Commit b52ca8a9 authored by Dave Reid's avatar Dave Reid
Browse files

Fixed HTML tag stripping must run decode_entities() first, and replace...

Fixed HTML tag stripping must run decode_entities() first, and replace multiple spaces with one space (if tokens had no values and were removed).
parent b530d577
......@@ -200,10 +200,15 @@ function realname_update($account) {
// Perform token replacement on the real name pattern.
$realname = token_replace($pattern, array('user' => $account), array('clear' => TRUE, 'sanitize' => FALSE));
$realname = trim(strip_tags($realname));
// Remove any HTML tags.
$realname = strip_tags(decode_entities($realname));
// Remove double spaces (if a token had no value).
$realname = preg_replace('/ {2,}/', ' ', $realname);
// The name must be trimmed to 255 characters before inserting into the database.
$realname = truncate_utf8($realname, 255);
$realname = truncate_utf8(trim($realname), 255);
// Allow other modules to alter the generated realname.
drupal_alter('realname', $realname, $account);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment