2011-03-19 11:54:12 +00:00
|
|
|
|
<?php
|
2006-12-02 04:36:16 +00:00
|
|
|
|
/*
|
2009-01-03 22:32:54 +00:00
|
|
|
|
* e107 website system
|
|
|
|
|
*
|
2011-03-19 11:54:12 +00:00
|
|
|
|
* Copyright (C) 2008-2011 e107 Inc (e107.org)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
* Released under the terms and conditions of the
|
|
|
|
|
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
|
|
|
|
|
*
|
|
|
|
|
* Text processing and parsing functions
|
|
|
|
|
*
|
2010-02-12 16:37:42 +00:00
|
|
|
|
* $URL$
|
|
|
|
|
* $Id$
|
2009-01-03 22:32:54 +00:00
|
|
|
|
*
|
2006-12-02 04:36:16 +00:00
|
|
|
|
*/
|
2010-01-24 12:05:53 +00:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @package e107
|
2010-11-15 21:45:02 +00:00
|
|
|
|
* @subpackage e107_handlers
|
2010-02-10 18:18:01 +00:00
|
|
|
|
* @version $Id$
|
2010-02-19 15:10:40 +00:00
|
|
|
|
*
|
|
|
|
|
* Text processing and parsing functions.
|
2010-01-24 12:05:53 +00:00
|
|
|
|
* Simple parse data model.
|
|
|
|
|
*/
|
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if (!defined('e107_INIT')) { exit(); }
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Directory for the hard-coded utf-8 handling routines
|
|
|
|
|
define('E_UTF8_PACK', e_HANDLER.'utf8/');
|
|
|
|
|
|
|
|
|
|
define("E_NL", chr(2));
|
2008-11-13 20:41:20 +00:00
|
|
|
|
|
2013-03-01 18:17:03 -08:00
|
|
|
|
class e_parse extends e_parser
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2009-10-30 23:31:08 +00:00
|
|
|
|
/**
|
|
|
|
|
* Determine how to handle utf-8.
|
|
|
|
|
* 0 = 'do nothing'
|
|
|
|
|
* 1 = 'use mb_string'
|
|
|
|
|
* 2 = emulation
|
2010-01-12 13:11:48 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @var integer
|
|
|
|
|
*/
|
|
|
|
|
protected $utfAction;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2009-07-23 15:29:07 +00:00
|
|
|
|
// Shortcode processor - see __get()
|
2009-10-30 19:57:28 +00:00
|
|
|
|
//var $e_sc;
|
|
|
|
|
|
|
|
|
|
// BBCode processor
|
|
|
|
|
var $e_bb;
|
|
|
|
|
|
|
|
|
|
// Profanity filter
|
|
|
|
|
var $e_pf;
|
|
|
|
|
|
|
|
|
|
// Emote filter
|
|
|
|
|
var $e_emote;
|
|
|
|
|
|
|
|
|
|
// 'Hooked' parsers (array)
|
|
|
|
|
var $e_hook;
|
|
|
|
|
|
2010-01-02 21:42:51 +00:00
|
|
|
|
var $search = array('&#039;', ''', ''', '"', 'onerror', '>', '&quot;', ' & ');
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2010-01-02 21:42:51 +00:00
|
|
|
|
var $replace = array("'", "'", "'", '"', 'one<i></i>rror', '>', '"', ' & ');
|
2007-01-20 16:19:43 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Set to TRUE or FALSE once it has been calculated
|
|
|
|
|
var $e_highlighting;
|
|
|
|
|
|
|
|
|
|
// Highlight query
|
|
|
|
|
var $e_query;
|
2013-03-08 20:16:49 -08:00
|
|
|
|
|
|
|
|
|
public $thumbWidth = 100;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
|
|
|
|
// Set up the defaults
|
2009-01-03 22:32:54 +00:00
|
|
|
|
var $e_optDefault = array(
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// default context: reflects legacy settings (many items enabled)
|
|
|
|
|
'context' => 'OLDDEFAULT',
|
|
|
|
|
//
|
2008-06-14 21:01:04 +00:00
|
|
|
|
'fromadmin' => FALSE,
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
|
|
|
|
// Enable emote display
|
|
|
|
|
'emotes' => TRUE,
|
|
|
|
|
|
|
|
|
|
// Convert defines(constants) within text.
|
|
|
|
|
'defs' => FALSE,
|
|
|
|
|
|
|
|
|
|
// replace all {e_XXX} constants with their e107 value - 'rel' or 'abs'
|
|
|
|
|
'constants' => FALSE,
|
|
|
|
|
|
|
|
|
|
// Enable hooked parsers
|
|
|
|
|
'hook' => TRUE,
|
|
|
|
|
|
|
|
|
|
// Allow scripts through (new for 0.8)
|
|
|
|
|
'scripts' => TRUE,
|
|
|
|
|
|
|
|
|
|
// Make links clickable
|
|
|
|
|
'link_click' => TRUE,
|
|
|
|
|
|
|
|
|
|
// Substitute on clickable links (only if link_click == TRUE)
|
|
|
|
|
'link_replace' => TRUE,
|
|
|
|
|
|
|
|
|
|
// Parse shortcodes - TRUE enables parsing
|
|
|
|
|
|
|
|
|
|
'parse_sc' => FALSE,
|
|
|
|
|
// remove HTML tags.
|
|
|
|
|
'no_tags' => FALSE,
|
|
|
|
|
|
|
|
|
|
// Restore entity form of quotes and such to single characters - TRUE disables
|
|
|
|
|
'value' => FALSE,
|
|
|
|
|
|
|
|
|
|
// Line break compression - TRUE removes newline characters
|
|
|
|
|
'nobreak' => FALSE,
|
|
|
|
|
|
|
|
|
|
// Retain newlines - wraps to \n instead of <br /> if TRUE (for non-HTML email text etc)
|
|
|
|
|
'retain_nl' => FALSE
|
2007-01-20 16:19:43 +00:00
|
|
|
|
);
|
2008-12-30 13:51:41 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Super modifiers override default option values
|
2007-01-20 16:19:43 +00:00
|
|
|
|
var $e_SuperMods = array(
|
2009-10-30 19:57:28 +00:00
|
|
|
|
//text is part of a title (e.g. news title)
|
|
|
|
|
'TITLE' =>
|
2007-04-30 20:17:05 +00:00
|
|
|
|
array(
|
2009-01-03 22:32:54 +00:00
|
|
|
|
'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'emotes'=>FALSE, 'defs'=>TRUE, 'parse_sc'=>TRUE
|
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
//text is user-entered (i.e. untrusted) and part of a title (e.g. forum title)
|
|
|
|
|
'USER_TITLE' =>
|
2007-04-30 20:17:05 +00:00
|
|
|
|
array(
|
2009-01-03 22:32:54 +00:00
|
|
|
|
'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'scripts' => FALSE, 'emotes'=>FALSE, 'hook'=>FALSE
|
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// text is 'body' of email or similar - being sent 'off-site' so don't rely on server availability
|
|
|
|
|
'E_TITLE' =>
|
2009-01-03 22:32:54 +00:00
|
|
|
|
array(
|
|
|
|
|
'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'defs'=>TRUE, 'parse_sc'=>TRUE, 'emotes'=>FALSE, 'scripts' => FALSE, 'link_click' => FALSE
|
2007-04-30 20:17:05 +00:00
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// text is part of the summary of a longer item (e.g. content summary)
|
|
|
|
|
'SUMMARY' =>
|
2007-04-30 20:17:05 +00:00
|
|
|
|
array(
|
2012-03-31 21:10:26 +00:00
|
|
|
|
'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE
|
2009-01-03 22:32:54 +00:00
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// text is the description of an item (e.g. download, link)
|
|
|
|
|
'DESCRIPTION' =>
|
2007-04-30 20:17:05 +00:00
|
|
|
|
array(
|
2012-03-31 21:10:26 +00:00
|
|
|
|
'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE
|
2009-01-03 22:32:54 +00:00
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// text is 'body' or 'bulk' text (e.g. custom page body, content body)
|
|
|
|
|
'BODY' =>
|
2007-04-30 20:17:05 +00:00
|
|
|
|
array(
|
2012-03-31 21:10:26 +00:00
|
|
|
|
'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE
|
2009-01-03 22:32:54 +00:00
|
|
|
|
),
|
2012-07-22 10:03:00 +00:00
|
|
|
|
'WYSIWYG' =>
|
|
|
|
|
array(
|
|
|
|
|
'defs'=>FALSE, 'constants'=>'full', 'parse_sc'=>FALSE, 'wysiwyg'=>TRUE
|
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// text is user-entered (i.e. untrusted)'body' or 'bulk' text (e.g. custom page body, content body)
|
|
|
|
|
'USER_BODY' =>
|
2007-04-30 20:17:05 +00:00
|
|
|
|
array(
|
2012-03-31 21:10:26 +00:00
|
|
|
|
'constants'=>'full', 'scripts' => FALSE
|
2009-01-03 22:32:54 +00:00
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// text is 'body' of email or similar - being sent 'off-site' so don't rely on server availability
|
|
|
|
|
'E_BODY' =>
|
2009-01-03 22:32:54 +00:00
|
|
|
|
array(
|
2009-11-16 20:40:39 +00:00
|
|
|
|
'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE, 'emotes'=>FALSE, 'scripts' => FALSE, 'link_click' => FALSE
|
|
|
|
|
),
|
|
|
|
|
// text is text-only 'body' of email or similar - being sent 'off-site' so don't rely on server availability
|
|
|
|
|
'E_BODY_PLAIN' =>
|
|
|
|
|
array(
|
|
|
|
|
'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE, 'emotes'=>FALSE, 'scripts' => FALSE, 'link_click' => FALSE, 'retain_nl' => TRUE, 'no_tags' => TRUE
|
2007-04-30 20:17:05 +00:00
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// text is the 'content' of a link (A tag, etc)
|
|
|
|
|
'LINKTEXT' =>
|
2007-04-30 20:17:05 +00:00
|
|
|
|
array(
|
2010-01-02 21:42:51 +00:00
|
|
|
|
'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'emotes'=>FALSE, 'hook'=>FALSE, 'defs'=>TRUE, 'parse_sc'=>TRUE
|
2009-01-03 22:32:54 +00:00
|
|
|
|
),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// text is used (for admin edit) without fancy conversions or html.
|
|
|
|
|
'RAWTEXT' =>
|
2007-04-30 20:17:05 +00:00
|
|
|
|
array(
|
2009-01-03 22:32:54 +00:00
|
|
|
|
'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'emotes'=>FALSE, 'hook'=>FALSE, 'no_tags'=>TRUE
|
2007-01-20 16:19:43 +00:00
|
|
|
|
)
|
|
|
|
|
);
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Individual modifiers change the current context
|
|
|
|
|
var $e_Modifiers = array(
|
2010-01-02 21:42:51 +00:00
|
|
|
|
'emotes_off' => array('emotes' => FALSE),
|
|
|
|
|
'emotes_on' => array('emotes' => TRUE),
|
2009-01-08 21:47:44 +00:00
|
|
|
|
'no_hook' => array('hook' => FALSE),
|
|
|
|
|
'do_hook' => array('hook' => TRUE),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// New for 0.8
|
|
|
|
|
'scripts_off' => array('scripts' => FALSE),
|
|
|
|
|
// New for 0.8
|
|
|
|
|
'scripts_on' => array('scripts' => TRUE),
|
2009-01-03 22:32:54 +00:00
|
|
|
|
'no_make_clickable' => array('link_click' => FALSE),
|
|
|
|
|
'make_clickable' => array('link_click' => TRUE),
|
|
|
|
|
'no_replace' => array('link_replace' => FALSE),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Replace text of clickable links (only if make_clickable option set)
|
|
|
|
|
'replace' => array('link_replace' => TRUE),
|
|
|
|
|
// No path replacement
|
|
|
|
|
'consts_off' => array('constants' => FALSE),
|
|
|
|
|
// Relative path replacement
|
|
|
|
|
'consts_rel' => array('constants' => 'rel'),
|
|
|
|
|
// Absolute path replacement
|
|
|
|
|
'consts_abs' => array('constants' => 'abs'),
|
2009-11-17 20:34:50 +00:00
|
|
|
|
// Full path replacement
|
|
|
|
|
'consts_full' => array('constants' => 'full'),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// No shortcode parsing
|
|
|
|
|
'scparse_off' => array('parse_sc' => FALSE),
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
'scparse_on' => array('parse_sc' => TRUE),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Strip tags
|
|
|
|
|
'no_tags' => array('no_tags' => TRUE),
|
|
|
|
|
// Leave tags
|
|
|
|
|
'do_tags' => array('no_tags' => FALSE),
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
'fromadmin' => array('fromadmin' => TRUE),
|
|
|
|
|
'notadmin' => array('fromadmin' => FALSE),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// entity replacement
|
|
|
|
|
'er_off' => array('value' => FALSE),
|
2009-01-03 22:32:54 +00:00
|
|
|
|
'er_on' => array('value' => TRUE),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Decode constant if exists
|
|
|
|
|
'defs_off' => array('defs' => FALSE),
|
2009-01-03 22:32:54 +00:00
|
|
|
|
'defs_on' => array('defs' => TRUE),
|
|
|
|
|
|
2010-04-07 19:08:02 +00:00
|
|
|
|
'dobreak' => array('nobreak' => FALSE),
|
|
|
|
|
'nobreak' => array('nobreak' => TRUE),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Line break using \n
|
|
|
|
|
'lb_nl' => array('retain_nl' => TRUE),
|
|
|
|
|
// Line break using <br />
|
|
|
|
|
'lb_br' => array('retain_nl' => FALSE),
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
|
|
|
|
// Legacy option names below here - discontinue later
|
|
|
|
|
'retain_nl' => array('retain_nl' => TRUE),
|
|
|
|
|
'defs' => array('defs' => TRUE),
|
|
|
|
|
'parse_sc' => array('parse_sc' => TRUE),
|
|
|
|
|
'constants' => array('constants' => 'rel'),
|
2012-07-22 10:03:00 +00:00
|
|
|
|
'value' => array('value' => TRUE),
|
|
|
|
|
'wysiwyg' => array('wysiwyg'=>TRUE)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
2009-10-30 20:58:52 +00:00
|
|
|
|
/**
|
|
|
|
|
* Constructor - keep it public for backward compatibility
|
|
|
|
|
still some new e_parse() in the core
|
|
|
|
|
*
|
|
|
|
|
* @return void
|
|
|
|
|
*/
|
|
|
|
|
public function __construct()
|
2007-01-20 16:19:43 +00:00
|
|
|
|
{
|
2009-10-30 20:58:52 +00:00
|
|
|
|
// initialise the type of UTF-8 processing methods depending on PHP version and mb string extension
|
2013-03-01 18:17:03 -08:00
|
|
|
|
$this->init();
|
2009-10-30 20:58:52 +00:00
|
|
|
|
$this->initCharset();
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Preprocess the supermods to be useful default arrays with all values
|
2009-10-30 20:58:52 +00:00
|
|
|
|
foreach ($this->e_SuperMods as $key => $val)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// precalculate super defaults
|
2009-10-30 20:58:52 +00:00
|
|
|
|
$this->e_SuperMods[$key] = array_merge($this->e_optDefault , $this->e_SuperMods[$key]);
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$this->e_SuperMods[$key]['context'] = $key;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2007-12-30 16:54:31 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-10-30 20:58:52 +00:00
|
|
|
|
/**
|
|
|
|
|
* Initialise the type of UTF-8 processing methods depending on PHP version and mb string extension.
|
|
|
|
|
*
|
|
|
|
|
* NOTE: can't be called until CHARSET is known
|
|
|
|
|
but we all know that it is UTF-8 now
|
|
|
|
|
*
|
|
|
|
|
* @return void
|
|
|
|
|
*/
|
|
|
|
|
private function initCharset()
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
|
|
|
|
// Start by working out what, if anything, we do about utf-8 handling.
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// 'Do nothing' is the simple option
|
|
|
|
|
$this->utfAction = 0;
|
2009-10-30 20:58:52 +00:00
|
|
|
|
// CHARSET is utf-8
|
|
|
|
|
// if(strtolower(CHARSET) == 'utf-8')
|
|
|
|
|
// {
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(version_compare(PHP_VERSION, '6.0.0') < 1)
|
|
|
|
|
{
|
|
|
|
|
// Need to do something here
|
2009-01-03 22:32:54 +00:00
|
|
|
|
if(extension_loaded('mbstring'))
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Check for function overloading
|
|
|
|
|
$temp = ini_get('mbstring.func_overload');
|
|
|
|
|
// Just check the string functions - will be non-zero if overloaded
|
|
|
|
|
if(($temp & MB_OVERLOAD_STRING) == 0)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Can use the mb_string routines
|
|
|
|
|
$this->utfAction = 1;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Set the default encoding, so we don't have to specify every time
|
|
|
|
|
mb_internal_encoding('UTF-8');
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Must use emulation - will probably be slow!
|
|
|
|
|
$this->utfAction = 2;
|
|
|
|
|
require (E_UTF8_PACK.'utils/unicode.php');
|
|
|
|
|
// Always load the core routines - bound to need some of them!
|
|
|
|
|
require (E_UTF8_PACK.'native/core.php');
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-10-30 20:58:52 +00:00
|
|
|
|
// }
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2008-11-13 20:41:20 +00:00
|
|
|
|
|
2009-10-30 22:19:56 +00:00
|
|
|
|
/**
|
|
|
|
|
* Unicode (UTF-8) analogue of standard @link http://php.net/strlen strlen PHP function.
|
|
|
|
|
* Returns the length of the given string.
|
2010-01-12 13:11:48 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string $str The UTF-8 encoded string being measured for length.
|
|
|
|
|
* @return integer The length (amount of UTF-8 characters) of the string on success, and 0 if the string is empty.
|
2009-10-30 22:19:56 +00:00
|
|
|
|
*/
|
2010-01-12 13:11:48 +00:00
|
|
|
|
public function ustrlen($str)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
switch($this->utfAction)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
case 0:
|
|
|
|
|
return strlen($str);
|
|
|
|
|
case 1:
|
|
|
|
|
return mb_strlen($str);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
// Default case shouldn't happen often
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Save a call - invoke the function directly
|
|
|
|
|
return strlen(utf8_decode($str));
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-10-30 22:19:56 +00:00
|
|
|
|
/**
|
|
|
|
|
* Unicode (UTF-8) analogue of standard @link http://php.net/strtolower strtolower PHP function.
|
|
|
|
|
* Make a string lowercase.
|
2010-01-12 13:11:48 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string $str The UTF-8 encoded string to be lowercased.
|
|
|
|
|
* @return string Specified string with all alphabetic characters converted to lowercase.
|
2009-10-30 22:19:56 +00:00
|
|
|
|
*/
|
2010-01-12 13:11:48 +00:00
|
|
|
|
public function ustrtolower($str)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
switch($this->utfAction)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
case 0:
|
|
|
|
|
return strtolower($str);
|
|
|
|
|
case 1:
|
|
|
|
|
return mb_strtolower($str);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
// Default case shouldn't happen often
|
|
|
|
|
return utf8_strtolower($str);
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
2009-10-30 22:19:56 +00:00
|
|
|
|
/**
|
|
|
|
|
* Unicode (UTF-8) analogue of standard @link http://php.net/strtoupper strtoupper PHP function.
|
|
|
|
|
* Make a string uppercase.
|
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string $str The UTF-8 encoded string to be uppercased.
|
|
|
|
|
* @return string Specified string with all alphabetic characters converted to uppercase.
|
2009-10-30 22:19:56 +00:00
|
|
|
|
*/
|
2010-01-12 13:11:48 +00:00
|
|
|
|
public function ustrtoupper($str)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
switch($this->utfAction)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
case 0:
|
|
|
|
|
return strtoupper($str);
|
|
|
|
|
case 1:
|
|
|
|
|
return mb_strtoupper($str);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
// Default case shouldn't happen often
|
|
|
|
|
return utf8_strtoupper($str);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-10-30 22:19:56 +00:00
|
|
|
|
/**
|
|
|
|
|
* Unicode (UTF-8) analogue of standard @link http://php.net/strpos strpos PHP function.
|
|
|
|
|
* Find the position of the first occurrence of a case-sensitive UTF-8 encoded string.
|
|
|
|
|
* Returns the numeric position (offset in amount of UTF-8 characters)
|
|
|
|
|
* of the first occurrence of needle in the haystack string.
|
2010-01-12 13:11:48 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string $haystack The UTF-8 encoded string being searched in.
|
|
|
|
|
* @param integer $needle The UTF-8 encoded string being searched for.
|
|
|
|
|
* @param integer $offset [optional] The optional offset parameter allows you to specify which character in haystack to start searching.
|
2009-10-30 22:19:56 +00:00
|
|
|
|
* The position returned is still relative to the beginning of haystack.
