r31k
/
bludit
2
0
Fork 0
Code Issues 1 Pull Requests Releases Wiki Activity

Bug fixes

This commit is contained in:
dignajar 2015-06-27 20:28:22 -03:00
parent 9e523d307f
commit 3c2e5e8ce7
8 changed files with 62 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
admin/themes/default/css/default.css
View File

@ -169,6 +169,7 @@ div.pluginBox {
box-sizing: border-box; box-sizing: border-box;
padding: 20px; padding: 20px;
width: 70%; width: 70%;
margin-bottom: 20px;
} }
div.pluginBox p { div.pluginBox p {

2
admin/views/edit-page.php
View File

@ -11,7 +11,7 @@
<label> <label>
Content <span class="forms-desc">HTML and Markdown code supported.</span> Content <span class="forms-desc">HTML and Markdown code supported.</span>
<textarea name="content" rows="10" class="width-70"><?php echo $_Page->contentRaw() ?></textarea> <textarea name="content" rows="10" class="width-70"><?php echo $_Page->contentRaw(false) ?></textarea>
</label> </label>
<?php <?php

2
admin/views/edit-post.php
View File

@ -11,7 +11,7 @@
<label> <label>
Content <span class="forms-desc">HTML and Markdown code supported.</span> Content <span class="forms-desc">HTML and Markdown code supported.</span>
<textarea name="content" rows="10" class="width-70"><?php echo $_Post->contentRaw() ?></textarea> <textarea name="content" rows="10" class="width-70"><?php echo $_Post->contentRaw(false) ?></textarea>
</label> </label>
<?php <?php

3
kernel/abstract/filecontent.class.php
View File

@ -83,9 +83,10 @@ class fileContent
} }
$implode = implode($output); $implode = implode($output);
$this->vars['content'] = $implode;
// Sanitize content. // Sanitize content.
$this->vars['content'] = Sanitize::html($implode); //$this->vars['content'] = Sanitize::html($implode);
} }
} }

14
kernel/helpers/sanitize.class.php
View File

@ -3,6 +3,8 @@
class Sanitize { class Sanitize {
// new // new
// Convert special characters to HTML entities
public static function html($text) public static function html($text)
{ {
$flags = ENT_COMPAT; $flags = ENT_COMPAT;
@ -14,6 +16,18 @@ class Sanitize {
return htmlspecialchars($text, $flags, CHARSET); return htmlspecialchars($text, $flags, CHARSET);
} }
// Convert special HTML entities back to characters
public static function htmlDecode($text)
{
$flags = ENT_COMPAT;
if(defined('ENT_HTML5')) {
$flags = ENT_COMPAT|ENT_HTML5;
}
return htmlspecialchars_decode($text, $flags);
}
public static function pathFile($path, $file) public static function pathFile($path, $file)
{ {
$real = realpath($path.$file); $real = realpath($path.$file);

25
kernel/page.class.php
View File

@ -16,14 +16,31 @@ class Page extends fileContent
} }
// Returns the post content. // Returns the post content.
public function content() // This content is markdown parser.
public function content($html=true)
{ {
return $this->getField('content'); // This content is not sanitized.
$content = $this->getField('content');
if($html) {
return $content;
} }
public function contentRaw() return Sanitize::html($content);
}
// Returns the post content.
// This content is not markdown parser.
public function contentRaw($html=true)
{ {
return $this->getField('contentRaw'); // This content is not sanitized.
$contentRaw = $this->getField('contentRaw');
if($html) {
return $contentRaw;
}
return Sanitize::html($contentRaw);
} }
public function description() public function description()

25
kernel/post.class.php
View File

@ -16,14 +16,31 @@ class Post extends fileContent
} }
// Returns the post content. // Returns the post content.
public function content() // This content is markdown parser.
public function content($html=true)
{ {
return $this->getField('content'); // This content is not sanitized.
$content = $this->getField('content');
if($html) {
return $content;
} }
public function contentRaw() return Sanitize::html($content);
}
// Returns the post content.
// This content is not markdown parser.
public function contentRaw($html=true)
{ {
return $this->getField('contentRaw'); // This content is not sanitized.
$contentRaw = $this->getField('contentRaw');
if($html) {
return $contentRaw;
}
return Sanitize::html($contentRaw);
} }
public function key() public function key()