From 2dac1ef3a43ca3e3df12841f2dbd67fc23af185f Mon Sep 17 00:00:00 2001 From: Cameron Date: Thu, 14 Jan 2021 17:32:08 -0800 Subject: [PATCH] Merged e_parse and e_parser classes --- e107_handlers/e_parse_class.php | 3067 ++++++++++++++++--------------- 1 file changed, 1566 insertions(+), 1501 deletions(-) diff --git a/e107_handlers/e_parse_class.php b/e107_handlers/e_parse_class.php index df946c1ea..8801016e3 100644 --- a/e107_handlers/e_parse_class.php +++ b/e107_handlers/e_parse_class.php @@ -10,15 +10,20 @@ * */ -if (!defined('e107_INIT')) { exit(); } +if(!defined('e107_INIT')) +{ + exit(); +} // Directory for the hard-coded utf-8 handling routines -define('E_UTF8_PACK', e_HANDLER.'utf8/'); +define('E_UTF8_PACK', e_HANDLER . 'utf8/'); define('E_NL', chr(2)); -class e_parse extends e_parser + +class e_parse { + /** * Determine how to handle utf-8. * 0 = 'do nothing' @@ -48,11 +53,11 @@ class e_parse extends e_parser // Highlight query protected $e_query; - + public $thumbWidth = 100; - + public $thumbHeight = 0; - + public $thumbCrop = 0; private $thumbEncode = 0; @@ -74,192 +79,251 @@ class e_parse extends e_parser // Set up the defaults protected $e_optDefault = array( // default context: reflects legacy settings (many items enabled) - 'context' => 'OLDDEFAULT', + 'context' => 'OLDDEFAULT', // - 'fromadmin' => FALSE, + 'fromadmin' => false, // Enable emote display - 'emotes' => TRUE, + 'emotes' => true, // Convert defines(constants) within text. - 'defs' => FALSE, + 'defs' => false, // replace all {e_XXX} constants with their e107 value - 'rel' or 'abs' - 'constants' => FALSE, + 'constants' => false, // Enable hooked parsers - 'hook' => TRUE, + 'hook' => true, // Allow scripts through (new for 0.8) - 'scripts' => TRUE, + 'scripts' => true, // Make links clickable - 'link_click' => TRUE, + 'link_click' => true, // Substitute on clickable links (only if link_click == TRUE) - 'link_replace' => TRUE, + 'link_replace' => true, // Parse shortcodes - TRUE enables parsing - 'parse_sc' => FALSE, + 'parse_sc' => false, // remove HTML tags. - 'no_tags' => FALSE, + 'no_tags' => false, // Restore entity form of quotes and such to single characters - TRUE disables - 'value' => FALSE, + 'value' => false, // Line break compression - TRUE removes newline characters - 'nobreak' => FALSE, + 'nobreak' => false, // Retain newlines - wraps to \n instead of
if TRUE (for non-HTML email text etc) - 'retain_nl' => FALSE - ); + 'retain_nl' => false + ); // Super modifiers override default option values protected $e_SuperMods = array( - //text is part of a title (e.g. news title) - 'TITLE' => - array( - 'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'emotes'=>FALSE, 'defs'=>TRUE, 'parse_sc'=>TRUE - ), - 'TITLE_PLAIN' => - array( - 'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'emotes'=>FALSE, 'defs'=>TRUE, 'parse_sc'=>TRUE, 'no_tags' => TRUE - ), - //text is user-entered (i.e. untrusted) and part of a title (e.g. forum title) - 'USER_TITLE' => - array( - 'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'scripts' => FALSE, 'emotes'=>FALSE, 'hook'=>FALSE - ), - // text is 'body' of email or similar - being sent 'off-site' so don't rely on server availability - 'E_TITLE' => - array( - 'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'defs'=>TRUE, 'parse_sc'=>TRUE, 'emotes'=>FALSE, 'scripts' => FALSE, 'link_click' => FALSE - ), - // text is part of the summary of a longer item (e.g. content summary) - 'SUMMARY' => - array( - 'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE - ), - // text is the description of an item (e.g. download, link) - 'DESCRIPTION' => - array( - 'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE - ), - // text is 'body' or 'bulk' text (e.g. custom page body, content body) - 'BODY' => - array( - 'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE - ), - // text is parsed by the Wysiwyg editor. eg. TinyMce - 'WYSIWYG' => - array( - 'hook' => false, 'link_click' => false, 'link_replace' => false, 'retain_nl' => true - ), - // text is user-entered (i.e. untrusted)'body' or 'bulk' text (e.g. custom page body, content body) - 'USER_BODY' => - array( - 'constants'=>'full', 'scripts' => FALSE, 'nostrip'=>FALSE - ), - // text is 'body' of email or similar - being sent 'off-site' so don't rely on server availability - 'E_BODY' => - array( - 'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE, 'emotes'=>FALSE, 'scripts' => FALSE, 'link_click' => FALSE - ), - // text is text-only 'body' of email or similar - being sent 'off-site' so don't rely on server availability - 'E_BODY_PLAIN' => - array( - 'defs'=>TRUE, 'constants'=>'full', 'parse_sc'=>TRUE, 'emotes'=>FALSE, 'scripts' => FALSE, 'link_click' => FALSE, 'retain_nl' => TRUE, 'no_tags' => TRUE - ), - // text is the 'content' of a link (A tag, etc) - 'LINKTEXT' => - array( - 'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'emotes'=>FALSE, 'hook'=>FALSE, 'defs'=>TRUE, 'parse_sc'=>TRUE - ), - // text is used (for admin edit) without fancy conversions or html. - 'RAWTEXT' => - array( - 'nobreak'=>TRUE, 'retain_nl'=>TRUE, 'link_click' => FALSE, 'emotes'=>FALSE, 'hook'=>FALSE, 'no_tags'=>TRUE - ) - ); + //text is part of a title (e.g. news title) + 'TITLE' => + array( + 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'emotes' => false, 'defs' => true, 'parse_sc' => true + ), + 'TITLE_PLAIN' => + array( + 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'emotes' => false, 'defs' => true, 'parse_sc' => true, 'no_tags' => true + ), + //text is user-entered (i.e. untrusted) and part of a title (e.g. forum title) + 'USER_TITLE' => + array( + 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'scripts' => false, 'emotes' => false, 'hook' => false + ), + // text is 'body' of email or similar - being sent 'off-site' so don't rely on server availability + 'E_TITLE' => + array( + 'nobreak' => true, 'retain_nl' => true, 'defs' => true, 'parse_sc' => true, 'emotes' => false, 'scripts' => false, 'link_click' => false + ), + // text is part of the summary of a longer item (e.g. content summary) + 'SUMMARY' => + array( + 'defs' => true, 'constants' => 'full', 'parse_sc' => true + ), + // text is the description of an item (e.g. download, link) + 'DESCRIPTION' => + array( + 'defs' => true, 'constants' => 'full', 'parse_sc' => true + ), + // text is 'body' or 'bulk' text (e.g. custom page body, content body) + 'BODY' => + array( + 'defs' => true, 'constants' => 'full', 'parse_sc' => true + ), + // text is parsed by the Wysiwyg editor. eg. TinyMce + 'WYSIWYG' => + array( + 'hook' => false, 'link_click' => false, 'link_replace' => false, 'retain_nl' => true + ), + // text is user-entered (i.e. untrusted)'body' or 'bulk' text (e.g. custom page body, content body) + 'USER_BODY' => + array( + 'constants' => 'full', 'scripts' => false, 'nostrip' => false + ), + // text is 'body' of email or similar - being sent 'off-site' so don't rely on server availability + 'E_BODY' => + array( + 'defs' => true, 'constants' => 'full', 'parse_sc' => true, 'emotes' => false, 'scripts' => false, 'link_click' => false + ), + // text is text-only 'body' of email or similar - being sent 'off-site' so don't rely on server availability + 'E_BODY_PLAIN' => + array( + 'defs' => true, 'constants' => 'full', 'parse_sc' => true, 'emotes' => false, 'scripts' => false, 'link_click' => false, 'retain_nl' => true, 'no_tags' => true + ), + // text is the 'content' of a link (A tag, etc) + 'LINKTEXT' => + array( + 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'emotes' => false, 'hook' => false, 'defs' => true, 'parse_sc' => true + ), + // text is used (for admin edit) without fancy conversions or html. + 'RAWTEXT' => + array( + 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'emotes' => false, 'hook' => false, 'no_tags' => true + ) + ); // Individual modifiers change the current context protected $e_Modifiers = array( - 'emotes_off' => array('emotes' => FALSE), - 'emotes_on' => array('emotes' => TRUE), - 'no_hook' => array('hook' => FALSE), - 'do_hook' => array('hook' => TRUE), - // New for 0.8 - 'scripts_off' => array('scripts' => FALSE), - // New for 0.8 - 'scripts_on' => array('scripts' => TRUE), - 'no_make_clickable' => array('link_click' => FALSE), - 'make_clickable' => array('link_click' => TRUE), - 'no_replace' => array('link_replace' => FALSE), - // Replace text of clickable links (only if make_clickable option set) - 'replace' => array('link_replace' => TRUE), - // No path replacement - 'consts_off' => array('constants' => FALSE), - // Relative path replacement - 'consts_rel' => array('constants' => 'rel'), - // Absolute path replacement - 'consts_abs' => array('constants' => 'abs'), - // Full path replacement - 'consts_full' => array('constants' => 'full'), - // No shortcode parsing - 'scparse_off' => array('parse_sc' => FALSE), + 'emotes_off' => array('emotes' => false), + 'emotes_on' => array('emotes' => true), + 'no_hook' => array('hook' => false), + 'do_hook' => array('hook' => true), + // New for 0.8 + 'scripts_off' => array('scripts' => false), + // New for 0.8 + 'scripts_on' => array('scripts' => true), + 'no_make_clickable' => array('link_click' => false), + 'make_clickable' => array('link_click' => true), + 'no_replace' => array('link_replace' => false), + // Replace text of clickable links (only if make_clickable option set) + 'replace' => array('link_replace' => true), + // No path replacement + 'consts_off' => array('constants' => false), + // Relative path replacement + 'consts_rel' => array('constants' => 'rel'), + // Absolute path replacement + 'consts_abs' => array('constants' => 'abs'), + // Full path replacement + 'consts_full' => array('constants' => 'full'), + // No shortcode parsing + 'scparse_off' => array('parse_sc' => false), - 'scparse_on' => array('parse_sc' => TRUE), - // Strip tags - 'no_tags' => array('no_tags' => TRUE), - // Leave tags - 'do_tags' => array('no_tags' => FALSE), + 'scparse_on' => array('parse_sc' => true), + // Strip tags + 'no_tags' => array('no_tags' => true), + // Leave tags + 'do_tags' => array('no_tags' => false), - 'fromadmin' => array('fromadmin' => TRUE), - 'notadmin' => array('fromadmin' => FALSE), - // entity replacement - 'er_off' => array('value' => FALSE), - 'er_on' => array('value' => TRUE), - // Decode constant if exists - 'defs_off' => array('defs' => FALSE), - 'defs_on' => array('defs' => TRUE), + 'fromadmin' => array('fromadmin' => true), + 'notadmin' => array('fromadmin' => false), + // entity replacement + 'er_off' => array('value' => false), + 'er_on' => array('value' => true), + // Decode constant if exists + 'defs_off' => array('defs' => false), + 'defs_on' => array('defs' => true), - 'dobreak' => array('nobreak' => FALSE), - 'nobreak' => array('nobreak' => TRUE), - // Line break using \n - 'lb_nl' => array('retain_nl' => TRUE), - // Line break using
- 'lb_br' => array('retain_nl' => FALSE), + 'dobreak' => array('nobreak' => false), + 'nobreak' => array('nobreak' => true), + // Line break using \n + 'lb_nl' => array('retain_nl' => true), + // Line break using
+ 'lb_br' => array('retain_nl' => false), - // Legacy option names below here - discontinue later - 'retain_nl' => array('retain_nl' => TRUE), - 'defs' => array('defs' => TRUE), - 'parse_sc' => array('parse_sc' => TRUE), - 'constants' => array('constants' => 'rel'), - 'value' => array('value' => TRUE), - 'wysiwyg' => array('wysiwyg'=>TRUE) - ); + // Legacy option names below here - discontinue later + 'retain_nl' => array('retain_nl' => true), + 'defs' => array('defs' => true), + 'parse_sc' => array('parse_sc' => true), + 'constants' => array('constants' => 'rel'), + 'value' => array('value' => true), + 'wysiwyg' => array('wysiwyg' => true) + ); + /** + * @var DOMDocument + */ + public $domObj = null; + public $isHtml = false; + + + protected $bootstrap = null; + protected $fontawesome = null; + protected $convertToWebP = false; + + protected $removedList = array(); + protected $nodesToDelete = array(); + protected $nodesToConvert = array(); + protected $nodesToDisableSC = array(); + protected $pathList = array(); + protected $allowedAttributes = array( + 'default' => array('id', 'style', 'class', 'title', 'lang', 'accesskey'), + 'img' => array('src', 'alt', 'width', 'height'), + 'a' => array('href', 'target', 'rel'), + 'script' => array('type', 'src', 'language', 'async'), + 'iframe' => array('src', 'frameborder', 'width', 'height'), + 'input' => array('type', 'name', 'value'), + 'form' => array('action', 'method', 'target'), + 'audio' => array('src', 'controls', 'autoplay', 'loop', 'muted', 'preload'), + 'video' => array('autoplay', 'controls', 'height', 'loop', 'muted', 'poster', 'preload', 'src', 'width'), + 'td' => array('colspan', 'rowspan'), + 'th' => array('colspan', 'rowspan'), + 'col' => array('span'), + 'embed' => array('src', 'wmode', 'type', 'width', 'height'), + 'x-bbcode' => array('alt'), + 'label' => array('for'), + 'source' => array('media', 'sizes', 'src', 'srcset', 'type'), + + ); + + protected $badAttrValues = array('javascript[\s]*?:', 'alert\(', 'vbscript[\s]*?:', 'data:text\/html', 'mhtml[\s]*?:', 'data:[\s]*?image'); + + protected $replaceAttrValues = array( + 'default' => array() + ); + + protected $allowedTags = array('html', 'body', 'div', 'a', 'img', 'table', 'tr', 'td', 'th', 'tbody', 'thead', 'colgroup', 'b', + 'i', 'pre', 'code', 'strong', 'u', 'em', 'ul', 'ol', 'li', 'img', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'p', + 'div', 'pre', 'section', 'article', 'blockquote', 'hgroup', 'aside', 'figure', 'figcaption', 'abbr', 'span', 'audio', 'video', 'source', 'br', + 'small', 'caption', 'noscript', 'hr', 'section', 'iframe', 'sub', 'sup', 'cite', 'x-bbcode', 'label' + ); + protected $scriptTags = array('script', 'applet', 'form', 'input', 'button', 'embed', 'object', 'ins', 'select', 'textarea'); //allowed when $pref['post_script'] is enabled. + + protected $scriptAttributes = array('onclick', 'onchange', 'onblur', 'onload', 'onfocus', 'onkeydown', 'onkeypress', 'onkeyup', + 'ondblclick', 'onmousedown', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', + 'onwheel', 'oncopy', 'oncut', 'onpaste' + ); + + protected $blockTags = array('pre', 'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'blockquote'); // element includes its own line-break. + + + private $scriptAccess = false; // nobody. /** * Constructor - keep it public for backward compatibility - still some new e_parse() in the core + * still some new e_parse() in the core * */ public function __construct() { + // initialise the type of UTF-8 processing methods depending on PHP version and mb string extension - parent::__construct(); - - + $this->domObj = new DOMDocument('1.0', 'utf-8'); $this->init(); + $this->compileAttributeDefaults(); + $this->initCharset(); // Preprocess the supermods to be useful default arrays with all values - foreach ($this->e_SuperMods as $key => $val) + foreach($this->e_SuperMods as $key => $val) { // precalculate super defaults - $this->e_SuperMods[$key] = array_merge($this->e_optDefault , $this->e_SuperMods[$key]); + $this->e_SuperMods[$key] = array_merge($this->e_optDefault, $this->e_SuperMods[$key]); $this->e_SuperMods[$key]['context'] = $key; } @@ -270,12 +334,13 @@ class e_parse extends e_parser * Initialise the type of UTF-8 processing methods depending on PHP version and mb string extension. * Note: mb string is required during installation of e107. * NOTE: can't be called until CHARSET is known - but we all know that it is UTF-8 now + * but we all know that it is UTF-8 now * * @return void */ private function initCharset() { + // Start by working out what, if anything, we do about utf-8 handling. // 'Do nothing' is the simple option $this->utfAction = 0; @@ -290,7 +355,7 @@ class e_parse extends e_parser // Can use the mb_string routines $this->utfAction = 1; } - // Set the default encoding, so we don't have to specify every time + // Set the default encoding, so we don't have to specify every time mb_internal_encoding('UTF-8'); } } @@ -305,6 +370,7 @@ class e_parse extends e_parser */ public function ustrlen($str) { + switch($this->utfAction) { case 0: @@ -327,6 +393,7 @@ class e_parse extends e_parser */ public function ustrtolower($str) { + switch($this->utfAction) { @@ -349,11 +416,12 @@ class e_parse extends e_parser */ public function ustrtoupper($str) { + if($this->utfAction === 1) { return mb_strtoupper($str); } - + return strtoupper($str); } @@ -368,16 +436,17 @@ class e_parse extends e_parser * @param string $haystack The UTF-8 encoded string being searched in. * @param integer $needle The UTF-8 encoded string being searched for. * @param integer $offset [optional] The optional offset parameter allows you to specify which character in haystack to start searching. - * The position returned is still relative to the beginning of haystack. + * The position returned is still relative to the beginning of haystack. * @return integer|boolean Returns the position as an integer. If needle is not found, the function will return boolean FALSE. */ public function ustrpos($haystack, $needle, $offset = 0) { + if($this->utfAction === 1) { return mb_strpos($haystack, $needle, $offset); } - + return strpos($haystack, $needle, $offset); } @@ -391,18 +460,19 @@ class e_parse extends e_parser * @param string $haystack The UTF-8 encoded string being searched in. * @param integer $needle The UTF-8 encoded string being searched for. * @param integer $offset [optional] - The optional offset parameter allows you to specify which character in haystack to start searching. - * The position returned is still relative to the beginning of haystack. + * The position returned is still relative to the beginning of haystack. * @return integer|boolean Returns