From 25941e626b65d0b12fd604d77aa04dedfd136d85 Mon Sep 17 00:00:00 2001 From: Michel Fortin Date: Thu, 5 Jun 2008 23:07:43 -0400 Subject: [PATCH] Fix for unencoded " in footnote ids. --- PHP Markdown Extra Readme.text | 5 ++++- markdown.php | 7 +++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/PHP Markdown Extra Readme.text b/PHP Markdown Extra Readme.text index 4efe54a..1a749c9 100644 --- a/PHP Markdown Extra Readme.text +++ b/PHP Markdown Extra Readme.text @@ -207,7 +207,10 @@ Version History Current Extra: * Fixed a bug where characters such as `"` in abbreviation - definitions weren't properly escaped in the generated HTML. + definitions weren't properly encoded to HTML entities. + +* Fixed a bug where double quotes `"` were not correctly encoded + as HTML entities when used inside a footnote reference id. Extra 1.2.1 (27 May 2008): diff --git a/markdown.php b/markdown.php index 609b29f..918e1f1 100644 --- a/markdown.php +++ b/markdown.php @@ -2588,10 +2588,11 @@ class MarkdownExtra_Parser extends Markdown_Parser { $footnote = preg_replace_callback('{F\x1Afn:(.*?)\x1A:}', array(&$this, '_appendFootnotes_callback'), $footnote); - $attr2 = str_replace("%%", ++$num, $attr); + $attr = str_replace("%%", ++$num, $attr); + $note_id = $this->encodeAttribute($note_id); # Add backlink to last paragraph; create new paragraph if needed. - $backlink = ""; + $backlink = ""; if (preg_match('{

$}', $footnote)) { $footnote = substr($footnote, 0, -4) . " $backlink

"; } else { @@ -2630,7 +2631,9 @@ class MarkdownExtra_Parser extends Markdown_Parser { $title = $this->encodeAttribute($title); $attr .= " title=\"$title\""; } + $attr = str_replace("%%", $num, $attr); + $node_id = $this->encodeAttribute($node_id); return "".