diff options
| author | Nick Palmer <nick@sluggardy.net> | 2007-05-17 14:14:31 +0000 |
|---|---|---|
| committer | Nick Palmer <nick@sluggardy.net> | 2007-05-17 14:14:31 +0000 |
| commit | 43ca21cfbdb6a9419b6fc1ade9523f4c81bc58e8 (patch) | |
| tree | 7d651afa18a29e871010453f8ff8c3661b06e257 /plugins/format.tikiwiki.php | |
| parent | 0b3f88362e221a1613e6bca8596f013b0942abbd (diff) | |
| download | liberty-43ca21cfbdb6a9419b6fc1ade9523f4c81bc58e8.tar.gz liberty-43ca21cfbdb6a9419b6fc1ade9523f4c81bc58e8.tar.bz2 liberty-43ca21cfbdb6a9419b6fc1ade9523f4c81bc58e8.zip | |
Integrate HTMLPurifier into liberty.
Diffstat (limited to 'plugins/format.tikiwiki.php')
| -rw-r--r-- | plugins/format.tikiwiki.php | 16 |
1 files changed, 3 insertions, 13 deletions
diff --git a/plugins/format.tikiwiki.php b/plugins/format.tikiwiki.php index df591e7..e2fd12a 100644 --- a/plugins/format.tikiwiki.php +++ b/plugins/format.tikiwiki.php @@ -1,6 +1,6 @@ <?php /** - * @version $Revision: 1.93 $ + * @version $Revision: 1.94 $ * @package liberty */ global $gLibertySystem; @@ -759,7 +759,7 @@ class TikiWikiParser extends BitBase { } function parse_data( $pParseHash, &$pCommonObject ) { - global $gBitSystem, $gBitUser, $page; + global $gBitSystem, $gLibertySystem, $gBitUser, $page; $data = $pParseHash['data']; $contentId = $pParseHash['content_id']; @@ -783,17 +783,7 @@ class TikiWikiParser extends BitBase { // disable HTML in wiki page for now - very disruptive. should be changed into a per page setting - xing if( !empty( $contentPrefs['content_enter_html'] ) ) { - // this is copied and pasted from format.bithtml.php - xing - // Strip all evil tags that remain - // this comes out of gBitSystem->getConfig() set in Liberty Admin - $acceptableTags = $gBitSystem->getConfig( 'approved_html_tags', DEFAULT_ACCEPTABLE_TAGS ); - - // Destroy all script code "manually" - strip_tags will leave code inline as plain text - if( !preg_match( '/\<script\>/', $acceptableTags ) ) { - $data = preg_replace( "/(\<script)(.*?)(script\>)/si", '', $data ); - } - - $data = strip_tags( $data, $acceptableTags ); + $data = $gLibertySystem->purifyHtml($data); } elseif( !$gBitSystem->isFeatureActive( 'content_allow_html' ) ) { // convert HTML to chars $data = htmlspecialchars( $data, ENT_NOQUOTES, 'UTF-8' ); |
