X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=www%2Fplugins-dist%2Fsafehtml%2Flib%2Fsafehtml%2Fclasses%2Fsafehtml.php;fp=www%2Fplugins-dist%2Fsafehtml%2Flib%2Fsafehtml%2Fclasses%2Fsafehtml.php;h=e2d4026173ed579b743307c8eb83a2dbf07a0aad;hb=122c920eb07e3f665789f8734965b576e6c25515;hp=837f013ae1f09e181265223a0f2a1239779691e6;hpb=226942065cd4f604eb464addf45a065c9e5bc916;p=lhc%2Fweb%2Fwww.git

diff --git a/www/plugins-dist/safehtml/lib/safehtml/classes/safehtml.php b/www/plugins-dist/safehtml/lib/safehtml/classes/safehtml.php
index 837f013a..e2d40261 100755
--- a/www/plugins-dist/safehtml/lib/safehtml/classes/safehtml.php
+++ b/www/plugins-dist/safehtml/lib/safehtml/classes/safehtml.php
@@ -109,7 +109,7 @@ class SafeHTML
   return true;
  }
 
- function _writeAttrs ($attrs) 
+ function _writeAttrs ($attrs,$tag=null) 
  {
   if (is_array($attrs)) {
    foreach ($attrs as $name => $value) {
@@ -122,7 +122,7 @@ class SafeHTML
     if (strpos($name, 'data') === 0) {
      continue;
     }
-    if (in_array($name, $this->attributes)) {
+    if ($tag !='a' AND in_array($name, $this->attributes)) {
      continue;
     }
     if (!preg_match("/^[a-z0-9-]+$/i", $name)) {
@@ -165,8 +165,8 @@ class SafeHTML
        }
     }
 
-    $tempval = preg_replace('/&#(\d+);?/me', "chr('\\1')", $value); //"'
-    $tempval = preg_replace('/&#x([0-9a-f]+);?/mei', "chr(hexdec('\\1'))", $tempval);
+    $tempval = preg_replace_callback('/&#(\d+);?/m', create_function('$m', 'return chr($m[1]);'), $value); 
+    $tempval = preg_replace_callback('/&#x([0-9a-f]+);?/mi', create_function('$m', 'return chr(hexdec($m[1]));'), $tempval);
 
     if ((in_array($name, $this->protocolAttributes)) && 
      (strpos($tempval, ':') !== false)) 
@@ -249,7 +249,7 @@ class SafeHTML
   }
    
   $this->_xhtml .= '<' . $name;
-  $this->_writeAttrs($attrs);
+  $this->_writeAttrs($attrs,$name);
   $this->_xhtml .= '>';
   array_push($this->_stack,$name);
   $this->_counter[$name] = isset($this->_counter[$name]) ? $this->_counter[$name]+1 : 1;