Core update (safe mode)
This commit is contained in:
markseu
parent
456c325d67
commit
ec418ba5bc
3 changed files with 32 additions and 22 deletions
|
|
@ -1,4 +1,4 @@
|
|||
Yellow 0.3.18
|
||||
Yellow 0.3.19
|
||||
=============
|
||||
Yellow is for people who make websites. [Visit website](http://datenstrom.se/yellow).
|
||||
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
// Markdown extra core plugin
|
||||
class YellowMarkdownExtra
|
||||
{
|
||||
const Version = "0.3.11";
|
||||
const Version = "0.3.12";
|
||||
var $yellow; //access to API
|
||||
|
||||
// Handle plugin initialisation
|
||||
|
|
@ -2856,6 +2856,9 @@ class MarkdownExtraParser extends MarkdownParser {
|
|||
#
|
||||
# Form HTML definition lists.
|
||||
#
|
||||
# Prevent unescaped text, security bugfix for https://github.com/michelf/php-markdown/issues/175
|
||||
if ($this->no_markup) return $text;
|
||||
|
||||
$less_than_tab = $this->tab_width - 1;
|
||||
|
||||
# Re-usable pattern to match any entire dl list:
|
||||
|
|
@ -2947,11 +2950,6 @@ class MarkdownExtraParser extends MarkdownParser {
|
|||
}xm',
|
||||
array($this, '_processDefListItems_callback_dd'), $list_str);
|
||||
|
||||
# Catch unescaped text, security bugfix for https://github.com/michelf/php-markdown/issues/175
|
||||
if(preg_match("/^(?!\n<dt>)(.*?)(<dd>.*)$/s", $list_str, $matches))
|
||||
{
|
||||
$list_str = "<dt>".$this->runSpanGamut($matches[1])."</dt>\n".$matches[2];
|
||||
}
|
||||
return $list_str;
|
||||
}
|
||||
protected function _processDefListItems_callback_dt($matches) {
|
||||
|
|
|
|||
|
|
@ -5,7 +5,7 @@
|
|||
// Yellow main class
|
||||
class Yellow
|
||||
{
|
||||
const Version = "0.3.18";
|
||||
const Version = "0.3.19";
|
||||
var $page; //current page
|
||||
var $pages; //pages from file system
|
||||
var $config; //configuration
|
||||
|
|
@ -1399,11 +1399,16 @@ class YellowToolbox
|
|||
function isVisibleLocation($location, $fileName, $pathBase)
|
||||
{
|
||||
$visible = true;
|
||||
if(substru($fileName, 0, strlenu($pathBase)) == $pathBase) $fileName = substru($fileName, strlenu($pathBase));
|
||||
$tokens = explode('/', $fileName);
|
||||
for($i=0; $i<count($tokens)-1; ++$i)
|
||||
if(substru($fileName, 0, strlenu($pathBase)) == $pathBase)
|
||||
{
|
||||
if(!preg_match("/^[\d\-\_\.]+(.*)$/", $tokens[$i])) { $visible = false; break; }
|
||||
$fileName = substru($fileName, strlenu($pathBase));
|
||||
$tokens = explode('/', $fileName);
|
||||
for($i=0; $i<count($tokens)-1; ++$i)
|
||||
{
|
||||
if(!preg_match("/^[\d\-\_\.]+(.*)$/", $tokens[$i])) { $visible = false; break; }
|
||||
}
|
||||
} else {
|
||||
$visible = false;
|
||||
}
|
||||
return $visible;
|
||||
}
|
||||
|
|
@ -1412,17 +1417,24 @@ class YellowToolbox
|
|||
function findLocationFromFile($fileName, $pathBase, $pathHome, $fileDefault, $fileExtension)
|
||||
{
|
||||
$location = "/";
|
||||
if(substru($fileName, 0, strlenu($pathBase)) == $pathBase) $fileName = substru($fileName, strlenu($pathBase));
|
||||
$tokens = explode('/', $fileName);
|
||||
for($i=0; $i<count($tokens)-1; ++$i)
|
||||
if(substru($fileName, 0, strlenu($pathBase)) == $pathBase)
|
||||
{
|
||||
$token = $this->normaliseName($tokens[$i]).'/';
|
||||
if($i || $token!=$pathHome) $location .= $token;
|
||||
$fileName = substru($fileName, strlenu($pathBase));
|
||||
$tokens = explode('/', $fileName);
|
||||
for($i=0; $i<count($tokens)-1; ++$i)
|
||||
{
|
||||
$token = $this->normaliseName($tokens[$i]).'/';
|
||||
if($i || $token!=$pathHome) $location .= $token;
|
||||
}
|
||||
$token = $this->normaliseName($tokens[$i]);
|
||||
$fileFolder = $this->normaliseName($tokens[$i-1]).$fileExtension;
|
||||
if($token!=$fileDefault && $token!=$fileFolder) $location .= $this->normaliseName($tokens[$i], true, true);
|
||||
$extension = ($pos = strrposu($fileName, '.')) ? substru($fileName, $pos) : "";
|
||||
if($extension != $fileExtension) $invalid = true;
|
||||
} else {
|
||||
$invalid = true;
|
||||
}
|
||||
$token = $this->normaliseName($tokens[$i]);
|
||||
$fileFolder = $this->normaliseName($tokens[$i-1]).$fileExtension;
|
||||
if($token!=$fileDefault && $token!=$fileFolder) $location .= $this->normaliseName($tokens[$i], true, true);
|
||||
return $location;
|
||||
return $invalid ? "" : $location;
|
||||
}
|
||||
|
||||
// Return file path from location
|
||||
|
|
@ -1548,7 +1560,7 @@ class YellowToolbox
|
|||
// Normalise location, make absolute location
|
||||
function normaliseLocation($location, $pageBase, $pageLocation, $filterStrict = true)
|
||||
{
|
||||
if(!preg_match("/^\w+:/", html_entity_decode($location, ENT_QUOTES, "UTF-8")))
|
||||
if(!preg_match("/^\w+:/", trim(html_entity_decode($location, ENT_QUOTES, "UTF-8"))))
|
||||
{
|
||||
if(!preg_match("/^\//", $location))
|
||||
{
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue