From 26dc75ff8301ebaa602e504bf84a2f4590ff773b Mon Sep 17 00:00:00 2001
From: Aricura <admin@aricura.com>
Date: Wed, 20 Aug 2014 16:38:43 +0000
Subject: [PATCH] - Bugfix: More security recognizing Footnotes on public pages
 (e.g. ignoring empty Footnote short codes)

git-svn-id: https://plugins.svn.wordpress.org/footnotes/trunk@969096 b8457f37-d9ea-0310-8a92-e5e31aec5664
---
 classes/task.php | 16 +++++++++-------
 readme.txt       |  4 ++++
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/classes/task.php b/classes/task.php
index 02377af..7b6a0a1 100644
--- a/classes/task.php
+++ b/classes/task.php
@@ -237,8 +237,7 @@ class MCI_Footnotes_Task {
 			$l_int_PosEnd = strpos($p_str_Content, $l_str_EndingTag, $l_int_PosStart);
 			// tag not found
 			if ($l_int_PosEnd === false) {
-				$l_int_PosStart++;
-				continue;
+				break;
 			}
 			// get length of footnote text
 			$l_int_Length = $l_int_PosEnd - $l_int_PosStart;
@@ -252,12 +251,15 @@ class MCI_Footnotes_Task {
 			$l_str_ReplaceText = preg_replace('@[\s]{2,}@',' ',$l_str_ReplaceText);
 			// replace footnote in content
 			$p_str_Content = substr_replace($p_str_Content, $l_str_ReplaceText, $l_int_PosStart, $l_int_Length + strlen($l_str_EndingTag));
-			// set footnote to the output box at the end
-			self::$a_arr_Footnotes[] = $l_str_FootnoteText;
-			// increase footnote index
-			$l_int_FootnoteIndex++;
+			// add footnote only if not empty
+			if (!empty($l_str_FootnoteText)) {
+				// set footnote to the output box at the end
+				self::$a_arr_Footnotes[] = $l_str_FootnoteText;
+				// increase footnote index
+				$l_int_FootnoteIndex++;
+			}
 			// add offset to the new starting position
-			$l_int_PosStart += ($l_int_PosEnd - $l_int_PosStart);
+			$l_int_PosStart += $l_int_Length + strlen($l_str_EndingTag);
 		} while (true);
 
 		// return content
diff --git a/readme.txt b/readme.txt
index a706309..52ad576 100755
--- a/readme.txt
+++ b/readme.txt
@@ -64,6 +64,10 @@ No, this Plugin has been written from scratch. Of course some inspirations on ho
 
 == Changelog ==
 
+= 1.3.2 =
+- Bugfix: More security recognizing Footnotes on public pages (e.g. ignoring empty Footnote short codes)
+- Bugfix: Clear old Footnotes before lookup new public page (only if no reference container displayed before)
+
 = 1.3.1 =
 - Bugfix: Allow settings to be empty
 - Bugfix: Removed space between the hyperlink and superscript in the footnotes index