On Wed, Oct 7, 2009 at 11:28 AM, Kevin <[email protected]> wrote:
> Ran into this on a number of pages where the user used the & symbol in
> either the document itself or in a title, header etc... That is a reserved
> character in XHTML and needs to be output as & a m p ; (all together of
> course)..
I think this is a little different, because you can save on a page
and/or data value and it is still there when you edit. It may not be
valid XHTML but it's perfectly functional. Hans complaint is about
stuff simply disappearing or changing. That is really annoying...
Scratch that--it is the same. If you enter & you get & back out...
I see what you mean.
> I tried to escape it various ways without success. Gave up at the time
> because I had larger fish issues..
Ok, for page content I think you can do it this way. Rewrite
engine.php ~1775 to this:
if ($edit == true) {
BOLTreplace('~data~', '~data~');
if (substr($page, 0, strlen($BOLTcodePages) + 1) !==
"$BOLTcodePages.") {
BOLTreplace('<', '<');
BOLTreplace('&', '&');
}
if (! BOLTingroup('admin') && ! BOLTingroup('editor'))
BOLTreplace('[form', '[fo`rm');
$content = str_replace($BOLTreplaceTable['SAVE']['in'],
$BOLTreplaceTable['SAVE']['out'], $content);
This simplifies the code and logic significantly. It does change the
logic slightly--allowing authorized writers to edit code pages and
insert code... But these should pages should be controlled by auth
anyway. As it was, may have provided a double level of protection, but
sure could have resulted in unexpected results--say you set up a
special @code group who were authorized to edit code pages, but
couldn't get them to work. In this case, like most cases, simpler is
probably better.
And for data vars you can do it engine.php ~2205
$d = substr($d, strpos($d, "\n~data~\n") + 8);
$d = str_replace(Array('&', '<'), Array('&',
'<'), $d); // new
This latter one actually allows me to simplify the last few lines of
the BOLTvars function above and should create a decent performance
boost.
I've made both of these changes to the core as they simplify the code,
are more standards compliant, should boost performance, and don't seem
to cause any problems. But there are almost always problems with these
kinds of things. Anyone who cares to try the patch and report
problems, it would be appreciated.
Cheers,
Dan
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"BoltWire" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/boltwire?hl=en
-~----------~----~----~----~------~----~------~--~---
