diff options
| -rw-r--r-- | it_html.class | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/it_html.class b/it_html.class index 75ebe9b..c4cb187 100644 --- a/it_html.class +++ b/it_html.class @@ -376,6 +376,7 @@ function sanitize($html) $result = ""; $html = it::replace(array('[\0\s]+' => " "), $html); # \s also matches \r and \n $urlpattern = 'https?://[^">]+'; + $charset = $GLOBALS['it_html']->p['charset'] ? $GLOBALS['it_html']->p['charset'] : 'iso-8859-1'; if ($tag = it::match("(.*)<(div|p|i|b)[^>]*>(.*?)</\\2>(.*)", $html)) { @@ -388,13 +389,13 @@ function sanitize($html) { # Link tags, keeps only href attribute list($head, $href, $content, $tail) = $tag; - $result .= it_html::sanitize($head) . '<a href="' . it_html::Q(html_entity_decode($href)) . '">' . it_html::sanitize($content) . "</a>" . it_html::sanitize($tail); + $result .= it_html::sanitize($head) . '<a href="' . it_html::Q(html_entity_decode($href), ENT_COMPAT, $charset) . '">' . it_html::sanitize($content) . "</a>" . it_html::sanitize($tail); } else if ($tag = it::match('(.*)<img[^>]+?src="(' . $urlpattern . ')"[^>]*?>(.*)', $html)) { # Image tags, keeps only src attribute list($head, $src, $tail) = $tag; - $result .= it_html::sanitize($head) . '<img src="' . it_html::Q(html_entity_decode($src)) . '" alt="" />' . it_html::sanitize($tail); + $result .= it_html::sanitize($head) . '<img src="' . it_html::Q(html_entity_decode($src, ENT_COMPAT, $charset)) . '" alt="" />' . it_html::sanitize($tail); } else if ($tag = it::match("(.*)<(br)[^>]*>(.*)", $html)) { @@ -404,7 +405,7 @@ function sanitize($html) $result .= it_html::sanitize($head) . "<$tagname />" . it_html::sanitize($tail); } else - $result = it_html::Q(it::replace(array('&#\d+;' => ""), html_entity_decode(strip_tags($html)))); + $result = it_html::Q(it::replace(array('&#\d+;' => ""), html_entity_decode(strip_tags($html), ENT_COMPAT, $charset))); return $result; } |