rror', '>', '"', ' & '); // Set to TRUE or FALSE once it has been calculated protected $e_highlighting; // Highlight query protected $e_query; private $thumbWidth = 100; private $thumbHeight = 0; private $thumbCrop = 0; private $thumbEncode = 0; private $staticCount = 0; protected $staticUrl; protected $staticUrlMap = []; /** @var array Stored relative paths - used by replaceConstants() */ private $relativePaths = []; // BBcode that contain preformatted code. private $preformatted = array('html', 'markdown'); // Set up the defaults private $e_optDefault = array( // default context: reflects legacy settings (many items enabled) 'context' => 'OLDDEFAULT', // 'fromadmin' => false, // Enable emote display 'emotes' => true, // Convert defines(constants) within text. 'defs' => false, // replace all {e_XXX} constants with their e107 value - 'rel' or 'abs' 'constants' => false, // Enable hooked parsers 'hook' => true, // Allow scripts through (new for 0.8) 'scripts' => true, // Make links clickable 'link_click' => true, // Substitute on clickable links (only if link_click == TRUE) 'link_replace' => true, // Parse shortcodes - TRUE enables parsing 'parse_sc' => false, // remove HTML tags. 'no_tags' => false, // Restore entity form of quotes and such to single characters - TRUE disables 'value' => false, // Line break compression - TRUE removes newline characters 'nobreak' => false, // Retain newlines - wraps to \n instead of
if TRUE (for non-HTML email text etc) 'retain_nl' => false ); // Super modifiers override default option values private $e_SuperMods = array( //text is part of a title (e.g. news title) 'TITLE' => array( 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'emotes' => false, 'defs' => true, 'parse_sc' => true ), 'TITLE_PLAIN' => array( 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'emotes' => false, 'defs' => true, 'parse_sc' => true, 'no_tags' => true ), //text is user-entered (i.e. untrusted) and part of a title (e.g. forum title) 'USER_TITLE' => array( 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'scripts' => false, 'emotes' => false, 'hook' => false ), // text is 'body' of email or similar - being sent 'off-site' so don't rely on server availability 'E_TITLE' => array( 'nobreak' => true, 'retain_nl' => true, 'defs' => true, 'parse_sc' => true, 'emotes' => false, 'scripts' => false, 'link_click' => false ), // text is part of the summary of a longer item (e.g. content summary) 'SUMMARY' => array( 'defs' => true, 'constants' => 'full', 'parse_sc' => true ), // text is the description of an item (e.g. download, link) 'DESCRIPTION' => array( 'defs' => true, 'constants' => 'full', 'parse_sc' => true ), // text is 'body' or 'bulk' text (e.g. custom page body, content body) 'BODY' => array( 'defs' => true, 'constants' => 'full', 'parse_sc' => true ), // text is parsed by the Wysiwyg editor. eg. TinyMce 'WYSIWYG' => array( 'hook' => false, 'link_click' => false, 'link_replace' => false, 'retain_nl' => true ), // text is user-entered (i.e. untrusted)'body' or 'bulk' text (e.g. custom page body, content body) 'USER_BODY' => array( 'constants' => 'full', 'scripts' => false, 'nostrip' => false ), // text is 'body' of email or similar - being sent 'off-site' so don't rely on server availability 'E_BODY' => array( 'defs' => true, 'constants' => 'full', 'parse_sc' => true, 'emotes' => false, 'scripts' => false, 'link_click' => false ), // text is text-only 'body' of email or similar - being sent 'off-site' so don't rely on server availability 'E_BODY_PLAIN' => array( 'defs' => true, 'constants' => 'full', 'parse_sc' => true, 'emotes' => false, 'scripts' => false, 'link_click' => false, 'retain_nl' => true, 'no_tags' => true ), // text is the 'content' of a link (A tag, etc) 'LINKTEXT' => array( 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'emotes' => false, 'hook' => false, 'defs' => true, 'parse_sc' => true ), // text is used (for admin edit) without fancy conversions or html. 'RAWTEXT' => array( 'nobreak' => true, 'retain_nl' => true, 'link_click' => false, 'emotes' => false, 'hook' => false, 'no_tags' => true ), 'NODEFAULT' => array('context' => false, 'fromadmin' => false, 'emotes' => false, 'defs' => false, 'constants' => false, 'hook' => false, 'scripts' => false, 'link_click' => false, 'link_replace' => false, 'parse_sc' => false, 'no_tags' => false, 'value' => false, 'nobreak' => false, 'retain_nl' => false ) ); // Individual modifiers change the current context private $e_Modifiers = array( 'emotes_off' => array('emotes' => false), 'emotes_on' => array('emotes' => true), 'no_hook' => array('hook' => false), 'do_hook' => array('hook' => true), // New for 0.8 'scripts_off' => array('scripts' => false), // New for 0.8 'scripts_on' => array('scripts' => true), 'no_make_clickable' => array('link_click' => false), 'make_clickable' => array('link_click' => true), 'no_replace' => array('link_replace' => false), // Replace text of clickable links (only if make_clickable option set) 'replace' => array('link_replace' => true), // No path replacement 'consts_off' => array('constants' => false), // Relative path replacement 'consts_rel' => array('constants' => 'rel'), // Absolute path replacement 'consts_abs' => array('constants' => 'abs'), // Full path replacement 'consts_full' => array('constants' => 'full'), // No shortcode parsing 'scparse_off' => array('parse_sc' => false), 'scparse_on' => array('parse_sc' => true), // Strip tags 'no_tags' => array('no_tags' => true), // Leave tags 'do_tags' => array('no_tags' => false), 'fromadmin' => array('fromadmin' => true), 'notadmin' => array('fromadmin' => false), // entity replacement 'er_off' => array('value' => false), 'er_on' => array('value' => true), // Decode constant if exists 'defs_off' => array('defs' => false), 'defs_on' => array('defs' => true), 'dobreak' => array('nobreak' => false), 'nobreak' => array('nobreak' => true), // Line break using \n 'lb_nl' => array('retain_nl' => true), // Line break using
'lb_br' => array('retain_nl' => false), // Legacy option names below here - discontinue later 'retain_nl' => array('retain_nl' => true), 'defs' => array('defs' => true), 'parse_sc' => array('parse_sc' => true), 'constants' => array('constants' => 'rel'), 'value' => array('value' => true), 'wysiwyg' => array('wysiwyg' => true) ); /** * @var DOMDocument */ private $domObj; private $isHtml = false; private $bootstrap; private $fontawesome; private $modRewriteMedia; private $removedList = array(); private $nodesToDelete = array(); private $nodesToConvert = array(); private $nodesToDisableSC = array(); private $pathList = array(); private $allowedAttributes = array(); private $badAttrValues = array(); private $replaceAttrValues = array(); private $allowedTags = array(); private $scriptTags = array(); private $scriptAttributes = array(); private $blockTags = array(); private $scriptAccess = false; // nobody. private $replaceVars; private $replaceUnset; /** * Constructor - keep it public for backward compatibility * still some new e_parse() in the core * */ public function __construct() { // initialise the type of UTF-8 processing methods depending on PHP version and mb string extension $this->domObj = new DOMDocument('1.0', 'utf-8'); $this->init(); $this->compileAttributeDefaults(); } /** * @param string $type * @return array */ public function getModifierList($type = '') { if ($type === 'super') { return $this->e_SuperMods; } return $this->e_Modifiers; } /** * Initialise the type of UTF-8 processing methods depending on PHP version and mb string extension. * Note: mb string is required during installation of e107. * NOTE: can't be called until CHARSET is known * but we all know that it is UTF-8 now * * @return void|null */ public function setMultibyte($bool) { if ($bool === false) { $this->multibyte = false; return null; } if (extension_loaded('mbstring')) { $this->multibyte = true; mb_internal_encoding('UTF-8'); } } /** * Returns the length of the given string. * Unicode (UTF-8) analogue of standard @link http://php.net/strlen strlen PHP function. * * @param string $str The UTF-8 encoded string being measured for length. * @return integer The length (amount of UTF-8 characters) of the string on success, and 0 if the string is empty. */ public function ustrlen($str) { if ($this->multibyte) { return mb_strlen($str); } return strlen($str); // return strlen(utf8_decode($str)); } /** * Make a string lowercase. * Unicode (UTF-8) analogue of standard @link http://php.net/strtolower strtolower PHP function. * * @param string $str The UTF-8 encoded string to be lowercased. * @return string Specified string with all alphabetic characters converted to lowercase. */ public function ustrtolower($str) { if ($this->multibyte) { return mb_strtolower($str); } return strtolower($str); } /** * Make a string uppercase. * Unicode (UTF-8) analogue of standard @link http://php.net/strtoupper strtoupper PHP function. * * @param string $str The UTF-8 encoded string to be uppercased. * @return string Specified string with all alphabetic characters converted to uppercase. */ public function ustrtoupper($str) { if ($this->multibyte) { return mb_strtoupper($str); } return strtoupper($str); } /** * Find the position of the first occurrence of a case-sensitive UTF-8 encoded string. * Unicode (UTF-8) analogue of standard @link http://php.net/strpos strpos PHP function. * * Returns the numeric position (offset in amount of UTF-8 characters) * of the first occurrence of needle in the haystack string. * * @param string $haystack The UTF-8 encoded string being searched in. * @param integer $needle The UTF-8 encoded string being searched for. * @param integer $offset [optional] The optional offset parameter allows you to specify which character in haystack to start searching. * The position returned is still relative to the beginning of haystack. * @return integer|boolean Returns the position as an integer. If needle is not found, the function will return boolean FALSE. */ public function ustrpos($haystack, $needle, $offset = 0) { if ($this->multibyte) { return mb_strpos($haystack, $needle, $offset); } return