the position as an integer. If needle is not found, the function will return boolean FALSE. */ public function ustrrpos($haystack, $needle, $offset = 0) { + if($this->utfAction === 1) { return mb_strrpos($haystack, $needle, $offset); } return strrpos($haystack, $needle, $offset); - + } @@ -417,6 +487,7 @@ class e_parse extends e_parser */ public function ustristr($haystack, $needle, $before_needle = false) { + switch($this->utfAction) { case 0: @@ -425,10 +496,11 @@ class e_parse extends e_parser //return mb_substr($haystack, $needle, $before_needle); return mb_stristr($haystack, $needle, $before_needle); } + // No utf8 pack backup return stristr($haystack, $needle, $before_needle); } - + /** * Unicode (UTF-8) analogue of standard @link http://php.net/substr substr PHP function. * Returns the portion of string specified by the start and length parameters. @@ -438,18 +510,19 @@ class e_parse extends e_parser * * @param string $str The UTF-8 encoded string. * @param integer $start Start of portion to be returned. Position is counted in amount of UTF-8 characters from the beginning of str. - * First character's position is 0. Second character position is 1, and so on. + * First character's position is 0. Second character position is 1, and so on. * @param integer $length [optional] If length is given, the string returned will contain at most length characters beginning from start - * (depending on the length of string). If length is omitted, the rest of string from start will be returned. + * (depending on the length of string). If length is omitted, the rest of string from start will be returned. * @return string The extracted UTF-8 encoded part of input string. */ - public function usubstr($str, $start, $length = NULL) + public function usubstr($str, $start, $length = null) { + if($this->utfAction === 1) { - return ($length === null) ? mb_substr($str, $start) : mb_substr($str, $start, $length); + return ($length === null) ? mb_substr($str, $start) : mb_substr($str, $start, $length); } - + return substr($str, $start, $length); } @@ -459,32 +532,33 @@ class e_parse extends e_parser * * @param mixed $data * @param boolean $nostrip [optional] Assumes all data is GPC ($_GET, $_POST, $_COOKIE) unless indicate otherwise by setting this var to TRUE. - * If magic quotes is enabled on the server and you do not tell toDB() that the data is non GPC then slashes will be stripped when they should not be. + * If magic quotes is enabled on the server and you do not tell toDB() that the data is non GPC then slashes will be stripped when they should not be. * @param boolean $no_encode [optional] This parameter should nearly always be FALSE. It is used by the save_prefs() function to preserve HTML content within prefs even when - * the save_prefs() function has been called by a non admin user / user without html posting permissions. + * the save_prefs() function has been called by a non admin user / user without html posting permissions. * @param boolean|string $mod [optional] model = admin-ui usage. The 'no_html' and 'no_php' modifiers blanket prevent HTML and PHP posting regardless of posting permissions. (used in logging) - * The 'pReFs' value is for internal use only, when saving prefs, to prevent sanitisation of HTML. + * The 'pReFs' value is for internal use only, when saving prefs, to prevent sanitisation of HTML. * @param mixed $parm [optional] * @return mixed * @todo complete the documentation of this essential method */ - public function toDB($data = null, $nostrip =false, $no_encode = false, $mod = false, $parm = null) + public function toDB($data = null, $nostrip = false, $no_encode = false, $mod = false, $parm = null) { + $variableType = gettype($data); - if(($variableType !== 'string' && $variableType !== 'array' ) || $data === '0') + if(($variableType !== 'string' && $variableType !== 'array') || $data === '0') { return $data; } - if ($variableType === 'array') + if($variableType === 'array') { $ret = array(); - foreach ($data as $key => $var) + foreach($data as $key => $var) { //Fix - sanitize keys as well - $key = filter_var($key,FILTER_SANITIZE_STRING); + $key = filter_var($key, FILTER_SANITIZE_STRING); $ret[$key] = $this->toDB($var, $nostrip, $no_encode, $mod, $parm); } @@ -492,14 +566,14 @@ class e_parse extends e_parser } - if (MAGIC_QUOTES_GPC === true && $nostrip === false) + if(MAGIC_QUOTES_GPC === true && $nostrip === false) { $data = stripslashes($data); } $core_pref = e107::getConfig(); - if ($mod !== 'pReFs') //XXX We're not saving prefs. + if($mod !== 'pReFs') //XXX We're not saving prefs. { $data = $this->preFilter($data); // used by bb_xxx.php toDB() functions. bb_code.php toDB() allows us to properly bypass HTML cleaning below. @@ -508,32 +582,31 @@ class e_parse extends e_parser if(($this->isHtml($data)) && strpos($mod, 'no_html') === false) { $this->isHtml = true; - // $data = $this->cleanHtml($data); // sanitize all html. (moved above to include everything) + // $data = $this->cleanHtml($data); // sanitize all html. (moved above to include everything) - $data = str_replace(array('%7B','%7D'),array('{','}'),$data); // fix for {e_XXX} paths. + $data = str_replace(array('%7B', '%7D'), array('{', '}'), $data); // fix for {e_XXX} paths. } - // else // caused double-encoding of '&' + // else // caused double-encoding of '&' { - // $data = str_replace('&','&',$data); - // $data = str_replace('<','<',$data); - // $data = str_replace('>','>',$data); - // $data = str_replace('&','&',$data); + // $data = str_replace('&','&',$data); + // $data = str_replace('<','<',$data); + // $data = str_replace('>','>',$data); + // $data = str_replace('&','&',$data); } - if (!check_class($core_pref->get('post_html', e_UC_MAINADMIN))) + if(!check_class($core_pref->get('post_html', e_UC_MAINADMIN))) { $data = strip_tags($data); // remove tags from cleaned html. - $data = str_replace(array('[html]','[/html]'),'',$data); + $data = str_replace(array('[html]', '[/html]'), '', $data); } // $data = html_entity_decode($data, ENT_QUOTES, 'utf-8'); // Prevent double-entities. Fix for [code] - see bb_code.php toDB(); } - - if (check_class($core_pref->get('post_html'))) /*$core_pref->is('post_html') && XXX preformecd by cleanHtml() */ + if(check_class($core_pref->get('post_html'))) /*$core_pref->is('post_html') && XXX preformecd by cleanHtml() */ { $no_encode = true; } @@ -543,7 +616,7 @@ class e_parse extends e_parser $no_encode = false; } - if ($no_encode === true && strpos($mod, 'no_html') === false) + if($no_encode === true && strpos($mod, 'no_html') === false) { $search = array('$', '"', "'", '\\', 'get('php_bbcode'))) + if((strpos($mod, 'no_php') !== false) || !check_class($core_pref->get('php_bbcode'))) { $ret = preg_replace("#\[(php)#i", "[\\1", $ret); } @@ -583,10 +656,10 @@ class e_parse extends e_parser { $opts = array( - 'nostrip' => $nostrip, - 'noencode' => $no_encode, - 'type' => $parm['type'], - 'field' => $parm['field'] + 'nostrip' => $nostrip, + 'noencode' => $no_encode, + 'type' => $parm['type'], + 'field' => $parm['field'] ); foreach($eParseList as $plugin) @@ -606,56 +679,58 @@ class e_parse extends e_parser } - /** - * Check for umatched 'dangerous' HTML tags - * (these can destroy page layout where users are able to post HTML) - * @deprecated - * @param string $data - * @param string $tagList - if empty, uses default list of input tags. Otherwise a CSV list of tags to check (any type) + * Check for umatched 'dangerous' HTML tags + * (these can destroy page layout where users are able to post HTML) + * @param string $data + * @param string $tagList - if empty, uses default list of input tags. Otherwise a CSV list of tags to check (any type) * - * @return boolean TRUE if an unopened closing tag found - * FALSE if nothing found + * @return boolean TRUE if an unopened closing tag found + * FALSE if nothing found + * @deprecated */ public function htmlAbuseFilter($data, $tagList = '') { - trigger_error(''.__METHOD__.' is deprecated. Use $tp->cleanHtml() instead.', E_USER_WARNING); // NO LAN + + trigger_error('' . __METHOD__ . ' is deprecated. Use $tp->cleanHtml() instead.', E_USER_WARNING); // NO LAN + return $data; } /** * @deprecated - * Checks a string for potentially dangerous HTML tags, including malformed tags + * Checks a string for potentially dangerous HTML tags, including malformed tags * */ - public function dataFilter($data, $mode='bbcode') + public function dataFilter($data, $mode = 'bbcode') { + trigger_error('$tp->dateFilter() is deprecated. Use $tp->filter() instead.', E_USER_WARNING); + return $data; } /** - * Processes data as needed before its written to the DB. - * Currently gives bbcodes the opportunity to do something + * Processes data as needed before its written to the DB. + * Currently gives bbcodes the opportunity to do something * - * @param $data string - data about to be written to DB - * @return string - modified data + * @param $data string - data about to be written to DB + * @return string - modified data */ public function preFilter($data) { + if(!$this->isBBcode($data)) { return $data; } - return e107::getBB()->parseBBCodes($data, defset('USERID'), 'default', 'PRE'); // $postID = logged in user here + return e107::getBB()->parseBBCodes($data, defset('USERID'), 'default', 'PRE'); // $postID = logged in user here } - - public function toForm($text) { @@ -668,54 +743,60 @@ class e_parse extends e_parser if(is_string($text) && strpos($text, '[html]') === 0) { // $text = $this->toHTML($text,true); - $search = array('"',''','\', '&',); // '&' must be last. - $replace = array('"',"'","\\", '&'); + $search = array('"', ''', '\', '&',); // '&' must be last. + $replace = array('"', "'", "\\", '&'); - // return htmlspecialchars_decode($text); - $text = str_replace($search,$replace,$text); - // return $text; + // return htmlspecialchars_decode($text); + $text = str_replace($search, $replace, $text); + // return $text; //$text = htmlentities($text,ENT_NOQUOTES, "UTF-8"); - // return $text; + // return $text; } - // return htmlentities($text); + // return htmlentities($text); $search = array('$', '"', '<', '>', '+'); $replace = array('$', '"', '<', '>', '%2B'); $text = str_replace($search, $replace, $text); - if (e107::wysiwyg() !== true && is_string($text)) + if(e107::wysiwyg() !== true && is_string($text)) { // fix for utf-8 issue with html_entity_decode(); ??? $text = urldecode($text); - // $text = str_replace(" ", " ", $text); + // $text = str_replace(" ", " ", $text); } + return $text; } public function post_toForm($text) { + if(is_array($text)) { - foreach ($text as $key=>$value) + foreach($text as $key => $value) { $text[$this->post_toForm($key)] = $this->post_toForm($value); } + return $text; } - if(MAGIC_QUOTES_GPC == TRUE) + if(MAGIC_QUOTES_GPC == true) { $text = stripslashes($text); } + return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), $text); } - public function post_toHTML($text, $original_author = FALSE, $extra = '', $mod = FALSE) + public function post_toHTML($text, $original_author = false, $extra = '', $mod = false) { - $text = $this->toDB($text, FALSE, FALSE, $mod, $original_author); - return $this->toHTML($text, TRUE, $extra); + + $text = $this->toDB($text, false, false, $mod, $original_author); + + return $this->toHTML($text, true, $extra); } /** @@ -737,7 +818,6 @@ class e_parse extends e_parser } - /** * Simple parser * @@ -746,30 +826,32 @@ class e_parse extends e_parser * @param string $replaceUnset string to be used if replace variable is not set, false - don't replace * @return string parsed content */ - public function simpleParse($template, $vars, $replaceUnset='') + public function simpleParse($template, $vars, $replaceUnset = '') { + $this->replaceVars = $vars; $this->replaceUnset = $replaceUnset; + return preg_replace_callback("#\{([a-zA-Z0-9_]+)\}#", array($this, 'simpleReplace'), $template); } - protected function simpleReplace($tmp) + protected function simpleReplace($tmp) { $unset = ($this->replaceUnset !== false ? $this->replaceUnset : $tmp[0]); if(is_array($this->replaceVars)) { - $this->replaceVars = new e_vars($this->replaceVars); + $this->replaceVars = new e_vars($this->replaceVars); //return ($this->replaceVars[$key] !== null ? $this->replaceVars[$key]: $unset); } $key = $tmp[1]; // PHP7 fix. + return (!empty($this->replaceVars) && ($this->replaceVars->$key !== null)) ? $this->replaceVars->$key : $unset; // Doesn't work. } /** - * @todo find a modern replacement * @param $str * @param $width * @param string $break @@ -777,9 +859,11 @@ class e_parse extends e_parser * @param string $nobr * @param false $utf * @return string + * @todo find a modern replacement */ - public function htmlwrap($str, $width, $break = "\n", $nobreak = 'a', $nobr = 'pre', $utf = FALSE) + public function htmlwrap($str, $width, $break = "\n", $nobreak = 'a', $nobr = 'pre', $utf = false) { + /* Pretty well complete rewrite to try and handle utf-8 properly. Breaks each utf-8 'word' every $width characters max. If possible, breaks after 'safe' characters. @@ -791,9 +875,9 @@ class e_parse extends e_parser //return $str; // Don't wrap if non-numeric width - $width = (int)$width; + $width = (int) $width; // And trap stupid wrap counts - if ($width < 6) + if($width < 6) { return $str; } @@ -811,7 +895,7 @@ class e_parse extends e_parser $lbrks = "/?!%)-}]\\\"':;&"; // Is $str a UTF8 string? - if ($utf || strtolower(CHARSET) === 'utf-8') + if($utf || strtolower(CHARSET) === 'utf-8') { // 0x1680, 0x180e, 0x2000-0x200a, 0x2028, 0x205f, 0x3000 are 'non-ASCII' Unicode UCS-4 codepoints - see http://www.unicode.org/Public/UNIDATA/UnicodeData.txt // All convert to 3-byte utf-8 sequences: @@ -836,19 +920,19 @@ class e_parse extends e_parser // Start of the serious stuff - split into HTML tags and text between - $content = preg_split('#(<.*?'.'>)#mis', $str, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE ); + $content = preg_split('#(<.*?' . '>)#mis', $str, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); foreach($content as $value) { - if ($value[0] === '<') + if($value[0] === '<') { // We are within an HTML tag // Create a lowercase copy of this tag's contents $lvalue = strtolower(substr($value, 1, -1)); - if ($lvalue) + if($lvalue) { // Tag of non-zero length // If the first character is not a / then this is an opening tag - if ($lvalue[0] !== '/') + if($lvalue[0] !== '/') { // Collect the tag name preg_match("/^(\w*?)(\s|$)/", $lvalue, $t); @@ -863,12 +947,12 @@ class e_parse extends e_parser { // Otherwise this is a closing tag // If this is a closing tag for a protected element, unset the flag - if (in_array(substr($lvalue, 1), $nobreak)) + if(in_array(substr($lvalue, 1), $nobreak)) { reset($innbk); - foreach($innbk as $key=>$tag) + foreach($innbk as $key => $tag) { - if (substr($lvalue, 1) == $tag) + if(substr($lvalue, 1) == $tag) { unset($innbk[$key]); break; @@ -885,10 +969,10 @@ class e_parse extends e_parser } // Else if we're outside any tags, and with non-zero length string... } - elseif ($value) + elseif($value) { // If unprotected... - if (!count($innbk)) + if(!count($innbk)) { // Use the ACK (006) ASCII symbol to replace all HTML entities temporarily $value = str_replace("\x06", '', $value); @@ -897,26 +981,26 @@ class e_parse extends e_parser // echo "Found block length ".strlen($value).': '.substr($value,20).'
'; // Split at spaces - note that this will fail if presented with invalid utf-8 when doing the regex whitespace search // $split = preg_split('#(\s)#'.$utf8, $value, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE ); - $split = preg_split($whiteSpace, $value, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE ); + $split = preg_split($whiteSpace, $value, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); $value = ''; - foreach ($split as $sp) + foreach($split as $sp) { // echo "Split length ".strlen($sp).': '.substr($sp,20).'
