diff options
| author | zotlabs <mike@macgirvin.com> | 2017-03-14 17:07:29 -0700 |
|---|---|---|
| committer | zotlabs <mike@macgirvin.com> | 2017-03-14 17:07:29 -0700 |
| commit | 2c73b457ef0943d46804480a0aa016f64c11edbf (patch) | |
| tree | 330baac97f28e61a3e8daed75e5736fdaae7a28c /Zotlabs | |
| parent | 2f5f1a4d641c5873c308d6ab58ae239f2758e1e4 (diff) | |
| download | volse-hubzilla-2c73b457ef0943d46804480a0aa016f64c11edbf.tar.gz volse-hubzilla-2c73b457ef0943d46804480a0aa016f64c11edbf.tar.bz2 volse-hubzilla-2c73b457ef0943d46804480a0aa016f64c11edbf.zip | |
input filter updates
Diffstat (limited to 'Zotlabs')
| -rw-r--r-- | Zotlabs/Lib/MarkdownSoap.php | 2 | ||||
| -rw-r--r-- | Zotlabs/Lib/NativeWikiPage.php | 31 | ||||
| -rw-r--r-- | Zotlabs/Module/Item.php | 21 | ||||
| -rw-r--r-- | Zotlabs/Module/Wiki.php | 1 |
4 files changed, 9 insertions, 46 deletions
diff --git a/Zotlabs/Lib/MarkdownSoap.php b/Zotlabs/Lib/MarkdownSoap.php index d0481eb4d..2dcaaec9a 100644 --- a/Zotlabs/Lib/MarkdownSoap.php +++ b/Zotlabs/Lib/MarkdownSoap.php @@ -5,7 +5,7 @@ namespace Zotlabs\Lib; /** * MarkdownSoap * Purify Markdown for storage - * $x = newMarkdownSoap($string_to_be_cleansed); + * $x = new MarkdownSoap($string_to_be_cleansed); * $text = $x->clean(); * * What this does: diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php index 941ade90c..9f54081a1 100644 --- a/Zotlabs/Lib/NativeWikiPage.php +++ b/Zotlabs/Lib/NativeWikiPage.php @@ -307,34 +307,6 @@ class NativeWikiPage { return null; } - - - static public function prepare_content($s) { - - $text = preg_replace_callback('{ - (?:\n\n|\A\n?) - ( # $1 = the code block -- one or more lines, starting with a space/tab - (?> - [ ]{'.'4'.'} # Lines must start with a tab or a tab-width of spaces - .*\n+ - )+ - ) - ((?=^[ ]{0,'.'4'.'}\S)|\Z) # Lookahead for non-space at line-start, or end of doc - }xm', - 'self::nwiki_prepare_content_callback', $s); - - return $text; - } - - static public function nwiki_prepare_content_callback($matches) { - $codeblock = $matches[1]; - - $codeblock = htmlspecialchars($codeblock, ENT_NOQUOTES, UTF8, false); - return "\n\n" . $codeblock ; - } - - - static public function save_page($arr) { $pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : ''); @@ -352,7 +324,8 @@ class NativeWikiPage { $mimetype = $w['mimeType']; if($mimetype === 'text/markdown') { - $content = purify_html(Zlib\NativeWikiPage::prepare_content($content)); + $x = new Zlib\MarkdownSoap($content); + $content = $x->clean(); } else { $content = escape_tags($content); diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php index 43cf535a4..71f410b2a 100644 --- a/Zotlabs/Module/Item.php +++ b/Zotlabs/Module/Item.php @@ -471,15 +471,16 @@ class Item extends \Zotlabs\Web\Controller { if(! $mimetype) $mimetype = 'text/bbcode'; + + $execflag = ((intval($uid) == intval($profile_uid) + && ($channel['channel_pageflags'] & PAGE_ALLOWCODE)) ? true : false); + if($preview) { - $body = z_input_filter($profile_uid,$body,$mimetype); + $body = z_input_filter($body,$mimetype,$execflag); } - // Verify ability to use html or php!!! - $execflag = ((intval($channel['channel_id']) == intval($profile_uid) && ($channel['channel_pageflags'] & PAGE_ALLOWCODE)) ? true : false); - $gacl = $acl->get(); $str_contact_allow = $gacl['allow_cid']; $str_group_allow = $gacl['allow_gid']; @@ -843,18 +844,6 @@ class Item extends \Zotlabs\Web\Controller { if(mb_strlen($datarray['title']) > 255) $datarray['title'] = mb_substr($datarray['title'],0,255); - if(array_key_exists('item_private',$datarray) && $datarray['item_private']) { - - $datarray['body'] = trim(z_input_filter($datarray['uid'],$datarray['body'],$datarray['mimetype'])); - - if($uid) { - if($channel['channel_hash'] === $datarray['author_xchan']) { - $datarray['sig'] = base64url_encode(rsa_sign($datarray['body'],$channel['channel_prvkey'])); - $datarray['item_verified'] = 1; - } - } - } - if($webpage) { Zlib\IConfig::Set($datarray,'system', webpage_to_namespace($webpage), (($pagetitle) ? $pagetitle : substr($datarray['mid'],0,16)),true); diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php index 5e7307c7b..79ec5ba25 100644 --- a/Zotlabs/Module/Wiki.php +++ b/Zotlabs/Module/Wiki.php @@ -243,6 +243,7 @@ class Wiki extends \Zotlabs\Web\Controller { $renderedContent = Zlib\NativeWikiPage::convert_links(zidify_links(smilies(bbcode($content))), argv(0) . '/' . argv(1) . '/' . $wikiUrlName); } else { + $content = Zlib\MarkdownSoap::unescape($content); $html = Zlib\NativeWikiPage::generate_toc(zidify_text(purify_html(MarkdownExtra::defaultTransform(Zlib\NativeWikiPage::bbcode($content))))); $renderedContent = Zlib\NativeWikiPage::convert_links($html, argv(0) . '/' . argv(1) . '/' . $wikiUrlName); } |