1
0
Fork 0
mirror of https://github.com/sbrl/Pepperminty-Wiki.git synced 2024-11-22 04:23:01 +00:00

Fix issue in editor with blockquotes.

This commit is contained in:
Starbeamrainbowlabs 2016-04-08 20:13:11 +01:00
parent 91bb2d4882
commit 881a5ff345
5 changed files with 48 additions and 4 deletions

2
.gitignore vendored
View file

@ -2,6 +2,8 @@
*.md *.md
# Include the README # Include the README
!README.md !README.md
# .. but ignore READMEs in the build folder
build/README.md
# And the Module API Docs # And the Module API Docs
!Module_API_Docs.md !Module_API_Docs.md
# And the changelog # And the changelog

View file

@ -779,6 +779,22 @@ function system_extension_mime_type($ext) {
return isset($types[$ext]) ? $types[$ext] : null; return isset($types[$ext]) ? $types[$ext] : null;
} }
function stack_trace($log_trace = true)
{
$result = "";
$stackTrace = debug_backtrace();
$stackHeight = count($stackTrace);
foreach ($stackTrace as $i => $stackEntry)
{
$result .= "#" . ($stackHeight - $i) . " - " . $stackEntry["file"] . ":" . $stackEntry["line"] . " (" . $stackEntry["function"] . ":" . count($stackEntry["args"]) . ")\n";
}
if($log_trace)
error_log($result);
return $result;
}
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
@ -1339,7 +1355,6 @@ $actions = new stdClass();
function add_action($action_name, $func) function add_action($action_name, $func)
{ {
global $actions; global $actions;
//echo("adding $action_name\n");
$actions->$action_name = $func; $actions->$action_name = $func;
} }
@ -3303,7 +3318,13 @@ register_module([
$pagedata = $_POST["content"]; $pagedata = $_POST["content"];
// Santise it if necessary // Santise it if necessary
if($settings->clean_raw_html) if($settings->clean_raw_html)
{
$pagedata = htmlentities($pagedata, ENT_QUOTES); $pagedata = htmlentities($pagedata, ENT_QUOTES);
// Un-sanitize greater than signs ('>') as these are commonly
// used for blockquotes. This should be a security risk as it is
// the less than sign ('<') that is used to open HTML tags.
$pagedata = str_replace("&gt;", ">", $pagedata);
}
// Read in the new page tags, so long as there are actually some tags to read in // Read in the new page tags, so long as there are actually some tags to read in
$page_tags = []; $page_tags = [];

View file

@ -375,6 +375,22 @@ function system_extension_mime_type($ext) {
return isset($types[$ext]) ? $types[$ext] : null; return isset($types[$ext]) ? $types[$ext] : null;
} }
function stack_trace($log_trace = true)
{
$result = "";
$stackTrace = debug_backtrace();
$stackHeight = count($stackTrace);
foreach ($stackTrace as $i => $stackEntry)
{
$result .= "#" . ($stackHeight - $i) . " - " . $stackEntry["file"] . ":" . $stackEntry["line"] . " (" . $stackEntry["function"] . ":" . count($stackEntry["args"]) . ")\n";
}
if($log_trace)
error_log($result);
return $result;
}
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////// ///////////////////////////////////////////////////////////////////////////////
@ -935,7 +951,6 @@ $actions = new stdClass();
function add_action($action_name, $func) function add_action($action_name, $func)
{ {
global $actions; global $actions;
//echo("adding $action_name\n");
$actions->$action_name = $func; $actions->$action_name = $func;
} }

View file

@ -104,7 +104,7 @@
"author": "Starbeamrainbowlabs", "author": "Starbeamrainbowlabs",
"description": "Allows you to edit pages by adding the edit and save actions. You should probably include this one.", "description": "Allows you to edit pages by adding the edit and save actions. You should probably include this one.",
"id": "page-edit", "id": "page-edit",
"lastupdate": 1460044396, "lastupdate": 1460142693,
"optional": false "optional": false
}, },
{ {
@ -194,7 +194,7 @@
"author": "Emanuil Rusev & Starbeamrainbowlabs", "author": "Emanuil Rusev & Starbeamrainbowlabs",
"description": "An upgraded (now default!) parser based on Emanuil Rusev's Parsedown Extra PHP library (https:\/\/github.com\/erusev\/parsedown-extra), which is licensed MIT. Please be careful, as this module adds a some weight to your installation, and also *requires* write access to the disk on first load.", "description": "An upgraded (now default!) parser based on Emanuil Rusev's Parsedown Extra PHP library (https:\/\/github.com\/erusev\/parsedown-extra), which is licensed MIT. Please be careful, as this module adds a some weight to your installation, and also *requires* write access to the disk on first load.",
"id": "parser-parsedown", "id": "parser-parsedown",
"lastupdate": 1460105270, "lastupdate": 1460137501,
"optional": false "optional": false
} }
] ]

View file

@ -125,7 +125,13 @@ register_module([
$pagedata = $_POST["content"]; $pagedata = $_POST["content"];
// Santise it if necessary // Santise it if necessary
if($settings->clean_raw_html) if($settings->clean_raw_html)
{
$pagedata = htmlentities($pagedata, ENT_QUOTES); $pagedata = htmlentities($pagedata, ENT_QUOTES);
// Un-sanitize greater than signs ('>') as these are commonly
// used for blockquotes. This should be a security risk as it is
// the less than sign ('<') that is used to open HTML tags.
$pagedata = str_replace("&gt;", ">", $pagedata);
}
// Read in the new page tags, so long as there are actually some tags to read in // Read in the new page tags, so long as there are actually some tags to read in
$page_tags = []; $page_tags = [];