From 5205a374eed94cb378ceceba0bbbfb0fb27bbd65 Mon Sep 17 00:00:00 2001
From: friendica <info@friendica.com>
Date: Tue, 26 Feb 2013 17:33:18 -0800
Subject: [PATCH] block injection vector

---
 boot.php           |  2 +-
 include/bbcode.php | 18 +++++++++---------
 util/messages.po   | 12 ++++++------
 3 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/boot.php b/boot.php
index bb721530..54e3ec91 100644
--- a/boot.php
+++ b/boot.php
@@ -12,7 +12,7 @@ require_once('library/Mobile_Detect/Mobile_Detect.php');
 require_once('include/features.php');
 
 define ( 'FRIENDICA_PLATFORM',     'Friendica');
-define ( 'FRIENDICA_VERSION',      '3.1.1619' );
+define ( 'FRIENDICA_VERSION',      '3.1.1623' );
 define ( 'DFRN_PROTOCOL_VERSION',  '2.23'    );
 define ( 'DB_UPDATE_VERSION',      1163      );
 define ( 'EOL',                    "<br />\r\n"     );
diff --git a/include/bbcode.php b/include/bbcode.php
index a587d8c3..d9a1192d 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -652,20 +652,20 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true, $simplehtml = fal
 	// Only do it when it has to be done - for performance reasons
 	// Update: Now it is done every time - since bad structured html can break a whole page
 	//if (!$tryoembed) {
-		$doc = new DOMDocument();
-		$doc->preserveWhiteSpace = false;
+//		$doc = new DOMDocument();
+//		$doc->preserveWhiteSpace = false;
 
-		$Text = mb_convert_encoding($Text, 'HTML-ENTITIES', "UTF-8");
+//		$Text = mb_convert_encoding($Text, 'HTML-ENTITIES', "UTF-8");
 
-		$doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">';
-		@$doc->loadHTML($doctype."<html><body>".$Text."</body></html>");
+//		$doctype = '<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">';
+//		@$doc->loadHTML($doctype."<html><body>".$Text."</body></html>");
 
-		$Text = $doc->saveHTML();
-		$Text = str_replace(array("<html><body>", "</body></html>", $doctype), array("", "", ""), $Text);
+//		$Text = $doc->saveHTML();
+//		$Text = str_replace(array("<html><body>", "</body></html>", $doctype), array("", "", ""), $Text);
 
-		$Text = str_replace('<br></li>','</li>', $Text);
+//		$Text = str_replace('<br></li>','</li>', $Text);
 
-		$Text = mb_convert_encoding($Text, "UTF-8", 'HTML-ENTITIES');
+//		$Text = mb_convert_encoding($Text, "UTF-8", 'HTML-ENTITIES');
 	//}
 
 	call_hooks('bbcode',$Text);
diff --git a/util/messages.po b/util/messages.po
index 53e251a2..da69e320 100644
--- a/util/messages.po
+++ b/util/messages.po
@@ -6,9 +6,9 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: 3.1.1619\n"
+"Project-Id-Version: 3.1.1623\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2013-02-22 00:00-0800\n"
+"POT-Creation-Date: 2013-02-26 00:00-0800\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -9839,6 +9839,10 @@ msgstr ""
 msgid "Textareas font size"
 msgstr ""
 
+#: ../../index.php:400
+msgid "toggle mobile"
+msgstr ""
+
 #: ../../boot.php:650
 msgid "Delete this item?"
 msgstr ""
@@ -9960,7 +9964,3 @@ msgstr ""
 #: ../../boot.php:1895
 msgid "Only You Can See This"
 msgstr ""
-
-#: ../../index.php:400
-msgid "toggle mobile"
-msgstr ""