Protect code HTML

Author: akirk

includes/class-hashtag.php

@@ -20,7 +20,7 @@ public static function init() {
 	/**
 	 * Filter to save #tags as real WordPress tags
 	 *
-	 * @param int $id the rev-id
+	 * @param int     $id the rev-id
 	 * @param WP_Post $post the post
 	 *
 	 * @return
@@ -44,6 +44,16 @@ public static function insert_post( $id, $post ) {
 	 */
 	public static function the_content( $the_content ) {
 		$protected_tags = array();
+		$the_content = preg_replace_callback(
+			'#<(code|textarea|style)\b[^>]*>.*?</\1[^>]*>#i',
+			function( $m ) use ( &$protected_tags ) {
+				$c = count( $protected_tags );
+				$protect = '!#!#PROTECT' . $c . '#!#!';
+				$protected_tags[ $protect ] = $m[0];
+				return $protect;
+			},
+			$the_content
+		);
 		$the_content = preg_replace_callback(
 			'#<[^>]+>#i',
 			function( $m ) use ( &$protected_tags ) {

includes/class-mention.php

@@ -24,6 +24,16 @@ public static function init() {
 	 */
 	public static function the_content( $the_content ) {
 		$protected_tags = array();
+		$the_content = preg_replace_callback(
+			'#<(code|textarea|style)\b[^>]*>.*?</\1[^>]*>#i',
+			function( $m ) use ( &$protected_tags ) {
+				$c = count( $protected_tags );
+				$protect = '!#!#PROTECT' . $c . '#!#!';
+				$protected_tags[ $protect ] = $m[0];
+				return $protect;
+			},
+			$the_content
+		);
 		$the_content = preg_replace_callback(
 			'#<a.*?href=[^>]+>.*?</a>#i',
 			function( $m ) use ( &$protected_tags ) {
@@ -68,7 +78,7 @@ public static function replace_with_links( $result ) {
 	/**
 	 * Extract the mentions from the post_content.
 	 *
-	 * @param array $mentions The already found mentions.
+	 * @param array  $mentions The already found mentions.
 	 * @param string $post_content The post content.
 	 * @return mixed The discovered mentions.
 	 */

tests/test-class-activitypub-hashtag.php

@@ -5,6 +5,7 @@ class Test_Activitypub_Hashtag extends WP_UnitTestCase {
 	 */
 	public function test_the_content( $content, $content_with_hashtag ) {
 		\wp_create_term( 'object', 'post_tag' );
+		\wp_create_term( 'ccc', 'post_tag' );
 		$object = \get_term_by( 'name', 'object', 'post_tag' );
 		$link = \get_term_link( $object, 'post_tag' );
 
@@ -14,6 +15,15 @@ public function test_the_content( $content, $content_with_hashtag ) {
 	}
 
 	public function the_content_provider() {
+		$code = '<code>text with some #object and <a> tag inside</code>';
+		$style = <<<ENDSTYLE
+<style type="text/css">
+<![[
+color: #ccc;
+]]>
+</style>
+ENDSTYLE;
+		$textarea = '<textarea name="test" rows="20">color: #ccc</textarea>';
 		return array(
 			array( 'test', 'test' ),
 			array( '#test', '#test' ),
@@ -27,6 +37,9 @@ public function the_content_provider() {
 			array( '<div>#object</div>', '<div>#object</div>' ),
 			array( '<a>#object</a>', '<a>#object</a>' ),
 			array( '<div style="color: #ccc;">object</a>', '<div style="color: #ccc;">object</a>' ),
+			array( $code, $code ),
+			array( $style, $style ),
+			array( $textarea, $textarea ),
 		);
 	}
 }

tests/test-class-activitypub-mention.php

@@ -2,8 +2,8 @@
 class Test_Activitypub_Mention extends ActivityPub_TestCase_Cache_HTTP {
 	public static $users = array(
 		'[email protected]' => array(
-			'url' => 'https://example.org/users/username',
-			'name'  => 'username',
+			'url'  => 'https://example.org/users/username',
+			'name' => 'username',
 		),
 	);
 	/**
@@ -18,12 +18,14 @@ public function test_the_content( $content, $content_with_mention ) {
 	}
 
 	public function the_content_provider() {
+		$code = 'hallo <code>@[email protected]</code> test';
 		return array(
 			array( 'hallo @[email protected] test', 'hallo <a rel="mention" class="u-url mention" href="https://example.org/users/username">@<span>username</span></a> test' ),
 			array( 'hallo @[email protected] test', 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@<span>pfefferle</span></a> test' ),
 			array( 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@<span>pfefferle</span>@notiz.blog</a> test', 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@<span>pfefferle</span>@notiz.blog</a> test' ),
 			array( 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@[email protected]</a> test', 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/author/matthias-pfefferle/">@[email protected]</a> test' ),
 			array( 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/@pfefferle/">@[email protected]</a> test', 'hallo <a rel="mention" class="u-url mention" href="https://notiz.blog/@pfefferle/">@[email protected]</a> test' ),
+			array( $code, $code ),
 		);
 	}