disable scripts in rss entry content

2006-08-05 13:00:01 +01:00
parent 5c365f6055
commit d48d160c64
2 changed files with 19 additions and 0 deletions
--- a/functions.php
+++ b/functions.php
@@ -530,6 +530,13 @@

 				}

+				# sanitize content
+				$entry_content = preg_replace('/<script.*?>/i', 
+					"<p class=\"scriptWarn\">", $entry_content);
+
+				$entry_content = preg_replace('/<\/script>/i', 
+					"</p>", $entry_content);
+
 				db_query($link, "BEGIN");

 				if (db_num_rows($result) == 0) {