Menu
▾
▴
[Tikiwiki-cvs/svn] SF.net SVN: tikiwiki:[50124] branches/12.x/tiki-edit_article.php
|
From: <jy...@us...> - 2014-02-27 18:03:25
|
Revision: 50124
http://sourceforge.net/p/tikiwiki/code/50124
Author: jyhem
Date: 2014-02-27 18:03:21 +0000 (Thu, 27 Feb 2014)
Log Message:
-----------
[FIX] Fixes issue wish5156 (html plugin in articles) caused by revision r48131 (thanks jonny for the hint)
Revision Links:
--------------
http://sourceforge.net/p/tikiwiki/code/48131
Modified Paths:
--------------
branches/12.x/tiki-edit_article.php
Modified: branches/12.x/tiki-edit_article.php
===================================================================
--- branches/12.x/tiki-edit_article.php 2014-02-27 17:14:45 UTC (rev 50123)
+++ branches/12.x/tiki-edit_article.php 2014-02-27 18:03:21 UTC (rev 50124)
@@ -400,9 +400,33 @@
$smarty->assign('edit_data', 'y');
if (isset($_REQUEST['allowhtml']) && $_REQUEST['allowhtml'] == 'on') {
- $body = $jitRequest->body->purifier();
+ $body = $_REQUEST['body'];
+ $parserlib = TikiLib::lib('parser');
+ $noparsed = array();
+ $parserlib->plugins_remove($body, $noparsed);
- $heading = $jitRequest->heading->purifier();
+ $body = TikiFilter::get('xss')->filter($body);
+
+ $parserlib->isEditMode = true;
+ $parserlib->plugins_replace($body, $noparsed, true);
+ $parserlib->isEditMode = false;
+
+ $heading = $_REQUEST['heading'];
+ $noparsed = array();
+ $parserlib->plugins_remove($heading, $noparsed);
+
+ $heading = TikiFilter::get('xss')->filter($heading);
+
+ $parserlib->isEditMode = true;
+ $parserlib->plugins_replace($heading, $noparsed, true);
+ $parserlib->isEditMode = false;
+
+ //html is stored encoded in wysiwyg
+ if (isset($jitRequest['wysiwyg']) && $jitRequest['wysiwyg'] == 'y') {
+ $body = html_entity_decode($body, ENT_QUOTES, 'UTF-8');
+ $heading = html_entity_decode($heading, ENT_QUOTES, 'UTF-8');
+ }
+
} else {
$body = strip_tags($_REQUEST['body'], '<a><pre><p><img><hr><b><i>');
@@ -460,9 +484,33 @@
}
if (isset($_REQUEST['allowhtml']) && $_REQUEST['allowhtml'] == 'on' || $_SESSION['wysiwyg'] == 'y') {
- $body = $jitRequest->body->purifier();
+ $body = $_REQUEST['body'];
+ $parserlib = TikiLib::lib('parser');
+ $noparsed = array();
+ $parserlib->plugins_remove($body, $noparsed);
- $heading = $jitRequest->heading->purifier();
+ $body = TikiFilter::get('xss')->filter($body);
+
+ $parserlib->isEditMode = true;
+ $parserlib->plugins_replace($body, $noparsed, true);
+ $parserlib->isEditMode = false;
+
+ $heading = $_REQUEST['heading'];
+ $noparsed = array();
+ $parserlib->plugins_remove($heading, $noparsed);
+
+ $heading = TikiFilter::get('xss')->filter($heading);
+
+ $parserlib->isEditMode = true;
+ $parserlib->plugins_replace($heading, $noparsed, true);
+ $parserlib->isEditMode = false;
+
+ //html is stored encoded in wysiwyg
+ if (isset($jitRequest['wysiwyg']) && $jitRequest['wysiwyg'] == 'y') {
+ $body = html_entity_decode($body, ENT_QUOTES, 'UTF-8');
+ $heading = html_entity_decode($heading, ENT_QUOTES, 'UTF-8');
+ }
+
} else {
$body = strip_tags($_REQUEST['body'], '<a><pre><p><img><hr><b><i>');
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|