|
@@ -267,7 +267,10 @@ function un_preparsecode($message)
|
|
|
// If $i is a multiple of four (0, 4, 8, ...) then it's not a code section...
|
|
|
if ($i % 4 == 0)
|
|
|
{
|
|
|
- $parts[$i] = preg_replace_callback('~\[html\](.+?)\[/html\]~i', create_function('$m', 'return "[html]" . strtr(htmlspecialchars("$m[1]", ENT_QUOTES), array("\\"" => """, "&#13;" => "<br />", "&#32;" => " ", "&#91;" => "[", "&#93;" => "]")) . "[/html]";'), $parts[$i]);
|
|
|
+ $parts[$i] = preg_replace_callback('~\[html\](.+?)\[/html\]~i', create_function('$m', '
|
|
|
+ global $smcFunc;
|
|
|
+
|
|
|
+ return "[html]" . strtr($smcFunc[\'htmlspecialchars\']("$m[1]", ENT_QUOTES), array("\\"" => """, "&#13;" => "<br />", "&#32;" => " ", "&#91;" => "[", "&#93;" => "]")) . "[/html]";'), $parts[$i]);
|
|
|
|
|
|
// Attempt to un-parse the time to something less awful.
|
|
|
$parts[$i] = preg_replace_callback('~\[time\](\d{0,10})\[/time\]~i', create_function('$m', ' return "[time]" . timeformat("$m[1]", false) . "[/time]";'), $parts[$i]);
|
|
@@ -1120,7 +1123,7 @@ function sendpm($recipients, $subject, $message, $store_outbox = false, $from =
|
|
|
if (empty($modSettings['disallow_sendBody']))
|
|
|
{
|
|
|
censorText($message);
|
|
|
- $message = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc(htmlspecialchars($message), false), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '[' => '[', ']' => ']')))));
|
|
|
+ $message = trim(un_htmlspecialchars(strip_tags(strtr(parse_bbc($smcFunc['htmlspecialchars']($message), false), array('<br />' => "\n", '</div>' => "\n", '</li>' => "\n", '[' => '[', ']' => ']')))));
|
|
|
}
|
|
|
else
|
|
|
$message = '';
|