Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

- Jonathan's "HTML filter" improvements. 

> If turning on both filters is bad, we shouldn't allow the user to
> select both, should we? The attached patch folds the Escape HTML option
> into the same dropdown as the Filter HTML option, preventing both from
> being activated.
4.3.x
Dries Buytaert 2003-09-16 18:34:39 +00:00
parent 62f939944f
commit e20f59d99a
2 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/node.module
View File

@ -496,9 +496,8 @@ function node_settings() {
}
function node_conf_filters() {
$output .= form_select(t("Escape HTML tags"), "escape_html", variable_get("escape_html", 0), array(t("Disabled"), t("Enabled")), t("Escape HTML and PHP tags in user-contributed content. Note that it is generally not a good idea to enable the below 'Filter HTML tags' option when using this filter."));
$output .= form_select(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(t("Disabled"), t("Enabled")), t("Filter HTML and PHP tags in user-contributed content. Note that it is generally not a good idea to enable the above 'Escape HTML tags' option when using this filter."));
$output .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If enabled, optionally specify tags which should not be stripped. 'STYLE' attributes, 'ON*' attributes and unclosed tags are always stripped."));
$output .= form_select(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed. If set to \"Escape tags\", all HTML is escaped and presented as it was typed."));
$output .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'STYLE' attributes, 'ON*' attributes and unclosed tags are always stripped."));
$output .= form_select(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers."));
$output .= "<hr />";
return $output;
@ -527,7 +526,7 @@ function node_comment_mode($nid) {
}
function node_filter($text) {
if (variable_get("filter_html", 0)) {
if (variable_get("filter_html", 0) == 1) {
$text = node_filter_html($text);
}
@ -535,7 +534,7 @@ function node_filter($text) {
$text = rewrite_old_urls($text);
}
if (variable_get("escape_html", 0)) {
if (variable_get("filter_html", 0) == 2) {
$text = node_escape_html($text);
}

9
modules/node/node.module
View File

@ -496,9 +496,8 @@ function node_settings() {
}
function node_conf_filters() {
$output .= form_select(t("Escape HTML tags"), "escape_html", variable_get("escape_html", 0), array(t("Disabled"), t("Enabled")), t("Escape HTML and PHP tags in user-contributed content. Note that it is generally not a good idea to enable the below 'Filter HTML tags' option when using this filter."));
$output .= form_select(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(t("Disabled"), t("Enabled")), t("Filter HTML and PHP tags in user-contributed content. Note that it is generally not a good idea to enable the above 'Escape HTML tags' option when using this filter."));
$output .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If enabled, optionally specify tags which should not be stripped. 'STYLE' attributes, 'ON*' attributes and unclosed tags are always stripped."));
$output .= form_select(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed. If set to \"Escape tags\", all HTML is escaped and presented as it was typed."));
$output .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'STYLE' attributes, 'ON*' attributes and unclosed tags are always stripped."));
$output .= form_select(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers."));
$output .= "<hr />";
return $output;
@ -527,7 +526,7 @@ function node_comment_mode($nid) {
}
function node_filter($text) {
if (variable_get("filter_html", 0)) {
if (variable_get("filter_html", 0) == 1) {
$text = node_filter_html($text);
}
@ -535,7 +534,7 @@ function node_filter($text) {
$text = rewrite_old_urls($text);
}
if (variable_get("escape_html", 0)) {
if (variable_get("filter_html", 0) == 2) {
$text = node_escape_html($text);
}