strpos($haystack, $needle, $offset); } /** * Find the position of the last occurrence of a case-sensitive UTF-8 encoded string. * Unicode (UTF-8) analogue of standard @link http://php.net/strrpos strrpos PHP function. * Returns the numeric position (offset in amount of UTF-8 characters) * of the last occurrence of needle in the haystack string. * * @param string $haystack The UTF-8 encoded string being searched in. * @param integer $needle The UTF-8 encoded string being searched for. * @param integer $offset [optional] - The optional offset parameter allows you to specify which character in haystack to start searching. * The position returned is still relative to the beginning of haystack. * @return integer|boolean Returns the position as an integer. If needle is not found, the function will return boolean FALSE. */ public function ustrrpos($haystack, $needle, $offset = 0) { if ($this->multibyte) { return mb_strrpos($haystack, $needle, $offset); } return strrpos($haystack, $needle, $offset); } /** * Returns all of haystack starting from and including the first occurrence of needle to the end. * Unicode (UTF-8) analogue of standard @link http://php.net/stristr stristr PHP function. * * @param string $haystack The UTF-8 encoded string to search in. * @param mixed $needle If needle is not a string, it is converted to an integer and applied as the ordinal value of a character. * @param bool $before_needle [optional] (PHP 5.3+) If TRUE, returns the part of the haystack before the first occurrence of the needle (excluding needle). * @return string Returns the matched substring. If needle is not found, returns FALSE. */ public function ustristr($haystack, $needle, $before_needle = false) { if ($this->multibyte) { return mb_stristr($haystack, $needle, $before_needle); } return stristr($haystack, $needle, $before_needle); } /** * Returns the portion of string specified by the start and length parameters. * Unicode (UTF-8) analogue of standard @link http://php.net/substr substr PHP function. * * NOTE: May be subtle differences in return values dependent on which routine is used. * Native substr() routine can return FALSE. mb_substr() and utf8_substr() just return an empty string. * * @param string $str The UTF-8 encoded string. * @param integer $start Start of portion to be returned. Position is counted in amount of UTF-8 characters from the beginning of str. * First character's position is 0. Second character position is 1, and so on. * @param integer $length [optional] If length is given, the string returned will contain at most length characters beginning from start * (depending on the length of string). If length is omitted, the rest of string from start will be returned. * @return string The extracted UTF-8 encoded part of input string. */ public function usubstr($str, $start, $length = null) { if ($this->multibyte) { return ($length === null) ? mb_substr($str, $start) : mb_substr($str, $start, $length); } return substr($str, $start, $length); } /** * Converts the supplied text (presumed to be from user input) to a format suitable for storing in a database table. * * @param mixed $data * @param boolean $nostrip [optional] Assumes all data is GPC ($_GET, $_POST, $_COOKIE) unless indicate otherwise by setting this var to TRUE. * If magic quotes is enabled on the server and you do not tell toDB() that the data is non GPC then slashes will be stripped when they should not be. * @param boolean $no_encode [optional] This parameter should nearly always be FALSE. It is used by the save_prefs() function to preserve HTML content within prefs even when * the save_prefs() function has been called by a non admin user / user without html posting permissions. * @param boolean|string $mod [optional] model = admin-ui usage. The 'no_html' and 'no_php' modifiers blanket prevent HTML and PHP posting regardless of posting permissions. (used in logging) * The 'pReFs' value is for internal use only, when saving prefs, to prevent sanitisation of HTML. * @param mixed $parm [optional] * @return mixed * @todo complete the documentation of this essential method */ public function toDB($data = null, $nostrip = false, $no_encode = false, $mod = false, $parm = null) { $variableType = gettype($data); if (($variableType !== 'string' && $variableType !== 'array') || $data === '0') { return $data; } if ($variableType === 'array') { $ret = array(); foreach ($data as $key => $var) { //Fix - sanitize keys as well $key = str_replace(['"', "'"], ['"', '''], $key); $ret[$key] = $this->toDB($var, $nostrip, $no_encode, $mod, $parm); } return $ret; } if (MAGIC_QUOTES_GPC === true && $nostrip === false) { $data = stripslashes($data); } $core_pref = e107::getConfig(); if ($mod !== 'pReFs') //XXX We're not saving prefs. { $data = $this->preFilter($data); // used by bb_xxx.php toDB() functions. bb_code.php toDB() allows us to properly bypass HTML cleaning below. $data = $this->cleanHtml($data); // clean it regardless of if it is text or html. (html could have missing closing tags) if (($this->isHtml($data)) && strpos($mod, 'no_html') === false) { $this->isHtml = true; // $data = $this->cleanHtml($data); // sanitize all html. (moved above to include everything) $data = str_replace(array('%7B', '%7D'), array('{', '}'), $data); // fix for {e_XXX} paths. } // else // caused double-encoding of '&' { // $data = str_replace('&','&',$data); // $data = str_replace('<','<',$data); // $data = str_replace('>','>',$data); // $data = str_replace('&','&',$data); } if (!check_class($core_pref->get('post_html', e_UC_MAINADMIN))) { $data = strip_tags($data); // remove tags from cleaned html. $data = str_replace(array('[html]', '[/html]'), '', $data); } // $data = html_entity_decode($data, ENT_QUOTES, 'utf-8'); // Prevent double-entities. Fix for [code] - see bb_code.php toDB(); } if (check_class($core_pref->get('post_html'))) /*$core_pref->is('post_html') && XXX preformecd by cleanHtml() */ { $no_encode = true; } if ($parm !== null && is_numeric($parm) && !check_class($core_pref->get('post_html'), '', $parm)) { $no_encode = false; } if ($no_encode === true && strpos($mod, 'no_html') === false) { $search = array('$', '"', "'", '\\', '', '<'); $data = str_replace($search, $replace, $data); // prevent &gt; etc. $data = htmlspecialchars($data, ENT_QUOTES, 'UTF-8'); $data = str_replace('\\', '\', $data); $ret = preg_replace("/&#(\d*?);/", "&#\\1;", $data); } // XXX - php_bbcode has been deprecated. if ((strpos($mod, 'no_php') !== false) || !check_class($core_pref->get('php_bbcode'))) { $ret = preg_replace("#\[(php)#i", "[\\1", $ret); } // Don't allow hooks to mess with prefs. if ($mod !== 'model') { return $ret; } /** * e_parse hook */ $eParseList = $core_pref->get('e_parse_list'); if (!empty($eParseList)) { $opts = array( 'nostrip' => $nostrip, 'noencode' => $no_encode, 'type' => $parm['type'], 'field' => $parm['field'] ); foreach ($eParseList as $plugin) { $hookObj = e107::getAddon($plugin, 'e_parse'); if ($tmp = e107::callMethod($hookObj, 'toDB', $ret, $opts)) { $ret = $tmp; } } } return $ret; } /** * Check for umatched 'dangerous' HTML tags * (these can destroy page layout where users are able to post HTML) * * @param string $data * @param string $tagList - if empty, uses default list of input tags. Otherwise a CSV list of tags to check (any type) * * @return string TRUE if an unopened closing tag found * FALSE if nothing found * @deprecated */ public function htmlAbuseFilter($data, $tagList = '') { trigger_error('' . __METHOD__ . ' is deprecated. Use $tp->cleanHtml() instead.', E_USER_WARNING); // NO LAN return $data; } /** * @deprecated * Checks a string for potentially dangerous HTML tags, including malformed tags * */ public function dataFilter($data, $mode = 'bbcode') { trigger_error('$tp->dateFilter() is deprecated. Use $tp->filter() instead.', E_USER_WARNING); return $data; } /** * Processes data as needed before its written to the DB. * Currently gives bbcodes the opportunity to do something * * @param $data string - data about to be written to DB * @return string - modified data */ public function preFilter($data) { if (!$this->isBBcode($data)) { return $data; } return e107::getBB()->parseBBCodes($data, defset('USERID'), 'default', 'PRE'); // $postID = logged in user here } /** * Takes a multi-dimensional array and converts the keys to a list of routing paths. * paths are the key and value are the top most key. * * @param array $array * @return array */ public function toRoute($array) { $res = $this->_processRoute($array); $tmp = explode("_#_", $res); $ret = []; foreach ($tmp as $v) { list($k) = explode('/', $v); $ret[$v] = $k; } return $ret; } /** * @param array $array * @param string $prefix * @return string */ private function _processRoute($array, $prefix = '') { $text = []; if (is_array($array)) { foreach ($array as $key => $val) { if ($tag = $this->_processRoute($val, $key . '/')) { $add = $tag; } else { $add = $key; } $text[] = $prefix . $add; } } return implode('_#_', $text); } /** * @param string $text * @return array|string|string[] */ public function toForm($text) { if (empty($text)) // fix - handle proper 0, Space etc values. { return $text; } if (is_string($text) && strpos($text, '[html]') === 0) { // $text = $this->toHTML($text,true); $search = array('"', ''', '\', '&',); // '&' must be last. $replace = array('"', "'", "\\", '&'); // return htmlspecialchars_decode($text); $text = str_replace($search, $replace, $text); // return $text; //$text = htmlentities($text,ENT_NOQUOTES, "UTF-8"); // return $text; } // return htmlentities($text); $search = array('$', '"', '<', '>', '+'); $replace = array('$', '"', '<', '>', '%2B'); $text = str_replace($search, $replace, $text); if (is_string($text) && e107::wysiwyg() !