mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-07-31 20:00:37 +02:00
Code Issues Releases Wiki Activity

Removed a method specific to PHP versions earlier than 5.4 . Additional parser tests added.

Browse Source
This commit is contained in:
Cameron
2021-01-18 10:27:41 -08:00
parent 911d41a402
commit 809146ef6a
2 changed files with 134 additions and 154 deletions
Download Patch File Download Diff File Expand all files Collapse all files

197
e107_handlers/e_parse_class.php
View File

@@ -34,12 +34,6 @@ class e_parse
private $pref; // core prefs used in toHTML.
// Profanity filter
private $e_pf;
// Emote filter
private $e_emote;
// 'Hooked' parsers (array)
private $e_hook = array();
@@ -72,8 +66,6 @@ class e_parse
// BBcode that contain preformatted code.
private $preformatted = array('html', 'markdown');
private $bbList = array();
// Set up the defaults
private $e_optDefault = array(
@@ -1549,7 +1541,7 @@ class e_parse
case 'scode':
case 'code' :
$parseBB = false;
$full_text = $this->parseBBcodes('['.$last_bbcode.']'.$code_text.'[/'.$last_bbcode.']', $postID);
$full_text = $this->parseBBCodes('['.$last_bbcode.']'.$code_text.'[/'.$last_bbcode.']', $postID);
break;
}
@@ -1822,135 +1814,15 @@ class e_parse
*/
public function toJSON($var, $force_object = false)
{
// The PHP version cannot change within a request.
static $php530;
if(!isset($php530))
if($force_object === true)
{
$php530 = version_compare(PHP_VERSION, '5.3.0', '>=');
}
if($php530)
{
if($force_object === true)
{
// Encode <, >, ', &, and " using the json_encode() options parameter.
return json_encode($var, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT | JSON_FORCE_OBJECT);
}
// Encode <, >, ', &, and " using the json_encode() options parameter.
return json_encode($var, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT);
return json_encode($var, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT | JSON_FORCE_OBJECT);
}
return $this->toJSONhelper($var);
}
// Encode <, >, ', &, and " using the json_encode() options parameter.
return json_encode($var, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT);
/**
* Encodes a PHP variable to HTML-safe JSON for PHP versions below 5.3.0.
*
* @param mixed $var
* @return string
*/
public function toJSONhelper($var)
{
switch(gettype($var))
{
case 'boolean':
return $var ? 'true' : 'false'; // Lowercase necessary!
case 'integer':
case 'double':
return $var;
case 'resource':
case 'string':
// Always use Unicode escape sequences (\u0022) over JSON escape
// sequences (\") to prevent browsers interpreting these as
// special characters.
$replace_pairs = array(
// ", \ and U+0000 - U+001F must be escaped according to RFC 4627.
'\\' => '\u005C',
'"' => '\u0022',
"\x00" => '\u0000',
"\x01" => '\u0001',
"\x02" => '\u0002',
"\x03" => '\u0003',
"\x04" => '\u0004',
"\x05" => '\u0005',
"\x06" => '\u0006',
"\x07" => '\u0007',
"\x08" => '\u0008',
"\x09" => '\u0009',
"\x0a" => '\u000A',
"\x0b" => '\u000B',
"\x0c" => '\u000C',
"\x0d" => '\u000D',
"\x0e" => '\u000E',
"\x0f" => '\u000F',
"\x10" => '\u0010',
"\x11" => '\u0011',
"\x12" => '\u0012',
"\x13" => '\u0013',
"\x14" => '\u0014',
"\x15" => '\u0015',
"\x16" => '\u0016',
"\x17" => '\u0017',
"\x18" => '\u0018',
"\x19" => '\u0019',
"\x1a" => '\u001A',
