1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-12-22 13:45:02 +00:00

Fix issue in editor with blockquotes.

This commit is contained in:
Starbeamrainbowlabs 2016-04-08 20:13:11 +01:00
parent 91bb2d4882
commit 881a5ff345
5 changed files with 48 additions and 4 deletions

2
.gitignore vendored
View file

@ -2,6 +2,8 @@
*.md
# Include the README
!README.md
# .. but ignore READMEs in the build folder
build/README.md
# And the Module API Docs
!Module_API_Docs.md
# And the changelog

View file

@ -779,6 +779,22 @@ function system_extension_mime_type($ext) {
return isset($types[$ext]) ? $types[$ext] : null;
}
function stack_trace($log_trace = true)
{
$result = "";
$stackTrace = debug_backtrace();
$stackHeight = count($stackTrace);
foreach ($stackTrace as $i => $stackEntry)
{
$result .= "#" . ($stackHeight - $i) . " - " . $stackEntry["file"] . ":" . $stackEntry["line"] . " (" . $stackEntry["function"] . ":" . count($stackEntry["args"]) . ")\n";
}
if($log_trace)
error_log($result);
return $result;
}
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
@ -1339,7 +1355,6 @@ $actions = new stdClass();
function add_action($action_name, $func)
{
global $actions;
//echo("adding $action_name\n");
$actions->$action_name = $func;
}
@ -3303,7 +3318,13 @@ register_module([
$pagedata = $_POST["content"];
// Santise it if necessary
if($settings->clean_raw_html)
{
$pagedata = htmlentities($pagedata, ENT_QUOTES);
// Un-sanitize greater than signs ('>') as these are commonly
// used for blockquotes. This should be a security risk as it is
// the less than sign ('<') that is used to open HTML tags.
$pagedata = str_replace("&gt;", ">", $pagedata);
}
// Read in the new page tags, so long as there are actually some tags to read in
$page_tags = [];

View file

@ -375,6 +375,22 @@ function system_extension_mime_type($ext) {
return isset($types[$ext]) ? $types[$ext] : null;
}
function stack_trace($log_trace = true)
{
$result = "";
$stackTrace = debug_backtrace();
$stackHeight = count($stackTrace);
foreach ($stackTrace as $i => $stackEntry)
{
$result .= "#" . ($stackHeight - $i) . " - " . $stackEntry["file"] . ":" . $stackEntry["line"] . " (" . $stackEntry["function"] . ":" . count($stackEntry["args"]) . ")\n";
}
if($log_trace)
error_log($result);
return $result;
}
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
@ -935,7 +951,6 @@ $actions = new stdClass();
function add_action($action_name, $func)
{
global $actions;
//echo("adding $action_name\n");
$actions->$action_name = $func;
}

View file

@ -104,7 +104,7 @@
"author": "Starbeamrainbowlabs",
"description": "Allows you to edit pages by adding the edit and save actions. You should probably include this one.",
"id": "page-edit",
"lastupdate": 1460044396,
"lastupdate": 1460142693,
"optional": false
},
{
@ -194,7 +194,7 @@
"author": "Emanuil Rusev & Starbeamrainbowlabs",
"description": "An upgraded (now default!) parser based on Emanuil Rusev's Parsedown Extra PHP library (https:\/\/github.com\/erusev\/parsedown-extra), which is licensed MIT. Please be careful, as this module adds a some weight to your installation, and also *requires* write access to the disk on first load.",
"id": "parser-parsedown",
"lastupdate": 1460105270,
"lastupdate": 1460137501,
"optional": false
}
]

View file

@ -125,7 +125,13 @@ register_module([
$pagedata = $_POST["content"];
// Santise it if necessary
if($settings->clean_raw_html)
{
$pagedata = htmlentities($pagedata, ENT_QUOTES);
// Un-sanitize greater than signs ('>') as these are commonly
// used for blockquotes. This should be a security risk as it is
// the less than sign ('<') that is used to open HTML tags.
$pagedata = str_replace("&gt;", ">", $pagedata);
}
// Read in the new page tags, so long as there are actually some tags to read in
$page_tags = [];