diff options
author | zotlabs <mike@macgirvin.com> | 2017-03-18 16:41:43 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2017-03-18 16:41:43 -0700 |
commit | 4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4 (patch) | |
tree | c481814a4031c480f99e480e00bbd7bb1c837f91 /Zotlabs/Module/Wiki.php | |
parent | d9037589407162f51578856b084baaa5353a8a04 (diff) | |
download | volse-hubzilla-4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4.tar.gz volse-hubzilla-4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4.tar.bz2 volse-hubzilla-4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4.zip |
various input filter fixes
Diffstat (limited to 'Zotlabs/Module/Wiki.php')
-rw-r--r-- | Zotlabs/Module/Wiki.php | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 79ec5ba25..d24d3f6c3 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -237,6 +237,8 @@ class Wiki extends \Zotlabs\Web\Controller { $rawContent = htmlspecialchars_decode(json_decode($p['content']),ENT_COMPAT); + $rawContent = $p['content']; + $content = ($p['content'] !== '' ? $rawContent : '"# New page\n"'); // Render the Markdown-formatted page content in HTML if($mimeType == 'text/bbcode') { @@ -244,7 +246,7 @@ class Wiki extends \Zotlabs\Web\Controller { } else { $content = Zlib\MarkdownSoap::unescape($content); - $html = Zlib\NativeWikiPage::generate_toc(zidify_text(purify_html(MarkdownExtra::defaultTransform(Zlib\NativeWikiPage::bbcode($content))))); + $html = Zlib\NativeWikiPage::generate_toc(zidify_text(MarkdownExtra::defaultTransform(Zlib\NativeWikiPage::bbcode($content)))); $renderedContent = Zlib\NativeWikiPage::convert_links($html, argv(0) . '/' . argv(1) . '/' . $wikiUrlName); } $showPageControls = $wiki_editor; @@ -328,9 +330,12 @@ class Wiki extends \Zotlabs\Web\Controller { $html = Zlib\NativeWikiPage::convert_links(zidify_links(smilies(bbcode($content))),$wikiURL); } else { - require_once('library/markdown.php'); - $content = Zlib\NativeWikiPage::bbcode($content); - $html = Zlib\NativeWikiPage::generate_toc(zidify_text(purify_html(Markdown($content)))); + $bb = Zlib\NativeWikiPage::bbcode($content); + $x = new ZLib\MarkdownSoap($bb); + $md = $x->clean(); + $md = ZLib\MarkdownSoap::unescape($md); + $html = MarkdownExtra::defaultTransform($md); + $html = Zlib\NativeWikiPage::generate_toc(zidify_text($html)); $html = Zlib\NativeWikiPage::convert_links($html,$wikiURL); } json_return_and_die(array('html' => $html, 'success' => true)); @@ -455,7 +460,11 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('pages' => null, 'message' => 'Permission denied.', 'success' => false)); } - $page_list_html = widget_wiki_pages(array( + // @FIXME - we shouldn't invoke this if it isn't in the PDL or has been over-ridden + + $x = new \Zotlabs\Widget\Wiki_pages(); + + $page_list_html = $x->widget(array( 'resource_id' => $resource_id, 'refresh' => true, 'channel' => argv(1))); @@ -513,7 +522,6 @@ class Wiki extends \Zotlabs\Web\Controller { $resource_id = $_POST['resource_id']; $pageUrlName = $_POST['name']; - // Determine if observer has permission to read content $perms = Zlib\NativeWiki::get_permissions($resource_id, intval($owner['channel_id']), $observer_hash); @@ -522,11 +530,12 @@ class Wiki extends \Zotlabs\Web\Controller { json_return_and_die(array('historyHTML' => '', 'message' => 'Permission denied.', 'success' => false)); } - $historyHTML = widget_wiki_page_history(array( + $historyHTML = \Zotlabs\Lib\NativeWikiPage::render_page_history(array( 'resource_id' => $resource_id, 'pageUrlName' => $pageUrlName, 'permsWrite' => $perms['write'] )); + json_return_and_die(array('historyHTML' => $historyHTML, 'message' => '', 'success' => true)); } |