From 132033447be74eeafdc0852cde219b115bc20556 Mon Sep 17 00:00:00 2001 From: Graham Eames Date: Sat, 14 Jan 2006 23:06:10 +0000 Subject: [PATCH] Some changes to HTML handling if enabled. Note: We still recommend that HTML is not enabled git-svn-id: file:///svn/phpbb/branches/phpBB-2_0_0@5461 89ea8834-ac86-4346-8a33-228a782c2dd0 --- phpBB/includes/functions_post.php | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/phpBB/includes/functions_post.php b/phpBB/includes/functions_post.php index a971e702a2..1075b7f569 100644 --- a/phpBB/includes/functions_post.php +++ b/phpBB/includes/functions_post.php @@ -57,15 +57,20 @@ function prepare_message($message, $html_on, $bbcode_on, $smile_on, $bbcode_uid { $tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($message, $end_html + 1, ($start_html - $end_html - 1))); - if ($end_html = strpos($message, '>', $start_html)) + $element = addslashes(preg_replace('#^((?:"[^"]*"|\'[^\']*\'|`[^`]*`|[^>`\'"])+>).*#', '\1', stripslashes(substr($message, $start_html + 1, strlen($message) - $start_html)))); + $end_html = $start_html + strlen($element); + + if ($end_html != $start_html) { $length = $end_html - $start_html + 1; $hold_string = substr($message, $start_html, $length); - if (($unclosed_open = strrpos(' ' . $hold_string, '<')) != 1) + $short_hold_string = preg_replace('#.*(<(?:"[^"]*"|\'[^\']*\'|`[^`]*`|[^<>`\'"])+>)$#', '\1', $hold_string); + + if (strlen($short_hold_string) < $length) { - $tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($hold_string, 0, $unclosed_open - 1)); - $hold_string = substr($hold_string, $unclosed_open - 1); + $tmp_message .= preg_replace($html_entities_match, $html_entities_replace, substr($hold_string, 0, $length - strlen($short_hold_string))); + $hold_string = $short_hold_string; } $tagallowed = false;