X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fdfrn_notify.php;h=63f53e0606a104365412a440150d26607a13577f;hb=96a43d0db915fc2fc4d61de4ab649e951c352504;hp=ba2332bcb184cd934b1390b9a2f555326511c6e2;hpb=991f259ecb58720c0993718bc944bc60e83226b4;p=friendica.git diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index ba2332bcb1..63f53e0606 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -39,15 +39,15 @@ function dfrn_notify_post(App $a) { } } - $dfrn_id = ((x($_POST,'dfrn_id')) ? notags(trim($_POST['dfrn_id'])) : ''); + $dfrn_id = ((x($_POST,'dfrn_id')) ? Strings::escapeTags(trim($_POST['dfrn_id'])) : ''); $dfrn_version = ((x($_POST,'dfrn_version')) ? (float) $_POST['dfrn_version'] : 2.0); - $challenge = ((x($_POST,'challenge')) ? notags(trim($_POST['challenge'])) : ''); + $challenge = ((x($_POST,'challenge')) ? Strings::escapeTags(trim($_POST['challenge'])) : ''); $data = ((x($_POST,'data')) ? $_POST['data'] : ''); $key = ((x($_POST,'key')) ? $_POST['key'] : ''); $rino_remote = ((x($_POST,'rino')) ? intval($_POST['rino']) : 0); $dissolve = ((x($_POST,'dissolve')) ? intval($_POST['dissolve']) : 0); - $perm = ((x($_POST,'perm')) ? notags(trim($_POST['perm'])) : 'r'); - $ssl_policy = ((x($_POST,'ssl_policy')) ? notags(trim($_POST['ssl_policy'])): 'none'); + $perm = ((x($_POST,'perm')) ? Strings::escapeTags(trim($_POST['perm'])) : 'r'); + $ssl_policy = ((x($_POST,'ssl_policy')) ? Strings::escapeTags(trim($_POST['ssl_policy'])): 'none'); $page = ((x($_POST,'page')) ? intval($_POST['page']) : 0); $forum = (($page == 1) ? 1 : 0); @@ -254,7 +254,7 @@ function dfrn_notify_content(App $a) { * If this is a duplex communication, ours will be the opposite. */ - $dfrn_id = notags(trim($_GET['dfrn_id'])); + $dfrn_id = Strings::escapeTags(trim($_GET['dfrn_id'])); $dfrn_version = (float) $_GET['dfrn_version']; $rino_remote = ((x($_GET,'rino')) ? intval($_GET['rino']) : 0); $type = "";