[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_0BETA2-1485-gcc8e384
Michal Čihař
nijel at users.sourceforge.net
Fri Jan 28 23:12:30 CET 2011
The branch, master has been updated
via cc8e3849cf88f90218df6c5b6c42b1c4393d8ec3 (commit)
from 59f561b4502f59a6b3387992074c6db4b17f1c15 (commit)
- Log -----------------------------------------------------------------
commit cc8e3849cf88f90218df6c5b6c42b1c4393d8ec3
Author: Michal Čihař <michal at cihar.com>
Date: Fri Jan 28 23:12:18 2011 +0100
The decodeBB did not escape <>, keep this functionality.
-----------------------------------------------------------------------
Summary of changes:
libraries/Message.class.php | 2 +-
libraries/sanitizing.lib.php | 7 ++++---
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/libraries/Message.class.php b/libraries/Message.class.php
index 6a4df5b..a985393 100644
--- a/libraries/Message.class.php
+++ b/libraries/Message.class.php
@@ -654,7 +654,7 @@ class PMA_Message
*/
static public function decodeBB($message)
{
- return PMA_sanitize($message, false);
+ return PMA_sanitize($message, false, true);
}
/**
diff --git a/libraries/sanitizing.lib.php b/libraries/sanitizing.lib.php
index 606c730..adb8df2 100644
--- a/libraries/sanitizing.lib.php
+++ b/libraries/sanitizing.lib.php
@@ -27,11 +27,12 @@
*
* @access public
*/
-function PMA_sanitize($message, $escape = false)
+function PMA_sanitize($message, $escape = false, $safe = false)
{
+ if (!$safe) {
+ $message = strtr($message, array('<' => '<', '>' => '>'));
+ }
$replace_pairs = array(
- '<' => '<',
- '>' => '>',
'[i]' => '<em>', // deprecated by em
'[/i]' => '</em>', // deprecated by em
'[em]' => '<em>',
hooks/post-receive
--
phpMyAdmin
More information about the Git
mailing list