The problem: data filtering.

Error in version: 11.2 and below

Severity: high

To fix, open the file: /engine/go.php and find:

$url = @str_replace ( "&", "&", $url );

add below:

$url = htmlspecialchars( $url, ENT_QUOTES, $config['charset'] );
$url = str_replace ( "&", "&", $url );

Open the file:: /engine/ajax/typograf.php and find:

$txt = trim( convert_unicode( $_POST['txt'], $config['charset'] ) );

add below:

require_once ENGINE_DIR . '/classes/parse.class.php';
$parse = new ParseFilter();
$txt = $parse->process( $txt );
$txt = preg_replace( "/javascript:/i", "jаvascript:", $txt );
$txt = preg_replace( "/data:/i", "dаta:", $txt );

The problem: data filtering.

Error in version: 11.1 and below

Severity: high

To fix, open the file: /engine/classes/parse.class.php and find:

		if( preg_match( "/[?&;%<\[\]]/", $url ) ) {

			if( $align != "" ) return "[img=" . $align . "]" . $url . "[/img]";
			else return "[img]" . $url . "[/img]";

		}

replace with:

		if( preg_match( "/[?&;%<\[\]]/", $url ) ) {

			return $matches[0];

		}

Dear friends,

Here is a new version of DataLife Engine v.11.2. This release includes Two-Factor Authentication, a new article text parser, optional display of automatic categories menu, a new safe password storage system, and many more. Now let’s have a closer look on all the new features of a new version...

Dear friends,

The main development stage of version 11.2 is completed. This version is now on testing and preparation stages but for now we suggest that you read the information about some new features of the upcoming version. This release includes Two-Factor Authentication, a new article text parser, optional display of automatic categories menu, a new safe password storage system, and many more. Now let’s have a closer look on all the new features of a new version...

Dear friends,

Here is a new version of DataLife Engine v.11.1. This version brings image uploading in comments, ability to create and publish playlists of video and audio materials, new WYSIWYG editor for articles publishing, new "Image Gallery" type of article fields, and many more. Now let’s have a closer look on all the new features of a new version...