Committer: ssafronova
LJSUP-3593: BML block 'PHP' has no closeU trunk/cgi-bin/LJ/Widget/RecentComments.pm
Modified: trunk/cgi-bin/LJ/Widget/RecentComments.pm
===================================================================
--- trunk/cgi-bin/LJ/Widget/RecentComments.pm 2009-01-15 08:57:15 UTC (rev 14770)
+++ trunk/cgi-bin/LJ/Widget/RecentComments.pm 2009-01-15 11:04:10 UTC (rev 14771)
@@ -51,13 +51,22 @@
my $entry = $comment->entry;
my $class_name = ($ct == scalar(@comments) - 1) ? "last" : "";
+ my $subject = $entry->subject_text ? $entry->subject_text : $class->ml('widget.recentcomments.nosubject');
+ my $body_part = substr($comment->body_text, 0, 250) . " ";
+
+ # prevent BML tags interpretation inside comment subject/body
+ $subject =~ s/<\?/<?/g;
+ $subject =~ s/\?>/?>/g;
+ $body_part =~ s/<\?/<?/g;
+ $body_part =~ s/\?>/?>/g;
+
# print the comment
$ret .= "<p class='pkg $class_name'>";
$ret .= $comment->poster_userpic;
$ret .= $class->ml('widget.recentcomments.commentheading', {'poster' => $poster, 'entry' => "<a href='" . $entry->url . "'>"});
- $ret .= $entry->subject_text ? $entry->subject_text : $class->ml('widget.recentcomments.nosubject');
+ $ret .= $subject;
$ret .= "</a><br />";
- $ret .= substr($comment->body_text, 0, 250) . " ";
+ $ret .= $body_part;
$ret .= "<span class='detail'>(<a href='" . $comment->url . "'>" . $class->ml('widget.recentcomments.link') . "</a>)</span> ";
$ret .= "<span class='detail'>(<a href='" . $comment->reply_url . "'>" . $class->ml('widget.recentcomments.reply') . "</a>)</span> ";
$ret .= "</p>";
