Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 09:38:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix style section in html header lost

Browse Source
This commit is contained in:
Laurent Destailleur
2024-10-13 02:01:14 +02:00
parent d3f063b671
commit 740bfe3442
2 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/class/doleditor.class.php
View File

@@ -299,7 +299,7 @@ class DolEditor
$found = 1; $found = 1;
$format = $option; $format = $option;
$out .= "\n".'<!-- Output Ace editor -->'."\n"; $out .= "\n".'<!-- Output Ace editor '.dol_string_nohtmltag($this->htmlname).' -->'."\n";
if ($titlecontent) { if ($titlecontent) {
$out .= '<div class="aceeditorstatusbar" id="statusBar'.$this->htmlname.'">'.$titlecontent; $out .= '<div class="aceeditorstatusbar" id="statusBar'.$this->htmlname.'">'.$titlecontent;

10
htdocs/core/lib/functions.lib.php
View File

@@ -8016,11 +8016,12 @@ function dol_string_nohtmltag($stringtoclean, $removelinefeed = 1, $pagecodeto =
* @param string[] $allowed_tags List of allowed tags to replace the default list * @param string[] $allowed_tags List of allowed tags to replace the default list
* @param int $allowlink Allow "link" tags (for head html section) * @param int $allowlink Allow "link" tags (for head html section)
* @param int $allowscript Allow "script" tags (for head html section) * @param int $allowscript Allow "script" tags (for head html section)
* @param int $allowstyle Allow "style" tags (for head html section)
* @return string String cleaned * @return string String cleaned
* *
* @see dol_htmlwithnojs() dol_escape_htmltag() strip_tags() dol_string_nohtmltag() dol_string_neverthesehtmltags() * @see dol_htmlwithnojs() dol_escape_htmltag() strip_tags() dol_string_nohtmltag() dol_string_neverthesehtmltags()
*/ */
function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1, $removeclassattribute = 1, $cleanalsojavascript = 0, $allowiframe = 0, $allowed_tags = array(), $allowlink = 0, $allowscript = 0) function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1, $removeclassattribute = 1, $cleanalsojavascript = 0, $allowiframe = 0, $allowed_tags = array(), $allowlink = 0, $allowscript = 0, $allowstyle = 0)
{ {
if (empty($allowed_tags)) { if (empty($allowed_tags)) {
$allowed_tags = array( $allowed_tags = array(
@@ -8045,6 +8046,11 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1,
$allowed_tags[] = "script"; $allowed_tags[] = "script";
} }
} }
if ($allowstyle) {
if (!in_array('style', $allowed_tags)) {
$allowed_tags[] = "style";
}
}
$allowed_tags_string = implode("><", $allowed_tags); $allowed_tags_string = implode("><", $allowed_tags);
$allowed_tags_string = '<'.$allowed_tags_string.'>'; $allowed_tags_string = '<'.$allowed_tags_string.'>';
@@ -8421,7 +8427,7 @@ function dol_htmlwithnojs($stringtoencode, $nouseofiframesandbox = 0, $check = '
// Keep only some html tags and remove also some 'javascript:' strings // Keep only some html tags and remove also some 'javascript:' strings
if ($check == 'restricthtmlallowlinkscript') { if ($check == 'restricthtmlallowlinkscript') {
$out = dol_string_onlythesehtmltags($out, 0, 1, 0, 0, array(), 1, 1); $out = dol_string_onlythesehtmltags($out, 0, 1, 0, 0, array(), 1, 1, 1);
} elseif ($check == 'restricthtmlallowclass' || $check == 'restricthtmlallowunvalid') { } elseif ($check == 'restricthtmlallowclass' || $check == 'restricthtmlallowunvalid') {
$out = dol_string_onlythesehtmltags($out, 0, 0, 1); $out = dol_string_onlythesehtmltags($out, 0, 0, 1);
} else { } else {