From: Hypolite Petovan Date: Thu, 13 Apr 2017 22:33:40 +0000 (-0400) Subject: Add htmlentities to protect nick/addr in acl_lookup X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=bffd3f230470f435ccd3b1eb810c166dbc90125f;p=friendica.git Add htmlentities to protect nick/addr in acl_lookup --- diff --git a/include/acl_selectors.php b/include/acl_selectors.php index 4cc810fb5c..9c3eab58ba 100644 --- a/include/acl_selectors.php +++ b/include/acl_selectors.php @@ -639,13 +639,13 @@ function acl_lookup(App $a, $out_type = 'json') { if (count($contact) > 0) { $unknown_contacts[] = array( - 'type' => 'cu', + 'type' => 'c', 'photo' => proxy_url($contact['micro'], false, PROXY_SIZE_MICRO), 'name' => htmlentities($contact['name']), 'id' => intval($contact['cid']), 'network' => $contact['network'], 'link' => $contact['url'], - 'nick' => $contact['nick'] ? : $contact['addr'], + 'nick' => htmlentities($contact['nick'] ? : $contact['addr']), 'forum' => $contact['forum'] ); }