summaryrefslogtreecommitdiff
path: root/plugins/format.tikiwiki.php
diff options
context:
space:
mode:
authorNick Palmer <nick@sluggardy.net>2007-05-17 14:14:31 +0000
committerNick Palmer <nick@sluggardy.net>2007-05-17 14:14:31 +0000
commit43ca21cfbdb6a9419b6fc1ade9523f4c81bc58e8 (patch)
tree7d651afa18a29e871010453f8ff8c3661b06e257 /plugins/format.tikiwiki.php
parent0b3f88362e221a1613e6bca8596f013b0942abbd (diff)
downloadliberty-43ca21cfbdb6a9419b6fc1ade9523f4c81bc58e8.tar.gz
liberty-43ca21cfbdb6a9419b6fc1ade9523f4c81bc58e8.tar.bz2
liberty-43ca21cfbdb6a9419b6fc1ade9523f4c81bc58e8.zip
Integrate HTMLPurifier into liberty.
Diffstat (limited to 'plugins/format.tikiwiki.php')
-rw-r--r--plugins/format.tikiwiki.php16
1 files changed, 3 insertions, 13 deletions
diff --git a/plugins/format.tikiwiki.php b/plugins/format.tikiwiki.php
index df591e7..e2fd12a 100644
--- a/plugins/format.tikiwiki.php
+++ b/plugins/format.tikiwiki.php
@@ -1,6 +1,6 @@
<?php
/**
- * @version $Revision: 1.93 $
+ * @version $Revision: 1.94 $
* @package liberty
*/
global $gLibertySystem;
@@ -759,7 +759,7 @@ class TikiWikiParser extends BitBase {
}
function parse_data( $pParseHash, &$pCommonObject ) {
- global $gBitSystem, $gBitUser, $page;
+ global $gBitSystem, $gLibertySystem, $gBitUser, $page;
$data = $pParseHash['data'];
$contentId = $pParseHash['content_id'];
@@ -783,17 +783,7 @@ class TikiWikiParser extends BitBase {
// disable HTML in wiki page for now - very disruptive. should be changed into a per page setting - xing
if( !empty( $contentPrefs['content_enter_html'] ) ) {
- // this is copied and pasted from format.bithtml.php - xing
- // Strip all evil tags that remain
- // this comes out of gBitSystem->getConfig() set in Liberty Admin
- $acceptableTags = $gBitSystem->getConfig( 'approved_html_tags', DEFAULT_ACCEPTABLE_TAGS );
-
- // Destroy all script code "manually" - strip_tags will leave code inline as plain text
- if( !preg_match( '/\<script\>/', $acceptableTags ) ) {
- $data = preg_replace( "/(\<script)(.*?)(script\>)/si", '', $data );
- }
-
- $data = strip_tags( $data, $acceptableTags );
+ $data = $gLibertySystem->purifyHtml($data);
} elseif( !$gBitSystem->isFeatureActive( 'content_allow_html' ) ) {
// convert HTML to chars
$data = htmlspecialchars( $data, ENT_NOQUOTES, 'UTF-8' );