aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/html2bbcode.php6
-rw-r--r--include/items.php23
2 files changed, 20 insertions, 9 deletions
diff --git a/include/html2bbcode.php b/include/html2bbcode.php
index 7cacadd65..65cbcec41 100644
--- a/include/html2bbcode.php
+++ b/include/html2bbcode.php
@@ -11,6 +11,9 @@ function html2bbcode($s) {
$htmltags = array(
'/\n/is',
+ '/\<pre\>(.*?)\<\/pre\>/is',
+ '/\<p(.*?)\>/is',
+ '/\<\/p\>/is',
'/\<b\>(.*?)\<\/b\>/is',
'/\<i\>(.*?)\<\/i\>/is',
'/\<u\>(.*?)\<\/u\>/is',
@@ -32,6 +35,9 @@ function html2bbcode($s) {
// Replace with
$bbtags = array(
+ '',
+ '[code]$1[/code]',
+ '',
"\n",
'[b]$1[/b]',
'[i]$1[/i]',
diff --git a/include/items.php b/include/items.php
index c076e0fbf..beed024a1 100644
--- a/include/items.php
+++ b/include/items.php
@@ -381,7 +381,7 @@ function get_atom_elements($feed,$item) {
// It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust
// the content type. Our own network only emits text normally, though it might have been converted to
- // html if we used a pubsubhubbub transport. But if we see even one html open tag in our text, we will
+ // html if we used a pubsubhubbub transport. But if we see even one html tag in our text, we will
// have to assume it is all html and needs to be purified.
// It doesn't matter all that much security wise - because before this content is used anywhere, we are
@@ -390,7 +390,7 @@ function get_atom_elements($feed,$item) {
// html.
- if(strpos($res['body'],'<')) {
+ if((strpos($res['body'],'<')) || (strpos($res['body'],'>'))) {
$res['body'] = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
'[youtube]$1[/youtube]', $res['body']);
@@ -404,11 +404,12 @@ function get_atom_elements($feed,$item) {
$purifier = new HTMLPurifier($config);
$res['body'] = $purifier->purify($res['body']);
- }
+ $res['body'] = html2bbcode($res['body']);
+ }
+ else
+ $res['body'] = escape_tags($res['body']);
- $res['body'] = html2bbcode($res['body']);
-
$allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow');
if($allow && $allow[0]['data'] == 1)
@@ -496,7 +497,7 @@ function get_atom_elements($feed,$item) {
$body = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
$res['object'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
- if(strpos($body,'<')) {
+ if((strpos($body,'<')) || (strpos($body,'>'))) {
$body = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
'[youtube]$1[/youtube]', $body);
@@ -506,9 +507,11 @@ function get_atom_elements($feed,$item) {
$purifier = new HTMLPurifier($config);
$body = $purifier->purify($body);
+ $body = html2bbcode($body);
}
+ else
+ $body = escape_tags($body);
- $body = html2bbcode($body);
$res['object'] .= '<content>' . $body . '</content>' . "\n";
}
@@ -535,7 +538,7 @@ function get_atom_elements($feed,$item) {
$body = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data'];
// preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events
$res['object'] .= '<orig>' . xmlify($body) . '</orig>' . "\n";
- if(strpos($body,'<')) {
+ if((strpos($body,'<')) || (strpos($body,'>'))) {
$body = preg_replace('#<object[^>]+>.+?' . 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s',
'[youtube]$1[/youtube]', $body);
@@ -545,9 +548,11 @@ function get_atom_elements($feed,$item) {
$purifier = new HTMLPurifier($config);
$body = $purifier->purify($body);
+ $body = html2bbcode($body);
}
+ else
+ $body = escape_tags($body);
- $body = html2bbcode($body);
$res['target'] .= '<content>' . $body . '</content>' . "\n";
}