== true) { // fix for utf-8 issue with html_entity_decode(); ??? $text = urldecode($text); // $text = str_replace(" ", " ", $text); } return $text; } /** * @param $text * @return array|string */ public function post_toForm($text) { if (is_array($text)) { $arr = array(); foreach ($text as $key => $value) { $key = $this->post_toForm($key); $arr[$key] = $this->post_toForm($value); } return $arr; } $text = (string) $text; if (MAGIC_QUOTES_GPC == true) { $text = stripslashes($text); } return str_replace(array("'", '"', '<', '>'), array(''', '"', '<', '>'), $text); } /** * @param string $text * @param $original_author * @param string $extra * @param bool $mod * @return string */ public function post_toHTML($text, $original_author = false, $extra = '', $mod = false) { $text = $this->toDB($text, false, false, $mod, $original_author); return $this->toHTML($text, true, $extra); } /** * @param $text - template to parse. * @param boolean $parseSCFiles - parse core 'single' shortcodes * @param object|array $extraCodes - shortcode class containing sc_xxxxx methods or an array of key/value pairs or legacy shortcode content (eg. content within .sc) * @param object $eVars - XXX more info needed. * @return string */ public function parseTemplate($text, $parseSCFiles = true, $extraCodes = null, $eVars = null) { if (!is_bool($parseSCFiles)) { trigger_error('$parseSCFiles in parseTemplate() was given incorrect data'); } return e107::getScParser()->parseCodes($text, $parseSCFiles, $extraCodes, $eVars); } /** * Parses a JSON schema template, processes placeholders, and reconstructs the JSON with optional main entity and extra codes. * * @param string $text The JSON schema template to be parsed. * @param bool $parseSCFiles Whether to enable the parsing of shortcode files. Defaults to true. * @param object|null $extraCodes Optional extra codes object for placeholder parsing. * @param array|null $mainEntity Optional data array to replace the 'mainEntity' structure in the schema. * @return string|false The processed JSON schema string on success, or false if the input JSON is invalid. */ public function parseSchemaTemplate($text, $parseSCFiles = true, $extraCodes = null, $mainEntity = null) { // Initialize the parser $parse = e107::getScParser(); $parse->setMode('schema'); // Set parsing mode for schema // Step 1: Decode the JSON input into an array $jsonArray = json_decode($text, true); // Step 2: Validate JSON decoding if(json_last_error() !== JSON_ERROR_NONE) { error_log('Invalid JSON: ' . json_last_error_msg()); return false; } // Step 3: Recursive function to process the JSON structure $processItems = function (&$item) use (&$processItems, $parse, $parseSCFiles, $extraCodes, $mainEntity) { if(is_array($item)) { // Check if the current item contains 'mainEntity', the target of our processing if(isset($item['mainEntity']) && is_array($mainEntity)) { // Get the first template item from the 'mainEntity' array to use as the structure $schemaTemplate = $item['mainEntity'][0]; $item['mainEntity'] = []; // Reset the 'mainEntity' array to prevent duplication foreach($mainEntity as $dataRow) { // Create a fresh copy of the schema template for this specific dataRow $duplicatedItem = json_decode(json_encode($schemaTemplate), true); // Update the extraCodes for the current data row if(method_exists($extraCodes, 'setVars')) { $extraCodes->setVars($dataRow); // Inject new placeholders from this row } // Process placeholders in the duplicated item foreach($duplicatedItem as &$value) { if(is_string($value) && strpos($value, '{') !== false) { // Parse placeholders for current dataRow $value = $parse->parseCodes($value, $parseSCFiles, $extraCodes); $value = html_entity_decode($value, ENT_QUOTES | ENT_HTML5, 'UTF-8'); $value = strip_tags($value); } elseif(is_array($value)) { // Recursively process arrays (e.g., nested structures) $processItems($value); } } // Append the processed item to the 'mainEntity' array $item['mainEntity'][] = $duplicatedItem; } } else { // Recursively process other parts of the JSON structure foreach($item as &$value) { $processItems($value); } } } elseif(is_string($item)) { // Parse string placeholders, if any if(strpos($item, '{') !== false) { $item = $parse->parseCodes($item, $parseSCFiles, $extraCodes); $item = str_replace('&', '&', $item); $item = html_entity_decode($item, ENT_QUOTES | ENT_HTML5, 'UTF-8'); $item = strip_tags($item); } } }; // Step 4: Initiate processing for the entire JSON structure $processItems($jsonArray); // Reset the parse mode after processing $parse->setMode('default'); // Step 5: Encode the final result back into JSON return json_encode($jsonArray, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_PRETTY_PRINT); } /** * Simple parser * * @param string $template * @param e_vars|array $vars * @param string $replaceUnset string to be used if replace variable is not set, false - don't replace * @return string parsed content */ public function simpleParse($template, $vars, $replaceUnset = '') { $this->replaceVars = $vars; $this->replaceUnset = $replaceUnset; return preg_replace_callback("#\{([\w]+)\}#", array($this, 'simpleReplace'), $template); } /** * @param $tmp * @return mixed|string|null */ protected function simpleReplace($tmp) { $unset = ($this->replaceUnset !== false ? $this->replaceUnset : $tmp[0]); if (is_array($this->replaceVars)) { $this->replaceVars = new e_vars($this->replaceVars); //return ($this->replaceVars[$key] !== null ? $this->replaceVars[$key]: $unset); } $key = $tmp[1]; // PHP7 fix. return (!empty($this->replaceVars) && ($this->replaceVars->$key !== null)) ? $this->replaceVars->$key : $unset; // Doesn't work. } /** * @param $str * @param $width * @param string $break * @param string $nobreak * @param string $nobr * @param false $utf * @return string * @todo find a modern replacement */ public function htmlwrap($str, $width, $break = "\n", $nobreak = 'a', $nobr = 'pre', $utf = false) { /* Pretty well complete rewrite to try and handle utf-8 properly. Breaks each utf-8 'word' every $width characters max. If possible, breaks after 'safe' characters. $break is the character inserted to flag the break. $nobreak is a list of tags within which word wrap is to be inactive */ //TODO handle htmlwrap somehow //return $str; // Don't wrap if non-numeric width $width = (int) $width; // And trap stupid wrap counts if ($width < 6) { return $str; } // Transform protected element lists into arrays $nobreak = explode(' ', strtolower($nobreak)); // Variable setup $innbk = array(); $drain = ''; // List of characters it is "safe" to insert line-breaks at // It is not necessary to add < and > as they are automatically implied $lbrks = "/?!%)-}]\\\"':;&"; // Is $str a UTF8 string? if ($utf || strtolower(CHARSET) === 'utf-8') { // 0x1680, 0x180e, 0x2000-0x200a, 0x2028, 0x205f, 0x3000 are 'non-ASCII' Unicode UCS-4 codepoints - see http://www.unicode.org/Public/UNIDATA/UnicodeData.txt // All convert to 3-byte utf-8 sequences: // 0x1680 0xe1 0x9a 0x80 // 0x180e 0xe1 0xa0 0x8e // 0x2000 0xe2 0x80 0x80 // - // 0x200a 0xe2 0x80 0x8a // 0x2028 0xe2 0x80 0xa8 // 0x205f 0xe2 0x81 0x9f // 0x3000 0xe3 0x80 0x80 $utf8 = 'u'; $whiteSpace = '#([\x20|\x0c]|[\xe1][\x9a][\x80]|[\xe1][\xa0][\x8e]|[\xe2][\x80][\x80-\x8a,\xa8]|[\xe2][\x81][\x9f]|[\xe3][\x80][\x80]+)#'; // Have to explicitly enumerate the whitespace chars, and use non-utf-8 mode, otherwise regex fails on badly formed utf-8 } else { $utf8 = ''; // For non-utf-8, can use a simple match string $whiteSpace = '#(\s+)#'; } // Start of the serious stuff - split into HTML tags and text between $content = preg_split('#(<.*?' . '>)#mis', $str, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); foreach ($content as $value) { if ($value[0] === '<') { // We are within an HTML tag // Create a lowercase copy of this tag's contents $lvalue = strtolower(substr($value, 1, -1)); if ($lvalue) { // Tag of non-zero length // If the first character is not a / then this is an opening tag if ($lvalue[0] !== '/') { // Collect the tag name preg_match("/^(\w*?)(\s|$)/", $lvalue, $t); // If this is a protected element, activate the associated protection flag if (in_array($t[1], $nobreak)) { array_unshift($innbk, $t[1]); } } else { // Otherwise this is a closing tag // If this is a closing tag for a protected element, unset the flag if (in_array(substr($lvalue, 1), $nobreak)) { reset($innbk); foreach ($innbk as $key => $tag) { if (substr($lvalue, 1) == $tag) { unset($innbk[$key]); break; } } $innbk = array_values($innbk); } } } else { // Eliminate any empty tags altogether $value = ''; } // Else if we're outside any tags, and with non-zero length string... } elseif ($value) { // If unprotected... if (!count($innbk)) { // Use the ACK (006) ASCII symbol to replace all HTML entities temporarily $value = str_replace("\x06", '', $value); preg_match_all("/&([a-z\d]{2,7}|#\d{2,5});/i", $value, $ents); $value = preg_replace("/&([a-z\d]{2,7}|#\d{2,5});/i", "\x06", $value); // echo "Found block length ".strlen($value).': '.substr($value,20).'
'; // Split at spaces - note that this will fail if presented with invalid utf-8 when doing the regex whitespace search // $split = preg_split('#(\s)#'.$utf8, $value, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE ); $split = preg_split($whiteSpace, $value, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); $value = ''; foreach ($split as $sp) { // echo "Split length ".strlen($sp).': '.substr($sp,20).'
