encode special chars in atom payload

darcs-hash:20080714143042-84dde-8da6275ea2bf0e0ce4691d8f56e1b932727efcd8.gz

diff --git a/lib/jabber.php b/lib/jabber.php
index d109e40c4650c465d250ee20f520cb7b927eafb0..74e51d71a7c134774f3600832ef20457615302be 100644 (file)
--- a/lib/jabber.php
+++ b/lib/jabber.php
@@ -105,8 +105,8 @@ function jabber_format_entry($profile, $notice) {
        $entry .= "<author><name>" . $profile->nickname . "</name></author>\n";
        $entry .= "<icon>" . common_profile_avatar_url($profile, AVATAR_PROFILE_SIZE) . "</icon>\n";
        $entry .= "</source>\n";
-       $entry .= "<title>" . $msg . "</title>\n";
-       $entry .= "<summary>" . $msg . "</summary>\n";
+       $entry .= "<title>" . htmlspecialchars($msg) . "</title>\n";
+       $entry .= "<summary>" . htmlspecialchars($msg) . "</summary>\n";
        $entry .= "<link rel='alternate' href='" . $noticeurl . "' />\n";
        $entry .= "<id>". $notice->uri . "</id>\n";
        $entry .= "<published>".common_date_w3dtf($notice->created)."</published>\n";