try {
if (transport.responseXML) {
+
var link = transport.responseXML.getElementsByTagName("link")[0];
var id = transport.responseXML.getElementsByTagName("id")[0];
+ debug("open_article_callback, received link: " + link);
+
if (link) {
+ debug("link url: " + link.firstChild.nodeValue);
+
window.open(link.firstChild.nodeValue, "_blank");
if (id) {
window.setTimeout("toggleUnread(" + id + ", 0)", 100);
}
}
+ } else {
+ notify_error("Can't open article: received invalid article link");
}
+ } else {
+ notify_error("Can't open article: received invalid XML");
}
} catch (e) {
WHERE id = '$id' AND id = ref_id AND owner_uid = '".$_SESSION['uid']."'");
if (db_num_rows($result) == 1) {
- $link = strip_tags(db_fetch_result($result, 0, "link"));
+ $link = htmlspecialchars(strip_tags(db_fetch_result($result, 0, "link")));
print "<rpc-reply><link>$link</link><id>$id</id></rpc-reply>";
} else {
print "<rpc-reply><error>Article not found</error></rpc-reply>";