[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_0BETA2-1485-gcc8e384
The branch, master has been updated via cc8e3849cf88f90218df6c5b6c42b1c4393d8ec3 (commit) from 59f561b4502f59a6b3387992074c6db4b17f1c15 (commit)
- Log ----------------------------------------------------------------- commit cc8e3849cf88f90218df6c5b6c42b1c4393d8ec3 Author: Michal Čihař michal@cihar.com Date: Fri Jan 28 23:12:18 2011 +0100
The decodeBB did not escape <>, keep this functionality.
-----------------------------------------------------------------------
Summary of changes: libraries/Message.class.php | 2 +- libraries/sanitizing.lib.php | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/libraries/Message.class.php b/libraries/Message.class.php index 6a4df5b..a985393 100644 --- a/libraries/Message.class.php +++ b/libraries/Message.class.php @@ -654,7 +654,7 @@ class PMA_Message */ static public function decodeBB($message) { - return PMA_sanitize($message, false); + return PMA_sanitize($message, false, true); }
/** diff --git a/libraries/sanitizing.lib.php b/libraries/sanitizing.lib.php index 606c730..adb8df2 100644 --- a/libraries/sanitizing.lib.php +++ b/libraries/sanitizing.lib.php @@ -27,11 +27,12 @@ * * @access public */ -function PMA_sanitize($message, $escape = false) +function PMA_sanitize($message, $escape = false, $safe = false) { + if (!$safe) { + $message = strtr($message, array('<' => '<', '>' => '>')); + } $replace_pairs = array( - '<' => '<', - '>' => '>', '[i]' => '<em>', // deprecated by em '[/i]' => '</em>', // deprecated by em '[em]' => '<em>',
hooks/post-receive
-
Michal Čihař