'; $loopCount = 0; - while (strlen($sp) > $width) + while(strlen($sp) > $width) { // Enough characters that we may need to do something. $pulled = ''; - if ($utf8) + if($utf8) { // Pull out a piece of the maximum permissible length - if (preg_match('#^((?:[\x00-\x7F]|[\xC0-\xFF][\x80-\xBF]+){0,'.$width.'})(.?).*#s',$sp,$matches) == 0) + if(preg_match('#^((?:[\x00-\x7F]|[\xC0-\xFF][\x80-\xBF]+){0,' . $width . '})(.?).*#s', $sp, $matches) == 0) { // Make any problems obvious for now - $value .= '[!invalid utf-8: '.$sp.'!]'; + $value .= '[!invalid utf-8: ' . $sp . '!]'; $sp = ''; } - elseif (empty($matches[2])) + elseif(empty($matches[2])) { // utf-8 length is less than specified - treat as a special case $value .= $sp; @@ -927,7 +1011,7 @@ class e_parse extends e_parser // Need to find somewhere to break the string for($i = strlen($matches[1]) - 1; $i >= 0; $i--) { - if(strpos($lbrks, $matches[1][$i]) !== FALSE) + if(strpos($lbrks, $matches[1][$i]) !== false) { break; } @@ -943,24 +1027,24 @@ class e_parse extends e_parser } } $loopCount++; - if ($loopCount > 20) + if($loopCount > 20) { // Make any problems obvious for now - $value .= '[!loop count exceeded: '.$sp.'!]'; + $value .= '[!loop count exceeded: ' . $sp . '!]'; $sp = ''; } } else { - for ($i = min($width, strlen($sp)); $i > 0; $i--) + for($i = min($width, strlen($sp)); $i > 0; $i--) { // No speed advantage to defining match character - if (strpos($lbrks, $sp[$i-1]) !== FALSE) + if(strpos($lbrks, $sp[$i - 1]) !== false) { break; } } - if ($i == 0) + if($i == 0) { // No 'special' break boundary character found - break at the word boundary $pulled = substr($sp, 0, $width); @@ -970,9 +1054,9 @@ class e_parse extends e_parser $pulled = substr($sp, 0, $i); } } - if ($pulled) + if($pulled) { - $value .= $pulled.$break; + $value .= $pulled . $break; // Shorten $sp by whatever we've processed (will work even for utf-8) $sp = substr($sp, strlen($pulled)); } @@ -981,7 +1065,7 @@ class e_parse extends e_parser $value .= $sp; } // Put captured HTML entities back into the string - foreach ($ents[0] as $ent) + foreach($ents[0] as $ent) { $value = preg_replace("/\x06/", $ent, $value, 1); } @@ -990,6 +1074,7 @@ class e_parse extends e_parser // Send the modified segment down the drain $drain .= $value; } + // Return contents of the drain return $drain; } @@ -1001,15 +1086,16 @@ class e_parse extends e_parser * Truncate a HTML string * * Cuts a string to the length of $length and adds the value of $ending if the text is longer than length. - * @todo find a modern replacement - * @param string $text String to truncate. + * @param string $text String to truncate. * @param integer $length Length of returned string, including ellipsis. * @param string $ending It will be used as Ending and appended to the trimmed string. * @param boolean $exact If false, $text will not be cut mid-word * @return string Trimmed string. + * @todo find a modern replacement */ public function html_truncate($text, $length = 100, $ending = '...', $exact = true) { + if($this->ustrlen(preg_replace('/<.*?>/', '', $text)) <= $length) { return $text; @@ -1027,7 +1113,7 @@ class e_parse extends e_parser { array_unshift($openTags, $tag[2]); } - else if(preg_match('/<\/([\w]+)[^>]*>/', $tag[0], $closeTag)) + elseif(preg_match('/<\/([\w]+)[^>]*>/', $tag[0], $closeTag)) { $pos = array_search($closeTag[1], $openTags); if($pos !== false) @@ -1095,6 +1181,7 @@ class e_parse extends e_parser { $truncate .= ''; } + return $truncate; } @@ -1110,6 +1197,7 @@ class e_parse extends e_parser */ public function text_truncate($text, $len = 200, $more = ' ... ') { + // Always valid if($this->ustrlen($text) <= $len) @@ -1117,13 +1205,13 @@ class e_parse extends e_parser return $text; } - $text = html_entity_decode($text,ENT_QUOTES,'utf-8'); + $text = html_entity_decode($text, ENT_QUOTES, 'utf-8'); if(function_exists('mb_strimwidth')) { return mb_strimwidth($text, 0, $len, $more); } - + $ret = $this->usubstr($text, 0, $len); // search for possible broken html entities @@ -1136,17 +1224,20 @@ class e_parse extends e_parser $ret = $this->usubstr($ret, 0, $this->ustrlen($ret) - 8 + $leftAmp); } - return $ret.$more; + return $ret . $more; } public function textclean($text, $wrap = 100) { + $text = str_replace("\n\n\n", "\n\n", $text); $text = $this->htmlwrap($text, $wrap); $text = str_replace(array('
', '
', '
'), '
', $text); + /* we can remove any linebreaks added by htmlwrap function as any \n's will be converted later anyway */ + return $text; } @@ -1155,21 +1246,22 @@ class e_parse extends e_parser // Returns TRUE if highlighting is active for this page display public function checkHighlighting() { + global $pref; - if (!defined('e_SELF')) + if(!defined('e_SELF')) { // Still in startup, so can't calculate highlighting - return FALSE; + return false; } if(!isset($this->e_highlighting)) { - $this->e_highlighting = FALSE; + $this->e_highlighting = false; $shr = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''); - if($pref['search_highlight'] && (strpos(e_SELF, 'search.php') === FALSE) && ((strpos($shr, 'q=') !== FALSE) || (strpos($shr, 'p=') !== FALSE))) + if($pref['search_highlight'] && (strpos(e_SELF, 'search.php') === false) && ((strpos($shr, 'q=') !== false) || (strpos($shr, 'p=') !== false))) { - $this->e_highlighting = TRUE; + $this->e_highlighting = true; if(!isset($this->e_query)) { preg_match('#(q|p)=(.*?)(&|$)#', $shr, $matches); @@ -1177,6 +1269,7 @@ class e_parse extends e_parser } } } + return $this->e_highlighting; } @@ -1186,11 +1279,11 @@ class e_parse extends e_parser * @param string $text * @param string $type email|url * @param array $opts options. (see below) - * @param string $opts['sub'] substitute text within links - * @param bool $opts['ext'] load link in new window (not for email) + * @param string $opts ['sub'] substitute text within links + * @param bool $opts ['ext'] load link in new window (not for email) * @return string */ - public function makeClickable($text='', $type='email', $opts=array()) + public function makeClickable($text = '', $type = 'email', $opts = array()) { if(empty($text)) @@ -1200,9 +1293,9 @@ class e_parse extends e_parser $textReplace = (!empty($opts['sub'])) ? $opts['sub'] : ''; - if(substr($textReplace,-6) === '.glyph') + if(substr($textReplace, -6) === '.glyph') { - $textReplace = $this->toGlyph($textReplace,''); + $textReplace = $this->toGlyph($textReplace, ''); } switch($type) @@ -1222,9 +1315,9 @@ class e_parse extends e_parser { $email = trim($eml); $srch[] = $email; - $repl[] = $this->emailObfuscate($email,$textReplace); + $repl[] = $this->emailObfuscate($email, $textReplace); } - $text = str_replace($srch,$repl,$text); + $text = str_replace($srch, $repl, $text); } break; @@ -1233,9 +1326,9 @@ class e_parse extends e_parser $linktext = (!empty($textReplace)) ? $textReplace : '$3'; $external = (!empty($opts['ext'])) ? 'target="_blank"' : ''; - $text= preg_replace("/(^|[\n \(])([\w]*?)([\w]*?:\/\/[\w]+[^ \,\"\n\r\t<]*)/is", '$1$2' .$linktext. '', $text); - $text= preg_replace("/(^|[\n \(])([\w]*?)((www)\.[^ \,\"\t\n\r\)<]*)/is", '$1$2' .$linktext. '', $text); - $text= preg_replace("/(^|[\n ])([\w]*?)((ftp)\.[^ \,\"\t\n\r<]*)/is", '$1$2' .$linktext. '', $text); + $text = preg_replace("/(^|[\n \(])([\w]*?)([\w]*?:\/\/[\w]+[^ \,\"\n\r\t<]*)/is", '$1$2' . $linktext . '', $text); + $text = preg_replace("/(^|[\n \(])([\w]*?)((www)\.[^ \,\"\t\n\r\)<]*)/is", '$1$2' . $linktext . '', $text); + $text = preg_replace("/(^|[\n ])([\w]*?)((ftp)\.[^ \,\"\t\n\r<]*)/is", '$1$2' . $linktext . '', $text); break; @@ -1244,13 +1337,12 @@ class e_parse extends e_parser return $text; - } - public function parseBBCodes($text, $postID) { + return e107::getBB()->parseBBCodes($text, $postID); } @@ -1261,16 +1353,17 @@ class e_parse extends e_parser * @param string $text * @param boolean $parseBB [optional] * @param string $modifiers [optional] TITLE|SUMMARY|DESCRIPTION|BODY|RAW|LINKTEXT etc. - * Comma-separated list, no spaces allowed - * first modifier must be a CONTEXT modifier, in UPPER CASE. - * subsequent modifiers are lower case - see $this->e_Modifiers for possible values + * Comma-separated list, no spaces allowed + * first modifier must be a CONTEXT modifier, in UPPER CASE. + * subsequent modifiers are lower case - see $this->e_Modifiers for possible values * @param mixed $postID [optional] * @param boolean $wrap [optional] * @return string * @todo complete the documentation of this essential method */ - public function toHTML($text, $parseBB = FALSE, $modifiers = '', $postID = '', $wrap = FALSE) + public function toHTML($text, $parseBB = false, $modifiers = '', $postID = '', $wrap = false) { + if(empty($text) || !is_string($text)) { return $text; @@ -1285,31 +1378,31 @@ class e_parse extends e_parser // Now process any modifiers that are specified - if ($modifiers) + if($modifiers) { $aMods = explode(',', $modifiers); // If there's a supermodifier, it must be first, and in uppercase $psm = trim($aMods[0]); - if (isset($this->e_SuperMods[$psm])) + if(isset($this->e_SuperMods[$psm])) { // Supermodifier found - override default values where necessary - $opts = array_merge($opts,$this->e_SuperMods[$psm]); + $opts = array_merge($opts, $this->e_SuperMods[$psm]); $opts['context'] = $psm; unset($aMods[0]); } // Now find any regular modifiers; use them to modify the context // (there should only be one or two out of the list of possibles) - foreach ($aMods as $mod) + foreach($aMods as $mod) { // Slight concession to varying coding styles - stripping spaces is a waste of CPU cycles! $mod = trim($mod); - if (isset($this->e_Modifiers[$mod])) + if(isset($this->e_Modifiers[$mod])) { // This is probably quicker than array_merge // - especially as usually only one or two loops - foreach ($this->e_Modifiers[$mod] as $k => $v) + foreach($this->e_Modifiers[$mod] as $k => $v) { // Update our context-specific options $opts[$k] = $v; @@ -1339,10 +1432,10 @@ class e_parse extends e_parser $opts['nobreak'] = true; $text = trim($text); - if(strpos($text,'[center]') === 0) // quick bc fix TODO Find a better solution. [center][/center] containing HTML. - { - $text = str_replace(array('[center]', '[/center]'), array("
", '
'), $text); - } + if(strpos($text, '[center]') === 0) // quick bc fix TODO Find a better solution. [center][/center] containing HTML. + { + $text = str_replace(array('[center]', '[/center]'), array("
", '
'), $text); + } } $fromadmin = $opts['fromadmin']; @@ -1351,24 +1444,24 @@ class e_parse extends e_parser // The check for '::' is a workaround for a bug in the Zend Optimiser 3.3.0 and PHP 5.2.4 combination // - causes crashes if '::' in site name - if($opts['defs'] && (strlen($text) < 35) && ((strpos($text, '::') === FALSE) && defined(trim($text)))) + if($opts['defs'] && (strlen($text) < 35) && ((strpos($text, '::') === false) && defined(trim($text)))) { $text = constant(trim($text)); // don't return yet, words could be hooked with linkwords etc. } - if ($opts['no_tags']) + if($opts['no_tags']) { $text = strip_tags($text); } - - if (MAGIC_QUOTES_GPC === true) // precaution for badly saved data. + + if(MAGIC_QUOTES_GPC === true) // precaution for badly saved data. { $text = stripslashes($text); } // Make sure we have a valid count for word wrapping - if (!$wrap && !empty($pref['main_wordwrap'])) + if(!$wrap && !empty($pref['main_wordwrap'])) { $wrap = $pref['main_wordwrap']; } @@ -1380,10 +1473,9 @@ class e_parse extends e_parser $last_bbcode = ''; // So we can change them on each loop $saveOpts = $opts; - - - - if ($parseBB == false) + + + if($parseBB == false) { $content = array($text); } @@ -1391,21 +1483,21 @@ class e_parse extends e_parser { // Split each text block into bits which are either within one of the 'key' bbcodes, or outside them // (Because we have to match end words, the 'extra' capturing subpattern gets added to output array. We strip it later) - $content = preg_split('#(\[(table|html|php|code|scode|hide).*?\[/(?:\\2)\])#mis', $text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE ); + $content = preg_split('#(\[(table|html|php|code|scode|hide).*?\[/(?:\\2)\])#mis', $text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); } // Use $full_text variable so its available to special bbcodes if required - foreach ($content as $full_text) + foreach($content as $full_text) { - $proc_funcs = TRUE; - $convertNL = TRUE; + $proc_funcs = true; + $convertNL = true; // We may have 'captured' a bbcode word - strip it if so - if ($last_bbcode == $full_text) + if($last_bbcode == $full_text) { $last_bbcode = ''; - $proc_funcs = FALSE; + $proc_funcs = false; $full_text = ''; } else @@ -1415,11 +1507,11 @@ class e_parse extends e_parser // Have to have a good test in case a 'non-key' bbcode starts the block // - so pull out the bbcode parameters while we're there - if (($parseBB !== FALSE) && preg_match('#(^\[(table|html|php|code|scode|hide)(.*?)\])(.*?)(\[/\\2\]$)#is', $full_text, $matches )) + if(($parseBB !== false) && preg_match('#(^\[(table|html|php|code|scode|hide)(.*?)\])(.*?)(\[/\\2\]$)#is', $full_text, $matches)) { // It's one of the 'key' bbcodes // Usually don't want 'normal' processing if its a 'special' bbcode - $proc_funcs = FALSE; + $proc_funcs = false; // $matches[0] - complete block from opening bracket of opening tag to closing bracket of closing tag // $matches[1] - complete opening tag (inclusive of brackets) // $matches[2] - bbcode word @@ -1427,51 +1519,51 @@ class e_parse extends e_parser // $matches[4] - bit between the tags (i.e. text to process) // $matches[5] - closing tag // In case we decide to load a file - - $bbPath = e_CORE.'bbcodes/'; - $bbFile = strtolower(str_replace('_', '', $matches[2])); - $bbcode = ''; - $className = ''; - $full_text = ''; - $code_text = $matches[4]; - $parm = $matches[3] ? substr($matches[3],1) : ''; - $last_bbcode = $matches[2]; - - switch ($matches[2]) + + $bbPath = e_CORE . 'bbcodes/'; + $bbFile = strtolower(str_replace('_', '', $matches[2])); + $bbcode = ''; + $className = ''; + $full_text = ''; + $code_text = $matches[4]; + $parm = $matches[3] ? substr($matches[3], 1) : ''; + $last_bbcode = $matches[2]; + + switch($matches[2]) { case 'php' : // Probably run the output through the normal processing functions - but put here so the PHP code can disable if desired - $proc_funcs = TRUE; + $proc_funcs = true; // This is just the contents of the php.bb file pulled in - its short, so will be quicker - // $search = array(""", "'", "$", '
', E_NL, "->", "<br />"); - // $replace = array('"', "'", "$", "\n", "\n", "->", "
"); + // $search = array(""", "'", "$", '
', E_NL, "->", "<br />"); + // $replace = array('"', "'", "$", "\n", "\n", "->", "
"); // Shouldn't have any parameter on this bbcode // Not sure whether checks are necessary now we've reorganised - // if (!$matches[3]) $bbcode = str_replace($search, $replace, $matches[4]); + // if (!$matches[3]) $bbcode = str_replace($search, $replace, $matches[4]); // Because we're bypassing most of the initial parser processing, we should be able to just reverse the effects of toDB() and execute the code // [SecretR] - avoid php code injections, missing php.bb will completely disable user posted php blocks - $bbcode = file_get_contents($bbPath.$bbFile.'.bb'); - if (!$matches[3]) + $bbcode = file_get_contents($bbPath . $bbFile . '.bb'); + if(!$matches[3]) { $code_text = html_entity_decode($matches[4], ENT_QUOTES, 'UTF-8'); } break; case 'html' : // This overrides and deprecates html.bb - $proc_funcs = TRUE; + $proc_funcs = true; - // $code_text = str_replace("\r\n", " ", $code_text); - // $code_text = html_entity_decode($code_text, ENT_QUOTES, CHARSET); - // $code_text = str_replace('&','&',$code_text); // validation safe. + // $code_text = str_replace("\r\n", " ", $code_text); + // $code_text = html_entity_decode($code_text, ENT_QUOTES, CHARSET); + // $code_text = str_replace('&','&',$code_text); // validation safe. $html_start = ''; // markers for html-to-bbcode replacement. - $html_end = ''; - $full_text = str_replace(array('[html]', '[/html]'), '',$code_text); // quick fix.. security issue? + $html_end = ''; + $full_text = str_replace(array('[html]', '[/html]'), '', $code_text); // quick fix.. security issue? $full_text = $this->parseBBCodes($full_text, $postID); // parse any embedded bbcodes eg. [img] - $full_text = $this->replaceConstants($full_text,'abs'); // parse any other paths using {e_.... - $full_text = $html_start.$full_text.$html_end; + $full_text = $this->replaceConstants($full_text, 'abs'); // parse any other paths using {e_.... + $full_text = $html_start . $full_text . $html_end; $full_text = $this->parseBBTags($full_text); // strip tags. $opts['nobreak'] = true; $parseBB = false; // prevent further bbcode processing. @@ -1480,42 +1572,42 @@ class e_parse extends e_parser break; case 'table' : // strip
from inside of - - $convertNL = FALSE; + + $convertNL = false; // break; case 'hide' : - $proc_funcs = TRUE; + $proc_funcs = true; - default : // Most bbcodes will just execute their normal file + default : // Most bbcodes will just execute their normal file // @todo should we cache these bbcodes? require_once should make class-related codes quite efficient - if (file_exists($bbPath.'bb_'.$bbFile.'.php')) - { // Its a bbcode class file - require_once($bbPath.'bb_'.$bbFile.'.php'); - $className = 'bb_'.$last_bbcode; + if(file_exists($bbPath . 'bb_' . $bbFile . '.php')) + { // Its a bbcode class file + require_once($bbPath . 'bb_' . $bbFile . '.php'); + $className = 'bb_' . $last_bbcode; $this->bbList[$last_bbcode] = new $className(); } - elseif(file_exists($bbPath.$bbFile.'.bb')) + elseif(file_exists($bbPath . $bbFile . '.bb')) { - $bbcode = file_get_contents($bbPath.$bbFile.'.bb'); + $bbcode = file_get_contents($bbPath . $bbFile . '.bb'); } } // end - switch ($matches[2]) - if ($className) + if($className) { /** @var e_bb_base $tempCode */ $tempCode = new $className(); $full_text = $tempCode->bbPreDisplay($matches[4], $parm); } - elseif ($bbcode) - { // Execute the file - $full_text = eval($bbcode); // Require output of bbcode to be returned + elseif($bbcode) + { // Execute the file + $full_text = eval($bbcode); // Require output of bbcode to be returned // added to remove possibility of nested bbcode exploits ... // (same as in bbcode_handler - is it right that it just operates on $bbcode_return and not on $bbcode_output? - QUERY XXX-02 } - if(strpos($full_text, '[') !== FALSE) + if(strpos($full_text, '[') !== false) { $exp_search = array('eval', 'expression'); $exp_replace = array('eval', 'expression'); @@ -1526,21 +1618,21 @@ class e_parse extends e_parser // Do the 'normal' processing - in principle, as previously - but think about the order. - if ($proc_funcs && !empty($full_text)) // some more speed + if($proc_funcs && !empty($full_text)) // some more speed { // Split out and ignore any scripts and style blocks. With just two choices we can match the closing tag in the regex - $subcon = preg_split('#((?:]+>.*?|tyle[^>]+>.*?))#mis', $full_text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE ); - foreach ($subcon as $sub_blk) + $subcon = preg_split('#((?:]+>.*?|tyle[^>]+>.*?))#mis', $full_text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); + foreach($subcon as $sub_blk) { - if(strpos($sub_blk,'\s*[\r]*\n[\r]*#", ">", $sub_blk); - } -*/ + + /* + // Line break compression - filter white space after HTML tags - among other things, ensures HTML tables display properly + // Hopefully now achieved by other means + if ($convertNL && !$opts['nobreak']) + { + $sub_blk = preg_replace("#>\s*[\r]*\n[\r]*#", ">", $sub_blk); + } + */ // Link substitution // Convert URL's to clickable links, unless modifiers or prefs override - if ($opts['link_click']) + if($opts['link_click']) { - if ($opts['link_replace'] && defset('ADMIN_AREA') !== true) + if($opts['link_replace'] && defset('ADMIN_AREA') !== true) { $link_text = $pref['link_text']; $email_text = ($pref['email_text']) ? $this->replaceConstants($pref['email_text']) : LAN_EMAIL_SUBS; - $sub_blk = $this->makeClickable($sub_blk, 'url', array('sub'=> $link_text,'ext'=>$pref['links_new_window'])); - $sub_blk = $this->makeClickable($sub_blk, 'email', array('sub'=> $email_text)); + $sub_blk = $this->makeClickable($sub_blk, 'url', array('sub' => $link_text, 'ext' => $pref['links_new_window'])); + $sub_blk = $this->makeClickable($sub_blk, 'email', array('sub' => $email_text)); } else { - $sub_blk = $this->makeClickable($sub_blk, 'url', array('ext'=>true)); + $sub_blk = $this->makeClickable($sub_blk, 'url', array('ext' => true)); $sub_blk = $this->makeClickable($sub_blk, 'email'); } @@ -1590,16 +1682,16 @@ class e_parse extends e_parser // Convert emoticons to graphical icons, if enabled - if ($opts['emotes']) + if($opts['emotes']) { $sub_blk = e107::getEmote()->filterEmotes($sub_blk); } // Reduce newlines in all forms to a single newline character (finds '\n', '\r\n', '\n\r') - if (!$opts['nobreak']) + if(!$opts['nobreak']) { - if ($convertNL && ($this->preformatted($sub_blk) === false)) // eg. html or markdown + if($convertNL && ($this->preformatted($sub_blk) === false)) // eg. html or markdown { // We may need to convert to
