Skip to content

Commit b33a6c1

Browse files
RushawayRushaway
committed
Fix(UI): Support new line in comments
1 parent 42d1e68 commit b33a6c1

File tree

5 files changed

+61
-24
lines changed

5 files changed

+61
-24
lines changed

web/configs/version.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
{
22
"version": "1.8.0",
3-
"git": "1411",
3+
"git": "1420",
44
"dev": true
55
}

web/includes/system-functions.php

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -405,3 +405,23 @@ function compareSanitizedString(string $str1, string $str2)
405405
{
406406
return (bool)(strcmp(filter_var($str1, FILTER_SANITIZE_SPECIAL_CHARS), filter_var($str2, FILTER_SANITIZE_SPECIAL_CHARS)) === 0);
407407
}
408+
409+
/**
410+
* @param string $text
411+
* @return string
412+
*/
413+
function encodePreservingBr($text) {
414+
// Split the text at <br> tags, preserving the tags in the result
415+
$parts = preg_split('/(<br\s*\/?>)/i', $text, -1, PREG_SPLIT_DELIM_CAPTURE);
416+
$result = '';
417+
418+
foreach ($parts as $part) {
419+
if (preg_match('/^<br\s*\/?>$/i', $part)) {
420+
$result .= "\n"; // Replace <br /> with newline
421+
} else {
422+
$result .= htmlspecialchars($part, ENT_QUOTES, 'UTF-8'); // Encode the rest
423+
}
424+
}
425+
426+
return nl2br($result); // Convert newlines back to <br /> for HTML
427+
}

web/pages/admin.bans.php

Lines changed: 18 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -239,8 +239,10 @@
239239

240240
$cdata['comname'] = $commentres->fields['comname'];
241241
$cdata['added'] = Config::time($commentres->fields['added']);
242-
$cdata['commenttxt'] = htmlspecialchars($commentres->fields['commenttxt']);
243-
$cdata['commenttxt'] = str_replace("\n", "<br />", $cdata['commenttxt']);
242+
$commentText = html_entity_decode($commentres->fields['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
243+
$commentText = encodePreservingBr($commentText);
244+
$commentText = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="\$1" target="_blank">\$1</a>', $commentText);
245+
$cdata['commenttxt'] = $commentText;
244246

245247
if (!empty($commentres->fields['edittime'])) {
246248
$cdata['edittime'] = Config::time($commentres->fields['edittime']);
@@ -400,8 +402,10 @@
400402

401403
$cdata['comname'] = $commentres->fields['comname'];
402404
$cdata['added'] = Config::time($commentres->fields['added']);
403-
$cdata['commenttxt'] = htmlspecialchars($commentres->fields['commenttxt']);
404-
$cdata['commenttxt'] = str_replace("\n", "<br />", $cdata['commenttxt']);
405+
$commentText = html_entity_decode($commentres->fields['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
406+
$commentText = encodePreservingBr($commentText);
407+
$commentText = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="\$1" target="_blank">\$1</a>', $commentText);
408+
$cdata['commenttxt'] = $commentText;
405409

406410
if (!empty($commentres->fields['edittime'])) {
407411
$cdata['edittime'] = Config::time($commentres->fields['edittime']);
@@ -554,8 +558,11 @@
554558

555559
$cdata['comname'] = $commentres->fields['comname'];
556560
$cdata['added'] = Config::time($commentres->fields['added']);
557-
$cdata['commenttxt'] = htmlspecialchars($commentres->fields['commenttxt']);
558-
$cdata['commenttxt'] = str_replace("\n", "<br />", $cdata['commenttxt']);
561+
$commentText = html_entity_decode($commentres->fields['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
562+
$commentText = encodePreservingBr($commentText);
563+
// Parse links and wrap them in a <a href=""></a> tag to be easily clickable
564+
$commentText = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="\$1" target="_blank">\$1</a>', $commentText);
565+
$cdata['commenttxt'] = $commentText;
559566

