Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-06 01:28:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix doliforge bug 1707

Browse Source
This commit is contained in:
Laurent Destailleur
2015-04-15 18:50:41 +02:00
parent 8511f1f7ef
commit e508b28d74
2 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/core/lib/functions.lib.php
View File

@@ -3787,7 +3787,7 @@ function dol_htmlentitiesbr($stringtoencode,$nl2brmode=0,$pagecodefrom='UTF-8',$
$newstring=strtr($newstring,array('__and__'=>'&','__lt__'=>'<','__gt__'=>'>','__dquot__'=>'"')); $newstring=strtr($newstring,array('__and__'=>'&','__lt__'=>'<','__gt__'=>'>','__dquot__'=>'"'));
} }
else else
{ {print 'eee';
if ($removelasteolbr) $newstring=preg_replace('/(\r\n|\r|\n)$/i','',$newstring); // Remove last \n (may remove several) if ($removelasteolbr) $newstring=preg_replace('/(\r\n|\r|\n)$/i','',$newstring); // Remove last \n (may remove several)
$newstring=dol_nl2br(dol_htmlentities($newstring,ENT_COMPAT,$pagecodefrom),$nl2brmode); $newstring=dol_nl2br(dol_htmlentities($newstring,ENT_COMPAT,$pagecodefrom),$nl2brmode);
} }
@@ -3975,7 +3975,8 @@ function dol_textishtml($msg,$option=0)
elseif (preg_match('/<(br|div|font|li|span|strong|table)>/i',$msg)) return true; elseif (preg_match('/<(br|div|font|li|span|strong|table)>/i',$msg)) return true;
elseif (preg_match('/<(br|div|font|li|span|strong|table)\s+[^<>\/]*>/i',$msg)) return true; elseif (preg_match('/<(br|div|font|li|span|strong|table)\s+[^<>\/]*>/i',$msg)) return true;
elseif (preg_match('/<(br|div|font|li|span|strong|table)\s+[^<>\/]*\/>/i',$msg)) return true; elseif (preg_match('/<(br|div|font|li|span|strong|table)\s+[^<>\/]*\/>/i',$msg)) return true;
elseif (preg_match('/<(img)\s+[^<>]*>/i',$msg)) return true; // must accept <img src="http://mydomain.com/aaa.png" /> elseif (preg_match('/<img\s+[^<>]*src[^<>]*>/i',$msg)) return true; // must accept <img src="http://mydomain.com/aaa.png" />
elseif (preg_match('/<a\s+[^<>]*href[^<>]*>/i',$msg)) return true; // must accept <a href="http://mydomain.com/aaa.png" />
elseif (preg_match('/<h[0-9]>/i',$msg)) return true; elseif (preg_match('/<h[0-9]>/i',$msg)) return true;
elseif (preg_match('/&[A-Z0-9]{1,6};/i',$msg)) return true; // Html entities names (http://www.w3schools.com/tags/ref_entities.asp) elseif (preg_match('/&[A-Z0-9]{1,6};/i',$msg)) return true; // Html entities names (http://www.w3schools.com/tags/ref_entities.asp)
elseif (preg_match('/&#[0-9]{2,3};/i',$msg)) return true; // Html entities numbers (http://www.w3schools.com/tags/ref_entities.asp) elseif (preg_match('/&#[0-9]{2,3};/i',$msg)) return true; // Html entities numbers (http://www.w3schools.com/tags/ref_entities.asp)

9
test/phpunit/FunctionsLibTest.php
View File

@@ -204,9 +204,12 @@ class FunctionsLibTest extends PHPUnit_Framework_TestCase
$input='<h2>abc</h2>'; $input='<h2>abc</h2>';
$after=dol_textishtml($input); $after=dol_textishtml($input);
$this->assertTrue($after); $this->assertTrue($after);
$input='<img src="https://xxx.com/aaa/image.png" />'; $input='<img id="abc" src="https://xxx.com/aaa/image.png" />';
$after=dol_textishtml($input); $after=dol_textishtml($input);
$this->assertTrue($after,'Failure on test of img tag'); $this->assertTrue($after,'Failure on test of img tag');
$input='<a class="azerty" href="https://xxx.com/aaa/image.png" />';
$after=dol_textishtml($input);
$this->assertTrue($after,'Failure on test of a tag');
// False // False
$input='xxx < br>'; $input='xxx < br>';
@@ -218,6 +221,10 @@ class FunctionsLibTest extends PHPUnit_Framework_TestCase
$input='xxx <brstyle="ee">'; $input='xxx <brstyle="ee">';
$after=dol_textishtml($input); $after=dol_textishtml($input);
$this->assertFalse($after); $this->assertFalse($after);
$input='This is a text with html comments <!-- comment -->'; // we suppose this is not enough to be html content
$after=dol_textishtml($input);
$this->assertFalse($after);
} }