Fix for ticket #477. Use nl2br method when rendering comment::text and

item::description. In addition add p::clean or p::purify to places that xss cleaning had missed (i.e. rss feeds)
author: Tim Almdal <tnalmdal@shaw.ca> 2009-07-04 08:17:12 -0700
committer: Tim Almdal <tnalmdal@shaw.ca> 2009-07-04 08:17:12 -0700
commit: d6648c0affd122407b7567442aa924e9138104e7 (patch)
tree: 015f10205d96618edcf210ad93c672a74956d979 /modules/comment/views
parent: 54ffea24196e8f5d88cf9d8607455f0f6aab305c (diff)
4 files changed, 5 insertions, 5 deletions
diff --git a/modules/comment/views/admin_block_recent_comments.html.php b/modules/comment/views/admin_block_recent_comments.html.php
index 893c1a63..4ff24f86 100644
--- a/modules/comment/views/admin_block_recent_comments.html.php
+++ b/modules/comment/views/admin_block_recent_comments.html.php
@@ -10,7 +10,7 @@
     <?= gallery::date_time($comment->created) ?>
     <?= t('<a href="#">%author_name</a> said <em>%comment_text</em>',
           array("author_name" => p::clean($comment->author_name()),
-                "comment_text" => text::limit_words(p::purify($comment->text), 50))); ?>
+                "comment_text" => text::limit_words(nl2br(p::purify($comment->text)), 50))); ?>
   </li>
   <? endforeach ?>
 </ul>
diff --git a/modules/comment/views/admin_comments.html.php b/modules/comment/views/admin_comments.html.php
index 489605d5..ad0ae8f3 100644
--- a/modules/comment/views/admin_comments.html.php
+++ b/modules/comment/views/admin_comments.html.php
@@ -132,7 +132,7 @@
           </div>
         </div>
         <p><?= gallery::date($comment->created) ?></p>
-        <?= p::purify($comment->text) ?>
+           <?= nl2br(p::purify($comment->text)) ?>
       </td>
       <td>
         <ul class="gButtonSetVertical">
diff --git a/modules/comment/views/comment.html.php b/modules/comment/views/comment.html.php
index 15121d08..ab72a0c8 100644
--- a/modules/comment/views/comment.html.php
+++ b/modules/comment/views/comment.html.php
@@ -13,6 +13,6 @@
                 "author_name" => p::clean($comment->author_name()))) ?>
   </p>
   <div>
-    <?= p::purify($comment->text) ?>
+  <?= nl2br(p::purify($comment->text)) ?>
   </div>
 </li>
diff --git a/modules/comment/views/comment.mrss.php b/modules/comment/views/comment.mrss.php
index 4f520144..e27bc44f 100644
--- a/modules/comment/views/comment.mrss.php
+++ b/modules/comment/views/comment.mrss.php
@@ -22,14 +22,14 @@
     <lastBuildDate><?= $pub_date ?></lastBuildDate>
     <? foreach ($feed->children as $child): ?>
     <item>
-      <title><?= p::clean($child->title) ?></title>
+      <title><?= p::purify($child->title) ?></title>
       <link><?= p::clean($child->item_uri) ?></link>
       <author><?= p::clean($child->author) ?></author>
       <guid isPermaLink="true"><?= $child->item_uri ?></guid>
       <pubDate><?= $child->pub_date ?></pubDate>
       <content:encoded>
         <![CDATA[
-          <p><?= p::clean($child->text) ?></p>
+          <p><?= nl2br(p::purify($child->text)) ?></p>
           <p>
             <img alt="" src="<?= $child->thumb_url ?>"
                  height="<?= $child->thumb_height ?>" width="<?= $child->thumb_width ?>" />
author	Tim Almdal <tnalmdal@shaw.ca>	2009-07-04 08:17:12 -0700
committer	Tim Almdal <tnalmdal@shaw.ca>	2009-07-04 08:17:12 -0700
commit	d6648c0affd122407b7567442aa924e9138104e7 (patch)
tree	015f10205d96618edcf210ad93c672a74956d979 /modules/comment/views
parent	54ffea24196e8f5d88cf9d8607455f0f6aab305c (diff)