2 files changed, 27 insertions, 17 deletions

diff --git a/application/Utils.php b/application/Utils.php
index 737f1502..82220bfc 100644
--- a/application/Utils.php
+++ b/application/Utils.php
@@ -42,4 +42,31 @@ function endsWith($haystack, $needle, $case=true)
     }
     return (strcasecmp(substr($haystack, strlen($haystack) - strlen($needle)), $needle) === 0);
 }
+
+/**
+ * Same as nl2br(), but escapes < and >
+ */
+function nl2br_escaped($html)
+{
+    return str_replace('>','&gt;',str_replace('<','&lt;',nl2br($html)));
+}
+
+/**
+ * htmlspecialchars wrapper
+ */
+function escape($str)
+{
+    return htmlspecialchars($str, ENT_COMPAT, 'UTF-8', false);
+}
+
+/**
+ * Link sanitization before templating
+ */
+function sanitizeLink(&$link)
+{
+    $link['url'] = escape($link['url']); // useful?
+    $link['title'] = escape($link['title']);
+    $link['description'] = escape($link['description']);
+    $link['tags'] = escape($link['tags']);
+}
 ?>
diff --git a/index.php b/index.php
index dd3ec3a4..96a601de 100644
--- a/index.php
+++ b/index.php
@@ -269,23 +269,6 @@ function logm($message)
     file_put_contents($GLOBALS['config']['DATADIR'].'/log.txt',$t,FILE_APPEND);
 }
 
-// Same as nl2br(), but escapes < and >
-function nl2br_escaped($html)
-{
-    return str_replace('>','&gt;',str_replace('<','&lt;',nl2br($html)));
-}
-
-function escape($str) {
-    return htmlspecialchars($str, ENT_COMPAT, 'UTF-8', false);
-}
-
-function sanitizeLink(&$link) {
-    $link['url'] = escape($link['url']); // useful?
-    $link['title'] = escape($link['title']);
-    $link['description'] = escape($link['description']);
-    $link['tags'] = escape($link['tags']);
-}
-
 // In a string, converts URLs to clickable links.
 // Function inspired from http://www.php.net/manual/en/function.preg-replace.php#85722
 function text2clickable($url)