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @return integer|boolean Returns the position as an integer. If needle is not found, the function will return boolean FALSE.
|
2009-10-30 22:19:56 +00:00
|
|
|
|
*/
|
2010-01-12 13:11:48 +00:00
|
|
|
|
public function ustrpos($haystack, $needle, $offset = 0)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
switch($this->utfAction)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
case 0:
|
|
|
|
|
return strpos($haystack, $needle, $offset);
|
|
|
|
|
case 1:
|
|
|
|
|
return mb_strpos($haystack, $needle, $offset);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
2009-10-30 23:38:14 +00:00
|
|
|
|
return utf8_strpos($haystack, $needle, $offset);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
2009-10-30 22:19:56 +00:00
|
|
|
|
/**
|
|
|
|
|
* Unicode (UTF-8) analogue of standard @link http://php.net/strrpos strrpos PHP function.
|
|
|
|
|
* Find the position of the last occurrence of a case-sensitive UTF-8 encoded string.
|
|
|
|
|
* Returns the numeric position (offset in amount of UTF-8 characters)
|
|
|
|
|
* of the last occurrence of needle in the haystack string.
|
2010-01-12 13:11:48 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string $haystack The UTF-8 encoded string being searched in.
|
|
|
|
|
* @param integer $needle The UTF-8 encoded string being searched for.
|
2009-10-30 22:19:56 +00:00
|
|
|
|
* @param integer $offset [optional] - The optional offset parameter allows you to specify which character in haystack to start searching.
|
|
|
|
|
* The position returned is still relative to the beginning of haystack.
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @return integer|boolean Returns the position as an integer. If needle is not found, the function will return boolean FALSE.
|
2009-10-30 22:19:56 +00:00
|
|
|
|
*/
|
2010-01-12 13:11:48 +00:00
|
|
|
|
public function ustrrpos($haystack, $needle, $offset = 0)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
switch($this->utfAction)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
case 0:
|
|
|
|
|
return strrpos($haystack, $needle, $offset);
|
|
|
|
|
case 1:
|
|
|
|
|
return mb_strrpos($haystack, $needle, $offset);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
2009-10-30 23:38:14 +00:00
|
|
|
|
return utf8_strrpos($haystack, $needle, $offset);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-10-30 23:31:08 +00:00
|
|
|
|
/**
|
|
|
|
|
* Unicode (UTF-8) analogue of standard @link http://php.net/substr substr PHP function.
|
|
|
|
|
* Returns the portion of string specified by the start and length parameters.
|
2010-01-12 13:11:48 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* NOTE: May be subtle differences in return values dependent on which routine is used.
|
|
|
|
|
* Native substr() routine can return FALSE. mb_substr() and utf8_substr() just return an empty string.
|
2010-01-12 13:11:48 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string $str The UTF-8 encoded string.
|
|
|
|
|
* @param integer $start Start of portion to be returned. Position is counted in amount of UTF-8 characters from the beginning of str.
|
|
|
|
|
* First character's position is 0. Second character position is 1, and so on.
|
2010-01-12 13:11:48 +00:00
|
|
|
|
* @param integer $length [optional] If length is given, the string returned will contain at most length characters beginning from start
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* (depending on the length of string). If length is omitted, the rest of string from start will be returned.
|
|
|
|
|
* @return string The extracted UTF-8 encoded part of input string.
|
|
|
|
|
*/
|
2010-01-12 13:11:48 +00:00
|
|
|
|
public function usubstr($str, $start, $length = NULL)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 23:31:08 +00:00
|
|
|
|
switch($this->utfAction)
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2009-10-30 23:31:08 +00:00
|
|
|
|
case 0:
|
|
|
|
|
return substr($str, $start, $length);
|
|
|
|
|
case 1:
|
|
|
|
|
if(is_null($length))
|
2008-11-13 20:41:20 +00:00
|
|
|
|
{
|
2010-01-12 13:11:48 +00:00
|
|
|
|
return mb_substr($str, $start);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2010-01-12 13:11:48 +00:00
|
|
|
|
return mb_substr($str, $start, $length);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-10-30 23:38:14 +00:00
|
|
|
|
return utf8_substr($str, $start, $length);
|
2008-11-13 20:41:20 +00:00
|
|
|
|
}
|
|
|
|
|
|
2009-10-30 23:31:08 +00:00
|
|
|
|
/**
|
|
|
|
|
* Converts the supplied text (presumed to be from user input) to a format suitable for storing in a database table.
|
|
|
|
|
*
|
|
|
|
|
* @param string $data
|
|
|
|
|
* @param boolean $nostrip [optional] Assumes all data is GPC ($_GET, $_POST, $_COOKIE) unless indicate otherwise by setting this var to TRUE.
|
|
|
|
|
* If magic quotes is enabled on the server and you do not tell toDB() that the data is non GPC then slashes will be stripped when they should not be.
|
|
|
|
|
* @param boolean $no_encode [optional] This parameter should nearly always be FALSE. It is used by the save_prefs() function to preserve HTML content within prefs even when
|
|
|
|
|
* the save_prefs() function has been called by a non admin user / user without html posting permissions.
|
|
|
|
|
* @param boolean $mod [optional] The 'no_html' and 'no_php' modifiers blanket prevent HTML and PHP posting regardless of posting permissions. (used in logging)
|
2010-09-06 21:35:04 +00:00
|
|
|
|
* The 'pReFs' value is for internal use only, when saving prefs, to prevent sanitisation of HTML.
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param boolean $original_author [optional]
|
|
|
|
|
* @return string
|
2009-11-12 21:41:34 +00:00
|
|
|
|
* @todo complete the documentation of this essential method
|
2009-10-30 23:31:08 +00:00
|
|
|
|
*/
|
|
|
|
|
public function toDB($data, $nostrip = FALSE, $no_encode = FALSE, $mod = FALSE, $original_author = FALSE)
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2010-10-27 11:23:54 +00:00
|
|
|
|
$core_pref = e107::getConfig();
|
2009-01-08 21:47:44 +00:00
|
|
|
|
if (is_array($data))
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-01-08 21:47:44 +00:00
|
|
|
|
foreach ($data as $key => $var)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-20 14:47:05 +00:00
|
|
|
|
//Fix - sanitize keys as well
|
|
|
|
|
$ret[$this->toDB($key, $nostrip, $no_encode, $mod, $original_author)] = $this->toDB($var, $nostrip, $no_encode, $mod, $original_author);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
2010-02-12 16:37:42 +00:00
|
|
|
|
return $ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (MAGIC_QUOTES_GPC == TRUE && $nostrip == FALSE)
|
|
|
|
|
{
|
|
|
|
|
$data = stripslashes($data);
|
|
|
|
|
}
|
2010-09-06 12:34:06 +00:00
|
|
|
|
|
2010-09-06 21:35:04 +00:00
|
|
|
|
if ($mod != 'pReFs')
|
2010-09-06 12:34:06 +00:00
|
|
|
|
{
|
2010-09-06 21:35:04 +00:00
|
|
|
|
$data = $this->preFilter($data);
|
2010-10-27 11:23:54 +00:00
|
|
|
|
if (!check_class($core_pref->get('post_html', e_UC_MAINADMIN)) || !check_class($core_pref->get('post_script', e_UC_MAINADMIN)))
|
2010-09-06 21:35:04 +00:00
|
|
|
|
{
|
|
|
|
|
$data = $this->dataFilter($data);
|
|
|
|
|
}
|
2010-09-06 12:34:06 +00:00
|
|
|
|
}
|
|
|
|
|
|
2010-10-27 11:23:54 +00:00
|
|
|
|
if (/*$core_pref->is('post_html') && */check_class($core_pref->get('post_html')))
|
2010-02-12 16:37:42 +00:00
|
|
|
|
{
|
|
|
|
|
$no_encode = TRUE;
|
|
|
|
|
}
|
2010-12-18 22:55:27 +00:00
|
|
|
|
if ($core_pref->get('html_abuse'))
|
|
|
|
|
{
|
|
|
|
|
if ($this->htmlAbuseFilter($data)) $no_encode = FALSE;
|
|
|
|
|
}
|
2010-10-27 11:23:54 +00:00
|
|
|
|
if (is_numeric($original_author) && !check_class($core_pref->get('post_html'), '', $original_author))
|
2010-02-12 16:37:42 +00:00
|
|
|
|
{
|
|
|
|
|
$no_encode = FALSE;
|
|
|
|
|
}
|
|
|
|
|
if ($no_encode === TRUE && strpos($mod, 'no_html') === FALSE)
|
|
|
|
|
{
|
|
|
|
|
$search = array('$', '"', "'", '\\', '<?');
|
|
|
|
|
$replace = array('$', '"', ''', '\', '<?');
|
|
|
|
|
$ret = str_replace($search, $replace, $data);
|
2009-01-08 21:47:44 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2010-02-12 16:37:42 +00:00
|
|
|
|
$data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8');
|
|
|
|
|
$data = str_replace('\\', '\', $data);
|
|
|
|
|
|
|
|
|
|
$ret = preg_replace("/&#(\d*?);/", "&#\\1;", $data);
|
|
|
|
|
}
|
2010-10-27 11:23:54 +00:00
|
|
|
|
// XXX - php_bbcode pref missing?
|
|
|
|
|
if ((strpos($mod, 'no_php') !== FALSE) || !check_class($core_pref->get('php_bbcode')))
|
2010-02-12 16:37:42 +00:00
|
|
|
|
{
|
2010-09-06 21:35:04 +00:00
|
|
|
|
$ret = preg_replace("#\[(php)#i", "[\\1", $ret);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
2010-02-19 15:10:40 +00:00
|
|
|
|
|
2006-12-02 04:36:16 +00:00
|
|
|
|
return $ret;
|
|
|
|
|
}
|
|
|
|
|
|
2007-01-12 21:05:20 +00:00
|
|
|
|
|
2010-09-06 12:34:06 +00:00
|
|
|
|
|
2010-12-18 22:55:27 +00:00
|
|
|
|
/**
|
2013-01-05 09:42:34 +00:00
|
|
|
|
* Check for umatched 'dangerous' HTML tags
|
|
|
|
|
* (these can destroy page layout where users are able to post HTML)
|
2010-12-18 22:55:27 +00:00
|
|
|
|
*
|
|
|
|
|
* @param string $data
|
|
|
|
|
* @param string $tagList - if empty, uses default list of input tags. Otherwise a CSV list of tags to check (any type)
|
|
|
|
|
*
|
|
|
|
|
* @return boolean TRUE if an unopened closing tag found
|
|
|
|
|
* FALSE if nothing found
|
|
|
|
|
*/
|
|
|
|
|
function htmlAbuseFilter($data, $tagList = '')
|
|
|
|
|
{
|
|
|
|
|
if ($tagList == '')
|
|
|
|
|
{
|
|
|
|
|
$checkTags = array('textarea', 'input', 'td', 'tr', 'table');
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$checkTags = explode(',', $tagList);
|
|
|
|
|
}
|
2013-01-05 09:42:34 +00:00
|
|
|
|
$tagArray = array_flip($checkTags);
|
|
|
|
|
foreach ($tagArray as &$v) { $v = 0; }; // Data fields become zero; keys are tag names.
|
|
|
|
|
$data = strtolower(preg_replace('#\[code\].*?\[\/code\]#i', '', $data)); // Ignore code blocks. All lower case simplifies the rest
|
|
|
|
|
$matches = array();
|
|
|
|
|
if (!preg_match_all('#<(\/|)([^<>]*?[^\/])>#', $data, $matches, PREG_SET_ORDER))
|
2010-12-18 22:55:27 +00:00
|
|
|
|
{
|
2013-01-05 09:42:34 +00:00
|
|
|
|
//echo "No tags found<br />";
|
|
|
|
|
return TRUE; // No tags found; so all OK
|
|
|
|
|
}
|
|
|
|
|
//print_a($matches);
|
|
|
|
|
foreach ($matches as $m)
|
|
|
|
|
{
|
|
|
|
|
// $m[0] is the complete tag; $m[1] is '/' or empty; $m[2] is the tag and any attributes
|
|
|
|
|
list ($tag) = explode(' ', $m[2], 2);
|
|
|
|
|
if (!isset($tagArray[$tag])) continue; // Not a tag of interest
|
|
|
|
|
if ($m[1] == '/')
|
|
|
|
|
{ // Closing tag
|
|
|
|
|
if ($tagArray[$tag] == 0)
|
|
|
|
|
{
|
|
|
|
|
//echo "Close before open: {$tag}<br />";
|
|
|
|
|
return TRUE; // Closing tag before we've had an opening tag
|
|
|
|
|
}
|
|
|
|
|
$tagArray[$tag]--; // Obviously had at least one opening tag
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{ // Opening tag
|
|
|
|
|
$tagArray[$tag]++;
|
2010-12-18 22:55:27 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2013-01-05 09:42:34 +00:00
|
|
|
|
//print_a($tagArray);
|
|
|
|
|
foreach ($tagArray as $t)
|
|
|
|
|
{
|
|
|
|
|
if ($t > 0) return TRUE; // More opening tags than closing tags
|
|
|
|
|
}
|
|
|
|
|
return FALSE; // OK now
|
2010-12-18 22:55:27 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2010-09-06 12:34:06 +00:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Checks a string for potentially dangerous HTML tags, including malformed tags
|
|
|
|
|
*
|
|
|
|
|
*/
|
2012-03-31 21:10:26 +00:00
|
|
|
|
public function dataFilter($data, $mode='bbcode')
|
2010-09-06 12:34:06 +00:00
|
|
|
|
{
|
|
|
|
|
$ans = '';
|
2011-11-29 23:37:44 +00:00
|
|
|
|
$vetWords = array('<applet', '<body', '<embed', '<frame', '<script','%3Cscript',
|
|
|
|
|
'<frameset', '<html', '<iframe', '<style', '<layer', '<link',
|
|
|
|
|
'<ilayer', '<meta', '<object', '<plaintext', 'javascript:',
|
|
|
|
|
'vbscript:','data:text/html');
|
|
|
|
|
|
2010-09-06 12:34:06 +00:00
|
|
|
|
$ret = preg_split('#(\[code.*?\[/code.*?])#mis', $data, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE );
|
|
|
|
|
|
|
|
|
|
foreach ($ret as $s)
|
|
|
|
|
{
|
|
|
|
|
if (substr($s, 0, 5) != '[code')
|
|
|
|
|
{
|
|
|
|
|
$vl = array();
|
|
|
|
|
$t = html_entity_decode(rawurldecode($s), ENT_QUOTES, CHARSET);
|
|
|
|
|
$t = str_replace(array("\r", "\n", "\t", "\v", "\f", "\0"), '', $t);
|
|
|
|
|
$t1 = strtolower($t);
|
|
|
|
|
foreach ($vetWords as $vw)
|
|
|
|
|
{
|
|
|
|
|
if (strpos($t1, $vw) !== FALSE)
|
|
|
|
|
{
|
|
|
|
|
$vl[] = $vw; // Add to list of words found
|
|
|
|
|
}
|
|
|
|
|
if (substr($vw, 0, 1) == '<')
|
|
|
|
|
{
|
|
|
|
|
$vw = '</'.substr($vw, 1);
|
|
|
|
|
if (strpos($t1, $vw) !== FALSE)
|
|
|
|
|
{
|
|
|
|
|
$vl[] = $vw; // Add to list of words found
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// More checks here
|
|
|
|
|
if (count($vl))
|
|
|
|
|
{ // Do something
|
|
|
|
|
$s = preg_replace_callback('#('.implode('|', $vl).')#mis', array($this, 'modtag'), $t);
|
|
|
|
|
}
|
|
|
|
|
}
|
2011-06-02 20:03:14 +00:00
|
|
|
|
$s = preg_replace('#(?:onmouse.+?|onclick|onfocus)\s*?\=#', '[sanitised]$0[/sanitised]', $s);
|
2011-05-28 16:23:40 +00:00
|
|
|
|
$s = preg_replace_callback('#base64([,\(])(.+?)([\)\'\"])#mis', array($this, 'proc64'), $s);
|
2010-09-06 12:34:06 +00:00
|
|
|
|
$ans .= $s;
|
|
|
|
|
}
|
2011-11-29 23:37:44 +00:00
|
|
|
|
|
|
|
|
|
if($mode == 'link' && count($vl))
|
|
|
|
|
{
|
|
|
|
|
return "#sanitized";
|
|
|
|
|
}
|
|
|
|
|
|
2010-09-06 12:34:06 +00:00
|
|
|
|
return $ans;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2011-05-28 16:23:40 +00:00
|
|
|
|
/**
|
|
|
|
|
* Check base-64 encoded code
|
|
|
|
|
*/
|
|
|
|
|
private function proc64($match)
|
|
|
|
|
{
|
|
|
|
|
$decode = base64_decode($match[2]);
|
|
|
|
|
return 'base64'.$match[1].base64_encode($this->dataFilter($decode)).$match[3];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2010-09-06 12:34:06 +00:00
|
|
|
|
private function modTag($match)
|
|
|
|
|
{
|
|
|
|
|
$ans = '';
|
|
|
|
|
if (isset($match[1]))
|
|
|
|
|
{
|
|
|
|
|
$chop = intval(strlen($match[1]) / 2);
|
|
|
|
|
$ans = substr($match[1], 0, $chop).'##xss##'.substr($match[1], $chop);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$ans = '?????';
|
|
|
|
|
}
|
|
|
|
|
return '[sanitised]'.$ans.'[/sanitised]';
|
2011-03-19 11:54:12 +00:00
|
|
|
|
|
2010-09-06 12:34:06 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Processes data as needed before its written to the DB.
|
|
|
|
|
* Currently gives bbcodes the opportunity to do something
|
|
|
|
|
*
|
|
|
|
|
* @param $data string - data about to be written to DB
|
|
|
|
|
* @return string - modified data
|
|
|
|
|
*/
|
|
|
|
|
public function preFilter($data)
|
|
|
|
|
{
|
2011-03-19 11:54:12 +00:00
|
|
|
|
if (!is_object($this->e_bb))
|
2010-09-06 12:34:06 +00:00
|
|
|
|
{
|
|
|
|
|
require_once(e_HANDLER.'bbcode_handler.php');
|
|
|
|
|
$this->e_bb = new e_bbcode;
|
|
|
|
|
}
|
|
|
|
|
$ret = $this->e_bb->parseBBCodes($data, USERID, 'default', 'PRE'); // $postID = logged in user here
|
|
|
|
|
return $ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2007-01-12 21:05:20 +00:00
|
|
|
|
function toForm($text)
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2010-10-30 15:34:48 +00:00
|
|
|
|
if(empty($text)) // fix - handle proper 0, Space etc values.
