forked from blallo/rss-bridge
[MrssFormat] Use XML encoding on data
This commit is contained in:
parent
8b468e94a8
commit
0d94f1fe0e
1 changed files with 12 additions and 8 deletions
|
@ -13,20 +13,20 @@ class MrssFormat extends FormatAbstract{
|
|||
$httpHost = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : '';
|
||||
$httpInfo = isset($_SERVER['PATH_INFO']) ? $_SERVER['PATH_INFO'] : '';
|
||||
|
||||
$serverRequestUri = htmlspecialchars($_SERVER['REQUEST_URI']);
|
||||
$serverRequestUri = $this->xml_encode($_SERVER['REQUEST_URI']);
|
||||
|
||||
$extraInfos = $this->getExtraInfos();
|
||||
$title = htmlspecialchars($extraInfos['name']);
|
||||
$uri = !empty($extraInfos['uri']) ? $extraInfos['uri'] : 'https://github.com/sebsauvage/rss-bridge';
|
||||
$title = $this->xml_encode($extraInfos['name']);
|
||||
$uri = $this->xml_encode(!empty($extraInfos['uri']) ? $extraInfos['uri'] : 'https://github.com/sebsauvage/rss-bridge');
|
||||
|
||||
$items = '';
|
||||
foreach($this->getDatas() as $data){
|
||||
$itemTitle = strip_tags(is_null($data->title) ? '' : $data->title);
|
||||
$itemUri = is_null($data->uri) ? '' : $data->uri;
|
||||
$itemAuthor = is_null($data->author) ? '' : $data->author;
|
||||
$itemTimestamp = is_null($data->timestamp) ? '' : date(DATE_RFC2822, $data->timestamp);
|
||||
$itemTitle = strip_tags(is_null($data->title) ? '' : $this->xml_encode($data->title));
|
||||
$itemUri = is_null($data->uri) ? '' : $this->xml_encode($data->uri);
|
||||
$itemAuthor = is_null($data->author) ? $title : $this->xml_encode($data->author);
|
||||
$itemTimestamp = is_null($data->timestamp) ? '' : $this->xml_encode(date(DATE_RFC2822, $data->timestamp));
|
||||
// We prevent content from closing the CDATA too early.
|
||||
$itemContent = is_null($data->content) ? '' : htmlspecialchars($this->sanitizeHtml(str_replace(']]>','',$data->content)));
|
||||
$itemContent = is_null($data->content) ? '' : $this->xml_encode($this->sanitizeHtml($data->content));
|
||||
|
||||
$items .= <<<EOD
|
||||
|
||||
|
@ -82,4 +82,8 @@ EOD;
|
|||
|
||||
return parent::display();
|
||||
}
|
||||
|
||||
private function xml_encode($text) {
|
||||
return htmlspecialchars($text, ENT_XML1);
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue