From 38d8d450f2297b2b165ecb27f77065f8b3ba6634 Mon Sep 17 00:00:00 2001
From: garvinhicking <garvinhicking>
Date: Thu, 5 Oct 2006 14:05:35 +0000
Subject: [PATCH] Proper unescape. Thanks to Stefan Esser

---
 include/functions_config.inc.php | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/include/functions_config.inc.php b/include/functions_config.inc.php
index 22822d2..71afca9 100644
--- a/include/functions_config.inc.php
+++ b/include/functions_config.inc.php
@@ -542,10 +542,10 @@ function serendipity_restoreVar(&$source, &$target) {
  * @return  null
  */
 function serendipity_JSsetCookie($name, $value) {
-    $name  = strtr($name, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/'));
-    $value = strtr($value, array('\\'=>'\\\\',"'"=>"\\'",'"'=>'\\"',"\r"=>'\\r',"\n"=>'\\n','</'=>'<\/'));
+    $name  = htmlentities($name);
+    $value = urlencode($value);
 
-    echo '<script type="text/javascript">SetCookie("' . $name . '", "' . $value . '")</script>' . "\n";
+    echo '<script type="text/javascript">SetCookie("' . $name . '", unescape("' . $value . '"))</script>' . "\n";
 }
 
 /**
-- 
2.39.5