560567
if (!empty($commentres->fields['edittime'])) {
561568
$cdata['edittime'] = Config::time($commentres->fields['edittime']);
@@ -694,8 +701,11 @@
694701

695702
$cdata['comname'] = $commentres->fields['comname'];
696703
$cdata['added'] = Config::time($commentres->fields['added']);
697-
$cdata['commenttxt'] = htmlspecialchars($commentres->fields['commenttxt']);
698-
$cdata['commenttxt'] = str_replace("\n", "<br />", $cdata['commenttxt']);
704+
$commentText = html_entity_decode($commentres->fields['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
705+
$commentText = encodePreservingBr($commentText);
706+
// Parse links and wrap them in a <a href=""></a> tag to be easily clickable
707+
$commentText = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="\$1" target="_blank">\$1</a>', $commentText);
708+
$cdata['commenttxt'] = $commentText;
699709

700710
if (!empty($commentres->fields['edittime'])) {
701711
$cdata['edittime'] = Config::time($commentres->fields['edittime']);

web/pages/page.banlist.php

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -647,10 +647,11 @@ function setPostKey()
647647

648648
$cdata['comname'] = $commentres->fields['comname'];
649649
$cdata['added'] = Config::time($commentres->fields['added']);
650-
$cdata['commenttxt'] = htmlspecialchars($commentres->fields['commenttxt']);
651-
$cdata['commenttxt'] = str_replace("\n", "<br />", $cdata['commenttxt']);
650+
$commentText = html_entity_decode($commentres->fields['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
651+
$commentText = encodePreservingBr($commentText);
652652
// Parse links and wrap them in a <a href=""></a> tag to be easily clickable
653-
$cdata['commenttxt'] = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="$1" target="_blank">$1</a>', $cdata['commenttxt']);
653+
$commentText = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="\$1" target="_blank">\$1</a>', $commentText);
654+
$cdata['commenttxt'] = $commentText;
654655

655656
if (!empty($commentres->fields['edittime'])) {
656657
$cdata['edittime'] = Config::time($commentres->fields['edittime']);
@@ -742,7 +743,8 @@ function setPostKey()
742743
if (isset($_GET["cid"])) {
743744
$_GET["cid"] = (int) $_GET["cid"];
744745
$ceditdata = $GLOBALS['db']->GetRow("SELECT * FROM " . DB_PREFIX . "_comments WHERE cid = '" . $_GET["cid"] . "'");
745-
$ctext = htmlspecialchars($ceditdata['commenttxt']);
746+
$ctext = html_entity_decode($ceditdata['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
747+
$ctext = htmlspecialchars($ctext, ENT_QUOTES | ENT_HTML5, 'UTF-8');
746748
$cotherdataedit = " AND cid != '" . $_GET["cid"] . "'";
747749
} else {
748750
$cotherdataedit = "";
@@ -765,10 +767,12 @@ function setPostKey()
765767
$coment = [];
766768
$coment['comname'] = $cotherdata->fields['comname'];
767769
$coment['added'] = Config::time($cotherdata->fields['added']);
768-
$coment['commenttxt'] = htmlspecialchars($cotherdata->fields['commenttxt']);
769-
$coment['commenttxt'] = str_replace("\n", "<br />", $coment['commenttxt']);
770+
$commentText = html_entity_decode($cotherdata->fields['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
771+
$commentText = encodePreservingBr($commentText);
770772
// Parse links and wrap them in a <a href=""></a> tag to be easily clickable
771-
$coment['commenttxt'] = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="$1" target="_blank">$1</a>', $coment['commenttxt']);
773+
$commentText = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="\$1" target="_blank">\$1</a>', $commentText);
774+
$coment['commenttxt'] = $commentText;
775+
772776
if ($cotherdata->fields['editname'] != "") {
773777
$coment['edittime'] = Config::time($cotherdata->fields['edittime']);
774778
$coment['editname'] = $cotherdata->fields['editname'];
@@ -812,4 +816,4 @@ function setPostKey()
812816
$theme->assign('can_delete', $userbank->HasAccess(ADMIN_DELETE_BAN));
813817
$theme->assign('view_bans', ($userbank->HasAccess(ADMIN_OWNER | ADMIN_EDIT_ALL_BANS | ADMIN_EDIT_OWN_BANS | ADMIN_EDIT_GROUP_BANS | ADMIN_UNBAN | ADMIN_UNBAN_OWN_BANS | ADMIN_UNBAN_GROUP_BANS | ADMIN_DELETE_BAN)));
814818
$theme->assign('can_export', ($userbank->HasAccess(ADMIN_OWNER) || Config::getBool('config.exportpublic')));
815-
$theme->display('page_bans.tpl');
819+
$theme->display('page_bans.tpl');

