From 2337b075a8825920eb72bf3a2e9bd7609e163848 Mon Sep 17 00:00:00 2001 From: Cameron Date: Fri, 5 Feb 2021 18:31:54 -0800 Subject: [PATCH] Fixes #4346 - TinyMce parser issue. Hide side-panel help icon on legacy admin theme. --- class2.php | 2 +- .../shortcodes/batch/admin_shortcodes.php | 4 + e107_handlers/bbcode_handler.php | 53 ++++++-- e107_handlers/e_parse_class.php | 5 + e107_handlers/session_handler.php | 2 +- e107_plugins/tinymce4/plugins/e107/parser.php | 97 +++++--------- e107_tests/tests/unit/e_bbcodeTest.php | 33 ++++- .../unit/plugins/e107TinyMceParserTest.php | 118 ++++++++++++++++-- 8 files changed, 224 insertions(+), 90 deletions(-) diff --git a/class2.php b/class2.php index c9da5c827..0b27ffae0 100755 --- a/class2.php +++ b/class2.php @@ -83,7 +83,7 @@ if(!empty($_E107['minimal'])) $_E107['no_maintenance'] = true; $_E107['no_forceuserupdate'] = true; $_E107['no_event'] = true; - $_E107['no_session'] = true; +// $_E107['no_session'] = true; // $_E107['no_parser'] = true; $_E107['no_override'] = true; $_E107['no_log'] = true; diff --git a/e107_core/shortcodes/batch/admin_shortcodes.php b/e107_core/shortcodes/batch/admin_shortcodes.php index d6d55b067..d958856b3 100644 --- a/e107_core/shortcodes/batch/admin_shortcodes.php +++ b/e107_core/shortcodes/batch/admin_shortcodes.php @@ -2658,6 +2658,10 @@ Inverse 10 10 */ private function renderHelpIcon() { + if(deftrue('THEME_STYLE') !== 'css/modern-light.css' && deftrue('THEME_STYLE') !=='css/modern-dark.css') + { + return null; + } $text = ' \n'), array( "[/list]", ''), @@ -906,14 +937,22 @@ class e_bbcode array( "[h=3]", '

'), // e107 bbcode markup array( "[h=3]", '

'), array( "[/h]", '

'), + array( "[h=4]", '

'), + array( "[/h]", '

'), + array( "[h=5]", '
'), + array( "[/h]", '
'), + array( "[h=6]", '
'), + array( "[/h]", '
'), array( "[/b]", ''), array( "[/i]", ''), array( "[/block]", ''), - array( "[/table]", ''), - array( "[/tbody]", ''), + array( "[/table]", ''), + array( "[/tbody]", ''), array( "[/code]\n", ''), - array( "[/tr]", ''), - array( "[/td]", ''), + array( "[/tr]", ''), + array( "[/td]", ''), + array( "[td]", ''), + array( "[/td]", ''), array( "[/blockquote]",''), array( "]", ' style=]') diff --git a/e107_handlers/e_parse_class.php b/e107_handlers/e_parse_class.php index 99b382437..4973d6e6b 100644 --- a/e107_handlers/e_parse_class.php +++ b/e107_handlers/e_parse_class.php @@ -3457,6 +3457,11 @@ class e_parse $this->scriptAccess = $val; } + public function setScriptAttibutes($arr) + { + $this->scriptAttributes = (array) $arr; + } + public function getAllowedTags() { diff --git a/e107_handlers/session_handler.php b/e107_handlers/session_handler.php index a254a08d3..2ae965058 100644 --- a/e107_handlers/session_handler.php +++ b/e107_handlers/session_handler.php @@ -990,7 +990,7 @@ class e_core_session extends e_session return false; } - $this->log('Session Token Okay!', E_LOG_NOTICE); + $this->log('Session Token Okay!', defset('E_LOG_NOTICE', 1)); } diff --git a/e107_plugins/tinymce4/plugins/e107/parser.php b/e107_plugins/tinymce4/plugins/e107/parser.php index f4407e729..d2f725c61 100644 --- a/e107_plugins/tinymce4/plugins/e107/parser.php +++ b/e107_plugins/tinymce4/plugins/e107/parser.php @@ -7,23 +7,26 @@ * GNU General Public License (http://www.gnu.org/licenses/gpl.txt) */ - if(empty($_POST['content']) && empty($_GET['debug']) && !defined('TINYMCE_DEBUG') && !defined('TINYMCE_UNIT_TEST')) { header('Content-Length: 0'); exit; } -$_E107['no_online'] = true; -$_E107['no_menus'] = true; -$_E107['no_forceuserupdate'] = true; -$_E107['no_maintenance'] = true; -$_E107['minimal'] = true; +if(!defined('e_ADMIN_AREA')) +{ + define('e_ADMIN_AREA', true); +} -if (!defined('e_ADMIN_AREA')) define('e_ADMIN_AREA', true); if(!defined('TINYMCE_DEBUG') && !defined('TINYMCE_UNIT_TEST')) { - require_once("../../../../class2.php"); + $_E107['no_online'] = true; + $_E107['no_menus'] = true; + $_E107['no_forceuserupdate'] = true; + $_E107['no_maintenance'] = true; + $_E107['minimal'] = true; + + require_once(__DIR__."/../../../../class2.php"); } /** @@ -35,15 +38,14 @@ if(!defined('TINYMCE_DEBUG') && !defined('TINYMCE_UNIT_TEST')) */ class e107TinyMceParser { - protected $gzipCompression = false; + protected $postHtmlClass; - /** - * - */ function __construct() { - $_POST['mode'] = isset($_POST['mode']) ? $_POST['mode'] : 'tohtml'; + $this->postHtmlClass = (int) e107::getPref('post_html', e_UC_NOBODY); + + $mode = isset($_POST['mode']) ? $_POST['mode'] : 'tohtml'; $_POST['content'] = isset($_POST['content']) ? $_POST['content'] : ''; $html = ''; @@ -80,24 +82,16 @@ TEMPL; $debug = false; } - if($_POST['mode'] == 'tohtml') + if($mode === 'tohtml') { $html = $this->toHTML($_POST['content']); } - - if($_POST['mode'] == 'tobbcode') + elseif($mode === 'tobbcode') { - $html = $this->toBBcode($_POST['content']); + $html = $this->toDB($_POST['content']); } - if($debug == true) - { - print_a($html); - echo "
"; - echo "