later $sub_blk = preg_replace("#[\r]*\n[\r]*#", E_NL, $sub_blk); @@ -1627,25 +1719,25 @@ class e_parse extends e_parser // BBCode processing (other than the four already done, which shouldn't appear at all in the text) - if ($parseBB !== false) + if($parseBB !== false) { - if ($parseBB === true) + if($parseBB === true) { // 'Normal' or 'legacy' processing if($modifiers === 'WYSIWYG') { $sub_blk = e107::getBB()->parseBBCodes($sub_blk, $postID, 'wysiwyg'); } - else + else { $sub_blk = e107::getBB()->parseBBCodes($sub_blk, $postID); } - + } - elseif ($parseBB === 'STRIP') + elseif($parseBB === 'STRIP') { // Need to strip all BBCodes - $sub_blk = e107::getBB()->parseBBCodes($sub_blk, $postID, 'default', TRUE); + $sub_blk = e107::getBB()->parseBBCodes($sub_blk, $postID, 'default', true); } else { @@ -1657,18 +1749,18 @@ class e_parse extends e_parser // replace all {e_XXX} constants with their e107 value. modifier determines relative/absolute conversion // (Moved to after bbcode processing by Cameron) - if ($opts['constants']) + if($opts['constants']) { - $sub_blk = $this->replaceConstants($sub_blk, $opts['constants']); // Now decodes text values + $sub_blk = $this->replaceConstants($sub_blk, $opts['constants']); // Now decodes text values } // profanity filter - if (!empty($pref['profanity_filter'])) + if(!empty($pref['profanity_filter'])) { - if (!is_object($this->e_pf)) + if(!is_object($this->e_pf)) { - // require_once(e_HANDLER."profanity_filter.php"); + // require_once(e_HANDLER."profanity_filter.php"); $this->e_pf = new e_profanityFilter; } $sub_blk = $this->e_pf->filterProfanities($sub_blk); @@ -1677,42 +1769,42 @@ class e_parse extends e_parser // Shortcodes // Optional short-code conversion - if ($opts['parse_sc']) + if($opts['parse_sc']) { - $sub_blk = $this->parseTemplate($sub_blk, TRUE); + $sub_blk = $this->parseTemplate($sub_blk, true); } /** * / @deprecated */ - if ($opts['hook']) //Run any hooked in parsers + if($opts['hook']) //Run any hooked in parsers { - if (!empty($pref['tohtml_hook'])) + if(!empty($pref['tohtml_hook'])) { - // trigger_error('tohtml_hook is deprecated. Use e_parse.php instead.', E_USER_DEPRECATED); // NO LAN + // trigger_error('tohtml_hook is deprecated. Use e_parse.php instead.', E_USER_DEPRECATED); // NO LAN //Process the older tohtml_hook pref (deprecated) foreach(explode(',', $pref['tohtml_hook']) as $hook) { - if (!is_object($this->e_hook[$hook]) && is_readable(e_PLUGIN . $hook . "/" . $hook . ".php")) + if(!is_object($this->e_hook[$hook]) && is_readable(e_PLUGIN . $hook . "/" . $hook . ".php")) { - require_once(e_PLUGIN.$hook."/".$hook.".php"); - $hook_class = "e_".$hook; + require_once(e_PLUGIN . $hook . "/" . $hook . ".php"); + $hook_class = "e_" . $hook; $this->e_hook[$hook] = new $hook_class; } if(is_object($this->e_hook[$hook])) // precaution for old plugins. { - $sub_blk = $this->e_hook[$hook]->$hook($sub_blk,$opts['context']); + $sub_blk = $this->e_hook[$hook]->$hook($sub_blk, $opts['context']); } } } /** - * / @deprecated - */ + * / @deprecated + */ if(isset($pref['e_tohtml_list']) && is_array($pref['e_tohtml_list'])) { @@ -1723,16 +1815,16 @@ class e_parse extends e_parser continue; } - if (empty($this->e_hook[$hook]) && is_readable(e_PLUGIN . $hook . "/e_tohtml.php") /*&& !is_object($this->e_hook[$hook])*/) + if(empty($this->e_hook[$hook]) && is_readable(e_PLUGIN . $hook . "/e_tohtml.php") /*&& !is_object($this->e_hook[$hook])*/) { - require_once(e_PLUGIN.$hook."/e_tohtml.php"); + require_once(e_PLUGIN . $hook . "/e_tohtml.php"); - $hook_class = "e_tohtml_".$hook; + $hook_class = "e_tohtml_" . $hook; $this->e_hook[$hook] = new $hook_class; } - if(is_object( $this->e_hook[$hook])) + if(is_object($this->e_hook[$hook])) { /** @var e_tohtml_linkwords $deprecatedHook */ $deprecatedHook = $this->e_hook[$hook]; @@ -1741,68 +1833,63 @@ class e_parse extends e_parser } } - /** - * / Preferred 'hook' - */ - if(!empty($pref['e_parse_list'])) - { - foreach($pref['e_parse_list'] as $plugin) + /** + * / Preferred 'hook' + */ + if(!empty($pref['e_parse_list'])) { - $hookObj = e107::getAddon($plugin,'e_parse'); - if($tmp = e107::callMethod($hookObj, 'toHTML', $sub_blk, $opts['context'])) + foreach($pref['e_parse_list'] as $plugin) { - $sub_blk = $tmp; + $hookObj = e107::getAddon($plugin, 'e_parse'); + if($tmp = e107::callMethod($hookObj, 'toHTML', $sub_blk, $opts['context'])) + { + $sub_blk = $tmp; + } + } } + } - - - - } - - // Word wrap - if ($wrap && !$opts['nobreak']) + if($wrap && !$opts['nobreak']) { $sub_blk = $this->textclean($sub_blk, $wrap); } // Search highlighting - if ($opts['emotes'] && $this->checkHighlighting()) // Why?? + if($opts['emotes'] && $this->checkHighlighting()) // Why?? { $sub_blk = $this->e_highlight($sub_blk, $this->e_query); } - - if($convertNL == true) { // Default replaces all \n with
for HTML display $nl_replace = '
'; - if ($opts['nobreak']) + if($opts['nobreak']) { $nl_replace = ''; } - elseif ($opts['retain_nl']) + elseif($opts['retain_nl']) { $nl_replace = "\n"; } - + $sub_blk = str_replace(E_NL, $nl_replace, $sub_blk); } $ret_parser .= $sub_blk; - } // End of 'normal' processing for a block of text + } // End of 'normal' processing for a block of text - } // End of 'foreach() on each block of non-script text + } // End of 'foreach() on each block of non-script text - } // End of 'normal' parsing (non-script text) + } // End of 'normal' parsing (non-script text) else { // Text block that needed no processing at all @@ -1813,13 +1900,13 @@ class e_parse extends e_parser // Quick Fix - Remove trailing
on block-level elements (eg. div, pre, table, etc. ) $srch = array(); $repl = array(); - + foreach($this->blockTags as $val) { - $srch[] = '
'; - $repl[] = ''; + $srch[] = '
'; + $repl[] = ''; } - + $ret_parser = str_replace($srch, $repl, $ret_parser); return trim($ret_parser); @@ -1833,9 +1920,10 @@ class e_parse extends e_parser */ private function preformatted($str) { + foreach($this->preformatted as $type) { - $code = '['.$type.']'; + $code = '[' . $type . ']'; if(strpos($str, $code) === 0) { return true; @@ -1908,8 +1996,10 @@ class e_parse extends e_parser 'ά' => 'a', 'έ' => 'e', 'ί' => 'i', 'ό' => 'o', 'ύ' => 'y', 'ή' => 'h', 'ώ' => 'w', 'ς' => 's', 'ϊ' => 'i', 'ΰ' => 'y', 'ϋ' => 'y', 'ΐ' => 'i', // Turkish - 'Ş' => 'S', 'İ' => 'I', /*'Ç' => 'C', 'Ü' => 'U', 'Ö' => 'O',*/ 'Ğ' => 'G', - 'ş' => 's', 'ı' => 'i', /*'ç' => 'c', 'ü' => 'u', 'ö' => 'o',*/ 'ğ' => 'g', + 'Ş' => 'S', 'İ' => 'I', /*'Ç' => 'C', 'Ü' => 'U', 'Ö' => 'O',*/ + 'Ğ' => 'G', + 'ş' => 's', 'ı' => 'i', /*'ç' => 'c', 'ü' => 'u', 'ö' => 'o',*/ + 'ğ' => 'g', // Russian 'А' => 'A', 'Б' => 'B', 'В' => 'V', 'Г' => 'G', 'Д' => 'D', 'Е' => 'E', 'Ё' => 'Yo', 'Ж' => 'Zh', 'З' => 'Z', 'И' => 'I', 'Й' => 'J', 'К' => 'K', 'Л' => 'L', 'М' => 'M', 'Н' => 'N', 'О' => 'O', @@ -1930,17 +2020,21 @@ class e_parse extends e_parser 'č' => 'c', 'ď' => 'd', 'ě' => 'e', 'ň' => 'n', 'ř' => 'r', 'š' => 's', 'ť' => 't', 'ů' => 'u', 'ž' => 'z', // Polish - 'Ą' => 'A', 'Ć' => 'C', 'Ę' => 'e', 'Ł' => 'L', 'Ń' => 'N', /*'Ó' => 'o',*/ 'Ś' => 'S', 'Ź' => 'Z', + 'Ą' => 'A', 'Ć' => 'C', 'Ę' => 'e', 'Ł' => 'L', 'Ń' => 'N', /*'Ó' => 'o',*/ + 'Ś' => 'S', 'Ź' => 'Z', 'Ż' => 'Z', - 'ą' => 'a', 'ć' => 'c', 'ę' => 'e', 'ł' => 'l', 'ń' => 'n',/* 'ó' => 'o',*/ 'ś' => 's', 'ź' => 'z', + 'ą' => 'a', 'ć' => 'c', 'ę' => 'e', 'ł' => 'l', 'ń' => 'n',/* 'ó' => 'o',*/ + 'ś' => 's', 'ź' => 'z', 'ż' => 'z', // Latvian - 'Ā' => 'A',/* 'Č' => 'C',*/ 'Ē' => 'E', 'Ģ' => 'G', 'Ī' => 'i', 'Ķ' => 'k', 'Ļ' => 'L', 'Ņ' => 'N', - /*'Š' => 'S',*/ 'Ū' => 'u', + 'Ā' => 'A',/* 'Č' => 'C',*/ + 'Ē' => 'E', 'Ģ' => 'G', 'Ī' => 'i', 'Ķ' => 'k', 'Ļ' => 'L', 'Ņ' => 'N', + /*'Š' => 'S',*/ + 'Ū' => 'u', 'ā' => 'a', 'ē' => 'e', 'ģ' => 'g', 'ī' => 'i', 'ķ' => 'k', 'ļ' => 'l', 'ņ' => 'n', - 'ū' => 'u', + 'ū' => 'u', - 'ľ' => 'l', 'ŕ'=>'r', + 'ľ' => 'l', 'ŕ' => 'r', ); return str_replace(array_keys($char_map), $char_map, $text); @@ -1948,7 +2042,6 @@ class e_parse extends e_parser } - /** * Use it on html attributes to avoid breaking markup . * @param string $text @@ -1956,6 +2049,7 @@ class e_parse extends e_parser */ public function toAttribute($text) { + // URLs posted without HTML access may have an & in them. // Xhtml compliance. @@ -1964,6 +2058,7 @@ class e_parse extends e_parser if(!preg_match('/&#|\'|"|<|>/s', $text)) { $text = $this->replaceConstants($text); + return $text; } else @@ -1981,6 +2076,7 @@ class e_parse extends e_parser */ public function toJS($stringarray) { + $search = array("\r\n", "\r", '
', "'"); $replace = array("\\n", '', "\\n", "\'"); $stringarray = str_replace($search, $replace, $stringarray); @@ -2008,6 +2104,7 @@ class e_parse extends e_parser */ public function toJSON($var, $force_object = false) { + // The PHP version cannot change within a request. static $php530; @@ -2040,6 +2137,7 @@ class e_parse extends e_parser */ public function toJSONhelper($var) { + switch(gettype($var)) { case 'boolean': @@ -2117,6 +2215,7 @@ class e_parse extends e_parser { $output[] = $this->toJSONhelper($v); } + return '[ ' . implode(', ', $output) . ' ]'; } break; @@ -2126,8 +2225,9 @@ class e_parse extends e_parser $output = array(); foreach($var as $k => $v) { - $output[] = $this->toJSONhelper((string)$k) . ':' . $this->toJSONhelper($v); + $output[] = $this->toJSONhelper((string) $k) . ':' . $this->toJSONhelper($v); } + return '{' . implode(', ', $output) . '}'; default: @@ -2145,6 +2245,7 @@ class e_parse extends e_parser */ public function toRss($text, $tags = false) { + if($tags != true) { $text = $this->toHTML($text, true); @@ -2154,7 +2255,7 @@ class e_parse extends e_parser $text = $this->toEmail($text); $search = array('&#039;', '&#036;', ''', '$', e_BASE, "href='request.php", '', ''); - $replace = array("'", '$', "'", '$', SITEURL, "href='".SITEURL. 'request.php', '', '' ); + $replace = array("'", '$', "'", '$', SITEURL, "href='" . SITEURL . 'request.php', '', ''); $text = str_replace($search, $replace, $text); $text = $this->ampEncode($text); @@ -2164,7 +2265,7 @@ class e_parse extends e_parser if($tags == true && ($text)) { - $text = ''; + $text = ''; } return $text; @@ -2179,31 +2280,33 @@ class e_parse extends e_parser */ public function toNumber($value) { + // adapted from: https://secure.php.net/manual/en/function.floatval.php#114486 $dotPos = strrpos($value, '.'); $commaPos = strrpos($value, ','); $sep = (($dotPos > $commaPos) && $dotPos) ? $dotPos : ((($commaPos > $dotPos) && $commaPos) ? $commaPos : false); - - if (!$sep) { + + if(!$sep) + { return preg_replace('/[^-0-9]/', '', $value); } - + return ( preg_replace('/[^-0-9]/', '', substr($value, 0, $sep)) . '.' . - preg_replace('/[^0-9]/', '', substr($value, $sep+1, strlen($value))) + preg_replace('/[^0-9]/', '', substr($value, $sep + 1, strlen($value))) ); } - /** * Clean and Encode Ampersands '&' for output to browser. * @param string $text * @return mixed|string */ - private function ampEncode($text='') + private function ampEncode($text = '') { + // Fix any left-over '&' //first revert any previously converted. $text = str_replace(array('&', '&'), array('&', '&'), $text); @@ -2222,20 +2325,21 @@ class e_parse extends e_parser if($this->isBBcode($text) === true) // convert any bbcodes to html { - $text = $this->toHTML($text,true); + $text = $this->toHTML($text, true); } if($this->isHtml($text) === true) // strip any html. { - $text = $this->toHTML($text,true); - $text = str_replace("\n", '',$text); // clean-out line-breaks. - $text = str_ireplace( array('
', '
', '
'), "\n", $text); + $text = $this->toHTML($text, true); + $text = str_replace("\n", '', $text); // clean-out line-breaks. + $text = str_ireplace(array('
', '
', '
'), "\n", $text); $text = strip_tags($text); } $search = array('&#039;', '&#036;', ''', '$', '\', '&#092;'); $replace = array("'", '$', "'", '$', "\\", "\\"); $text = str_replace($search, $replace, $text); + return $text; } @@ -2243,23 +2347,24 @@ class e_parse extends e_parser /** * Set the dimensions of a thumbNail (generated by thumbUrl) */ - public function setThumbSize($w=null,$h=null,$crop=null) + public function setThumbSize($w = null, $h = null, $crop = null) { + if($w !== null) { $this->thumbWidth = (int) $w; } - + if($h !== null) { $this->thumbHeight = (int) $h; - } - + } + if($crop !== null) { $this->thumbCrop = (int) $crop; - } - + } + } public function thumbEncode($val = null) @@ -2268,6 +2373,7 @@ class e_parse extends e_parser if($val !== null) { $this->thumbEncode = (int) $val; + return null; } @@ -2281,9 +2387,10 @@ class e_parse extends e_parser */ public function thumbDimensions($type = 'single') { + if(!empty($this->thumbCrop) && !empty($this->thumbWidth) && !empty($this->thumbHeight)) // dimensions are known. { - return ($type === 'double') ? 'width="'.$this->thumbWidth.'" height="'.$this->thumbHeight.'"' : "width='".$this->thumbWidth."' height='".$this->thumbHeight."'"; + return ($type === 'double') ? 'width="' . $this->thumbWidth . '" height="' . $this->thumbHeight . '"' : "width='" . $this->thumbWidth . "' height='" . $this->thumbHeight . "'"; } return null; @@ -2291,25 +2398,27 @@ class e_parse extends e_parser /** - * Set or Get the value of the thumbNail Width. + * Set or Get the value of the thumbNail Width. * @param $width (optional) */ - public function thumbWidth($width=null) + public function thumbWidth($width = null) { + if($width !== null) { $this->thumbWidth = (int) $width; } - - return $this->thumbWidth; + + return $this->thumbWidth; } /** * Set or Get the value of the thumbNailbCrop. * @param bool $status = true/false */ - public function thumbCrop($status=false) + public function thumbCrop($status = false) { + if($status !== false) { $this->thumbCrop = (int) $status; @@ -2319,20 +2428,20 @@ class e_parse extends e_parser } - /** - * Set or Get the value of the thumbNail height. + * Set or Get the value of the thumbNail height. * @param $height (optional) */ - public function thumbHeight($height= null) + public function thumbHeight($height = null) { + if($height !== null) { $this->thumbHeight = (int) $height; } - - return $this->thumbHeight; - + + return $this->thumbHeight; + } /** @@ -2342,8 +2451,9 @@ class e_parse extends e_parser * @param string $log (optional) - log file name * @return null|string */ - public function thumbCacheFile($path, $options=null, $log=null) + public function thumbCacheFile($path, $options = null, $log = null) { + if(empty($path)) { return null; @@ -2351,25 +2461,25 @@ class e_parse extends e_parser if(is_string($options)) { - parse_str($options,$options); + parse_str($options, $options); } $path = str_replace($this->getUrlConstants('raw'), $this->getUrlConstants('sc'), $path); $path = $this->replaceConstants(str_replace('..', '', $path)); - $filename = basename($path); - $tmp = explode('.',$filename); - $ext = end($tmp); - $len = strlen($ext) + 1; - $start = substr($filename,0, - $len); + $filename = basename($path); + $tmp = explode('.', $filename); + $ext = end($tmp); + $len = strlen($ext) + 1; + $start = substr($filename, 0, -$len); // cleanup. $newOpts = array( - 'w' => (string) intval($options['w']), - 'h' => (string) intval($options['h']), - 'aw' => (string) intval($options['aw']), - 'ah' => (string) intval($options['ah']), - 'c' => strtoupper(vartrue($options['c'],'0')), + 'w' => (string) intval($options['w']), + 'h' => (string) intval($options['h']), + 'aw' => (string) intval($options['aw']), + 'ah' => (string) intval($options['ah']), + 'c' => strtoupper(vartrue($options['c'], '0')), ); if(!empty($options['type'])) @@ -2390,16 +2500,16 @@ class e_parse extends e_parser } - $size = varset($options['w'],0).'x'.varset($options['h'],0); + $size = varset($options['w'], 0) . 'x' . varset($options['h'], 0); - $thumbQuality = e107::getPref('thumbnail_quality',65); + $thumbQuality = e107::getPref('thumbnail_quality', 65); - $cache_str = md5(serialize($newOpts).$path. $thumbQuality); + $cache_str = md5(serialize($newOpts) . $path . $thumbQuality); $pre = 'thumb_'; $post = '.cache.bin'; - // $cache_str = http_build_query($newOpts,null,'_'); // testing files. + // $cache_str = http_build_query($newOpts,null,'_'); // testing files. if(defined('e_MEDIA_STATIC')) // experimental - subject to change. { @@ -2407,27 +2517,25 @@ class e_parse extends e_parser $post = ''; } - $fname = $pre.strtolower($start.'