Index: trunk/CHANGELOG
===================================================================
--- trunk/CHANGELOG	(revision 891)
+++ trunk/CHANGELOG	(revision 892)
@@ -10,7 +10,12 @@
 # = Bugfix
 ! = Update/Change
 
-------------------------------------- 2.7.1 -------------------------------------
+------------------------------------- 2.8.0 -------------------------------------
+24-Nov-2008 Matthias Gallas
+!	set version to 2.8 BETA
+#	replaced in news modul special chars with entities to get valid output
+!	changed SESSION ID Separator from '&' to '&' to get valid output 
+-	Removed the <p> tag around the news as it is added from the editor  
 28-Dec-2008 Dietrich Roland Pehlke (aldus)
 +	ticket 610: add ip-address to the email-body in the form-modul.
 +	ticket 607: include the frontend.css in the comment_page.php file of the news-module.
Index: trunk/wb/admin/interface/version.php
===================================================================
--- trunk/wb/admin/interface/version.php	(revision 891)
+++ trunk/wb/admin/interface/version.php	(revision 892)
@@ -37,6 +37,6 @@
 }
 
 // check if defined to avoid errors during installation (redirect to admin panel fails if PHP error/warnings are enabled)
-if(!defined('VERSION')) define('VERSION', '2.7');
+if(!defined('VERSION')) define('VERSION', '2.8 BETA');
 
 ?>
\ No newline at end of file
Index: trunk/wb/modules/news/comment_page.php
===================================================================
--- trunk/wb/modules/news/comment_page.php	(revision 891)
+++ trunk/wb/modules/news/comment_page.php	(revision 892)
@@ -29,6 +29,11 @@
 	exit(0);
 }
 
+//overwrite php.ini on Apache servers for valid SESSION ID Separator
+if(function_exists('ini_set')) {
+	ini_set('arg_separator.output', '&amp;');
+}
+
 // check if frontend.css file needs to be included into the <body></body> of page
 if ( (!function_exists('register_frontend_modfiles') || !defined('MOD_FRONTEND_CSS_REGISTERED')) && file_exists(WB_PATH .'/modules/news/frontend.css')) {
 	echo '<style type="text/css">';
@@ -49,7 +54,7 @@
 	// Print comments page
 	echo str_replace('[POST_TITLE]', POST_TITLE, ($settings['comments_page']));
 	?>
-	<form name="comment" action="<?php echo WB_URL.'/modules/news/submit_comment.php?page_id='.PAGE_ID.'&section_id='.SECTION_ID.'&post_id='.POST_ID; ?>" method="post">
+	<form name="comment" action="<?php echo WB_URL.'/modules/news/submit_comment.php?page_id='.PAGE_ID.'&amp;section_id='.SECTION_ID.'&amp;post_id='.POST_ID; ?>" method="post">
 	<?php if(ENABLED_ASP) { // add some honeypot-fields
 	?>
 	<input type="hidden" name="submitted_when" value="<?php $t=time(); echo $t; $_SESSION['submitted_when']=$t; ?>" />
Index: trunk/wb/modules/news/view.php
===================================================================
--- trunk/wb/modules/news/view.php	(revision 891)
+++ trunk/wb/modules/news/view.php	(revision 892)
@@ -33,6 +33,11 @@
    echo "\n</style>\n";
 } 
 
+//overwrite php.ini on Apache servers for valid SESSION ID Separator
+if(function_exists('ini_set')) {
+	ini_set('arg_separator.output', '&amp;');
+}
+
 // Check if there is a start point defined
 if(isset($_GET['p']) AND is_numeric($_GET['p']) AND $_GET['p'] >= 0) {
 	$position = $_GET['p'];
@@ -122,9 +127,9 @@
 	if($setting_posts_per_page != 0) {
 		if($position > 0) {
 			if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
-				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'&g='.$_GET['g'].'"><< ';
+				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'&amp;g='.$_GET['g'].'">&lt;&lt; ';
 			} else {
-				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'"><< ';
+				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'">&lt;&lt; ';
 			}
 			$pl_append = '</a>';
 			$previous_link = $pl_prepend.$TEXT['PREVIOUS'].$pl_append;
@@ -138,11 +143,11 @@
 			$next_page_link = '';
 		} else {
 			if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
-				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'&g='.$_GET['g'].'"> ';
+				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'&amp;g='.$_GET['g'].'"> ';
 			} else {
 				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'"> ';
 			}
-			$nl_append = ' >></a>';
+			$nl_append = ' &gt;&gt;</a>';
 			$next_link = $nl_prepend.$TEXT['NEXT'].$nl_append;
 			$next_page_link = $nl_prepend.$TEXT['NEXT_PAGE'].$nl_append;
 		}
@@ -169,7 +174,7 @@
 		if($query_extra != '') {
 			?>
 			<div class="selected_group_title">
-				<?php echo '<a href="'.htmlspecialchars(strip_tags($_SERVER['PHP_SELF'])).'">'.PAGE_TITLE.'</a> >> '.$groups[$_GET['g']]['title']; ?>
+				<?php echo '<a href="'.htmlspecialchars(strip_tags($_SERVER['PHP_SELF'])).'">'.PAGE_TITLE.'</a> &gt;&gt; '.$groups[$_GET['g']]['title']; ?>
 			</div>
 			<?php
 		}
@@ -187,7 +192,7 @@
 					$post_link .= '?p='.$position;
 				}
 				if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
-					if(isset($_GET['p']) AND $position > 0) { $post_link .= '&'; } else { $post_link .= '?'; }
+					if(isset($_GET['p']) AND $position > 0) { $post_link .= '&amp;'; } else { $post_link .= '?'; }
 					$post_link .= 'g='.$_GET['g'];
 				}
 				// Get group id, title, and image
@@ -255,7 +260,7 @@
 			$page_link .= '?p='.$_GET['p'];
 		}
 		if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
-			if(isset($_GET['p']) AND $position > 0) { $page_link .= '&'; } else { $page_link .= '?'; }
+			if(isset($_GET['p']) AND $position > 0) { $page_link .= '&amp;'; } else { $page_link .= '?'; }
 			$page_link .= 'g='.$_GET['g'];
 		}
 	} else {
@@ -313,7 +318,7 @@
 	if(($post['commenting'] == 'private' AND isset($wb) AND $wb->is_authenticated() == true) OR $post['commenting'] == 'public') {
 		
