Changeset 1770

Show
Ignore:
Timestamp:
11/17/2008 11:20:56 PM (7 weeks ago)
Author:
driehle
Message:

fixed #205

Files:
1 modified

Legend:

Unmodified
Added
Removed

  • trunk/scripts/bbcode.php

    r1688 r1770  
    33require_once JLOG_BASEPATH.'/scripts/stringparser_bbcode.class.php'; 
    44 
    5 // Zeilenumbrï¿œche verschiedener Betriebsysteme vereinheitlichen 
     5// ZeilenumbrÃŒche verschiedener Betriebsysteme vereinheitlichen 
    66function convertlinebreaks ($text) { 
    77  return preg_replace ("/\015\012|\015|\012/", "\n", $text); 
     
    6666        else return true; 
    6767    } 
    68                 $title = empty($attributes["title"]) ? "" : " title='".$attributes["title"]."'"; 
     68                $title = empty($attributes["title"]) ? "" : " title='".htmlspecialchars($attributes["title"])."'"; 
    6969 
    70     if (isset($attributes['class']) AND isset($attributes['caption'])) $class_caption = " class='img ".htmlspecialchars($attributes['class'])."'"; 
     70    if (isset($attributes['class']) AND isset($attributes['caption'])) $class = " class='img ".htmlspecialchars($attributes['class'])."'"; 
    7171    elseif (isset($attributes['class'])) $class = " class='".htmlspecialchars($attributes['class'])."'"; 
    7272 
    73     if (strpos($content, "http://") === 0) return "<img src='".htmlspecialchars($content)."'".$class." alt='".$attributes['alt']."'".$title." />"; 
     73    if (strpos($content, "http://") === 0) return "<img src='".htmlspecialchars($content)."'".$class." alt='".htmlspecialchars($attributes['alt'])."'".$title." />"; 
    7474    else { 
    7575        list($img_width, $img_height, $img_type, $img_attr) = @getimagesize(JLOG_BASEPATH.'/img'.DIRECTORY_SEPARATOR.htmlspecialchars($content)); 
    76         $img = "<img src='".JLOG_PATH."/img/".htmlspecialchars($content)."'".$class." alt='".$attributes['alt']."' style='width: ".$img_width."px;'".$title." />"; 
     76        $img = "<img src='".JLOG_PATH."/img/".htmlspecialchars($content)."'".$class." alt='".htmlspecialchars($attributes['alt'])."' style='width: ".$img_width."px;'".$title." />"; 
    7777    } 
    7878 
    7979     if(isset($attributes['caption'])) { 
    80         return "\n<dl".$class_caption." style='width: ".$img_width."px;'>\n <dt>".$img."</dt>\n  <dd>".$attributes['caption']."</dd>\n</dl>\n"; 
     80        return "\n<dl".$class." style='width: ".$img_width."px;'>\n <dt>".$img."</dt>\n  <dd>".htmlspecialchars(attributes['caption'])."</dd>\n</dl>\n"; 
    8181     } 
    8282     else return $img;