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
2010-10-30 15:34:48 +00:00
|
|
|
|
return $text;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
}
|
2007-01-12 21:05:20 +00:00
|
|
|
|
$search = array('$', '"', '<', '>');
|
|
|
|
|
$replace = array('$', '"', '<', '>');
|
2006-12-02 04:36:16 +00:00
|
|
|
|
$text = str_replace($search, $replace, $text);
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if (e_WYSIWYG !== TRUE)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// fix for utf-8 issue with html_entity_decode(); ???
|
|
|
|
|
$text = str_replace(" ", " ", $text);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-01-08 21:47:44 +00:00
|
|
|
|
function post_toForm($text)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-20 14:47:05 +00:00
|
|
|
|
if(is_array($text))
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
foreach ($text as $key=>$value)
|
2009-10-20 14:47:05 +00:00
|
|
|
|
{
|
|
|
|
|
$text[$this->post_toForm($key)] = $this->post_toForm($value);
|
|
|
|
|
}
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(MAGIC_QUOTES_GPC == TRUE)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2006-12-02 04:36:16 +00:00
|
|
|
|
$text = stripslashes($text);
|
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
return str_replace(array("'", '"', "<", ">"), array("'", """, "<", ">"), $text);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
function post_toHTML($text, $original_author = FALSE, $extra = '', $mod = FALSE)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$text = $this->toDB($text, FALSE, FALSE, $mod, $original_author);
|
|
|
|
|
return $this->toHTML($text, TRUE, $extra);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2007-01-12 21:05:20 +00:00
|
|
|
|
|
2010-04-25 15:04:53 +00:00
|
|
|
|
function parseTemplate($text, $parseSCFiles = TRUE, $extraCodes = null, $eVars = null)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2010-04-25 15:04:53 +00:00
|
|
|
|
return e107::getScParser()->parseCodes($text, $parseSCFiles, $extraCodes, $eVars);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2010-02-27 18:59:57 +00:00
|
|
|
|
/**
|
|
|
|
|
* Simple parser
|
|
|
|
|
*
|
|
|
|
|
* @param string $template
|
|
|
|
|
* @param e_vars $vars
|
|
|
|
|
* @param string $replaceUnset string to be used if replace variable is not set, false - don't replace
|
|
|
|
|
* @return string parsed content
|
|
|
|
|
*/
|
|
|
|
|
function simpleParse($template, e_vars $vars, $replaceUnset='')
|
2010-01-23 03:25:31 +00:00
|
|
|
|
{
|
|
|
|
|
$this->replaceVars = $vars;
|
|
|
|
|
$this->replaceUnset = $replaceUnset;
|
|
|
|
|
return preg_replace_callback("#\{([a-zA-Z0-9_]+)\}#", array($this, 'simpleReplace'), $template);
|
|
|
|
|
}
|
2010-02-19 15:10:40 +00:00
|
|
|
|
|
2012-12-02 17:30:41 -08:00
|
|
|
|
protected function simpleReplace($tmp)
|
|
|
|
|
{
|
2010-02-03 11:06:31 +00:00
|
|
|
|
$unset = ($this->replaceUnset !== false ? $this->replaceUnset : $tmp[0]);
|
2012-12-02 17:30:41 -08:00
|
|
|
|
$key = $tmp[1];
|
2012-12-02 19:10:07 -08:00
|
|
|
|
if(is_array($this->replaceVars))
|
|
|
|
|
{
|
|
|
|
|
return ($this->replaceVars[$key] !== null ? $this->replaceVars[$key]: $unset);
|
|
|
|
|
}
|
|
|
|
|
//
|
|
|
|
|
return ($this->replaceVars->$tmp[1] !== null ? $this->replaceVars->$tmp[1] : $unset); // Doesn't work.
|
2010-01-23 03:25:31 +00:00
|
|
|
|
}
|
2010-02-19 15:10:40 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
function htmlwrap($str, $width, $break = "\n", $nobreak = "a", $nobr = "pre", $utf = FALSE)
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
|
|
|
|
/*
|
2008-02-25 22:15:24 +00:00
|
|
|
|
Pretty well complete rewrite to try and handle utf-8 properly.
|
2008-09-04 19:50:18 +00:00
|
|
|
|
Breaks each utf-8 'word' every $width characters max. If possible, breaks after 'safe' characters.
|
2008-02-25 22:15:24 +00:00
|
|
|
|
$break is the character inserted to flag the break.
|
2008-09-04 19:50:18 +00:00
|
|
|
|
$nobreak is a list of tags within which word wrap is to be inactive
|
2006-12-02 04:36:16 +00:00
|
|
|
|
*/
|
|
|
|
|
|
2009-08-08 14:14:39 +00:00
|
|
|
|
//TODO handle htmlwrap somehow
|
2010-11-15 09:03:54 +00:00
|
|
|
|
//return $str;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// Don't wrap if non-numeric width
|
|
|
|
|
$width = intval($width);
|
|
|
|
|
// And trap stupid wrap counts
|
|
|
|
|
if ($width < 6)
|
|
|
|
|
return $str;
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Transform protected element lists into arrays
|
|
|
|
|
$nobreak = explode(" ", strtolower($nobreak));
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Variable setup
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$intag = FALSE;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$innbk = array();
|
|
|
|
|
$drain = "";
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// List of characters it is "safe" to insert line-breaks at
|
|
|
|
|
// It is not necessary to add < and > as they are automatically implied
|
|
|
|
|
$lbrks = "/?!%)-}]\\\"':;&";
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Is $str a UTF8 string?
|
|
|
|
|
if ($utf || strtolower(CHARSET) == 'utf-8')
|
2009-08-08 14:14:39 +00:00
|
|
|
|
{
|
|
|
|
|
// 0x1680, 0x180e, 0x2000-0x200a, 0x2028, 0x205f, 0x3000 are 'non-ASCII' Unicode UCS-4 codepoints - see http://www.unicode.org/Public/UNIDATA/UnicodeData.txt
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// All convert to 3-byte utf-8 sequences:
|
|
|
|
|
// 0x1680 0xe1 0x9a 0x80
|
|
|
|
|
// 0x180e 0xe1 0xa0 0x8e
|
|
|
|
|
// 0x2000 0xe2 0x80 0x80
|
|
|
|
|
// -
|
|
|
|
|
// 0x200a 0xe2 0x80 0x8a
|
|
|
|
|
// 0x2028 0xe2 0x80 0xa8
|
|
|
|
|
// 0x205f 0xe2 0x81 0x9f
|
|
|
|
|
// 0x3000 0xe3 0x80 0x80
|
|
|
|
|
$utf8 = 'u';
|
|
|
|
|
$whiteSpace = '#([\x20|\x0c]|[\xe1][\x9a][\x80]|[\xe1][\xa0][\x8e]|[\xe2][\x80][\x80-\x8a,\xa8]|[\xe2][\x81][\x9f]|[\xe3][\x80][\x80]+)#';
|
|
|
|
|
// Have to explicitly enumerate the whitespace chars, and use non-utf-8 mode, otherwise regex fails on badly formed utf-8
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$utf8 = '';
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// For non-utf-8, can use a simple match string
|
|
|
|
|
$whiteSpace = '#(\s+)#';
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Start of the serious stuff - split into HTML tags and text between
|
2009-08-08 14:14:39 +00:00
|
|
|
|
$content = preg_split('#(<.*?'.'>)#mis', $str, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE );
|
2009-01-03 22:32:54 +00:00
|
|
|
|
foreach($content as $value)
|
|
|
|
|
{
|
|
|
|
|
if ($value[0] == "<")
|
2009-08-08 14:14:39 +00:00
|
|
|
|
{
|
|
|
|
|
// We are within an HTML tag
|
|
|
|
|
// Create a lowercase copy of this tag's contents
|
2010-01-12 13:11:48 +00:00
|
|
|
|
$lvalue = strtolower(substr($value, 1, -1));
|
2009-08-08 14:14:39 +00:00
|
|
|
|
if ($lvalue)
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
|
|
|
|
// Tag of non-zero length
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// If the first character is not a / then this is an opening tag
|
|
|
|
|
if ($lvalue[0] != "/")
|
2008-02-25 22:15:24 +00:00
|
|
|
|
{
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// Collect the tag name
|
|
|
|
|
preg_match("/^(\w*?)(\s|$)/", $lvalue, $t);
|
|
|
|
|
|
|
|
|
|
// If this is a protected element, activate the associated protection flag
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(in_array($t[1], $nobreak))
|
2010-01-12 13:11:48 +00:00
|
|
|
|
array_unshift($innbk, $t[1]);
|
2009-08-08 14:14:39 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
|
|
|
|
// Otherwise this is a closing tag
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// If this is a closing tag for a protected element, unset the flag
|
|
|
|
|
if (in_array(substr($lvalue, 1), $nobreak))
|
|
|
|
|
{
|
|
|
|
|
reset($innbk);
|
|
|
|
|
while (list($key, $tag) = each($innbk))
|
|
|
|
|
{
|
|
|
|
|
if (substr($lvalue, 1) == $tag)
|
|
|
|
|
{
|
|
|
|
|
unset($innbk[$key]);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$innbk = array_values($innbk);
|
|
|
|
|
}
|
2008-02-25 22:15:24 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-08-08 14:14:39 +00:00
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
// Eliminate any empty tags altogether
|
|
|
|
|
$value = '';
|
|
|
|
|
}
|
|
|
|
|
// Else if we're outside any tags, and with non-zero length string...
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
elseif ($value)
|
2009-08-08 14:14:39 +00:00
|
|
|
|
{
|
|
|
|
|
// If unprotected...
|
|
|
|
|
if (!count($innbk))
|
2008-02-25 22:15:24 +00:00
|
|
|
|
{
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// Use the ACK (006) ASCII symbol to replace all HTML entities temporarily
|
|
|
|
|
$value = str_replace("\x06", "", $value);
|
|
|
|
|
preg_match_all("/&([a-z\d]{2,7}|#\d{2,5});/i", $value, $ents);
|
|
|
|
|
$value = preg_replace("/&([a-z\d]{2,7}|#\d{2,5});/i", "\x06", $value);
|
|
|
|
|
// echo "Found block length ".strlen($value).': '.substr($value,20).'<br />';
|
|
|
|
|
// Split at spaces - note that this will fail if presented with invalid utf-8 when doing the regex whitespace search
|
|
|
|
|
// $split = preg_split('#(\s)#'.$utf8, $value, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE );
|
|
|
|
|
$split = preg_split($whiteSpace, $value, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE );
|
|
|
|
|
$value = '';
|
|
|
|
|
foreach ($split as $sp)
|
|
|
|
|
{
|
|
|
|
|
// echo "Split length ".strlen($sp).': '.substr($sp,20).'<br />';
|
|
|
|
|
$loopCount = 0;
|
|
|
|
|
while (strlen($sp) > $width)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// Enough characters that we may need to do something.
|
|
|
|
|
$pulled = '';
|
|
|
|
|
if ($utf8)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// Pull out a piece of the maximum permissible length
|
|
|
|
|
if (preg_match('#^((?:[\x00-\x7F]|[\xC0-\xFF][\x80-\xBF]+){0,'.$width.'})(.{0,1}).*#s',$sp,$matches) == 0)
|
|
|
|
|
{
|
|
|
|
|
// Make any problems obvious for now
|
|
|
|
|
$value .= '[!<b>invalid utf-8: '.$sp.'<b>!]';
|
|
|
|
|
$sp = '';
|
|
|
|
|
}
|
|
|
|
|
elseif (empty($matches[2]))
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
|
|
|
|
// utf-8 length is less than specified - treat as a special case
|
2009-08-08 14:14:39 +00:00
|
|
|
|
$value .= $sp;
|
|
|
|
|
$sp = '';
|
|
|
|
|
}
|
|
|
|
|
else
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
|
|
|
|
// Need to find somewhere to break the string
|
|
|
|
|
for($i = strlen($matches[1]) - 1; $i >= 0; $i--)
|
2009-08-08 14:14:39 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(strpos($lbrks, $matches[1][$i]) !== FALSE)
|
|
|
|
|
break;
|
2009-08-08 14:14:39 +00:00
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if($i < 0)
|
|
|
|
|
{
|
|
|
|
|
// No 'special' break character found - break at the word boundary
|
2009-08-08 14:14:39 +00:00
|
|
|
|
$pulled = $matches[1];
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$pulled = substr($sp, 0, $i + 1);
|
2009-08-08 14:14:39 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$loopCount++;
|
|
|
|
|
if ($loopCount > 20)
|
|
|
|
|
{
|
|
|
|
|
// Make any problems obvious for now
|
|
|
|
|
$value .= '[!<b>loop count exceeded: '.$sp.'</b>!]';
|
|
|
|
|
$sp = '';
|
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
for ($i = min($width, strlen($sp)); $i > 0; $i--)
|
2009-08-08 14:14:39 +00:00
|
|
|
|
{
|
|
|
|
|
// No speed advantage to defining match character
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if (strpos($lbrks, $sp[$i-1]) !== FALSE)
|
2009-08-08 14:14:39 +00:00
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if ($i == 0)
|
|
|
|
|
{
|
|
|
|
|
// No 'special' break boundary character found - break at the word boundary
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$pulled = substr($sp, 0, $width);
|
2009-08-08 14:14:39 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$pulled = substr($sp, 0, $i);
|
2009-08-08 14:14:39 +00:00
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2009-08-08 14:14:39 +00:00
|
|
|
|
if ($pulled)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-08-08 14:14:39 +00:00
|
|
|
|
$value .= $pulled.$break;
|
|
|
|
|
// Shorten $sp by whatever we've processed (will work even for utf-8)
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$sp = substr($sp, strlen($pulled));
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// Add in any residue
|
|
|
|
|
$value .= $sp;
|
2008-02-25 22:15:24 +00:00
|
|
|
|
}
|
2009-08-08 14:14:39 +00:00
|
|
|
|
// Put captured HTML entities back into the string
|
2010-01-12 13:11:48 +00:00
|
|
|
|
foreach ($ents[0] as $ent)
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$value = preg_replace("/\x06/", $ent, $value, 1);
|
2008-02-25 22:15:24 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Send the modified segment down the drain
|
|
|
|
|
$drain .= $value;
|
|
|
|
|
}
|
|
|
|
|
// Return contents of the drain
|
2009-01-08 21:47:44 +00:00
|
|
|
|
return $drain;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2010-01-09 13:17:45 +00:00
|
|
|
|
/**
|
|
|
|
|
* CakePHP(tm) : Rapid Development Framework (http://www.cakephp.org)
|
|
|
|
|
* Copyright 2005-2008, Cake Software Foundation, Inc. (http://www.cakefoundation.org)
|
2010-01-12 13:11:48 +00:00
|
|
|
|
*
|
2010-01-09 13:17:45 +00:00
|
|
|
|
* Truncate a HTML string
|
|
|
|
|
*
|
|
|
|
|
* Cuts a string to the length of $length and adds the value of $ending if the text is longer than length.
|
|
|
|
|
*
|
|
|
|
|
* @param string $text String to truncate.
|
|
|
|
|
* @param integer $length Length of returned string, including ellipsis.
|
|
|
|
|
* @param string $ending It will be used as Ending and appended to the trimmed string.
|
|
|
|
|
* @param boolean $exact If false, $text will not be cut mid-word
|
|
|
|
|
* @return string Trimmed string.
|
|
|
|
|
*/
|
|
|
|
|
function html_truncate($text, $length = 100, $ending = '...', $exact = true)
|
2010-01-12 13:11:48 +00:00
|
|
|
|
{
|
|
|
|
|
if($this->ustrlen(preg_replace('/<.*?>/', '', $text)) <= $length)
|
2010-01-09 13:17:45 +00:00
|
|
|
|
{
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
|
|
|
|
$totalLength = 0;
|
|
|
|
|
$openTags = array();
|
|
|
|
|
$truncate = '';
|
|
|
|
|
preg_match_all('/(<\/?([\w+]+)[^>]*>)?([^<>]*)/', $text, $tags, PREG_SET_ORDER);
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2010-01-09 13:17:45 +00:00
|
|
|
|
foreach($tags as $tag)
|
|
|
|
|
{
|
2010-01-12 13:11:48 +00:00
|
|
|
|
if(!$tag[2] || !preg_match('/img|br|input|hr|area|base|basefont|col|frame|isindex|link|meta|param/si', $tag[2]))
|
2010-01-09 13:17:45 +00:00
|
|
|
|
{
|
|
|
|
|
if(preg_match('/<[\w]+[^>]*>/s', $tag[0]))
|
|
|
|
|
{
|
|
|
|
|
array_unshift($openTags, $tag[2]);
|
|
|
|
|
}
|
|
|
|
|
else if(preg_match('/<\/([\w]+)[^>]*>/s', $tag[0], $closeTag))
|
|
|
|
|
{
|
|
|
|
|
$pos = array_search($closeTag[1], $openTags);
|
|
|
|
|
if($pos !== false)
|
|
|
|
|
{
|
|
|
|
|
array_splice($openTags, $pos, 1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$truncate .= $tag[1];
|
2010-01-12 13:11:48 +00:00
|
|
|
|
$contentLength = $this->ustrlen(preg_replace('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|&#x[0-9a-f]{1,6};/i', ' ', $tag[3]));
|
|
|
|
|
|
2010-01-09 13:17:45 +00:00
|
|
|
|
if($contentLength + $totalLength > $length)
|
|
|
|
|
{
|
|
|
|
|
$left = $length - $totalLength;
|
|
|
|
|
$entitiesLength = 0;
|
|
|
|
|
if(preg_match_all('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|&#x[0-9a-f]{1,6};/i', $tag[3], $entities, PREG_OFFSET_CAPTURE))
|
|
|
|
|
{
|
|
|
|
|
foreach($entities[0] as $entity)
|
|
|
|
|
{
|
|
|
|
|
if($entity[1] + 1 - $entitiesLength <= $left)
|
|
|
|
|
{
|
|
|
|
|
$left--;
|
2010-01-12 13:11:48 +00:00
|
|
|
|
$entitiesLength += $this->ustrlen($entity[0]);
|
2010-01-09 13:17:45 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
|
|
|
|
$truncate .= $this->usubstr($tag[3], 0, $left + $entitiesLength);
|
2010-01-09 13:17:45 +00:00
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$truncate .= $tag[3];
|
|
|
|
|
$totalLength += $contentLength;
|
|
|
|
|
}
|
|
|
|
|
if($totalLength >= $length)
|
|
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if(!$exact)
|
|
|
|
|
{
|
2010-01-12 13:11:48 +00:00
|
|
|
|
$spacepos = $this->ustrrpos($truncate, ' ');
|
2010-01-09 13:17:45 +00:00
|
|
|
|
if(isset($spacepos))
|
|
|
|
|
{
|
2010-01-12 13:11:48 +00:00
|
|
|
|
$bits = $this->usubstr($truncate, $spacepos);
|
2010-01-09 13:17:45 +00:00
|
|
|
|
preg_match_all('/<\/([a-z]+)>/i', $bits, $droppedTags, PREG_SET_ORDER);
|
|
|
|
|
if(!empty($droppedTags))
|
|
|
|
|
{
|
|
|
|
|
foreach($droppedTags as $closingTag)
|
|
|
|
|
{
|
|
|
|
|
if(!in_array($closingTag[1], $openTags))
|
|
|
|
|
{
|
|
|
|
|
array_unshift($openTags, $closingTag[1]);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-01-12 13:11:48 +00:00
|
|
|
|
$truncate = $this->usubstr($truncate, 0, $spacepos);
|
2010-01-09 13:17:45 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$truncate .= $ending;
|
|
|
|
|
foreach($openTags as $tag)
|
|
|
|
|
{
|
|
|
|
|
$truncate .= '</' . $tag . '>';
|
|
|
|
|
}
|
|
|
|
|
return $truncate;
|
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2009-10-30 21:32:18 +00:00
|
|
|
|
/**
|
|
|
|
|
* Truncate a HTML string to a maximum length $len append the string $more if it was truncated
|
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string $text String to process
|
2009-11-12 21:41:34 +00:00
|
|
|
|
* @param integer $len [optional] Length of characters to be truncated - default 200
|
|
|
|
|
* @param string $more [optional] String which will be added if truncation - default ' ... '
|
2009-10-30 21:32:18 +00:00
|
|
|
|
* @return string
|
|
|
|
|
*/
|
2010-01-09 13:17:45 +00:00
|
|
|
|
public function html_truncate_old ($text, $len = 200, $more = ' ... ')
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
|
|
|
|
$pos = 0;
|
|
|
|
|
$curlen = 0;
|
|
|
|
|
$tmp_pos = 0;
|
2007-05-16 20:24:44 +00:00
|
|
|
|
$intag = FALSE;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
while($curlen < $len && $curlen < strlen($text))
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
switch($text {$pos} )
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
case "<":
|
|
|
|
|
if($text {$pos + 1} == "/")
|
|
|
|
|
{
|
|
|
|
|
$closing_tag = TRUE;
|
|
|
|
|
}
|
|
|
|
|
$intag = TRUE;
|
|
|
|
|
$tmp_pos = $pos - 1;
|
|
|
|
|
$pos++;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
break;
|
2008-12-30 13:51:41 +00:00
|
|
|
|
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
case ">":
|
|
|
|
|
if($text {$pos - 1} == "/")
|
|
|
|
|
{
|
|
|
|
|
$closing_tag = TRUE;
|
|
|
|
|
}
|
|
|
|
|
if($closing_tag == TRUE)
|
|
|
|
|
{
|
|
|
|
|
$tmp_pos = 0;
|
|
|
|
|
$closing_tag = FALSE;
|
|
|
|
|
}
|
|
|
|
|
$intag = FALSE;
|
|
|
|
|
$pos++;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
break;
|
2008-12-30 13:51:41 +00:00
|
|
|
|
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
case "&":
|
|
|
|
|
if($text {$pos + 1} == "#")
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$end = strpos(substr($text, $pos, 7), ";");
|
|
|
|
|
if($end !== FALSE)
|
|
|
|
|
{
|
|
|
|
|
$pos += ($end + 1);
|
|
|
|
|
if(!$intag)
|
|
|
|
|
{
|
|
|
|
|
$curlen++;
|
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$pos++;
|
|
|
|
|
if(!$intag)
|
|
|
|
|
{
|
|
|
|
|
$curlen++;
|
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
default:
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$pos++;
|
|
|
|
|
if(!$intag)
|
|
|
|
|
{
|
|
|
|
|
$curlen++;
|
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2009-09-03 19:29:11 +00:00
|
|
|
|
$ret = ($tmp_pos > 0 ? substr($text, 0, $tmp_pos+1) : substr($text, 0, $pos));
|
2006-12-02 04:36:16 +00:00
|
|
|
|
if($pos < strlen($text))
|
|
|
|
|
{
|
|
|
|
|
$ret = $ret.$more;
|
|
|
|
|
}
|
|
|
|
|
return $ret;
|
|
|
|
|
}
|
|
|
|
|
|
2007-06-06 19:28:25 +00:00
|
|
|
|
|
2009-10-30 20:58:52 +00:00
|
|
|
|
/**
|
2009-10-30 21:32:18 +00:00
|
|
|
|
* Truncate a string of text to a maximum length $len append the string $more if it was truncated
|
2009-10-30 20:58:52 +00:00
|
|
|
|
* Uses current CHARSET for utf-8, returns $len characters rather than $len bytes
|
|
|
|
|
*
|
|
|
|
|
* @param string $text string to process
|
|
|
|
|
* @param integer $len length of characters to be truncated
|
|
|
|
|
* @param string $more string which will be added if truncation
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
2009-10-30 21:01:13 +00:00
|
|
|
|
public function text_truncate($text, $len = 200, $more = ' ... ')
|
2007-06-06 19:28:25 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Always valid
|
2012-12-13 15:08:00 +02:00
|
|
|
|
if($this->ustrlen($text) <= $len)
|
2009-11-12 21:41:34 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
return $text;
|
2009-11-12 21:41:34 +00:00
|
|
|
|
}
|
2012-12-13 15:08:00 +02:00
|
|
|
|
|
2012-12-14 12:19:13 +02:00
|
|
|
|
$ret = $this->usubstr($text, 0, $len);
|
2012-12-13 15:08:00 +02:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// search for possible broken html entities
|
|
|
|
|
// - if an & is in the last 8 chars, removing it and whatever follows shouldn't hurt
|
|
|
|
|
// it should work for any characters encoding
|
2012-12-13 15:08:00 +02:00
|
|
|
|
|
|
|
|
|
// FIXME - INVESTIGATE this one, switch to utf8 aware methods
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$leftAmp = strrpos(substr($ret, -8), '&');
|
|
|
|
|
if($leftAmp)
|
2009-11-12 21:41:34 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$ret = substr($ret, 0, strlen($ret) - 8 + $leftAmp);
|
2009-11-12 21:41:34 +00:00
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
return $ret.$more;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2007-06-06 19:28:25 +00:00
|
|
|
|
|
2009-10-30 20:58:52 +00:00
|
|
|
|
function textclean ($text, $wrap = 100)
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$text = str_replace("\n\n\n", "\n\n", $text);
|
2008-12-30 13:51:41 +00:00
|
|
|
|
$text = $this->htmlwrap($text, $wrap);
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$text = str_replace(array('<br /> ', ' <br />', ' <br /> '), '<br />', $text);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
/* we can remove any linebreaks added by htmlwrap function as any \n's will be converted later anyway */
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
2006-12-02 04:36:16 +00:00
|
|
|
|
// Test for text highlighting, and determine the text highlighting transformation
|
|
|
|
|
// Returns TRUE if highlighting is active for this page display
|
|
|
|
|
function checkHighlighting()
|
|
|
|
|
{
|
|
|
|
|
global $pref;
|
|
|
|
|
|
|
|
|
|
if (!defined('e_SELF'))
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Still in startup, so can't calculate highlighting
|
|
|
|
|
return FALSE;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(!isset($this->e_highlighting))
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
|
|
|
|
$this->e_highlighting = FALSE;
|
|
|
|
|
$shr = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : "");
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if($pref['search_highlight'] && (strpos(e_SELF, 'search.php') === FALSE) && ((strpos($shr, 'q=') !== FALSE) || (strpos($shr, 'p=') !== FALSE)))
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
|
|
|
|
$this->e_highlighting = TRUE;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(!isset($this->e_query))
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
|
|
|
|
$query = preg_match('#(q|p)=(.*?)(&|$)#', $shr, $matches);
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$this->e_query = str_replace(array('+', '*', '"', ' '), array('', '.*?', '', '\b|\b'), trim(urldecode($matches[2])));
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return $this->e_highlighting;
|
|
|
|
|
}
|
|
|
|
|
|
2007-03-11 20:52:47 +00:00
|
|
|
|
|
2009-10-30 09:13:37 +00:00
|
|
|
|
/**
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* Converts the text (presumably retrieved from the database) for HTML output.