'; $loopCount = 0; while (strlen($sp) > $width) { // Enough characters that we may need to do something. $pulled = ''; if ($utf8) { // Pull out a piece of the maximum permissible length if (preg_match('#^((?:[\x00-\x7F]|[\xC0-\xFF][\x80-\xBF]+){0,' . $width . '})(.?).*#s', $sp, $matches) == 0) { // Make any problems obvious for now $value .= '[!invalid utf-8: ' . $sp . '!]'; $sp = ''; } elseif (empty($matches[2])) { // utf-8 length is less than specified - treat as a special case $value .= $sp; $sp = ''; } else { // Need to find somewhere to break the string for ($i = strlen($matches[1]) - 1; $i >= 0; $i--) { if (strpos($lbrks, $matches[1][$i]) !== false) { break; } } if ($i < 0) { // No 'special' break character found - break at the word boundary $pulled = $matches[1]; } else { $pulled = substr($sp, 0, $i + 1); } } $loopCount++; if ($loopCount > 20) { // Make any problems obvious for now $value .= '[!loop count exceeded: ' . $sp . '!]'; $sp = ''; } } else { for ($i = min($width, strlen($sp)); $i > 0; $i--) { // No speed advantage to defining match character if (strpos($lbrks, $sp[$i - 1]) !== false) { break; } } if ($i == 0) { // No 'special' break boundary character found - break at the word boundary $pulled = substr($sp, 0, $width); } else { $pulled = substr($sp, 0, $i); } } if ($pulled) { $value .= $pulled . $break; // Shorten $sp by whatever we've processed (will work even for utf-8) $sp = substr($sp, strlen($pulled)); } } // Add in any residue $value .= $sp; } // Put captured HTML entities back into the string foreach ($ents[0] as $ent) { $value = preg_replace("/\x06/", $ent, $value, 1); } } } // Send the modified segment down the drain $drain .= $value; } // Return contents of the drain return $drain; } /** * Universal text/bbcode/html truncate method. * new in v2.3.1 * * @param $text * @param int $length * @param string $ending * @return string */ public function truncate($text, $length = 100, $ending = '...') { if ($this->isHtml($text)) { return $this->html_truncate($text, $length, $ending); } if ($this->isBBcode($text)) { $text = $this->toText($text); } return $this->text_truncate($text, $length, $ending); } /** * @param string $text String to truncate. * @param integer $length Length of returned string, including ellipsis. * @param string $ending It will be used as Ending and appended to the trimmed string. * @param boolean $exact If false, $text will not be cut mid-word * @return string Trimmed string. * @deprecated Soon to be made private. Use $tp->truncate() instead. * CakePHP(tm) : Rapid Development Framework (http://www.cakephp.org) * Copyright 2005-2008, Cake Software Foundation, Inc. (http://www.cakefoundation.org) * * Truncate a HTML string * * Cuts a string to the length of $length and adds the value of $ending if the text is longer than length. */ public function html_truncate($text, $length = 100, $ending = '...', $exact = true) { if ($this->ustrlen(preg_replace('/<.*?>/', '', $text)) <= $length) { return $text; } $totalLength = 0; $openTags = array(); $truncate = ''; preg_match_all('/(<\/?([\w+]+)[^>]*>)?([^<>]*)/', $text, $tags, PREG_SET_ORDER); foreach ($tags as $tag) { if (!$tag[2] || !preg_match('/img|br|input|hr|area|base|basefont|col|frame|isindex|link|meta|param/i', $tag[2])) { if (preg_match('/<[\w]+[^>]*>/', $tag[0])) { array_unshift($openTags, $tag[2]); } elseif (preg_match('/<\/([\w]+)[^>]*>/', $tag[0], $closeTag)) { $pos = array_search($closeTag[1], $openTags); if ($pos !== false) { array_splice($openTags, $pos, 1); } } } $truncate .= $tag[1]; $contentLength = $this->ustrlen(preg_replace('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|&#x[0-9a-f]{1,6};/i', ' ', $tag[3])); if ($contentLength + $totalLength > $length) { $left = $length - $totalLength; $entitiesLength = 0; if (preg_match_all('/&[0-9a-z]{2,8};|&#[0-9]{1,7};|&#x[0-9a-f]{1,6};/i', $tag[3], $entities, PREG_OFFSET_CAPTURE)) { foreach ($entities[0] as $entity) { if ($entity[1] + 1 - $entitiesLength <= $left) { $left--; $entitiesLength += $this->ustrlen($entity[0]); } else { break; } } } $truncate .= $this->usubstr($tag[3], 0, $left + $entitiesLength); break; } $truncate .= $tag[3]; $totalLength += $contentLength; if ($totalLength >= $length) { break; } } if (!$exact) { $spacepos = $this->ustrrpos($truncate, ' '); if (isset($spacepos)) { $bits = $this->usubstr($truncate, $spacepos); preg_match_all('/<\/([a-z]+)>/i', $bits, $droppedTags, PREG_SET_ORDER); if (!empty($droppedTags)) { foreach ($droppedTags as $closingTag) { if (!in_array($closingTag[1], $openTags)) { array_unshift($openTags, $closingTag[1]); } } } $truncate = $this->usubstr($truncate, 0, $spacepos); } } $truncate .= $ending; foreach ($openTags as $tag) { $truncate .= ''; } return $truncate; } /** * @param string $text string to process * @param integer $len length of characters to be truncated * @param string $more string which will be added if truncation * @return string Always returns text. * @deprecated for public use. Will be made private. Use $tp->truncate() instead. * Truncate a string of text to a maximum length $len append the string $more if it was truncated * Uses current CHARSET for utf-8, returns $len characters rather than $len bytes * */ public function text_truncate($text, $len = 200, $more = ' ... ') { if ($this->ustrlen($text) <= $len) { return $text; } if ($this->isBBcode($text) || $this->isHtml($text)) { $text = $this->toText($text); } $text = html_entity_decode($text, ENT_QUOTES, 'utf-8'); if (function_exists('mb_strimwidth')) { return mb_strimwidth($text, 0, $len, $more); } $ret = $this->usubstr($text, 0, $len); // search for possible broken html entities // - if an & is in the last 8 chars, removing it and whatever follows shouldn't hurt // it should work for any characters encoding $leftAmp = $this->ustrrpos($this->usubstr($ret, -8), '&'); if ($leftAmp) { $ret = $this->usubstr($ret, 0, $this->ustrlen($ret) - 8 + $leftAmp); } return $ret . $more; } /** * @param $text * @param $wrap * @return array|string|string[] */ public function textclean($text, $wrap = 100) { $text = str_replace("\n\n\n", "\n\n", $text); $text = $this->htmlwrap($text, $wrap); $text = str_replace(array('
', '
', '
'), '
', $text); /* we can remove any linebreaks added by htmlwrap function as any \n's will be converted later anyway */ return $text; } /** * Test for text highlighting, and determine the text highlighting transformation * @return bool Returns TRUE if highlighting is active for this page display */ public function checkHighlighting() { global $pref; if (!defined('e_SELF')) { // Still in startup, so can't calculate highlighting return false; } if (!isset($this->e_highlighting)) { $this->e_highlighting = false; $shr = (isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''); if ($pref['search_highlight'] && (strpos(e_SELF, 'search.php') === false) && ((strpos($shr, 'q=') !== false) || (strpos($shr, 'p=') !== false))) { $this->e_highlighting = true; if (!isset($this->e_query)) { preg_match('#(q|p)=(.*?)(&|$)#', $shr, $matches); $this->e_query = str_replace(array('+', '*', '"', ' '), array('', '.*?', '', '\b|\b'), trim(urldecode($matches[2]))); } } } return $this->e_highlighting; } /** * Replace text represenation of website urls and email addresses with clickable equivalents. * * @param string $text * @param string $type email|url * @param array $opts options. * $opts = [ * 'sub' => (string) substitute text within links * 'ext' => (bool) load link in new window (not for email) * ] * @return string */ public function makeClickable($text = '', $type = 'email', $opts = array()) { if (empty($text)) { return ''; } $textReplace = (!empty($opts['sub'])) ? $opts['sub'] : ''; if (substr($textReplace, -6) === '.glyph') { $textReplace = $this->toGlyph($textReplace, ''); } switch ($type) { default: case 'email': preg_match_all("#(?:[\n\r ]|^)?([a-z0-9\-_.]+?)@([\w\-]+\.([\w\-\.]+\.)*[\w]+)#i", $text, $match); if (!empty($match[0])) { $srch = array(); $repl = array(); foreach ($match[0] as $eml) { $email = trim($eml); $srch[] = $email; $repl[] = $this->emailObfuscate($email, $textReplace); } $text = str_replace($srch, $repl, $text); } break; case 'url': $linktext = (!empty($textReplace)) ? $textReplace : '$3'; $external = (!empty($opts['ext'])) ? 'target="_blank"' : ''; $text = preg_replace("/(^|[\n \(])([\w]*?)([\w]*?:\/\/[\w]+[^ \,\"\n\r\t<]*)/is", '$1$2' . $linktext . '', $text); $text = preg_replace("/(^|[\n \(])([\w]*?)((www)\.[^ \,\"\t\n\r\)<]*)/is", '$1$2' . $linktext . '', $text); $text = preg_replace("/(^|[\n ])([\w]*?)((ftp)\.[^ \,\"\t\n\r<]*)/is", '$1$2' . $linktext . '', $text); break; } return $text; } /** * @param string $text * @param $postID * @return string */ public function parseBBCodes($text, $postID) { return e107::getBB()->parseBBCodes($text, $postID); } /** * Strips block tags from html. * ie.

etc are removed. * * @param string $html * @return string */ public function stripBlockTags($html) { $diff = array_diff($this->allowedTags, $this->blockTags); $parm = ''; foreach ($diff as $tag) { $parm .= '<' . $tag . '>'; } return strip_tags($html, $parm); } /** * @param $s * @param $allowedattr * @return array|mixed|string|string[] */ public function stripAttributes($s, $allowedattr = array()) { if (preg_match_all("/<[^>]*\\s([^>]*)\\/*>/msiU", $s, $res, PREG_SET_ORDER)) { foreach ($res as $r) { $tag = $r[0]; $attrs = array(); preg_match_all("/\\s.*=(['\"]).*\\1/msiU", " " . $r[1], $split, PREG_SET_ORDER); foreach ($split as $spl) { $attrs[] = $spl[0]; } $newattrs = array(); foreach ($attrs as $a) { $tmp = explode("=", $a); if (trim($a) != "" && (!isset($tmp[1]) || (trim($tmp[0]) != "" && !in_array(strtolower(trim($tmp[0])), $allowedattr)))) { } else { $newattrs[] = $a; } } $attrs = implode(" ", $newattrs); $rpl = str_replace($r[1], $attrs, $tag); $s = str_replace($tag, $rpl, $s); } } return $s; } /** * Converts the text (presumably retrieved from the database) for HTML output. * * @param string $text * @param boolean $parseBB [optional] * @param string $modifiers [optional] TITLE|SUMMARY|DESCRIPTION|BODY|RAW|LINKTEXT etc. * Comma-separated list, no spaces allowed * first modifier must be a CONTEXT modifier, in UPPER CASE. * subsequent modifiers are lower case - see $this->e_Modifiers for possible values * @param mixed $postID [optional] * @param boolean $wrap [optional] * @return string * @todo complete the documentation of this essential method */ public function toHTML($text, $parseBB = false, $modifiers = '', $postID = '', $wrap = false) { if (empty($text) || !is_string($text)) { return $text; } if (empty($this->pref)) // cache the prefs. { $prefsUsed = array('smiley_activate', 'make_clickable', 'link_replace', 'main_wordwrap', 'link_text', 'email_text', 'links_new_window', 'profanity_filter', 'tohtml_hook', 'e_tohtml_list', 'e_parse_list' ); $cfg = e107::getConfig(); foreach ($prefsUsed as $v) { $this->pref[$v] = $cfg->get($v); } } global $fromadmin; // Set default modifiers to start $opts = $this->getModifiers($modifiers); if ($this->isHtml($text)) //BC FIx for when HTML is saved without [html][/html] { $opts['nobreak'] = true; $text = trim($text); if (strpos($text, '[center]') === 0) // quick bc fix TODO Find a better solution. [center][/center] containing HTML. { $text = str_replace(array('[center]', '[/center]'), array("
