diff options
Diffstat (limited to 'codebase')
| -rw-r--r-- | codebase/dataprocessor.php | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/codebase/dataprocessor.php b/codebase/dataprocessor.php index 98ea63a..89a4460 100644 --- a/codebase/dataprocessor.php +++ b/codebase/dataprocessor.php @@ -488,11 +488,23 @@ class DataAction{ function to_xml(){
$str="<action type='{$this->status}' sid='{$this->id}' tid='{$this->nid}' ";
foreach ($this->attrs as $k => $v) {
- $str.=$k."='".$v."' ";
+ $str.=$k."='".$this->xmlentities($v)."' ";
}
$str.=">{$this->output}</action>";
return $str;
}
+
+ /*! replace xml unsafe characters
+
+ @param string
+ string to be escaped
+ @return
+ escaped string
+ */
+ public function xmlentities($string) {
+ return str_replace( array( '&', '"', "'", '<', '>', '’' ), array( '&' , '"', ''' , '<' , '>', ''' ), $string);
+ }
+
/*! convert self to string ( for logs )
@return
|