mirror of
https://github.com/erusev/parsedown.git
synced 2023-08-10 21:13:06 +03:00
escaping for special characters
This commit is contained in:
parent
2e314ad474
commit
d4d3612710
@ -550,15 +550,17 @@ class Parsedown
|
|||||||
{
|
{
|
||||||
foreach ($matches as $matches)
|
foreach ($matches as $matches)
|
||||||
{
|
{
|
||||||
|
$url = $this->escape_special_characters($matches[4]);
|
||||||
|
|
||||||
if ($matches[1]) # image
|
if ($matches[1]) # image
|
||||||
{
|
{
|
||||||
$element = '<img alt="'.$matches[3].'" src="'.$matches[4].'">';
|
$element = '<img alt="'.$matches[3].'" src="'.$url.'">';
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
$element_text = $this->parse_inline_elements($matches[3]);
|
$element_text = $this->parse_inline_elements($matches[3]);
|
||||||
|
|
||||||
$element = '<a href="'.$matches[4].'">'.$element_text.'</a>';
|
$element = '<a href="'.$url.'">'.$element_text.'</a>';
|
||||||
}
|
}
|
||||||
|
|
||||||
# ~
|
# ~
|
||||||
@ -588,6 +590,7 @@ class Parsedown
|
|||||||
if (isset($this->reference_map[$link_definition]))
|
if (isset($this->reference_map[$link_definition]))
|
||||||
{
|
{
|
||||||
$url = $this->reference_map[$link_definition];
|
$url = $this->reference_map[$link_definition];
|
||||||
|
$url = $this->escape_special_characters($url);
|
||||||
|
|
||||||
if ($matches[1]) # image
|
if ($matches[1]) # image
|
||||||
{
|
{
|
||||||
@ -613,13 +616,17 @@ class Parsedown
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Automatic Links
|
||||||
|
|
||||||
if (strpos($text, '<') !== FALSE and preg_match_all('/<((https?|ftp|dict):[^\^\s]+?)>/i', $text, $matches, PREG_SET_ORDER))
|
if (strpos($text, '<') !== FALSE and preg_match_all('/<((https?|ftp|dict):[^\^\s]+?)>/i', $text, $matches, PREG_SET_ORDER))
|
||||||
{
|
{
|
||||||
foreach ($matches as $matches)
|
foreach ($matches as $matches)
|
||||||
{
|
{
|
||||||
|
$url = $this->escape_special_characters($matches[1]);
|
||||||
|
|
||||||
$element = '<a href=":href">:text</a>';
|
$element = '<a href=":href">:text</a>';
|
||||||
$element = str_replace(':text', $matches[1], $element);
|
$element = str_replace(':text', $url, $element);
|
||||||
$element = str_replace(':href', $matches[1], $element);
|
$element = str_replace(':href', $url, $element);
|
||||||
|
|
||||||
# ~
|
# ~
|
||||||
|
|
||||||
@ -633,6 +640,12 @@ class Parsedown
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# ~
|
||||||
|
|
||||||
|
$text = $this->escape_special_characters($text);
|
||||||
|
|
||||||
|
# ~
|
||||||
|
|
||||||
if (strpos($text, '_') !== FALSE)
|
if (strpos($text, '_') !== FALSE)
|
||||||
{
|
{
|
||||||
$text = preg_replace('/__(?=\S)(.+?)(?<=\S)__/', '<strong>$1</strong>', $text);
|
$text = preg_replace('/__(?=\S)(.+?)(?<=\S)__/', '<strong>$1</strong>', $text);
|
||||||
@ -649,5 +662,13 @@ class Parsedown
|
|||||||
|
|
||||||
return $text;
|
return $text;
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
|
private function escape_special_characters($text)
|
||||||
|
{
|
||||||
|
strpos($text, '&') !== FALSE and $text = preg_replace('/&(?!#?\w+;)/', '&', $text);
|
||||||
|
|
||||||
|
$text = str_replace('<', '<', $text);
|
||||||
|
|
||||||
|
return $text;
|
||||||
|
}
|
||||||
|
}
|
8
tests/data/special_characters.html
Normal file
8
tests/data/special_characters.html
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
<p>AT&T has an ampersand in their name.</p>
|
||||||
|
<p>AT&T is another way to write it.</p>
|
||||||
|
<p>This & that.</p>
|
||||||
|
<p>4 < 5 and 6 > 5.</p>
|
||||||
|
<p>Here's a <a href="http://example.com/?foo=1&bar=2">link</a> with an ampersand in the URL.</p>
|
||||||
|
<p>Here's an inline <a href="/script?foo=1&bar=2">link</a>.</p>
|
||||||
|
<hr />
|
||||||
|
<p>Based on <a href="http://daringfireball.net/projects/downloads/MarkdownTest_1.0.zip">the original</a> test suite.</p>
|
17
tests/data/special_characters.md
Normal file
17
tests/data/special_characters.md
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
AT&T has an ampersand in their name.
|
||||||
|
|
||||||
|
AT&T is another way to write it.
|
||||||
|
|
||||||
|
This & that.
|
||||||
|
|
||||||
|
4 < 5 and 6 > 5.
|
||||||
|
|
||||||
|
Here's a [link] [1] with an ampersand in the URL.
|
||||||
|
|
||||||
|
Here's an inline [link](/script?foo=1&bar=2).
|
||||||
|
|
||||||
|
[1]: http://example.com/?foo=1&bar=2
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
Based on [the original](http://daringfireball.net/projects/downloads/MarkdownTest_1.0.zip) test suite.
|
Loading…
Reference in New Issue
Block a user