", '
'), $text); } } $fromadmin = $opts['fromadmin']; // Convert defines(constants) within text. eg. Lan_XXXX - must be the entire text string (i.e. not embedded) // The check for '::' is a workaround for a bug in the Zend Optimiser 3.3.0 and PHP 5.2.4 combination // - causes crashes if '::' in site name if ($opts['defs'] && (strlen($text) < 35) && ((strpos($text, '::') === false) && defined(trim($text)))) { $text = constant(trim($text)); // don't return yet, words could be hooked with linkwords etc. } if ($opts['no_tags']) { $text = strip_tags($text); } /* if(MAGIC_QUOTES_GPC === true) // precaution for badly saved data. { $text = stripslashes($text); } */ // $text = " ".$text; // Now get on with the parsing $ret_parser = ''; $last_bbcode = ''; // So we can change them on each loop $saveOpts = $opts; if ($parseBB == false) { $content = array($text); } else { // Split each text block into bits which are either within one of the 'key' bbcodes, or outside them // (Because we have to match end words, the 'extra' capturing subpattern gets added to output array. We strip it later) $content = preg_split('#(\[(table|html|php|code|scode|hide).*?\[\/(?:\\2)\])#mis', $text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); } // Use $full_text variable so its available to special bbcodes if required foreach ($content as $full_text) { $proc_funcs = true; $convertNL = true; // We may have 'captured' a bbcode word - strip it if so if ($last_bbcode == $full_text) { $last_bbcode = ''; $proc_funcs = false; $full_text = ''; } else { // Set the options for this pass $opts = $saveOpts; // Have to have a good test in case a 'non-key' bbcode starts the block // - so pull out the bbcode parameters while we're there if (($parseBB !== false) && preg_match('#(^\[(table|html|php|code|scode|hide)(.*?)\])(.*?)(\[/\\2\]$)#is', $full_text, $matches)) { $proc_funcs = false; $full_text = ''; $code_text = $matches[4]; // $parm = $matches[3] ? substr($matches[3], 1) : ''; $last_bbcode = $matches[2]; switch ($matches[2]) { case 'php' : $proc_funcs = false; $code_text = ''; break; case 'html' : // This overrides and deprecates html.bb $proc_funcs = true; // $code_text = str_replace("\r\n", " ", $code_text); // $code_text = html_entity_decode($code_text, ENT_QUOTES, CHARSET); // $code_text = str_replace('&','&',$code_text); // validation safe. $html_start = ''; // markers for html-to-bbcode replacement. $html_end = ''; $full_text = str_replace(array('[html]', '[/html]'), '', $code_text); // quick fix.. security issue? $full_text = $this->parseBBCodes($full_text, $postID); // parse any embedded bbcodes eg. [img] $full_text = $this->replaceConstants($full_text, 'abs'); // parse any other paths using {e_.... $full_text = $html_start . $full_text . $html_end; $full_text = $this->parseBBTags($full_text); // strip tags. $opts['nobreak'] = true; $parseBB = false; // prevent further bbcode processing. break; case 'table' : // strip
from inside of $convertNL = false; // break; case 'hide' : $proc_funcs = true; case 'scode': case 'code' : $full_text = $this->parseBBCodes($matches[0], $postID); break; } } } // Do the 'normal' processing - in principle, as previously - but think about the order. if ($proc_funcs && !empty($full_text)) // some more speed { // Split out and ignore any scripts and style blocks. With just two choices we can match the closing tag in the regex $subcon = preg_split('#((?:]+>.*?|tyle[^>]+>.*?))#mis', $full_text, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); foreach ($subcon as $sub_blk) { if (strpos($sub_blk, '\s*[\r]*\n[\r]*#", ">", $sub_blk); } */ // Link substitution // Convert URL's to clickable links, unless modifiers or prefs override $sub_blk = $this->processModifiers($opts, $sub_blk, $convertNL, $parseBB, $modifiers, $postID); $ret_parser .= $sub_blk; } // End of 'normal' processing for a block of text } // End of 'foreach() on each block of non-script text } // End of 'normal' parsing (non-script text) else { // Text block that needed no processing at all $ret_parser .= $full_text; } } // Quick Fix - Remove trailing
on block-level elements (eg. div, pre, table, etc. ) $srch = array(); $repl = array(); foreach ($this->blockTags as $val) { $srch[] = '
'; $repl[] = ''; } $ret_parser = str_replace($srch, $repl, $ret_parser); return trim($ret_parser); } /** * Check if a string begins with a preformatter flag. * * @param $str * @return bool */ private function preformatted($str) { foreach ($this->preformatted as $type) { $code = '[' . $type . ']'; if (strpos($str, $code) === 0) { return true; } } return false; } /** * @param $mixed * @return array|false|string */ public function toUTF8($mixed) { if (is_array($mixed)) { foreach ($mixed as $k => $v) { unset($mixed[$k]); $mixed[$this->toUTF8($k)] = $this->toUTF8($v); } } elseif (is_object($mixed)) { $objVars = get_object_vars($mixed); foreach ($objVars as $key => $value) { $mixed->$key = $this->toUTF8($value); } } elseif (is_string($mixed)) { return iconv('UTF-8', 'UTF-8//IGNORE', mb_convert_encoding($mixed, 'UTF-8', 'ISO-8859-1')); } return $mixed; } /** * @param string $text * @return string */ public function toASCII($text) { $char_map = array( // Latin 'À' => 'A', 'Á' => 'A', 'Â' => 'A', 'Ã' => 'A', 'Ä' => 'A', 'Å' => 'A', 'Æ' => 'AE', 'Ç' => 'C', 'È' => 'E', 'É' => 'E', 'Ê' => 'E', 'Ë' => 'E', 'Ì' => 'I', 'Í' => 'I', 'Î' => 'I', 'Ï' => 'I', 'Ð' => 'D', 'Ñ' => 'N', 'Ò' => 'O', 'Ó' => 'O', 'Ô' => 'O', 'Õ' => 'O', 'Ö' => 'O', 'Ő' => 'O', 'Ø' => 'O', 'Ù' => 'U', 'Ú' => 'U', 'Û' => 'U', 'Ü' => 'U', 'Ű' => 'U', 'Ý' => 'Y', 'Þ' => 'TH', 'ß' => 'ss', 'à' => 'a', 'á' => 'a', 'â' => 'a', 'ã' => 'a', 'ä' => 'a', 'å' => 'a', 'æ' => 'ae', 'ç' => 'c', 'è' => 'e', 'é' => 'e', 'ê' => 'e', 'ë' => 'e', 'ì' => 'i', 'í' => 'i', 'î' => 'i', 'ï' => 'i', 'ð' => 'd', 'ñ' => 'n', 'ò' => 'o', 'ó' => 'o', 'ô' => 'o', 'õ' => 'o', 'ö' => 'o', 'ő' => 'o', 'ø' => 'o', 'ù' => 'u', 'ú' => 'u', 'û' => 'u', 'ü' => 'u', 'ű' => 'u', 'ý' => 'y', 'þ' => 'th', 'ÿ' => 'y', // Latin symbols '©' => '(c)', // Greek 'Α' => 'A', 'Β' => 'B', 'Γ' => 'G', 'Δ' => 'D', 'Ε' => 'E', 'Ζ' => 'Z', 'Η' => 'H', 'Θ' => '8', 'Ι' => 'I', 'Κ' => 'K', 'Λ' => 'L', 'Μ' => 'M', 'Ν' => 'N', 'Ξ' => '3', 'Ο' => 'O', 'Π' => 'P', 'Ρ' => 'R', 'Σ' => 'S', 'Τ' => 'T', 'Υ' => 'Y', 'Φ' => 'F', 'Χ' => 'X', 'Ψ' => 'PS', 'Ω' => 'W', 'Ά' => 'A', 'Έ' => 'E', 'Ί' => 'I', 'Ό' => 'O', 'Ύ' => 'Y', 'Ή' => 'H', 'Ώ' => 'W', 'Ϊ' => 'I', 'Ϋ' => 'Y', 'α' => 'a', 'β' => 'b', 'γ' => 'g', 'δ' => 'd', 'ε' => 'e', 'ζ' => 'z', 'η' => 'h', 'θ' => '8', 'ι' => 'i', 'κ' => 'k', 'λ' => 'l', 'μ' => 'm', 'ν' => 'n', 'ξ' => '3', 'ο' => 'o', 'π' => 'p', 'ρ' => 'r', 'σ' => 's', 'τ' => 't', 'υ' => 'y', 'φ' => 'f', 'χ' => 'x', 'ψ' => 'ps', 'ω' => 'w', 'ά' => 'a', 'έ' => 'e', 'ί' => 'i', 'ό' => 'o', 'ύ' => 'y', 'ή' => 'h', 'ώ' => 'w', 'ς' => 's', 'ϊ' => 'i', 'ΰ' => 'y', 'ϋ' => 'y', 'ΐ' => 'i', // Turkish 'Ş' => 'S', 'İ' => 'I', /*'Ç' => 'C', 'Ü' => 'U', 'Ö' => 'O',*/ 'Ğ' => 'G', 'ş' => 's', 'ı' => 'i', /*'ç' => 'c', 'ü' => 'u', 'ö' => 'o',*/ 'ğ' => 'g', // Russian 'А' => 'A', 'Б' => 'B', 'В' => 'V', 'Г' => 'G', 'Д' => 'D', 'Е' => 'E', 'Ё' => 'Yo', 'Ж' => 'Zh', 'З' => 'Z', 'И' => 'I', 'Й' => 'J', 'К' => 'K', 'Л' => 'L', 'М' => 'M', 'Н' => 'N', 'О' => 'O', 'П' => 'P', 'Р' => 'R', 'С' => 'S', 'Т' => 'T', 'У' => 'U', 'Ф' => 'F', 'Х' => 'H', 'Ц' => 'C', 'Ч' => 'Ch', 'Ш' => 'Sh', 'Щ' => 'Sh', 'Ъ' => '', 'Ы' => 'Y', 'Ь' => '', 'Э' => 'E', 'Ю' => 'Yu', 'Я' => 'Ya', 'а' => 'a', 'б' => 'b', 'в' => 'v', 'г' => 'g', 'д' => 'd', 'е' => 'e', 'ё' => 'yo', 'ж' => 'zh', 'з' => 'z', 'и' => 'i', 'й' => 'j', 'к' => 'k', 'л' => 'l', 'м' => 'm', 'н' => 'n', 'о' => 'o', 'п' => 'p', 'р' => 'r', 'с' => 's', 'т' => 't', 'у' => 'u', 'ф' => 'f', 'х' => 'h', 'ц' => 'c', 'ч' => 'ch', 'ш' => 'sh', 'щ' => 'sh', 'ъ' => '', 'ы' => 'y', 'ь' => '', 'э' => 'e', 'ю' => 'yu', 'я' => 'ya', // Ukrainian 'Є' => 'Ye', 'І' => 'I', 'Ї' => 'Yi', 'Ґ' => 'G', 'є' => 'ye', 'і' => 'i', 'ї' => 'yi', 'ґ' => 'g', // Czech 'Č' => 'C', 'Ď' => 'D', 'Ě' => 'E', 'Ň' => 'N', 'Ř' => 'R', 'Š' => 'S', 'Ť' => 'T', 'Ů' => 'U', 'Ž' => 'Z', 'č' => 'c', 'ď' => 'd', 'ě' => 'e', 'ň' => 'n', 'ř' => 'r', 'š' => 's', 'ť' => 't', 'ů' => 'u', 'ž' => 'z', // Polish 'Ą' => 'A', 'Ć' => 'C', 'Ę' => 'e', 'Ł' => 'L', 'Ń' => 'N', /*'Ó' => 'o',*/ 'Ś' => 'S', 'Ź' => 'Z', 'Ż' => 'Z', 'ą' => 'a', 'ć' => 'c', 'ę' => 'e', 'ł' => 'l', 'ń' => 'n',/* 'ó' => 'o',*/ 'ś' => 's', 'ź' => 'z', 'ż' => 'z', // Latvian 'Ā' => 'A',/* 'Č' => 'C',*/ 'Ē' => 'E', 'Ģ' => 'G', 'Ī' => 'i', 'Ķ' => 'k', 'Ļ' => 'L', 'Ņ' => 'N', /*'Š' => 'S',*/ 'Ū' => 'u', 'ā' => 'a', 'ē' => 'e', 'ģ' => 'g', 'ī' => 'i', 'ķ' => 'k', 'ļ' => 'l', 'ņ' => 'n', 'ū' => 'u', 'ľ' => 'l', 'ŕ' => 'r', 'Ľ' => 'l', ); return str_replace(array_keys($char_map), $char_map, $text); } /** * Use it on html attributes to avoid breaking markup . * * @param string $text * @param bool $pure True to skip the text mutation by {@see e_parse::replaceConstants()} * @example echo "Hello"; */ public function toAttribute($text, $pure = false) { // URLs posted without HTML access may have an & in them. // Xhtml compliance. $text = htmlspecialchars((string) $text, ENT_QUOTES, 'UTF-8'); if (!$pure && !preg_match('/&#|\'|"|<|>/s', $text)) { $text = $this->replaceConstants($text); } return $text; } /** * Build a series of HTML attributes from the provided array * * Because of legacy loose typing client code usages, values that are {@see empty()} will not be added to the * concatenated HTML attribute string except when the key is `value`, the key begins with `data-`, or the value is * a number. * * @param array $attributes Key-value pairs of HTML attributes. The value must not be HTML-encoded. If the value is * boolean true, the value will be set to the key (e.g. `['required' => true]` becomes * "required='required'"). * @param bool $pure True to skip the text mutation by {@see e_parse::replaceConstants()} * @return string The HTML attributes to concatenate inside an HTML tag * @see e_parseTest::testToAttributesMixedPureAndReplaceConstants() for an example of how to use this method */ public function toAttributes($attributes, $pure = false) { $stringifiedAttributes = []; foreach ($attributes as $key => $value) { if ($value === true && (strpos($key, 'data-') !