Commit 5dd8314d authored by Dries's avatar Dries
Browse files

- Patch #446518 by sun: remove argument from check_markup().

parent 0125b20c
......@@ -220,7 +220,7 @@ function block_block_save($delta = 0, $edit = array()) {
*/
function block_block_view($delta = 0, $edit = array()) {
$block = db_query('SELECT body, format FROM {box} WHERE bid = :bid', array(':bid' => $delta))->fetchObject();
$data['content'] = check_markup($block->body, $block->format, '', FALSE);
$data['content'] = check_markup($block->body, $block->format);
return $data;
}
......
......@@ -816,7 +816,7 @@ function comment_build_content($comment, $build_mode = 'full') {
// Build comment body.
$comment->content['comment_body'] = array(
'#markup' => check_markup($comment->comment, $comment->format, '', FALSE),
'#markup' => check_markup($comment->comment, $comment->format),
);
$comment->content += field_attach_view('comment', $comment, $build_mode);
......@@ -1126,7 +1126,7 @@ function comment_node_update_index($node) {
':status' => COMMENT_PUBLISHED
));
foreach ($comments as $comment) {
$text .= '<h2>' . check_plain($comment->subject) . '</h2>' . check_markup($comment->comment, $comment->format, '', FALSE);
$text .= '<h2>' . check_plain($comment->subject) . '</h2>' . check_markup($comment->comment, $comment->format);
}
}
return $text;
......@@ -2018,7 +2018,6 @@ function comment_submit($comment) {
// 1) Filter it into HTML
// 2) Strip out all HTML tags
// 3) Convert entities back to plain-text.
// Note: format is checked by check_markup().
$comment['subject'] = truncate_utf8(trim(decode_entities(strip_tags(check_markup($comment['comment'], $comment['comment_format'])))), 29, TRUE);
// Edge cases where the comment body is populated only by HTML tags will
// require a default subject.
......
......@@ -370,9 +370,9 @@ function hook_field_load($obj_type, $objects, $field, $instances, &$items, $age)
$format = $item['format'];
if (filter_format_allowcache($format)) {
$lang = isset($object->language) ? $object->language : $language->language;
$items[$id][$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE, FALSE) : '';
$items[$id][$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE) : '';
if ($field['type'] == 'text_with_summary') {
$items[$id][$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE, FALSE) : '';
$items[$id][$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE) : '';
}
}
}
......@@ -414,9 +414,9 @@ function hook_field_sanitize($obj_type, $object, $field, $instance, $items) {
if (!empty($instance['settings']['text_processing'])) {
$format = $item['format'];
$lang = isset($object->language) ? $object->language : $language->language;
$items[$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE) : '';
$items[$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang) : '';
if ($field['type'] == 'text_with_summary') {
$items[$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE) : '';
$items[$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang) : '';
}
}
else {
......
......@@ -222,9 +222,9 @@ function text_field_load($obj_type, $objects, $field, $instances, &$items) {
$format = $item['format'];
if (filter_format_allowcache($format)) {
$lang = isset($object->language) ? $object->language : $language->language;
$items[$id][$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE, FALSE) : '';
$items[$id][$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE) : '';
if ($field['type'] == 'text_with_summary') {
$items[$id][$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE, FALSE) : '';
$items[$id][$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE) : '';
}
}
}
......@@ -253,9 +253,9 @@ function text_field_sanitize($obj_type, $object, $field, $instance, &$items) {
if (!empty($instance['settings']['text_processing'])) {
$format = $item['format'];
$lang = isset($object->language) ? $object->language : $language->language;
$items[$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang, FALSE) : '';
$items[$delta]['safe'] = isset($item['value']) ? check_markup($item['value'], $format, $lang) : '';
if ($field['type'] == 'text_with_summary') {
$items[$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang, FALSE) : '';
$items[$delta]['safe_summary'] = isset($item['summary']) ? check_markup($item['summary'], $format, $lang) : '';
}
}
else {
......
......@@ -421,20 +421,13 @@ function filter_list_format($format) {
* Optional: the language code of the text to be filtered, e.g. 'en' for
* English. This allows filters to be language aware so language specific
* text replacement can be implemented.
* @param $check
* Whether to check the $format with filter_access() first. Defaults to TRUE.
* Note that this will check the permissions of the current user, so you
* should specify $check = FALSE when viewing other people's content. When
* showing content that is not (yet) stored in the database (eg. upon preview),
* set to TRUE so the user's permissions are checked.
* @param $cache
* Boolean whether to cache the filtered output in the {cache_filter} table.
* The caller may set this to FALSE when the output is already cached
* elsewhere to avoid duplicate cache lookups and storage.
*/
function check_markup($text, $format = FILTER_FORMAT_DEFAULT, $langcode = '', $check = TRUE, $cache = TRUE) {
// When $check = TRUE, do an access check on $format.
if (isset($text) && (!$check || filter_access($format))) {
function check_markup($text, $format = FILTER_FORMAT_DEFAULT, $langcode = '', $cache = TRUE) {
if (isset($text)) {
$format = filter_resolve_format($format);
// Check for a cached version of this piece of text.
......
......@@ -486,7 +486,7 @@ function hook_node_update_index($node) {
$text = '';
$comments = db_query('SELECT subject, comment, format FROM {comment} WHERE nid = :nid AND status = :status', array(':nid' => $node->nid, ':status' => COMMENT_PUBLISHED));
foreach ($comments as $comment) {
$text .= '<h2>' . check_plain($comment->subject) . '</h2>' . check_markup($comment->comment, $comment->format, '', FALSE);
$text .= '<h2>' . check_plain($comment->subject) . '</h2>' . check_markup($comment->comment, $comment->format);
}
return $text;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment