diff --git a/blogger/blogger.php b/blogger/blogger.php index ee79032f..496a47c8 100644 --- a/blogger/blogger.php +++ b/blogger/blogger.php @@ -179,14 +179,14 @@ function blogger_send(App $a, array &$b) return; } - $bl_username = XML::xmlify(PConfig::get($b['uid'], 'blogger', 'bl_username')); - $bl_password = XML::xmlify(PConfig::get($b['uid'], 'blogger', 'bl_password')); + $bl_username = XML::escape(PConfig::get($b['uid'], 'blogger', 'bl_username')); + $bl_password = XML::escape(PConfig::get($b['uid'], 'blogger', 'bl_password')); $bl_blog = PConfig::get($b['uid'], 'blogger', 'bl_blog'); if ($bl_username && $bl_password && $bl_blog) { $title = '' . (($b['title']) ? $b['title'] : L10n::t('Post from Friendica')) . ''; $post = $title . BBCode::convert($b['body']); - $post = XML::xmlify($post); + $post = XML::escape($post); $xml = <<< EOT diff --git a/dwpost/dwpost.php b/dwpost/dwpost.php index eec1ea78..28ae2d97 100644 --- a/dwpost/dwpost.php +++ b/dwpost/dwpost.php @@ -190,7 +190,7 @@ function dwpost_send(App $a, array &$b) if ($dw_username && $dw_password && $dw_blog) { $title = $b['title']; $post = BBCode::convert($b['body']); - $post = XML::xmlify($post); + $post = XML::escape($post); $tags = dwpost_get_tags($b['tag']); $date = DateTimeFormat::convert($b['created'], $tz); diff --git a/ijpost/ijpost.php b/ijpost/ijpost.php index f9242a18..d2a3071e 100644 --- a/ijpost/ijpost.php +++ b/ijpost/ijpost.php @@ -186,7 +186,7 @@ function ijpost_send(&$a, &$b) if ($ij_username && $ij_password && $ij_blog) { $title = $b['title']; $post = BBCode::convert($b['body']); - $post = XML::xmlify($post); + $post = XML::escape($post); $tags = ijpost_get_tags($b['tag']); $date = DateTimeFormat::convert($b['created'], $tz); diff --git a/ljpost/ljpost.php b/ljpost/ljpost.php index 47eab5dc..c60af03c 100644 --- a/ljpost/ljpost.php +++ b/ljpost/ljpost.php @@ -170,20 +170,20 @@ function ljpost_send(&$a,&$b) { if($x && strlen($x[0]['timezone'])) $tz = $x[0]['timezone']; - $lj_username = XML::xmlify(PConfig::get($b['uid'],'ljpost','lj_username')); - $lj_password = XML::xmlify(PConfig::get($b['uid'],'ljpost','lj_password')); - $lj_journal = XML::xmlify(PConfig::get($b['uid'],'ljpost','lj_journal')); + $lj_username = XML::escape(PConfig::get($b['uid'],'ljpost','lj_username')); + $lj_password = XML::escape(PConfig::get($b['uid'],'ljpost','lj_password')); + $lj_journal = XML::escape(PConfig::get($b['uid'],'ljpost','lj_journal')); // if(! $lj_journal) // $lj_journal = $lj_username; - $lj_blog = XML::xmlify(PConfig::get($b['uid'],'ljpost','lj_blog')); + $lj_blog = XML::escape(PConfig::get($b['uid'],'ljpost','lj_blog')); if(! strlen($lj_blog)) - $lj_blog = XML::xmlify('http://www.livejournal.com/interface/xmlrpc'); + $lj_blog = XML::escape('http://www.livejournal.com/interface/xmlrpc'); if($lj_username && $lj_password && $lj_blog) { - $title = XML::xmlify($b['title']); + $title = XML::escape($b['title']); $post = BBCode::convert($b['body']); - $post = XML::xmlify($post); + $post = XML::escape($post); $tags = ljpost_get_tags($b['tag']); $date = DateTimeFormat::convert($b['created'], $tz); diff --git a/pumpio/pumpio.php b/pumpio/pumpio.php index 383ed0b6..6d3fe62d 100644 --- a/pumpio/pumpio.php +++ b/pumpio/pumpio.php @@ -982,7 +982,7 @@ function pumpio_dolike(App $a, $uid, $self, $post, $own_id, $threadcompletion = $likedata['body'] = L10n::t('%1$s likes %2$s\'s %3$s', $author, $objauthor, $plink); $likedata['object'] = '' . ACTIVITY_OBJ_NOTE . '1' . - '' . $orig_post['uri'] . '' . XML::xmlify('') . '' . $orig_post['title'] . '' . $orig_post['body'] . ''; + '' . $orig_post['uri'] . '' . XML::escape('') . '' . $orig_post['title'] . '' . $orig_post['body'] . ''; $ret = Item::insert($likedata); diff --git a/qcomment/qcomment.php b/qcomment/qcomment.php index f1a23266..16c5a44c 100644 --- a/qcomment/qcomment.php +++ b/qcomment/qcomment.php @@ -51,7 +51,7 @@ function qcomment_addon_settings(&$a, &$s) $s .= '
'; $s .= '
' . L10n::t("Quick comments are found near comment boxes, sometimes hidden. Click them to provide simple replies.") . '
'; $s .= ''; - $s .= ''; + $s .= ''; $s .= '
'; $s .= '
'; @@ -67,7 +67,7 @@ function qcomment_addon_settings_post(&$a, &$b) } if ($_POST['qcomment-submit']) { - PConfig::set(local_user(), 'qcomment', 'words', XML::xmlify($_POST['qcomment-words'])); + PConfig::set(local_user(), 'qcomment', 'words', XML::escape($_POST['qcomment-words'])); info(L10n::t('Quick Comment settings saved.') . EOL); } } diff --git a/wppost/wppost.php b/wppost/wppost.php index 27061978..47c30a59 100644 --- a/wppost/wppost.php +++ b/wppost/wppost.php @@ -218,7 +218,7 @@ function wppost_send(&$a,&$b) { } $wp_username = XML::(PConfig::get($b['uid'], 'wppost', 'wp_username')); - $wp_password = XML::xmlify(PConfig::get($b['uid'], 'wppost',' wp_password')); + $wp_password = XML::escape(PConfig::get($b['uid'], 'wppost',' wp_password')); $wp_blog = PConfig::get($b['uid'],'wppost','wp_blog'); $wp_backlink_text = PConfig::get($b['uid'],'wppost','wp_backlink_text'); if ($wp_backlink_text == '') { @@ -295,7 +295,7 @@ function wppost_send(&$a,&$b) { . $wp_backlink_text . '' . EOL . EOL; } - $post = XML::xmlify($post); + $post = XML::escape($post); $xml = <<< EOT