web/pages/page.commslist.php

Lines changed: 10 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -607,10 +607,11 @@ function setPostKey()
607607

608608
$cdata['comname'] = $commentres->fields['comname'];
609609
$cdata['added'] = Config::time($commentres->fields['added']);
610-
$cdata['commenttxt'] = $commentres->fields['commenttxt'];
611-
$cdata['commenttxt'] = str_replace("\n", "<br />", $cdata['commenttxt']);
610+
$commentText = html_entity_decode($commentres->fields['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
611+
$commentText = encodePreservingBr($commentText);
612612
// Parse links and wrap them in a <a href=""></a> tag to be easily clickable
613-
$cdata['commenttxt'] = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="$1" target="_blank">$1</a>', $cdata['commenttxt']);
613+
$commentText = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="\$1" target="_blank">\$1</a>', $commentText);
614+
$cdata['commenttxt'] = $commentText;
614615

615616
if (!empty($commentres->fields['edittime'])) {
616617
$cdata['edittime'] = Config::time($commentres->fields['edittime']);
@@ -700,7 +701,8 @@ function setPostKey()
700701
$theme->assign('commenttype', (isset($_GET["cid"]) ? "Edit" : "Add"));
701702
if (isset($_GET["cid"])) {
702703
$ceditdata = $GLOBALS['db']->GetRow("SELECT * FROM " . DB_PREFIX . "_comments WHERE cid = '" . (int) $_GET["cid"] . "'");
703-
$ctext = $ceditdata['commenttxt'];
704+
$ctext = html_entity_decode($ceditdata['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
705+
$ctext = htmlspecialchars($ctext, ENT_QUOTES | ENT_HTML5, 'UTF-8');
704706
$cotherdataedit = " AND cid != '" . (int) $_GET["cid"] . "'";
705707
} else {
706708
$cotherdataedit = "";
@@ -720,9 +722,10 @@ function setPostKey()
720722
$coment = [];
721723
$coment['comname'] = $cotherdata->fields['comname'];
722724
$coment['added'] = Config::time($cotherdata->fields['added']);
723-
$coment['commenttxt'] = str_replace("\n", "<br />", $cotherdata->fields['commenttxt']);
724-
// Parse links and wrap them in a <a href=""></a> tag to be easily clickable
725-
$coment['commenttxt'] = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="$1" target="_blank">$1</a>', $coment['commenttxt']);
725+
$commentText = html_entity_decode($cotherdata->fields['commenttxt'], ENT_QUOTES | ENT_HTML5, 'UTF-8');
726+
$commentText = encodePreservingBr($commentText);
727+
$commentText = preg_replace('@(https?://([-\w\.]+)+(:\d+)?(/([\w/_\.]*(\?\S+)?)?)?)@', '<a href="\$1" target="_blank">\$1</a>', $commentText);
728+
$coment['commenttxt'] = $commentText;
726729
if ($cotherdata->fields['editname'] != "") {
727730
$coment['edittime'] = Config::time($cotherdata->fields['edittime']);
728731
$coment['editname'] = $cotherdata->fields['editname'];

0 commit comments

Comments
 (0)