Porperly escape HTML special chars in IRC

author: Christoph Brill <egore911@egore911.de> 2012-02-02 19:42:56 +0100
committer: Christoph Brill <egore911@egore911.de> 2012-03-26 00:17:34 +0200
commit: 764577780285fde694b7e460fd6bc02c94b56167 (patch)
tree: 03bd8f8da04ae7abb794452f99a23e337b7b34c5 /index.php
parent: 4dfb7217125573470d9c6667139dbb5f0dc28398 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/index.php b/index.php
index 80051b9..f6cac6a 100644
--- a/index.php
+++ b/index.php
@@ -223,11 +223,12 @@ if (!isset($date)) {
 			if (!filter_join($line)) {
 				$user = get_user($line);
 				$user_clean = substr($user, 2, -1);
+				$user = htmlentities($user, ENT_QUOTES);
 				$isUser = array_search($user_clean, $users);
 				if ($isUser !== false) {
 					echo '<span style="color: '.$colors[$isUser].'">';
 				}
-				$line = str_replace('&', '&amp;', $line);
+				$line = htmlentities($line, ENT_QUOTES);
 				if ($show_html == 'true') {
 					$line = preg_replace($pattern, "\\1<a href=\"\\2\\3\">\\2\\3</a>\\4", $line);
 				}
author	Christoph Brill <egore911@egore911.de>	2012-02-02 19:42:56 +0100
committer	Christoph Brill <egore911@egore911.de>	2012-03-26 00:17:34 +0200
commit	764577780285fde694b7e460fd6bc02c94b56167 (patch)
tree	03bd8f8da04ae7abb794452f99a23e337b7b34c5 /index.php
parent	4dfb7217125573470d9c6667139dbb5f0dc28398 (diff)