== 0)) { $value = $key; } if (!empty($value) || is_numeric($value) || $key === "value" || strpos($key, 'data-') === 0) { $stringifiedAttributes[] = $key . "='" . $this->toAttribute($value, $pure) . "'"; } } return count($stringifiedAttributes) > 0 ? " " . implode(" ", $stringifiedAttributes) : ""; } /** * Flatten a multi-dimensional associative array with slashes. * * Based on Illuminate\Support\Arr::dot() * * @param $array * @param string $prepend * @return array * @license https://github.com/illuminate/support/blob/master/LICENSE.md MIT License * @copyright Copyright (c) Taylor Otwell */ public static function toFlatArray($array, $prepend = '') { $results = []; foreach ($array as $key => $value) { if (is_array($value) && !empty($value)) { $results = array_merge($results, static::toFlatArray($value, $prepend . $key . '/')); } else { $results[$prepend . $key] = $value; } } return $results; } /** * Convert a flattened slash-delimited multi-dimensional array back into an actual multi-dimensional array * * Inverse of {@link e_parse::toFlatArray()} * * @param $array * @param string $unprepend * @return array */ public static function fromFlatArray($array, $unprepend = '') { $output = []; foreach ($array as $key => $value) { if (!empty($unprepend) && substr($key, 0, strlen($unprepend)) == $unprepend) { $key = substr($key, strlen($unprepend)); } $parts = explode('/', $key); $nested = &$output; while (count($parts) > 1) { $nested = &$nested[array_shift($parts)]; if (!is_array($nested)) $nested = []; } $nested[array_shift($parts)] = $value; } return $output; } /** * Convert text blocks which are to be embedded within JS * * @param string|array $stringarray * @return string * @deprecated v2.3.1 This method will not escape a string properly for use as a JavaScript or JSON string. Use * {@see e_parse::toJSON()} instead. When using {@see e_parse::toJSON()}, do not surround its output * with quotation marks, and do not attempt to escape sequences like "\n" as "\\n". If HTML tags need to * be removed, consider {@see e_parse::toText()} separately. If the text needs to be used in an HTML * tag attribute (e.g. <a onclick="ATTRIBUTE"></a>), surround the string with * {@see e_parse::toAttribute()} and either single-quote or double-quote the attribute value. */ public function toJS($stringarray) { trigger_error('' . __METHOD__ . ' is deprecated. See method DocBlock for alternatives.', E_USER_WARNING); // NO LAN $search = array("\r\n", "\r", '
', "'"); $replace = array("\\n", '', "\\n", "\'"); $stringarray = str_replace($search, $replace, $stringarray); $stringarray = strip_tags($stringarray); $trans_tbl = get_html_translation_table(HTML_ENTITIES); $trans_tbl = array_flip($trans_tbl); return strtr($stringarray, $trans_tbl); } /** * Converts a PHP variable into its JavaScript equivalent. * We use HTML-safe strings, with several characters escaped. * * @param mixed $var * PHP variable. * @param bool $force_object * True: Outputs an object rather than an array when a non-associative * array is used. Especially useful when the recipient of the output * is expecting an object and the array is empty. * * @return string */ public function toJSON($var, $force_object = false) { if ($force_object === true) { // Encode <, >, ', &, and " using the json_encode() options parameter. return json_encode($var, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT | JSON_FORCE_OBJECT); } // Encode <, >, ', &, and " using the json_encode() options parameter. return json_encode($var, JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_AMP | JSON_HEX_QUOT); } /** * Convert Text for RSS/XML use. * * @param string $text * @param boolean $tags [optional] * @return string */ public function toRss($text, $tags = false) { if ($tags != true) { $text = $this->toHTML($text, true); $text = strip_tags($text); } $text = $this->toEmail($text); $search = array('&#039;', '&#036;', ''', '$', e_BASE, "href='request.php", '', ''); $replace = array("'", '$', "'", '$', SITEURL, "href='" . SITEURL . 'request.php', '', ''); $text = str_replace($search, $replace, $text); $text = $this->ampEncode($text); // if CDATA happens to be quoted in the text. $text = str_replace([''], ['<![CDATA', ']]>'], $text); if ($tags === true) { $text = !empty($text) ? '' : ''; } else { $text = str_replace(['<', '>'], ['<', '>'], $text); } return $text; } /** * Convert a string to a number (int/float) * * @param string $value * @return int|float */ public function toNumber($value) { // adapted from: https://secure.php.net/manual/en/function.floatval.php#114486 $dotPos = strrpos($value, '.'); $commaPos = strrpos($value, ','); $sep = (($dotPos > $commaPos) && $dotPos) ? $dotPos : ((($commaPos > $dotPos) && $commaPos) ? $commaPos : false); if (!$sep) { return (int) preg_replace('/[^-0-9]/', '', $value); } return (float) ( preg_replace('/[^-0-9]/', '', substr($value, 0, $sep)) . '.' . preg_replace('/[^0-9]/', '', substr($value, $sep + 1, strlen($value))) ); } /** * Clean and Encode Ampersands '&' for output to browser. * * @param string $text * @return array|string|string[] */ public function ampEncode($text = '') { // Fix any left-over '&' //first revert any previously converted. $text = str_replace(array('&', '&'), array('&', '&'), $text); return $text; } /** * Convert any string back to plain text. * * @param $text * @return array|string|string[] */ public function toText($text) { $text = (string) $text; if ($this->isBBcode($text) === true) // convert any bbcodes to html { $text = $this->toHTML($text, true); } if ($this->isHtml($text) === true) // strip any html. { $text = $this->toHTML($text, true); $text = str_replace("\n", '', $text); // clean-out line-breaks. $text = str_ireplace(array('
', '
', '
'), "\n", $text); $text = strip_tags($text); } $search = array('&#039;', '&#036;', ''', '$', '\', '&#092;'); $replace = array("'", '$', "'", '$', "\\", "\\"); return str_replace($search, $replace, $text); } /** * Set the dimensions of a thumbNail (generated by thumbUrl) */ public function setThumbSize($w = null, $h = null, $crop = null) { if ($w !== null) { $this->thumbWidth = (int) $w; } if ($h !== null) { $this->thumbHeight = (int) $h; } if ($crop !== null) { $this->thumbCrop = (int) $crop; } } /** * @param $val * @return int|null */ public function thumbEncode($val = null) { if ($val !== null) { $this->thumbEncode = (int) $val; return null; } return $this->thumbEncode; } /** * Retrieve img tag width and height attributes for current thumbnail. * * @return string|null */ public function thumbDimensions($type = 'single') { if (!empty($this->thumbCrop) && !empty($this->thumbWidth) && !empty($this->thumbHeight)) // dimensions are known. { return ($type === 'double') ? 'width="' . $this->thumbWidth . '" height="' . $this->thumbHeight . '"' : "width='" . $this->thumbWidth . "' height='" . $this->thumbHeight . "'"; } return null; } /** * Set or Get the value of the thumbNail Width. * * @param $width (optional) */ public function thumbWidth($width = null) { if ($width !== null) { $this->thumbWidth = (int) $width; } return $this->thumbWidth; } /** * Set or Get the value of the thumbNailbCrop. * * @param bool $status = true/false */ public function thumbCrop($status = false) { if ($status !== false) { $this->thumbCrop = (int) $status; } return $this->thumbCrop; } /** * Set or Get the value of the thumbNail height. * * @param $height (optional) */ public function thumbHeight($height = null) { if ($height !== null) { $this->thumbHeight = (int) $height; } return $this->thumbHeight; } /** * Sets a cache file for storing alternate text data for an image. * * @param string $path The file path of the image whose alternate text is being cached. * @param string $value The alternate text value to cache. * @return string|false String or false on failure */ public function setImageAltCacheFile($path, $value) { $cache_str = sha1($path); $pre = 'alt_'; $post = '.cache.txt'; $file = e_CACHE_IMAGE .'alt_' . sha1($path) . '.cache.txt'; if (file_put_contents($file, $value) !== false) { return $file; } return false; } /** * Retrieves the content of the alternative cache file for the specified path if it exists. * * @param string $path The file path to generate the cache filename for. * @return string|null The content of the cache file if it exists, or null if the file does not exist. */ public function getImageAltCacheFile($path) { $file = e_CACHE_IMAGE .'alt_' . sha1($path) . '.cache.txt'; if (file_exists($file)) { return file_get_contents($file); } return null; } /** * Generated a Thumb Cache File Name from path and options. * * @param string $path * @param array $options * @param string $log (optional) - log file name * @return null|string */ public function thumbCacheFile($path, $options = null, $log = null) { if (empty($path)) { return null; } if (is_string($options)) { parse_str($options, $options); } $path = str_replace($this->getUrlConstants('raw'), $this->getUrlConstants('sc'), $path); $path = $this->replaceConstants(str_replace('..', '', $path)); $filename = basename($path); $tmp = explode('.', $filename); $ext = end($tmp); $len = strlen($ext) + 1; $start = substr($filename, 0, -$len); // cleanup. $newOpts = array( 'w' => isset($options['w']) ? (string) intval($options['w']) : '', 'h' => isset($options['h']) ? (string) intval($options['h']) : '', 'aw' => isset($options['aw']) ? (string) intval($options['aw']) : '', 'ah' => isset($options['ah']) ? (string) intval($options['ah']) : '', 'c' => strtoupper(vartrue($options['c'], '0')), ); if (!empty($options['type'])) { $newOpts['type'] = $options['type']; $ext = $newOpts['type']; } if (!empty($options['aw'])) { $options['w'] = $options['aw']; } if (!empty($options['ah'])) { $options['h'] = $options['ah']; } $size = varset($options['w'], 0) . 