Some text's and things.
-";
- $dbText2 = $tp->toDB($text, true, false, 'no_html');
- echo "
User-input ≫ toDb(\$text, true, false, 'no_html')
";
- print_a($dbText2);
-
- echo "
";
- $dbText3 = $tp->toDB($text, false, false, 'pReFs');
- echo "
User-input ≫ toDb(\$text, false, false, 'pReFs')
";
- print_a($dbText3);
-
- // toClean
- $filter3 = $tp->filter($text, 'wds');
- echo "User-input ≫ filter(\$text, 'wds')
";
- print_a( $filter3);
-
- // Filter by String.
- $filter1 = $tp->filter($text);
- echo "User-input ≫ filter(\$text, 'str')
";
- print_a($filter1);
-
- // Filter by Encoded.
- $filter2 = $tp->filter($text,'enc');
- echo "User-input ≫ filter(\$text, 'enc')
";
- print_a($filter2);
-
-
- // toAttribute
- $toAtt = $tp->toAttribute($text);
- echo 'User-input ≫ toAttribute($text)
';
- print_a($toAtt);
-
- // toEmail
- $toEmail = $tp->toEmail($dbText);
- echo 'User-input ≫ toEmail($text) from DB
';
- print_a($toEmail);
-
- // toEmail
- $toRss = $tp->toRss($text);
- echo 'User-input ≫ toRss($text)
';
- print_a($toRss);
-
- echo '';
-
-
-
- }
-
- echo '
toDB() ≫ toHTML()
';
- $html = $tp->toHTML($dbText,true);
- print_a($html);
-
- echo '
toDB ≫ toHTML() (rendered)
';
- echo $html;
-
- echo '
toDB ≫ toForm()
';
- $toForm = $tp->toForm($dbText);
- $toFormRender = e107::getForm()->open('test');
- $toFormRender .= "
';
- $toFormRender .= e107::getForm()->close();
-
- echo $toFormRender;
-
-
- echo '
toDB ≫ bbarea
';
- echo e107::getForm()->bbarea('name',$toForm);
-
- if(!empty($advanced))
- {
-
- echo '
Allowed Tags
';
- print_a($this->allowedTags);
-
-
- echo '
Converted Paths
';
- print_a($this->pathList);
-
- echo '
Removed Tags and Attributes
';
- print_a($this->removedList);
-
- echo '
Nodes to Convert
';
- print_a($this->nodesToConvert);
-
- echo '
Nodes to Disable SC
';
- print_a($this->nodesToDisableSC);
- }
-
- similar_text($text, html_entity_decode( $toForm, ENT_COMPAT, 'UTF-8'),$perc);
- $scoreStyle = ($perc > 98) ? 'label-success' : 'label-danger';
- echo "
Similarity: ".number_format($perc). '%
';
-
- echo "
-
-
-
- User-input |
- toForm() output |
-
-
- ".print_a($text,true). ' |
- ' . $toFormRender. ' |
-
-
-
';
- /*
- ".print_a(json_encode($text),true)." |
- ". print_a(json_encode(html_entity_decode( $toForm, ENT_COMPAT, 'UTF-8')),true)." |
-
*/
-
- // print_a($text);
-
-return;
-
-//return;
- // ---------------------------------
-
-
- $html = $text;
-
- $sql = e107::getDb();
- $tp = e107::getParser();
- $dbg = e107::getDebug();
-
- // $html = $this->getXss();
-
- echo '
Unprocessed XSS
';
- // echo $html; // Remove Comment for a real mess!
- print_a($html);
-
- echo '
Standard v2 Parser
';
- echo '
$tp->dataFilter()
';
- // echo $tp->dataFilter($html); // Remove Comment for a real mess!
- $dbg->logTime('------ Start Parser Test -------');
- print_a($tp->dataFilter($html));
- $dbg->logTime('tp->dataFilter');
-
- echo '
$tp->toHTML()
';
- // echo $tp->dataFilter($html); // Remove Comment for a real mess!
- print_a($tp->toHTML($html));
- $dbg->logTime('tp->toHtml');
-
- echo '
$tp->toDB()
';
- // echo $tp->dataFilter($html); // Remove Comment for a real mess!
- $todb = $tp->toDB($html);
- print_a( $todb);
- $dbg->logTime('tp->toDB');
-
- echo '
$tp->toForm() with toDB input.
';
- print_a( $tp->toForm($todb));
-
- echo '
New Parser
';
- echo '
Processed
';
- $cleaned = $this->cleanHtml($html); // false = don't check html pref.
- print_a($cleaned);
- $dbg->logTime('new Parser');
- // $dbg->logTime('------ End Parser Test -------');
- echo '
Processed & Rendered
';
- echo $cleaned;
-
- echo '
New Parser - Data
';
- echo '
Converted Paths
';
- print_a($this->pathList);
-
- echo '
Removed Tags and Attributes
';
- print_a($this->removedList);
-
- // print_a($p);
- }
-
-
-
/**
* Filters/Validates using the PHP5 filter_var() method.
