mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 20:58:30 +01:00
Code Issues Releases Wiki Activity

Corrected internal parser conflict when code/pre tags contained curly brackets.

Browse Source
This commit is contained in:
Cameron 2020-04-12 12:03:03 -07:00
parent 0e3f87cf25
commit 1d4bc0e95a
2 changed files with 33 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
e107_handlers/e_parse_class.php
View File

@ -5372,12 +5372,12 @@ return;
$html = str_replace('>','>',$html);
}
$html = str_replace(' ', '{E_PARSER_CLEAN_HTML_NON_BREAKING_SPACE}', $html); // prevent replacement of   with spaces.
$html = str_replace(' ', '__E_PARSER_CLEAN_HTML_NON_BREAKING_SPACE__', $html); // prevent replacement of   with spaces.
// Workaround for https://bugs.php.net/bug.php?id=76285
// Part 1 of 2
$html = str_replace("\n", "{E_PARSER_CLEAN_HTML_LINE_BREAK}", $html);
$html = str_replace("\n", "__E_PARSER_CLEAN_HTML_LINE_BREAK__", $html);
$html = str_replace("{", "__E_PARSER_CLEAN_HTML_CURLY_OPEN__", $html);
$html = str_replace("}", "__E_PARSER_CLEAN_HTML_CURLY_CLOSED__", $html);
if(strpos($html, "<body")===false) // HTML Fragment
@ -5529,16 +5529,16 @@ return;
$value = str_replace('<br></br>', PHP_EOL, $value);
}
if($node->nodeName === 'code')
elseif($node->nodeName === 'code')
{
$value = preg_replace('/^<code[^>]*>/', '', $value);
$value = str_replace("</code>", "", $value);
$value = str_replace("<br></br>", PHP_EOL, $value);
}
$value = str_replace('{', '{{{', $value); // temporarily change {e_XXX} to {{{e_XXX}}}
$value = str_replace('}', '}}}', $value); // temporarily change {e_XXX} to {{{e_XXX}}}
$value = str_replace('__E_PARSER_CLEAN_HTML_CURLY_OPEN__', '{{{', $value); // temporarily change {e_XXX} to {{{e_XXX}}}
$value = str_replace('__E_PARSER_CLEAN_HTML_CURLY_CLOSED__', '}}}', $value); // temporarily change {e_XXX} to {{{e_XXX}}}
$newNode = $doc->createElement($node->nodeName);
$newNode->nodeValue = $value;
@ -5591,13 +5591,16 @@ return;
// Workaround for https://bugs.php.net/bug.php?id=76285
// Part 2 of 2
$cleaned = str_replace("\n", "", $cleaned);
$cleaned = str_replace("{E_PARSER_CLEAN_HTML_LINE_BREAK}", "\n", $cleaned);
$cleaned = str_replace("__E_PARSER_CLEAN_HTML_LINE_BREAK__", "\n", $cleaned);
$cleaned = str_replace('{E_PARSER_CLEAN_HTML_NON_BREAKING_SPACE}', '&nbsp;', $cleaned); // prevent replacement of &nbsp; with spaces. - convert back.
$cleaned = str_replace('__E_PARSER_CLEAN_HTML_NON_BREAKING_SPACE__', '&nbsp;', $cleaned); // prevent replacement of &nbsp; with spaces. - convert back.
$cleaned = str_replace('{{{','&#123;', $cleaned); // convert shortcode temporary triple-curly braces back to entities.
$cleaned = str_replace('}}}','&#125;', $cleaned); // convert shortcode temporary triple-curly braces back to entities.
$cleaned = str_replace("__E_PARSER_CLEAN_HTML_CURLY_OPEN__","{", $cleaned);
$cleaned = str_replace("__E_PARSER_CLEAN_HTML_CURLY_CLOSED__","}", $cleaned);
$cleaned = str_replace(array('<body>','</body>'),'', $cleaned); // filter out tags.
return trim($cleaned);

21
e107_tests/tests/unit/e_parseTest.php
View File

@ -350,6 +350,23 @@ TMP;
'input' => '< 200',
'expected' => '&lt; 200',
),
23 => array(
'input' => '[html]<pre>echo {e_BASE}."index.php";</pre>[/html]',
'expected' => '[html]<pre>echo &#123;e_BASE&#125;.&quot;index.php&quot;;</pre>[/html]'
),
24 => array(
'input' => '[html]<code>echo {e_BASE}."index.php";</code>[/html]',
'expected' => '[html]<code>echo &#123;e_BASE&#125;.&quot;index.php&quot;;</code>[/html]'
),
25 => array(
'input' => '[html]<img src="{e_BASE}image.jpg" alt="">[/html]',
'expected' => '[html]<img src=&quot;{e_BASE}image.jpg&quot; alt=&quot;&quot;>[/html]'
),
26 => array(
'input' => "[html]<code>function sc_my_shortcode(){\nreturn \"Something\";}</code>[/html]",
'expected' => "[html]<code>function sc_my_shortcode()&#123;\nreturn &quot;Something&quot;;&#125;</code>[/html]"
),
);
@ -1013,6 +1030,9 @@ TMP;
// 1 => array('html' => '<script>alert(123)</script>', 'expected'=>''),
// 2 => array('html' => '"><script>alert(123)</script>', 'expected'=>'"&gt;'),
3 => array('html' => '< 200', 'expected'=>'&lt; 200'),
4 => array('html' => "<code>function sc_my_shortcode(){\nreturn \"Something\";}</code>", 'expected' => "<code>function sc_my_shortcode()&#123;\nreturn \"Something\";&#125;</code>"),
5 => array('html' => "<pre class=\"prettyprint linenums\">function sc_my_shortcode(){\nreturn \"Something\";}</pre>", 'expected' => "<pre class=\"prettyprint linenums\">function sc_my_shortcode()&#123;\nreturn \"Something\";&#125;</pre>"),
6 => array('html' => '<img src="{e_BASE}image.jpg" alt="">', 'expected'=>'<img src="{e_BASE}image.jpg" alt="">'),
);
@ -1020,7 +1040,6 @@ TMP;
{
$result = $this->tp->cleanHtml($var['html']);
$this->assertEquals($var['expected'], $result);
// FIXME: This test doesn't do anything?
}