'x' . varset($options['h'], 0); $thumbQuality = e107::getPref('thumbnail_quality', 65); $cache_str = md5(serialize($newOpts) . $path . $thumbQuality); $pre = 'thumb_'; $post = '.cache.bin'; // $cache_str = http_build_query($newOpts,null,'_'); // testing files. if (defined('e_MEDIA_STATIC')) // experimental - subject to change. { $pre = ''; $post = ''; } $fname = $pre . strtolower($start . '_' . $cache_str . '_' . $size . '.' . $ext) . $post; if ($log !== null) { file_put_contents(e_LOG . $log, "\n++++++++++++++++++++++++++++++++++++++++++++++++++++++++\n\n", FILE_APPEND); $message = 'Name: ' . $fname . "\n"; $message .= $path . "\n" . var_export($newOpts, true) . "\n\n\n"; file_put_contents(e_LOG . $log, $message, FILE_APPEND); // file_put_contents(e_LOG.$log, "\t\tFOUND!!\n\n\n", FILE_APPEND); } return $fname; } /** * @param bool|int $val * @return int */ private function staticCount($val = false) { $count = $this->staticCount; if ($val === 0) { $this->staticCount = 0; } elseif ($val !== false) { $this->staticCount += (int) $val; } return $count; } /** * @param string $path - absolute path or e107 path {e_PLUGIN} etc. * @param array $opts - when $opts['full'] is true, a full siteurl will be used instead of an absolute path. (unless static url is found) * @return string - full path or static path. * @todo Move to e107_class ? */ public function staticUrl($path = null, $opts = array()) { if (empty($this->staticUrl) || deftrue('e_ADMIN_AREA')) { // e107::getDebug()->log("e_HTTP_STATIC not defined"); if ($path === null) { return !empty($opts['full']) ? SITEURL : e_HTTP; } return !empty($opts['full']) ? $this->replaceConstants($path, 'full') : $this->replaceConstants($path, 'abs'); // self::replaceConstants($path, 'full'); } $staticArray = $this->staticUrl; // e_HTTP_STATIC; $path = $this->replaceConstants($path, 'abs'); // replace any {THEME} etc. $key = ltrim(eHelper::dasherize($path), '/'); if (is_array($staticArray)) { if(!empty($this->staticUrlMap[$key])) { $http = $this->staticUrlMap[$key]; } else { $cnt = count($staticArray); $staticCount = $this->staticCount(); if ($staticCount > ($cnt - 1)) { $staticCount = 0; $this->staticCount(0); } $http = !empty($staticArray[$staticCount]) ? $staticArray[$staticCount] : e_HTTP; $this->staticCount(1); } } else { $http = $this->staticUrl; } $this->staticUrlMap[$key] = $http; if (empty($path)) { return $http; } $base = ''; $srch = array( e_PLUGIN_ABS, e_THEME_ABS, e_WEB_ABS, e_CACHE_IMAGE_ABS, ); $repl = array( $http . $base . e107::getFolder('plugins'), $http . $base . e107::getFolder('themes'), $http . $base . e107::getFolder('web'), $http . $base . str_replace('../', '', e_CACHE_IMAGE), ); // Quickfix for any '/./' that may occur. $srch[] = '/./'; $repl[] = '/'; $ret = str_replace($srch, $repl, $path); if (strpos($ret, 'http') !== 0) // if not converted, check media folder also. { $ret = str_replace(e_MEDIA_ABS, $http . $base . e107::getFolder('media'), $ret); } return $ret; } /** * Used internally to store e_HTTP_STATIC. * * @param string|null $url The static URL ie. e_HTTP_STATIC */ public function setStaticUrl($url) { $this->staticUrl = $url; } public function getStaticUrlMap() { return $this->staticUrlMap; } /** * Generate an auto-sized Image URL. * * @param $url - path to image or leave blank for a placeholder. eg. {e_MEDIA}folder/my-image.jpg * @param array $options = [ width and height, but leaving this empty and using $this->thumbWidth() and $this->thumbHeight() is preferred. ie. {SETWIDTH: w=x&y=x} * 'w' => int width (optional) * 'h' => int height (optional) * 'crop' => bool|string true/false or A(auto) or T(op) or B(ottom) or C(enter) or L(eft) or R(right) * 'scale' => string '2x' (optional) * 'x' => bool encode/mask the url parms (optional) * 'nosef' => bool when set to true disabled SEF Url being returned (optional) * ] * @param bool $raw set to true when the $url does not being with an e107 variable ie. "{e_XXXX}" eg. {e_MEDIA} (optional) * @param bool $full when true returns full http:// url. (optional) * ] * @return string */ public function thumbUrl($url = null, $options = array(), $raw = false, $full = false) { $url = (string) $url; $this->staticCount++; // increment counter. $ext = pathinfo($url, PATHINFO_EXTENSION); if ($ext === 'svg') { return $this->replaceConstants($url, 'abs'); } if (strpos($url, '{e_') === 0) // Fix for broken links that use {e_MEDIA} etc. { //$url = $this->replaceConstants($url,'abs'); // always switch to 'nice' urls when SC is used $url = str_replace($this->getUrlConstants('sc'), $this->getUrlConstants('raw'), $url); } if (is_string($options)) { parse_str($options, $options); } if (!empty($options['scale'])) // eg. scale the width height 2x 3x 4x. etc. { $options['return'] = 'src'; $options['size'] = $options['scale']; unset($options['scale']); return $this->thumbSrcSet($url, $options); } if (strpos($url, e_MEDIA) !== false || strpos($url, e_SYSTEM) !== false) // prevent disclosure of 'hashed' path. { $raw = true; } if ($raw) { $url = $this->createConstants($url, 'mix'); } $baseurl = ($full ? SITEURL : e_HTTP) . 'thumb.php?'; if (!empty($this->staticUrl)) { $baseurl = $this->staticUrl() . 'thumb.php?'; } $thurl = 'src=' . urlencode($url) . '&'; // e107::getDebug()->log("Thumb: ".basename($url). print_a($options,true), E107_DBG_BASIC); if (!empty($options) && (isset($options['w']) || isset($options['aw']) || isset($options['h']))) { $options['w'] = varset($options['w']); $options['h'] = varset($options['h']); $options['crop'] = (isset($options['aw']) || isset($options['ah'])) ? 1 : varset($options['crop']); $options['aw'] = varset($options['aw']); $options['ah'] = varset($options['ah']); $options['x'] = varset($options['x']); } else { $options['w'] = $this->thumbWidth; $options['h'] = $this->thumbHeight; $options['crop'] = $this->thumbCrop; $options['aw'] = null; $options['ah'] = null; $options['x'] = $this->thumbEncode; } if (!empty($options['crop'])) { if (!empty($options['aw']) || !empty($options['ah'])) { $options['w'] = $options['aw']; $options['h'] = $options['ah']; } $thurl .= 'aw=' . (int) $options['w'] . '&ah=' . (int) $options['h']; if (!is_numeric($options['crop'])) { $thurl .= '&c=' . $options['crop']; $options['nosef'] = true; } } else { $thurl .= 'w=' . (int) $options['w'] . '&h=' . (int) $options['h']; } if (!empty($options['type'])) { $thurl .= '&type=' . $options['type']; } if (defined('e_MEDIA_STATIC')) // experimental - subject to change. { $opts = str_replace('&', '&', $thurl); $staticFile = $this->thumbCacheFile($url, $opts); if (!empty($staticFile) && is_readable(e_CACHE_IMAGE . $staticFile)) { return $this->staticUrl(e_CACHE_IMAGE_ABS . $staticFile); } // echo "
static-not-found: ".$staticFile; $options['nosef'] = true; $options['x'] = null; // file_put_contents(e_LOG."thumb.log", "\n++++++++++++++++++++++++++++++++++\n\n", FILE_APPEND); } if ($this->modRewriteMedia && empty($options['nosef']))// SEF URL support. { $options['full'] = $full; $options['ext'] = pathinfo($url, PATHINFO_EXTENSION); $options['thurl'] = $thurl; // $options['x'] = $this->thumbEncode(); if ($sefUrl = $this->thumbUrlSEF($url, $options)) { return $sefUrl; } } if (!empty($options['x']))//base64 encode url { $thurl = 'id=' . base64_encode($thurl); } return $baseurl . $thurl; } /** * Split a thumb.php url into an array which can be parsed back into the thumbUrl method. . * * @param $src * @return array */ public function thumbUrlDecode($src) { list($url, $qry) = array_pad(explode('?', $src), 2, null); $ret = array(); if (!empty($qry) && strpos($url, 'thumb.php') !== false) // Regular { parse_str($qry, $val); $ret = $val; } elseif (preg_match('/media\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)/', $url, $match)) // SEF { $wKey = $match[1] . 'w'; $hKey = $match[3] . 'h'; $ret = array( 'src' => 'e_MEDIA_IMAGE/' . $match[5], $wKey => $match[2], $hKey => $match[4] ); } elseif (preg_match('/theme\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)/', $url, $match)) // Theme-image SEF Urls { $wKey = $match[1] . 'w'; $hKey = $match[3] . 'h'; $ret = array( 'src' => 'e_THEME/' . $match[5], $wKey => $match[2], $hKey => $match[4] ); } elseif (defined('TINYMCE_DEBUG')) { print_a('thumbUrlDecode: No Matches'); } return $ret; } /** * Experimental: Generate a Thumb URL for use in the img srcset attribute. * * @param string $src eg. {e_MEDIA_IMAGE}myimage.jpg * @param int|string|array $width - desired size in px or '2x' or '3x' or null for all or array ( * @return string */ public function thumbSrcSet($src = '', $width = null) { $multiply = null; $encode = false; $parm = array(); if (is_array($width)) { $parm = $width; $multiply = $width['size']; $encode = (!empty($width['x'])) ? $width['x'] : false; $width = $width['size']; } // $encode = $this->thumbEncode();; if ($width == null || $width === 'all') { $links = array(); $mag = ($width == null) ? array(1, 2) : array(160, 320, 460, 600, 780, 920, 1100); foreach ($mag as $v) { $w = ($this->thumbWidth * $v); $h = ($this->thumbHeight * $v); $att = (!empty($this->thumbCrop)) ? array('aw' => $w, 'ah' => $h) : compact('w', 'h'); $att['x'] = $encode; $add = ($width == null) ? ' ' . $v . 'x' : ' ' . $v . 'w'; $links[] = $this->thumbUrl($src, $att) . $add; // " w".$width; // } return implode(', ', $links); } elseif ($multiply === '2x' || $multiply === '3x' || $multiply === '4x') { $multiInt = (int) $multiply; if (empty($parm['w']) && isset($parm['h'])) { $parm['h'] = ($parm['h'] * $multiInt); return $this->thumbUrl($src, $parm) . ' ' . $multiply; } if (isset($parm['w']) && !isset($parm['h'])) // if w set, assume h value of 0 is set. { $parm['h'] = 0; } $width = !empty($parm['w']) ? (intval($parm['w']) * $multiInt) : ($this->thumbWidth * $multiInt); $height = isset($parm['h']) ? (intval($parm['h']) * $multiInt) : ($this->thumbHeight * $multiInt); } else { $height = (($this->thumbHeight * $width) / $this->thumbWidth); } if (!isset($parm['aw'])) { $parm['aw'] = null; } if (!isset($parm['ah'])) { $parm['ah'] = null; } if (!isset($parm['x'])) { $parm['x'] = null; } if (!isset($parm['crop'])) { $parm['crop'] = null; } $parms = array('w' => $width, 'h' => $height, 'crop' => $parm['crop'], 'x' => $parm['x'], 'aw' => $parm['aw'], 'ah' => $parm['ah']); if (!empty($parm['type'])) { $parms['type'] = $parm['type']; } // $parms = !empty($this->thumbCrop) ? array('aw' => $width, 'ah' => $height, 'x'=>$encode) : array('w' => $width, 'h' => $height, 'x'=>$encode ); // $parms['x'] = $encode; if (!empty($parm['return']) && $parm['return'] === 'src') { return $this->thumbUrl($src, $parms); } $ret = $this->thumbUrl($src, $parms); $ret .