valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

disable html objects in article content, breaks layout

This commit is contained in:
Andrew Dolgov 2006-09-21 04:55:02 +01:00
parent 8bde41c35f
commit a262b161f9
3 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
backend.php
View File

@ -650,6 +650,8 @@
$line["content"] = preg_replace("/href=/i", "target=\"_new\" href=", $line["content"]);
}
$line["content"] = sanitize_rss($line["content"]);
print $line["content"] . "</div>";
print "</div>";
@ -1335,13 +1337,13 @@
print "</td>";
$auth_login = db_fetch_result($result, 0, "auth_login");
$auth_login = escape_for_form(db_fetch_result($result, 0, "auth_login"));
print "<tr><td>Login:</td>";
print "<td><input class=\"iedit\" onkeypress=\"return filterCR(event)\"
name=\"auth_login\" value=\"$auth_login\"></td></tr>";
$auth_pass = db_fetch_result($result, 0, "auth_pass");
$auth_pass = escape_for_form(db_fetch_result($result, 0, "auth_pass"));
print "<tr><td>Password:</td>";
print "<td><input class=\"iedit\" type=\"password\" name=\"auth_pass\"

11
functions.php
View File

@ -2449,6 +2449,13 @@
$res = preg_replace('/<\/script>/i',
"</p>", $res);
$res = preg_replace('/<object.*?>.*?<\/object>/i',
"<p class=\"objectWarn\">(Disabled html object
- flash or other embedded content)</p>", $str);
$res = preg_replace('/<\/object>/i',
"</p>", $res);
return $res;
}
@ -2637,4 +2644,8 @@
}
}
function escape_for_form($s) {
return htmlspecialchars(db_unescape_string($s));
}
?>

6
tt-rss.css
View File

@ -1172,6 +1172,12 @@ span.debugTS {
font-weight : bold;
}
.objectWarn {
color : gray;
padding : 3px;
font-style: italic;
}
table.loginForm2 {
padding : 1em;
}