Rendered

"; - echo $html; - } - elseif($this->gzipCompression == true) + if($this->gzipCompression == true) { header('Content-Encoding: gzip'); $gzipoutput = gzencode($html,6); @@ -111,12 +105,14 @@ TEMPL; } + public function setHtmlClass($value) + { + $this->postHtmlClass = (int) $value; + } public function toHTML($content) { - // global $pref; //XXX faster? - $pref = e107::getPref(); $tp = e107::getParser(); // XXX @Cam possible fix - convert to BB first, see news admin AJAX request/response values for reference why $content = stripslashes($content); @@ -124,11 +120,8 @@ TEMPL; // $content = e107::getBB()->htmltoBBcode($content); //XXX This breaks inserted images from media-manager. :/ e107::getBB()->setClass($this->getMediaCategory()); - if(check_class($pref['post_html'])) // raw HTML within [html] tags. + if(check_class($this->postHtmlClass)) // raw HTML within [html] tags. { - - // $content = $tp->replaceConstants($content,'abs'); - if(strpos($content,"[html]") === false) // BC - convert old BB code text to html. { e107::getBB()->clearClass(); @@ -147,22 +140,7 @@ TEMPL; $content = $tp->parseBBTags($content,true); // parse the tag so we see the HTML equivalent while editing! $content = e107::getBB()->parseBBCodes($content); - - if(!empty($content) && E107_DEBUG_LEVEL > 0) - { - // $content = "-- DEBUG MODE ACTIVE -- \n".$content; - // echo htmlentities($content)."\n"; - // echo "
".$content."
"; - $text = $content; - return $text; - // exit; - } - else - { - $text = $content; - } - - + $text = $content; } else // bbcode Mode. @@ -176,12 +154,6 @@ TEMPL; $content = str_replace(e_MEDIA_IMAGE,"{e_MEDIA_IMAGE}",$content); $text = ""; - if(!empty($content) && E107_DEBUG_LEVEL > 0) - { - $text .= ""; - //print_r(htmlentities($content))."\n"; - //exit; - } $text .= $content; } @@ -193,37 +165,26 @@ TEMPL; - function toBBcode($content) + function toDB($content) { - // echo $_POST['content']; - // global $pref; - $pref = e107::getPref(); - // $tp = e107::getParser(); - e107::getBB()->setClass($this->getMediaCategory()); $content = stripslashes($content); - if(check_class($pref['post_html'])) // Plain HTML mode. + if(check_class($this->postHtmlClass)) // Plain HTML mode. { - $content = trim($content); - // $content = $this->updateImg($content); $content = e107::getBB()->imgToBBcode($content); - // $content = $tp->parseBBTags($content,true); // replace html with bbcode equivalent if(strip_tags($content, '') == ' ') // Avoid this: [html]

 

[/html] { exit; } - $text = $content ? "[html]".$content."[/html]" : ""; // Add the tags before saving to DB. + $text = !empty($content) ? "[html]".$content."[/html]" : ''; // Add the tags before saving to DB. } - else // bbcode Mode. //XXX Disabled at the moment in tinymce/e_meta.php - post_html is required to activate. + else // User doesn't have HTML access - bbcode Mode. { - // [img width=400]/e107_2.0/thumb.php?src={e_MEDIA_IMAGE}2012-12/e107org_white_stripe.png&w=400&h=0[/img] - // $content = str_replace("{e_BASE}","", $content); // We want {e_BASE} in the final data going to the DB, but not the editor. - $text = e107::getBB()->htmltoBBcode($content); // not reliable enough yet. } diff --git a/e107_tests/tests/unit/e_bbcodeTest.php b/e107_tests/tests/unit/e_bbcodeTest.php index 5eee22222..9090ea2f1 100644 --- a/e107_tests/tests/unit/e_bbcodeTest.php +++ b/e107_tests/tests/unit/e_bbcodeTest.php @@ -13,7 +13,7 @@ { /** @var e_bbcode */ - protected $bb; + protected e_bbcode $bb; protected function _before() { @@ -47,12 +47,39 @@ { } - +*/ public function testHtmltoBBcode() { + $text = '

Heading 1

+

Heading 2

+

Heading 3

+

Heading 4

+
Heading 5
+
Heading 6
+
+

Paragraph.

