CRM-18953 - Better cleanup of news widget markup

author Coleman Watts <coleman@civicrm.org>

Wed, 19 Oct 2016 00:13:55 +0000 (20:13 -0400)

committer Coleman Watts <coleman@civicrm.org>

Wed, 19 Oct 2016 00:13:55 +0000 (20:13 -0400)
author Coleman Watts <coleman@civicrm.org>
Wed, 19 Oct 2016 00:13:55 +0000 (20:13 -0400)
committer Coleman Watts <coleman@civicrm.org>
Wed, 19 Oct 2016 00:13:55 +0000 (20:13 -0400)
diff --git a/CRM/Dashlet/Page/Blog.php b/CRM/Dashlet/Page/Blog.php

index 28d0786c01e4ee2f3ff5a9690c49c2647fd16617..9b8b821c07ac1d875ec02e0d47f8ace7322555c5 100644 (file)
--- a/CRM/Dashlet/Page/Blog.php
+++ b/CRM/Dashlet/Page/Blog.php
@@ -142,9 +142,10 @@ class CRM_Dashlet_Page_Blog extends CRM_Core_Page {
          foreach ($channel->item as $item) {
            $item = (array) $item;
            $item['title'] = strip_tags($item['title']);
-          // Clean up description - remove tags that would break dashboard layout
+          // Clean up description - remove tags & styles that would break dashboard layout
            $description = preg_replace('#<h[1-3][^>]*>(.+?)</h[1-3][^>]*>#s', '<h4>$1</h4>', $item['description']);
-          $description = strip_tags($description, "<a><p><h4><h5><h6><b><i><em><strong><ol><ul><li><dd><dt><code><pre><br/>");
+          $description = strip_tags($description, "<a><p><h4><h5><h6><b><i><em><strong><ol><ul><li><dd><dt><code><pre><br><hr>");
+          $description = preg_replace('/(<[^>]+) style=["\'].*?["\']/i', '$1', $description);
            // Add paragraph markup if it's missing.
            if (strpos($description, '<p') === FALSE) {
              $description = '<p>' . $description . '</p>';
author	Coleman Watts <coleman@civicrm.org>
	Wed, 19 Oct 2016 00:13:55 +0000 (20:13 -0400)
committer	Coleman Watts <coleman@civicrm.org>
	Wed, 19 Oct 2016 00:13:55 +0000 (20:13 -0400)