diff options
| author | Bjoern Schiessle <schiessle@owncloud.com> | 2012-06-20 12:23:26 +0200 |
|---|---|---|
| committer | Bjoern Schiessle <schiessle@owncloud.com> | 2012-06-20 12:23:26 +0200 |
| commit | 8d89bba07cc1add9d464a63a360c9338099e3d30 (patch) | |
| tree | b032c72825e3838974bab9384b3646e88e08694c /apps/media | |
| parent | 13a9ef36fb7bf7706af545cbe227296fa005403c (diff) | |
| download | nextcloud-server-8d89bba07cc1add9d464a63a360c9338099e3d30.tar.gz nextcloud-server-8d89bba07cc1add9d464a63a360c9338099e3d30.zip | |
use new sanitizeHTML() function
Diffstat (limited to 'apps/media')
| -rw-r--r-- | apps/media/js/collection.js | 10 | ||||
| -rw-r--r-- | apps/media/lib_scanner.php | 6 |
2 files changed, 8 insertions, 8 deletions
diff --git a/apps/media/js/collection.js b/apps/media/js/collection.js index 03d577c7c98..161fc0c6810 100644 --- a/apps/media/js/collection.js +++ b/apps/media/js/collection.js @@ -97,13 +97,13 @@ Collection={ if(artist.name && artist.songs.length>0){ var tr=template.clone().removeClass('template'); if(artist.songs.length>1){ - tr.find('td.title a').text(artist.songs.length+' '+t('media','songs')); - tr.find('td.album a').text(artist.albums.length+' '+t('media','albums')); + tr.find('td.title a').html(artist.songs.length+' '+t('media','songs')); + tr.find('td.album a').html(artist.albums.length+' '+t('media','albums')); }else{ - tr.find('td.title a').text(artist.songs[0].name); - tr.find('td.album a').text(artist.albums[0].name); + tr.find('td.title a').html(artist.songs[0].name); + tr.find('td.album a').html(artist.albums[0].name); } - tr.find('td.artist a').text(artist.name); + tr.find('td.artist a').html(artist.name); tr.data('artistData',artist); tr.find('td.artist a').click(function(event){ event.preventDefault(); diff --git a/apps/media/lib_scanner.php b/apps/media/lib_scanner.php index 82170e5ca82..a8218c3a4d0 100644 --- a/apps/media/lib_scanner.php +++ b/apps/media/lib_scanner.php @@ -79,19 +79,19 @@ class OC_MEDIA_SCANNER{ OCP\Util::writeLog('media',"error reading artist tag in '$file'",OCP\Util::WARN); $artist='unknown'; }else{ - $artist=strip_tags(stripslashes($data['comments']['artist'][0])); + $artist=OCP\Util::sanitizeHTML(stripslashes($data['comments']['artist'][0])); } if(!isset($data['comments']['album'])){ OCP\Util::writeLog('media',"error reading album tag in '$file'",OCP\Util::WARN); $album='unknown'; }else{ - $album=strip_tags(stripslashes($data['comments']['album'][0])); + $album=OCP\Util::sanitizeHTML(stripslashes($data['comments']['album'][0])); } if(!isset($data['comments']['title'])){ OCP\Util::writeLog('media',"error reading title tag in '$file'",OCP\Util::WARN); $title='unknown'; }else{ - $title=strip_tags(stripslashes($data['comments']['title'][0])); + $title=OCP\Util::sanitizeHTML(stripslashes($data['comments']['title'][0])); } $size=$data['filesize']; if (isset($data['comments']['track'])) |