Merge pull request #6224 from annando/dba-delete-contact

[friendica.git] / mod / oexchange.php

diff --git a/mod/oexchange.php b/mod/oexchange.php
index 296869aac9eb0d9f1f12afd2b8285c9063522c4e..6d682d6adfad073c62f07bf0fedb4b91bdcf2393 100644 (file)
--- a/mod/oexchange.php
+++ b/mod/oexchange.php
@@ -8,6 +8,7 @@ use Friendica\Core\Renderer;
 use Friendica\Core\System;
 use Friendica\Module\Login;
 use Friendica\Util\Network;
+use Friendica\Util\Strings;
 
 function oexchange_init(App $a) {
 
@@ -32,14 +33,14 @@ function oexchange_content(App $a) {
                return;
        }
 
-       $url = ((x($_REQUEST,'url') && strlen($_REQUEST['url']))
-               ? urlencode(notags(trim($_REQUEST['url']))) : '');
-       $title = ((x($_REQUEST,'title') && strlen($_REQUEST['title']))
-               ? '&title=' . urlencode(notags(trim($_REQUEST['title']))) : '');
-       $description = ((x($_REQUEST,'description') && strlen($_REQUEST['description']))
-               ? '&description=' . urlencode(notags(trim($_REQUEST['description']))) : '');
-       $tags = ((x($_REQUEST,'tags') && strlen($_REQUEST['tags']))
-               ? '&tags=' . urlencode(notags(trim($_REQUEST['tags']))) : '');
+       $url = ((!empty($_REQUEST['url']))
+               ? urlencode(Strings::escapeTags(trim($_REQUEST['url']))) : '');
+       $title = ((!empty($_REQUEST['title']))
+               ? '&title=' . urlencode(Strings::escapeTags(trim($_REQUEST['title']))) : '');
+       $description = ((!empty($_REQUEST['description']))
+               ? '&description=' . urlencode(Strings::escapeTags(trim($_REQUEST['description']))) : '');
+       $tags = ((!empty($_REQUEST['tags']))
+               ? '&tags=' . urlencode(Strings::escapeTags(trim($_REQUEST['tags']))) : '');
 
        $s = Network::fetchUrl(System::baseUrl() . '/parse_url?f=&url=' . $url . $title . $description . $tags);