_'.$cache_str.'_'.$size.'.'.$ext).$post; + $fname = $pre . strtolower($start . '_' . $cache_str . '_' . $size . '.' . $ext) . $post; if($log !== null) { - file_put_contents(e_LOG.$log, "\n++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n\n", FILE_APPEND); - $message = 'Name: ' .$fname."\n"; - $message .= $path."\n".var_export($newOpts,true)."\n\n\n"; - file_put_contents(e_LOG.$log, $message, FILE_APPEND); + file_put_contents(e_LOG . $log, "\n++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n\n", FILE_APPEND); + $message = 'Name: ' . $fname . "\n"; + $message .= $path . "\n" . var_export($newOpts, true) . "\n\n\n"; + file_put_contents(e_LOG . $log, $message, FILE_APPEND); - // file_put_contents(e_LOG.$log, "\t\tFOUND!!\n\n\n", FILE_APPEND); + // file_put_contents(e_LOG.$log, "\t\tFOUND!!\n\n\n", FILE_APPEND); } - return $fname; } - - private function staticCount($val=false) + private function staticCount($val = false) { $count = $this->staticCount; @@ -2438,7 +2546,7 @@ class e_parse extends e_parser } elseif($val !== false) { - $this->staticCount += (int)$val; + $this->staticCount += (int) $val; } return $count; @@ -2447,13 +2555,14 @@ class e_parse extends e_parser /** - * @todo Move to e107_class ? * @param string $path - absolute path or e107 path {e_PLUGIN} etc. * @param array $opts - when $opts['full'] is true, a full siteurl will be used instead of an absolute path. (unless static url is found) * @return string - full path or static path. + * @todo Move to e107_class ? */ - public function staticUrl($path=null, $opts=array()) + public function staticUrl($path = null, $opts = array()) { + if(empty($this->staticUrl) || deftrue('e_ADMIN_AREA')) { // e107::getDebug()->log("e_HTTP_STATIC not defined"); @@ -2471,7 +2580,7 @@ class e_parse extends e_parser { $cnt = count($staticArray); $staticCount = $this->staticCount(); - if($staticCount > ($cnt -1)) + if($staticCount > ($cnt - 1)) { $staticCount = 0; $this->staticCount(0); @@ -2505,17 +2614,17 @@ class e_parse extends e_parser $repl = array( - $http.$base.e107::getFolder('plugins'), - $http.$base.e107::getFolder('themes'), - $http.$base.e107::getFolder('web'), - $http.$base.str_replace('../', '', e_CACHE_IMAGE), + $http . $base . e107::getFolder('plugins'), + $http . $base . e107::getFolder('themes'), + $http . $base . e107::getFolder('web'), + $http . $base . str_replace('../', '', e_CACHE_IMAGE), ); - $ret = str_replace($srch,$repl,$path); + $ret = str_replace($srch, $repl, $path); if(strpos($ret, 'http') !== 0) // if not converted, check media folder also. { - $ret = str_replace(e_MEDIA_ABS,$http.$base.e107::getFolder('media'),$ret); + $ret = str_replace(e_MEDIA_ABS, $http . $base . e107::getFolder('media'), $ret); } return $ret; @@ -2528,6 +2637,7 @@ class e_parse extends e_parser */ public function setStaticUrl($url) { + $this->staticUrl = $url; } @@ -2535,18 +2645,19 @@ class e_parse extends e_parser * Generate an auto-sized Image URL. * @param $url - path to image or leave blank for a placeholder. eg. {e_MEDIA}folder/my-image.jpg * @param array $options - width and height, but leaving this empty and using $this->thumbWidth() and $this->thumbHeight() is preferred. ie. {SETWIDTH: w=x&y=x} - * @param int $options['w'] width (optional) - * @param int $options['h'] height (optional) + * @param int $options ['w'] width (optional) + * @param int $options ['h'] height (optional) * @param bool|string $options ['crop'] true/false or A(auto) or T(op) or B(ottom) or C(enter) or L(eft) or R(right) - * @param string $options['scale'] '2x' (optional) - * @param bool $options['x'] encode/mask the url parms (optional) - * @param bool $options['nosef'] when set to true disabled SEF Url being returned (optional) + * @param string $options ['scale'] '2x' (optional) + * @param bool $options ['x'] encode/mask the url parms (optional) + * @param bool $options ['nosef'] when set to true disabled SEF Url being returned (optional) * @param bool $raw set to true when the $url does not being with an e107 variable ie. "{e_XXXX}" eg. {e_MEDIA} (optional) * @param bool $full when true returns full http:// url. (optional) * @return string */ - public function thumbUrl($url=null, $options = array(), $raw = false, $full = false) + public function thumbUrl($url = null, $options = array(), $raw = false, $full = false) { + $this->staticCount++; // increment counter. $ext = pathinfo($url, PATHINFO_EXTENSION); @@ -2560,9 +2671,9 @@ class e_parse extends e_parser { //$url = $this->replaceConstants($url,'abs'); // always switch to 'nice' urls when SC is used - $url = str_replace($this->getUrlConstants('sc'), $this->getUrlConstants('raw'), $url); + $url = str_replace($this->getUrlConstants('sc'), $this->getUrlConstants('raw'), $url); } - + if(is_string($options)) { parse_str($options, $options); @@ -2573,49 +2684,49 @@ class e_parse extends e_parser $options['return'] = 'src'; $options['size'] = $options['scale']; unset($options['scale']); - return $this->thumbSrcSet($url,$options); + + return $this->thumbSrcSet($url, $options); } - if(strpos($url, e_MEDIA) !== false || strpos($url, e_SYSTEM) !== false) // prevent disclosure of 'hashed' path. { - $raw = true; + $raw = true; } if($raw) { $url = $this->createConstants($url, 'mix'); } - - $baseurl = ($full ? SITEURL : e_HTTP).'thumb.php?'; + + $baseurl = ($full ? SITEURL : e_HTTP) . 'thumb.php?'; if(!empty($this->staticUrl)) { - $baseurl = $this->staticUrl().'thumb.php?'; + $baseurl = $this->staticUrl() . 'thumb.php?'; } - - $thurl = 'src='.urlencode($url).'&'; - // e107::getDebug()->log("Thumb: ".basename($url). print_a($options,true), E107_DBG_BASIC); + $thurl = 'src=' . urlencode($url) . '&'; + + // e107::getDebug()->log("Thumb: ".basename($url). print_a($options,true), E107_DBG_BASIC); if(!empty($options) && (isset($options['w']) || isset($options['aw']) || isset($options['h']))) { - $options['w'] = varset($options['w']); - $options['h'] = varset($options['h']); - $options['crop'] = (isset($options['aw']) || isset($options['ah'])) ? 1 : varset($options['crop']); - $options['aw'] = varset($options['aw']); - $options['ah'] = varset($options['ah']); - $options['x'] = varset($options['x']); + $options['w'] = varset($options['w']); + $options['h'] = varset($options['h']); + $options['crop'] = (isset($options['aw']) || isset($options['ah'])) ? 1 : varset($options['crop']); + $options['aw'] = varset($options['aw']); + $options['ah'] = varset($options['ah']); + $options['x'] = varset($options['x']); } else { - $options['w'] = $this->thumbWidth; - $options['h'] = $this->thumbHeight; - $options['crop'] = $this->thumbCrop; - $options['aw'] = null; - $options['ah'] = null; - $options['x'] = $this->thumbEncode; + $options['w'] = $this->thumbWidth; + $options['h'] = $this->thumbHeight; + $options['crop'] = $this->thumbCrop; + $options['aw'] = null; + $options['ah'] = null; + $options['x'] = $this->thumbEncode; } @@ -2624,15 +2735,15 @@ class e_parse extends e_parser { if(!empty($options['aw']) || !empty($options['ah'])) { - $options['w'] = $options['aw'] ; - $options['h'] = $options['ah'] ; + $options['w'] = $options['aw']; + $options['h'] = $options['ah']; } - $thurl .= 'aw='.(int) $options['w'].'&ah='.(int) $options['h']; + $thurl .= 'aw=' . (int) $options['w'] . '&ah=' . (int) $options['h']; if(!is_numeric($options['crop'])) { - $thurl .= '&c='.$options['crop']; + $thurl .= '&c=' . $options['crop']; $options['nosef'] = true; } @@ -2640,7 +2751,7 @@ class e_parse extends e_parser else { - $thurl .= 'w='.(int) $options['w'].'&h='.(int) $options['h']; + $thurl .= 'w=' . (int) $options['w'] . '&h=' . (int) $options['h']; } @@ -2657,15 +2768,15 @@ class e_parse extends e_parser $staticFile = $this->thumbCacheFile($url, $opts); - - if(!empty($staticFile) && is_readable(e_CACHE_IMAGE.$staticFile)) + if(!empty($staticFile) && is_readable(e_CACHE_IMAGE . $staticFile)) { - $staticImg = $this->staticUrl(e_CACHE_IMAGE_ABS.$staticFile); - // var_dump($staticImg); + $staticImg = $this->staticUrl(e_CACHE_IMAGE_ABS . $staticFile); + + // var_dump($staticImg); return $staticImg; } - // echo "
static-not-found: ".$staticFile; + // echo "
static-not-found: ".$staticFile; $options['nosef'] = true; $options['x'] = null; @@ -2673,29 +2784,28 @@ class e_parse extends e_parser } - if(e_MOD_REWRITE_MEDIA == true && empty($options['nosef']) )// Experimental SEF URL support. + if(e_MOD_REWRITE_MEDIA == true && empty($options['nosef']))// Experimental SEF URL support. { $options['full'] = $full; - $options['ext'] = substr($url,-3); + $options['ext'] = substr($url, -3); $options['thurl'] = $thurl; - // $options['x'] = $this->thumbEncode(); + // $options['x'] = $this->thumbEncode(); - if($sefUrl = $this->thumbUrlSEF($url,$options)) + if($sefUrl = $this->thumbUrlSEF($url, $options)) { return $sefUrl; } } - if(!empty($options['x'] ))//base64 encode url + if(!empty($options['x']))//base64 encode url { - $thurl = 'id='.base64_encode($thurl); + $thurl = 'id=' . base64_encode($thurl); } - return $baseurl.$thurl; + return $baseurl . $thurl; } - /** * Split a thumb.php url into an array which can be parsed back into the thumbUrl method. . * @param $src @@ -2703,33 +2813,34 @@ class e_parse extends e_parser */ public function thumbUrlDecode($src) { - list($url,$qry) = array_pad(explode('?',$src), 2, null); + + list($url, $qry) = array_pad(explode('?', $src), 2, null); $ret = array(); if(!empty($qry) && strpos($url, 'thumb.php') !== false) // Regular { - parse_str($qry,$val); + parse_str($qry, $val); $ret = $val; } - elseif(preg_match('/media\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)/',$url,$match)) // SEF + elseif(preg_match('/media\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)/', $url, $match)) // SEF { - $wKey = $match[1].'w'; - $hKey = $match[3].'h'; + $wKey = $match[1] . 'w'; + $hKey = $match[3] . 'h'; $ret = array( - 'src'=> 'e_MEDIA_IMAGE/'.$match[5], + 'src' => 'e_MEDIA_IMAGE/' . $match[5], $wKey => $match[2], $hKey => $match[4] ); } elseif(preg_match('/theme\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)/', $url, $match)) // Theme-image SEF Urls { - $wKey = $match[1].'w'; - $hKey = $match[3].'h'; + $wKey = $match[1] . 'w'; + $hKey = $match[3] . 'h'; $ret = array( - 'src'=> 'e_THEME/'.$match[5], + 'src' => 'e_THEME/' . $match[5], $wKey => $match[2], $hKey => $match[4] ); @@ -2746,15 +2857,15 @@ class e_parse extends e_parser } - /** * Experimental: Generate a Thumb URL for use in the img srcset attribute. * @param string $src eg. {e_MEDIA_IMAGE}myimage.jpg * @param int|string|array $width - desired size in px or '2x' or '3x' or null for all or array ( * @return string */ - public function thumbSrcSet($src='', $width=null) + public function thumbSrcSet($src = '', $width = null) { + $multiply = null; $encode = false; $parm = array(); @@ -2768,24 +2879,24 @@ class e_parse extends e_parser } - // $encode = $this->thumbEncode();; + // $encode = $this->thumbEncode();; if($width == null || $width === 'all') { $links = array(); - $mag = ($width == null) ? array(1, 2) : array(160,320,460,600,780,920,1100); + $mag = ($width == null) ? array(1, 2) : array(160, 320, 460, 600, 780, 920, 1100); foreach($mag as $v) { $w = ($this->thumbWidth * $v); - $h = ($this->thumbHeight * $v); + $h = ($this->thumbHeight * $v); $att = (!empty($this->thumbCrop)) ? array('aw' => $w, 'ah' => $h) : compact('w', 'h'); $att['x'] = $encode; - $add = ($width == null) ? ' ' .$v. 'x' : ' ' .$v. 'w'; - $links[] = $this->thumbUrl($src, $att).$add; // " w".$width; // + $add = ($width == null) ? ' ' . $v . 'x' : ' ' . $v . 'w'; + $links[] = $this->thumbUrl($src, $att) . $add; // " w".$width; // } - return implode(', ',$links); + return implode(', ', $links); } elseif($multiply === '2x' || $multiply === '3x' || $multiply === '4x') @@ -2794,8 +2905,9 @@ class e_parse extends e_parser if(empty($parm['w']) && isset($parm['h'])) { - $parm['h'] = ($parm['h'] * $multiInt) ; - return $this->thumbUrl($src, $parm). ' ' .$multiply; + $parm['h'] = ($parm['h'] * $multiInt); + + return $this->thumbUrl($src, $parm) . ' ' . $multiply; } if(isset($parm['w']) && !isset($parm['h'])) // if w set, assume h value of 0 is set. @@ -2814,7 +2926,6 @@ class e_parse extends e_parser } - if(!isset($parm['aw'])) { $parm['aw'] = null; @@ -2835,13 +2946,13 @@ class e_parse extends e_parser $parm['crop'] = null; } - $parms = array('w'=>$width,'h'=>$height,'crop'=> $parm['crop'],'x'=>$parm['x'], 'aw'=>$parm['aw'],'ah'=>$parm['ah']); + $parms = array('w' => $width, 'h' => $height, 'crop' => $parm['crop'], 'x' => $parm['x'], 'aw' => $parm['aw'], 'ah' => $parm['ah']); if(!empty($parm['type'])) { $parms['type'] = $parm['type']; } - // $parms = !empty($this->thumbCrop) ? array('aw' => $width, 'ah' => $height, 'x'=>$encode) : array('w' => $width, 'h' => $height, 'x'=>$encode ); + // $parms = !empty($this->thumbCrop) ? array('aw' => $width, 'ah' => $height, 'x'=>$encode) : array('w' => $width, 'h' => $height, 'x'=>$encode ); // $parms['x'] = $encode; @@ -2852,28 +2963,28 @@ class e_parse extends e_parser $ret = $this->thumbUrl($src, $parms); - $ret .= ($multiply) ? ' ' .$multiply : ' ' .$width. 'w'; + $ret .= ($multiply) ? ' ' . $multiply : ' ' . $width . 'w'; - return $ret; + return $ret; } - public function thumbUrlScale($src,$parm) + public function thumbUrlScale($src, $parm) { - } /** - * Used by thumbUrl when SEF Image URLS is active. @see e107.htaccess - * @param $url + * Used by thumbUrl when SEF Image URLS is active. @param $url * @param array $options * @return string + * @see e107.htaccess */ - private function thumbUrlSEF($url='', $options=array()) + private function thumbUrlSEF($url = '', $options = array()) { + if(!empty($options['full'])) { $base = SITEURL; @@ -2887,27 +2998,28 @@ class e_parse extends e_parser { $base = $this->staticUrl(); } - // $base = (!empty($options['full'])) ? SITEURL : e_HTTP; + // $base = (!empty($options['full'])) ? SITEURL : e_HTTP; - if(!empty($options['x']) && !empty($options['ext'])) // base64 encoded. Build URL for: RewriteRule ^media\/img\/([-A-Za-z0-9+/]*={0,3})\.(jpg|gif|png)?$ thumb.php?id=$1 + if(!empty($options['x']) && !empty($options['ext'])) // base64 encoded. Build URL for: RewriteRule ^media\/img\/([-A-Za-z0-9+/]*={0,3})\.(jpg|gif|png)?$ thumb.php?id=$1 { $ext = strtolower($options['ext']); - return $base.'media/img/'.base64_encode($options['thurl']).'.'.str_replace('jpeg', 'jpg', $ext); + + return $base . 'media/img/' . base64_encode($options['thurl']) . '.' . str_replace('jpeg', 'jpg', $ext); } elseif(strpos($url, 'e_MEDIA_IMAGE') !== false) // media images. { $sefPath = 'media/img/'; - $clean = array('{e_MEDIA_IMAGE}','e_MEDIA_IMAGE/'); + $clean = array('{e_MEDIA_IMAGE}', 'e_MEDIA_IMAGE/'); } elseif(strpos($url, 'e_AVATAR') !== false) // avatars { $sefPath = 'media/avatar/'; - $clean = array('{e_AVATAR}','e_AVATAR/'); + $clean = array('{e_AVATAR}', 'e_AVATAR/'); } elseif(strpos($url, 'e_THEME') !== false) // theme folder images. { $sefPath = 'theme/img/'; - $clean = array('{e_THEME}','e_THEME/'); + $clean = array('{e_THEME}', 'e_THEME/'); } else { @@ -2916,33 +3028,33 @@ class e_parse extends e_parser } // Build URL for ReWriteRule ^media\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)?$ thumb.php?src=e_MEDIA_IMAGE/$5&$1w=$2&$3h=$4 - $sefUrl = $base.$sefPath; + $sefUrl = $base . $sefPath; if(!empty($options['aw']) || !empty($options['ah'])) { - $sefUrl .= 'a'.intval($options['aw']) .'xa'. intval($options['ah']); + $sefUrl .= 'a' . intval($options['aw']) . 'xa' . intval($options['ah']); } elseif(!empty($options['crop'])) { if(!is_numeric($options['crop'])) { - $sefUrl .= strtolower($options['crop']).intval($options['w']) .'x'.strtolower($options['crop']). intval($options['h']); + $sefUrl .= strtolower($options['crop']) . intval($options['w']) . 'x' . strtolower($options['crop']) . intval($options['h']); } else { - $sefUrl .= 'a'.intval($options['w']) .'xa'. intval($options['h']); + $sefUrl .= 'a' . intval($options['w']) . 'xa' . intval($options['h']); } } else { - $sefUrl .= intval($options['w']) .'x'. intval($options['h']); + $sefUrl .= intval($options['w']) . 'x' . intval($options['h']); } $sefUrl .= '/'; - $sefUrl .= str_replace($clean,'',$url); + $sefUrl .= str_replace($clean, '', $url); return $sefUrl; @@ -2952,63 +3064,66 @@ class e_parse extends e_parser * Help for converting to more safe URLs * e.g. {e_MEDIA_FILE}path/to/video.flv => e_MEDIA_FILE/path/to/video.flv * - * @todo support for ALL URL shortcodes (replacement methods) * @param string $type sc|raw|rev|all * @return array + * @todo support for ALL URL shortcodes (replacement methods) */ public function getUrlConstants($type = 'sc') { + // sub-folders first! static $array = array( - 'e_MEDIA_FILE/' => '{e_MEDIA_FILE}', - 'e_MEDIA_VIDEO/' => '{e_MEDIA_VIDEO}', - 'e_MEDIA_IMAGE/' => '{e_MEDIA_IMAGE}', - 'e_MEDIA_ICON/' => '{e_MEDIA_ICON}', - 'e_AVATAR/' => '{e_AVATAR}', + 'e_MEDIA_FILE/' => '{e_MEDIA_FILE}', + 'e_MEDIA_VIDEO/' => '{e_MEDIA_VIDEO}', + 'e_MEDIA_IMAGE/' => '{e_MEDIA_IMAGE}', + 'e_MEDIA_ICON/' => '{e_MEDIA_ICON}', + 'e_AVATAR/' => '{e_AVATAR}', 'e_AVATAR_DEFAULT/' => '{e_AVATAR_DEFAULT}', - 'e_AVATAR_UPLOAD/' => '{e_AVATAR_UPLOAD}', - 'e_WEB_JS/' => '{e_WEB_JS}', - 'e_WEB_CSS/' => '{e_WEB_CSS}', - 'e_WEB_IMAGE/' => '{e_WEB_IMAGE}', - 'e_IMPORT/' => '{e_IMPORT}', - // 'e_WEB_PACK/' => '{e_WEB_PACK}', + 'e_AVATAR_UPLOAD/' => '{e_AVATAR_UPLOAD}', + 'e_WEB_JS/' => '{e_WEB_JS}', + 'e_WEB_CSS/' => '{e_WEB_CSS}', + 'e_WEB_IMAGE/' => '{e_WEB_IMAGE}', + 'e_IMPORT/' => '{e_IMPORT}', + // 'e_WEB_PACK/' => '{e_WEB_PACK}', - 'e_BASE/' => '{e_BASE}', - 'e_ADMIN/' => '{e_ADMIN}', - 'e_IMAGE/' => '{e_IMAGE}', - 'e_THEME/' => '{e_THEME}', - 'e_PLUGIN/' => '{e_PLUGIN}', - 'e_HANDLER/' => '{e_HANDLER}', // BC - 'e_MEDIA/' => '{e_MEDIA}', - 'e_WEB/' => '{e_ADMIN}', - // 'THEME/' => '{THEME}', + 'e_BASE/' => '{e_BASE}', + 'e_ADMIN/' => '{e_ADMIN}', + 'e_IMAGE/' => '{e_IMAGE}', + 'e_THEME/' => '{e_THEME}', + 'e_PLUGIN/' => '{e_PLUGIN}', + 'e_HANDLER/' => '{e_HANDLER}', // BC + 'e_MEDIA/' => '{e_MEDIA}', + 'e_WEB/' => '{e_ADMIN}', + // 'THEME/' => '{THEME}', ); - - - switch ($type) + + + switch($type) { case 'sc': return array_values($array); - break; + break; case 'raw': return array_keys($array); - break; + break; case 'rev': return array_reverse($array, true); - break; + break; case 'all': return $array; - break; + break; } + return array(); } public function getEmotes() { + return e107::getEmote()->getList(); } @@ -3018,21 +3133,22 @@ class e_parse extends e_parser * Note: only an ADMIN user can convert {e_ADMIN} * TODO - runtime cache of search/replace arrays (object property) when $mode !