Yes, this does basically what you want--and you have pretty much
persuaded me this is the direction we want to go. However it doesn't
address most of the problems I pointed out.
For example try putting some snippet on the page? or a variable like
$pageLink. You could imagine the problems this latter glitch could
generate.
Fortunately, I think I have found a fix for these specific problems:
In engine.php add this first line ~743. It seems to take care of our $
issues. Though of course my argument that it is better to pre-encode
it in the source, rather than have to re-encode it with every single
page load still stands...
$out = str_replace('$', '$', $out);
foreach($myMarkUpTable as $i => $order) {
I suppose we could continue pre-encoding it in the page source, and
then unencode it just before doing htmlspecialchars in the BOLTFsource
function for a similar result if we are worried about speed. I think
either way, will not hurt backward compatibility.
Some of our old quirky behavior seems to have been cleared
up--presumably with the changes to how things have been reworked.
Though you do get this issue: saving an < then reediting the page
it gets converted to <. Maybe we can live with that--but it breaks my
first goal of having what you save to the source be the same as what
you get back when you edit/view the source. Leaving it as < in the
page source would solve this, but introduces potential security
issues.
Then we have the problem of &. If indeed & needs to be escaped to get
xhtml compliance, we have a real problem--because I see no easy way to
escape it selectively. After all, escape it broadly on a page, and you
lose everything you've gained in terms of being able to put or
© into a page. But to leave "Nuts & Bolts" on a page is a
problem. Any suggestions?
There's also a side issue with [messages] being processed when you
edit a page like code.skin with that markup on it. Actually, leaving
the line in that you commented out in functions.php 580 won't fix
this. It has to do with the fact I've moved message handling again
from domarkup to makepage. I tried this once before but had to abandon
the idea (of functions being able to send back messages) because of
this problem. However, I see a solution this time.
Change line 580 to this
$out = str_replace(Array('[messages', '[results'),
Array('%5Bmessages', '%5Bresults'), $out);
Similarly in line 152 of markups.php:
$code = str_replace(Array('[messages', '[results'),
Array('%5Bmessages', '%5Bresults'), $code);
then in engine.php, line ~1504, add this second line:
$out = preg_replace('/\[messages( [-_a-z0-9]+)?\]/ie',
'BOLTmessages("$1")', $out);
$out = str_replace(Array('%5Bmessages', '%5Bresults'),
Array('[messages', '[results'), $out);
Seems the obvious solution now, but it never occurred to me to do this before.
I want to do some more work updating the code to take advantage of the
new messaging system--to simplify the code and get some system
functions to make things easier. Now that I have it figured out--it's
just a question of making it easier, under the head. Also want to
check out the system functions for possible messages to add. And
hopefully will put out a new release tomorrow or so. But I would like
an idea how to solve the ampersand problem. And perhaps the <
problem.
Cheers,
Dan
On Sat, Oct 10, 2009 at 9:28 AM, Hans <[email protected]> wrote:
>
> So that it does not get lost in other threads about latest releases, i
> start this topic.
>
> I like to see BW saving HTML character codes and showing the codes in
> edit boxes,
> showing them in code pages, but let the browser do its default
> decoding in normal pages.
> Version 3.2.3 saves the codes, but they are not shown as codes in edit boxes.
>
> I did some hacking to see what is possible.
>
> In functions.php I changed in function BOLTFsource
> (I believe this is the function retrieving text from source page?)
> I commented out this line:
> $out = str_replace(Array('<', '[messages]', '[results]', ' '),
> Array('<', '[messages]', '[results]',
> '&nbsp;'), $out);
>
> and added before the second last line if ($args['escape'] !== 'false')
> $out = BOLTescape($out);
> this line:
> $out = htmlspecialchars($out, ENT_NOQUOTES);
>
> I am weary about $ReplaceTable, as I think much can be done much
> simpler with standard php functions like htmlspecialchars().
> Anyway, with these changes my edit box looks fine.
>
> with one exception: $ is automatically converted to $ and saved to page
> I think this is not necessary, and in engine.php
> functionBOLTsaveEscapes the line
> BOLTreplace('$', '$');
> shall be removed/commented out.
>
> I imagine that quite a bit of conversion code can be removed.
>
> Having done that I get exactly what I want.
>
> What do you think?
>
> >
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"BoltWire" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/boltwire?hl=en
-~----------~----~----~----~------~----~------~--~---
