Prevent mentions from mangling by markdown parser

Mentioning people whose handles include valid markdown would not survive
markdown to bbcode conversion wihout being mangled. An example that
brought this to my attention was a handle similar to this:

    _someuser_@testsite.example

The underscores would be interpreted as emphasis in markdown, and
converted to:

    [i]someuser[/i]@testsite.example

This patch should fix this, and hopefully any other issue with mentions
being mangled.

2 files changed, 16 insertions, 0 deletions

diff --git a/include/markdown.php b/include/markdown.php
index 90d671fe4..d2379e7ed 100644
--- a/include/markdown.php
+++ b/include/markdown.php
@@ -64,6 +64,12 @@ function markdown_to_bb($s, $use_zrl = false, $options = []) {
 	// Escaping the hash tags
 	$s = preg_replace('/\#([^\s\#])/','#$1',$s);
 
+	// Protect mentions from being mangled by the markdown parser
+	$s = preg_replace_callback(
+		'|@\{([^}]+)\}|',
+		fn ($matches) => '@{' . base64_encode($matches[1]) . '}',
+		$s);
+
 	$s = MarkdownExtra::defaultTransform($s);
 
 
@@ -76,6 +82,12 @@ function markdown_to_bb($s, $use_zrl = false, $options = []) {
 		$s = str_replace("\r","",$s);
 	}
 
+	// Restore mentions after markdown conversion
+	$s = preg_replace_callback(
+		'|@\{([^}]+)\}|',
+		fn ($matches) => '@{' . base64_decode($matches[1]) . '}',
+		$s);
+
 	$s = str_replace('#','#',$s);
 
 	$s = html2bbcode($s);
diff --git a/tests/unit/includes/MarkdownTest.php b/tests/unit/includes/MarkdownTest.php
index 55dbb4445..eec809174 100644
--- a/tests/unit/includes/MarkdownTest.php
+++ b/tests/unit/includes/MarkdownTest.php
@@ -114,6 +114,10 @@ class MarkdownTest extends UnitTestCase {
 				'This is a link https://example.com/some/path more info.',
 				'This is a link https://example.com/some/path more info.',
 			],
+			'mention with underscores is untouched' => [
+				'@{_test_@somesite.example} @{test_2_@othersite.example}',
+				'@{_test_@somesite.example} @{test_2_@othersite.example}',
+			],
 		];
 	}