From fa629841bd2fd150531a5494504a24b13a0c4503 Mon Sep 17 00:00:00 2001
From: zotlabs <mike@macgirvin.com>
Date: Tue, 14 Mar 2017 17:07:29 -0700
Subject: input filter updates

---
 include/text.php | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

(limited to 'include/text.php')

diff --git a/include/text.php b/include/text.php
index 14ca19cef..c02499625 100644
--- a/include/text.php
+++ b/include/text.php
@@ -3,6 +3,7 @@
  * @file include/text.php
  */
 
+use \Zotlabs\Lib as Zlib;
 use \Michelf\MarkdownExtra;
 
 require_once("include/bbcode.php");
@@ -89,12 +90,10 @@ function escape_tags($string) {
 }
 
 
-function z_input_filter($channel_id,$s,$type = 'text/bbcode') {
+function z_input_filter($s,$type = 'text/bbcode',$allow_code = false) {
 
 	if($type === 'text/bbcode')
 		return escape_tags($s);
-	if($type === 'text/markdown')
-		return escape_tags($s);
 	if($type == 'text/plain')
 		return escape_tags($s);
 	if($type == 'application/x-pdl')
@@ -104,13 +103,17 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') {
 		return $s;
 	}
 
-	$r = q("select channel_pageflags from channel where channel_id = %d limit 1",
-		intval($channel_id)
-	);
-	if(($r) && (local_channel() == $channel_id) && ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) {
+	if($allow_code) {
+		if($type === 'text/markdown')
+			return htmlspecialchars($s,ENT_QUOTES);
 		return $s;
 	}
 
+	if($type === 'text/markdown') {
+		$x = new Zlib\MarkdownSoap($s);
+		return $x->clean();
+	}
+
 	if($type === 'text/html')
 		return purify_html($s);
 
@@ -1653,6 +1656,7 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) {
 			break;
 
 		case 'text/markdown':
+			$text = Zlib\MarkdownSoap::unescape($text);
 			$s = MarkdownExtra::defaultTransform($text);
 			break;
 
-- 
cgit v1.2.3