|
2009-10-30 19:57:28 +00:00
|
|
|
|
*
|
2009-10-30 09:13:37 +00:00
|
|
|
|
* @param string $text
|
|
|
|
|
* @param boolean $parseBB [optional]
|
|
|
|
|
* @param string $modifiers [optional] TITLE|SUMMARY|DESCRIPTION|BODY|RAW|LINKTEXT etc.
|
2010-01-02 21:42:51 +00:00
|
|
|
|
* Comma-separated list, no spaces allowed
|
|
|
|
|
* first modifier must be a CONTEXT modifier, in UPPER CASE.
|
|
|
|
|
* subsequent modifiers are lower case - see $this->e_Modifiers for possible values
|
2009-10-30 09:13:37 +00:00
|
|
|
|
* @param mixed $postID [optional]
|
|
|
|
|
* @param boolean $wrap [optional]
|
2009-10-30 20:05:17 +00:00
|
|
|
|
* @return string
|
2009-11-12 21:41:34 +00:00
|
|
|
|
* @todo complete the documentation of this essential method
|
2009-10-30 09:13:37 +00:00
|
|
|
|
*/
|
2010-01-02 21:42:51 +00:00
|
|
|
|
public function toHTML($text, $parseBB = FALSE, $modifiers = '', $postID = '', $wrap = FALSE)
|
2008-06-14 21:01:04 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if($text == '')
|
2009-11-12 21:41:34 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
return $text;
|
2010-01-12 13:11:48 +00:00
|
|
|
|
}
|
2008-12-30 13:51:41 +00:00
|
|
|
|
|
2009-10-30 20:05:17 +00:00
|
|
|
|
global $pref, $fromadmin;
|
2007-12-30 23:31:18 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Set default modifiers to start
|
|
|
|
|
$opts = $this->e_optDefault;
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2008-12-30 13:51:41 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Now process any modifiers that are specified
|
|
|
|
|
if ($modifiers)
|
2008-06-14 21:01:04 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$aMods = explode(',', $modifiers);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
|
|
|
|
// If there's a supermodifier, it must be first, and in uppercase
|
|
|
|
|
$psm = trim($aMods[0]);
|
|
|
|
|
if (isset($this->e_SuperMods[$psm]))
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
2010-01-02 21:42:51 +00:00
|
|
|
|
// Supermodifier found - override default values where necessary
|
|
|
|
|
$opts = array_merge($opts,$this->e_SuperMods[$psm]);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$opts['context'] = $psm;
|
|
|
|
|
unset($aMods[0]);
|
|
|
|
|
}
|
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Now find any regular modifiers; use them to modify the context
|
|
|
|
|
// (there should only be one or two out of the list of possibles)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
foreach ($aMods as $mod)
|
|
|
|
|
{
|
2010-01-02 21:42:51 +00:00
|
|
|
|
// Slight concession to varying coding styles - stripping spaces is a waste of CPU cycles!
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$mod = trim($mod);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
if (isset($this->e_Modifiers[$mod]))
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// This is probably quicker than array_merge
|
|
|
|
|
// - especially as usually only one or two loops
|
|
|
|
|
foreach ($this->e_Modifiers[$mod] as $k => $v)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Update our context-specific options
|
|
|
|
|
$opts[$k] = $v;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2007-01-17 21:29:28 +00:00
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Turn off a few things if not enabled in options
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(!varsettrue($pref['smiley_activate']))
|
2009-11-12 21:41:34 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$opts['emotes'] = FALSE;
|
2010-01-12 13:11:48 +00:00
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(!varsettrue($pref['make_clickable']))
|
2009-11-12 21:41:34 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$opts['link_click'] = FALSE;
|
2009-11-12 21:41:34 +00:00
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(!varsettrue($pref['link_replace']))
|
2009-11-12 21:41:34 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$opts['link_replace'] = FALSE;
|
2009-11-12 21:41:34 +00:00
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
|
|
|
|
$fromadmin = $opts['fromadmin'];
|
|
|
|
|
|
|
|
|
|
// Convert defines(constants) within text. eg. Lan_XXXX - must be the entire text string (i.e. not embedded)
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// The check for '::' is a workaround for a bug in the Zend Optimiser 3.3.0 and PHP 5.2.4 combination
|
|
|
|
|
// - causes crashes if '::' in site name
|
2009-11-12 21:41:34 +00:00
|
|
|
|
//TODO - marj - find a way to use language method here XOR remove the limit of 24 characters.
|
2012-12-12 18:46:34 -08:00
|
|
|
|
if($opts['defs'] && (strlen($text) < 35) && ((strpos($text, '::') === FALSE) && defined(trim($text))))
|
2007-01-17 21:29:28 +00:00
|
|
|
|
{
|
2009-01-03 22:32:54 +00:00
|
|
|
|
return constant(trim($text));
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
if ($opts['no_tags'])
|
|
|
|
|
{
|
|
|
|
|
$text = strip_tags($text);
|
|
|
|
|
}
|
2007-09-09 07:05:06 +00:00
|
|
|
|
|
2007-01-17 21:29:28 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Make sure we have a valid count for word wrapping
|
|
|
|
|
if (!$wrap && $pref['main_wordwrap'])
|
|
|
|
|
{
|
|
|
|
|
$wrap = $pref['main_wordwrap'];
|
|
|
|
|
}
|
|
|
|
|
// $text = " ".$text;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2007-01-17 21:29:28 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Now get on with the parsing
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$ret_parser = '';
|
|
|
|
|
$last_bbcode = '';
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// So we can change them on each loop
|
|
|
|
|
$saveOpts = $opts;
|
2012-07-22 10:03:00 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
if ($parseBB == FALSE)
|
2008-06-14 21:01:04 +00:00
|
|
|
|
{
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$content = array($text);
|
2008-06-14 21:01:04 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
2007-01-17 21:29:28 +00:00
|
|
|
|
{
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Split each text block into bits which are either within one of the 'key' bbcodes, or outside them
|
|
|
|
|
// (Because we have to match end words, the 'extra' capturing subpattern gets added to output array. We strip it later)
|
2012-06-09 12:01:24 +00:00
|
|
|
|
$content = preg_split('#(\[(table|html|php|code|scode|hide).*?\[/(?:\\2)\])#mis', $text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE );
|
2008-06-14 21:01:04 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Use $full_text variable so its available to special bbcodes if required
|
|
|
|
|
foreach ($content as $full_text)
|
|
|
|
|
{
|
|
|
|
|
$proc_funcs = TRUE;
|
2009-01-30 20:39:03 +00:00
|
|
|
|
$convertNL = TRUE;
|
2008-06-14 21:01:04 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// We may have 'captured' a bbcode word - strip it if so
|
|
|
|
|
if ($last_bbcode == $full_text)
|
|
|
|
|
{
|
|
|
|
|
$last_bbcode = '';
|
|
|
|
|
$proc_funcs = FALSE;
|
|
|
|
|
$full_text = '';
|
2008-06-14 21:01:04 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
2007-01-17 21:29:28 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Set the options for this pass
|
|
|
|
|
$opts = $saveOpts;
|
2009-01-30 20:39:03 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Have to have a good test in case a 'non-key' bbcode starts the block
|
|
|
|
|
// - so pull out the bbcode parameters while we're there
|
2012-06-09 12:01:24 +00:00
|
|
|
|
if (($parseBB !== FALSE) && preg_match('#(^\[(table|html|php|code|scode|hide)(.*?)\])(.*?)(\[/\\2\]$)#is', $full_text, $matches ))
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
|
|
|
|
// It's one of the 'key' bbcodes
|
|
|
|
|
// Usually don't want 'normal' processing if its a 'special' bbcode
|
|
|
|
|
$proc_funcs = FALSE;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// $matches[0] - complete block from opening bracket of opening tag to closing bracket of closing tag
|
|
|
|
|
// $matches[1] - complete opening tag (inclusive of brackets)
|
|
|
|
|
// $matches[2] - bbcode word
|
|
|
|
|
// $matches[3] - parameter, including '='
|
|
|
|
|
// $matches[4] - bit between the tags (i.e. text to process)
|
|
|
|
|
// $matches[5] - closing tag
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// In case we decide to load a file
|
2012-03-31 21:10:26 +00:00
|
|
|
|
$bbPath = e_CORE.'bbcodes/';
|
|
|
|
|
$bbFile = strtolower(str_replace('_', '', $matches[2]));
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$bbcode = '';
|
2012-03-31 21:10:26 +00:00
|
|
|
|
$className = '';
|
|
|
|
|
$full_text = '';
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$code_text = $matches[4];
|
2012-07-22 10:03:00 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$parm = $matches[3] ? substr($matches[3],1) : '';
|
|
|
|
|
$last_bbcode = $matches[2];
|
|
|
|
|
switch ($matches[2])
|
|
|
|
|
{
|
|
|
|
|
case 'php' :
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Probably run the output through the normal processing functions - but put here so the PHP code can disable if desired
|
|
|
|
|
$proc_funcs = TRUE;
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// This is just the contents of the php.bb file pulled in - its short, so will be quicker
|
|
|
|
|
// $search = array(""", "'", "$", '<br />', E_NL, "->", "<br />");
|
|
|
|
|
// $replace = array('"', "'", "$", "\n", "\n", "->", "<br />");
|
|
|
|
|
// Shouldn't have any parameter on this bbcode
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Not sure whether checks are necessary now we've reorganised
|
|
|
|
|
// if (!$matches[3]) $bbcode = str_replace($search, $replace, $matches[4]);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Because we're bypassing most of the initial parser processing, we should be able to just reverse the effects of toDB() and execute the code
|
2011-03-19 11:54:12 +00:00
|
|
|
|
// [SecretR] - avoid php code injections, missing php.bb will completely disable user posted php blocks
|
2012-03-31 21:10:26 +00:00
|
|
|
|
$bbcode = file_get_contents($bbPath.$bbFile.'.bb');
|
2009-10-30 20:58:52 +00:00
|
|
|
|
if (!$matches[3])
|
2009-11-12 21:41:34 +00:00
|
|
|
|
{
|
2011-03-19 11:54:12 +00:00
|
|
|
|
$code_text = html_entity_decode($matches[4], ENT_QUOTES, 'UTF-8');
|
2009-11-12 21:41:34 +00:00
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
break;
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2012-07-23 02:25:17 +00:00
|
|
|
|
case 'html' : // This overrides and deprecates html.bb
|
2009-01-30 20:39:03 +00:00
|
|
|
|
$proc_funcs = TRUE;
|
|
|
|
|
$convertNL = FALSE;
|
2012-07-23 02:25:17 +00:00
|
|
|
|
$code_text = str_replace("\r\n", " ", $code_text);
|
|
|
|
|
$code_text = html_entity_decode($code_text, ENT_QUOTES, CHARSET);
|
|
|
|
|
$html_start = "<!-- bbcode-html-start -->"; // markers for html-to-bbcode replacement.
|
|
|
|
|
$html_end = "<!-- bbcode-html-end -->";
|
|
|
|
|
$full_text = str_replace(array("[html]","[/html]"), "",$code_text); // quick fix.. security issue?
|
|
|
|
|
$full_text =$this->replaceConstants($full_text,'abs');
|
|
|
|
|
$full_text = $html_start.$full_text.$html_end;
|
2009-01-30 20:39:03 +00:00
|
|
|
|
break;
|
2012-06-09 12:01:24 +00:00
|
|
|
|
|
|
|
|
|
case 'table' : // strip <br /> from end of <table>
|
|
|
|
|
|
|
|
|
|
$convertNL = FALSE;
|
|
|
|
|
// break;
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
case 'hide' :
|
|
|
|
|
$proc_funcs = TRUE;
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
default : // Most bbcodes will just execute their normal file
|
2012-03-31 21:10:26 +00:00
|
|
|
|
// @todo should we cache these bbcodes? require_once should make class-related codes quite efficient
|
|
|
|
|
if (file_exists($bbPath.'bb_'.$bbFile.'.php'))
|
|
|
|
|
{ // Its a bbcode class file
|
|
|
|
|
require_once($bbPath.'bb_'.$bbFile.'.php');
|
|
|
|
|
//echo "Load: {$bbFile}.php<br />";
|
|
|
|
|
$className = 'bb_'.$code;
|
|
|
|
|
$this->bbList[$code] = new $className();
|
|
|
|
|
}
|
|
|
|
|
elseif (file_exists($bbPath.$bbFile.'.bb'))
|
|
|
|
|
{
|
|
|
|
|
$bbcode = file_get_contents($bbPath.$bbFile.'.bb');
|
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
} // end - switch ($matches[2])
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2012-03-31 21:10:26 +00:00
|
|
|
|
if ($className)
|
|
|
|
|
{
|
|
|
|
|
$tempCode = new $className();
|
2012-07-23 02:25:17 +00:00
|
|
|
|
$full_text = $tempCode->bbPreDisplay($matches[4], $parm);
|
2012-03-31 21:10:26 +00:00
|
|
|
|
}
|
|
|
|
|
elseif ($bbcode)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{ // Execute the file
|
2012-03-31 21:10:26 +00:00
|
|
|
|
$full_text = eval($bbcode); // Require output of bbcode to be returned
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// added to remove possibility of nested bbcode exploits ...
|
|
|
|
|
// (same as in bbcode_handler - is it right that it just operates on $bbcode_return and not on $bbcode_output? - QUERY XXX-02
|
2012-03-31 21:10:26 +00:00
|
|
|
|
}
|
|
|
|
|
if(strpos($full_text, '[') !== FALSE)
|
|
|
|
|
{
|
|
|
|
|
$exp_search = array('eval', 'expression');
|
|
|
|
|
$exp_replace = array('ev<b></b>al', 'expres<b></b>sion');
|
|
|
|
|
$bbcode_return = str_replace($exp_search, $exp_replace, $full_text);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2008-06-14 21:01:04 +00:00
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2007-01-17 21:29:28 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Do the 'normal' processing - in principle, as previously - but think about the order.