- * @param $text
- * @param $type string str|int|email|url|w|wds|file
- * @return string | boolean | array
+ * @param string|array $text
+ * @param string $type string str|int|email|url|w|wds|file
+ * @return string|boolean| array
*/
public function filter($text, $type='str', $validate=false)
{
@@ -5460,65 +4977,67 @@ return;
return $text;
}
- if($type === 'w') // words only.
+ switch($type)
{
- return preg_replace('/[^\w]/', '',$text);
+ case "w":
+ $ret = preg_replace('/[^\w]/', '',$text);
+ break;
+
+ case "d":
+ $ret = preg_replace('/[^\d]/', '',$text);
+ break;
+
+ case "wd":
+ $ret = preg_replace('/[^\w\d]/', '',$text);
+ break;
+
+ case "wds":
+ $ret = preg_replace('/[^\w\d ]/', '',$text);
+ break;
+
+ case "file":
+ $ret = preg_replace('/[^\w\d_\.-]/', '-',$text);
+ break;
+
+ case "version":
+ $ret = preg_replace('/[^\d_\.]/', '',$text);
+ break;
+
+ default:
+
+ if($validate == false)
+ {
+ $filterTypes = array(
+ 'int' => FILTER_SANITIZE_NUMBER_INT,
+ 'str' => FILTER_SANITIZE_STRING, // no html.
+ 'email' => FILTER_SANITIZE_EMAIL,
+ 'url' => FILTER_SANITIZE_URL,
+ 'enc' => FILTER_SANITIZE_ENCODED
+ );
+ }
+ else
+ {
+ $filterTypes = array(
+ 'int' => FILTER_VALIDATE_INT,
+ 'email' => FILTER_VALIDATE_EMAIL,
+ 'ip' => FILTER_VALIDATE_IP,
+ 'url' => FILTER_VALIDATE_URL,
+
+ );
+ }
+
+ if(is_array($text))
+ {
+ $ret = filter_var_array($text, $filterTypes[$type]);
+ }
+ else
+ {
+ $ret = filter_var($text, $filterTypes[$type]);
+ }
+
}
- if($type === 'd') // digits only.
- {
- return preg_replace('/[^\d]/', '',$text);
- }
-
- if($type === 'wd') // words and digits only.
- {
- return preg_replace('/[^\w\d]/', '',$text);
- }
-
- if($type === 'wds') // words, digits and spaces only.
- {
- return preg_replace('/[^\w\d ]/', '',$text);
- }
-
- if($type === 'file')
- {
- return preg_replace('/[^\w\d_\.-]/', '-',$text);
- }
-
- if($type === 'version')
- {
- return preg_replace('/[^\d_\.]/', '',$text);
- }
-
- if($validate == false)
- {
- $filterTypes = array(
- 'int' => FILTER_SANITIZE_NUMBER_INT,
- 'str' => FILTER_SANITIZE_STRING, // no html.
- 'email' => FILTER_SANITIZE_EMAIL,
- 'url' => FILTER_SANITIZE_URL,
- 'enc' => FILTER_SANITIZE_ENCODED
- );
- }
- else
- {
- $filterTypes = array(
- 'int' => FILTER_VALIDATE_INT,
- 'email' => FILTER_VALIDATE_EMAIL,
- 'ip' => FILTER_VALIDATE_IP,
- 'url' => FILTER_VALIDATE_URL,
-
- );
- }
-
- if(is_array($text))
- {
- return filter_var_array($text, $filterTypes[$type]);
- }
-
-
- return filter_var($text, $filterTypes[$type]);
-
+ return $ret;
}
diff --git a/e107_plugins/banner/e_shortcode.php b/e107_plugins/banner/e_shortcode.php
index 0960c8381..881f1cebe 100644
--- a/e107_plugins/banner/e_shortcode.php
+++ b/e107_plugins/banner/e_shortcode.php
@@ -23,7 +23,7 @@ class banner_shortcodes extends e_shortcode
// $parm now can be array, old campaign $parm still allowed....
