diff --git a/htdocs/core/class/doleditor.class.php b/htdocs/core/class/doleditor.class.php index 6dc726b084e..f748af42614 100644 --- a/htdocs/core/class/doleditor.class.php +++ b/htdocs/core/class/doleditor.class.php @@ -43,6 +43,7 @@ class DolEditor var $height; var $width; var $readonly; + var $allowed_content; /** @@ -62,8 +63,9 @@ class DolEditor * @param int $rows Size of rows for textarea tool * @param int $cols Size of cols for textarea tool (textarea number of cols or %) * @param int $readonly 0=Read/Edit, 1=Read only + * @param int $allowed_content 0=filter input text, 1=render as it is */ - function __construct($htmlname,$content,$width='',$height=200,$toolbarname='Basic',$toolbarlocation='In',$toolbarstartexpanded=false,$uselocalbrowser=true,$okforextendededitor=true,$rows=0,$cols=0,$readonly=0) + function __construct($htmlname,$content,$width='',$height=200,$toolbarname='Basic',$toolbarlocation='In',$toolbarstartexpanded=false,$uselocalbrowser=true,$okforextendededitor=true,$rows=0,$cols=0,$readonly=0,$allowed_content=0) { global $conf,$langs; @@ -132,6 +134,7 @@ class DolEditor $this->cols = (preg_match('/%/',$cols)?$cols:max(40,$cols)); // If $cols is a percent, we keep it, otherwise, we take max $this->height = $height; $this->width = $width; + $this->allowed_content = $allowed_content; } } @@ -181,6 +184,7 @@ class DolEditor { /* property:xxx is same than CKEDITOR.config.property = xxx */ customConfig : ckeditorConfig, + allowedContent :'.($this->allowed_content?'true':'false').', readOnly : '.($this->readonly?'true':'false').', htmlEncodeOutput :'.$htmlencode_force.', toolbar: \''.$this->toolbarname.'\', diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php index 308534f3ebf..02c361e98d7 100644 --- a/htdocs/core/class/html.formmail.class.php +++ b/htdocs/core/class/html.formmail.class.php @@ -582,8 +582,13 @@ class FormMail if (! empty($this->withbody)) { $defaultmessage=""; - if (count($arraydefaultmessage) > 0 && $arraydefaultmessage['content']) $defaultmessage=$arraydefaultmessage['content']; - elseif (! is_numeric($this->withbody)) $defaultmessage=$this->withbody; + $from_template=false; + if (count($arraydefaultmessage) > 0 && $arraydefaultmessage['content']) { + $defaultmessage=$arraydefaultmessage['content']; + $from_template=true; + } elseif (! is_numeric($this->withbody)) { + $defaultmessage=$this->withbody; + } // Complete substitution array if (! empty($conf->paypal->enabled) && ! empty($conf->global->PAYPAL_ADD_PAYMENT_URL)) @@ -613,6 +618,11 @@ class FormMail $defaultmessage = dol_nl2br($defaultmessage); } + if (dol_textishtml($defaultmessage) && $from_template) { + $allow_content=1; + } else { + $allow_content=0; + } if (isset($_POST["message"])) $defaultmessage=$_POST["message"]; else @@ -643,7 +653,7 @@ class FormMail else $this->withfckeditor=0; } - $doleditor=new DolEditor('message',$defaultmessage,'',280,$this->ckeditortoolbar,'In',true,true,$this->withfckeditor,8,72); + $doleditor=new DolEditor('message',$defaultmessage,'',280,$this->ckeditortoolbar,'In',true,true,$this->withfckeditor,8,72,0,$allow_content); $out.= $doleditor->Create(1); } $out.= "\n";