|
2011-03-19 11:54:12 +00:00
|
|
|
|
if ($proc_funcs && !empty($full_text)) // some more speed
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Split out and ignore any scripts and style blocks. With just two choices we can match the closing tag in the regex
|
|
|
|
|
$subcon = preg_split('#((?:<s)(?:cript[^>]+>.*?</script>|tyle[^>]+>.*?</style>))#mis', $full_text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE );
|
|
|
|
|
foreach ($subcon as $sub_blk)
|
2008-06-14 21:01:04 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(substr($sub_blk, 0, 7) == '<script')
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if($opts['scripts'])
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Strip scripts unless permitted
|
|
|
|
|
$ret_parser .= $sub_blk;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
elseif(substr($sub_blk, 0, 6) == '<style')
|
|
|
|
|
{
|
|
|
|
|
// Its a style block - just pass it through unaltered - except, do we need the line break stuff? - QUERY XXX-01
|
|
|
|
|
if(DB_INF_SHOW)
|
2009-11-12 21:41:34 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
echo "Processing stylesheet: {$sub_blk}<br />";
|
2009-11-12 21:41:34 +00:00
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$ret_parser .= $sub_blk;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
// Do 'normal' processing on a chunk
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Could put tag stripping in here
|
2012-06-09 12:01:24 +00:00
|
|
|
|
|
2009-01-30 20:39:03 +00:00
|
|
|
|
/*
|
2009-01-23 21:18:37 +00:00
|
|
|
|
// Line break compression - filter white space after HTML tags - among other things, ensures HTML tables display properly
|
2009-01-30 20:39:03 +00:00
|
|
|
|
// Hopefully now achieved by other means
|
|
|
|
|
if ($convertNL && !$opts['nobreak'])
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
|
|
|
|
$sub_blk = preg_replace("#>\s*[\r]*\n[\r]*#", ">", $sub_blk);
|
|
|
|
|
}
|
2009-01-30 20:39:03 +00:00
|
|
|
|
*/
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Link substitution
|
|
|
|
|
// Convert URL's to clickable links, unless modifiers or prefs override
|
|
|
|
|
if ($opts['link_click'])
|
|
|
|
|
{
|
|
|
|
|
if ($opts['link_replace'])
|
|
|
|
|
{
|
|
|
|
|
$_ext = ($pref['links_new_window'] ? " rel=\"external\"" : "");
|
2011-05-29 10:05:33 +00:00
|
|
|
|
// $sub_blk = preg_replace("#(^|[\s])([\w]+?://(?:[\w-%]+?)(?:\.[\w-%]+?)+.*?)(?=$|[\s()[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a href=\"\\2\" {$_ext}>".$pref['link_text']."</a>", $sub_blk);
|
|
|
|
|
// $sub_blk = preg_replace("#(^|[\s])((?:www|ftp)(?:\.[\w-%]+?){2}.*?)(?=$|[\s()[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a href=\"http://\\2\" {$_ext}>".$pref['link_text']."</a>", $sub_blk);
|
|
|
|
|
$sub_blk = preg_replace("#(^|[\s])([\w]+?://(?:[\w-%]+?)(?:\.[\w-%]+?)+.*?)(?=$|[\s[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a href=\"\\2\" {$_ext}>".$pref['link_text']."</a>", $sub_blk);
|
|
|
|
|
$sub_blk = preg_replace("#(^|[\s])((?:www|ftp)(?:\.[\w-%]+?){2}.*?)(?=$|[\s[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a href=\"http://\\2\" {$_ext}>".$pref['link_text']."</a>", $sub_blk);
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$email_text = ($pref['email_text']) ? $this->replaceConstants($pref['email_text']) : LAN_EMAIL_SUBS;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$sub_blk = preg_replace("#([\n ])([a-z0-9\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1<a rel='external' href='javascript:window.location=\"mai\"+\"lto:\"+\"\\2\"+\"@\"+\"\\3\";self.close();' onmouseover='window.status=\"mai\"+\"lto:\"+\"\\2\"+\"@\"+\"\\3\"; return true;' onmouseout='window.status=\"\";return true;'>".$email_text."</a>", $sub_blk);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2009-11-17 11:00:40 +00:00
|
|
|
|
$email_text = '$1$2©$3';
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2011-05-29 10:05:33 +00:00
|
|
|
|
// $sub_blk = preg_replace("#(^|[\s])([\w]+?://(?:[\w-%]+?)(?:\.[\w-%]+?)+.*?)(?=$|[\s()[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a href=\"\\2\" rel=\"external\">\\2</a>", $sub_blk);
|
|
|
|
|
// $sub_blk = preg_replace("#(^|[\s])((?:www|ftp)(?:\.[\w-%]+?){2}.*?)(?=$|[\s()[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a href=\"http://\\2\" rel=\"external\">\\2</a>", $sub_blk);
|
|
|
|
|
$sub_blk = preg_replace("#(^|[\s])([\w]+?://(?:[\w-%]+?)(?:\.[\w-%]+?)+.*?)(?=$|[\s[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a href=\"\\2\" rel=\"external\">\\2</a>", $sub_blk);
|
|
|
|
|
$sub_blk = preg_replace("#(^|[\s])((?:www|ftp)(?:\.[\w-%]+?){2}.*?)(?=$|[\s[\]<]|\.\s|\.$|,\s|,$)#is", "\\1<a href=\"http://\\2\" rel=\"external\">\\2</a>", $sub_blk);
|
2009-03-08 18:48:12 +00:00
|
|
|
|
$sub_blk = preg_replace("#([\n ])([a-z0-9\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", "\\1<a rel='external' href='javascript:window.location=\"mai\"+\"lto:\"+\"\\2\"+\"@\"+\"\\3\";self.close();' onmouseover='window.status=\"mai\"+\"lto:\"+\"\\2\"+\"@\"+\"\\3\"; return true;' onmouseout='window.status=\"\";return true;'>".$email_text."</a>", $sub_blk);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Convert emoticons to graphical icons, if enabled
|
|
|
|
|
if ($opts['emotes'])
|
|
|
|
|
{
|
|
|
|
|
if (!is_object($this->e_emote))
|
|
|
|
|
{
|
|
|
|
|
require_once(e_HANDLER.'emote_filter.php');
|
|
|
|
|
$this->e_emote = new e_emoteFilter;
|
|
|
|
|
}
|
|
|
|
|
$sub_blk = $this->e_emote->filterEmotes($sub_blk);
|
|
|
|
|
}
|
2007-01-17 21:29:28 +00:00
|
|
|
|
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Reduce newlines in all forms to a single newline character (finds '\n', '\r\n', '\n\r')
|
|
|
|
|
if (!$opts['nobreak'])
|
|
|
|
|
{
|
2009-01-30 20:39:03 +00:00
|
|
|
|
if ($convertNL)
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// We may need to convert to <br /> later
|
|
|
|
|
$sub_blk = preg_replace("#[\r]*\n[\r]*#", E_NL, $sub_blk);
|
2009-01-30 20:39:03 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Not doing any more - its HTML so keep \n so HTML is formatted
|
|
|
|
|
$sub_blk = preg_replace("#[\r]*\n[\r]*#", "\n", $sub_blk);
|
2009-01-30 20:39:03 +00:00
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Entity conversion
|
|
|
|
|
// Restore entity form of quotes and such to single characters, except for text destined for tag attributes or JS.
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if($opts['value'])
|
|
|
|
|
{
|
|
|
|
|
// output used for attribute values.
|
|
|
|
|
$sub_blk = str_replace($this->replace, $this->search, $sub_blk);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
|
|
|
|
// output not used for attribute values.
|
|
|
|
|
$sub_blk = str_replace($this->search, $this->replace, $sub_blk);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2007-01-17 21:29:28 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// BBCode processing (other than the four already done, which shouldn't appear at all in the text)
|
|
|
|
|
if ($parseBB !== FALSE)
|
2008-08-17 15:04:20 +00:00
|
|
|
|
{
|
2009-01-03 22:32:54 +00:00
|
|
|
|
if (!is_object($this->e_bb))
|
|
|
|
|
{
|
|
|
|
|
require_once(e_HANDLER.'bbcode_handler.php');
|
|
|
|
|
$this->e_bb = new e_bbcode;
|
|
|
|
|
}
|
|
|
|
|
if ($parseBB === TRUE)
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// 'Normal' or 'legacy' processing
|
2012-07-22 10:03:00 +00:00
|
|
|
|
if($modifiers == "WYSIWYG")
|
|
|
|
|
{
|
|
|
|
|
$sub_blk = $this->e_bb->parseBBCodes($sub_blk, $postID, 'wysiwyg');
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$sub_blk = $this->e_bb->parseBBCodes($sub_blk, $postID);
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
elseif ($parseBB === 'STRIP')
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Need to strip all BBCodes
|
|
|
|
|
$sub_blk = $this->e_bb->parseBBCodes($sub_blk, $postID, 'default', TRUE);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Need to strip just some BBCodes
|
|
|
|
|
$sub_blk = $this->e_bb->parseBBCodes($sub_blk, $postID, 'default', $parseBB);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2008-08-17 15:04:20 +00:00
|
|
|
|
}
|
2007-01-17 21:29:28 +00:00
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// replace all {e_XXX} constants with their e107 value. modifier determines relative/absolute conversion
|
|
|
|
|
// (Moved to after bbcode processing by Cameron)
|
|
|
|
|
if ($opts['constants'])
|
|
|
|
|
{
|
2009-11-16 20:40:39 +00:00
|
|
|
|
$sub_blk = $this->replaceConstants($sub_blk, $opts['constants']); // Now decodes text values
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// profanity filter
|
|
|
|
|
if ($pref['profanity_filter'])
|
|
|
|
|
{
|
|
|
|
|
if (!is_object($this->e_pf))
|
|
|
|
|
{
|
|
|
|
|
require_once(e_HANDLER."profanity_filter.php");
|
|
|
|
|
$this->e_pf = new e_profanityFilter;
|
|
|
|
|
}
|
|
|
|
|
$sub_blk = $this->e_pf->filterProfanities($sub_blk);
|
|
|
|
|
}
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Shortcodes
|
|
|
|
|
// Optional short-code conversion
|
|
|
|
|
if ($opts['parse_sc'])
|
|
|
|
|
{
|
|
|
|
|
$sub_blk = $this->parseTemplate($sub_blk, TRUE);
|
|
|
|
|
}
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2008-06-14 21:01:04 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
//Run any hooked in parsers
|
2009-01-03 22:32:54 +00:00
|
|
|
|
if ($opts['hook'])
|
|
|
|
|
{
|
|
|
|
|
if ( varset($pref['tohtml_hook']))
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
|
|
|
|
//Process the older tohtml_hook pref (deprecated)
|
|
|
|
|
foreach(explode(",", $pref['tohtml_hook']) as $hook)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
|
|
|
|
if (!is_object($this->e_hook[$hook]))
|
|
|
|
|
{
|
2009-10-22 13:00:37 +00:00
|
|
|
|
if(is_readable(e_PLUGIN.$hook."/".$hook.".php"))
|
|
|
|
|
{
|
|
|
|
|
require_once(e_PLUGIN.$hook."/".$hook.".php");
|
|
|
|
|
$hook_class = "e_".$hook;
|
|
|
|
|
$this->e_hook[$hook] = new $hook_class;
|
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
$sub_blk = $this->e_hook[$hook]->$hook($sub_blk,$opts['context']);
|
|
|
|
|
}
|
|
|
|
|
}
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
if(isset($pref['e_tohtml_list']) && is_array($pref['e_tohtml_list']))
|
|
|
|
|
{
|
|
|
|
|
foreach($pref['e_tohtml_list'] as $hook)
|
|
|
|
|
{
|
|
|
|
|
if (!is_object($this->e_hook[$hook]))
|
|
|
|
|
{
|
2009-10-22 13:00:37 +00:00
|
|
|
|
if(is_readable(e_PLUGIN.$hook."/e_tohtml.php"))
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
require_once(e_PLUGIN.$hook."/e_tohtml.php");
|
2009-10-22 13:00:37 +00:00
|
|
|
|
$hook_class = "e_tohtml_".$hook;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$this->e_hook[$hook] = new $hook_class;
|
2009-10-22 13:00:37 +00:00
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
$sub_blk = $this->e_hook[$hook]->to_html($sub_blk, $opts['context']);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2008-06-14 21:01:04 +00:00
|
|
|
|
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Word wrap
|
|
|
|
|
if ($wrap && !$opts['nobreak'])
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$sub_blk = $this->textclean($sub_blk, $wrap);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2008-06-14 21:01:04 +00:00
|
|
|
|
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
// Search highlighting
|
|
|
|
|
if ($opts['emotes']) // Why??
|
|
|
|
|
{
|
|
|
|
|
if ($this->checkHighlighting())
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$sub_blk = $this->e_highlight($sub_blk, $this->e_query);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-30 20:39:03 +00:00
|
|
|
|
if ($convertNL)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Default replaces all \n with <br /> for HTML display
|
|
|
|
|
$nl_replace = '<br />';
|
2009-01-30 20:39:03 +00:00
|
|
|
|
if ($opts['nobreak'])
|
|
|
|
|
{
|
|
|
|
|
$nl_replace = '';
|
|
|
|
|
}
|
|
|
|
|
elseif ($opts['retain_nl'])
|
|
|
|
|
{
|
|
|
|
|
$nl_replace = "\n";
|
|
|
|
|
}
|
|
|
|
|
$sub_blk = str_replace(E_NL, $nl_replace, $sub_blk);
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2008-06-14 21:01:04 +00:00
|
|
|
|
|
2009-01-08 21:47:44 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$ret_parser .= $sub_blk;
|
|
|
|
|
} // End of 'normal' processing for a block of text
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
} // End of 'foreach() on each block of non-script text
|
2008-06-14 21:01:04 +00:00
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
} // End of 'normal' parsing (non-script text)
|
|
|
|
|
else
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// Text block that needed no processing at all
|
|
|
|
|
$ret_parser .= $full_text;
|
2009-01-03 22:32:54 +00:00
|
|
|
|
}
|
2008-06-14 21:01:04 +00:00
|
|
|
|
}
|
2009-01-03 22:32:54 +00:00
|
|
|
|
return trim($ret_parser);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2007-01-17 21:29:28 +00:00
|
|
|
|
|
2009-01-08 21:47:44 +00:00
|
|
|
|
function toAttribute($text)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// URLs posted without HTML access may have an & in them.
|
|
|
|
|
$text = str_replace('&', '&', $text);
|
|
|
|
|
// Xhtml compliance.
|
2009-10-30 20:58:52 +00:00
|
|
|
|
$text = htmlspecialchars($text, ENT_QUOTES, 'UTF-8');
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(!preg_match('/&#|\'|"|\(|\)|<|>/s', $text))
|
2007-12-30 23:31:18 +00:00
|
|
|
|
{
|
2009-01-03 22:32:54 +00:00
|
|
|
|
$text = $this->replaceConstants($text);
|
|
|
|
|
return $text;
|
2009-01-08 21:47:44 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2006-12-02 04:36:16 +00:00
|
|
|
|
return '';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
2009-09-02 16:39:32 +00:00
|
|
|
|
/**
|
|
|
|
|
* Convert text blocks which are to be embedded within JS
|
2009-10-30 20:05:17 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string|array $stringarray
|
2009-10-30 20:05:17 +00:00
|
|
|
|
* @return string
|
2009-09-02 16:39:32 +00:00
|
|
|
|
*/
|
2009-10-30 23:31:08 +00:00
|
|
|
|
public function toJS($stringarray)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$search = array("\r\n", "\r", "<br />", "'");
|
|
|
|
|
$replace = array("\\n", "", "\\n", "\'");
|
2006-12-02 04:36:16 +00:00
|
|
|
|
$stringarray = str_replace($search, $replace, $stringarray);
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$stringarray = strip_tags($stringarray);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$trans_tbl = get_html_translation_table(HTML_ENTITIES);
|
|
|
|
|
$trans_tbl = array_flip($trans_tbl);
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
return strtr($stringarray, $trans_tbl);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
2009-09-02 16:39:32 +00:00
|
|
|
|
/**
|
2009-10-30 19:57:28 +00:00
|
|
|
|
* Convert Text for RSS/XML use.
|
2009-10-30 20:05:17 +00:00
|
|
|
|
*
|
2009-10-30 23:31:08 +00:00
|
|
|
|
* @param string $text
|
|
|
|
|
* @param boolean $tags [optional]
|
2009-10-30 20:05:17 +00:00
|
|
|
|
* @return string
|
2009-09-02 16:39:32 +00:00
|
|
|
|
*/
|
2009-10-30 19:57:28 +00:00
|
|
|
|
function toRss($text, $tags = FALSE)
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
|
|
|
|
if($tags != TRUE)
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$text = $this -> toHTML($text, TRUE);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
$text = strip_tags($text);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$text = $this->toEmail($text);
|
2009-10-30 20:05:17 +00:00
|
|
|
|
$search = array("&#039;", "&#036;", "'", "$"," & ", e_BASE, "href='request.php");
|
|
|
|
|
$replace = array("'", '$', "'", '$',' & ', SITEURL, "href='".SITEURL."request.php" );
|
|
|
|
|
$text = str_replace($search, $replace, $text);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
|
|
|
|
if($tags == TRUE && ($text))
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$text = "<![CDATA[".$text."]]>";
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Convert specific characters back to original form, for use in storing code (or regex) values in the db.
|
|
|
|
|
function toText($text)
|
|
|
|
|
{
|
|
|
|
|
$search = array("&#039;", "&#036;", "'", "$", "\", "&#092;");
|
|
|
|
|
$replace = array("'", '$', "'", '$', "\\", "\\");
|
|
|
|
|
$text = str_replace($search, $replace, $text);
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-09 16:05:41 +00:00
|
|
|
|
public function thumbUrl($url, $options = array(), $raw = false, $full = false)
|
|
|
|
|
{
|
2013-03-18 12:26:55 +02:00
|
|
|
|
if(substr($url,0,3)=="{e_") // Fix for broken links that use {e_MEDIA} etc.
|
2011-08-19 23:39:44 +00:00
|
|
|
|
{
|
2013-03-18 12:26:55 +02:00
|
|
|
|
//$url = $this->replaceConstants($url,'abs');
|
|
|
|
|
// always switch to 'nice' urls when SC is used
|
2013-03-18 03:41:05 -07:00
|
|
|
|
$url = str_replace($this->getUrlConstants('sc'), $this->getUrlConstants('raw'), $url);
|
2011-08-19 23:39:44 +00:00
|
|
|
|
}
|
|
|
|
|
|
2010-03-09 16:05:41 +00:00
|
|
|
|
if(!is_array($options))
|
|
|
|
|
{
|
|
|
|
|
parse_str($options, $options);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($raw) $url = $this->createConstants($url, 'mix');
|
2011-08-22 23:52:45 +00:00
|
|
|
|
|
2012-07-14 10:40:40 +00:00
|
|
|
|
$baseurl = ($full ? SITEURL : e_HTTP).'thumb.php?';
|
2013-02-28 03:38:50 -08:00
|
|
|
|
|
2012-07-14 10:40:40 +00:00
|
|
|
|
$thurl = 'src='.$url.'&';
|
2011-08-19 23:39:44 +00:00
|
|
|
|
|
2010-03-10 10:05:39 +00:00
|
|
|
|
if(vartrue($options['aw']) || vartrue($options['ah']))
|
2010-03-09 16:05:41 +00:00
|
|
|
|
{
|
2010-03-10 10:05:39 +00:00
|
|
|
|
$thurl .= 'aw='.((integer) vartrue($options['aw'], 0)).'&ah='.((integer) vartrue($options['ah'], 0));
|
2010-03-09 16:05:41 +00:00
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2013-03-08 20:16:49 -08:00
|
|
|
|
if(!vartrue($options['w']) && !vartrue($options['h'])) $options['w'] = $this->thumbWidth;
|
2010-03-10 10:05:39 +00:00
|
|
|
|
$thurl .= 'w='.((integer) vartrue($options['w'], 0)).'&h='.((integer) vartrue($options['h'], 0));
|
2010-03-09 16:05:41 +00:00
|
|
|
|
}
|
2012-07-02 01:32:56 +00:00
|
|
|
|
|
2012-07-14 10:40:40 +00:00
|
|
|
|
|
|
|
|
|
if(vartrue($options['x']))//base64 encode url
|
2012-07-02 01:32:56 +00:00
|
|
|
|
{
|
2012-07-14 10:40:40 +00:00
|
|
|
|
$thurl = 'id='.base64_encode($thurl);
|
2012-07-02 01:32:56 +00:00
|
|
|
|
}
|
2010-03-09 16:05:41 +00:00
|
|
|
|
|
2012-07-02 01:32:56 +00:00
|
|
|
|
// echo "<br /><br />".$thurl;
|
|
|
|
|
|
2012-07-14 10:40:40 +00:00
|
|
|
|
return $baseurl.$thurl;
|
2010-03-09 16:05:41 +00:00
|
|
|
|
}
|
2009-09-02 16:39:32 +00:00
|
|
|
|
|
2010-03-10 12:48:05 +00:00
|
|
|
|
/**
|
|
|
|
|
* Help for converting to more safe URLs
|
|
|
|
|
* e.g. {e_MEDIA_FILE}path/to/video.flv => e_MEDIA_FILE/path/to/video.flv
|
|
|
|
|
*
|
|
|
|
|
* @todo support for ALL URL shortcodes (replacement methods)
|
|
|
|
|
* @param string $type sc|raw|rev|all
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
public function getUrlConstants($type = 'sc')
|
|
|
|
|
{
|
2010-03-10 15:43:42 +00:00
|
|
|
|
// sub-folders first!
