I've proven recently that a series of strpos calls could actually be faster than even a well crafted regex. The regex is still available for comparison in a comment.
That reminds me. Pete, could you deal with adding the prepare code to thoughts? It shouldn't be too annoying as they're only treated in Ajax.php. Or just remind me when I'm on my pc.
Posted: December 1st, 2011, 06:16 PM
Added it myself...
Just one thing to note.
Before wedit::preparsecode, used in various places around Wedge, there's always an htmlspecialchars() call.
Well, while I'm wary of this kind of thing being done (because maybe it should be done inside preparsecode itself if we're going to make life easier for modders...), I did notice an intriguing detail: sometimes it's called without arguments, and sometimes it's called with ENT_QUOTES.
I have a feeling this is something that is due to different devs doing the code at different points in time, and maybe we should harmonize everything. Shouldn't we...? I'd suggest removing all ENT_QUOTES and maybe even push for ENT_NOQUOTES... Because I can't think of a reason to protect parsed BBC against quotes.
Also -- maybe add the double_encode param while we're at it?