diff options
| author | Tristan Darricau <github@nicofuma.fr> | 2017-04-18 23:36:04 +0200 |
|---|---|---|
| committer | Tristan Darricau <github@nicofuma.fr> | 2017-04-18 23:36:04 +0200 |
| commit | e0ae49d8a5cda64744c8e08317a5c5329deb2472 (patch) | |
| tree | 363baf97112521a4c1779281282dece0f6001edc /phpBB | |
| parent | d4f0c79b565f558180225027039ec6494131f85e (diff) | |
| parent | ddcd0f243791ea64373b53f077689df0c46c713a (diff) | |
| download | forums-e0ae49d8a5cda64744c8e08317a5c5329deb2472.tar forums-e0ae49d8a5cda64744c8e08317a5c5329deb2472.tar.gz forums-e0ae49d8a5cda64744c8e08317a5c5329deb2472.tar.bz2 forums-e0ae49d8a5cda64744c8e08317a5c5329deb2472.tar.xz forums-e0ae49d8a5cda64744c8e08317a5c5329deb2472.zip | |
Merge pull request #4788 from JoshyPHP/ticket/15163
fixes #4788
* ticket/15163:
[ticket/15163] Escape curly braces in smilies HTML attributes
Diffstat (limited to 'phpBB')
| -rw-r--r-- | phpBB/phpbb/textformatter/s9e/factory.php | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/phpBB/phpbb/textformatter/s9e/factory.php b/phpBB/phpbb/textformatter/s9e/factory.php index 5cbf2712f7..7719ce5afa 100644 --- a/phpBB/phpbb/textformatter/s9e/factory.php +++ b/phpBB/phpbb/textformatter/s9e/factory.php @@ -311,7 +311,7 @@ class factory implements \phpbb\textformatter\cache_interface { $configurator->Emoticons->set( $row['code'], - '<img class="smilies" src="{$T_SMILIES_PATH}/' . htmlspecialchars($row['smiley_url']) . '" width="' . $row['smiley_width'] . '" height="' . $row['smiley_height'] . '" alt="{.}" title="' . htmlspecialchars($row['emotion']) . '"/>' + '<img class="smilies" src="{$T_SMILIES_PATH}/' . $this->escape_html_attribute($row['smiley_url']) . '" width="' . $row['smiley_width'] . '" height="' . $row['smiley_height'] . '" alt="{.}" title="' . $this->escape_html_attribute($row['emotion']) . '"/>' ); } @@ -442,6 +442,20 @@ class factory implements \phpbb\textformatter\cache_interface } /** + * Escape a literal to be used in an HTML attribute in an XSL template + * + * Escapes "HTML special chars" for obvious reasons and curly braces to avoid them + * being interpreted as an attribute value template + * + * @param string $value Original string + * @return string Escaped string + */ + protected function escape_html_attribute($value) + { + return htmlspecialchars(strtr($value, ['{' => '{{', '}' => '}}']), ENT_COMPAT | ENT_XML1, 'UTF-8'); + } + + /** * Return the default BBCodes configuration * * @return array 2D array. Each element has a 'usage' key, a 'template' key, and an optional 'options' key |