Escapen aller Nicht-ASCII-Zeichen in HTML-Entities, aktivierbar über Konfigurationssschalter, Fix für Bug #5. - openrat-cms - Unnamed repository; edit this file 'description' to name the repository.

commit 263b703c4b379260fa7002e4e8b575af418e542a
parent e770cf81555252cf0fc04d9b523454c1c9670de0
Author: dankert <devnull@localhost>
Date:   Tue, 30 Mar 2010 11:32:51 +0200

Escapen aller Nicht-ASCII-Zeichen in HTML-Entities, aktivierbar über Konfigurationssschalter, Fix für Bug #5.

Diffstat:
actionClasses/Action.class.php  | 7 +------
config/publish.ini.php  | 3 +++
functions/common.inc.php  | 16 ++++++++++++++++
objectClasses/Page.class.php  | 9 +++++++++

4 files changed, 29 insertions(+), 6 deletions(-)
diff --git a/actionClasses/Action.class.php b/actionClasses/Action.class.php
@@ -674,12 +674,7 @@ class Action
 	 */
 	function getCharset()
 	{
-		$db = db_connection();
-		
-		if	( isset($db->conf['charset']) )
-			return $db->conf['charset'];
-		else
-			return lang('CHARSET');
+		return charset();
 	}
 	
 	
diff --git a/config/publish.ini.php b/config/publish.ini.php
@@ -57,6 +57,9 @@ enable_php_in_page_content=false
 ; 'auto' : interpreted, if file extension = '.php'
 ; 'true' : always interpret PHP in file content
 enable_php_in_file_content=false
+
+; Escape all non-ascii characters to HTML entities (e.g. "&entity;")
+escape_8bit_characters=true
 
 
 
diff --git a/functions/common.inc.php b/functions/common.inc.php
@@ -122,4 +122,20 @@ function istrue( $val )
 		return false;
 }
 
+/**
+ * Liefert den für die Ausgabe zu verwendenden Zeichensatz.
+ * Falls konfiguriert, wird das Charset aus der DB-Konfiguration
+ * genommen. Sonst das Charset aus der Sprachdatei.
+ * 
+ * @return Zeichensatz, z.B. "UTF-8", "ISO-8859-1".
+ */
+function charset()
+{
+	$db = db_connection();
+	
+	if	( isset($db->conf['charset']) )
+		return $db->conf['charset'];
+	else
+		return lang('CHARSET');
+}
 ?> 
\ No newline at end of file
diff --git a/objectClasses/Page.class.php b/objectClasses/Page.class.php
@@ -728,6 +728,15 @@ class Page extends Object
 				$src = str_replace( '{{->'.$id.'}}','',$src );
 		}
 		
+		if	( config('publish','escape_8bit_characters') )
+			if	( substr($this->mimeType(),-4) == 'html' )
+			{
+				$src = htmlentities($src,ENT_NOQUOTES,charset());
+				$src = str_replace('&lt;' , '<', $src);
+				$src = str_replace('&gt;' , '>', $src);
+				$src = str_replace('&amp;', '&', $src);
+			}
+		
 		$this->value = &$src;
 
 		// Store in cache.

	openrat-cms Unnamed repository; edit this file 'description' to name the repository.
	Log \| Files \| Refs

actionClasses/Action.class.php	\|	7	+------
config/publish.ini.php	\|	3	+++
functions/common.inc.php	\|	16	++++++++++++++++
objectClasses/Page.class.php	\|	9	+++++++++