- Bugfix: More security recognizing Footnotes on public pages (e.g. ignoring empty Footnote short codes)

git-svn-id: https://plugins.svn.wordpress.org/footnotes/trunk@969096 b8457f37-d9ea-0310-8a92-e5e31aec5664
This commit is contained in:
Aricura 2014-08-20 16:38:43 +00:00
parent fbda02957a
commit 26dc75ff83
2 changed files with 13 additions and 7 deletions

View file

@ -237,8 +237,7 @@ class MCI_Footnotes_Task {
$l_int_PosEnd = strpos($p_str_Content, $l_str_EndingTag, $l_int_PosStart); $l_int_PosEnd = strpos($p_str_Content, $l_str_EndingTag, $l_int_PosStart);
// tag not found // tag not found
if ($l_int_PosEnd === false) { if ($l_int_PosEnd === false) {
$l_int_PosStart++; break;
continue;
} }
// get length of footnote text // get length of footnote text
$l_int_Length = $l_int_PosEnd - $l_int_PosStart; $l_int_Length = $l_int_PosEnd - $l_int_PosStart;
@ -252,12 +251,15 @@ class MCI_Footnotes_Task {
$l_str_ReplaceText = preg_replace('@[\s]{2,}@',' ',$l_str_ReplaceText); $l_str_ReplaceText = preg_replace('@[\s]{2,}@',' ',$l_str_ReplaceText);
// replace footnote in content // replace footnote in content
$p_str_Content = substr_replace($p_str_Content, $l_str_ReplaceText, $l_int_PosStart, $l_int_Length + strlen($l_str_EndingTag)); $p_str_Content = substr_replace($p_str_Content, $l_str_ReplaceText, $l_int_PosStart, $l_int_Length + strlen($l_str_EndingTag));
// add footnote only if not empty
if (!empty($l_str_FootnoteText)) {
// set footnote to the output box at the end // set footnote to the output box at the end
self::$a_arr_Footnotes[] = $l_str_FootnoteText; self::$a_arr_Footnotes[] = $l_str_FootnoteText;
// increase footnote index // increase footnote index
$l_int_FootnoteIndex++; $l_int_FootnoteIndex++;
}
// add offset to the new starting position // add offset to the new starting position
$l_int_PosStart += ($l_int_PosEnd - $l_int_PosStart); $l_int_PosStart += $l_int_Length + strlen($l_str_EndingTag);
} while (true); } while (true);
// return content // return content

View file

@ -64,6 +64,10 @@ No, this Plugin has been written from scratch. Of course some inspirations on ho
== Changelog == == Changelog ==
= 1.3.2 =
- Bugfix: More security recognizing Footnotes on public pages (e.g. ignoring empty Footnote short codes)
- Bugfix: Clear old Footnotes before lookup new public page (only if no reference container displayed before)
= 1.3.1 = = 1.3.1 =
- Bugfix: Allow settings to be empty - Bugfix: Allow settings to be empty
- Bugfix: Removed space between the hyperlink and superscript in the footnotes index - Bugfix: Removed space between the hyperlink and superscript in the footnotes index