yes it is back again but you just have to do the little edit to get rid of them again:
in smf 1.1.13 that is:
In Sources/TPdlmanager.php on about line #2068 look for this line:
Find:
tp_query("UPDATE " . $tp_prefix . "dlmanager SET description = '" . mysql_real_escape_string($value) . "' WHERE id=". $id, __FILE__, __LINE__);
Replace it with:
tp_query("UPDATE " . $tp_prefix . "dlmanager SET description = '" . mysql_real_escape_string(stripslashes($value)) . "' WHERE id=". $id, __FILE__, __LINE__);
and for the html peeking out---may be the \ too
Sources/TPortalAdmin.php
Find this line:(about line #337)
global $context,$txt,$settings,$boardurl,$scripturl,$boarddir,$user_info,$db_prefix;
Change to:
global $context,$txt,$settings,$boardurl,$scripturl,$boarddir,$user_info,$db_prefix, $modSettings;
Find this line:(about line #469)
$context['TPortal']['blockedit']['body'] = html_entity_decode($row['body'], ENT_NOQUOTES);
Change to:
$context['TPortal']['blockedit']['body'] = html_entity_decode($row['body'], ENT_NOQUOTES, $modSettings['global_character_set']);
-------------------------------------------------------------------------
In Sources/TPdlmanager.php on about line #2068 look for this line:
tp_query("UPDATE " . $tp_prefix . "dlmanager SET description = '" . mysql_real_escape_string($value) . "' WHERE id=". $id, __FILE__, __LINE__);
Replace it with this line:
tp_query("UPDATE " . $tp_prefix . "dlmanager SET description = '" . mysql_real_escape_string(stripslashes($value)) . "' WHERE id=". $id, __FILE__, __LINE__);
hope this helps and hope it is the right bunch of codes