== '' * @param string $text - * @param string $mode [optional] abs|full "full" = produce absolute URL path, e.g. http://sitename.com/e107_plugins/etc - * 'abs' = produce truncated URL path, e.g. e107plugins/etc - * "" (default) = URL's get relative path e.g. ../e107_plugins/etc - * @param mixed $all [optional] if TRUE, then when $mode is "full" or TRUE, USERID is also replaced... - * when $mode is "" (default), ALL other e107 constants are replaced + * @param string $mode [optional] abs|full "full" = produce absolute URL path, e.g. http://sitename.com/e107_plugins/etc + * 'abs' = produce truncated URL path, e.g. e107plugins/etc + * "" (default) = URL's get relative path e.g. ../e107_plugins/etc + * @param mixed $all [optional] if TRUE, then when $mode is "full" or TRUE, USERID is also replaced... + * when $mode is "" (default), ALL other e107 constants are replaced * @return string|array */ - public function replaceConstants($text, $mode = '', $all = FALSE) + public function replaceConstants($text, $mode = '', $all = false) { + if(is_array($text)) { $new = array(); - foreach($text as $k=>$v) + foreach($text as $k => $v) { - $new[$k] = $this->replaceConstants($v,$mode,$all); + $new[$k] = $this->replaceConstants($v, $mode, $all); } return $new; @@ -3063,11 +3179,11 @@ class e_parse extends e_parser $e107::getFolder('plugins'), $e107::getFolder('files'), $e107::getFolder('themes'), - // $e107->getFolder('downloads'), + // $e107->getFolder('downloads'), $e107::getFolder('handlers'), $e107::getFolder('media'), $e107::getFolder('web'), - $e107->site_theme ? $e107::getFolder('themes').$e107->site_theme.'/' : '', + $e107->site_theme ? $e107::getFolder('themes') . $e107->site_theme . '/' : '', defset('THEME_ABS'), (ADMIN ? $e107::getFolder('admin') : ''), '', @@ -3078,7 +3194,7 @@ class e_parse extends e_parser $replace_relative = $this->relativePaths; - switch ($mode) + switch($mode) { case 'abs': $replace_absolute = array( @@ -3090,14 +3206,14 @@ class e_parse extends e_parser e_JS_ABS, e_CSS_ABS, e_WEB_IMAGE_ABS, - // e_PACK_ABS, + // e_PACK_ABS, e_IMAGE_ABS, e_THEME_ABS, e_IMAGE_ABS, e_PLUGIN_ABS, e_FILE_ABS, e_THEME_ABS, - // e_DOWNLOAD_ABS, //impossible when download is done via php. + // e_DOWNLOAD_ABS, //impossible when download is done via php. '', // handlers - no ABS path available e_MEDIA_ABS, e_WEB_ABS, @@ -3108,37 +3224,37 @@ class e_parse extends e_parser '', // no e_CORE absolute path '', // no e_SYSTEM absolute path ); - break; + break; case 'full': $replace_absolute = array( - SITEURLBASE.e_MEDIA_FILE_ABS, - SITEURLBASE.e_MEDIA_VIDEO_ABS, - SITEURLBASE.e_MEDIA_IMAGE_ABS, - SITEURLBASE.e_MEDIA_ICON_ABS, - SITEURLBASE.e_AVATAR_ABS, - SITEURLBASE.e_JS_ABS, - SITEURLBASE.e_CSS_ABS, - SITEURLBASE.e_WEB_IMAGE_ABS, - // SITEURLBASE.e_PACK_ABS, - SITEURLBASE.e_IMAGE_ABS, - SITEURLBASE.e_THEME_ABS, - SITEURLBASE.e_IMAGE_ABS, - SITEURLBASE.e_PLUGIN_ABS, - SITEURLBASE.e_FILE_ABS, // deprecated - SITEURLBASE.e_THEME_ABS, + SITEURLBASE . e_MEDIA_FILE_ABS, + SITEURLBASE . e_MEDIA_VIDEO_ABS, + SITEURLBASE . e_MEDIA_IMAGE_ABS, + SITEURLBASE . e_MEDIA_ICON_ABS, + SITEURLBASE . e_AVATAR_ABS, + SITEURLBASE . e_JS_ABS, + SITEURLBASE . e_CSS_ABS, + SITEURLBASE . e_WEB_IMAGE_ABS, + // SITEURLBASE.e_PACK_ABS, + SITEURLBASE . e_IMAGE_ABS, + SITEURLBASE . e_THEME_ABS, + SITEURLBASE . e_IMAGE_ABS, + SITEURLBASE . e_PLUGIN_ABS, + SITEURLBASE . e_FILE_ABS, // deprecated + SITEURLBASE . e_THEME_ABS, //SITEURL.$e107->getFolder('downloads'), '', // handlers - no ABS path available - SITEURLBASE.e_MEDIA_ABS, - SITEURLBASE.e_WEB_ABS, - defset('THEME_ABS') ? SITEURLBASE.THEME_ABS : '', - defset('THEME_ABS') ? SITEURLBASE.THEME_ABS : '', - (ADMIN ? SITEURLBASE.e_ADMIN_ABS : ''), + SITEURLBASE . e_MEDIA_ABS, + SITEURLBASE . e_WEB_ABS, + defset('THEME_ABS') ? SITEURLBASE . THEME_ABS : '', + defset('THEME_ABS') ? SITEURLBASE . THEME_ABS : '', + (ADMIN ? SITEURLBASE . e_ADMIN_ABS : ''), SITEURL, '', // no e_CORE absolute path '', // no e_SYSTEM absolute path ); - break; + break; } // sub-folders first! $search = array( @@ -3150,7 +3266,7 @@ class e_parse extends e_parser '{e_WEB_JS}', '{e_WEB_CSS}', '{e_WEB_IMAGE}', - // '{e_WEB_PACK}', + // '{e_WEB_PACK}', '{e_IMAGE_ABS}', '{e_THEME_ABS}', '{e_IMAGE}', @@ -3176,9 +3292,9 @@ class e_parse extends e_parser $search[] = "{e_ADMIN}"; }*/ - if ($all) + if($all) { - if (USER) + if(USER) { // Can only replace with valid number for logged in users $replace_relative[] = USERID; $replace_absolute[] = USERID; @@ -3207,8 +3323,9 @@ class e_parse extends e_parser $search[] = "{THEME_ABS}"; }*/ - $replace = ((string)$mode === 'full' || (string)$mode === 'abs' ) ? $replace_absolute : $replace_relative; - return str_replace($search,$replace,$text); + $replace = ((string) $mode === 'full' || (string) $mode === 'abs') ? $replace_absolute : $replace_relative; + + return str_replace($search, $replace, $text); } // $pattern = ($all ? "#\{([A-Za-z_0-9]*)\}#s" : "#\{(e_[A-Z]*)\}#s"); @@ -3233,10 +3350,12 @@ class e_parse extends e_parser private function doReplace($matches) { - if(defined($matches[1]) && (deftrue('ADMIN') || strpos($matches[1], 'ADMIN') === FALSE)) + + if(defined($matches[1]) && (deftrue('ADMIN') || strpos($matches[1], 'ADMIN') === false)) { return constant($matches[1]); } + return $matches[1]; } @@ -3249,17 +3368,27 @@ class e_parse extends e_parser */ public function createConstants($url, $mode = 0) { - + //FIXME - create constants for absolute paths and site URL's - if (!is_numeric($mode)) + if(!is_numeric($mode)) { - switch ($mode) + switch($mode) { - case 'rel' : $mode = 1; break; - case 'abs' : $mode = 2; break; - case 'full' : $mode = 3; break; - case 'mix' : $mode = 4; break; - case 'nice': $mode = 5; break; + case 'rel' : + $mode = 1; + break; + case 'abs' : + $mode = 2; + break; + case 'full' : + $mode = 3; + break; + case 'mix' : + $mode = 4; + break; + case 'nice': + $mode = 5; + break; } } $e107 = e107::getInstance(); @@ -3267,131 +3396,133 @@ class e_parse extends e_parser { case 0: // folder name only. $tmp = array( - '{e_MEDIA_FILE}' => $e107::getFolder('media_files'), - '{e_MEDIA_VIDEO}' => $e107::getFolder('media_videos'), - '{e_MEDIA_IMAGE}' => $e107::getFolder('media_images'), - '{e_MEDIA_ICON}' => $e107::getFolder('media_icons'), - '{e_AVATAR}' => $e107::getFolder('avatars'), - '{e_WEB_JS}' => $e107::getFolder('web_js'), - '{e_WEB_CSS}' => $e107::getFolder('web_css'), - '{e_WEB_IMAGE}' => $e107::getFolder('web_images'), - // '{e_WEB_PACK}' => $e107::getFolder('web_packs'), + '{e_MEDIA_FILE}' => $e107::getFolder('media_files'), + '{e_MEDIA_VIDEO}' => $e107::getFolder('media_videos'), + '{e_MEDIA_IMAGE}' => $e107::getFolder('media_images'), + '{e_MEDIA_ICON}' => $e107::getFolder('media_icons'), + '{e_AVATAR}' => $e107::getFolder('avatars'), + '{e_WEB_JS}' => $e107::getFolder('web_js'), + '{e_WEB_CSS}' => $e107::getFolder('web_css'), + '{e_WEB_IMAGE}' => $e107::getFolder('web_images'), + // '{e_WEB_PACK}' => $e107::getFolder('web_packs'), - '{e_IMAGE}' => $e107::getFolder('images'), - '{e_PLUGIN}' => $e107::getFolder('plugins'), - '{e_FILE}' => $e107::getFolder('files'), - '{e_THEME}' => $e107::getFolder('themes'), - '{e_DOWNLOAD}' => $e107::getFolder('downloads'), - '{e_ADMIN}' => $e107::getFolder('admin'), - '{e_HANDLER}' => $e107::getFolder('handlers'), - '{e_MEDIA}' => $e107::getFolder('media'), - '{e_WEB}' => $e107::getFolder('web'), - '{e_UPLOAD}' => $e107::getFolder('uploads'), - ); - - break; + '{e_IMAGE}' => $e107::getFolder('images'), + '{e_PLUGIN}' => $e107::getFolder('plugins'), + '{e_FILE}' => $e107::getFolder('files'), + '{e_THEME}' => $e107::getFolder('themes'), + '{e_DOWNLOAD}' => $e107::getFolder('downloads'), + '{e_ADMIN}' => $e107::getFolder('admin'), + '{e_HANDLER}' => $e107::getFolder('handlers'), + '{e_MEDIA}' => $e107::getFolder('media'), + '{e_WEB}' => $e107::getFolder('web'), + '{e_UPLOAD}' => $e107::getFolder('uploads'), + ); + + break; - case 1: // relative path only $tmp = array( - '{e_MEDIA_FILE}' => e_MEDIA_FILE, - '{e_MEDIA_VIDEO}' => e_MEDIA_VIDEO, - '{e_MEDIA_IMAGE}' => e_MEDIA_IMAGE, - '{e_MEDIA_ICON}' => e_MEDIA_ICON, - '{e_AVATAR}' => e_AVATAR, - '{e_IMPORT}' => e_IMPORT, - '{e_WEB_JS}' => e_WEB_JS, - '{e_WEB_CSS}' => e_WEB_CSS, - '{e_WEB_IMAGE}' => e_WEB_IMAGE, - // '{e_WEB_PACK}' => e_WEB_PACK, + '{e_MEDIA_FILE}' => e_MEDIA_FILE, + '{e_MEDIA_VIDEO}' => e_MEDIA_VIDEO, + '{e_MEDIA_IMAGE}' => e_MEDIA_IMAGE, + '{e_MEDIA_ICON}' => e_MEDIA_ICON, + '{e_AVATAR}' => e_AVATAR, + '{e_IMPORT}' => e_IMPORT, + '{e_WEB_JS}' => e_WEB_JS, + '{e_WEB_CSS}' => e_WEB_CSS, + '{e_WEB_IMAGE}' => e_WEB_IMAGE, + // '{e_WEB_PACK}' => e_WEB_PACK, - '{e_IMAGE}' => e_IMAGE, - '{e_PLUGIN}' => e_PLUGIN, - '{e_FILE}' => e_FILE, - '{e_THEME}' => e_THEME, - '{e_DOWNLOAD}' => e_DOWNLOAD, - '{e_ADMIN}' => e_ADMIN, - '{e_HANDLER}' => e_HANDLER, - '{e_MEDIA}' => e_MEDIA, - '{e_WEB}' => e_WEB, - '{e_UPLOAD}' => e_UPLOAD, + '{e_IMAGE}' => e_IMAGE, + '{e_PLUGIN}' => e_PLUGIN, + '{e_FILE}' => e_FILE, + '{e_THEME}' => e_THEME, + '{e_DOWNLOAD}' => e_DOWNLOAD, + '{e_ADMIN}' => e_ADMIN, + '{e_HANDLER}' => e_HANDLER, + '{e_MEDIA}' => e_MEDIA, + '{e_WEB}' => e_WEB, + '{e_UPLOAD}' => e_UPLOAD, ); - break; + break; case 2: // absolute path only $tmp = array( - '{e_MEDIA_FILE}' => e_MEDIA_FILE_ABS, - '{e_MEDIA_VIDEO}' => e_MEDIA_VIDEO_ABS, - '{e_MEDIA_IMAGE}' => e_MEDIA_IMAGE_ABS, - '{e_MEDIA_ICON}' => e_MEDIA_ICON_ABS, - '{e_AVATAR}' => e_AVATAR_ABS, - '{e_WEB_JS}' => e_JS_ABS, - '{e_WEB_CSS}' => e_CSS_ABS, - '{e_WEB_IMAGE}' => e_WEB_IMAGE_ABS, - // '{e_WEB_PACK}' => e_PACK_ABS, + '{e_MEDIA_FILE}' => e_MEDIA_FILE_ABS, + '{e_MEDIA_VIDEO}' => e_MEDIA_VIDEO_ABS, + '{e_MEDIA_IMAGE}' => e_MEDIA_IMAGE_ABS, + '{e_MEDIA_ICON}' => e_MEDIA_ICON_ABS, + '{e_AVATAR}' => e_AVATAR_ABS, + '{e_WEB_JS}' => e_JS_ABS, + '{e_WEB_CSS}' => e_CSS_ABS, + '{e_WEB_IMAGE}' => e_WEB_IMAGE_ABS, + // '{e_WEB_PACK}' => e_PACK_ABS, - '{e_IMAGE}' => e_IMAGE_ABS, - '{e_PLUGIN}' => e_PLUGIN_ABS, - '{e_FILE}' => e_FILE_ABS, // deprecated - '{e_THEME}' => e_THEME_ABS, - '{e_DOWNLOAD}' => e_HTTP.'request.php?',// FIXME - we need solution! - '{e_ADMIN}' => e_ADMIN_ABS, + '{e_IMAGE}' => e_IMAGE_ABS, + '{e_PLUGIN}' => e_PLUGIN_ABS, + '{e_FILE}' => e_FILE_ABS, // deprecated + '{e_THEME}' => e_THEME_ABS, + '{e_DOWNLOAD}' => e_HTTP . 'request.php?',// FIXME - we need solution! + '{e_ADMIN}' => e_ADMIN_ABS, //'{e_HANDLER}' => e_HANDLER_ABS, - no ABS path available - '{e_MEDIA}' => e_MEDIA_ABS, - '{e_WEB}' => e_WEB_ABS, - '{e_BASE}' => e_HTTP, + '{e_MEDIA}' => e_MEDIA_ABS, + '{e_WEB}' => e_WEB_ABS, + '{e_BASE}' => e_HTTP, ); - break; + break; case 3: // full path (e.g http://domain.com/e107_images/) $tmp = array( - '{e_MEDIA_FILE}' => SITEURLBASE.e_MEDIA_FILE_ABS, - '{e_MEDIA_VIDEO}' => SITEURLBASE.e_MEDIA_VIDEO_ABS, - '{e_MEDIA_IMAGE}' => SITEURLBASE.e_MEDIA_IMAGE_ABS, - '{e_MEDIA_ICON}' => SITEURLBASE.e_MEDIA_ICON_ABS, - '{e_AVATAR}' => SITEURLBASE.e_AVATAR_ABS, - '{e_WEB_JS}' => SITEURLBASE.e_JS_ABS, - '{e_WEB_CSS}' => SITEURLBASE.e_CSS_ABS, - '{e_WEB_IMAGE}' => SITEURLBASE.e_WEB_IMAGE_ABS, - // '{e_WEB_PACK}' => SITEURLBASE.e_PACK_ABS, + '{e_MEDIA_FILE}' => SITEURLBASE . e_MEDIA_FILE_ABS, + '{e_MEDIA_VIDEO}' => SITEURLBASE . e_MEDIA_VIDEO_ABS, + '{e_MEDIA_IMAGE}' => SITEURLBASE . e_MEDIA_IMAGE_ABS, + '{e_MEDIA_ICON}' => SITEURLBASE . e_MEDIA_ICON_ABS, + '{e_AVATAR}' => SITEURLBASE . e_AVATAR_ABS, + '{e_WEB_JS}' => SITEURLBASE . e_JS_ABS, + '{e_WEB_CSS}' => SITEURLBASE . e_CSS_ABS, + '{e_WEB_IMAGE}' => SITEURLBASE . e_WEB_IMAGE_ABS, + // '{e_WEB_PACK}' => SITEURLBASE.e_PACK_ABS, - '{e_IMAGE}' => SITEURLBASE.e_IMAGE_ABS, - '{e_PLUGIN}' => SITEURLBASE.e_PLUGIN_ABS, - '{e_FILE}' => SITEURLBASE.e_FILE_ABS, // deprecated - '{e_THEME}' => SITEURLBASE.e_THEME_ABS, - '{e_DOWNLOAD}' => SITEURLBASE.e_HTTP.'request.php?',// FIXME - we need solution! - '{e_ADMIN}' => SITEURLBASE.e_ADMIN_ABS, + '{e_IMAGE}' => SITEURLBASE . e_IMAGE_ABS, + '{e_PLUGIN}' => SITEURLBASE . e_PLUGIN_ABS, + '{e_FILE}' => SITEURLBASE . e_FILE_ABS, // deprecated + '{e_THEME}' => SITEURLBASE . e_THEME_ABS, + '{e_DOWNLOAD}' => SITEURLBASE . e_HTTP . 'request.php?',// FIXME - we need solution! + '{e_ADMIN}' => SITEURLBASE . e_ADMIN_ABS, //'{e_HANDLER}' => e_HANDLER_ABS, - no ABS path available - '{e_MEDIA}' => SITEURLBASE.e_MEDIA_ABS, - '{e_WEB}' => SITEURLBASE.e_WEB_ABS, - '{e_BASE}' => SITEURL, + '{e_MEDIA}' => SITEURLBASE . e_MEDIA_ABS, + '{e_WEB}' => SITEURLBASE . e_WEB_ABS, + '{e_BASE}' => SITEURL, ); - break; + break; case 4: // absolute & relative paths $url = $this->createConstants($url, 3); $url = $this->createConstants($url, 2); $url = $this->createConstants($url, 1); + return $url; - break; + break; case 5: // nice urls - e.g. e_MEDIA_VIDEO/mystream.flv $url = $this->createConstants($url, 4); + return str_replace($this->getUrlConstants('sc'), $this->getUrlConstants('raw'), $url); - break; + break; default: $tmp = array(); - break; + break; } $hasCDN = strpos($url, '//') === 0; - foreach($tmp as $key=>$val) + foreach($tmp as $key => $val) { // Fix - don't break the CDN '//cdn.com' URLs - if ($hasCDN && $val === '/') { + if($hasCDN && $val === '/') + { continue; } @@ -3410,31 +3541,32 @@ class e_parse extends e_parser //FIXME - $match not used? public function e_highlight($text, $match) { + $tags = array(); preg_match_all('#<[^>]+>#', $text, $tags); $text = preg_replace('#<[^>]+>#', '<|>', $text); $text = preg_replace('#(\b".$match."\b)#i', '\\1', $text); - foreach ($tags[0] as $tag) + foreach($tags[0] as $tag) { $text = preg_replace('#<\|>#', $tag, $text, 1); } + return $text; } - - /** - * Convert Text to a suitable format for use in emails. eg. relative links will be replaced with full links etc. + * Convert Text to a suitable format for use in emails. eg. relative links will be replaced with full links etc. * @param string $text * @param boolean $posted - if the text has been posted. (uses stripslashes etc) - * @param string $mods - flags for text transformation. + * @param string $mods - flags for text transformation. */ public function toEmail($text, $posted = '', $mods = 'parse_sc, no_make_clickable') { - if ($posted === TRUE) + + if($posted === true) { - if (MAGIC_QUOTES_GPC) + if(MAGIC_QUOTES_GPC) { $text = stripslashes($text); } @@ -3446,7 +3578,7 @@ class e_parse extends e_parser if($this->isHtml($text)) { $text = str_replace(array('[html]', '[/html]'), '', $text); - $text = html_entity_decode( $text, ENT_COMPAT, 'UTF-8'); + $text = html_entity_decode($text, ENT_COMPAT, 'UTF-8'); } else { @@ -3458,7 +3590,6 @@ class e_parse extends e_parser } - /** * Given an email address, returns a link including with obfuscated text. * e-email css in e107.css inserts the user/domain data for display. @@ -3468,16 +3599,17 @@ class e_parse extends e_parser * @param null $subject [optional] default subject for email. * @return string */ - public function emailObfuscate($email, $words = null, $subject =null) + public function emailObfuscate($email, $words = null, $subject = null) { + if(strpos($email, '@') === false) { return ''; } - if ($subject) + if($subject) { - $subject = '?subject='.$subject; + $subject = '?subject=' . $subject; } list($name, $address) = explode('@', $email, 2); @@ -3485,8 +3617,8 @@ class e_parse extends e_parser if(empty($words)) { $words = '@'; - $user = "data-user='".$this->obfuscate($name)."'"; - $dom = "data-dom='".$this->obfuscate($address)."'"; + $user = "data-user='" . $this->obfuscate($name) . "'"; + $dom = "data-dom='" . $this->obfuscate($address) . "'"; } else { @@ -3494,15 +3626,14 @@ class e_parse extends e_parser $dom = ''; } - $url = 'mailto:' .$email.$subject; + $url = 'mailto:' . $email . $subject; $safe = $this->obfuscate($url); - return "".$words.''; + return "" . $words . ''; } - /** * Obfuscate text from bots using Randomized encoding. * @param $text @@ -3510,20 +3641,21 @@ class e_parse extends e_parser */ public function obfuscate($text) { + $ret = ''; - foreach (str_split($text) as $letter) + foreach(str_split($text) as $letter) { - switch (mt_rand(1, 3)) + switch(mt_rand(1, 3)) { // HTML entity code case 1: - $ret .= '&#'.ord($letter).';'; - break; + $ret .= '&#' . ord($letter) . ';'; + break; // Hex character code case 2: - $ret .= '&#x'.dechex(ord($letter)).';'; - break; + $ret .= '&#x' . dechex(ord($letter)) . ';'; + break; // Raw (no) encoding case 3: @@ -3535,143 +3667,58 @@ class e_parse extends e_parser } - - public function __get($name) { + switch($name) { case 'e_sc': $ret = e107::getScParser(); - break; + break; default: - // trigger_error('$e107->$'.$name.' not defined', E_USER_WARNING); - return NULL; - break; + // trigger_error('$e107->$'.