mirror of
https://github.com/php/php-src.git
synced 2024-09-21 18:07:23 +00:00
Fixed bug #40704 (strip_tags() does not handle single quotes correctly)
This commit is contained in:
parent
276aed565e
commit
e769e1b49e
@ -4211,7 +4211,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, int len, int *stateptr, char *allow,
|
||||
switch (state) {
|
||||
case 1: /* HTML/XML */
|
||||
lc = '>';
|
||||
state = 0;
|
||||
in_q = state = 0;
|
||||
if (allow) {
|
||||
tp = ((tp-tbuf) >= PHP_TAG_BUF_SIZE ? tbuf: tp);
|
||||
*(tp++) = '>';
|
||||
@ -4226,19 +4226,19 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, int len, int *stateptr, char *allow,
|
||||
|
||||
case 2: /* PHP */
|
||||
if (!br && lc != '\"' && *(p-1) == '?') {
|
||||
state = 0;
|
||||
in_q = state = 0;
|
||||
tp = tbuf;
|
||||
}
|
||||
break;
|
||||
|
||||
case 3:
|
||||
state = 0;
|
||||
in_q = state = 0;
|
||||
tp = tbuf;
|
||||
break;
|
||||
|
||||
case 4: /* JavaScript/CSS/etc... */
|
||||
if (p >= buf + 2 && *(p-1) == '-' && *(p-2) == '-') {
|
||||
state = 0;
|
||||
in_q = state = 0;
|
||||
tp = tbuf;
|
||||
}
|
||||
break;
|
||||
@ -4263,7 +4263,7 @@ PHPAPI size_t php_strip_tags_ex(char *rbuf, int len, int *stateptr, char *allow,
|
||||
tp = ((tp-tbuf) >= PHP_TAG_BUF_SIZE ? tbuf: tp);
|
||||
*(tp++) = c;
|
||||
}
|
||||
if (p != buf && *(p-1) != '\\' && (!in_q || *p == in_q)) {
|
||||
if (state && p != buf && *(p-1) != '\\' && (!in_q || *p == in_q)) {
|
||||
if (in_q) {
|
||||
in_q = 0;
|
||||
} else {
|
||||
|
13
ext/standard/tests/strings/bug40704.phpt
Normal file
13
ext/standard/tests/strings/bug40704.phpt
Normal file
@ -0,0 +1,13 @@
|
||||
--TEST--
|
||||
Bug #40704 (strip_tags() does not handle single quotes correctly)
|
||||
--FILE--
|
||||
<?php
|
||||
|
||||
$html = "<div>Bug ' Trigger</div> Missing Text";
|
||||
var_dump(strip_tags($html));
|
||||
|
||||
echo "Done\n";
|
||||
?>
|
||||
--EXPECT--
|
||||
string(26) "Bug ' Trigger Missing Text"
|
||||
Done
|
Loading…
Reference in New Issue
Block a user