Update XML escape

Replace old and likely faulty (XOOPS#419) regex based escape of XML unsafe or illegal characters with more recent PHP built in.

htdocs/class/xml/rpc/xmlrpctag.php

@@ -35,8 +35,7 @@ public function add(XoopsXmlRpcTag &$tagobj)
         $this->_tags[] = $tagobj;
     }
 
-    abstract function render();
-
+    abstract public function render();
 }
 
 class XoopsXmlRpcResponse extends XoopsXmlRpcDocument
@@ -94,14 +93,15 @@ abstract class XoopsXmlRpcTag
     protected $_fault = false;
 
     /**
-     * @param string $text
+     * encode - make string HTML safe
+     *
+     * @param string $text string to encode
+     *
      * @return string
      */
-    public function encode(&$text)
+    public function encode($text)
     {
-        $text = preg_replace(array("/\&([a-z\d\#]+)\;/i", "/\&/", "/\#\|\|([a-z\d\#]+)\|\|\#/i"),
-            array("#||\\1||#", "&amp;", "&\\1;"), str_replace(array("<", ">"), array("&lt;", "&gt;"), $text));
-        return $text;
+        return htmlspecialchars($text, ENT_XML1, 'UTF-8');
     }
 
     /**
@@ -125,7 +125,7 @@ public function isFault()
      * @abstract
      * @return void
      */
-    abstract function render();
+    abstract public function render();
 }
 
 class XoopsXmlRpcFault extends XoopsXmlRpcTag
@@ -406,5 +406,3 @@ public function render()
         return $ret;
     }
 }
-
-?>