require_once "include/event.php";
require_once "include/html2plain.php";
+require_once "include/html2bbcode.php";
require_once "mod/proxy.php";
class BBCode
}
if ($data["description"] != "" && $data["description"] != $data["title"]) {
- $return .= sprintf('<blockquote>%s</blockquote>', trim(BBCode::convert($data["description"])));
+ // Sanitize the HTML by converting it to BBCode
+ $bbcode = html2bbcode($data["description"]);
+ $return .= sprintf('<blockquote>%s</blockquote>', trim(self::convert($bbcode)));
}
-
if ($data["type"] == "link") {
$return .= sprintf('<sup><a href="%s">%s</a></sup>', $data['url'], parse_url($data['url'], PHP_URL_HOST));
}
if (strpos($text, '[/map]') !== false) {
$text = preg_replace_callback(
"/\[map\](.*?)\[\/map\]/ism",
- function ($match) {
- // the extra space in the following line is intentional
- // Whyyy? - @MrPetovan
- return str_replace($match[0], '<div class="map" >' . Map::byLocation($match[1]) . '</div>', $match[0]);
+ function ($match) use ($simple_html) {
+ return str_replace($match[0], '<p class="map">' . Map::byLocation($match[1], $simple_html) . '</p>', $match[0]);
},
$text
);
if (strpos($text, '[map=') !== false) {
$text = preg_replace_callback(
"/\[map=(.*?)\]/ism",
- function ($match) {
- // the extra space in the following line is intentional
- // Whyyy? - @MrPetovan
- return str_replace($match[0], '<div class="map" >' . Map::byCoordinates(str_replace('/', ' ', $match[1])) . '</div>', $match[0]);
+ function ($match) use ($simple_html) {
+ return str_replace($match[0], '<p class="map">' . Map::byCoordinates(str_replace('/', ' ', $match[1]), $simple_html) . '</p>', $match[0]);
},
$text
);
}
if (strpos($text, '[map]') !== false) {
- $text = preg_replace("/\[map\]/", '<div class="map"></div>', $text);
+ $text = preg_replace("/\[map\]/", '<p class="map"></p>', $text);
}
// Check for headers