Merge pull request #491 from ArthurHoaro/markdown-escape2

Markdown: don't escape content + sanitize sensible tags
author: Arthur <arthur@hoa.ro> 2016-02-25 08:52:42 +0100
committer: Arthur <arthur@hoa.ro> 2016-02-25 08:52:42 +0100
commit: 10269bc8c9dfe87eb213c09a44308ce64ae0c12d (patch)
tree: 90bbe4d9f5b5788cc348c3883efe22deb659ded9 /application/Utils.php
parent: cee0d9609f7cf860cf951ca2d838cfaacecd37d2 (diff)
parent: 2925687e1e86dc113116330efd547b9db5c0f1a6 (diff)
download: Shaarli-10269bc8c9dfe87eb213c09a44308ce64ae0c12d.tar.gz
Shaarli-10269bc8c9dfe87eb213c09a44308ce64ae0c12d.tar.zst
Shaarli-10269bc8c9dfe87eb213c09a44308ce64ae0c12d.zip
1 files changed, 17 insertions, 1 deletions
diff --git a/application/Utils.php b/application/Utils.php
index 91e28a68..3d819716 100644
--- a/application/Utils.php
+++ b/application/Utils.php
@@ -62,7 +62,11 @@ function endsWith($haystack, $needle, $case=true)
 }
 /**
- * htmlspecialchars wrapper
+ * Htmlspecialchars wrapper
+ *
+ * @param string $str the string to escape.
+ *
+ * @return string escaped.
 */
 function escape($str)
 {
@@ -70,6 +74,18 @@ function escape($str)
 }
 /**
+ * Reverse the escape function.
+ *
+ * @param string $str the string to unescape.
+ *
+ * @return string unescaped string.
+ */
+function unescape($str)
+{
+    return htmlspecialchars_decode($str);
+}
+/**
 * Link sanitization before templating
 */
 function sanitizeLink(&$link)
author	Arthur <arthur@hoa.ro>	2016-02-25 08:52:42 +0100
committer	Arthur <arthur@hoa.ro>	2016-02-25 08:52:42 +0100
commit	10269bc8c9dfe87eb213c09a44308ce64ae0c12d (patch)
tree	90bbe4d9f5b5788cc348c3883efe22deb659ded9 /application/Utils.php
parent	cee0d9609f7cf860cf951ca2d838cfaacecd37d2 (diff)
parent	2925687e1e86dc113116330efd547b9db5c0f1a6 (diff)
download	Shaarli-10269bc8c9dfe87eb213c09a44308ce64ae0c12d.tar.gz Shaarli-10269bc8c9dfe87eb213c09a44308ce64ae0c12d.tar.zst Shaarli-10269bc8c9dfe87eb213c09a44308ce64ae0c12d.zip

diff --git a/application/Utils.php b/application/Utils.php index 91e28a68..3d819716 100644 --- a/application/Utils.php +++ b/application/Utils.php
@@ -62,7 +62,11 @@ function endsWith($haystack, $needle, $case=true)
62	}	62	}
63		63
64	/**	64	/**
65	* htmlspecialchars wrapper	65	* Htmlspecialchars wrapper
		66	*
		67	* @param string $str the string to escape.
		68	*
		69	* @return string escaped.
66	*/	70	*/
67	function escape($str)	71	function escape($str)
68	{	72	{
@@ -70,6 +74,18 @@ function escape($str)
70	}	74	}
71		75
72	/**	76	/**
		77	* Reverse the escape function.
		78	*
		79	* @param string $str the string to unescape.
		80	*
		81	* @return string unescaped string.
		82	*/
		83	function unescape($str)
		84	{
		85	return htmlspecialchars_decode($str);
		86	}
		87
		88	/**
73	* Link sanitization before templating	89	* Link sanitization before templating
74	*/	90	*/
75	function sanitizeLink(&$link)	91	function sanitizeLink(&$link)