• R/O
  • SSH
  • HTTPS

macwiki: Commit


Commit MetaInfo

Revision763 (tree)
Time2012-07-03 01:32:33
Authortatyana

Log Message

- allow to work with HTML Tidy
- use 'preg_replace_callback()' instead of 'preg_replace()' because the pattern mofifier '/e' (PREG_REPLACE_EVAL) is potentially unsafe; see http://jp2.php.net/manual/ja/reference.pcre.pattern.modifiers.php
- <input> should be inside <p> (XHTML 1.1)

these changes are suggested by ocha - thanks!

Change Summary

Incremental Difference

--- tatyana/ArticleCommentsLite/ArticleCommentsLite.php (revision 762)
+++ tatyana/ArticleCommentsLite/ArticleCommentsLite.php (revision 763)
@@ -182,11 +182,11 @@
182182 $content =
183183 '<div id="commentForm">'.
184184 '<form method="post" action="'.$formAction.'">'.
185- '<input type="hidden" id="titleKey" name="titleKey" '.
185+ '<p><input type="hidden" id="titleKey" name="titleKey" '.
186186 'value="'.$title->getDBKey().'" />'.
187187 '<input type="hidden" id="titleNS" name="titleNS" '.
188188 'value="'.$title->getNamespace().'" />'.
189- '<p>'.wfMsgForContent($ac.'comment-field').
189+ wfMsgForContent($ac.'comment-field').
190190 '<input type="text" id="comment" name="comment" size="40" maxlength="512" />'.
191191 '<input id="submit" type="submit" value="'.wfMsgForContent($ac.'submit-button').'" /></p>'.
192192 '</form></div>';
@@ -206,9 +206,11 @@
206206 * @return Boolean Always tru to give other hooking methods a chance to run.
207207 */
208208 function wfProcessEncodedContent(&$out, &$text) {
209- $text = preg_replace(
210- '/<pre>@ENCODED@([0-9a-zA-Z\\+\\/]+=*)@ENCODED@<\\/pre>/e',
211- 'base64_decode("$1")',
209+ $text = preg_replace_callback(
210+ '|<pre>\s*@ENCODED@([0-9a-zA-Z+/]+=*)@ENCODED@\s*</pre>|',
211+ function ($m) {
212+ return base64_decode($m[1]);
213+ },
212214 $text
213215 );
214216 return true;
@@ -241,7 +243,13 @@
241243 $commenterName = '';
242244 $commenterURL = '';
243245 $comment = htmlspecialchars($_POST['comment']);
244- $comment = preg_replace('/([\[\]{}])/e', "'&#x'.bin2hex('\\1').';'", $comment);
246+ $comment = preg_replace_callback(
247+ '|([\[\]{}])|',
248+ function ($m) {
249+ return '&#x'.bin2hex($m[1]).';';
250+ },
251+ $comment
252+ );
245253
246254 # Perform validation checks on supplied fields
247255 $ac = 'article-comments-';
Show on old repository browser