| Index: trunk/extensions/SemanticForms/includes/SF_FormPrinter.inc |
| — | — | @@ -140,7 +140,7 @@ |
| 141 | 141 | // the parsing, so we have to assume that it will become a possibility |
| 142 | 142 | $form_is_partial = false; |
| 143 | 143 | $new_text = ""; |
| 144 | | - // flag for placing "<includeonly>" and "<noinclude>" tags in form output |
| | 144 | + // flag for placing "<onlyinclude>" tags in form output |
| 145 | 145 | $includeonly_free_text = false; |
| 146 | 146 | |
| 147 | 147 | // if we have existing content and we're not in an active replacement |
| — | — | @@ -578,7 +578,7 @@ |
| 579 | 579 | } else |
| 580 | 580 | $cur_value = ''; |
| 581 | 581 | if ($cur_value && ! is_array($cur_value)) { |
| 582 | | - $cur_value = str_replace('"', '"', $cur_value); |
| | 582 | + $cur_value = htmlspecialchars($cur_value); |
| 583 | 583 | } |
| 584 | 584 | |
| 585 | 585 | if ($cur_value == null) { |
| — | — | @@ -599,7 +599,7 @@ |
| 600 | 600 | } else |
| 601 | 601 | $cur_value = ''; |
| 602 | 602 | if ($cur_value) { |
| 603 | | - $cur_value = str_replace('"', '"', $cur_value); |
| | 603 | + $cur_value = htmlspecialchars($cur_value); |
| 604 | 604 | } |
| 605 | 605 | } |
| 606 | 606 | |
| — | — | @@ -750,7 +750,8 @@ |
| 751 | 751 | // form values, see if the current input is part of that formula, |
| 752 | 752 | // and if so, substitute in the actual value |
| 753 | 753 | if ($form_submitted && $generated_page_name != '') { |
| 754 | | - $generated_page_name = str_replace('.', '_', $generated_page_name); |
| | 754 | + // this line appears unnecessary |
| | 755 | + //$generated_page_name = str_replace('.', '_', $generated_page_name); |
| 755 | 756 | $generated_page_name = str_replace(' ', '_', $generated_page_name); |
| 756 | 757 | $escaped_input_name = str_replace(' ', '_', $input_name); |
| 757 | 758 | $generated_page_name = str_ireplace("<$escaped_input_name>", $cur_value_in_template, $generated_page_name); |
| — | — | @@ -977,10 +978,10 @@ |
| 978 | 979 | $form_is_partial = true; |
| 979 | 980 | // replacement pages may have minimal matches... |
| 980 | 981 | $source_page_matches_this_form = true; |
| 981 | | - } |
| 982 | | - elseif($tag == 'includeonly free text') { |
| 983 | | - $includeonly_free_text = true; |
| 984 | 982 | } |
| | 983 | + elseif($tag == 'includeonly free text' || $tag == 'onlyinclude free text') { |
| | 984 | + $onlyinclude_free_text = true; |
| | 985 | + } |
| 985 | 986 | } |
| 986 | 987 | $section = substr_replace($section, '', $brackets_loc, $brackets_end_loc + 3 - $brackets_loc); |
| 987 | 988 | // ===================================================== |
| — | — | @@ -1108,16 +1109,12 @@ |
| 1109 | 1110 | } else { |
| 1110 | 1111 | $free_text = null; |
| 1111 | 1112 | } |
| 1112 | | - // modify free text and data text to insert <noinclude> and <includeonly> |
| 1113 | | - // tags, if necessary |
| 1114 | | - if ($includeonly_free_text) { |
| 1115 | | - $free_text = str_replace("<noinclude>",'', $free_text); |
| 1116 | | - $free_text = str_replace("</noinclude>",'', $free_text); |
| 1117 | | - $free_text = str_replace("<includeonly>",'', $free_text); |
| 1118 | | - $free_text = str_replace("</includeonly>",'', $free_text); |
| | 1113 | + if ($onlyinclude_free_text) { |
| | 1114 | + // modify free text and data text to insert <onlyinclude> tags |
| | 1115 | + $free_text = str_replace("<onlyinclude>",'', $free_text); |
| | 1116 | + $free_text = str_replace("</onlyinclude>",'', $free_text); |
| 1119 | 1117 | $free_text = trim($free_text); |
| 1120 | | - $data_text = str_replace('<free_text>','</noinclude><includeonly><free_text></includeonly><noinclude>', $data_text); |
| 1121 | | - $data_text = "<noinclude>".$data_text."</noinclude>"; |
| | 1118 | + $data_text = str_replace('<free_text>','<onlyinclude><free_text></onlyinclude>', $data_text); |
| 1122 | 1119 | } |
| 1123 | 1120 | // if the FCKeditor extension is installed, use that for the free text input |
| 1124 | 1121 | global $wgFCKEditorDir; |