aboutsummaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
authorMikael Nordfeldth <mmn@hethane.se>2016-01-28 18:57:36 +0100
committerMikael Nordfeldth <mmn@hethane.se>2016-01-28 19:01:13 +0100
commit7e6783bb8f5ed562c56af18aaa2e016ba95c81a7 (patch)
treeda9948237b51f82c50e97fe426fe5acd7db9b341 /actions
parentdaea5647b6a200ebd5d834fa7f9cd3306a8a29f7 (diff)
downloadgnu-social-7e6783bb8f5ed562c56af18aaa2e016ba95c81a7.tar
gnu-social-7e6783bb8f5ed562c56af18aaa2e016ba95c81a7.zip
Replace htmLawed with HTMLPurifier
Diffstat (limited to 'actions')
-rw-r--r--actions/sitenoticeadminpanel.php16
1 files changed, 4 insertions, 12 deletions
diff --git a/actions/sitenoticeadminpanel.php b/actions/sitenoticeadminpanel.php
index 145ae80d07..72c9f9a128 100644
--- a/actions/sitenoticeadminpanel.php
+++ b/actions/sitenoticeadminpanel.php
@@ -27,11 +27,7 @@
* @link http://status.net/
*/
-if (!defined('STATUSNET')) {
- exit(1);
-}
-
-require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php';
+if (!defined('GNUSOCIAL')) { exit(1); }
/**
* Update the site-wide notice text
@@ -114,13 +110,9 @@ class SitenoticeadminpanelAction extends AdminPanelAction
}
// scrub HTML input
-
- $config = array(
- 'safe' => 1,
- 'deny_attribute' => 'id,style,on*'
- );
-
- $siteNotice = htmLawed($siteNotice, $config);
+ require_once INSTALLDIR.'/extlib/HTMLPurifier/HTMLPurifier.auto.php';
+ $purifier = new HTMLPurifier();
+ $siteNotice = $purifier->purify($siteNotice);
}
}