Fix XML Security bug

Change-Id: I1b67268996515858a797e54adfff6d6fb6cafc9c
Signed-off-by: Melissa Draper <melissa@catalyst.net.nz>

htdocs/blocktype/externalfeed/db/upgrade.php

@@ -106,5 +106,12 @@ function xmldb_blocktype_externalfeed_upgrade($oldversion=0) {
         add_field($table, $field);
     }
 
+    if ($oldversion < 2012090700) {
+        // Reset all feeds to reset themselves
+        set_field('blocktype_externalfeed_data', 'lastupdate', db_format_timestamp('0'));
+        safe_require('blocktype', 'externalfeed');
+        call_static_method('PluginBlocktypeExternalfeed', 'refresh_feeds');
+    }
+
     return true;
 }

htdocs/blocktype/externalfeed/version.php

@@ -28,5 +28,5 @@
 defined('INTERNAL') || die();
 
 $config = new StdClass;
-$config->version = 2011091401;
+$config->version = 2012090700;
 $config->release = '1.0.3';

htdocs/init.php

@@ -58,6 +58,10 @@ if (!is_readable($CFG->docroot . 'config.php')) {
 
 init_performance_info();
 
+if (function_exists('libxml_disable_entity_loader')) {
+    libxml_disable_entity_loader(true);
+}
+
 require($CFG->docroot . 'config.php');
 $CFG = (object)array_merge((array)$cfg, (array)$CFG);
 require_once('config-defaults.php');