"\x1b" => '\u001B',
"\x1c" => '\u001C',
"\x1d" => '\u001D',
"\x1e" => '\u001E',
"\x1f" => '\u001F',
// Prevent browsers from interpreting these as as special.
"'" => '\u0027',
'<' => '\u003C',
'>' => '\u003E',
'&' => '\u0026',
// Prevent browsers from interpreting the solidus as special and
// non-compliant JSON parsers from interpreting // as a comment.
'/' => '\u002F',
// While these are allowed unescaped according to ECMA-262, section
// 15.12.2, they cause problems in some JSON parsers.
"\xe2\x80\xa8" => '\u2028', // U+2028, Line Separator.
"\xe2\x80\xa9" => '\u2029', // U+2029, Paragraph Separator.
);
return '"' . strtr($var, $replace_pairs) . '"';
case 'array':
// Arrays in JSON can't be associative. If the array is empty or if it
// has sequential whole number keys starting with 0, it's not associative
// so we can go ahead and convert it as an array.
if(empty($var) || array_keys($var) === range(0, count($var) - 1))
{
$output = array();
foreach($var as $v)
{
$output[] = $this->toJSONhelper($v);
}
return '[ ' . implode(', ', $output) . ' ]';
}
break;
// Otherwise, fall through to convert the array as an object.
case 'object':
$output = array();
foreach($var as $k => $v)
{
$output[] = $this->toJSONhelper((string) $k) . ':' . $this->toJSONhelper($v);
}
return '{' . implode(', ', $output) . '}';
default:
return 'null';
}
}
@@ -1968,6 +1840,7 @@ class e_parse
{
$text = $this->toHTML($text, true);
$text = strip_tags($text);
}
$text = $this->toEmail($text);
@@ -1981,9 +1854,13 @@ class e_parse
// if CDATA happens to be quoted in the text.
$text = str_replace(['<![CDATA', ']]>'], ['&lt;![CDATA', ']]&gt;'], $text);
if($tags == true && ($text))
if($tags === true)
{
$text = '<![CDATA[' . $text . ']]>';
$text = !empty($text) ? '<![CDATA[' . $text . ']]>' : '';
}
else
{
$text = str_replace(['<','>'],['&lt;','&gt;'], $text);
}
return $text;
@@ -4769,35 +4646,50 @@ class e_parse
return $text;
}
$regex = array(
'w' => '/[^\w]/',
'd' => '/[^\d]/',
'wd' => '/[^\w]/',
'wds' => '/[^\w ]/',
'file' => '/[^\w_\.-]/',
'version' => '/[^\d_\.]/',
);
switch($type)
{
case 'w':
$ret = preg_replace('/[^\w]/', '', $text);
break;
case 'd':
$ret = preg_replace('/[^\d]/', '', $text);
break;
case 'wd':
$ret = preg_replace('/[^\w]/', '', $text);
break;
case 'wds':
$ret = preg_replace('/[^\w ]/', '', $text);
case 'version':
if($validate === true)
{
trigger_error("Unsupported type '".$type."' for validation used in e107::getParser()->filter().", E_USER_WARNING);
}
else
{
$reg = $regex[$type];
$ret = preg_replace($reg, '', $text);
}
break;
case 'file':
$ret = preg_replace('/[^\w_\.-]/', '-', $text);
break;
case 'version':
$ret = preg_replace('/[^\d_\.]/', '', $text);
if($validate === true)
{
trigger_error("Unsupported type '".$type."' used in e107::getParser()->filter().", E_USER_WARNING);
}
else
{
$reg = $regex['file'];
$ret = preg_replace('/[^\w_\.-]/', '-', $text);
}
break;
default:
if($validate == false)
if($validate === false)
{
$filterTypes = array(
'int' => FILTER_SANITIZE_NUMBER_INT,
@@ -4818,6 +4710,11 @@ class e_parse
);
}
if(!isset($filterTypes[$type]))
{
trigger_error("Unsupported type '".$type."' used in e107::getParser()->filter().", E_USER_WARNING);
}
if(is_array($text))
{
$ret = filter_var_array($text, $filterTypes[$type]);

