diff options
| author | Mario <mario@mariovavti.com> | 2024-03-06 21:08:46 +0100 |
|---|---|---|
| committer | Mario <mario@mariovavti.com> | 2024-03-06 21:08:46 +0100 |
| commit | 37b22fe542eb8f336c167c982bf458852e8b32b9 (patch) | |
| tree | 8eaf0acde67fe561e15b12b901149037cac3bc20 /include | |
| parent | d40d62ac4f9313b928b0521b09b0c380579ac727 (diff) | |
| download | volse-hubzilla-37b22fe542eb8f336c167c982bf458852e8b32b9.tar.gz volse-hubzilla-37b22fe542eb8f336c167c982bf458852e8b32b9.tar.bz2 volse-hubzilla-37b22fe542eb8f336c167c982bf458852e8b32b9.zip | |
fix unterminated entity reference error when dealing with domxpath and add a test
Diffstat (limited to 'include')
| -rw-r--r-- | include/html2bbcode.php | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/include/html2bbcode.php b/include/html2bbcode.php index e97748a59..c7fe981d0 100644 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -77,12 +77,13 @@ function node2bbcodesub(&$doc, $oldnode, $attributes, $startbb, $endbb) // The exception is `<pre>` and `<code>` elements which // should keep both newlines and whitespace intact. if ($oldNode->nodeName != 'pre' && $oldNode->nodeName != 'code') { + $newNode->nodeValue = str_replace( array("\n<", ">\n", "\r", "\n", "\xC3\x82\xC2\xA0"), array("<", ">", "<br />", " ", ""), - $newNode->nodeValue); + htmlspecialchars($newNode->nodeValue, ENT_QUOTES, 'UTF-8', false)); - $newNode->nodeValue = preg_replace('=[\s]{2,}=i', " ", $newNode->nodeValue); + $newNode->nodeValue = preg_replace('=[\s]{2,}=i', " ", htmlspecialchars($newNode->nodeValue, ENT_QUOTES, 'UTF-8', false)); } $oldNode->parentNode->insertBefore($newNode, $oldNode); |