513 Name: Anonymous : 2016-09-01 16:46 ID:4OfA+MxA [Del]
there is a bug where users can create unclosed tags, making every suceeding post bold or italic or whatever.
it happens on "<i/>" in HTML mode because the sanitize_html function in wakautils.pl allows tags other than br to be closed implicitly.
Here's what I would propose as a fix, simply block any tag from being implicit except the 'empty' ones (as defined in ALLOWED_HTML, config_defaults.pl):
[code]
--- a/kareha/wakautils.pl 2007-01-20 14:54:31.000000000 -0500
+++ b/kareha/wakautils.pl 2016-09-01 09:33:14.768000000 -0400
@@ -144,6 +144,7 @@
"$_='$value'";
} keys %args;
+ $implicit=0;
$implicit="/" if($tags{$name}{empty});
push @stack,$name unless $implicit;
[/code]