From 01e461546e4b7e6310fb6fd427a171a8b7afbd53 Mon Sep 17 00:00:00 2001
From: atm-lena <lena.papazian@atm-consulting.fr>
Date: Wed, 8 Mar 2023 14:28:43 +0100
Subject: [PATCH 1/4] FIX dol_textishtml() function

---
 htdocs/core/lib/functions.lib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index aa7294eac75..0924e95e8ed 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -7483,7 +7483,7 @@ function dol_textishtml($msg, $option = 0)
 			return true;
 		} elseif (preg_match('/<\/textarea/i', $msg)) {
 			return true;
-		} elseif (preg_match('/<(b|em|i|u)>/i', $msg)) {
+		} elseif (preg_match('/<(b|em|i|u)[^>]*>/i', $msg)) {
 			return true;
 		} elseif (preg_match('/<br/i', $msg)) {
 			return true;
@@ -7498,7 +7498,7 @@ function dol_textishtml($msg, $option = 0)
 			return true;
 		} elseif (preg_match('/<\/textarea/i', $msg)) {
 			return true;
-		} elseif (preg_match('/<(b|em|i|u)>/i', $msg)) {
+		} elseif (preg_match('/<(b|em|i|u)[^>]*>/i', $msg)) {
 			return true;
 		} elseif (preg_match('/<br\/>/i', $msg)) {
 			return true;

From e68076b8f16973e4735ec9249dfe45da094ddac6 Mon Sep 17 00:00:00 2001
From: atm-lena <lena.papazian@atm-consulting.fr>
Date: Tue, 21 Mar 2023 13:34:22 +0100
Subject: [PATCH 2/4] Add better protect

---
 htdocs/core/lib/functions.lib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 0924e95e8ed..e6f38d50da2 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -7483,7 +7483,7 @@ function dol_textishtml($msg, $option = 0)
 			return true;
 		} elseif (preg_match('/<\/textarea/i', $msg)) {
 			return true;
-		} elseif (preg_match('/<(b|em|i|u)[^>]*>/i', $msg)) {
+		} elseif (preg_match('/<(b|em|i|u)(\s*[^>]+)?>/i', $msg)) {
 			return true;
 		} elseif (preg_match('/<br/i', $msg)) {
 			return true;
@@ -7498,7 +7498,7 @@ function dol_textishtml($msg, $option = 0)
 			return true;
 		} elseif (preg_match('/<\/textarea/i', $msg)) {
 			return true;
-		} elseif (preg_match('/<(b|em|i|u)[^>]*>/i', $msg)) {
+		} elseif (preg_match('/<(b|em|i|u)(\s*[^>]+)?>/i', $msg)) {
 			return true;
 		} elseif (preg_match('/<br\/>/i', $msg)) {
 			return true;

From 0ddf48869afdae46eb3c7c51b9559b57c28aaeae Mon Sep 17 00:00:00 2001
From: atm-lena <lena.papazian@atm-consulting.fr>
Date: Tue, 21 Mar 2023 14:03:55 +0100
Subject: [PATCH 3/4] Add unit test fol_textishtml()

---
 test/phpunit/FunctionsLibTest.php | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/test/phpunit/FunctionsLibTest.php b/test/phpunit/FunctionsLibTest.php
index d910a9f9d57..f0bb0b9ac2f 100644
--- a/test/phpunit/FunctionsLibTest.php
+++ b/test/phpunit/FunctionsLibTest.php
@@ -577,6 +577,9 @@ class FunctionsLibTest extends PHPUnit\Framework\TestCase
 		$input='This is a text with accent &eacute;';
 		$after=dol_textishtml($input);
 		$this->assertTrue($after, 'Test with a &eacute;');
+		$input='<i class="abc">xxx</i>';
+		$after=dol_textishtml($input);
+		$this->assertTrue($after, 'Test with i tag and class;');
 
 		// False
 		$input='xxx < br>';

From af945c190173bbef3ed7ba1ca369c92b7ec1c5a0 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 26 Mar 2023 18:15:32 +0200
Subject: [PATCH 4/4] Update functions.lib.php

---
 htdocs/core/lib/functions.lib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index e6f38d50da2..e7fd28eb927 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -7483,7 +7483,7 @@ function dol_textishtml($msg, $option = 0)
 			return true;
 		} elseif (preg_match('/<\/textarea/i', $msg)) {
 			return true;
-		} elseif (preg_match('/<(b|em|i|u)(\s*[^>]+)?>/i', $msg)) {
+		} elseif (preg_match('/<(b|em|i|u)(\s+[^>]+)?>/i', $msg)) {
 			return true;
 		} elseif (preg_match('/<br/i', $msg)) {
 			return true;
@@ -7498,7 +7498,7 @@ function dol_textishtml($msg, $option = 0)
 			return true;
 		} elseif (preg_match('/<\/textarea/i', $msg)) {
 			return true;
-		} elseif (preg_match('/<(b|em|i|u)(\s*[^>]+)?>/i', $msg)) {
+		} elseif (preg_match('/<(b|em|i|u)(\s+[^>]+)?>/i', $msg)) {
 			return true;
 		} elseif (preg_match('/<br\/>/i', $msg)) {
 			return true;