From 6cb5733cad585a4ff1b6a3eff044a0f1af65482e Mon Sep 17 00:00:00 2001
From: bnu <bnufactory@gmail.com>
Date: Thu, 18 Feb 2016 13:20:59 +0900
Subject: [PATCH] =?UTF-8?q?#1859=20=EB=AC=B8=EC=84=9C=20=EC=A0=9C=EB=AA=A9?=
 =?UTF-8?q?=EC=97=90=20=EB=8C=80=ED=95=9C=20htmlspecialchars()=20=EC=A0=81?=
 =?UTF-8?q?=EC=9A=A9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 modules/document/document.controller.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/document/document.controller.php b/modules/document/document.controller.php
index 0076f69df..5da3edf9d 100644
--- a/modules/document/document.controller.php
+++ b/modules/document/document.controller.php
@@ -274,7 +274,7 @@ class documentController extends document
 			$obj->homepage = $logged_info->homepage;
 		}
 		// If the tile is empty, extract string from the contents.
-		$obj->title = htmlspecialchars($obj->title);
+		$obj->title = htmlspecialchars($obj->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
 		settype($obj->title, "string");
 		if($obj->title == '') $obj->title = cut_str(trim(strip_tags(nl2br($obj->content))),20,'...');
 		// If no tile extracted from the contents, leave it untitled.
@@ -473,6 +473,7 @@ class documentController extends document
 			$obj->homepage = $source_obj->get('homepage');
 		}
 		// If the tile is empty, extract string from the contents.
+		$obj->title = htmlspecialchars($obj->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
 		settype($obj->title, "string");
 		if($obj->title == '') $obj->title = cut_str(strip_tags($obj->content),20,'...');
 		// If no tile extracted from the contents, leave it untitled.