8 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -5585,6 +5585,8 @@
 		if (!$title) $title = $url;
 		if (!$title && !$url) return false;
 
+		if (filter_var($url, FILTER_VALIDATE_URL) === FALSE) return false;
+
 		$result = db_query($link, "INSERT INTO ttrss_entries
 			(title, guid, link, updated, content, content_hash, date_entered, date_updated)
 			VALUES
-- 
cgit v1.2.3