diff --git a/include/html2bbcode.php b/include/html2bbcode.php index 7cacadd65c..65cbcec41f 100644 --- a/include/html2bbcode.php +++ b/include/html2bbcode.php @@ -11,6 +11,9 @@ function html2bbcode($s) { $htmltags = array( '/\n/is', + '/\
(.*?)\<\/pre\>/is', + '/\/is', + '/\<\/p\>/is', '/\(.*?)\<\/b\>/is', '/\(.*?)\<\/i\>/is', '/\(.*?)\<\/u\>/is', @@ -32,6 +35,9 @@ function html2bbcode($s) { // Replace with $bbtags = array( + '', + '[code]$1[/code]', + '', "\n", '[b]$1[/b]', '[i]$1[/i]', diff --git a/include/items.php b/include/items.php index c076e0fbf7..beed024a1c 100644 --- a/include/items.php +++ b/include/items.php @@ -381,7 +381,7 @@ function get_atom_elements($feed,$item) { // It isn't certain at this point whether our content is plaintext or html and we'd be foolish to trust // the content type. Our own network only emits text normally, though it might have been converted to - // html if we used a pubsubhubbub transport. But if we see even one html open tag in our text, we will + // html if we used a pubsubhubbub transport. But if we see even one html tag in our text, we will // have to assume it is all html and needs to be purified. // It doesn't matter all that much security wise - because before this content is used anywhere, we are @@ -390,7 +390,7 @@ function get_atom_elements($feed,$item) { // html. - if(strpos($res['body'],'<')) { + if((strpos($res['body'],'<')) || (strpos($res['body'],'>'))) { $res['body'] = preg_replace('##s', '[youtube]$1[/youtube]', $res['body']); @@ -404,11 +404,12 @@ function get_atom_elements($feed,$item) { $purifier = new HTMLPurifier($config); $res['body'] = $purifier->purify($res['body']); + + $res['body'] = html2bbcode($res['body']); } - + else + $res['body'] = escape_tags($res['body']); - $res['body'] = html2bbcode($res['body']); - $allow = $item->get_item_tags(NAMESPACE_DFRN,'comment-allow'); if($allow && $allow[0]['data'] == 1) @@ -496,7 +497,7 @@ function get_atom_elements($feed,$item) { $body = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data']; // preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events $res['object'] .= '
' . xmlify($body) . ' ' . "\n"; - if(strpos($body,'<')) { + if((strpos($body,'<')) || (strpos($body,'>'))) { $body = preg_replace('##s', '[youtube]$1[/youtube]', $body); @@ -506,9 +507,11 @@ function get_atom_elements($feed,$item) { $purifier = new HTMLPurifier($config); $body = $purifier->purify($body); + $body = html2bbcode($body); } + else + $body = escape_tags($body); - $body = html2bbcode($body); $res['object'] .= '' . $body . ' ' . "\n"; } @@ -535,7 +538,7 @@ function get_atom_elements($feed,$item) { $body = $rawobj[0]['child'][SIMPLEPIE_NAMESPACE_ATOM_10]['summary'][0]['data']; // preserve a copy of the original body content in case we later need to parse out any microformat information, e.g. events $res['object'] .= '' . xmlify($body) . ' ' . "\n"; - if(strpos($body,'<')) { + if((strpos($body,'<')) || (strpos($body,'>'))) { $body = preg_replace('##s', '[youtube]$1[/youtube]', $body); @@ -545,9 +548,11 @@ function get_atom_elements($feed,$item) { $purifier = new HTMLPurifier($config); $body = $purifier->purify($body); + $body = html2bbcode($body); } + else + $body = escape_tags($body); - $body = html2bbcode($body); $res['target'] .= '' . $body . ' ' . "\n"; }