$name.' not defined', E_USER_WARNING); + return null; + break; } $this->$name = $ret; + return $ret; } -} + + // Formerly located in e_parser -------------------------- /** - * New v2 Parser - * Start Fresh and Build on it over time to become eventual replacement to e_parse. - * Cameron's DOM-based parser. - * - * @method replaceConstants($text, $mode = '', $all = false) - * @method toAttribute($text) - * @method thumbUrl($url) - * @method thumbDimensions() + * Merge default 'global' attributes into assigned tags. */ -class e_parser -{ - /** - * @var DOMDocument - */ - public $domObj = null; - public $isHtml = false; + private function compileAttributeDefaults() + { + foreach($this->allowedAttributes as $tag => $array) + { + if($tag === 'default') + { + continue; + } - protected $bootstrap = null; - protected $fontawesome = null; - protected $convertToWebP = false; + foreach($this->allowedAttributes['default'] as $def) + { + $this->allowedAttributes[$tag][] = $def; + } - protected $removedList = array(); - protected $nodesToDelete = array(); - protected $nodesToConvert = array(); - protected $nodesToDisableSC = array(); - protected $pathList = array(); - protected $allowedAttributes = array( - 'default' => array('id', 'style', 'class', 'title', 'lang', 'accesskey'), - 'img' => array('src', 'alt', 'width', 'height'), - 'a' => array('href', 'target', 'rel'), - 'script' => array('type', 'src', 'language', 'async'), - 'iframe' => array('src', 'frameborder', 'width', 'height'), - 'input' => array('type','name','value'), - 'form' => array('action','method','target'), - 'audio' => array('src','controls', 'autoplay', 'loop', 'muted', 'preload' ), - 'video' => array('autoplay', 'controls', 'height', 'loop', 'muted', 'poster', 'preload', 'src', 'width'), - 'td' => array('colspan', 'rowspan'), - 'th' => array('colspan', 'rowspan'), - 'col' => array('span'), - 'embed' => array('src', 'wmode', 'type', 'width', 'height'), - 'x-bbcode' => array('alt'), - 'label' => array('for'), - 'source' => array('media', 'sizes', 'src', 'srcset', 'type'), + } - ); - - protected $badAttrValues = array('javascript[\s]*?:','alert\(','vbscript[\s]*?:','data:text\/html', 'mhtml[\s]*?:', 'data:[\s]*?image'); - - protected $replaceAttrValues = array( - 'default' => array() - ); - - protected $allowedTags = array('html', 'body','div','a','img','table','tr', 'td', 'th', 'tbody', 'thead', 'colgroup', 'b', - 'i', 'pre','code', 'strong', 'u', 'em','ul', 'ol', 'li','img','h1','h2','h3','h4','h5','h6','p', - 'div','pre','section','article', 'blockquote','hgroup','aside','figure','figcaption', 'abbr','span', 'audio', 'video', 'source', 'br', - 'small', 'caption', 'noscript', 'hr', 'section', 'iframe', 'sub', 'sup', 'cite', 'x-bbcode', 'label' - ); - protected $scriptTags = array('script','applet','form','input','button', 'embed', 'object', 'ins', 'select','textarea'); //allowed when $pref['post_script'] is enabled. - - protected $scriptAttributes = array('onclick', 'onchange', 'onblur', 'onload', 'onfocus', 'onkeydown', 'onkeypress', 'onkeyup', - 'ondblclick', 'onmousedown', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', - 'onwheel', 'oncopy', 'oncut', 'onpaste' - ); - - protected $blockTags = array('pre','div','h1','h2','h3','h4','h5','h6','blockquote'); // element includes its own line-break. - - - private $scriptAccess = false; // nobody. + } /** - * e_parser constructor. + * Used by e_parse to start */ - public function __construct() - { - $this->domObj = new DOMDocument('1.0', 'utf-8'); - $this->init(); - $this->compileAttributeDefaults(); - - /* - $meths = get_class_methods('DomDocument'); - sort($meths); - print_a($meths); - */ - } - - /** - * Merge default 'global' attributes into assigned tags. - */ - private function compileAttributeDefaults() - { - foreach($this->allowedAttributes as $tag=>$array) - { - if($tag === 'default') - { - continue; - } - - foreach($this->allowedAttributes['default'] as $def) - { - $this->allowedAttributes[$tag][] = $def; - } - - } - - } - - /** - * Used by e_parse to start - */ - public function init() - { + public function init() + { if(defined('FONTAWESOME')) { @@ -3690,7 +3737,7 @@ class e_parser } - } + } /** * Add Allowed Tags. @@ -3698,6 +3745,7 @@ class e_parser */ public function addAllowedTag($tag) { + $this->allowedTags[] = $tag; } @@ -3708,18 +3756,20 @@ class e_parser */ public function addAllowedAttribute($tag, $attArray) { + $this->allowedAttributes[$tag] = (array) $attArray; } /** - * Set Allowed Tags. - * @param $array - */ - public function setAllowedTags($array=array()) - { - $this->allowedTags = $array; - } + * Set Allowed Tags. + * @param $array + */ + public function setAllowedTags($array = array()) + { + + $this->allowedTags = $array; + } /** * Set Script Access @@ -3727,191 +3777,201 @@ class e_parser */ public function setScriptAccess($val) { + $this->scriptAccess = $val; } public function getAllowedTags() { + return $this->allowedTags; } - public function getAllowedAttributes() + public function getAllowedAttributes() { + return $this->allowedAttributes; } public function getScriptAccess() { + return $this->scriptAccess; } public function getRemoved() - { - return $this->removedList; - } + { + + return $this->removedList; + } /** - * Set Allowed Attributes. - * @param $array - */ - public function setAllowedAttributes($array=array()) - { - $this->allowedAttributes = $array; - } + * Set Allowed Attributes. + * @param $array + */ + public function setAllowedAttributes($array = array()) + { - /** - * Set Script Tags. - * @param $array - */ - public function setScriptTags($array=array()) - { - $this->scriptTags = $array; - } + $this->allowedAttributes = $array; + } + + /** + * Set Script Tags. + * @param $array + */ + public function setScriptTags($array = array()) + { + + $this->scriptTags = $array; + } /** * @param int $version */ public function setFontAwesome($version) - { - $this->fontawesome = (int) $version; - } + { + + $this->fontawesome = (int) $version; + } /** * @param int $version */ public function setBootstrap($version) - { - $this->bootstrap = (int) $version; - } + { - /** + $this->bootstrap = (int) $version; + } + + /** * @param bool $bool */ public function setConvertToWebP($bool) - { - $this->convertToWebP = (bool) $bool; - } + { + + $this->convertToWebP = (bool) $bool; + } /** * Add leading zeros to a number. eg. 3 might become 000003 - * @param $num integer + * @param $num integer * @param $numDigits - total number of digits * @return string number with leading zeros. */ - public function leadingZeros($num,$numDigits) + public function leadingZeros($num, $numDigits) { - return (string) sprintf('%0' .$numDigits. 'd',$num); + + return (string) sprintf('%0' . $numDigits . 'd', $num); } /** * Generic variable translator for LAN definitions. * @param $lan - string LAN * @param string | array $vals - either a single value, which will replace '[x]' or an array with key=>value pairs. - * @example $tp->lanVars("My name is [x] and I own a [y]", array('x'=>"John", 'y'=>"Cat")); - * @example $tp->lanVars("My name is [x] and I own a [y]", array("John","Cat")); * @return string + * @example $tp->lanVars("My name is [x] and I own a [y]", array("John","Cat")); + * @example $tp->lanVars("My name is [x] and I own a [y]", array('x'=>"John", 'y'=>"Cat")); */ - public function lanVars($lan, $vals, $bold=false) + public function lanVars($lan, $vals, $bold = false) { - - $array = (!is_array($vals)) ? array('x'=>$vals) : $vals; + + $array = (!is_array($vals)) ? array('x' => $vals) : $vals; $search = array(); $replace = array(); $defaults = array('x', 'y', 'z'); - foreach($array as $k=>$v) + foreach($array as $k => $v) { if(is_numeric($k)) // convert array of numeric to x,y,z { $k = $defaults[$k]; } - $search[] = '[' .$k. ']'; - $replace[] = ($bold===true) ? '' .$v. '' : $v; + $search[] = '[' . $k . ']'; + $replace[] = ($bold === true) ? '' . $v . '' : $v; } - + return str_replace($search, $replace, $lan); } - + /** - * Return an Array of all specific tags found in an HTML document and their attributes. + * Return an Array of all specific tags found in an HTML document and their attributes. * @param $html - raw html code - * @param $taglist - comma separated list of tags to search or '*' for all. - * @param $header - if the $html includes the html head or body tags - it should be set to true. + * @param $taglist - comma separated list of tags to search or '*' for all. + * @param $header - if the $html includes the html head or body tags - it should be set to true. */ - public function getTags($html, $taglist='*', $header = false) + public function getTags($html, $taglist = '*', $header = false) { - + if($header == false) { - $html = '' .$html. ''; - } - - $doc = $this->domObj; - + $html = '' . $html . ''; + } + + $doc = $this->domObj; + $doc->preserveWhiteSpace = true; libxml_use_internal_errors(true); - $doc->loadHTML($html); - + $doc->loadHTML($html); + $tg = explode(',', $taglist); $ret = array(); - + foreach($tg as $find) { - $tmp = $doc->getElementsByTagName($find); - - /** - * @var $k - * @var DOMDocument $node - */ - foreach($tmp as $k=>$node) + $tmp = $doc->getElementsByTagName($find); + + /** + * @var $k + * @var DOMDocument $node + */ + foreach($tmp as $k => $node) { $tag = $node->nodeName; $inner = $node->C14N(); - $inner = str_replace(' ', '',$inner); - - foreach ($node->attributes as $attr) - { + $inner = str_replace(' ', '', $inner); + + foreach($node->attributes as $attr) + { $name = $attr->nodeName; - $value = $attr->nodeValue; - $ret[$tag][$k][$name] = $value; + $value = $attr->nodeValue; + $ret[$tag][$k][$name] = $value; } - - $ret[$tag][$k]['@value'] = $inner; - - + + $ret[$tag][$k]['@value'] = $inner; + + } } - + if($header == false) { - unset($ret['html'],$ret['body']); - } - - + unset($ret['html'], $ret['body']); + } + + return $ret; } - - - + + /** * Parse xxxxx.glyph file to bootstrap glyph format. * @param string $text * @param array|string $options - * @param bool $options['size'] 2x, 3x, 4x, or 5x - * @param bool $options['fw'] Fixed-Width - * @param bool $options['spin'] Spin - * @param int $options['rotate'] Rotate in Degrees. + * @param bool $options ['size'] 2x, 3x, 4x, or 5x + * @param bool $options ['fw'] Fixed-Width + * @param bool $options ['spin'] Spin + * @param int $options ['rotate'] Rotate in Degrees. * @example $tp->toGlyph('fa-spinner', 'spin=1'); * @example $tp->toGlyph('fa-spinner', array('spin'=>1)); * @example $tp->toGlyph('fa-shield', array('rotate'=>90, 'size'=>'2x')); */ - public function toGlyph($text, $options= ' ') + public function toGlyph($text, $options = ' ') { if(empty($text)) @@ -3922,88 +3982,87 @@ class e_parser if(is_array($options)) { $parm = $options; - $options = varset($parm['space'],''); + $options = varset($parm['space'], ''); } - elseif(strpos($options,'=')) + elseif(strpos($options, '=')) { - parse_str($options,$parm); - $options = varset($parm['space'],''); + parse_str($options, $parm); + $options = varset($parm['space'], ''); } else { $parm = array(); } - if(strpos($text, 'e-') === 0) // e107 admin icon. + if(strpos($text, 'e-') === 0) // e107 admin icon. { - $size = (substr($text,-3) === '-32') ? 'S32' : 'S16'; + $size = (substr($text, -3) === '-32') ? 'S32' : 'S16'; - if(substr($text,-3) === '-24') + if(substr($text, -3) === '-24') { $size = 'S24'; } - return ""; + return ""; } // Get Glyph names. - // $bs3 = e107::getMedia()->getGlyphs('bs3',''); - // $fa4 = e107::getMedia()->getGlyphs('fa4',''); + // $bs3 = e107::getMedia()->getGlyphs('bs3',''); + // $fa4 = e107::getMedia()->getGlyphs('fa4',''); + list($id) = explode('.glyph', $text, 2); + // list($type, $tmp2) = explode("-",$text,2); - list($id) = explode('.glyph',$text,2); - // list($type, $tmp2) = explode("-",$text,2); + // return $cls; - // return $cls; + // $removePrefix = array('glyphicon-','icon-','fa-'); - // $removePrefix = array('glyphicon-','icon-','fa-'); - - // $id = str_replace($removePrefix, "", $cls); + // $id = str_replace($removePrefix, "", $cls); - $spin = null; - $rotate = null; - $fixedW = null; - $prefix = 'glyphicon glyphicon-'; // fallback - $size = null; - $tag = 'i'; + $spin = null; + $rotate = null; + $fixedW = null; + $prefix = 'glyphicon glyphicon-'; // fallback + $size = null; + $tag = 'i'; - // return print_r($fa4,true); -/* - if(deftrue('FONTAWESOME') && in_array($id ,$fa4)) // Contains FontAwesome 3 set also. - { - $prefix = 'fa fa-'; - $size = (vartrue($parm['size'])) ? ' fa-'.$parm['size'] : ''; - $tag = 'i'; - $spin = !empty($parm['spin']) ? ' fa-spin' : ''; - $rotate = !empty($parm['rotate']) ? ' fa-rotate-'.intval($parm['rotate']) : ''; - $fixedW = !empty($parm['fw']) ? ' fa-fw' : ""; - } - elseif(deftrue("BOOTSTRAP")) - { - if(BOOTSTRAP === 3 && in_array($id ,$bs3)) - { - $prefix = 'glyphicon glyphicon-'; - $tag = 'span'; - } - else - { - // $prefix = 'icon-'; - $tag = 'i'; - } + // return print_r($fa4,true); + /* + if(deftrue('FONTAWESOME') && in_array($id ,$fa4)) // Contains FontAwesome 3 set also. + { + $prefix = 'fa fa-'; + $size = (vartrue($parm['size'])) ? ' fa-'.$parm['size'] : ''; + $tag = 'i'; + $spin = !empty($parm['spin']) ? ' fa-spin' : ''; + $rotate = !empty($parm['rotate']) ? ' fa-rotate-'.intval($parm['rotate']) : ''; + $fixedW = !empty($parm['fw']) ? ' fa-fw' : ""; + } + elseif(deftrue("BOOTSTRAP")) + { + if(BOOTSTRAP === 3 && in_array($id ,$bs3)) + { + $prefix = 'glyphicon glyphicon-'; + $tag = 'span'; + } + else + { + // $prefix = 'icon-'; + $tag = 'i'; + } - $size = ''; + $size = ''; - } - */ + } + */ if(strpos($text, 'fa-') === 0) // Font-Awesome 4 & 5 { $prefix = 'fa '; - $size = (vartrue($parm['size'])) ? ' fa-'.$parm['size'] : ''; - $tag = 'i'; - $spin = !empty($parm['spin']) ? ' fa-spin' : ''; - $rotate = !empty($parm['rotate']) ? ' fa-rotate-'. (int)$parm['rotate'] : ''; + $size = (vartrue($parm['size'])) ? ' fa-' . $parm['size'] : ''; + $tag = 'i'; + $spin = !empty($parm['spin']) ? ' fa-spin' : ''; + $rotate = !empty($parm['rotate']) ? ' fa-rotate-' . (int) $parm['rotate'] : ''; $fixedW = !empty($parm['fw']) ? ' fa-fw' : ''; if($this->fontawesome === 5) @@ -4011,13 +4070,13 @@ class e_parser $fab = e107::getMedia()->getGlyphs('fab'); $fas = e107::getMedia()->getGlyphs('fas'); - $code = substr($id,3); + $code = substr($id, 3); - if(in_array($code,$fab)) + if(in_array($code, $fab)) { $prefix = 'fab '; } - elseif(in_array($code,$fas)) + elseif(in_array($code, $fas)) { $prefix = 'fas '; } @@ -4059,15 +4118,15 @@ class e_parser } } - - $idAtt = (!empty($parm['id'])) ? "id='".$parm['id']."' " : ''; - $style = (!empty($parm['style'])) ? "style='".$parm['style']."' " : ''; - $class = (!empty($parm['class'])) ? $parm['class']. ' ' : ''; + + $idAtt = (!empty($parm['id'])) ? "id='" . $parm['id'] . "' " : ''; + $style = (!empty($parm['style'])) ? "style='" . $parm['style'] . "' " : ''; + $class = (!empty($parm['class'])) ? $parm['class'] . ' ' : ''; $placeholder = isset($parm['placeholder']) ? $parm['placeholder'] : ''; - $title = (!empty($parm['title'])) ? " title='".$this->toAttribute($parm['title'])."' " : ''; + $title = (!empty($parm['title'])) ? " title='" . $this->toAttribute($parm['title']) . "' " : ''; - $text = '<' .$tag." {$idAtt}class='".$class.$prefix.$id.$size.$spin.$rotate.$fixedW."' ".$style.$title. '>' .$placeholder. ''; + $text = '<' . $tag . " {$idAtt}class='" . $class . $prefix . $id . $size . $spin . $rotate . $fixedW . "' " . $style . $title . '>' . $placeholder . ''; $text .= ($options !== false) ? $options : ''; return $text; @@ -4081,11 +4140,12 @@ class e_parser * @param $text * @return string */ - public function toBadge($text, $parm=null) + public function toBadge($text, $parm = null) { - $class = !empty($parm['class']) ? ' ' .$parm['class'] : ' bg-secondary rounded-pill badge-secondary'; - return "".$text. ''; + $class = !empty($parm['class']) ? ' ' . $parm['class'] : ' bg-secondary rounded-pill badge-secondary'; + + return "" . $text . ''; } @@ -4096,20 +4156,21 @@ class e_parser */ public function toLabel($text, $type = null) { + if($type === null) { $type = 'default'; } - $tmp = explode(',',$text); + $tmp = explode(',', $text); $opt = array(); foreach($tmp as $v) { - $opt[] = "".$v. ''; + $opt[] = "" . $v . ''; } - return implode(' ',$opt); + return implode(' ', $opt); } /** @@ -4117,51 +4178,53 @@ class e_parser * @param $text * @return string */ - public function toFile($text, $parm=array()) + public function toFile($text, $parm = array()) { + $srch = array( '{e_MEDIA_FILE}' => 'e_MEDIA_FILE/', - '{e_PLUGIN}' => 'e_PLUGIN/' + '{e_PLUGIN}' => 'e_PLUGIN/' ); - $link = e_HTTP. 'request.php?file=' . str_replace(array_keys($srch), $srch,$text); + $link = e_HTTP . 