|
2010-03-10 12:48:05 +00:00
|
|
|
|
static $array = array(
|
|
|
|
|
'e_MEDIA_FILE/' => '{e_MEDIA_FILE}',
|
|
|
|
|
'e_MEDIA_VIDEO/' => '{e_MEDIA_VIDEO}',
|
|
|
|
|
'e_MEDIA_IMAGE/' => '{e_MEDIA_IMAGE}',
|
|
|
|
|
'e_MEDIA_ICON/' => '{e_MEDIA_ICON}',
|
|
|
|
|
'e_MEDIA_AVATAR/' => '{e_MEDIA_AVATAR}',
|
|
|
|
|
'e_WEB_JS/' => '{e_WEB_JS}',
|
|
|
|
|
'e_WEB_CSS/' => '{e_WEB_CSS}',
|
|
|
|
|
'e_WEB_IMAGE/' => '{e_WEB_IMAGE}',
|
2012-12-16 13:19:52 -08:00
|
|
|
|
// 'e_WEB_PACK/' => '{e_WEB_PACK}',
|
2010-03-10 15:43:42 +00:00
|
|
|
|
|
|
|
|
|
'e_BASE/' => '{e_BASE}',
|
|
|
|
|
'e_ADMIN/' => '{e_ADMIN}',
|
|
|
|
|
'e_IMAGE/' => '{e_IMAGE}',
|
|
|
|
|
'e_THEME/' => '{e_THEME}',
|
|
|
|
|
'e_PLUGIN/' => '{e_PLUGIN}',
|
2012-12-16 13:19:52 -08:00
|
|
|
|
'e_HANDLER/' => '{e_HANDLER}', // BC
|
2010-03-10 15:43:42 +00:00
|
|
|
|
'e_MEDIA/' => '{e_MEDIA}',
|
|
|
|
|
'e_WEB/' => '{e_ADMIN}',
|
2010-03-10 12:48:05 +00:00
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
switch ($type)
|
|
|
|
|
{
|
|
|
|
|
case 'sc':
|
|
|
|
|
return array_values($array);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'raw':
|
|
|
|
|
return array_keys($array);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'rev':
|
|
|
|
|
return array_reverse($array, true);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case 'all':
|
|
|
|
|
return $array;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
return array();
|
|
|
|
|
}
|
|
|
|
|
|
2009-09-02 16:39:32 +00:00
|
|
|
|
/**
|
|
|
|
|
* Replace e107 path constants
|
2009-10-30 19:57:28 +00:00
|
|
|
|
* Note: only an ADMIN user can convert {e_ADMIN}
|
2011-01-03 10:54:08 +00:00
|
|
|
|
* TODO - runtime cache of search/replace arrays (object property) when $mode !== ''
|
2009-09-12 18:20:23 +00:00
|
|
|
|
* @param string $text
|
2009-10-30 19:57:28 +00:00
|
|
|
|
* @param string $mode [optional] abs|full "full" = produce absolute URL path, e.g. http://sitename.com/e107_plugins/etc
|
2012-12-16 19:23:11 +00:00
|
|
|
|
* 'abs' = produce truncated URL path, e.g. e107plugins/etc
|
2009-09-02 16:39:32 +00:00
|
|
|
|
* "" (default) = URL's get relative path e.g. ../e107_plugins/etc
|
2009-09-12 18:20:23 +00:00
|
|
|
|
* @param mixed $all [optional] if TRUE, then when $mode is "full" or TRUE, USERID is also replaced...
|
2009-09-02 16:39:32 +00:00
|
|
|
|
* when $mode is "" (default), ALL other e107 constants are replaced
|
2009-09-29 17:40:56 +00:00
|
|
|
|
* @return string
|
2009-09-02 16:39:32 +00:00
|
|
|
|
*/
|
2009-10-30 23:31:08 +00:00
|
|
|
|
public function replaceConstants($text, $mode = '', $all = FALSE)
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-07-17 02:28:49 +00:00
|
|
|
|
if($mode != "")
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2009-08-19 14:39:57 +00:00
|
|
|
|
$e107 = e107::getInstance();
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2009-08-19 14:39:57 +00:00
|
|
|
|
$replace_relative = array(
|
2010-03-10 15:43:42 +00:00
|
|
|
|
$e107->getFolder('media_files'),
|
|
|
|
|
$e107->getFolder('media_video'),
|
|
|
|
|
$e107->getFolder('media_image'),
|
|
|
|
|
$e107->getFolder('media_icon'),
|
|
|
|
|
$e107->getFolder('media_avatar'),
|
|
|
|
|
$e107->getFolder('web_js'),
|
|
|
|
|
$e107->getFolder('web_css'),
|
|
|
|
|
$e107->getFolder('web_image'),
|
2012-12-16 19:23:11 +00:00
|
|
|
|
//$e107->getFolder('web_pack'),
|
2011-01-03 10:54:08 +00:00
|
|
|
|
e_IMAGE_ABS,
|
|
|
|
|
e_THEME_ABS,
|
2009-08-20 12:27:26 +00:00
|
|
|
|
$e107->getFolder('images'),
|
|
|
|
|
$e107->getFolder('plugins'),
|
|
|
|
|
$e107->getFolder('files'),
|
|
|
|
|
$e107->getFolder('themes'),
|
2009-09-04 15:24:41 +00:00
|
|
|
|
// $e107->getFolder('downloads'),
|
2009-11-14 04:13:11 +00:00
|
|
|
|
$e107->getFolder('handlers'),
|
2010-03-10 15:43:42 +00:00
|
|
|
|
$e107->getFolder('media'),
|
|
|
|
|
$e107->getFolder('web'),
|
2011-01-03 10:54:08 +00:00
|
|
|
|
$e107->site_theme ? $e107->getFolder('themes').$e107->site_theme.'/' : '',
|
|
|
|
|
defset('THEME_ABS'),
|
|
|
|
|
(ADMIN ? $e107->getFolder('admin') : ''),
|
2011-11-25 17:36:40 +00:00
|
|
|
|
'',
|
|
|
|
|
$e107->getFolder('core'),
|
|
|
|
|
$e107->getFolder('system'),
|
2009-08-19 14:39:57 +00:00
|
|
|
|
);
|
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
switch ($mode)
|
2009-07-17 02:28:49 +00:00
|
|
|
|
{
|
2009-08-19 14:39:57 +00:00
|
|
|
|
case 'abs':
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$replace_absolute = array(
|
2010-03-10 15:43:42 +00:00
|
|
|
|
e_MEDIA_FILE_ABS,
|
|
|
|
|
e_MEDIA_VIDEO_ABS,
|
|
|
|
|
e_MEDIA_IMAGE_ABS,
|
|
|
|
|
e_MEDIA_ICON_ABS,
|
|
|
|
|
e_MEDIA_AVATAR_ABS,
|
|
|
|
|
e_JS_ABS,
|
|
|
|
|
e_CSS_ABS,
|
|
|
|
|
e_WEB_IMAGE_ABS,
|
2012-12-14 22:25:14 -08:00
|
|
|
|
// e_PACK_ABS,
|
2009-08-19 14:39:57 +00:00
|
|
|
|
e_IMAGE_ABS,
|
|
|
|
|
e_THEME_ABS,
|
|
|
|
|
e_IMAGE_ABS,
|
|
|
|
|
e_PLUGIN_ABS,
|
|
|
|
|
e_FILE_ABS,
|
|
|
|
|
e_THEME_ABS,
|
2009-09-04 15:24:41 +00:00
|
|
|
|
// e_DOWNLOAD_ABS, //impossible when download is done via php.
|
2012-12-16 19:23:11 +00:00
|
|
|
|
'', // handlers - no ABS path available
|
2010-03-10 15:43:42 +00:00
|
|
|
|
e_MEDIA_ABS,
|
|
|
|
|
e_WEB_ABS,
|
2011-01-03 10:54:08 +00:00
|
|
|
|
defset('THEME_ABS'),
|
|
|
|
|
defset('THEME_ABS'),
|
|
|
|
|
(ADMIN ? e_ADMIN_ABS : ''),
|
2011-11-25 17:36:40 +00:00
|
|
|
|
$e107->server_path,
|
|
|
|
|
'', // no e_CORE absolute path
|
|
|
|
|
'', // no e_SYSTEM absolute path
|
2009-08-19 14:39:57 +00:00
|
|
|
|
);
|
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2009-08-19 14:39:57 +00:00
|
|
|
|
case 'full':
|
|
|
|
|
$replace_absolute = array(
|
2010-03-10 15:43:42 +00:00
|
|
|
|
SITEURLBASE.e_MEDIA_FILE_ABS,
|
|
|
|
|
SITEURLBASE.e_MEDIA_VIDEO_ABS,
|
|
|
|
|
SITEURLBASE.e_MEDIA_IMAGE_ABS,
|
|
|
|
|
SITEURLBASE.e_MEDIA_ICON_ABS,
|
|
|
|
|
SITEURLBASE.e_MEDIA_AVATAR_ABS,
|
|
|
|
|
SITEURLBASE.e_JS_ABS,
|
|
|
|
|
SITEURLBASE.e_CSS_ABS,
|
|
|
|
|
SITEURLBASE.e_WEB_IMAGE_ABS,
|
2012-12-14 22:25:14 -08:00
|
|
|
|
// SITEURLBASE.e_PACK_ABS,
|
2010-03-10 15:43:42 +00:00
|
|
|
|
SITEURLBASE.e_IMAGE_ABS,
|
|
|
|
|
SITEURLBASE.e_THEME_ABS,
|
|
|
|
|
SITEURLBASE.e_IMAGE_ABS,
|
|
|
|
|
SITEURLBASE.e_PLUGIN_ABS,
|
|
|
|
|
SITEURLBASE.e_FILE_ABS, // deprecated
|
|
|
|
|
SITEURLBASE.e_THEME_ABS,
|
|
|
|
|
//SITEURL.$e107->getFolder('downloads'),
|
2012-12-16 19:23:11 +00:00
|
|
|
|
'', // handlers - no ABS path available
|
2010-03-10 15:43:42 +00:00
|
|
|
|
SITEURLBASE.e_MEDIA_ABS,
|
|
|
|
|
SITEURLBASE.e_WEB_ABS,
|
2011-01-03 10:54:08 +00:00
|
|
|
|
defset('THEME_ABS') ? SITEURLBASE.THEME_ABS : '',
|
|
|
|
|
defset('THEME_ABS') ? SITEURLBASE.THEME_ABS : '',
|
|
|
|
|
(ADMIN ? SITEURLBASE.e_ADMIN_ABS : ''),
|
2011-11-25 17:36:40 +00:00
|
|
|
|
SITEURL,
|
|
|
|
|
'', // no e_CORE absolute path
|
|
|
|
|
'', // no e_SYSTEM absolute path
|
2009-08-19 14:39:57 +00:00
|
|
|
|
);
|
|
|
|
|
break;
|
2009-07-17 02:28:49 +00:00
|
|
|
|
}
|
2010-03-10 15:43:42 +00:00
|
|
|
|
// sub-folders first!
|
|
|
|
|
$search = array(
|
|
|
|
|
'{e_MEDIA_FILE}',
|
|
|
|
|
'{e_MEDIA_VIDEO}',
|
|
|
|
|
'{e_MEDIA_IMAGE}',
|
|
|
|
|
'{e_MEDIA_ICON}',
|
|
|
|
|
'{e_MEDIA_AVATAR}',
|
|
|
|
|
'{e_WEB_JS}',
|
|
|
|
|
'{e_WEB_CSS}',
|
|
|
|
|
'{e_WEB_IMAGE}',
|
2012-12-14 22:25:14 -08:00
|
|
|
|
// '{e_WEB_PACK}',
|
2010-03-10 15:43:42 +00:00
|
|
|
|
"{e_IMAGE_ABS}",
|
|
|
|
|
"{e_THEME_ABS}",
|
|
|
|
|
"{e_IMAGE}",
|
|
|
|
|
"{e_PLUGIN}",
|
|
|
|
|
"{e_FILE}",
|
|
|
|
|
"{e_THEME}",
|
|
|
|
|
//,"{e_DOWNLOAD}"
|
|
|
|
|
"{e_HANDLER}",
|
|
|
|
|
"{e_MEDIA}",
|
|
|
|
|
"{e_WEB}",
|
2011-01-03 10:54:08 +00:00
|
|
|
|
"{THEME}",
|
|
|
|
|
"{THEME_ABS}",
|
|
|
|
|
"{e_ADMIN}",
|
2010-03-10 15:43:42 +00:00
|
|
|
|
"{e_BASE}",
|
2011-11-25 17:36:40 +00:00
|
|
|
|
"{e_CORE}",
|
|
|
|
|
"{e_SYSTEM}",
|
2009-11-14 04:13:11 +00:00
|
|
|
|
);
|
2009-07-17 02:28:49 +00:00
|
|
|
|
|
2011-01-03 10:54:08 +00:00
|
|
|
|
/*if (ADMIN)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-08-20 12:27:26 +00:00
|
|
|
|
$replace_relative[] = $e107->getFolder('admin');
|
|
|
|
|
$replace_absolute[] = SITEURL.$e107->getFolder('admin');
|
2006-12-02 04:36:16 +00:00
|
|
|
|
$search[] = "{e_ADMIN}";
|
2011-01-03 10:54:08 +00:00
|
|
|
|
}*/
|
2009-07-17 02:28:49 +00:00
|
|
|
|
|
2009-01-08 21:47:44 +00:00
|
|
|
|
if ($all)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
|
|
|
|
if (USER)
|
|
|
|
|
{ // Can only replace with valid number for logged in users
|
|
|
|
|
$replace_relative[] = USERID;
|
|
|
|
|
$replace_absolute[] = USERID;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$replace_relative[] = '';
|
|
|
|
|
$replace_absolute[] = '';
|
|
|
|
|
}
|
|
|
|
|
$search[] = "{USERID}";
|
2010-01-12 13:11:48 +00:00
|
|
|
|
}
|
2011-03-19 11:54:12 +00:00
|
|
|
|
|
2011-01-03 10:54:08 +00:00
|
|
|
|
// current THEME
|
|
|
|
|
/*if(!defined('THEME'))
|
|
|
|
|
{
|
|
|
|
|
//if not already parsed by doReplace
|
|
|
|
|
$text = str_replace(array('{THEME}', '{THEME_ABS}'), '', $text);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$replace_relative[] = THEME;
|
|
|
|
|
$replace_absolute[] = THEME_ABS;
|
|
|
|
|
$search[] = "{THEME}";
|
|
|
|
|
$replace_relative[] = THEME;
|
|
|
|
|
$replace_absolute[] = THEME_ABS;
|
|
|
|
|
$search[] = "{THEME_ABS}";
|
|
|
|
|
}*/
|
2009-07-17 02:28:49 +00:00
|
|
|
|
|
|
|
|
|
$replace = ((string)$mode == "full" || (string)$mode=='abs' ) ? $replace_absolute : $replace_relative;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
return str_replace($search,$replace,$text);
|
|
|
|
|
}
|
2009-07-17 02:28:49 +00:00
|
|
|
|
|
2007-12-30 23:31:18 +00:00
|
|
|
|
// $pattern = ($all ? "#\{([A-Za-z_0-9]*)\}#s" : "#\{(e_[A-Z]*)\}#s");
|
2010-03-16 18:41:35 +00:00
|
|
|
|
$pattern = ($all ? '#\{([A-Za-z_0-9]*)\}#s' : '#\{(e_[A-Z]*(?:_IMAGE|_VIDEO|_FILE|_CONTENT|_ICON|_AVATAR|_JS|_CSS|_PACK|_DB|_ABS){0,1})\}#s');
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$text = preg_replace_callback($pattern, array($this, 'doReplace'), $text);
|
|
|
|
|
|
|
|
|
|
if(!defined('THEME'))
|
|
|
|
|
{
|
|
|
|
|
//if not already parsed by doReplace
|
|
|
|
|
$text = str_replace(array('{THEME}', '{THEME_ABS}'), '', $text);
|
|
|
|
|
}
|
2009-11-19 13:46:29 +00:00
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
$srch = array('{THEME}', '{THEME_ABS}');
|
|
|
|
|
$repl = array(THEME, THEME_ABS);
|
2010-01-12 13:11:48 +00:00
|
|
|
|
$text = str_replace($srch, $repl, $text);
|
2009-11-19 13:46:29 +00:00
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-03 22:32:54 +00:00
|
|
|
|
|
2006-12-02 04:36:16 +00:00
|
|
|
|
function doReplace($matches)
|
|
|
|
|
{
|
2011-01-15 11:53:31 +00:00
|
|
|
|
if(defined($matches[1]) && (deftrue('ADMIN') || strpos($matches[1], 'ADMIN') === FALSE))
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
|
|
|
|
return constant($matches[1]);
|
|
|
|
|
}
|
|
|
|
|
return $matches[1];
|
|
|
|
|
}
|
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
/**
|
|
|
|
|
* Create and substitute e107 constants in passed URL
|
2009-10-30 19:57:28 +00:00
|
|
|
|
*
|
2009-09-28 19:17:59 +00:00
|
|
|
|
* @param string $url
|
2009-11-16 20:40:39 +00:00
|
|
|
|
* @param integer $mode 0-folders, 1-relative ('rel'), 2-absolute ('abs'), 3-full ('full') (with domain), 4-absolute & relative ('mix') (combination of 1,2,3)
|
2009-10-30 20:05:17 +00:00
|
|
|
|
* @return string
|
2009-09-28 19:17:59 +00:00
|
|
|
|
*/
|
2009-10-30 23:31:08 +00:00
|
|
|
|
public function createConstants($url, $mode = 0)
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
2011-05-10 12:36:11 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
//FIXME - create constants for absolute paths and site URL's
|
2009-11-16 20:40:39 +00:00
|
|
|
|
if (!is_numeric($mode))
|
|
|
|
|
{
|
|
|
|
|
switch ($mode)
|
|
|
|
|
{
|
|
|
|
|
case 'rel' : $mode = 1; break;
|
|
|
|
|
case 'abs' : $mode = 2; break;
|
|
|
|
|
case 'full' : $mode = 3; break;
|
|
|
|
|
case 'mix' : $mode = 4; break;
|
2010-03-10 12:48:05 +00:00
|
|
|
|
case 'nice': $mode = 5; break;
|
2009-11-16 20:40:39 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2009-09-28 19:17:59 +00:00
|
|
|
|
$e107 = e107::getInstance();
|
|
|
|
|
switch($mode)
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2009-09-28 19:17:59 +00:00
|
|
|
|
case 0: // folder name only.
