From 69ec1a6996314221bcfdea1244d63abdfd20a201 Mon Sep 17 00:00:00 2001
From: Kjartan Mannes <kjartan@2.no-reply.drupal.org>
Date: Sat, 4 May 2002 18:56:43 +0000
Subject: [PATCH] - making sure the nodes call filter().

---
 includes/common.inc        | 2 +-
 modules/book.module        | 8 ++++----
 modules/book/book.module   | 8 ++++----
 modules/forum.module       | 4 ++--
 modules/forum/forum.module | 4 ++--
 modules/node.module        | 4 ++--
 modules/node/node.module   | 4 ++--
 modules/page.module        | 4 ++--
 modules/page/page.module   | 4 ++--
 modules/story.module       | 4 ++--
 modules/story/story.module | 4 ++--
 11 files changed, 25 insertions(+), 25 deletions(-)

diff --git a/includes/common.inc b/includes/common.inc
index 67eaeb80aa1..f58587556b6 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -641,7 +641,7 @@ function drupal_url($args = array(), $script = "node") {
   foreach ($args as $key => $value) {
     $t[] = "$key=". urlencode($value);
   }
-  return "$script.php?". implode("&amp;", $t);
+  return htmlentities("$script.php?". implode("&", $t));
 }
 
 /**
diff --git a/modules/book.module b/modules/book.module
index 57dff70c373..1b1e562eba3 100644
--- a/modules/book.module
+++ b/modules/book.module
@@ -57,10 +57,10 @@ function book_save($op, $node) {
 
   if ($op == "create") {
     if (user_access("administer nodes")) {
-      return array("format", "parent", "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "parent", "weight", "log");
     }
     else {
-      return array("format", "moderate" => 1, "parent", "promote" => 0, "status" => 1, "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "moderate" => 1, "parent", "promote" => 0, "status" => 1, "weight", "log");
     }
   }
 
@@ -75,7 +75,7 @@ function book_save($op, $node) {
       ** new revision unless we are explicitly instructed to.
       */
 
-      return array("format", "parent", "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "parent", "weight", "log");
     }
     else {
       /*
@@ -84,7 +84,7 @@ function book_save($op, $node) {
       ** and are not promoted by default.  See also: book_load().
       */
 
-      return array("created" => time(), "format", "moderate" => 1, "parent", "promote" => 0, "score" => 0, "status" => 1, "users" => "", "revisions", "votes" => 0, "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "created" => time(), "format", "moderate" => 1, "parent", "promote" => 0, "score" => 0, "status" => 1, "users" => "", "revisions", "votes" => 0, "weight", "log");
     }
   }
 
diff --git a/modules/book/book.module b/modules/book/book.module
index 57dff70c373..1b1e562eba3 100644
--- a/modules/book/book.module
+++ b/modules/book/book.module
@@ -57,10 +57,10 @@ function book_save($op, $node) {
 
   if ($op == "create") {
     if (user_access("administer nodes")) {
-      return array("format", "parent", "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "parent", "weight", "log");
     }
     else {
-      return array("format", "moderate" => 1, "parent", "promote" => 0, "status" => 1, "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "moderate" => 1, "parent", "promote" => 0, "status" => 1, "weight", "log");
     }
   }
 
@@ -75,7 +75,7 @@ function book_save($op, $node) {
       ** new revision unless we are explicitly instructed to.
       */
 
-      return array("format", "parent", "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "parent", "weight", "log");
     }
     else {
       /*
@@ -84,7 +84,7 @@ function book_save($op, $node) {
       ** and are not promoted by default.  See also: book_load().
       */
 
-      return array("created" => time(), "format", "moderate" => 1, "parent", "promote" => 0, "score" => 0, "status" => 1, "users" => "", "revisions", "votes" => 0, "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "created" => time(), "format", "moderate" => 1, "parent", "promote" => 0, "score" => 0, "status" => 1, "users" => "", "revisions", "votes" => 0, "weight", "log");
     }
   }
 
diff --git a/modules/forum.module b/modules/forum.module
index 64597ab2c56..a144de6abe8 100644
--- a/modules/forum.module
+++ b/modules/forum.module
@@ -21,7 +21,7 @@ function forum_save($op, $node) {
   }
 
   if ($op == "create") {
-    return array("teaser" => $node->body);
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
   }
 