'request.php?file=' . str_replace(array_keys($srch), $srch, $text); if(!empty($parm['raw'])) { return $link; } - return "-attachment-"; //TODO Add pref for this. + return "-attachment-"; //TODO Add pref for this. } /** - * Render an avatar based on supplied user data or current user when missing. - * @param array $userData - user data from e107_user. ie. user_image, user_id etc. + * Render an avatar based on supplied user data or current user when missing. + * @param array $userData - user data from e107_user. ie. user_image, user_id etc. * @param array $options - * @param int $options['w'] - image width in px - * @param int $options['h'] - image height in px - * @param int|bool $options['crop'] = enables cropping when true - * @param string $options['shape'] - (optional) rounded|circle|thumbnail - * @param string $options['id'] - 'id' attribute will be added to tag. - * @param string $options['class'] - override default 'class' attribute in tag. - * @param string $options['alt'] - override default 'alt' attribute in tag. - * @param bool $options['base64'] - use embedded base64 for image src. - * @param bool $options['hd'] - double the resolution of the image. Useful for retina displays. - * @param string $options['type'] - when set to 'url' returns the URL value instead of the tag. - * @param string $options['style'] - sets the style attribute. - * @param string $options['mode'] - 'full' url mode. + * @param int $options ['w'] - image width in px + * @param int $options ['h'] - image height in px + * @param int|bool $options ['crop'] = enables cropping when true + * @param string $options ['shape'] - (optional) rounded|circle|thumbnail + * @param string $options ['id'] - 'id' attribute will be added to tag. + * @param string $options ['class'] - override default 'class' attribute in tag. + * @param string $options ['alt'] - override default 'alt' attribute in tag. + * @param bool $options ['base64'] - use embedded base64 for image src. + * @param bool $options ['hd'] - double the resolution of the image. Useful for retina displays. + * @param string $options ['type'] - when set to 'url' returns the URL value instead of the tag. + * @param string $options ['style'] - sets the style attribute. + * @param string $options ['mode'] - 'full' url mode. * @return string tag of avatar. */ - public function toAvatar($userData=null, $options=array()) + public function toAvatar($userData = null, $options = array()) { - $tp = e107::getParser(); - $width = !empty($options['w']) ? intval($options['w']) : $tp->thumbWidth; - $height = ($tp->thumbHeight !== 0) ? $tp->thumbHeight : ''; - $crop = isset($options['crop']) ? $options['crop'] : $tp->thumbCrop; - $linkStart = ''; - $linkEnd = ''; - $full = !empty($options['base64']) ? true : false; - $file = ''; + + $tp = e107::getParser(); + $width = !empty($options['w']) ? intval($options['w']) : $tp->thumbWidth; + $height = ($tp->thumbHeight !== 0) ? $tp->thumbHeight : ''; + $crop = isset($options['crop']) ? $options['crop'] : $tp->thumbCrop; + $linkStart = ''; + $linkEnd = ''; + $full = !empty($options['base64']) ? true : false; + $file = ''; if(!empty($options['mode']) && $options['mode'] === 'full') { @@ -4183,33 +4246,33 @@ class e_parser if($userData === null && USERID) { $userData = array(); - $userData['user_id'] = USERID; - $userData['user_image'] = deftrue('USERIMAGE'); - $userData['user_name'] = deftrue('USERNAME'); + $userData['user_id'] = USERID; + $userData['user_image'] = deftrue('USERIMAGE'); + $userData['user_name'] = deftrue('USERNAME'); $userData['user_currentvisit'] = deftrue('USERCURRENTVISIT'); } - + $image = (!empty($userData['user_image'])) ? varset($userData['user_image']) : null; - $genericFile = e_IMAGE. 'generic/blank_avatar.jpg'; - $genericImg = $tp->thumbUrl($genericFile, 'w=' .$width. '&h=' .$height,true, $full); - - if (!empty($image)) + $genericFile = e_IMAGE . 'generic/blank_avatar.jpg'; + $genericImg = $tp->thumbUrl($genericFile, 'w=' . $width . '&h=' . $height, true, $full); + + if(!empty($image)) { - - if(strpos($image, '://')!==false) // Remote Image + + if(strpos($image, '://') !== false) // Remote Image { - $url = $image; + $url = $image; } elseif(strpos($image, "-upload-") === 0) { - - $image = substr($image,8); // strip the -upload- from the beginning. - if(file_exists(e_AVATAR_UPLOAD.$image)) + + $image = substr($image, 8); // strip the -upload- from the beginning. + if(file_exists(e_AVATAR_UPLOAD . $image)) { - $file = e_AVATAR_UPLOAD.$image; - $url = $tp->thumbUrl($file, 'w=' .$width. '&h=' .$height. '&crop=' .$crop, false, $full); + $file = e_AVATAR_UPLOAD . $image; + $url = $tp->thumbUrl($file, 'w=' . $width . '&h=' . $height . '&crop=' . $crop, false, $full); } else { @@ -4217,18 +4280,18 @@ class e_parser $url = $genericImg; } } - elseif(file_exists(e_AVATAR_DEFAULT.$image)) // User-Uplaoded Image + elseif(file_exists(e_AVATAR_DEFAULT . $image)) // User-Uplaoded Image { - $file = e_AVATAR_DEFAULT.$image; - $url = $tp->thumbUrl($file, 'w=' .$width. '&h=' .$height. '&crop=' .$crop, false, $full); + $file = e_AVATAR_DEFAULT . $image; + $url = $tp->thumbUrl($file, 'w=' . $width . '&h=' . $height . '&crop=' . $crop, false, $full); } - else // Image Missing. + else // Image Missing. { $url = $genericImg; $file = $genericFile; } } - else // No image provided - so send generic. + else // No image provided - so send generic. { $url = $genericImg; $file = $genericFile; @@ -4236,11 +4299,11 @@ class e_parser if(!empty($options['base64'])) // embed image data into URL. { - $content = e107::getFile()->getRemoteContent($url); // returns false during unit tests, works otherwise. + $content = e107::getFile()->getRemoteContent($url); // returns false during unit tests, works otherwise. if(!empty($content)) { - $ext = strtolower(pathinfo($file,PATHINFO_EXTENSION)); - $url = 'data:image/'.$ext.';base64,'.base64_encode($content); + $ext = strtolower(pathinfo($file, PATHINFO_EXTENSION)); + $url = 'data:image/' . $ext . ';base64,' . base64_encode($content); } } @@ -4250,14 +4313,14 @@ class e_parser $height = ($height / 2); } - if(($url == $genericImg) && !empty($userData['user_id'] ) && (($userData['user_id'] == USERID)) && !empty($options['link'])) + if(($url == $genericImg) && !empty($userData['user_id']) && (($userData['user_id'] == USERID)) && !empty($options['link'])) { - $linkStart = ""; + $linkStart = ""; $linkEnd = ''; } - + $title = (ADMIN) ? $image : $tp->toAttribute($userData['user_name']); - $shape = (!empty($options['shape'])) ? 'img-' .$options['shape'] : 'img-rounded rounded'; + $shape = (!empty($options['shape'])) ? 'img-' . $options['shape'] : 'img-rounded rounded'; if($shape === 'img-circle') { @@ -4271,33 +4334,33 @@ class e_parser if(!empty($options['alt'])) { - $title = $tp->toAttribute($options['alt']); + $title = $tp->toAttribute($options['alt']); } - $heightInsert = empty($height) ? '' : "height='".$height."'"; - $id = (!empty($options['id'])) ? "id='".$options['id']."' " : ''; + $heightInsert = empty($height) ? '' : "height='" . $height . "'"; + $id = (!empty($options['id'])) ? "id='" . $options['id'] . "' " : ''; $classOnline = (!empty($userData['user_currentvisit']) && intval($userData['user_currentvisit']) > (time() - 300)) ? ' user-avatar-online' : ''; - $class = !empty($options['class']) ? $options['class'] : $shape. ' user-avatar'; - $style = !empty($options['style']) ? " style='".$options['style']."'" : ''; + $class = !empty($options['class']) ? $options['class'] : $shape . ' user-avatar'; + $style = !empty($options['style']) ? " style='" . $options['style'] . "'" : ''; $text = $linkStart; - $text .= '\"".$title."\"'; + $text .= '\""'; $text .= $linkEnd; - // return $url; + + // return $url; return $text; - + } - /** - * Display an icon. - * @param string $icon - * @example $tp->toIcon("{e_IMAGES}icons/something.png"); + * Display an icon. + * @param string $icon + * @example $tp->toIcon("{e_IMAGES}icons/something.png"); */ - public function toIcon($icon='',$parm = array()) + public function toIcon($icon = '', $parm = array()) { if(empty($icon)) @@ -4305,32 +4368,32 @@ class e_parser return null; } - // if(strpos($icon,'e_MEDIA_IMAGE')!==false) - // { + // if(strpos($icon,'e_MEDIA_IMAGE')!==false) + // { // return "
Use \$tp->toImage() instead of toIcon() for ".$icon."
"; // debug info only. - // } + // } if(strpos($icon, 'toGlyph($icon,$parm); + return $this->toGlyph($icon, $parm); } - - if(strpos($icon,'e_MEDIA_IMAGE')!==false) + + if(strpos($icon, 'e_MEDIA_IMAGE') !== false) { $path = $this->thumbUrl($icon); $dimensions = $this->thumbDimensions(); } elseif($icon[0] === '{') { - $path = $this->replaceConstants($icon,'abs'); + $path = $this->replaceConstants($icon, 'abs'); } elseif(!empty($parm['legacy'])) { @@ -4338,12 +4401,12 @@ class e_parser foreach($legacyList as $legPath) { - $legacyPath = $legPath.$icon; + $legacyPath = $legPath . $icon; $filePath = $this->replaceConstants($legacyPath); if(is_readable($filePath)) { - $path = $this->replaceConstants($legacyPath,'full'); + $path = $this->replaceConstants($legacyPath, 'full'); break; } @@ -4352,13 +4415,14 @@ class e_parser if(empty($path)) { $log = e107::getLog(); - $log->addDebug('Broken Icon Path: '.$icon."\n".print_r(debug_backtrace(null,2), true), false)->save('IMALAN_00'); - e107::getDebug()->log('Broken Icon Path: '.$icon); + $log->addDebug('Broken Icon Path: ' . $icon . "\n" . print_r(debug_backtrace(null, 2), true), false)->save('IMALAN_00'); + e107::getDebug()->log('Broken Icon Path: ' . $icon); + return null; } - + } - else + else { $path = $icon; } @@ -4366,26 +4430,26 @@ class e_parser $alt = (!empty($parm['alt'])) ? $this->toAttribute($parm['alt']) : basename($path); $class = (!empty($parm['class'])) ? $parm['class'] : 'icon'; - - return "".$alt."'; + + return "" . $alt . "'; } /** * Render an img tag. * @param string $file - * @param array $parm keys: legacy|w|h|alt|class|id|crop|loading - * @param array $parm['legacy'] Usually a legacy path like {e_FILE} - * @param array $parm['type'] Force the returned image to be a jpg, webp etc. + * @param array $parm keys: legacy|w|h|alt|class|id|crop|loading + * @param array $parm ['legacy'] Usually a legacy path like {e_FILE} + * @param array $parm ['type'] Force the returned image to be a jpg, webp etc. * @return string * @example $tp->toImage('welcome.png', array('legacy'=>{e_IMAGE}newspost_images/','w'=>200)); */ - public function toImage($file, $parm=array()) + public function toImage($file, $parm = array()) { - if(strpos($file,'e_AVATAR')!==false) + if(strpos($file, 'e_AVATAR') !== false) { - return "
Use \$tp->toAvatar() instead of toImage() for ".$file. '
'; // debug info only. + return "
Use \$tp->toAvatar() instead of toImage() for " . $file . '
'; // debug info only. } @@ -4396,43 +4460,43 @@ class e_parser if(!empty($file)) { - $srcset = null; - $path = null; - $file = trim($file); - $ext = pathinfo($file, PATHINFO_EXTENSION); - $accepted = array('jpg','gif','png','jpeg', 'svg', 'webp'); + $srcset = null; + $path = null; + $file = trim($file); + $ext = pathinfo($file, PATHINFO_EXTENSION); + $accepted = array('jpg', 'gif', 'png', 'jpeg', 'svg', 'webp'); - if(!in_array($ext,$accepted)) + if(!in_array($ext, $accepted)) { return null; } } /** @var e_parse $tp */ - $tp = $this; + $tp = $this; - // e107::getDebug()->log($file); - // e107::getDebug()->log($parm); + // e107::getDebug()->log($file); + // e107::getDebug()->log($parm); - if(strpos($file,'http')===0) + if(strpos($file, 'http') === 0) { $path = $file; } - elseif(strpos($file,'e_MEDIA')!==false || strpos($file,'e_THEME')!==false || strpos($file,'e_PLUGIN')!==false || strpos($file,'{e_IMAGE}')!==false) //v2.x path. + elseif(strpos($file, 'e_MEDIA') !== false || strpos($file, 'e_THEME') !== false || strpos($file, 'e_PLUGIN') !== false || strpos($file, '{e_IMAGE}') !== false) //v2.x path. { if(!isset($parm['w']) && !isset($parm['h'])) { - $parm = (array) $parm; - $parm['w'] = $tp->thumbWidth(); - $parm['h'] = $tp->thumbHeight(); - $parm['crop'] = $tp->thumbCrop(); - $parm['x'] = $tp->thumbEncode(); + $parm = (array) $parm; + $parm['w'] = $tp->thumbWidth(); + $parm['h'] = $tp->thumbHeight(); + $parm['crop'] = $tp->thumbCrop(); + $parm['x'] = $tp->thumbEncode(); } unset($parm['src']); - $path = $tp->thumbUrl($file,$parm); + $path = $tp->thumbUrl($file, $parm); if(empty($parm['w']) && empty($parm['h'])) @@ -4458,23 +4522,23 @@ class e_parser } elseif(!empty($file) && $file[0] === '{') // Legacy v1.x path. Example: {e_PLUGIN}myplugin/images/fixedimage.png { - $path = $tp->replaceConstants($file,'abs'); + $path = $tp->replaceConstants($file, 'abs'); } elseif(!empty($parm['legacy'])) // Search legacy path for image in a specific folder. No path, only file name provided. { - $legacyPath = rtrim($parm['legacy'],'/').'/'.$file; + $legacyPath = rtrim($parm['legacy'], '/') . '/' . $file; $filePath = $tp->replaceConstants($legacyPath); if(is_readable($filePath)) { - $path = $tp->replaceConstants($legacyPath,'abs'); + $path = $tp->replaceConstants($legacyPath, 'abs'); } else { $log = e107::getLog(); - $log->addDebug('Broken Image Path: '.$legacyPath."\n".print_r(debug_backtrace(null,2), true), false)->save('IMALAN_00'); - e107::getDebug()->log('Broken Image Path: ' .$legacyPath); + $log->addDebug('Broken Image Path: ' . $legacyPath . "\n" . print_r(debug_backtrace(null, 2), true), false)->save('IMALAN_00'); + e107::getDebug()->log('Broken Image Path: ' . $legacyPath); } } @@ -4485,27 +4549,27 @@ class e_parser if(empty($path) && !empty($parm['placeholder'])) { - $path = $tp->thumbUrl($file,$parm); + $path = $tp->thumbUrl($file, $parm); } - $id = (!empty($parm['id'])) ? 'id="' .$parm['id']. '" ' : ''; - $class = (!empty($parm['class'])) ? $parm['class'] : 'img-responsive img-fluid'; - $alt = (!empty($parm['alt'])) ? $tp->toAttribute($parm['alt']) : basename($file); - $style = (!empty($parm['style'])) ? 'style="' .$parm['style']. '" ' : ''; - $srcset = (!empty($parm['srcset'])) ? 'srcset="' .$parm['srcset']. '" ' : ''; - $width = (!empty($parm['w'])) ? 'width="' . (int)$parm['w'] . '" ' : ''; - $title = (!empty($parm['title'])) ? 'title="' .$parm['title']. '" ' : ''; - $height = !empty($parm['h']) ? 'height="' . (int)$parm['h'] . '" ' : ''; - $loading = !empty($parm['loading']) ? 'loading="' .$parm['loading']. '" ' : ''; // eg. lazy, eager, auto + $id = (!empty($parm['id'])) ? 'id="' . $parm['id'] . '" ' : ''; + $class = (!empty($parm['class'])) ? $parm['class'] : 'img-responsive img-fluid'; + $alt = (!empty($parm['alt'])) ? $tp->toAttribute($parm['alt']) : basename($file); + $style = (!empty($parm['style'])) ? 'style="' . $parm['style'] . '" ' : ''; + $srcset = (!empty($parm['srcset'])) ? 'srcset="' . $parm['srcset'] . '" ' : ''; + $width = (!empty($parm['w'])) ? 'width="' . (int) $parm['w'] . '" ' : ''; + $title = (!empty($parm['title'])) ? 'title="' . $parm['title'] . '" ' : ''; + $height = !empty($parm['h']) ? 'height="' . (int) $parm['h'] . '" ' : ''; + $loading = !empty($parm['loading']) ? 'loading="' . $parm['loading'] . '" ' : ''; // eg. lazy, eager, auto if(isset($parm['width'])) // width attribute override (while retaining w) { - $width = 'width="' .$parm['width']. '" '; + $width = 'width="' . $parm['width'] . '" '; } - + if(isset($parm['height'])) // height attribute override (while retaining h) { - $height = 'height="' .$parm['height']. '" '; + $height = 'height="' . $parm['height'] . '" '; } $html = ''; @@ -4513,20 +4577,20 @@ class e_parser if($this->convertToWebP) { $parm['type'] = 'webp'; - $source = $tp->thumbUrl($file,$parm); + $source = $tp->thumbUrl($file, $parm); $html = "\n"; if(!empty($parm['srcset'])) { - list($webPSourceSet,$webPSize) = explode(' ', $parm['srcset']); - $html .= ''; + list($webPSourceSet, $webPSize) = explode(' ', $parm['srcset']); + $html .= ''; $html .= "\n"; - $html .= ''; + $html .= ''; $html .= "\n"; $srcset = ''; // remove it from the img tag below. } - $html .= ''; + $html .= ''; $html .= "\n"; } @@ -4535,7 +4599,7 @@ class e_parser return null; } - $html .= "' .$alt. ''; + $html .= "' . $alt . ''; $html .= ($this->convertToWebP) ? "\n" : ''; @@ -4551,21 +4615,22 @@ class e_parser */ public function isBBcode($text) { + if(!is_string($text)) { return false; } - if(strpos($text,'[')=== false || preg_match('#(?<=<)\w+(?=[^<]*?>)#', $text)) + if(strpos($text, '[') === false || preg_match('#(?<=<)\w+(?=[^<]*?>)#', $text)) { return false; } - $bbsearch = array('[/img]','[/h]', '[/b]', '[/link]', '[/right]', '[/center]', '[/flash]', '[/code]', '[/table]'); + $bbsearch = array('[/img]', '[/h]', '[/b]', '[/link]', '[/right]', '[/center]', '[/flash]', '[/code]', '[/table]'); foreach($bbsearch as $v) { - if(strpos($text,$v)!==false) + if(strpos($text, $v) !== false) { return true; } @@ -4585,12 +4650,13 @@ class e_parser */ public function isHtml($text) { + if(!is_string($text)) { return false; } - if(strpos($text,'[html]') !==false) + if(strpos($text, '[html]') !== false) { return true; } @@ -4618,30 +4684,30 @@ class e_parser */ public function isJSON($text) { + if(!is_string($text)) { return false; } - if(strpos($text, '{') === 0 || strpos($text, '[') === 0) // json - { - $dat = json_decode($text, true); + if(strpos($text, '{') === 0 || strpos($text, '[') === 0) // json + { + $dat = json_decode($text, true); - if(json_last_error() != JSON_ERROR_NONE) - { - // e107::getDebug()->log("Json data found"); - return false; - } + if(json_last_error() != JSON_ERROR_NONE) + { + // e107::getDebug()->log("Json data found"); + return false; + } - return $dat; - } + return $dat; + } return false; } - /** * Checks if string is valid UTF-8. * @@ -4661,7 +4727,8 @@ class e_parser */ public function isUTF8($string) { - if (function_exists('mb_check_encoding')) + + if(function_exists('mb_check_encoding')) { return (mb_check_encoding($string, 'UTF-8')); } @@ -4679,26 +4746,23 @@ class e_parser } - - - - /** - * Check if a file is an video or not. + * Check if a file is an video or not. * @param $file string * @return boolean */ public function isVideo($file) { + if(!is_string($file)) { return false; } - $ext = pathinfo($file,PATHINFO_EXTENSION); - + $ext = pathinfo($file, PATHINFO_EXTENSION); + return $ext === 'youtube' || $ext === 'youtubepl'; - + } /** @@ -4708,6 +4772,7 @@ class e_parser */ public function isImage($file) { + if(!is_string($file)) { return false; @@ -4718,7 +4783,7 @@ class e_parser $file = $this->replaceConstants($file); } - $ext = pathinfo($file,PATHINFO_EXTENSION); + $ext = pathinfo($file, PATHINFO_EXTENSION); return ($ext === 'jpg' || $ext === 'png' || $ext === 'gif' || $ext === 'jpeg' || $ext === 'webp'); } @@ -4729,7 +4794,7 @@ class e_parser * @param array $parm * @return string */ - public function toAudio($file, $parm=array()) + public function toAudio($file, $parm = array()) { $file = $this->replaceConstants($file, 'abs'); @@ -4739,8 +4804,8 @@ class e_parser $autoplay = !empty($parm['autoplay']) ? 'autoplay ' : ''; $controls = !empty($parm['controls']) ? 'controls' : ''; - $text = '