From 60452879145a3e208085960566113b49a22c1c33 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.spb.ru>
Date: Thu, 21 Sep 2006 05:15:52 +0100
Subject: some more sanitize_rss fixes

---
 functions.php | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

(limited to 'functions.php')

diff --git a/functions.php b/functions.php
index e5f06da37..bc46b7c64 100644
--- a/functions.php
+++ b/functions.php
@@ -2441,20 +2441,18 @@
 	}
 
 	function sanitize_rss($str) {
-		$res = "";
+		$res = $str;
 
 		$res = preg_replace('/<script.*?>/i', 
-					"<p class=\"scriptWarn\">", $str);
+			"<p class=\"scriptWarn\">Disabled script: ", $res);
 
-		$res = preg_replace('/<\/script>/i', 
-			"</p>", $res);
+		$res = preg_replace('/<\/script.*?>/i', "</p>", $res);
+
+		$res = preg_replace('/<embed.*?>/i', "", $res);
 
 		$res = preg_replace('/<object.*?>.*?<\/object>/i', 
 			"<p class=\"objectWarn\">(Disabled html object 
-			- flash or other embedded content)</p>", $str);
-
-		$res = preg_replace('/<\/object>/i', 
-			"</p>", $res);
+			- flash or other embedded content)</p>", $res); 
 
 		return $res;
 	}
-- 
cgit v1.2.3-54-g00ecf