mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-08-05 22:27:34 +02:00
Code Issues Releases Wiki Activity

cleanHtml() was urlencoding {e_XXXX} paths in html.

Browse Source
This commit is contained in:
Cameron
2013-05-01 03:13:29 -07:00
parent b5c96d787b
commit e064ae2085
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
e107_handlers/e_parse_class.php
View File

@@ -487,7 +487,9 @@ class e_parse extends e_parser
if (strip_tags($data) != $data) // html tags present.
{
$data = $this->cleanHtml($data); // sanitize all html.
$data = urldecode($data); // symptom of cleaning the HTML - urlencodes src attributes containing { and } .eg. {e_BASE}
// if ($this->htmlAbuseFilter($data)) $no_encode = FALSE; //XXX cleanHtml() is more effective.
}
@@ -503,7 +505,7 @@ class e_parse extends e_parser
{
$no_encode = TRUE;
}
if (is_numeric($original_author) && !check_class($core_pref->get('post_html'), '', $original_author))
{
$no_encode = FALSE;