|
|
|
|
|
$tmp = array(
|
2010-03-10 15:43:42 +00:00
|
|
|
|
'{e_MEDIA_FILE}' => $e107->getFolder('media_files'),
|
2011-05-10 12:36:11 +00:00
|
|
|
|
'{e_MEDIA_VIDEO}' => $e107->getFolder('media_videos'),
|
|
|
|
|
'{e_MEDIA_IMAGE}' => $e107->getFolder('media_images'),
|
|
|
|
|
'{e_MEDIA_ICON}' => $e107->getFolder('media_icons'),
|
|
|
|
|
'{e_MEDIA_AVATAR}' => $e107->getFolder('media_avatars'),
|
2010-03-10 15:43:42 +00:00
|
|
|
|
'{e_WEB_JS}' => $e107->getFolder('web_js'),
|
|
|
|
|
'{e_WEB_CSS}' => $e107->getFolder('web_css'),
|
2011-05-10 12:36:11 +00:00
|
|
|
|
'{e_WEB_IMAGE}' => $e107->getFolder('web_images'),
|
2012-12-16 13:02:19 -08:00
|
|
|
|
// '{e_WEB_PACK}' => $e107->getFolder('web_packs'),
|
2010-03-10 15:43:42 +00:00
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
'{e_IMAGE}' => $e107->getFolder('images'),
|
|
|
|
|
'{e_PLUGIN}' => $e107->getFolder('plugins'),
|
|
|
|
|
'{e_FILE}' => $e107->getFolder('files'),
|
|
|
|
|
'{e_THEME}' => $e107->getFolder('themes'),
|
|
|
|
|
'{e_DOWNLOAD}' => $e107->getFolder('downloads'),
|
|
|
|
|
'{e_ADMIN}' => $e107->getFolder('admin'),
|
2010-03-01 14:29:49 +00:00
|
|
|
|
'{e_HANDLER}' => $e107->getFolder('handlers'),
|
|
|
|
|
'{e_MEDIA}' => $e107->getFolder('media'),
|
2010-03-08 16:00:36 +00:00
|
|
|
|
'{e_WEB}' => $e107->getFolder('web'),
|
2013-01-17 21:35:43 -08:00
|
|
|
|
'{e_UPLOAD}' => $e107->getFolder('uploads'),
|
2009-10-30 19:57:28 +00:00
|
|
|
|
);
|
2011-05-10 12:36:11 +00:00
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2011-05-10 12:36:11 +00:00
|
|
|
|
|
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
case 1: // relative path only
|
|
|
|
|
$tmp = array(
|
2010-03-10 15:43:42 +00:00
|
|
|
|
'{e_MEDIA_FILE}' => e_MEDIA_FILE,
|
|
|
|
|
'{e_MEDIA_VIDEO}' => e_MEDIA_VIDEO,
|
|
|
|
|
'{e_MEDIA_IMAGE}' => e_MEDIA_IMAGE,
|
|
|
|
|
'{e_MEDIA_ICON}' => e_MEDIA_ICON,
|
|
|
|
|
'{e_MEDIA_AVATAR}' => e_MEDIA_AVATAR,
|
|
|
|
|
'{e_WEB_JS}' => e_WEB_JS,
|
|
|
|
|
'{e_WEB_CSS}' => e_WEB_CSS,
|
|
|
|
|
'{e_WEB_IMAGE}' => e_WEB_IMAGE,
|
2012-12-16 13:19:52 -08:00
|
|
|
|
// '{e_WEB_PACK}' => e_WEB_PACK,
|
2010-03-10 15:43:42 +00:00
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
'{e_IMAGE}' => e_IMAGE,
|
|
|
|
|
'{e_PLUGIN}' => e_PLUGIN,
|
|
|
|
|
'{e_FILE}' => e_FILE,
|
|
|
|
|
'{e_THEME}' => e_THEME,
|
|
|
|
|
'{e_DOWNLOAD}' => e_DOWNLOAD,
|
|
|
|
|
'{e_ADMIN}' => e_ADMIN,
|
2010-03-01 14:29:49 +00:00
|
|
|
|
'{e_HANDLER}' => e_HANDLER,
|
|
|
|
|
'{e_MEDIA}' => e_MEDIA,
|
2010-03-08 16:00:36 +00:00
|
|
|
|
'{e_WEB}' => e_WEB,
|
2012-12-22 02:11:03 -08:00
|
|
|
|
'{e_UPLOAD}' => e_UPLOAD,
|
2009-09-28 19:17:59 +00:00
|
|
|
|
);
|
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
case 2: // absolute path only
|
|
|
|
|
$tmp = array(
|
2010-03-10 15:43:42 +00:00
|
|
|
|
'{e_MEDIA_FILE}' => e_MEDIA_FILE_ABS,
|
|
|
|
|
'{e_MEDIA_VIDEO}' => e_MEDIA_VIDEO_ABS,
|
|
|
|
|
'{e_MEDIA_IMAGE}' => e_MEDIA_IMAGE_ABS,
|
|
|
|
|
'{e_MEDIA_ICON}' => e_MEDIA_ICON_ABS,
|
|
|
|
|
'{e_MEDIA_AVATAR}' => e_MEDIA_AVATAR_ABS,
|
|
|
|
|
'{e_WEB_JS}' => e_JS_ABS,
|
|
|
|
|
'{e_WEB_CSS}' => e_CSS_ABS,
|
|
|
|
|
'{e_WEB_IMAGE}' => e_WEB_IMAGE_ABS,
|
2012-12-14 22:25:14 -08:00
|
|
|
|
// '{e_WEB_PACK}' => e_PACK_ABS,
|
2010-03-10 15:43:42 +00:00
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
'{e_IMAGE}' => e_IMAGE_ABS,
|
|
|
|
|
'{e_PLUGIN}' => e_PLUGIN_ABS,
|
2010-03-08 16:00:36 +00:00
|
|
|
|
'{e_FILE}' => e_FILE_ABS, // deprecated
|
2009-09-28 19:17:59 +00:00
|
|
|
|
'{e_THEME}' => e_THEME_ABS,
|
2010-03-08 16:00:36 +00:00
|
|
|
|
'{e_DOWNLOAD}' => e_HTTP.'request.php?',// FIXME - we need solution!
|
2009-09-28 19:17:59 +00:00
|
|
|
|
'{e_ADMIN}' => e_ADMIN_ABS,
|
2010-03-08 16:00:36 +00:00
|
|
|
|
//'{e_HANDLER}' => e_HANDLER_ABS, - no ABS path available
|
2010-03-01 14:29:49 +00:00
|
|
|
|
'{e_MEDIA}' => e_MEDIA_ABS,
|
2010-03-08 16:00:36 +00:00
|
|
|
|
'{e_WEB}' => e_WEB_ABS,
|
2011-12-07 21:07:21 +00:00
|
|
|
|
'{e_BASE}' => e_HTTP,
|
2009-09-28 19:17:59 +00:00
|
|
|
|
);
|
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
case 3: // full path (e.g http://domain.com/e107_images/)
|
|
|
|
|
$tmp = array(
|
2010-03-10 15:43:42 +00:00
|
|
|
|
'{e_MEDIA_FILE}' => SITEURLBASE.e_MEDIA_FILE_ABS,
|
|
|
|
|
'{e_MEDIA_VIDEO}' => SITEURLBASE.e_MEDIA_VIDEO_ABS,
|
|
|
|
|
'{e_MEDIA_IMAGE}' => SITEURLBASE.e_MEDIA_IMAGE_ABS,
|
|
|
|
|
'{e_MEDIA_ICON}' => SITEURLBASE.e_MEDIA_ICON_ABS,
|
|
|
|
|
'{e_MEDIA_AVATAR}' => SITEURLBASE.e_MEDIA_AVATAR_ABS,
|
|
|
|
|
'{e_WEB_JS}' => SITEURLBASE.e_JS_ABS,
|
|
|
|
|
'{e_WEB_CSS}' => SITEURLBASE.e_CSS_ABS,
|
|
|
|
|
'{e_WEB_IMAGE}' => SITEURLBASE.e_WEB_IMAGE_ABS,
|
2012-12-14 22:25:14 -08:00
|
|
|
|
// '{e_WEB_PACK}' => SITEURLBASE.e_PACK_ABS,
|
2010-03-10 15:43:42 +00:00
|
|
|
|
|
|
|
|
|
'{e_IMAGE}' => SITEURLBASE.e_IMAGE_ABS,
|
|
|
|
|
'{e_PLUGIN}' => SITEURLBASE.e_PLUGIN_ABS,
|
|
|
|
|
'{e_FILE}' => SITEURLBASE.e_FILE_ABS, // deprecated
|
|
|
|
|
'{e_THEME}' => SITEURLBASE.e_THEME_ABS,
|
|
|
|
|
'{e_DOWNLOAD}' => SITEURLBASE.e_HTTP.'request.php?',// FIXME - we need solution!
|
|
|
|
|
'{e_ADMIN}' => SITEURLBASE.e_ADMIN_ABS,
|
|
|
|
|
//'{e_HANDLER}' => e_HANDLER_ABS, - no ABS path available
|
|
|
|
|
'{e_MEDIA}' => SITEURLBASE.e_MEDIA_ABS,
|
|
|
|
|
'{e_WEB}' => SITEURLBASE.e_WEB_ABS,
|
2011-12-07 21:07:21 +00:00
|
|
|
|
'{e_BASE}' => SITEURL,
|
2009-09-28 19:17:59 +00:00
|
|
|
|
);
|
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
case 4: // absolute & relative paths
|
2009-09-29 11:32:09 +00:00
|
|
|
|
$url = $this->createConstants($url, 3);
|
|
|
|
|
$url = $this->createConstants($url, 2);
|
|
|
|
|
$url = $this->createConstants($url, 1);
|
2009-09-28 19:17:59 +00:00
|
|
|
|
return $url;
|
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2010-03-10 12:48:05 +00:00
|
|
|
|
case 5: // nice urls - e.g. e_MEDIA_VIDEO/mystream.flv
|
|
|
|
|
$url = $this->createConstants($url, 4);
|
|
|
|
|
return str_replace($this->getUrlConstants('sc'), $this->getUrlConstants('raw'), $url);
|
|
|
|
|
break;
|
|
|
|
|
|
2009-09-28 19:17:59 +00:00
|
|
|
|
default:
|
|
|
|
|
$tmp = array();
|
|
|
|
|
break;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
2009-09-28 19:17:59 +00:00
|
|
|
|
|
2006-12-02 04:36:16 +00:00
|
|
|
|
foreach($tmp as $key=>$val)
|
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$len = strlen($val);
|
|
|
|
|
if(substr($url, 0, $len) == $val)
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
// replace the first instance only
|
|
|
|
|
return substr_replace($url, $key, 0, $len);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $url;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
|
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
//FIXME - $match not used?
|
2009-01-08 21:47:44 +00:00
|
|
|
|
function e_highlight($text, $match)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-08-20 12:27:26 +00:00
|
|
|
|
$tags = array();
|
|
|
|
|
preg_match_all('#<[^>]+>#', $text, $tags);
|
|
|
|
|
$text = preg_replace('#<[^>]+>#', '<|>', $text);
|
|
|
|
|
$text = preg_replace('#(\b".$match."\b)#i', '<span class="searchhighlight">\\1</span>', $text);
|
2009-01-08 21:47:44 +00:00
|
|
|
|
foreach ($tags[0] as $tag)
|
2009-01-03 22:32:54 +00:00
|
|
|
|
{
|
2009-08-20 12:27:26 +00:00
|
|
|
|
$text = preg_replace('#<\|>#', $tag, $text, 1);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
|
|
|
|
|
2007-12-30 23:31:18 +00:00
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
public function toEmail($text, $posted = "", $mods = "parse_sc, no_make_clickable")
|
2006-12-02 04:36:16 +00:00
|
|
|
|
{
|
2011-03-19 11:54:12 +00:00
|
|
|
|
if ($posted === TRUE)
|
2007-12-30 23:31:18 +00:00
|
|
|
|
{
|
2011-03-19 11:54:12 +00:00
|
|
|
|
if (MAGIC_QUOTES_GPC)
|
|
|
|
|
{
|
|
|
|
|
$text = stripslashes($text);
|
|
|
|
|
}
|
|
|
|
|
$text = preg_replace('#\[(php)#i', '[\\1', $text);
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$text = (strtolower($mods) != "rawtext") ? $this->replaceConstants($text, "full") : $text;
|
|
|
|
|
$text = $this->toHTML($text, TRUE, $mods);
|
|
|
|
|
return $text;
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2008-10-30 22:42:41 +00:00
|
|
|
|
|
|
|
|
|
// Given an email address, returns a link including js-based obfuscation
|
2009-10-30 19:57:28 +00:00
|
|
|
|
function emailObfuscate($email, $words = '', $subject = '')
|
2008-10-30 22:42:41 +00:00
|
|
|
|
{
|
2009-10-30 19:57:28 +00:00
|
|
|
|
if(strpos($email, '@') === FALSE)
|
2008-10-30 22:42:41 +00:00
|
|
|
|
{
|
|
|
|
|
return '';
|
|
|
|
|
}
|
|
|
|
|
if ($subject)
|
|
|
|
|
{
|
|
|
|
|
$subject = '?subject='.$subject;
|
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
list($name, $address) = explode('@', $email, 2);
|
2008-10-30 22:42:41 +00:00
|
|
|
|
$reassembled = '"'.$name.'"+"@"+"'.$address.'"';
|
|
|
|
|
return "<a rel='external' href='javascript:window.location=\"mai\"+\"lto:\"+".$reassembled.$subject.";self.close();' onmouseover='window.status=\"mai\"+\"lto:\"+".$reassembled."; return true;' onmouseout='window.status=\"\";return true;'>".$words.'</a>';
|
|
|
|
|
}
|
|
|
|
|
|
2009-07-23 15:29:07 +00:00
|
|
|
|
public function __get($name)
|
2009-10-30 19:57:28 +00:00
|
|
|
|
{
|
|
|
|
|
switch($name)
|
2009-07-23 15:29:07 +00:00
|
|
|
|
{
|
|
|
|
|
case 'e_sc':
|
2009-10-30 19:57:28 +00:00
|
|
|
|
$ret = e107::getScParser();
|
2009-07-23 15:29:07 +00:00
|
|
|
|
break;
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-07-23 15:29:07 +00:00
|
|
|
|
default:
|
|
|
|
|
trigger_error('$e107->$'.$name.' not defined', E_USER_WARNING);
|
2009-10-30 19:57:28 +00:00
|
|
|
|
return NULL;
|
2009-07-23 15:29:07 +00:00
|
|
|
|
break;
|
|
|
|
|
}
|
2009-10-30 19:57:28 +00:00
|
|
|
|
|
2010-01-12 13:11:48 +00:00
|
|
|
|
|
2009-07-23 15:29:07 +00:00
|
|
|
|
$this->$name = $ret;
|
|
|
|
|
return $ret;
|
|
|
|
|
}
|
2006-12-02 04:36:16 +00:00
|
|
|
|
}
|
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Start Fresh and Build on it over time to become eventual replacement to e_parse.
|
|
|
|
|
* Cameron's DOM-based parser.
|
|
|
|
|
*/
|
2013-03-01 18:17:03 -08:00
|
|
|
|
class e_parser
|
2013-03-01 00:19:53 -08:00
|
|
|
|
{
|
2013-03-01 18:17:03 -08:00
|
|
|
|
public $domObj = null;
|
2013-03-01 00:19:53 -08:00
|
|
|
|
private $removedList = array();
|
|
|
|
|
private $nodesToDelete = array();
|
|
|
|
|
private $nodesToConvert = array();
|
|
|
|
|
private $pathList = array();
|
2013-03-01 18:17:03 -08:00
|
|
|
|
private $allowedAttributes = array(
|
|
|
|
|
'default' => array('id', 'style', 'class'),
|
|
|
|
|
'img' => array('id', 'src', 'style', 'class', 'alt', 'title', 'width', 'height'),
|
|
|
|
|
'a' => array('id', 'href', 'style', 'class', 'title'),
|
|
|
|
|
);
|
|
|
|
|
private $badAttrValues = array("javascript[\s]*?:","alert\(","vbscript[\s]*?:","data:text/html", "mhtml[\s]*?:", "data:[\s]*?image");
|
2013-03-01 00:19:53 -08:00
|
|
|
|
private $allowedTags = array('html', 'body','div','a','img','table','tr', 'td', 'th', 'tbody', 'thead', 'colgroup', 'b',
|
|
|
|
|
'i', 'pre','code', 'strong', 'u', 'em','ul','li','img','h1','h2','h3','h4','h5','h6','p',
|
|
|
|
|
'div','pre','section','article', 'blockquote','hgroup','aside','figure','span', 'video', 'br',
|
|
|
|
|
'small', 'caption'
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
public function __construct()
|
|
|
|
|
{
|
2013-03-01 18:17:03 -08:00
|
|
|
|
$this->init();
|
2013-03-01 03:46:15 -08:00
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
/*
|
|
|
|
|
$meths = get_class_methods('DomDocument');
|
|
|
|
|
sort($meths);
|
|
|
|
|
print_a($meths);
|
|
|
|
|
*/
|
|
|
|
|
}
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Used by e_parse to start
|
|
|
|
|
*/
|
|
|
|
|
function init()
|
|
|
|
|
{
|
|
|
|
|
$this->domObj = new DOMDocument();
|
|
|
|
|
|
|
|
|
|
}
|
2013-03-01 00:19:53 -08:00
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set Allowed Tags.
|
|
|
|
|
* @param $array
|
|
|
|
|
*/
|
|
|
|
|
public function setAllowedTags($array=array())
|
|
|
|
|
{
|
|
|
|
|
$this->allowedTags = $array;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set Allowed Attributes.
|
|
|
|
|
* @param $array
|
|
|
|
|
*/
|
|
|
|
|
public function setAllowedAttributes($array=array())
|
|
|
|
|
{
|
|
|
|
|
$this->allowedAttributes = $array;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2013-03-05 23:46:51 -08:00
|
|
|
|
/**
|
2013-03-06 01:24:04 -08:00
|
|
|
|
* Return an Array of all specific tags found in an HTML document and their attributes.
|
|
|
|
|
* @param $html - raw html code
|
|
|
|
|
* @param $taglist - comma separated list of tags to search or '*' for all.
|
2013-03-17 05:39:08 -07:00
|
|
|
|
* @param $header - if the $html includes the html head or body tags - it should be set to true.
|
2013-03-05 23:46:51 -08:00
|
|
|
|
*/
|
2013-03-06 01:24:04 -08:00
|
|
|
|
public function getTags($html, $taglist='*', $header = false)
|
2013-03-05 23:46:51 -08:00
|
|
|
|
{
|
2013-03-06 01:24:04 -08:00
|
|
|
|
|
|
|
|
|
if($header == false)
|
|
|
|
|
{
|
|
|
|
|
$html = "<html><body>".$html."</body></html>";
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-05 23:46:51 -08:00
|
|
|
|
$doc = $this->domObj;
|
2013-03-06 01:24:04 -08:00
|
|
|
|
|
2013-03-05 23:46:51 -08:00
|
|
|
|
$doc->loadHTML($html);
|
2013-03-06 01:24:04 -08:00
|
|
|
|
|
|
|
|
|
$tg = explode(",", $taglist);
|
|
|
|
|
$ret = array();
|
2013-03-05 23:46:51 -08:00
|
|
|
|
|
2013-03-06 01:24:04 -08:00
|
|
|
|
foreach($tg as $find)
|
2013-03-05 23:46:51 -08:00
|
|
|
|
{
|
2013-03-06 01:24:04 -08:00
|
|
|
|
$tmp = $doc->getElementsByTagName($find);
|
2013-03-05 23:46:51 -08:00
|
|
|
|
|
2013-03-06 01:24:04 -08:00
|
|
|
|
foreach($tmp as $k=>$node)
|
|
|
|
|
{
|
|
|
|
|
$tag = $node->nodeName;
|
|
|
|
|
|
|
|
|
|
foreach ($node->attributes as $attr)
|
|
|
|
|
{
|
|
|
|
|
$name = $attr->nodeName;
|
|
|
|
|
$value = $attr->nodeValue;
|
|
|
|
|
$ret[$tag][$k][$name] = $value;
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-03-05 23:46:51 -08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2013-03-08 20:16:49 -08:00
|
|
|
|
// Parse i_xxxx to bootstrap glyph format.
|
|
|
|
|
public function glyph($text)
|
|
|
|
|
{
|
|
|
|
|
$text = preg_replace('/\[(i_[\w]*)\]/',"<i class='$1'></i>", $text);
|
|
|
|
|
return $text;
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-05 23:46:51 -08:00
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
/**
|
|
|
|
|
* Perform and render XSS Test Comparison
|
|
|
|
|
*/
|
|
|
|
|
public function test()
|
|
|
|
|
{
|
2013-03-01 03:46:15 -08:00
|
|
|
|
// $tp = e107::getParser();
|
2013-03-01 00:19:53 -08:00
|
|
|
|
$sql = e107::getDb();
|
|
|
|
|
|
|
|
|
|
$html = $this->getXss();
|
|
|
|
|
|
|
|
|
|
echo "<h2>Unprocessed XSS</h2>";
|
|
|
|
|
// echo $html; // Remove Comment for a real mess!
