Menu
▾
▴
[Tikiwiki-cvs/svn] SF.net SVN: tikiwiki:[41446] branches/9.x/lib/wiki/wikilib.php
|
From: <rob...@us...> - 2012-05-14 01:59:14
|
Revision: 41446
http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=41446&view=rev
Author: robertplummer
Date: 2012-05-14 01:59:07 +0000 (Mon, 14 May 2012)
Log Message:
-----------
[FIX] Ensure we only use htmlspecialentities_decode and get the fingerprint finder for pre 9 to match up to a sort of partial decoded state, everything decoded with the exception of < and >
Modified Paths:
--------------
branches/9.x/lib/wiki/wikilib.php
Modified: branches/9.x/lib/wiki/wikilib.php
===================================================================
--- branches/9.x/lib/wiki/wikilib.php 2012-05-13 23:55:45 UTC (rev 41445)
+++ branches/9.x/lib/wiki/wikilib.php 2012-05-14 01:59:07 UTC (rev 41446)
@@ -1435,8 +1435,11 @@
$name = $match->getName();
$meta = $this->parserlib->plugin_info($name);
$args = $this->argumentParser->parse($match->getArguments());
+
+ //RobertPlummer - pre 9, latest findings from v8 is that the < and > chars are THE ONLY ones converted to < and > everything else seems to be decoded
$body = $match->getBody();
-
+ $body = htmlspecialchars_decode($body);
+ $body = str_replace(array('<', '>'), array('<', '>'), $body);
$fingerPrintsOld[] = $this->parserlib->plugin_fingerprint($name, $meta, $body, $args);
}
@@ -1448,7 +1451,7 @@
//Here we detect if a plugin was double encoded and this is the second decode
if (preg_match("/&&/i", $argsRaw) || preg_match("/"/i", $argsRaw) || preg_match("/>/i", $argsRaw)) { //try to detect double encoding
- $argsRaw = html_entity_decode($argsRaw); // decode entities in the plugin args (usually ")
+ $argsRaw = htmlspecialchars_decode($argsRaw); // decode entities in the plugin args (usually ")
}
$args = $this->argumentParser->parse($argsRaw);
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|