From f84715db5ba9c925e8a8aea64e60c77db7efd86b Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Sun, 8 May 2016 23:29:47 +0900 Subject: [PATCH] Fix escaping and userlang encoding of site keywords and description --- classes/context/Context.class.php | 3 ++- classes/module/ModuleHandler.class.php | 8 ++++---- modules/module/module.controller.php | 2 +- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php index 2f834559f..40d88ef21 100644 --- a/classes/context/Context.class.php +++ b/classes/context/Context.class.php @@ -2716,7 +2716,7 @@ class Context foreach(self::$_instance->meta_tags as $key => $val) { list($name, $is_http_equiv) = explode("\t", $key); - $ret[] = array('name' => $name, 'is_http_equiv' => $is_http_equiv, 'content' => $val); + $ret[] = array('name' => $name, 'is_http_equiv' => $is_http_equiv, 'content' => escape($val, false)); } return $ret; @@ -2732,6 +2732,7 @@ class Context */ public static function addMetaTag($name, $content, $is_http_equiv = FALSE) { + getController('module')->replaceDefinedLangCode($content); self::$_instance->meta_tags[$name . "\t" . ($is_http_equiv ? '1' : '0')] = $content; } diff --git a/classes/module/ModuleHandler.class.php b/classes/module/ModuleHandler.class.php index df07ebdf7..44d1cc531 100644 --- a/classes/module/ModuleHandler.class.php +++ b/classes/module/ModuleHandler.class.php @@ -299,20 +299,20 @@ class ModuleHandler extends Handler $module_config = $oModuleModel->getModuleConfig('module'); if ($module_info->meta_keywords) { - Context::addMetaTag('keywords', escape($module_info->meta_keywords)); + Context::addMetaTag('keywords', $module_info->meta_keywords); } elseif($module_config->meta_keywords) { - Context::addMetaTag('keywords', escape($module_config->meta_keywords)); + Context::addMetaTag('keywords', $module_config->meta_keywords); } if ($module_info->meta_description) { - Context::addMetaTag('description', escape($module_info->meta_description)); + Context::addMetaTag('description', $module_info->meta_description); } elseif($module_config->meta_description) { - Context::addMetaTag('description', escape($module_config->meta_description)); + Context::addMetaTag('description', $module_config->meta_description); } $viewType = (Mobile::isFromMobilePhone()) ? 'M' : 'P'; diff --git a/modules/module/module.controller.php b/modules/module/module.controller.php index df378a023..791421440 100644 --- a/modules/module/module.controller.php +++ b/modules/module/module.controller.php @@ -1073,7 +1073,7 @@ class moduleController extends module { if($isReplaceLangCode) { - $output = preg_replace_callback('!\$user_lang->([a-z0-9\_]+)!is', array($this,'_replaceLangCode'), $output); + $output = preg_replace_callback('!\$user_lang-(?:>|&(?:amp;)?gt;)([a-z0-9\_]+)!is', array($this,'_replaceLangCode'), $output); } }