mbirth/LuckyCoinkydink
1
0
Fork 0
Code Issues Pull Requests Activity

[plugin_comments] Don't strip HTML unconditionally.

Browse Source 
If serendipity_event_unstrip_tags is active, we
don't want to strip HTML tags from comments; we
want to keep and encode them with entities. So
we should do that here, too.

As the frontend_display hook - that is catched by
serendipity_event_unstrip_tags - is called quite
late, we have to skip the strip_tags() call
before truncatin the entry.

(I'm not sure why we first strip _all_ tags and
later on keep _some_ tags (that have already
been removed), but that's maybe because the
frontend_display hook may have re-added some
tags? Be it as it may, we do that for 14
years, so I don't want to change that now.)

Signed-off-by: Thomas Hochstein <thh@inter.net>
This commit is contained in:
Thomas Hochstein 2020-04-24 14:49:25 +02:00
parent 6c15c802d5
commit 05840cb189
3 changed files with 21 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/NEWS
View File

@ -1,16 +1,20 @@
Version 2.3.5-beta1 ()
------------------------------------------------------------------------
* Fix: Don't strip HTML from comments body in serendipity_plugin_comments
before serendipity_event_unstrip_tags can convert the HTML tags
(being called via frontend_display hook). (#702)
* Fix: [CKE] Don't remove <details> and <summary> elements from
WYSIWYG editor.
* Fix: Don't delete extend properties from the entryproperties
plugin when publishing from dashboard (or sending
delayed trackbacks).
delayed trackbacks). (#695)
* Fix: SQL error in serendipity_plugin_history present since we
"don't allow requesting an archive page that doesn't exist"
(2.3.3).
(2.3.3). (#694)
* Fix: Entry title in backend list of entries was double escaped.
@ -19,7 +23,7 @@ Version 2.3.5-beta1 ()
* Fix: Regular expression in functions_routing.inc.php
* Fix: Truncate extension of media items to 5 chars (which ist the
max length of the corresponding database field).
max length of the corresponding database field). (#609)
Thanks to @mmitch!
Version 2.3.4 (March 25th, 2020)

5
plugins/serendipity_plugin_comments/ChangeLog
View File

@ -1,3 +1,8 @@
Version 1.17:
------------------------------------------------------------------------
* Fix: Don't strip HTML tags from comment body before truncating if
serendipity_event_unstrip_tags is active, so it may actually
preserve the tags (and replace them with entities).
Version 1.16:
------------------------------------------------------------------------
* Fix: wordwrap at word boundaries instead of "truncating" the lines

12
plugins/serendipity_plugin_comments/serendipity_plugin_comments.php
View File

@ -20,7 +20,7 @@ class serendipity_plugin_comments extends serendipity_plugin
$propbag->add('description', PLUGIN_COMMENTS_BLAHBLAH);
$propbag->add('stackable', true);
$propbag->add('author', 'Garvin Hicking, Tadashi Jokagi, Judebert, G. Brockhaus');
$propbag->add('version', '1.16');
$propbag->add('version', '1.17');
$propbag->add('requirements', array(
'serendipity' => '1.6',
'smarty' => '2.6.7',
@ -193,11 +193,17 @@ class serendipity_plugin_comments extends serendipity_plugin
if ($sql && is_array($sql)) {
foreach($sql AS $key => $row) {
# don't strip HTML tags if serendipity_event_unstrip_tags is active
if (!class_exists('serendipity_event_unstrip_tags')) {
$comment = strip_tags($row['comment']);
} else {
$comment = $row['comment'];
}
# truncate comment to $max_chars
if (function_exists('mb_strimwidth')) {
$comment = mb_strimwidth(strip_tags($row['comment']), 0, $max_chars, " [...]", LANG_CHARSET);
$comment = mb_strimwidth($comment, 0, $max_chars, " [...]", LANG_CHARSET);
} else {
$comments = wordwrap(strip_tags($row['comment']), $max_chars, '@@@', 1);
$comments = wordwrap($comment, $max_chars, '@@@', 1);
$aComment = explode('@@@', $comments);
$comment = $aComment[0];
if (count($aComment) > 1) {