 		// Print comments header
-		echo str_replace('[ADD_COMMENT_URL]', WB_URL.'/modules/news/comment.php?id='.POST_ID.'&sid='.$section_id, $setting_comments_header);
+		echo str_replace('[ADD_COMMENT_URL]', WB_URL.'/modules/news/comment.php?id='.POST_ID.'&amp;sid='.$section_id, $setting_comments_header);
 		
 		// Query for comments
 		$query_comments = $database->query("SELECT title,comment,commented_when,commented_by FROM ".TABLE_PREFIX."mod_news_comments WHERE post_id = '".POST_ID."' ORDER BY commented_when ASC");
@@ -344,7 +349,7 @@
 		}
 		
 		// Print comments footer
-		echo str_replace('[ADD_COMMENT_URL]', WB_URL.'/modules/news/comment.php?id='.POST_ID.'&sid='.$section_id, $setting_comments_footer);
+		echo str_replace('[ADD_COMMENT_URL]', WB_URL.'/modules/news/comment.php&amp;id='.POST_ID.'&amp;sid='.$section_id, $setting_comments_footer);
 	}
 	if(ENABLED_ASP) {
 		$_SESSION['comes_from_view'] = POST_ID;
Index: trunk/wb/modules/news/submit_comment.php
===================================================================
--- trunk/wb/modules/news/submit_comment.php	(revision 891)
+++ trunk/wb/modules/news/submit_comment.php	(revision 892)
@@ -26,6 +26,11 @@
 // Include config file
 require('../../config.php');
 
+//overwrite php.ini on Apache servers for valid SESSION ID Separator
+if(function_exists('ini_set')) {
+	ini_set('arg_separator.output', '&amp;');
+}
+
 require_once(WB_PATH.'/framework/class.wb.php');
 $wb = new wb;
 
@@ -74,13 +79,13 @@
 					$_SESSION['captcha_error'] = $MESSAGE['MOD_FORM']['INCORRECT_CAPTCHA'];
 					$_SESSION['comment_title'] = $title;
 					$_SESSION['comment_body'] = $comment;
-					exit(header('Location: '.WB_URL."/modules/news/comment.php?id=$post_id&sid=$section_id"));
+					exit(header('Location: '.WB_URL."/modules/news/comment.php?id=$post_id&amp;sid=$section_id"));
 				}
 			} else {
 				$_SESSION['captcha_error'] = $MESSAGE['MOD_FORM']['INCORRECT_CAPTCHA'];
 				$_SESSION['comment_title'] = $title;
 				$_SESSION['comment_body'] = $comment;
-				exit(header('Location: '.WB_URL."/modules/news/comment.php?id=$post_id&sid=$section_id"));
+				exit(header('Location: '.WB_URL."/modules/news/comment.php?id=$post_id&amp;sid=$section_id"));
 			}
 		}
 	}
@@ -105,7 +110,7 @@
 	header('Location: '.$wb->page_link($page['link']).'?id='.$post_id);
 } else {
 	if(isset($_GET['post_id']) AND is_numeric($_GET['post_id']) AND isset($_GET['section_id']) AND is_numeric($_GET['section_id']))
-		header('Location: '.WB_URL."/modules/news/comment.php?id={$_GET['post_id']}&sid={$_GET['section_id']}");
+		header('Location: '.WB_URL."/modules/news/comment.php?id={$_GET['post_id']}&amp;sid={$_GET['section_id']}");
 	else
 		exit(header("Location: ".WB_URL.PAGES_DIRECTORY.""));
 }
Index: trunk/wb/modules/news/add.php
===================================================================
--- trunk/wb/modules/news/add.php	(revision 891)
+++ trunk/wb/modules/news/add.php	(revision 892)
@@ -56,9 +56,8 @@
 <tr style="display: [DISPLAY_GROUP]">
 <td valign="top"><a href="[BACK]">[PAGE_TITLE]</a> >> <a href="[BACK]?g=[GROUP_ID]">[GROUP_TITLE]</a></td>
 </tr>
-</table>
-<p style="text-align: justify;">');
-$post_footer = '</p><p>Last changed: [MODI_DATE] at [MODI_TIME]</p>
+</table>');
+$post_footer = '<p>Last changed: [MODI_DATE] at [MODI_TIME]</p>
 <a href=\"[BACK]\">Back</a>';
 $comments_header = addslashes('<br /><br />
 <h2>Comments</h2>