xhtml strict

diff --git a/comp/blog.php b/comp/blog.php
index 97d7cda2dbec8dfa201792f0d34ef25d1c291da7..d2876f0feab91e46b2adf1b941e999fe54b3d9bd 100644 (file)
--- a/comp/blog.php
+++ b/comp/blog.php
@@ -5,7 +5,7 @@ function comp_blog() {
     if ($data = parse_rss(get_config('blog_rss'))) {
         echo '            <ul>' . "\n";
         foreach ($data->content as $item) {
-            echo '                <li><a href="' . $item->link . '">' . $item->title . '</a></li>' . "\n";;
+            echo '                <li><a href="' . $item->link . '">' . hsc($item->title) . '</a></li>' . "\n";;
         }
         echo '                <li class="last"><a href="' . get_config('blog_url') . '"> ... more</a></li>' . "\n";
         echo '            </ul>' . "\n";

diff --git a/comp/flickr.php b/comp/flickr.php
index 329b63998b197c5a7425761947778cadb34069cf..ae7cdc75cf855d2e243c417b85eba4ede824f83d 100644 (file)
--- a/comp/flickr.php
+++ b/comp/flickr.php
@@ -15,10 +15,10 @@ function comp_flickr() {
     // no nice formatting here, whtespace fucks the browser
     echo "\n";
     foreach ((array)$photos['photo'] as $photo) {
-        echo "<a href=$photos_url$photo[id]>";
-        echo "<img border='0' alt='$photo[title]' ".
-            "src=" . $f->buildPhotoURL($photo, "Square") . ">";
-        echo "</a>";
+        echo '<a href="' . $photos_url . $photo['id'] . '">';
+        echo '<img alt="' . $photo['itle'] . '" ' .
+            'src="' . $f->buildPhotoURL($photo, 'Square') . '" />';
+        echo '</a>';
         $i++;
     }
     echo "\n";

diff --git a/comp/lastfm.php b/comp/lastfm.php
index 800f200e2ef5472e84f654944280ad9d94c3542c..948641bf2e76c261b276f326f70b77e34d6418ae 100644 (file)
--- a/comp/lastfm.php
+++ b/comp/lastfm.php
@@ -5,7 +5,7 @@ function comp_lastfm() {
     if ($data = parse_rss('http://ws.audioscrobbler.com/1.0/user/' . get_config('lastfm_username') . '/recenttracks.rss')) {
         echo '                 <ul>' . "\n";
         foreach ($data->content as $item) {
-            echo '                <li><a href="' . $item->link . '">' . $item->title  . '</a></li>' . "\n";
+            echo '                <li><a href="' . $item->link . '">' . hsc($item->title)  . '</a></li>' . "\n";
         }
         echo '                <li class="last"><a href="http://last.fm/user/' . get_config('lastfm_username') . '/">... more</a></li>' . "\n";
         echo '            </ul>' . "\n";

diff --git a/comp/twitter.php b/comp/twitter.php
index 4dab86a52d00060ce40ded955e70ba5264c5c34c..63b7866dad607dc0255959d6f05537e9620178cf 100644 (file)
--- a/comp/twitter.php
+++ b/comp/twitter.php
@@ -5,7 +5,7 @@ function comp_twitter() {
     if ($data = parse_rss('http://twitter.com/statuses/user_timeline/' . get_config('twitter_username') . '.rss')) {
         echo '            <ul>' . "\n";
         foreach ($data->content as $item) {
-            echo '                <li><a href="' . $item->link . '">' . substr($item->title, strlen(get_config('twitter_username')) + 2) . '</a></li>' . "\n";
+            echo '                <li><a href="' . $item->link . '">' . hsc(substr($item->title, strlen(get_config('twitter_username')) + 2)) . '</a></li>' . "\n";
         }
         echo '                <li class="last"><a href="http://twitter.com/' . get_config('twitter_username') . '/">... more</a></li>' . "\n";
         echo '            </ul>' . "\n";

diff --git a/include/main.inc b/include/main.inc
index 54a6022eaeb0d8aa370445b105d656b10f2ef3a3..8495d671bba50bf3ef1f615b56df23b961433c16 100644 (file)
--- a/include/main.inc
+++ b/include/main.inc
@@ -26,5 +26,5 @@ ksort($whorepile);
             ?>.  christ.  at least I never got livejournal.</p>
             <p>I don't have an rss feed for this mashup. use friendfeed instead, or an individual site's feed.</p>
             <p>thanks to <a href="http://nothing.net.nz">vex</a> for the vserver</p>
-            <p><a href="mailto:penny@mjollnir.org">send me email!</a>
+            <p><a href="mailto:penny@mjollnir.org">send me email!</a></p>
             <span class="mind"><b>On my mind</b>: <a href="http://mahara.org">mahara</a>, more tattoos, less tattoos, moodle gsoc, Europe</span>

diff --git a/lib/general.php b/lib/general.php
index fab6aa5d7595e95fc1c4c59c520cca9b1deee1d2..f11df087b46d548a87fcedb0d4c60534f2cc1a0d 100644 (file)
--- a/lib/general.php
+++ b/lib/general.php
@@ -88,4 +88,9 @@ function parse_rss($url) {
     }
     return $data;
 }
+
+function hsc($str) {
+    return htmlspecialchars($str, ENT_COMPAT, 'UTF-8');
+}
+
 ?>

diff --git a/style.css b/style.css
index 47336bd76d97c88d38a01293dec2d3c17ae3808f..51ef487e55b67d36adc2081f144d536236a3bc30 100644 (file)
--- a/style.css
+++ b/style.css
@@ -66,6 +66,7 @@ div#flickr {
 }
 div#flickr img {
     margin:5px;
+    border:0px;
 }
 
 div#main {