91
e107_tests/tests/unit/e_parseTest.php
View File

@@ -128,12 +128,54 @@ while(&#036;row = &#036;sql-&gt;fetch())
{
}
*/
public function testThumbUrlDecode()
{
$tests = array(
0 => array(
'input' => '/media/img/a400xa500/myimage.jpg',
'expected' => array (
'src' => 'e_MEDIA_IMAGE/myimage.jpg',
'aw' => '400',
'ah' => '500',
)
),
1 => array(
'input' => '/media/img/400x500/myimage2.jpg',
'expected' => array (
'src' => 'e_MEDIA_IMAGE/myimage2.jpg',
'w' => '400',
'h' => '500',
)
),
2 => array(
'input' => '/theme/img/a400xa500/mytheme/myimage.jpg',
'expected' => array (
'src' => 'e_THEME/mytheme/myimage.jpg',
'aw' => '400',
'ah' => '500',
)
),
3 => array(
'input' => '/theme/img/400x500/mytheme/myimage2.jpg',
'expected' => array (
'src' => 'e_THEME/mytheme/myimage2.jpg',
'w' => '400',
'h' => '500',
)
),
);
foreach($tests as $var)
{
$result = $this->tp->thumbUrlDecode($var['input']);
$this->assertSame($var['expected'], $result);
}
}
*/
function testToHTMLModifiers()
{
@@ -981,6 +1023,12 @@ while(&#036;row = &#036;sql-&gt;fetch())
}
// Test with $tags = false;
$html = '<div class="something">One & Two < and > " or \'</div>';
$result = $this->tp->toRss($html);
$this->assertSame("One &amp; Two &lt; and &gt; \" or '", $result);
$valid = $this->isValidXML('<tag>'.$result.'</tag>');
$this->assertTrue($valid);
}
@@ -1004,6 +1052,7 @@ while(&#036;row = &#036;sql-&gt;fetch())
if(!empty($errors))
{
var_dump($errors);
codecept_debug($errors);
}
@@ -2325,6 +2374,8 @@ Your browser does not support the audio tag.
{
$url = 'http://www.domain.com/folder/folder2//1234_1_0.jpg';
// Filter tests.
$tests = array(
0 => array('input' => 'test123 xxx', 'mode' => 'w', 'expected' => 'test123xxx'),
1 => array('input' => 'test123 xxx', 'mode' => 'd', 'expected' => '123'),
@@ -2334,17 +2385,49 @@ Your browser does not support the audio tag.
5 => array('input' => '2.1.4 (test)', 'mode' => 'version', 'expected' => '2.1.4'),
6 => array('input' => $url, 'mode'=>'url', 'expected' => $url),
7 => array('input' => array('1', 'xxx'), 'mode'=>'str', 'expected' => array('1', 'xxx')),
8 => array('input' => 'myemail@email.com', 'mode'=>'email', 'expected' => 'myemail@email.com'),
);
foreach($tests as $var)
foreach($tests as $index=>$var)
{
$result = $this->tp->filter($var['input'],$var['mode']);
$this->assertEquals($var['expected'],$result);
$this->assertEquals($var['expected'],$result, "Failed on index: ".$index);
}
// Validate.
$tests2 = array(
0 => array('input' => 'http://www.domain.com/folder/file.zip', 'mode'=>'url'), // good url
1 => array('input' => 'http:/www.domain.com/folder/file.zip', 'mode'=>'url'), // bad url
2 => array('input' => array('1', 'xxx'), 'mode'=>'int'), // good and bad integer
3 => array('input' => 'myemail@email.com', 'mode'=>'email'), // good email
4 => array('input' => 'bad-email.com', 'mode'=>'email'), // bad email
5 => array('input' => '123.23.123.125', 'mode'=>'ip'), // good ip
6 => array('input' => 'xx.23.123.125', 'mode'=>'ip'), // bad ip
);
$expected2 = array (
0 => 'http://www.domain.com/folder/file.zip',
1 => false,
2 => array ( 1, false),
3 => 'myemail@email.com',
4 => false,
5 => '123.23.123.125',
6 => false,
);
// $ret = [];
foreach($tests2 as $index=>$var)
{
$result = $this->tp->filter($var['input'],$var['mode'], true);
// $ret[$index] = $result;
$this->assertSame($expected2[$index], $result);
}
}
public function testCleanHtml()
{
global $_E107;