private static function guid($item, $notify)
{
if (!empty($item['guid'])) {
- return Strings::removeTags(trim($item['guid']));
+ return Strings::escapeTags(trim($item['guid']));
}
if ($notify) {
}
$item['guid'] = self::guid($item, $notify);
- $item['uri'] = Strings::removeTags(trim(defaults($item, 'uri', self::newURI($item['uid'], $item['guid']))));
+ $item['uri'] = Strings::escapeTags(trim(defaults($item, 'uri', self::newURI($item['uid'], $item['guid']))));
// Store URI data
$item['uri-id'] = ItemURI::insert(['uri' => $item['uri'], 'guid' => $item['guid']]);
$filesubtype = 'unkn';
}
- $title = Strings::escapeTags(trim(!empty($mtch[4]) ? $mtch[4] : $mtch[1]));
+ $title = Strings::escapeHtml(trim(!empty($mtch[4]) ? $mtch[4] : $mtch[1]));
$title .= ' ' . $mtch[2] . ' ' . L10n::t('bytes');
$icon = '<div class="attachtype icon s22 type-' . $filetype . ' subtype-' . $filesubtype . '"></div>';