diff options
author | Mario <mario@mariovavti.com> | 2021-10-10 08:10:49 +0000 |
---|---|---|
committer | Mario <mario@mariovavti.com> | 2021-10-10 08:10:49 +0000 |
commit | ad2c165f26625614086283d1efffcc411bc1c108 (patch) | |
tree | 7d8d6aef138dfb080a7a633bac9ad89605cfe7ae /include | |
parent | af5218593a45865e11080b55c986a7a685fa8bbb (diff) | |
download | volse-hubzilla-ad2c165f26625614086283d1efffcc411bc1c108.tar.gz volse-hubzilla-ad2c165f26625614086283d1efffcc411bc1c108.tar.bz2 volse-hubzilla-ad2c165f26625614086283d1efffcc411bc1c108.zip |
bbcode: deal with codeblocks before we escape other tags
Diffstat (limited to 'include')
-rw-r--r-- | include/bbcode.php | 47 |
1 files changed, 22 insertions, 25 deletions
diff --git a/include/bbcode.php b/include/bbcode.php index 42790aaca..6a1a5a01e 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -1120,26 +1120,7 @@ function bbcode($Text, $options = []) { } } - // Hide all [noparse] contained bbtags by spacefying them - if (strpos($Text,'[noparse]') !== false) { - $Text = preg_replace_callback("/\[noparse\](.*?)\[\/noparse\]/ism", 'bb_spacefy',$Text); - } - if (strpos($Text,'[nobb]') !== false) { - $Text = preg_replace_callback("/\[nobb\](.*?)\[\/nobb\]/ism", 'bb_spacefy',$Text); - } - if (strpos($Text,'[pre]') !== false) { - $Text = preg_replace_callback("/\[pre\](.*?)\[\/pre\]/ism", 'bb_spacefy',$Text); - } - if (strpos($Text,'[summary]') !== false) { - $Text = preg_replace_callback("/\[summary\](.*?)\[\/summary\]/ism", 'bb_spacefy',$Text); - } - if (strpos($Text,'[/img]') !== false) { - $Text = preg_replace_callback('/\[img(.*?)\[\/(img)\]/ism','\red_escape_codeblock',$Text); - } - if (strpos($Text,'[/zmg]') !== false) { - $Text = preg_replace_callback('/\[zmg(.*?)\[\/(zmg)\]/ism','\red_escape_codeblock',$Text); - } $Text = bb_format_attachdata($Text); @@ -1199,13 +1180,13 @@ function bbcode($Text, $options = []) { $Text = str_replace(array('[baseurl]','[sitename]'),array(z_root(),get_config('system','sitename')),$Text); - // Replace any html brackets with HTML Entities to prevent executing HTML or script // Don't use strip_tags here because it breaks [url] search by replacing & with amp $Text = str_replace("<", "<", $Text); $Text = str_replace(">", ">", $Text); - + $Text = preg_replace_callback("/\[table\](.*?)\[\/table\]/ism",'bb_fixtable_lf',$Text); + $Text = str_replace(array("\t", " "), array(" ", " "), $Text); // Check for [code] text here, before the linefeeds are messed with. // The highlighter will unescape and re-escape the content. @@ -1214,10 +1195,6 @@ function bbcode($Text, $options = []) { $Text = preg_replace_callback("/\[code=(.*?)\](.*?)\[\/code\]/ism", 'bb_highlight', $Text); } - $Text = preg_replace_callback("/\[table\](.*?)\[\/table\]/ism",'bb_fixtable_lf',$Text); - - $Text = str_replace(array("\t", " "), array(" ", " "), $Text); - // Check for [code] text if (strpos($Text,'[code]') !== false) { $Text = preg_replace_callback("/\[code\](.*?)\[\/code\]/ism", 'bb_code', $Text); @@ -1228,6 +1205,26 @@ function bbcode($Text, $options = []) { $Text = preg_replace_callback("/\[code(.*?)\](.*?)\[\/code\]/ism", 'bb_code_options', $Text); } + // Hide all [noparse] contained bbtags by spacefying them + if (strpos($Text,'[noparse]') !== false) { + $Text = preg_replace_callback("/\[noparse\](.*?)\[\/noparse\]/ism", 'bb_spacefy',$Text); + } + if (strpos($Text,'[nobb]') !== false) { + $Text = preg_replace_callback("/\[nobb\](.*?)\[\/nobb\]/ism", 'bb_spacefy',$Text); + } + if (strpos($Text,'[pre]') !== false) { + $Text = preg_replace_callback("/\[pre\](.*?)\[\/pre\]/ism", 'bb_spacefy',$Text); + } + if (strpos($Text,'[summary]') !== false) { + $Text = preg_replace_callback("/\[summary\](.*?)\[\/summary\]/ism", 'bb_spacefy',$Text); + } + if (strpos($Text,'[/img]') !== false) { + $Text = preg_replace_callback('/\[img(.*?)\[\/(img)\]/ism','\red_escape_codeblock',$Text); + } + if (strpos($Text,'[/zmg]') !== false) { + $Text = preg_replace_callback('/\[zmg(.*?)\[\/(zmg)\]/ism','\red_escape_codeblock',$Text); + } + // Set up the parameters for a URL search string $URLSearchString = "^\[\]"; // Set up the parameters for a MAIL search string |