Merge pull request #263 from pfefferle/protect-code-html

includes/class-hashtag.php

@@ -44,20 +44,31 @@ class Hashtag {
 	 */
 	public static function the_content( $the_content ) {
 		$protected_tags = array();
-		$the_content = preg_replace_callback(
+		$protect = function( $m ) use ( &$protected_tags ) {
-			'#<[^>]+>#i',
-			function( $m ) use ( &$protected_tags ) {
 			$c = count( $protected_tags );
 			$protect = '!#!#PROTECT' . $c . '#!#!';
 			$protected_tags[ $protect ] = $m[0];
 			return $protect;
-			},
+		};
+		$the_content = preg_replace_callback(
+			'#<!\[CDATA\[.*?\]\]>#is',
+			$protect,
+			$the_content
+		);
+		$the_content = preg_replace_callback(
+			'#<(pre|code|textarea|style)\b[^>]*>.*?</\1[^>]*>#is',
+			$protect,
+			$the_content
+		);
+		$the_content = preg_replace_callback(
+			'#<[^>]+>#i',
+			$protect,
 			$the_content
 		);
 
 		$the_content = \preg_replace_callback( '/' . ACTIVITYPUB_HASHTAGS_REGEXP . '/i', array( '\Activitypub\Hashtag', 'replace_with_links' ), $the_content );
 
-		$the_content = str_replace( array_keys( $protected_tags ), array_values( $protected_tags ), $the_content );
+		$the_content = str_replace( array_reverse( array_keys( $protected_tags ) ), array_reverse( array_values( $protected_tags ) ), $the_content );
 
 		return $the_content;
 	}

includes/class-mention.php

@@ -24,20 +24,31 @@ class Mention {
 	 */
 	public static function the_content( $the_content ) {
 		$protected_tags = array();
-		$the_content = preg_replace_callback(
+		$protect = function( $m ) use ( &$protected_tags ) {
-			'#<a.*?href=[^>]+>.*?</a>#i',
-			function( $m ) use ( &$protected_tags ) {
 			$c = count( $protected_tags );
 			$protect = '!#!#PROTECT' . $c . '#!#!';
 			$protected_tags[ $protect ] = $m[0];
 			return $protect;
-			},
+		};
+		$the_content = preg_replace_callback(
+			'#<!\[CDATA\[.*?\]\]>#is',
+			$protect,
+			$the_content
+		);
+		$the_content = preg_replace_callback(
+			'#<(pre|code|textarea|style)\b[^>]*>.*?</\1[^>]*>#is',
+			$protect,
+			$the_content
+		);
+		$the_content = preg_replace_callback(
+			'#<a.*?href=[^>]+>.*?</a>#i',
+			$protect,
 			$the_content
 		);
 
 		$the_content = \preg_replace_callback( '/@' . ACTIVITYPUB_USERNAME_REGEXP . '/', array( '\Activitypub\Mention', 'replace_with_links' ), $the_content );
 
-		$the_content = str_replace( array_keys( $protected_tags ), array_values( $protected_tags ), $the_content );
+		$the_content = str_replace( array_reverse( array_keys( $protected_tags ) ), array_reverse( array_values( $protected_tags ) ), $the_content );
 
 		return $the_content;
 	}

tests/test-class-activitypub-hashtag.php

@@ -5,6 +5,8 @@ class Test_Activitypub_Hashtag extends WP_UnitTestCase {
 	 */
 	public function test_the_content( $content, $content_with_hashtag ) {
 		\wp_create_term( 'object', 'post_tag' );
+		\wp_create_term( 'touch', 'post_tag' );
+		\wp_create_term( 'ccc', 'post_tag' );
 		$object = \get_term_by( 'name', 'object', 'post_tag' );
 		$link = \get_term_link( $object, 'post_tag' );
 
@@ -14,6 +16,21 @@ class Test_Activitypub_Hashtag extends WP_UnitTestCase {
 	}
 
 	public function the_content_provider() {
+		$code = '<code>text with some #object and <a> tag inside</code>';
+		$style = <<<ENDSTYLE
+<style type="text/css">
+<![CDATA[
+color: #ccc;
+]]>
+</style>
+ENDSTYLE;
+		$pre = <<<ENDPRE
+<pre>
+Please don't #touch
+  this.
+</pre>
+ENDPRE;
+		$textarea = '<textarea name="test" rows="20">color: #ccc</textarea>';
 		return array(
 			array( 'test', 'test' ),
 			array( '#test', '#test' ),
@@ -27,6 +44,10 @@ class Test_Activitypub_Hashtag extends WP_UnitTestCase {
 			array( '<div>#object</div>', '<div>#object</div>' ),
 			array( '<a>#object</a>', '<a>#object</a>' ),
 			array( '<div style="color: #ccc;">object</a>', '<div style="color: #ccc;">object</a>' ),
+			array( $code, $code ),
+			array( $style, $style ),
+			array( $textarea, $textarea ),
+			array( $pre, $pre ),
 		);
 	}
 }

tests/test-class-activitypub-mention.php

@@ -18,12 +18,21 @@ class Test_Activitypub_Mention extends ActivityPub_TestCase_Cache_HTTP {
 	}
 
 	public function the_content_provider() {
+		$code = 'hallo <code>@username@example.org</code> test';
+		$pre = <<<ENDPRE
+<pre>
+Please don't mention @username@example.org
+  here.
+</pre>
+ENDPRE;
 		return array(
 			array( 'hallo @username@example.org test', 'hallo <a rel="mention" class="u-url mention" href="https://example.org/users/username">@<span>username</span></a> test' ),
 			array( 'hallo @pfefferle@notiz.blog test', 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@<span>pfefferle</span></a> test' ),
 			array( 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@<span>pfefferle</span>@notiz.blog</a> test', 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@<span>pfefferle</span>@notiz.blog</a> test' ),
 			array( 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@pfefferle@notiz.blog</a> test', 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@pfefferle@notiz.blog</a> test' ),
 			array( 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/@pfefferle/">@pfefferle@notiz.blog</a> test', 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/@pfefferle/">@pfefferle@notiz.blog</a> test' ),
+			array( $code, $code ),
+			array( $pre, $pre ),
 		);
 	}