aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Wiki.php
diff options
context:
space:
mode:
authorzotlabs <mike@macgirvin.com>2017-03-18 16:41:43 -0700
committerzotlabs <mike@macgirvin.com>2017-03-18 16:41:43 -0700
commit4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4 (patch)
treec481814a4031c480f99e480e00bbd7bb1c837f91 /Zotlabs/Module/Wiki.php
parentd9037589407162f51578856b084baaa5353a8a04 (diff)
downloadvolse-hubzilla-4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4.tar.gz
volse-hubzilla-4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4.tar.bz2
volse-hubzilla-4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4.zip
various input filter fixes
Diffstat (limited to 'Zotlabs/Module/Wiki.php')
-rw-r--r--Zotlabs/Module/Wiki.php23
1 files changed, 16 insertions, 7 deletions
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php
index 79ec5ba25..d24d3f6c3 100644
--- a/Zotlabs/Module/Wiki.php
+++ b/Zotlabs/Module/Wiki.php
@@ -237,6 +237,8 @@ class Wiki extends \Zotlabs\Web\Controller {
$rawContent = htmlspecialchars_decode(json_decode($p['content']),ENT_COMPAT);
+ $rawContent = $p['content'];
+
$content = ($p['content'] !== '' ? $rawContent : '"# New page\n"');
// Render the Markdown-formatted page content in HTML
if($mimeType == 'text/bbcode') {
@@ -244,7 +246,7 @@ class Wiki extends \Zotlabs\Web\Controller {
}
else {
$content = Zlib\MarkdownSoap::unescape($content);
- $html = Zlib\NativeWikiPage::generate_toc(zidify_text(purify_html(MarkdownExtra::defaultTransform(Zlib\NativeWikiPage::bbcode($content)))));
+ $html = Zlib\NativeWikiPage::generate_toc(zidify_text(MarkdownExtra::defaultTransform(Zlib\NativeWikiPage::bbcode($content))));
$renderedContent = Zlib\NativeWikiPage::convert_links($html, argv(0) . '/' . argv(1) . '/' . $wikiUrlName);
}
$showPageControls = $wiki_editor;
@@ -328,9 +330,12 @@ class Wiki extends \Zotlabs\Web\Controller {
$html = Zlib\NativeWikiPage::convert_links(zidify_links(smilies(bbcode($content))),$wikiURL);
}
else {
- require_once('library/markdown.php');
- $content = Zlib\NativeWikiPage::bbcode($content);
- $html = Zlib\NativeWikiPage::generate_toc(zidify_text(purify_html(Markdown($content))));
+ $bb = Zlib\NativeWikiPage::bbcode($content);
+ $x = new ZLib\MarkdownSoap($bb);
+ $md = $x->clean();
+ $md = ZLib\MarkdownSoap::unescape($md);
+ $html = MarkdownExtra::defaultTransform($md);
+ $html = Zlib\NativeWikiPage::generate_toc(zidify_text($html));
$html = Zlib\NativeWikiPage::convert_links($html,$wikiURL);
}
json_return_and_die(array('html' => $html, 'success' => true));
@@ -455,7 +460,11 @@ class Wiki extends \Zotlabs\Web\Controller {
json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false));
}
- $page_list_html = widget_wiki_pages(array(
+ // @FIXME - we shouldn't invoke this if it isn't in the PDL or has been over-ridden
+
+ $x = new \Zotlabs\Widget\Wiki_pages();
+
+ $page_list_html = $x->widget(array(
'resource_id' => $resource_id,
'refresh' => true,
'channel' => argv(1)));
@@ -513,7 +522,6 @@ class Wiki extends \Zotlabs\Web\Controller {
$resource_id = $_POST['resource_id'];
$pageUrlName = $_POST['name'];
-
// Determine if observer has permission to read content
$perms = Zlib\NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash);
@@ -522,11 +530,12 @@ class Wiki extends \Zotlabs\Web\Controller {
json_return_and_die(array('historyHTML' => '', 'message' => 'Permission denied.', 'success' => false));
}
- $historyHTML = widget_wiki_page_history(array(
+ $historyHTML = \Zotlabs\Lib\NativeWikiPage::render_page_history(array(
'resource_id' => $resource_id,
'pageUrlName' => $pageUrlName,
'permsWrite' => $perms['write']
));
+
json_return_and_die(array('historyHTML' => $historyHTML, 'message' => '', 'success' => true));
}