From 96fdb88690fcb572b5bc4948a7df71b3c257a97d Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Thu, 23 Feb 2017 15:15:19 -0800
Subject: nativewiki: only apply markdown filter to markdown input

---
 Zotlabs/Lib/NativeWikiPage.php | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'Zotlabs')

diff --git a/Zotlabs/Lib/NativeWikiPage.php b/Zotlabs/Lib/NativeWikiPage.php
index cdb2a5134..af0286997 100644
--- a/Zotlabs/Lib/NativeWikiPage.php
+++ b/Zotlabs/Lib/NativeWikiPage.php
@@ -333,18 +333,26 @@ class NativeWikiPage {
 	
 	static public function save_page($arr) {
 
-		$pageUrlName = ((array_key_exists('pageUrlName',$arr)) ? $arr['pageUrlName'] : '');
-		$content = ((array_key_exists('content',$arr)) ? purify_html(Zlib\NativeWikiPage::prepare_content($arr['content'])) : '');
-		$resource_id = ((array_key_exists('resource_id',$arr)) ? $arr['resource_id'] : '');
+		$pageUrlName   = ((array_key_exists('pageUrlName',$arr))   ? $arr['pageUrlName']   : '');
+		$content       = ((array_key_exists('content',$arr))       ? $arr['content']       : '');
+		$resource_id   = ((array_key_exists('resource_id',$arr))   ? $arr['resource_id']   : '');
 		$observer_hash = ((array_key_exists('observer_hash',$arr)) ? $arr['observer_hash'] : '');
 		$channel_id    = ((array_key_exists('channel_id',$arr))    ? $arr['channel_id']    : 0);
-		$revision = ((array_key_exists('revision',$arr))    ? $arr['revision']    : 0);
+		$revision      = ((array_key_exists('revision',$arr))      ? $arr['revision']      : 0);
 
 		$w = Zlib\NativeWiki::get_wiki($channel_id, $observer_hash, $resource_id);
 
 		if (!$w['wiki']) {
 			return array('message' => t('Error reading wiki'), 'success' => false);
 		}
+
+		$mimetype = $w['mimeType'];
+		if($mimetype === 'text/markdown') {
+			$content = purify_html(Zlib\NativeWikiPage::prepare_content($content));
+		}
+		else {
+			$content = escape_tags($content);
+		}
 	
 		// fetch the most recently saved revision. 
 
-- 
cgit v1.2.3