   if ($op == "decline") {
@@ -29,7 +29,7 @@ function forum_save($op, $node) {
   }
 
   if ($op == "update") {
-    return array("teaser" => $node->body);
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
   }
 }
 
diff --git a/modules/forum/forum.module b/modules/forum/forum.module
index 64597ab2c56..a144de6abe8 100644
--- a/modules/forum/forum.module
+++ b/modules/forum/forum.module
@@ -21,7 +21,7 @@ function forum_save($op, $node) {
   }
 
   if ($op == "create") {
-    return array("teaser" => $node->body);
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
   }
 
   if ($op == "decline") {
@@ -29,7 +29,7 @@ function forum_save($op, $node) {
   }
 
   if ($op == "update") {
-    return array("teaser" => $node->body);
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
   }
 }
 
diff --git a/modules/node.module b/modules/node.module
index b527a10b8a6..92b882f761c 100644
--- a/modules/node.module
+++ b/modules/node.module
@@ -307,9 +307,9 @@ function node_filter_html($text) {
 }
 
 function node_filter_link($text) {
-  $src = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}';                   // [link|description]
+  $pat = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}';                   // [link|description]
   $dst = str_replace('%5C1', '\\1', format_tag('\\1', '\\3')); // [link|description]
-  return ereg_replace($src, $dst, $text);
+  return ereg_replace($pat, $dst, $text);
 }
 
 function node_filter_line($text) {
diff --git a/modules/node/node.module b/modules/node/node.module
index b527a10b8a6..92b882f761c 100644
--- a/modules/node/node.module
+++ b/modules/node/node.module
@@ -307,9 +307,9 @@ function node_filter_html($text) {
 }
 
 function node_filter_link($text) {
-  $src = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}';                   // [link|description]
+  $pat = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}';                   // [link|description]
   $dst = str_replace('%5C1', '\\1', format_tag('\\1', '\\3')); // [link|description]
-  return ereg_replace($src, $dst, $text);
+  return ereg_replace($pat, $dst, $text);
 }
 
 function node_filter_line($text) {
diff --git a/modules/page.module b/modules/page.module
index 3b18feed72c..0677910746f 100644
--- a/modules/page.module
+++ b/modules/page.module
@@ -27,7 +27,7 @@ function page_save($op, $node) {
   }
 
   if ($op == "create") {
-    return array("format", "link");
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "link");
   }
 
   if ($op == "decline") {
@@ -35,7 +35,7 @@ function page_save($op, $node) {
   }
 
   if ($op == "update") {
-    return array("format", "link");
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "link");
   }
 }
 
diff --git a/modules/page/page.module b/modules/page/page.module
index 3b18feed72c..0677910746f 100644
--- a/modules/page/page.module
+++ b/modules/page/page.module
@@ -27,7 +27,7 @@ function page_save($op, $node) {
   }
 
   if ($op == "create") {
-    return array("format", "link");
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "link");
   }
 
   if ($op == "decline") {
@@ -35,7 +35,7 @@ function page_save($op, $node) {
   }
 
   if ($op == "update") {
-    return array("format", "link");
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "link");
   }
 }
 
diff --git a/modules/story.module b/modules/story.module
index 4bacfc0d4d4..bc6ba703a61 100644
--- a/modules/story.module
+++ b/modules/story.module
@@ -39,7 +39,7 @@ function story_save($op, $node) {
 
   if ($op == "create") {
     if (user_access("administer nodes")) {
-      return array();
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser));
     }
     else {
       return array("body" => filter($node->body), "moderate" => 1, "teaser" => filter($node->teaser));
@@ -51,7 +51,7 @@ function story_save($op, $node) {
   }
 
   if ($op == "update") {
-    return array();
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
   }
 }
 
diff --git a/modules/story/story.module b/modules/story/story.module
index 4bacfc0d4d4..bc6ba703a61 100644
--- a/modules/story/story.module
+++ b/modules/story/story.module
@@ -39,7 +39,7 @@ function story_save($op, $node) {
 
   if ($op == "create") {
     if (user_access("administer nodes")) {
-      return array();
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser));
     }
     else {
       return array("body" => filter($node->body), "moderate" => 1, "teaser" => filter($node->teaser));
@@ -51,7 +51,7 @@ function story_save($op, $node) {
   }
 
   if ($op == "update") {
-    return array();
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
   }
 }