+ ++++ + + + + + + +
Column 1Column 2
link
+
'; + + $result = $this->bb->htmltoBbcode($text); + + $expected = strip_tags($result); + + $this->assertSame($expected, $result); } - +/* public function testImgToBBcode() { diff --git a/e107_tests/tests/unit/plugins/e107TinyMceParserTest.php b/e107_tests/tests/unit/plugins/e107TinyMceParserTest.php index 59aafe0c7..e996c3ddb 100644 --- a/e107_tests/tests/unit/plugins/e107TinyMceParserTest.php +++ b/e107_tests/tests/unit/plugins/e107TinyMceParserTest.php @@ -76,8 +76,10 @@ Plain text paragraph 3
'; /** * Test parsing of input from user via TinyMce. */ - public function testToBBcode() + public function testToDB() { + $this->tm->setHtmlClass(e_UC_ADMIN); + $test_1 = '
  • one
    • @@ -88,7 +90,7 @@ Plain text paragraph 3
    '; 2 '; - $actual_1 = $this->tm->toBBcode($test_1); + $actual_1 = $this->tm->toDB($test_1); $expected_1 = '[html]
    • one
    • two
      • @@ -110,7 +112,7 @@ Plain text paragraph 3
      '; - $actual_2 = $this->tm->toBBcode($test_2); + $actual_2 = $this->tm->toDB($test_2); $expected_2 = '[html]

      [img class=bbcode-img-right&width=300]{e_MEDIA_IMAGE}2017-11/e107_about.png[/img]Some text

      [img class=bbcode-img-left&width=600]{e_MEDIA_IMAGE}2017-11/e107_about.png[/img]Some other text

      [/html]'; @@ -122,21 +124,120 @@ Plain text paragraph 3
      '; } - - - function testParsingOfScriptTags() + /** + * Simulate TinyMce usage by a user without access to post HTML. + */ + function testToDBUser() { + $text = "An example,
      +
      + Thank you for your purchase.
      + Your order reference number is: #{ORDER_DATA: order_ref}
      +
      + + + + + + + + + + + + + +
      MerchantCustomer
      {ORDER_MERCHANT_INFO} +

      Billing address

      + {ORDER_DATA: cust_firstname} {ORDER_DATA: cust_lastname}
      +
      +
      "; + global $_E107; + $_E107['phpunit'] = true; // enable the user of check_class(); + + $this->tm->setHtmlClass(e_UC_NOBODY); + $result = $this->tm->toDB($text); + + $_E107['phpunit'] = false; + + } + + + + + function testtoDBOnScriptTags() + { + $this->tm->setHtmlClass(e_UC_ADMIN); // test parsing of scripts. $string = '

      '; - $result = $this->tm->toBBcode($string); + $result = $this->tm->toDB($string); $this->assertSame('[html]'.$string.'[/html]', $result); $result = $this->tm->toHTML($string); $this->assertSame($string, $result); + + + + + + + } + + + public function testParsingofTable() + { + // ----------- + + $string = "Hello {ORDER_DATA: cust_firstname} {ORDER_DATA: cust_lastname},
      +
      + Thank you for your purchase.
      + Your order reference number is: #{ORDER_DATA: order_ref}
      +
      + + + + + + + + + + + + + +
      MerchantCustomer
      {ORDER_MERCHANT_INFO} +

      Billing address

      + {ORDER_DATA: cust_firstname} {ORDER_DATA: cust_lastname}
      + {ORDER_DATA: cust_company}
      + {ORDER_DATA: cust_address}
      + {ORDER_DATA: cust_city}  {ORDER_DATA: cust_state}  {ORDER_DATA: cust_zip}
      + {ORDER_DATA: cust_country} +
      +

      Shipping address

      + {ORDER_DATA: ship_firstname} {ORDER_DATA: ship_lastname}
      + {ORDER_DATA: ship_company}
      + {ORDER_DATA: ship_address}
      + {ORDER_DATA: ship_city}  {ORDER_DATA: ship_state}  {ORDER_DATA: ship_zip}
      + {ORDER_DATA: ship_country} +
      "; + + $this->tm->setHtmlClass(254); + $result = $this->tm->toDB($string); + $this->assertSame('[html]'.$string.'[/html]', $result); + + $result = $this->tm->toHTML($string); + $this->assertSame($string, $result); + + + + + + } @@ -145,7 +246,4 @@ Plain text paragraph 3
      '; - - - }