diff options
| -rw-r--r-- | doc/to_do_code.bb | 2 | ||||
| -rw-r--r-- | include/features.php | 2 | ||||
| -rw-r--r-- | mod/item.php | 31 | ||||
| -rw-r--r-- | version.inc | 2 |
4 files changed, 24 insertions, 13 deletions
diff --git a/doc/to_do_code.bb b/doc/to_do_code.bb index a7c3c94b4..d0860cf3a 100644 --- a/doc/to_do_code.bb +++ b/doc/to_do_code.bb @@ -32,8 +32,6 @@ We need much more than this, but here are areas where developers can help. Pleas [li]API extensions, for Twitter API - search, friending, threading. For Red API, lots of stuff[/li]
[li]Import channel from Diaspora/Friendica (Diaspora partially done)[/li]
[li]MediaGoblin photo "crosspost" connector[/li]
-[li]Create management page/UI for extensible profile fields[/li]
-[li]Create interface to include/exclude and re-order standard profile fields[/li]
[li]App taxonomy[/li]
[li]Customisable App collection pages[/li]
[li]replace the tinymce visual editor and/or make the visual editor pluggable and responsive to different output formats. We probably want library/bbedit for bbcode. This needs a fair bit of work to catch up with our "enhanced bbcode", but start with images, links, bold and highlight and work from there.[/li]
diff --git a/include/features.php b/include/features.php index 1ef070b00..ff6b71d4c 100644 --- a/include/features.php +++ b/include/features.php @@ -66,7 +66,7 @@ function get_features($filtered = true) { 'composition' => array( t('Post Composition Features'), // array('richtext', t('Richtext Editor'), t('Enable richtext editor'),falseget_config('feature_lock','richtext')), - array('markdown', t('Use Markdown'), t('Allow use of "Markdown" to format posts'),false,get_config('feature_lock','markdown')), +// array('markdown', t('Use Markdown'), t('Allow use of "Markdown" to format posts'),false,get_config('feature_lock','markdown')), array('large_photos', t('Large Photos'), t('Include large (1024px) photo thumbnails in posts. If not enabled, use small (640px) photo thumbnails'),false,get_config('feature_lock','large_photos')), array('channel_sources', t('Channel Sources'), t('Automatically import channel content from other channels or feeds'),false,get_config('feature_lock','channel_sources')), array('content_encrypt', t('Even More Encryption'), t('Allow optional encryption of content end-to-end with a shared secret key'),false,get_config('feature_lock','content_encrypt')), diff --git a/mod/item.php b/mod/item.php index f23bff3ac..038a967b2 100644 --- a/mod/item.php +++ b/mod/item.php @@ -477,15 +477,28 @@ function item_post(&$a) { if($mimetype === 'text/bbcode') { require_once('include/text.php'); - if($uid && $uid == $profile_uid && feature_enabled($uid,'markdown')) { - require_once('include/bb2diaspora.php'); - $body = escape_tags(trim($body)); - $body = str_replace("\n",'<br />', $body); - - $body = preg_replace_callback('/\[share(.*?)\]/ism','share_shield',$body); - $body = diaspora2bb($body,true); - $body = preg_replace_callback('/\[share(.*?)\]/ism','share_unshield',$body); - } + + // Markdown doesn't work correctly. Do not re-enable unless you're willing to fix it and support it. + + // Sample that will probably give you grief - you must preserve the linebreaks + // and provide the correct markdown interpretation and you cannot allow unfiltered HTML + + // Markdown + // ======== + // + // **bold** abcde + // fghijkl + // *italic* + // <img src="javascript:alert('hacked');" /> + +// if($uid && $uid == $profile_uid && feature_enabled($uid,'markdown')) { +// require_once('include/bb2diaspora.php'); +// $body = escape_tags(trim($body)); +// $body = str_replace("\n",'<br />', $body); +// $body = preg_replace_callback('/\[share(.*?)\]/ism','share_shield',$body); +// $body = diaspora2bb($body,true); +// $body = preg_replace_callback('/\[share(.*?)\]/ism','share_unshield',$body); +// } // BBCODE alert: the following functions assume bbcode input // and will require alternatives for alternative content-types (text/html, text/markdown, text/plain, etc.) diff --git a/version.inc b/version.inc index 9863e681b..bac770446 100644 --- a/version.inc +++ b/version.inc @@ -1 +1 @@ -2016-03-02.1324H +2016-03-03.1325H |