function sc_banner($parm = '')
{
-
+
$sql = e107::getDb();
$tp = e107::getParser();
mt_srand((double) microtime() * 1000000);
diff --git a/e107_plugins/rss_menu/rss.php b/e107_plugins/rss_menu/rss.php
index e97d04561..decdc9f4e 100644
--- a/e107_plugins/rss_menu/rss.php
+++ b/e107_plugins/rss_menu/rss.php
@@ -42,20 +42,10 @@ $tp = e107::getParser();
//require_once(e_PLUGIN.'rss_menu/rss_shortcodes.php');
require_once(e_HANDLER.'userclass_class.php');
-/*
-global $tp;
-if (!is_object($tp->e_bb))
-{
- require_once(e_HANDLER.'bbcode_handler.php');
- $tp->e_bb = new e_bbcode;
-}
-*/
-
// Get language file
e107::includeLan(e_PLUGIN.'rss_menu/languages/'.e_LANGUAGE.'_admin_rss_menu.php');
-
// Query handler
if(!empty($_GET['type']))
{
diff --git a/e107_tests/tests/unit/e_bbcodeTest.php b/e107_tests/tests/unit/e_bbcodeTest.php
index c3612dd9b..fa2180cdf 100644
--- a/e107_tests/tests/unit/e_bbcodeTest.php
+++ b/e107_tests/tests/unit/e_bbcodeTest.php
@@ -27,7 +27,11 @@
$this->assertTrue(false, $e->getMessage());
}
+ $this->bb->__construct();
+
}
+
+
/*
public function testSetClass()
{
@@ -68,12 +72,165 @@
{
}
-
+*/
public function testParseBBCodes()
{
+ $codes = array (
+ '_br' =>
+ array (
+
+ ),
+ 'b' =>
+ array (
+ ),
+ 'alert' => array (
+ 'warning' => array('input'=>'Warning Message', 'expected'=>"
Warning Message
"),
+ ),
+ 'block' =>
+ array (
+ ),
+ 'code' =>
+ array (
+ ),
+ 'glyph' =>
+ array (
+ ),
+ 'h' =>
+ array (
+ ),
+ 'img' =>
+ array (
+ ),
+ 'nobr' =>
+ array (
+ ),
+ 'p' =>
+ array (
+ ),
+ 'video' =>
+ array (
+ ),
+ 'youtube' =>
+ array (
+ ),
+ 'blockquote' =>
+ array (
+ ),
+ 'br' =>
+ array (
+ ),
+ 'center' =>
+ array (
+ ),
+ 'color' =>
+ array (
+ ),
+ 'email' =>
+ array (
+ ),
+ 'file' =>
+ array (
+ ),
+ 'flash' =>
+ array (
+ ),
+ 'hide' =>
+ array (
+ ),
+ 'html' =>
+ array (
+ ),
+ 'i' =>
+ array (
+ ),
+ 'index.html' =>
+ array (
+ ),
+ 'justify' =>
+ array (
+ ),
+ 'left' =>
+ array (
+ ),
+ 'link' => array (
+ // [bbcode=xxxxxx] param [bbcode]xxxxxx[/bbode] expected output
+ 'http://mysite.com external' => array('input'=>'http://mysite.com', 'expected'=>"
http://mysite.com"),
+ 'http://mysite.com rel=external' => array('input'=>'http://mysite.com', 'expected'=>"
http://mysite.com"),
+ 'external' => array('input'=>'http://mysite.com', 'expected'=>"
http://mysite.com"),
+ 'mailto:myemail@email.com' => array('input'=>'My Name', 'expected'=>"
My Name"),
+ 'external=http://mysite.com' => array('input'=>'http://mysite.com', 'expected'=>"
http://mysite.com"),
+ ),
+ 'list' =>
+ array (
+ ),
+ 'quote' =>
+ array (
+ ),
+ 'right' =>
+ array (
+ ),
+ 'sanitised' =>
+ array (
+ ),
+ 'size' =>
+ array (
+ ),
+ 'spoiler' =>
+ array (
+ ),
+ 'stream' =>
+ array (
+ ),
+ 'table' =>
+ array (
+ ),
+ 'tbody' =>
+ array (
+ ),
+ 'td' =>
+ array (
+ ),
+ 'textarea' =>
+ array (
+ ),
+ 'th' =>
+ array (
+ ),
+ 'time' =>
+ array (
+ ),
+ 'tr' =>
+ array (
+ ),
+ 'u' =>
+ array (
+ ),
+ 'url' =>
+ array (
+ ),
+ );
+
+ $ret = [];
+ foreach($codes as $bbcode=>$var)
+ {
+ if(empty($var))
+ {
+ $input = '['.$bbcode.']http://mysite.com[/'.$bbcode.']';
+ $result = $this->bb->parseBBCodes($input, true); // parsing to check for PHP errors.
+ continue;
+ }
+
+ foreach($var as $parms=>$p)
+ {
+ $input2 = '['.$bbcode.'='.$parms.']'.$p['input'].'[/'.$bbcode.']';
+ $result2 = $this->bb->parseBBCodes($input2);
+ $this->assertEquals($p['expected'], $result2);
+ }
+ }
+
}
-
+/*
public function testClearClass()
{
diff --git a/e107_tests/tests/unit/e_parseTest.php b/e107_tests/tests/unit/e_parseTest.php
index 51e15a08f..079da6a3c 100644
--- a/e107_tests/tests/unit/e_parseTest.php
+++ b/e107_tests/tests/unit/e_parseTest.php
@@ -130,6 +130,7 @@ while($row = $sql->fetch())
}
*/
+
public function testParseTemplateWithEnabledCoreShortcodes()
{
$needle = '
';
@@ -1556,6 +1557,7 @@ while($row = $sql->fetch())
4 => array('input' => 'test123 xxx.jpg', 'mode' => 'file', 'expected' => 'test123-xxx.jpg'),
5 => array('input' => '2.1.4 (test)', 'mode' => 'version', 'expected' => '2.1.4'),
6 => array('input' => $url, 'mode'=>'url', 'expected' => $url),
+ 7 => array('input' => array('1', 'xxx'), 'mode'=>'str', 'expected' => array('1', 'xxx')),
);
foreach($tests as $var)