aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJason Oster <parasytic@users.sourceforge.net>2009-05-29 15:30:48 +0000
committerJason Oster <parasytic@users.sourceforge.net>2009-05-29 15:30:48 +0000
commitdb1ba3df77c858b3da994cfdad9f0eed0ca4a639 (patch)
tree9ee84f4f61b35c63f91023bb9d83a4965ba40949
parent9909e4f125cd32074c8f680529cf96620a4d93d5 (diff)
downloadphpicalendar-db1ba3df77c858b3da994cfdad9f0eed0ca4a639.tar.gz
phpicalendar-db1ba3df77c858b3da994cfdad9f0eed0ca4a639.tar.bz2
phpicalendar-db1ba3df77c858b3da994cfdad9f0eed0ca4a639.zip
Better handling of URLs and email addresses in event descriptions (also strip "blocked" protocols, added by some mail servers)
-rw-r--r--functions/template.php4
-rw-r--r--includes/event.php4
2 files changed, 4 insertions, 4 deletions
diff --git a/functions/template.php b/functions/template.php
index 0a0c212..4d7ad72 100644
--- a/functions/template.php
+++ b/functions/template.php
@@ -90,8 +90,8 @@ class Page {
$location = sanitizeForWeb(stripslashes(urldecode($new_val2['location'])));
$description = sanitizeForWeb(stripslashes(urldecode($new_val2['description'])));
if (!empty($description)) {
- $description = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]",'<a target="_new" href="\0">\0</a>', $description);
- $description = ereg_replace("[a-zA-Z0-9_.%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}", '<a href="mailto:\0">\0</a>', $description);
+ $description = ereg_replace("(blocked)?([[:alpha:]]+://([^<>&[:space:]]|&amp;)+[[:alnum:]/])", '<a target="_new" href="\2">\2</a>', $description);
+ $description = ereg_replace("(blocked)?(mailto:)?([[:alnum:]_.%+-]+@[[:alnum:].-]+\.[[:alpha:]]{2,4})", '<a href="mailto:\3">\3</a>', $description);
}
$event_start = $new_val2['event_start'];
diff --git a/includes/event.php b/includes/event.php
index ab62337..4112700 100644
--- a/includes/event.php
+++ b/includes/event.php
@@ -31,8 +31,8 @@ $event['event_text'] = sanitizeForWeb(urldecode($event['event_text']));
$event['description'] = sanitizeForWeb(urldecode($event['description']));
$event['location'] = sanitizeForWeb(urldecode($event['location']));
if (isset($event['description'])) {
- $event['description'] = ereg_replace("[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]", '<a target="_new" href="\0">\0</a>', $event['description']);
- $event['description'] = ereg_replace("[a-zA-Z0-9_.%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,4}", '<a href="mailto:\0">\0</a>', $event['description']);
+ $event['description'] = ereg_replace("(blocked)?([[:alpha:]]+://([^<>&[:space:]]|&amp;)+[[:alnum:]/])", '<a target="_new" href="\2">\2</a>', $event['description']);
+ $event['description'] = ereg_replace("(blocked)?(mailto:)?([[:alnum:]_.%+-]+@[[:alnum:].-]+\.[[:alpha:]]{2,4})", '<a href="mailto:\3">\3</a>', $event['description']);
}
if (isset($organizer) && is_array($organizer)) {

© 2014-2020 Faster IT GmbH | imprint | privacy policy