Changeset 4245 for trunk/licqweb

Timestamp:

10/01/05 16:14:50 (3 years ago)

Author:

phatfil

Message:

modified kses.php slightly so that html tags that aren't allowed are now shown as plain text (instead of removing the whole tag + text)

Location:

trunk/licqweb

Files:

• CHANGELOG (modified) (1 diff)
• kses.php (modified) (1 diff)
• TODO (modified) (1 diff)

trunk/licqweb/CHANGELOG

@@ -5 +5 @@
 - sent messages with return characters get displayed properly
 - added aim icons
+- html tags that aren't allowed are now shown as plain text (instead of removing the whole tag + text)

trunk/licqweb/kses.php

@@ -106 +106 @@
   $attrlist = $matches[3];
 
-  if (!@isset($allowed_html[strtolower($elem)]))
-    return '';
+  if (!@isset($allowed_html[strtolower($elem)])) {
+    $string = str_replace(array('<', '>'), array('&lt;', '&gt;'), $string);
+    return $string;
     # They are using a not allowed HTML element
+  }
 
   if ($slash != '')

trunk/licqweb/TODO

@@ -2 +2 @@
 * fix plaintext passwords
 * fix invisible status images
-* html tags in user nicks + messages (should show unallowed html as plain text)
 * messages from offline users
 * focus issues