use Friendica\Model\Contact;
use Friendica\Model\Item;
use Friendica\Util\Proxy as ProxyUtils;
+use Friendica\Util\Strings;
require_once 'include/dba.php';
$groups[] = [
'type' => 'g',
'photo' => 'images/twopeople.png',
- 'name' => htmlentities($g['name']),
+ 'name' => htmlspecialchars($g['name']),
'id' => intval($g['id']),
'uids' => array_map('intval', explode(',', $g['uids'])),
'link' => '',
);
} elseif ($type == 'x') {
// autocomplete for global contact search (e.g. navbar search)
- $search = notags(trim($_REQUEST['search']));
+ $search = Strings::escapeTags(trim($_REQUEST['search']));
$mode = $_REQUEST['smode'];
$r = ACL::contactAutocomplete($search, $mode);
foreach ($r as $g) {
$contacts[] = [
'photo' => ProxyUtils::proxifyUrl($g['photo'], false, ProxyUtils::SIZE_MICRO),
- 'name' => $g['name'],
+ 'name' => htmlspecialchars($g['name']),
'nick' => defaults($g, 'addr', $g['url']),
'network' => $g['network'],
'link' => $g['url'],
$entry = [
'type' => 'c',
'photo' => ProxyUtils::proxifyUrl($g['micro'], false, ProxyUtils::SIZE_MICRO),
- 'name' => htmlentities($g['name']),
+ 'name' => htmlspecialchars($g['name']),
'id' => intval($g['id']),
'network' => $g['network'],
'link' => $g['url'],
$unknown_contacts[] = [
'type' => 'c',
'photo' => ProxyUtils::proxifyUrl($contact['micro'], false, ProxyUtils::SIZE_MICRO),
- 'name' => htmlentities($contact['name']),
+ 'name' => htmlspecialchars($contact['name']),
'id' => intval($contact['cid']),
'network' => $contact['network'],
'link' => $contact['url'],