- making sure the nodes call filter().

2002-05-04 18:56:43 +00:00 · 2002-05-04 18:56:43 +00:00 · 69ec1a6996
parent d09d6d2d97
commit 69ec1a6996
11 changed files with 25 additions and 25 deletions
--- a/includes/common.inc
+++ b/includes/common.inc
@ -641,7 +641,7 @@ function drupal_url($args = array(), $script = "node") {
  foreach ($args as $key => $value) {
    $t[] = "$key=". urlencode($value);
  }
-  return "$script.php?". implode("&amp;", $t);
+  return htmlentities("$script.php?". implode("&", $t));
 }

 /**
--- a/modules/book.module
+++ b/modules/book.module
@ -57,10 +57,10 @@ function book_save($op, $node) {

  if ($op == "create") {
    if (user_access("administer nodes")) {
-      return array("format", "parent", "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "parent", "weight", "log");
    }
    else {
-      return array("format", "moderate" => 1, "parent", "promote" => 0, "status" => 1, "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "moderate" => 1, "parent", "promote" => 0, "status" => 1, "weight", "log");
    }
  }

@ -75,7 +75,7 @@ function book_save($op, $node) {
      ** new revision unless we are explicitly instructed to.
      */

-      return array("format", "parent", "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "parent", "weight", "log");
    }
    else {
      /*
@ -84,7 +84,7 @@ function book_save($op, $node) {
      ** and are not promoted by default.  See also: book_load().
      */

-      return array("created" => time(), "format", "moderate" => 1, "parent", "promote" => 0, "score" => 0, "status" => 1, "users" => "", "revisions", "votes" => 0, "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "created" => time(), "format", "moderate" => 1, "parent", "promote" => 0, "score" => 0, "status" => 1, "users" => "", "revisions", "votes" => 0, "weight", "log");
    }
  }

--- a/modules/book/book.module
+++ b/modules/book/book.module
@ -57,10 +57,10 @@ function book_save($op, $node) {

  if ($op == "create") {
    if (user_access("administer nodes")) {
-      return array("format", "parent", "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "parent", "weight", "log");
    }
    else {
-      return array("format", "moderate" => 1, "parent", "promote" => 0, "status" => 1, "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "moderate" => 1, "parent", "promote" => 0, "status" => 1, "weight", "log");
    }
  }

@ -75,7 +75,7 @@ function book_save($op, $node) {
      ** new revision unless we are explicitly instructed to.
      */

-      return array("format", "parent", "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "parent", "weight", "log");
    }
    else {
      /*
@ -84,7 +84,7 @@ function book_save($op, $node) {
      ** and are not promoted by default.  See also: book_load().
      */

-      return array("created" => time(), "format", "moderate" => 1, "parent", "promote" => 0, "score" => 0, "status" => 1, "users" => "", "revisions", "votes" => 0, "weight", "log");
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser), "created" => time(), "format", "moderate" => 1, "parent", "promote" => 0, "score" => 0, "status" => 1, "users" => "", "revisions", "votes" => 0, "weight", "log");
    }
  }

--- a/modules/forum.module
+++ b/modules/forum.module
@ -21,7 +21,7 @@ function forum_save($op, $node) {
  }

  if ($op == "create") {
-    return array("teaser" => $node->body);
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
  }

  if ($op == "decline") {
@ -29,7 +29,7 @@ function forum_save($op, $node) {
  }

  if ($op == "update") {
-    return array("teaser" => $node->body);
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
  }
 }

--- a/modules/forum/forum.module
+++ b/modules/forum/forum.module
@ -21,7 +21,7 @@ function forum_save($op, $node) {
  }

  if ($op == "create") {
-    return array("teaser" => $node->body);
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
  }

  if ($op == "decline") {
@ -29,7 +29,7 @@ function forum_save($op, $node) {
  }

  if ($op == "update") {
-    return array("teaser" => $node->body);
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
  }
 }

--- a/modules/node.module
+++ b/modules/node.module
@ -307,9 +307,9 @@ function node_filter_html($text) {
 }

 function node_filter_link($text) {
-  $src = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}';                   // [link|description]
+  $pat = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}';                   // [link|description]
  $dst = str_replace('%5C1', '\\1', format_tag('\\1', '\\3')); // [link|description]
-  return ereg_replace($src, $dst, $text);
+  return ereg_replace($pat, $dst, $text);
 }

 function node_filter_line($text) {
--- a/modules/node/node.module
+++ b/modules/node/node.module
@ -307,9 +307,9 @@ function node_filter_html($text) {
 }

 function node_filter_link($text) {
-  $src = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}';                   // [link|description]
+  $pat = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}';                   // [link|description]
  $dst = str_replace('%5C1', '\\1', format_tag('\\1', '\\3')); // [link|description]
-  return ereg_replace($src, $dst, $text);
+  return ereg_replace($pat, $dst, $text);
 }

 function node_filter_line($text) {
--- a/modules/page.module
+++ b/modules/page.module
@ -27,7 +27,7 @@ function page_save($op, $node) {
  }

  if ($op == "create") {
-    return array("format", "link");
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "link");
  }

  if ($op == "decline") {
@ -35,7 +35,7 @@ function page_save($op, $node) {
  }

  if ($op == "update") {
-    return array("format", "link");
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "link");
  }
 }

--- a/modules/page/page.module
+++ b/modules/page/page.module
@ -27,7 +27,7 @@ function page_save($op, $node) {
  }

  if ($op == "create") {
-    return array("format", "link");
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "link");
  }

  if ($op == "decline") {
@ -35,7 +35,7 @@ function page_save($op, $node) {
  }

  if ($op == "update") {
-    return array("format", "link");
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser), "format", "link");
  }
 }

--- a/modules/story.module
+++ b/modules/story.module
@ -39,7 +39,7 @@ function story_save($op, $node) {

  if ($op == "create") {
    if (user_access("administer nodes")) {
-      return array();
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser));
    }
    else {
      return array("body" => filter($node->body), "moderate" => 1, "teaser" => filter($node->teaser));
@ -51,7 +51,7 @@ function story_save($op, $node) {
  }

  if ($op == "update") {
-    return array();
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
  }
 }

--- a/modules/story/story.module
+++ b/modules/story/story.module
@ -39,7 +39,7 @@ function story_save($op, $node) {

  if ($op == "create") {
    if (user_access("administer nodes")) {
-      return array();
+      return array("body" => filter($node->body), "teaser" => filter($node->teaser));
    }
    else {
      return array("body" => filter($node->body), "moderate" => 1, "teaser" => filter($node->teaser));
@ -51,7 +51,7 @@ function story_save($op, $node) {
  }

  if ($op == "update") {
-    return array();
+    return array("body" => filter($node->body), "teaser" => filter($node->teaser));
  }
 }