[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_0BETA2-1485-gcc8e384

The branch, master has been updated via cc8e3849cf88f90218df6c5b6c42b1c4393d8ec3 (commit) from 59f561b4502f59a6b3387992074c6db4b17f1c15 (commit) - Log ----------------------------------------------------------------- commit cc8e3849cf88f90218df6c5b6c42b1c4393d8ec3 Author: Michal Čihař &lt;michal(a)cihar.com&gt; Date: Fri Jan 28 23:12:18 2011 +0100 The decodeBB did not escape <>, keep this functionality. ----------------------------------------------------------------------- Summary of changes: libraries/Message.class.php | 2 +- libraries/sanitizing.lib.php | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/libraries/Message.class.php b/libraries/Message.class.php index 6a4df5b..a985393 100644 --- a/libraries/Message.class.php +++ b/libraries/Message.class.php @@ -654,7 +654,7 @@ class PMA_Message */ static public function decodeBB($message) { - return PMA_sanitize($message, false); + return PMA_sanitize($message, false, true); } /** diff --git a/libraries/sanitizing.lib.php b/libraries/sanitizing.lib.php index 606c730..adb8df2 100644 --- a/libraries/sanitizing.lib.php +++ b/libraries/sanitizing.lib.php @@ -27,11 +27,12 @@ * * @access public */ -function PMA_sanitize($message, $escape = false) +function PMA_sanitize($message, $escape = false, $safe = false) { + if (!$safe) { + $message = strtr($message, array('<' => '&lt;', '>' => '&gt;')); + } $replace_pairs = array( - '<' => '&lt;', - '>' => '&gt;', '[i]' => '<em>', // deprecated by em '[/i]' => '</em>', // deprecated by em '[em]' => '<em>', hooks/post-receive -- phpMyAdmin