X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fsubthread.php;h=90ab5a3aabbddf46c0db8d1f26ea98655ee3c7fe;hb=a565406b478971565f7e4398af4bccd46b882101;hp=425306b6f7b70236561d6566906c8d5b99eac88e;hpb=9e51be7554ead01c4ff2726d81418da6a9551137;p=friendica.git

diff --git a/mod/subthread.php b/mod/subthread.php
index 425306b6f7..90ab5a3aab 100644
--- a/mod/subthread.php
+++ b/mod/subthread.php
@@ -10,6 +10,7 @@ use Friendica\Core\System;
 use Friendica\Database\DBA;
 use Friendica\Model\Item;
 use Friendica\Util\Security;
+use Friendica\Util\Strings;
 use Friendica\Util\XML;
 
 require_once 'include/items.php';
@@ -22,7 +23,7 @@ function subthread_content(App $a) {
 
 	$activity = ACTIVITY_FOLLOW;
 
-	$item_id = (($a->argc > 1) ? notags(trim($a->argv[1])) : 0);
+	$item_id = (($a->argc > 1) ? Strings::escapeTags(trim($a->argv[1])) : 0);
 
 	$condition = ["`parent` = ? OR `parent-uri` = ? AND `parent` = `id`", $item_id, $item_id];
 	$item = Item::selectFirst([], $condition);
@@ -88,7 +89,7 @@ function subthread_content(App $a) {
 
 	$post_type = (($item['resource-id']) ? L10n::t('photo') : L10n::t('status'));
 	$objtype = (($item['resource-id']) ? ACTIVITY_OBJ_IMAGE : ACTIVITY_OBJ_NOTE );
-	$link = XML::escape('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n") ;
+	$link = XML::escape('<link rel="alternate" type="text/html" href="' . System::baseUrl() . '/display/' . $owner['nickname'] . '/' . $item['id'] . '" />' . "\n");
 	$body = $item['body'];
 
 	$obj = <<< EOT