aboutsummaryrefslogtreecommitdiff
path: root/engine/lib/output.php
diff options
context:
space:
mode:
Diffstat (limited to 'engine/lib/output.php')
-rw-r--r--engine/lib/output.php36
1 files changed, 32 insertions, 4 deletions
diff --git a/engine/lib/output.php b/engine/lib/output.php
index 04c737062..60bcc72cd 100644
--- a/engine/lib/output.php
+++ b/engine/lib/output.php
@@ -34,7 +34,7 @@ function parse_urls($text) {
$url = trim($url, \'.\');
}
$urltext = str_replace("/", "/<wbr />", $url);
- return "<a href=\"$url\" style=\"text-decoration:underline;\">$urltext</a>$period";
+ return "<a href=\"$url\">$urltext</a>$period";
'
), $text);
@@ -198,6 +198,7 @@ function elgg_format_attributes(array $attrs) {
* @param array $vars The raw $vars array with all it's dirtiness (config, url, etc.)
*
* @return array The array, ready to be used in elgg_format_attributes().
+ * @access private
*/
function elgg_clean_vars(array $vars = array()) {
unset($vars['config']);
@@ -215,6 +216,14 @@ function elgg_clean_vars(array $vars = array()) {
unset($vars['internalid']);
}
+ if (isset($vars['__ignoreInternalid'])) {
+ unset($vars['__ignoreInternalid']);
+ }
+
+ if (isset($vars['__ignoreInternalname'])) {
+ unset($vars['__ignoreInternalname']);
+ }
+
return $vars;
}
@@ -234,13 +243,32 @@ function elgg_clean_vars(array $vars = array()) {
* @return string The absolute url
*/
function elgg_normalize_url($url) {
- // 'http://example.com', 'https://example.com', '//example.com'
- // '#target', '?query=string'
- if (preg_match("#^(\#|\?|(https?:)?//)#i", $url)) {
+ // see https://bugs.php.net/bug.php?id=51192
+ // from the bookmarks save action.
+ $php_5_2_13_and_below = version_compare(PHP_VERSION, '5.2.14', '<');
+ $php_5_3_0_to_5_3_2 = version_compare(PHP_VERSION, '5.3.0', '>=') &&
+ version_compare(PHP_VERSION, '5.3.3', '<');
+
+ $validated = false;
+ if ($php_5_2_13_and_below || $php_5_3_0_to_5_3_2) {
+ $tmp_address = str_replace("-", "", $url);
+ $validated = filter_var($tmp_address, FILTER_VALIDATE_URL);
+ } else {
+ $validated = filter_var($url, FILTER_VALIDATE_URL);
+ }
+
+ if ($validated) {
+ // all normal URLs including mailto:
return $url;
+ } elseif (preg_match("#^(\#|\?|//)#i", $url)) {
+ // '//example.com' (Shortcut for protocol.)
+ // '?query=test', #target
+ return $url;
+
} elseif (stripos($url, 'javascript:') === 0) {
// 'javascript:'
+ // Not covered in FILTER_VALIDATE_URL
return $url;
} elseif (preg_match("#^[^/]*\.php(\?.*)?$#i", $url)) {