From 4afeefb5ce2119541a6d2a0a0b332c7a9a59a2b4 Mon Sep 17 00:00:00 2001 From: zotlabs Date: Sat, 18 Mar 2017 16:41:43 -0700 Subject: various input filter fixes --- Zotlabs/Lib/MarkdownSoap.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) (limited to 'Zotlabs/Lib/MarkdownSoap.php') diff --git a/Zotlabs/Lib/MarkdownSoap.php b/Zotlabs/Lib/MarkdownSoap.php index 2dcaaec9a..8cc18d513 100644 --- a/Zotlabs/Lib/MarkdownSoap.php +++ b/Zotlabs/Lib/MarkdownSoap.php @@ -34,9 +34,13 @@ class MarkdownSoap { function clean() { + $x = $this->extract_code($this->str); + $x = $this->purify($x); + $x = $this->putback_code($x); + $x = $this->escape($x); return $x; @@ -60,7 +64,7 @@ class MarkdownSoap { } function encode_code($matches) { - return $this->token . ';' . base64_encode($matches[1]) . ';' ; + return $this->token . ';' . base64_encode($matches[0]) . ';' ; } function decode_code($matches) { @@ -73,7 +77,13 @@ class MarkdownSoap { } function purify($s) { - return purify_html($s); + $s = str_replace("\n",'
',$s); + $s = str_replace("\t",'    ',$s); + $s = str_replace(' ',' ',$s); + $s = purify_html($s); + $s = str_replace(' '," ",$s); + $s = str_replace(['
','
'],["\n","\n"],$s); + return $s; } function escape($s) { -- cgit v1.2.3