diff options
author | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-11-24 12:23:38 +0100 |
---|---|---|
committer | Bernhard Posselt <dev@bernhard-posselt.com> | 2014-11-24 12:23:38 +0100 |
commit | 886647d1caf7181e947a2e771600d1addfaf53ac (patch) | |
tree | 8f821a5baa0837eaa34ebb2a180357440867bf1b /articleenhancer | |
parent | 7025965caaa5eef6f7e6c0e0df89eff453691367 (diff) |
update zendxml
Diffstat (limited to 'articleenhancer')
-rw-r--r-- | articleenhancer/globalarticleenhancer.php | 7 | ||||
-rw-r--r-- | articleenhancer/xpatharticleenhancer.php | 20 |
2 files changed, 13 insertions, 14 deletions
diff --git a/articleenhancer/globalarticleenhancer.php b/articleenhancer/globalarticleenhancer.php index 4c01a238c..1939ca41c 100644 --- a/articleenhancer/globalarticleenhancer.php +++ b/articleenhancer/globalarticleenhancer.php @@ -32,10 +32,9 @@ class GlobalArticleEnhancer implements ArticleEnhancer { // inside <p> tags $body = '<div>' . $item->getBody() . '</div>'; - Security::scan($body, $dom, function ($xml, $dom) { - return @$dom->loadHTML($xml, LIBXML_HTML_NOIMPLIED - | LIBXML_HTML_NODEFDTD | LIBXML_NONET); - }); + $isOk = Security::scanHtml( + $body, $dom, LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD + ); $xpath = new \DOMXpath($dom); diff --git a/articleenhancer/xpatharticleenhancer.php b/articleenhancer/xpatharticleenhancer.php index 871752856..aa94eec54 100644 --- a/articleenhancer/xpatharticleenhancer.php +++ b/articleenhancer/xpatharticleenhancer.php @@ -70,9 +70,7 @@ class XPathArticleEnhancer implements ArticleEnhancer { $dom = new DOMDocument(); - Security::scan($body, $dom, function ($xml, $dom) { - return @$dom->loadHTML($xml, LIBXML_NONET); - }); + $isOk = Security::scanHtml($body, $dom); $xpath = new DOMXpath($dom); $xpathResult = $xpath->evaluate($search); @@ -121,14 +119,16 @@ class XPathArticleEnhancer implements ArticleEnhancer { $dom = new DOMDocument(); $dom->preserveWhiteSpace = false; - $isOk = Security::scan($xmlString, $dom, function ($xml, $dom) { - // wrap in div to prevent loadHTML from inserting weird elements - $xml = '<div>' . $xml . '</div>'; - return @$dom->loadHTML($xml, LIBXML_NONET | LIBXML_HTML_NODEFDTD - | LIBXML_HTML_NOIMPLIED); - }); + if($xmlString === '') { + return false; + } + + $xmlString = '<div>' . $xmlString . '</div>'; + $isOk = Security::scanHtml( + $xmlString, $dom, LIBXML_HTML_NOIMPLIED | LIBXML_HTML_NODEFDTD + ); - if($xmlString === '' || !$isOk) { + if(!$isOk) { return false; } |