|
|
|
|
|
print_a($html);
|
|
|
|
|
|
|
|
|
|
echo "<h2>Standard v2 Parser</h2>";
|
|
|
|
|
echo "<h3>\$tp->dataFilter()</h3>";
|
2013-03-01 18:17:03 -08:00
|
|
|
|
// echo $tp->dataFilter($html); // Remove Comment for a real mess!
|
|
|
|
|
$sql->db_Mark_Time('------ Start Parser Test -------');
|
2013-03-01 03:46:15 -08:00
|
|
|
|
print_a($this->dataFilter($html));
|
2013-03-01 00:19:53 -08:00
|
|
|
|
$sql->db_Mark_Time('tp->dataFilter');
|
|
|
|
|
|
|
|
|
|
echo "<h3>\$tp->toHtml()</h3>";
|
2013-03-01 18:17:03 -08:00
|
|
|
|
// echo $tp->dataFilter($html); // Remove Comment for a real mess!
|
2013-03-01 03:46:15 -08:00
|
|
|
|
print_a($this->tohtml($html));
|
2013-03-01 00:19:53 -08:00
|
|
|
|
$sql->db_Mark_Time('tp->toHtml');
|
|
|
|
|
|
|
|
|
|
echo "<h3>\$tp->toDB()</h3>";
|
2013-03-01 18:17:03 -08:00
|
|
|
|
// echo $tp->dataFilter($html); // Remove Comment for a real mess!
|
2013-03-01 03:46:15 -08:00
|
|
|
|
print_a($this->toDB($html));
|
2013-03-01 00:19:53 -08:00
|
|
|
|
$sql->db_Mark_Time('tp->toDB');
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
echo "<h2>New Parser</h2>";
|
|
|
|
|
echo "<h3>Processed</h3>";
|
|
|
|
|
$cleaned = $this->cleanHtml($html);
|
|
|
|
|
print_a($cleaned);
|
|
|
|
|
$sql->db_Mark_Time('new Parser');
|
2013-03-01 18:17:03 -08:00
|
|
|
|
// $sql->db_Mark_Time('------ End Parser Test -------');
|
2013-03-01 00:19:53 -08:00
|
|
|
|
echo "<h3>Processed & Rendered</h3>";
|
|
|
|
|
echo $cleaned;
|
|
|
|
|
|
|
|
|
|
echo "<h2>New Parser - Data</h2>";
|
|
|
|
|
echo "<h3>Converted Paths</h3>";
|
|
|
|
|
print_a($this->pathList);
|
|
|
|
|
|
|
|
|
|
echo "<h3>Removed Tags and Attributes</h3>";
|
|
|
|
|
print_a($this->removedList);
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
// print_a($p);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Process and clean HTML from user input.
|
|
|
|
|
* @param $html raw HTML
|
2013-03-01 03:46:15 -08:00
|
|
|
|
* TODO Html5 tag support.
|
2013-03-01 00:19:53 -08:00
|
|
|
|
*/
|
2013-03-05 23:46:51 -08:00
|
|
|
|
public function cleanHtml($html='')
|
2013-03-01 00:19:53 -08:00
|
|
|
|
{
|
|
|
|
|
if(!vartrue($html)){ return; }
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
|
|
|
|
// $html = mb_convert_encoding($html, 'UTF-8');
|
2013-03-05 15:13:16 -08:00
|
|
|
|
|
2013-03-05 23:46:51 -08:00
|
|
|
|
if(preg_match("/<body/i",$html)!==true) // HTML Fragment
|
|
|
|
|
{
|
|
|
|
|
$html = '<?xml version="1.0" encoding="utf-8"?><!DOCTYPE html><html><head><meta charset="utf-8"></head><body>'.$html.'</body></html>';
|
|
|
|
|
}
|
|
|
|
|
else // Full HTML page.
|
|
|
|
|
{
|
|
|
|
|
// $this->allowedTags[] = 'head';
|
|
|
|
|
// $this->allowedTags[] = 'body';
|
|
|
|
|
// $this->allowedTags[] = 'title';
|
|
|
|
|
//$this->allowedTags[] = 'meta';
|
|
|
|
|
}
|
2013-03-05 15:13:16 -08:00
|
|
|
|
|
2013-03-05 23:46:51 -08:00
|
|
|
|
if(!is_object($this->domObj))
|
|
|
|
|
{
|
|
|
|
|
$this->init();
|
|
|
|
|
}
|
|
|
|
|
|
2013-03-05 15:13:16 -08:00
|
|
|
|
// Set it up for processing.
|
2013-03-01 00:19:53 -08:00
|
|
|
|
$doc = $this->domObj;
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
2013-03-05 23:46:51 -08:00
|
|
|
|
@$doc->loadHTML($html);
|
2013-03-01 18:17:03 -08:00
|
|
|
|
$doc->encoding = 'UTF-8'; //FIXME
|
|
|
|
|
// $doc->resolveExternals = true;
|
2013-03-01 00:19:53 -08:00
|
|
|
|
|
2013-03-05 15:13:16 -08:00
|
|
|
|
// $tmp = $doc->getElementsByTagName('*');
|
2013-03-05 23:46:51 -08:00
|
|
|
|
|
|
|
|
|
$this->nodesToConvert = array(); // required.
|
|
|
|
|
$this->nodesToDelete = array(); // required.
|
|
|
|
|
$this->removedList = array();
|
2013-03-05 15:13:16 -08:00
|
|
|
|
|
2013-03-05 23:46:51 -08:00
|
|
|
|
$tmp = $doc->getElementsByTagName('*');
|
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
foreach($tmp as $node)
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
$path = $node->getNodePath();
|
2013-03-05 23:46:51 -08:00
|
|
|
|
|
|
|
|
|
// echo "<br />Path = ".$path;
|
2013-03-01 00:19:53 -08:00
|
|
|
|
// $tag = strval(basename($path));
|
|
|
|
|
|
|
|
|
|
$tag = preg_replace('/([a-z0-9\[\]\/]*)?\/([\w]*)(\[(\d)*\])?$/i', "$2", $path);
|
2013-03-01 18:17:03 -08:00
|
|
|
|
if(!in_array($tag, $this->allowedTags))
|
2013-03-01 00:19:53 -08:00
|
|
|
|
{
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
|
|
|
|
if(strpos($path,'/code/') !== false || strpos($path,'/pre/') !== false) // treat as html.
|
2013-03-01 00:19:53 -08:00
|
|
|
|
{
|
|
|
|
|
$this->pathList[] = $path;
|
2013-03-01 18:17:03 -08:00
|
|
|
|
$this->nodesToConvert[] = $node->parentNode; // $node;
|
2013-03-01 00:19:53 -08:00
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$this->removedList['tags'][] = $tag;
|
|
|
|
|
$this->nodesToDelete[] = $node;
|
2013-03-01 18:17:03 -08:00
|
|
|
|
continue;
|
2013-03-01 00:19:53 -08:00
|
|
|
|
}
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
foreach ($node->attributes as $attr)
|
|
|
|
|
{
|
|
|
|
|
$name = $attr->nodeName;
|
2013-03-01 18:17:03 -08:00
|
|
|
|
$value = $attr->nodeValue;
|
|
|
|
|
|
|
|
|
|
$allow = varset($this->allowedAttributes[$tag], $this->allowedAttributes['default']);
|
2013-03-01 00:19:53 -08:00
|
|
|
|
|
2013-03-01 18:17:03 -08:00
|
|
|
|
if(!in_array($name, $allow))
|
2013-03-01 00:19:53 -08:00
|
|
|
|
{
|
2013-03-01 18:17:03 -08:00
|
|
|
|
$node->removeAttribute($name);
|
|
|
|
|
$this->removedList['attributes'][] = $name. " from <".$tag.">";
|
|
|
|
|
continue;
|
2013-03-01 00:19:53 -08:00
|
|
|
|
}
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
2013-03-05 15:13:16 -08:00
|
|
|
|
if($this->invalidAttributeVal( $value)) // Check value against whitelist.
|
2013-03-01 18:17:03 -08:00
|
|
|
|
{
|
|
|
|
|
$node->removeAttribute($name);
|
|
|
|
|
$node->setAttribute($name, '#---sanitized---#');
|
|
|
|
|
$this->removedList['sanitized'][] = $tag.'['.$name.']';
|
|
|
|
|
}
|
2013-03-01 00:19:53 -08:00
|
|
|
|
}
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Remove some stuff.
|
|
|
|
|
foreach($this->nodesToDelete as $node)
|
|
|
|
|
{
|
|
|
|
|
$node->parentNode->removeChild($node);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Convert <code> and <pre> Tags to Htmlentities.
|
2013-03-01 18:22:27 -08:00
|
|
|
|
foreach($this->nodesToConvert as $node)
|
2013-03-01 00:19:53 -08:00
|
|
|
|
{
|
|
|
|
|
$value = $node->C14N();
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
$value = str_replace("
","",$value);
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
|
|
|
|
if($node->nodeName == 'pre')
|
|
|
|
|
{
|
|
|
|
|
$value = substr($value,5);
|
|
|
|
|
$end = strrpos($value,"</pre>");
|
|
|
|
|
$value = substr($value,0,$end);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($node->nodeName == 'code')
|
|
|
|
|
{
|
|
|
|
|
$value = substr($value,6);
|
|
|
|
|
$end = strrpos($value,"</code>");
|
|
|
|
|
$value = substr($value,0,$end);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$value = htmlentities(htmlentities($value)); // Needed
|
|
|
|
|
$node->nodeValue = $value;
|
2013-03-01 00:19:53 -08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$cleaned = $doc->saveHTML();
|
|
|
|
|
|
2013-03-01 18:17:03 -08:00
|
|
|
|
$cleaned = str_replace(array('<body>','</body>','<html>','</html>','<!DOCTYPE html>','<meta charset="UTF-8">','<?xml version="1.0" encoding="utf-8"?>'),'',$cleaned); // filter out tags.
|
|
|
|
|
|
|
|
|
|
$cleaned = html_entity_decode($cleaned, ENT_QUOTES, 'UTF-8');
|
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
return $cleaned;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check for Invalid Attribute Values
|
|
|
|
|
* @param $val string
|
|
|
|
|
* @return true/false
|
|
|
|
|
*/
|
|
|
|
|
function invalidAttributeVal($val)
|
|
|
|
|
{
|
2013-03-05 15:13:16 -08:00
|
|
|
|
|
|
|
|
|
|
2013-03-01 18:17:03 -08:00
|
|
|
|
foreach($this->badAttrValues as $v) // global list because a bad value is bad regardless of the attribute it's in. ;-)
|
2013-03-01 00:19:53 -08:00
|
|
|
|
{
|
2013-03-05 15:13:16 -08:00
|
|
|
|
if(preg_match('/'.$v.'/i',$val)==true)
|
2013-03-01 00:19:53 -08:00
|
|
|
|
{
|
2013-03-05 15:13:16 -08:00
|
|
|
|
$this->removedList['blacklist'][] = "Match found for '{$v}' in '{$val}'";
|
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* XSS HTML code to test against
|
|
|
|
|
*/
|
|
|
|
|
private function getXss()
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
$html = <<<EOF
|
2013-03-01 18:17:03 -08:00
|
|
|
|
Internationalization Test:
|
|
|
|
|
ภาษาไทย <br />
|
|
|
|
|
日本語 <br />
|
|
|
|
|
简体中文 <br />
|
|
|
|
|
<a href='somewhere.html' src='invalidatrribute' >Test</a>
|
2013-03-05 15:13:16 -08:00
|
|
|
|
A GOOD LINK: <a href='http://mylink.php'>Some Link</a>
|
2013-03-01 18:17:03 -08:00
|
|
|
|
<a href='javascript: something' src='invalidatrribute' >Test regex</a>
|
|
|
|
|
<img href='invalidattribute' src='myimage.jpg' />
|
2013-03-01 00:19:53 -08:00
|
|
|
|
<frameset onload=alert(1) data-something=where>
|
|
|
|
|
<table background="javascript:alert(1)"><tr><td><a href="something.php" onclick="alert(1)">Hi there</a></td></tr></table>
|
|
|
|
|
<div>
|
|
|
|
|
<!--<img src="--><img src=x onerror=alert(1)//">
|
|
|
|
|
<comment><img src="</comment><img src=x onerror=alert(1)//">
|
|
|
|
|
<ul>
|
|
|
|
|
<li style=list-style:url() onerror=alert(1)></li> <div style=content:url(data:image/svg+xml,%3Csvg/%3E);visibility:hidden onload=alert(1)></div>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
</frameset>
|
|
|
|
|
<head><base href="javascript://"/></head><body><a href="/. /,alert(1)//#">XXX</a></body>
|
|
|
|
|
<SCRIPT FOR=document EVENT=onreadystatechange>alert(1)</SCRIPT>
|
|
|
|
|
<OBJECT CLASSID="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(1)"></OBJECT>
|
|
|
|
|
<b <script>alert(1)//</script>0</script></b>
|
|
|
|
|
<div id="div1"><input value="``onmouseover=alert(1)"></div> <div id="div2"></div><
|
|
|
|
|
script>document.getElementById("div2").innerHTML = document.getElementById("div1").innerHTML;</script>
|
|
|
|
|
Some example text<br />
|
|
|
|
|
<b>This is bold</b><br />
|
|
|
|
|
<i>This is italic</i><br />
|
|
|
|
|
<small>Some small text</small>
|
|
|
|
|
<pre>This is pre-formatted
|
|
|
|
|
<script>alert('something')</script>
|
|
|
|
|
<b>Bold Stuff</b>
|
|
|
|
|
<pre>something</pre>
|
|
|
|
|
<code>code</code>
|
|
|
|
|
<b>BOLD</b>
|
|
|
|
|
function myfunction()
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
</pre>
|
|
|
|
|
<code>
|
|
|
|
|
function myfunction()
|
|
|
|
|
{
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
<script>alert('something')</script>
|
|
|
|
|
</code>
|
2013-03-01 17:24:33 +02:00
|
|
|
|
<svg><![CDATA[><image xlink:href="]]><img src=xx:x onerror=alert(2)//"></svg>
|
|
|
|
|
<style><img src="</style><img src=x onerror=alert(1)//">
|
2013-03-01 00:19:53 -08:00
|
|
|
|
<x '="foo"><x foo='><img src=x onerror=alert(1)//'> <!-- IE 6-9 --> <! '="foo"><x foo='><img src=x onerror=alert(2)//'> <? '="foo"><x foo='><img src=x onerror=alert(3)//'>
|
|
|
|
|
<embed src="javascript:alert(1)"></embed> // O10.10↓, OM10.0↓, GC6↓, FF <img src="javascript:alert(2)"> <image src="javascript:alert(2)"> // IE6, O10.10↓, OM10.0↓ <script src="javascript:alert(3)"></script> // IE6, O11.01↓, OM10.1↓
|
|
|
|
|
<div style=width:1px;filter:glow onfilterchange=alert(1)>x</div>
|
|
|
|
|
<object allowscriptaccess="always" data="test.swf"></object>
|
|
|
|
|
[A] <? foo="><script>alert(1)</script>"> <! foo="><script>alert(1)</script>"> </ foo="><script>alert(1)</script>"> [B] <? foo="><x foo='?><script>alert(1)</script>'>"> [C] <! foo="[[[x]]"><x foo="]foo><script>alert(1)</script>"> [D] <% foo><x foo="%><script>alert(1)</script>">
|
|
|
|
|
<iframe src=mhtml:http://html5sec.org/test.html!xss.html></iframe> <iframe src=mhtml:http://html5sec.org/test.gif!xss.html></iframe>
|
|
|
|
|
<html> <body> <b>some content without two new line \n\n</b> Content-Type: multipart/related; boundary="******"<b>some content without two new line</b> --****** Content-Location: xss.html Content-Transfer-Encoding: base64 PGlmcmFtZSBuYW1lPWxvIHN0eWxlPWRpc3BsYXk6bm9uZT48L2lmcmFtZT4NCjxzY3JpcHQ+DQp1 cmw9bG9jYXRpb24uaHJlZjtkb2N1bWVudC5nZXRFbGVtZW50c0J5TmFtZSgnbG8nKVswXS5zcmM9 dXJsLnN1YnN0cmluZyg2LHVybC5pbmRleE9mKCcvJywxNSkpO3NldFRpbWVvdXQoImFsZXJ0KGZy YW1lc1snbG8nXS5kb2N1bWVudC5jb29raWUpIiwyMDAwKTsNCjwvc2NyaXB0PiAgICAg --******-- </body> </html>
|
|
|
|
|
<!-- IE 5-9 --> <div id=d><x xmlns="><iframe onload=alert(1)"></div> <script>d.innerHTML+='';</script> <!-- IE 10 in IE5-9 Standards mode --> <div id=d><x xmlns='"><iframe onload=alert(2)//'></div> <script>d.innerHTML+='';</script>
|
|
|
|
|
<img[a][b]src=x[d]onerror[c]=[e]"alert(1)">
|
|
|
|
|
<a href="[a]java[b]script[c]:alert(1)">XXX</a>
|
|
|
|
|
<img src="x` `<script>alert(1)</script>"` `>
|
|
|
|
|
<img src onerror /" '"= alt=alert(1)//">
|
|
|
|
|
<title onpropertychange=alert(1)></title><title title=></title>
|
|
|
|
|
<!-- IE 5-8 standards mode --> <a href=http://foo.bar/#x=`y></a><img alt="`><img src=xx:x onerror=alert(1)></a>"> <!-- IE 5-9 standards mode --> <!a foo=x=`y><img alt="`><img src=xx:x onerror=alert(2)//"> <?a foo=x=`y><img alt="`><img src=xx:x onerror=alert(3)//">
|
|
|
|
|
<!--[if]><script>alert(1)</script --> <!--[if<img src=x onerror=alert(2)//]> -->
|
|
|
|
|
<script> Blabla </script>
|
|
|
|
|
<script src="/\example.com\foo.js"></script> // Safari 5.0, Chrome 9, 10 <script src="\\example.com\foo.js"></script> // Safari 5.0
|
|
|
|
|
<object id="x" classid="clsid:CB927D12-4FF7-4a9e-A169-56E4B8A75598"></object> <object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" onqt_error="alert(1)" style="behavior:url(#x);"><param name=postdomevents /></object>
|
|
|
|
|
<!-- `<img/src=xx:xx onerror=alert(1)//--!>
|
|
|
|
|
<xmp> <% </xmp> <img alt='%></xmp><img src=xx:x onerror=alert(1)//'> <script> x='<%' </script> %>/ alert(2) </script> XXX <style> *['<!--']{} </style> -->{} *{color:red}</style>
|
|
|
|
|
<a style="-o-link:'javascript:alert(1)';-o-link-source:current">X</a>
|
|
|
|
|
<style>p[foo=bar{}*{-o-link:'javascript:alert(1)'}{}*{-o-link-source:current}*{background:red}]{background:green};</style>
|
|
|
|
|
<div style="font-family:'foo[a];color:red;';">XXX</div>
|
|
|
|
|
<form id="test"></form><button form="test" formaction="javascript:alert(1)">X</button>
|
|
|
|
|
<input onfocus=write(1) autofocus>
|
|
|
|
|
<video poster=javascript:alert(1)//></video>
|
2013-03-01 03:46:15 -08:00
|
|
|
|
<video>somemovei.mp4</video>
|
2013-03-01 00:19:53 -08:00
|
|
|
|
<body onscroll=alert(1)><br><br><br><br><br><br>...<br><br><br><br><input autofocus>
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
2013-03-01 03:46:15 -08:00
|
|
|
|
<article id="something">Some text goes here</article>
|
2013-03-01 18:17:03 -08:00
|
|
|
|
|
|
|
|
|
|
2013-03-01 00:19:53 -08:00
|
|
|
|
EOF;
|
|
|
|
|
|
|
|
|
|
return $html;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|