diff --git a/modules/block/block.module b/modules/block/block.module
index 70dcc8e0084..97ab8dafb06 100644
--- a/modules/block/block.module
+++ b/modules/block/block.module
@@ -220,7 +220,7 @@ function block_block_save($delta = 0, $edit = array()) {
*/
function block_block_view($delta = 0, $edit = array()) {
$block = db_query('SELECT body, format FROM {box} WHERE bid = :bid', array(':bid' => $delta))->fetchObject();
- $data['content'] = check_markup($block->body, $block->format, '', FALSE);
+ $data['content'] = check_markup($block->body, $block->format);
return $data;
}
diff --git a/modules/comment/comment.module b/modules/comment/comment.module
index 4ca19a2fa28..18653611c17 100644
--- a/modules/comment/comment.module
+++ b/modules/comment/comment.module
@@ -816,7 +816,7 @@ function comment_build_content($comment, $build_mode = 'full') {
// Build comment body.
$comment->content['comment_body'] = array(
- '#markup' => check_markup($comment->comment, $comment->format, '', FALSE),
+ '#markup' => check_markup($comment->comment, $comment->format),
);
$comment->content += field_attach_view('comment', $comment, $build_mode);
@@ -1126,7 +1126,7 @@ function comment_node_update_index($node) {
':status' => COMMENT_PUBLISHED
));
foreach ($comments as $comment) {
- $text .= '' . check_plain($comment->subject) . '
' . check_markup($comment->comment, $comment->format, '', FALSE);
+ $text .= '' . check_plain($comment->subject) . '
' . check_markup($comment->comment, $comment->format);
}
}
return $text;
@@ -2018,7 +2018,6 @@ function comment_submit($comment) {
// 1) Filter it into HTML
// 2) Strip out all HTML tags
// 3) Convert entities back to plain-text.
- // Note: format is checked by check_markup().
$comment['subject'] = truncate_utf8(trim(decode_entities(strip_tags(check_markup($comment['comment'], $comment['comment_format'])))), 29, TRUE);
// Edge cases where the comment body is populated only by HTML tags will
// require a default subject.
diff --git a/modules/field/field.api.php b/modules/field/field.api.php
index f8d2137d9c1..7c78f889f6f 100644
--- a/modules/field/field.api.php
+++ b/modules/field/field.api.php
@@ -370,9 +370,9 @@ function hook_field_load($obj_type, $objects, $field, $instances, &$items, $age)
$format = $item['format'];
if (filter_format_allowcache($format)) {
$lang = isset($object->language) ? $object->language : $language->language;
- $items[$id][$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE, FALSE) : '';
+ $items[$id][$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE) : '';
if ($field['type'] == 'text_with_summary') {
- $items[$id][$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE, FALSE) : '';
+ $items[$id][$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE) : '';
}
}
}
@@ -414,9 +414,9 @@ function hook_field_sanitize($obj_type, $object, $field, $instance, $items) {
if (!empty($instance['settings']['text_processing'])) {
$format = $item['format'];
$lang = isset($object->language) ? $object->language : $language->language;
- $items[$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE) : '';
+ $items[$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang) : '';
if ($field['type'] == 'text_with_summary') {
- $items[$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE) : '';
+ $items[$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang) : '';
}
}
else {
diff --git a/modules/field/modules/text/text.module b/modules/field/modules/text/text.module
index ba69c310bdd..c183560820b 100644
--- a/modules/field/modules/text/text.module
+++ b/modules/field/modules/text/text.module
@@ -222,9 +222,9 @@ function text_field_load($obj_type, $objects, $field, $instances, &$items) {
$format = $item['format'];
if (filter_format_allowcache($format)) {
$lang = isset($object->language) ? $object->language : $language->language;
- $items[$id][$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE, FALSE) : '';
+ $items[$id][$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE) : '';
if ($field['type'] == 'text_with_summary') {
- $items[$id][$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE, FALSE) : '';
+ $items[$id][$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE) : '';
}
}
}
@@ -253,9 +253,9 @@ function text_field_sanitize($obj_type, $object, $field, $instance, &$items) {
if (!empty($instance['settings']['text_processing'])) {
$format = $item['format'];
$lang = isset($object->language) ? $object->language : $language->language;
- $items[$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE) : '';
+ $items[$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang) : '';
if ($field['type'] == 'text_with_summary') {
- $items[$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE) : '';
+ $items[$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang) : '';
}
}
else {
diff --git a/modules/filter/filter.module b/modules/filter/filter.module
index 58a3bf4ab9b..66fd6a5f7c0 100644
--- a/modules/filter/filter.module
+++ b/modules/filter/filter.module
@@ -421,20 +421,13 @@ function filter_list_format($format) {
* Optional: the language code of the text to be filtered, e.g. 'en' for
* English. This allows filters to be language aware so language specific
* text replacement can be implemented.
- * @param $check
- * Whether to check the $format with filter_access() first. Defaults to TRUE.
- * Note that this will check the permissions of the current user, so you
- * should specify $check = FALSE when viewing other people's content. When
- * showing content that is not (yet) stored in the database (eg. upon preview),
- * set to TRUE so the user's permissions are checked.
* @param $cache
* Boolean whether to cache the filtered output in the {cache_filter} table.
* The caller may set this to FALSE when the output is already cached
* elsewhere to avoid duplicate cache lookups and storage.
*/
-function check_markup($text, $format = FILTER_FORMAT_DEFAULT, $langcode = '', $check = TRUE, $cache = TRUE) {
- // When $check = TRUE, do an access check on $format.
- if (isset($text) && (!$check || filter_access($format))) {
+function check_markup($text, $format = FILTER_FORMAT_DEFAULT, $langcode = '', $cache = TRUE) {
+ if (isset($text)) {
$format = filter_resolve_format($format);
// Check for a cached version of this piece of text.
diff --git a/modules/node/node.api.php b/modules/node/node.api.php
index 2aa02c320ed..b0e8dff2b73 100644
--- a/modules/node/node.api.php
+++ b/modules/node/node.api.php
@@ -486,7 +486,7 @@ function hook_node_update_index($node) {
$text = '';
$comments = db_query('SELECT subject, comment, format FROM {comment} WHERE nid = :nid AND status = :status', array(':nid' => $node->nid, ':status' => COMMENT_PUBLISHED));
foreach ($comments as $comment) {
- $text .= '' . check_plain($comment->subject) . '
' . check_markup($comment->comment, $comment->format, '', FALSE);
+ $text .= '' . check_plain($comment->subject) . '
' . check_markup($comment->comment, $comment->format);
}
return $text;
}