X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fcommon.php;h=1e65137ac693c74dcc125b1e9af213a70bcb2ac3;hb=ea2b3b2f762a323ca5a7a820857c4bea51d22637;hp=3118d124790938116b8fb4dc4ffce06d5b55e8c0;hpb=a2ae4ccc9b963d21fb812cfc4c8404d3012d33a2;p=friendica.git

diff --git a/mod/common.php b/mod/common.php
index 3118d12479..1e65137ac6 100644
--- a/mod/common.php
+++ b/mod/common.php
@@ -16,7 +16,7 @@ function common_content(&$a) {
 	if(! $uid)
 		return;
 
-	if($cmd === 'loc' && $cid) {	
+	if($cmd === 'loc' && $cid) {
 		$c = q("select name, url, photo from contact where id = %d and uid = %d limit 1",
 			intval($cid),
 			intval($uid)
@@ -26,10 +26,10 @@ function common_content(&$a) {
 		$c = q("select name, url, photo from contact where self = 1 and uid = %d limit 1",
 			intval($uid)
 		);
-	}	
+	}
 
 	$vcard_widget .= replace_macros(get_markup_template("vcard-widget.tpl"),array(
-		'$name' => $c[0]['name'],
+		'$name' => htmlentities($c[0]['name']),
 		'$photo' => $c[0]['photo'],
 		'url' => z_root() . '/contacts/' . $cid
 	));
@@ -97,10 +97,10 @@ function common_content(&$a) {
 	$tpl = get_markup_template('common_friends.tpl');
 
 	foreach($r as $rr) {
-			
+
 		$o .= replace_macros($tpl,array(
 			'$url' => $rr['url'],
-			'$name' => $rr['name'],
+			'$name' => htmlentities($rr['name']),
 			'$photo' => $rr['photo'],
 			'$tags' => ''
 		));