widget/reply: formatting syntax for <links>

[minimedit.git] / upload.inc.php

diff --git a/upload.inc.php b/upload.inc.php
index 10881a24a0f9317216339e0b88dc65232afc0207..86af6049dd49a6fff720deb77c7a1d76afc91dee 100644 (file)
--- a/upload.inc.php
+++ b/upload.inc.php
@@ -51,10 +51,16 @@ function messagehtml($input)
        if ($User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
                return $input;  # allow html input as is if privileged
        }
-       $html = preg_replace(
-               ["/\r\n?/", "/  +\n/", "/\n/",      '/\b_(\w+)_\b/'],
-               ["\n",      "<br />",  "</p>\n<p>", '<em>$1</em>'  ],
-               htmlspecialchars($input)
-       );
+       $markup = [
+               '{&lt;((?:\w+:|/).+?)&gt;}'    => '<$1>',                # unescape link entities
+               '{<(?:https?://)?([^>\s|]+)>}' => '<$1 $1>',             # unnamed link
+               '{<([^>\s|]+)[\s|]([^>]+)>}'   => '<a href="$1">$2</a>', # hyperlink
+               "/\r\n?/" => "\n",        # unix newlines
+               "/  +\n/" => "<br />",    # trailing spaces for hard line break
+               "/\n/"    => "</p>\n<p>", # newlines start paragraphs
+               '/\b_(\w+)_\b/'   => '<em>$1</em>',         # italic
+               '/\b\*(\w+)\*\b/' => '<strong>$1</strong>', # bold
+       ];
+       $html = preg_replace(array_keys($markup), array_values($markup), htmlspecialchars($input));
        return "<p>$html</p>";
 }