From 4c289394889dc5f69a0c20ecd56806ea691e7f64 Mon Sep 17 00:00:00 2001 From: toclimb Date: Wed, 29 Jan 2014 23:56:05 +0100 Subject: Don't look for emoticons inside the matching angle brackets of HTML tags (seriously) --- include/text.php | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/include/text.php b/include/text.php index a459296cb..cf68ee121 100755 --- a/include/text.php +++ b/include/text.php @@ -871,8 +871,8 @@ function get_mood_verbs() { * Returns string * * It is expected that this function will be called using HTML text. - * We will escape text between HTML pre and code blocks from being - * processed. + * We will escape text between HTML pre and code blocks, and HTML attributes + * (such as urls) from being processed. * * At a higher level, the bbcode [nosmile] tag can be used to prevent this * function from being executed by the prepare_text() routine when preparing @@ -889,9 +889,8 @@ function smilies($s, $sample = false) { || (local_user() && intval(get_pconfig(local_user(),'system','no_smilies')))) return $s; - $s = preg_replace_callback('/
(.*?)<\/pre>/ism','smile_encode',$s);
-	$s = preg_replace_callback('/(.*?)<\/code>/ism','smile_encode',$s);
-//	$s = preg_replace_callback('/<(.*?)>/ism','smile_encode',$s);
+	$s = preg_replace_callback('{<(pre|code)>(?.*?)}ism','smile_encode',$s);
+	$s = preg_replace_callback('/<[a-z]+ (?.*?)>/ism','smile_encode',$s);
 
 	$texts =  array( 
 		'<3', 
@@ -982,20 +981,20 @@ function smilies($s, $sample = false) {
 		$s = str_replace($params['texts'],$params['icons'],$params['string']);
 	}
 
-	$s = preg_replace_callback('/
(.*?)<\/pre>/ism','smile_decode',$s);
-	$s = preg_replace_callback('/(.*?)<\/code>/ism','smile_decode',$s);
-//	$s = preg_replace_callback('/<(.*?)>/s','smile_decode',$s);
+	$s = preg_replace_callback(
+		'//ism',
+		function ($m) { return base64url_decode($m[1]); },
+		$s
+	);
 
 	return $s;
 
 }
 
-function smile_encode($m) {
-	return(str_replace($m[1],base64url_encode($m[1]),$m[0]));
-}
 
-function smile_decode($m) {
-	return(str_replace($m[1],base64url_decode($m[1]),$m[0]));
+function smile_encode($m) {
+	$cleartext = $m['target'];
+	return str_replace($cleartext,'',$m[0]);
 }
 
 // expand <3333 to the correct number of hearts
-- 
cgit v1.2.3