From 510dacf4df0c709ccd3b83d1467f0908fe7b62f6 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sat, 7 May 2022 22:19:11 -0400 Subject: [PATCH] Escape BBCode tag parsing avoidance tags when processing abstracts - Improve documentation for related methods --- src/Content/Text/BBCode.php | 40 ++++++++++++++++++------------------- src/Util/Strings.php | 3 +-- 2 files changed, 20 insertions(+), 23 deletions(-) diff --git a/src/Content/Text/BBCode.php b/src/Content/Text/BBCode.php index c9a1bfe052..4f7ff1f241 100644 --- a/src/Content/Text/BBCode.php +++ b/src/Content/Text/BBCode.php @@ -2086,11 +2086,15 @@ class BBCode * @param string $text The text with BBCode * @return string The same text - but without "abstract" element */ - public static function stripAbstract($text) + public static function stripAbstract(string $text): string { DI::profiler()->startRecording('rendering'); - $text = preg_replace("/[\s|\n]*\[abstract\].*?\[\/abstract\][\s|\n]*/ism", ' ', $text); - $text = preg_replace("/[\s|\n]*\[abstract=.*?\].*?\[\/abstract][\s|\n]*/ism", ' ', $text); + + $text = BBCode::performWithEscapedTags($text, ['code', 'noparse', 'nobb', 'pre'], function ($text) { + $text = preg_replace("/[\s|\n]*\[abstract\].*?\[\/abstract\][\s|\n]*/ism", ' ', $text); + $text = preg_replace("/[\s|\n]*\[abstract=.*?\].*?\[\/abstract][\s|\n]*/ism", ' ', $text); + return $text; + }); DI::profiler()->stopRecording(); return $text; @@ -2099,30 +2103,26 @@ class BBCode /** * Returns the value of the "abstract" element * - * @param string $text The text that maybe contains the element + * @param string $text The text that maybe contains the element * @param string $addon The addon for which the abstract is meant for * @return string The abstract */ - public static function getAbstract($text, $addon = '') + public static function getAbstract(string $text, string $addon = ''): string { DI::profiler()->startRecording('rendering'); - $abstract = ''; - $abstracts = []; $addon = strtolower($addon); - if (preg_match_all("/\[abstract=(.*?)\](.*?)\[\/abstract\]/ism", $text, $results, PREG_SET_ORDER)) { - foreach ($results as $result) { - $abstracts[strtolower($result[1])] = $result[2]; + $abstract = BBCode::performWithEscapedTags($text, ['code', 'noparse', 'nobb', 'pre'], function ($text) use ($addon) { + if ($addon && preg_match('#\[abstract=' . preg_quote($addon, '#') . '](.*?)\[/abstract]#ism', $text, $matches)) { + return $matches[1]; } - } - if (isset($abstracts[$addon])) { - $abstract = $abstracts[$addon]; - } + if (preg_match("#\[abstract](.*?)\[/abstract]#ism", $text, $matches)) { + return $matches[1]; + } - if ($abstract == '' && preg_match("/\[abstract\](.*?)\[\/abstract\]/ism", $text, $result)) { - $abstract = $result[1]; - } + return ''; + }); DI::profiler()->stopRecording(); return $abstract; @@ -2337,11 +2337,9 @@ class BBCode * @param array $tagList A list of tag names, e.g ['noparse', 'nobb', 'pre'] * @param callable $callback * @return string - * @throws Exception - *@see Strings::performWithEscapedBlocks - * + * @see Strings::performWithEscapedBlocks */ - public static function performWithEscapedTags(string $text, array $tagList, callable $callback) + public static function performWithEscapedTags(string $text, array $tagList, callable $callback): string { $tagList = array_map('preg_quote', $tagList); diff --git a/src/Util/Strings.php b/src/Util/Strings.php index 3870074e1a..8666d30c18 100644 --- a/src/Util/Strings.php +++ b/src/Util/Strings.php @@ -485,9 +485,8 @@ class Strings * @param string $regex * @param callable $callback * @return string - * @throws \Exception */ - public static function performWithEscapedBlocks(string $text, string $regex, callable $callback) + public static function performWithEscapedBlocks(string $text, string $regex, callable $callback): string { // Enables nested use $executionId = random_int(PHP_INT_MAX / 10, PHP_INT_MAX);