Opened 11 years ago
Closed 11 years ago
#1334 closed Enhancement (fixed)
make sub_sentence() more intelligent
| Reported by: | Christian Beer | Owned by: | davea |
|---|---|---|---|
| Priority: | Major | Milestone: | Undetermined |
| Component: | Web - Other | Version: | |
| Keywords: | Cc: |
Description
This is a request for comments. I tried to find a function that has the described feature some time ago and will derive something in the near future.
At the moment sub_sentence() is dumb and shortens the profile according to length only. This causes problems when the user has embedded html tags like links or images. The problem with current behavior is that when a UotD is shown on the frontpage and the markup is cut of in the wrong place the page looks weird. Also this is a possible vector for an XSS-attack.
There should be two extra settings.
- Filter out links (show the text but ignore the markup)
- Filter out images
When not filtering one of these the markup shouldn't count when calculating length. Images are difficult to handle, maybe add/change the width parameter to the img-tag.
sub_sentence() is intended to handle text without markup. The problem was that it was being called with text that could contain markup. Before calling it on a string, you must 1) use output_transform() to convert BBcode tags to HTML tags 2) use sanitize_tags() to remove all HTML tags. I checked in changes that do this everywhere.