= ($multiply) ? ' ' . $multiply : ' ' . $width . 'w'; return $ret; } /** * Used by thumbUrl when SEF Image URLS is active. @param $url * * @param array $options * @return string * @see e107.htaccess */ public function thumbUrlSEF($url = '', $options = array()) { if (!empty($options['full'])) { $base = SITEURL; } else { $base = (!empty($options['ebase'])) ? '{e_BASE}' : e_HTTP; } if (!empty($this->staticUrl)) { $base = $this->staticUrl(); } // $base = (!empty($options['full'])) ? SITEURL : e_HTTP; if (!empty($options['x']) && !empty($options['ext'])) // base64 encoded. Build URL for: RewriteRule ^media\/img\/([-A-Za-z0-9+/]*={0,3})\.(jpg|gif|png)?$ thumb.php?id=$1 { $ext = strtolower($options['ext']); return $base . 'media/img/' . base64_encode($options['thurl']) . '.' . str_replace('jpeg', 'jpg', $ext); } elseif (strpos($url, 'e_MEDIA_IMAGE') !== false) // media images. { $sefPath = 'media/img/'; $clean = array('{e_MEDIA_IMAGE}', 'e_MEDIA_IMAGE/'); } elseif (strpos($url, 'e_AVATAR') !== false) // avatars { $sefPath = 'media/avatar/'; $clean = array('{e_AVATAR}', 'e_AVATAR/'); } elseif (strpos($url, 'e_THEME') !== false) // theme folder images. { $sefPath = 'theme/img/'; $clean = array('{e_THEME}', 'e_THEME/'); } else { // e107::getDebug()->log("SEF URL False: ".$url); return false; } // Build URL for ReWriteRule ^media\/img\/(a)?([\d]*)x(a)?([\d]*)\/(.*)?$ thumb.php?src=e_MEDIA_IMAGE/$5&$1w=$2&$3h=$4 $sefUrl = $base . $sefPath; if (!empty($options['scale'])) { $multiInt = (int) $options['scale']; $options['w'] = $options['w'] * $multiInt; $options['h'] = $options['h'] * $multiInt; } if (!empty($options['aw']) || !empty($options['ah'])) { $sefUrl .= 'a' . intval($options['aw']) . 'xa' . intval($options['ah']); } elseif (!empty($options['crop'])) { if (!is_numeric($options['crop'])) { $sefUrl .= strtolower($options['crop']) . intval($options['w']) . 'x' . strtolower($options['crop']) . intval($options['h']); } else { $sefUrl .= 'a' . intval($options['w']) . 'xa' . intval($options['h']); } } else { $sefUrl .= intval($options['w']) . 'x' . intval($options['h']); } $sefUrl .= '/'; $sefUrl .= str_replace($clean, '', $url); return $sefUrl; } /** * Help for converting to more safe URLs * e.g. {e_MEDIA_FILE}path/to/video.flv => e_MEDIA_FILE/path/to/video.flv * * @param string $type sc|raw|rev|all * @return array * @todo support for ALL URL shortcodes (replacement methods) */ public function getUrlConstants($type = 'sc') { // sub-folders first! static $array = array( 'e_MEDIA_FILE/' => '{e_MEDIA_FILE}', 'e_MEDIA_VIDEO/' => '{e_MEDIA_VIDEO}', 'e_MEDIA_IMAGE/' => '{e_MEDIA_IMAGE}', 'e_MEDIA_ICON/' => '{e_MEDIA_ICON}', 'e_AVATAR/' => '{e_AVATAR}', 'e_AVATAR_DEFAULT/' => '{e_AVATAR_DEFAULT}', 'e_AVATAR_UPLOAD/' => '{e_AVATAR_UPLOAD}', 'e_WEB_JS/' => '{e_WEB_JS}', 'e_WEB_CSS/' => '{e_WEB_CSS}', 'e_WEB_IMAGE/' => '{e_WEB_IMAGE}', 'e_IMPORT/' => '{e_IMPORT}', // 'e_WEB_PACK/' => '{e_WEB_PACK}', 'e_BASE/' => '{e_BASE}', 'e_ADMIN/' => '{e_ADMIN}', 'e_IMAGE/' => '{e_IMAGE}', 'e_THEME/' => '{e_THEME}', 'e_PLUGIN/' => '{e_PLUGIN}', 'e_HANDLER/' => '{e_HANDLER}', // BC 'e_MEDIA/' => '{e_MEDIA}', 'e_WEB/' => '{e_ADMIN}', // 'THEME/' => '{THEME}', ); switch ($type) { case 'sc': return array_values($array); break; case 'raw': return array_keys($array); break; case 'rev': return array_reverse($array, true); break; case 'all': return $array; break; } return array(); } /** * @return array */ public function getEmotes() { return e107::getEmote()->getList(); } /** * Replace e107 path constants * Note: only an ADMIN user can convert {e_ADMIN} * TODO - runtime cache of search/replace arrays (object property) when $mode !== '' * * @param string $text * @param string $mode [optional] abs|full "full" = produce absolute URL path, e.g. http://sitename.com/e107_plugins/etc * 'abs' = produce truncated URL path, e.g. e107plugins/etc * "" (default) = URL's get relative path e.g. ../e107_plugins/etc * @param mixed $all [optional] if TRUE, then when $mode is "full" or TRUE, USERID is also replaced... * when $mode is "" (default), ALL other e107 constants are replaced * @return string|array */ public function replaceConstants($text, $mode = '', $all = false) { if (is_array($text)) { $new = array(); foreach ($text as $k => $v) { $new[$k] = $this->replaceConstants($v, $mode, $all); } return $new; } $replace_absolute = array(); if (!empty($mode)) { $e107 = e107::getInstance(); if (empty($this->relativePaths)) // prevent multiple lookups. { $this->relativePaths = array( $e107::getFolder('media_files'), $e107::getFolder('media_video'), $e107::getFolder('media_image'), $e107::getFolder('media_icon'), $e107::getFolder('avatars'), $e107::getFolder('web_js'), $e107::getFolder('web_css'), $e107::getFolder('web_image'), //$e107->getFolder('web_pack'), e_IMAGE_ABS, e_THEME_ABS, $e107::getFolder('images'), $e107::getFolder('plugins'), $e107::getFolder('files'), $e107::getFolder('themes'), // $e107->getFolder('downloads'), $e107::getFolder('handlers'), $e107::getFolder('media'), $e107::getFolder('web'), $e107->site_theme ? $e107::getFolder('themes') . $e107->site_theme . '/' : '', defset('THEME_ABS'), (deftrue('ADMIN') ? $e107::getFolder('admin') : ''), '', $e107::getFolder('core'), $e107::getFolder('system'), ); } $replace_relative = $this->relativePaths; switch ($mode) { case 'abs': $replace_absolute = array( e_MEDIA_FILE_ABS, e_MEDIA_VIDEO_ABS, e_MEDIA_IMAGE_ABS, e_MEDIA_ICON_ABS, e_AVATAR_ABS, e_JS_ABS, e_CSS_ABS, e_WEB_IMAGE_ABS, // e_PACK_ABS, e_IMAGE_ABS, e_THEME_ABS, e_IMAGE_ABS, e_PLUGIN_ABS, e_FILE_ABS, e_THEME_ABS, // e_DOWNLOAD_ABS, //impossible when download is done via php. '', // handlers - no ABS path available e_MEDIA_ABS, e_WEB_ABS, defset('THEME_ABS'), defset('THEME_ABS'), (ADMIN ? e_ADMIN_ABS : ''), $e107->server_path, '', // no e_CORE absolute path '', // no e_SYSTEM absolute path ); break; case 'full': $replace_absolute = array( SITEURLBASE . e_MEDIA_FILE_ABS, SITEURLBASE . e_MEDIA_VIDEO_ABS, SITEURLBASE . e_MEDIA_IMAGE_ABS, SITEURLBASE . e_MEDIA_ICON_ABS, SITEURLBASE . e_AVATAR_ABS, SITEURLBASE . e_JS_ABS, SITEURLBASE . e_CSS_ABS, SITEURLBASE . e_WEB_IMAGE_ABS, // SITEURLBASE.e_PACK_ABS, SITEURLBASE . e_IMAGE_ABS, SITEURLBASE . e_THEME_ABS, SITEURLBASE . e_IMAGE_ABS, SITEURLBASE . e_PLUGIN_ABS, SITEURLBASE . e_FILE_ABS, // deprecated SITEURLBASE . e_THEME_ABS, //SITEURL.$e107->getFolder('downloads'), '', // handlers - no ABS path available SITEURLBASE . e_MEDIA_ABS, SITEURLBASE . e_WEB_ABS, defset('THEME_ABS') ? SITEURLBASE . THEME_ABS : '', defset('THEME_ABS') ? SITEURLBASE . THEME_ABS : '', (deftrue('ADMIN') ? SITEURLBASE . e_ADMIN_ABS : ''), SITEURL, '', // no e_CORE absolute path '', // no e_SYSTEM absolute path ); break; } // sub-folders first! $search = array( '{e_MEDIA_FILE}', '{e_MEDIA_VIDEO}', '{e_MEDIA_IMAGE}', '{e_MEDIA_ICON}', '{e_AVATAR}', '{e_WEB_JS}', '{e_WEB_CSS}', '{e_WEB_IMAGE}', // '{e_WEB_PACK}', '{e_IMAGE_ABS}', '{e_THEME_ABS}', '{e_IMAGE}', '{e_PLUGIN}', '{e_FILE}', '{e_THEME}', //,"{e_DOWNLOAD}" '{e_HANDLER}', '{e_MEDIA}', '{e_WEB}', '{THEME}', '{THEME_ABS}', '{e_ADMIN}', '{e_BASE}', '{e_CORE}', '{e_SYSTEM}', ); /*if (ADMIN) { $replace_relative[] = $e107->getFolder('admin'); $replace_absolute[] = SITEURL.$e107->getFolder('admin'); $search[] = "{e_ADMIN}"; }*/ if ($all) { if (USER) { // Can only replace with valid number for logged in users $replace_relative[] = USERID; $replace_absolute[] = USERID; } else { $replace_relative[] = ''; $replace_absolute[] = ''; } $search[] = '{USERID}'; } // current THEME /*if(!defined('THEME')) { //if not already parsed by doReplace $text = str_replace(array('{THEME}', '{THEME_ABS}'), '', $text); } else { $replace_relative[] = THEME; $replace_absolute[] = THEME_ABS; $search[] = "{THEME}"; $replace_relative[] = THEME; $replace_absolute[] = THEME_ABS; $search[] = "{THEME_ABS}"; }*/ $replace = ((string) $mode === 'full' || (string) $mode === 'abs') ? $replace_absolute : $replace_relative; return !empty($text) ? str_replace($search, $replace, $text) : $text; } // $pattern = ($all ? "#\{([A-Za-z_0-9]*)\}#s" : "#\{(e_[A-Z]*)\}#s"); $pattern = ($all ? '#\{([A-Za-z_0-9]*)\}#s' : '#\{(e_[A-Z]*(?:_IMAGE|_VIDEO|_FILE|_CONTENT|_ICON|_AVATAR|_JS|_CSS|_PACK|_DB|_ABS){0,1})\}#s'); $text = preg_replace_callback($pattern, array($this, 'doReplace'), $text); if (!defined('THEME')) { //if not already parsed by doReplace $text = str_replace(array('{THEME}', '{THEME_ABS}'), '', $text); } else { $srch = array('{THEME}', '{THEME_ABS}'); $repl = array(THEME, THEME_ABS); $text = str_replace($srch, $repl, $text); } return $text; } /** * @param array $matches * @return mixed|string */ private function doReplace($matches) { if (defined($matches[1]) && (deftrue('ADMIN') || strpos($matches[1], 'ADMIN') === false)) { return constant($matches[1]); } return $matches[1]; } /** * Create and substitute e107 constants in passed URL * * @param string $url * @param integer $mode 0-folders, 1-relative ('rel'), 2-absolute ('abs'), 3-full ('full') (with domain), 4-absolute & relative ('mix') (combination of 1,2,3) * @return string */ public function createConstants($url, $mode = 0) { //FIXME - create constants for absolute paths and site URL's if (!is_numeric($mode)) { switch ($mode) { case 'rel' : $mode = 1; break; case 'abs' : $mode = 2; break; case 'full' : $mode = 3; break; case 'mix' : $mode = 4; break; case 'nice': $mode = 5; break; } } $e107 = e107::getInstance(); switch ($mode) { case 0: // folder name only. $tmp = array( '{e_MEDIA_FILE}' => $e107::getFolder('media_files'), '{e_MEDIA_VIDEO}' => $e107::getFolder('media_videos'), '{e_MEDIA_IMAGE}' => $e107::getFolder('media_images'), '{e_MEDIA_ICON}' => $e107::getFolder('media_icons'), '{e_AVATAR}' => $e107::getFolder('avatars'), '{e_WEB_JS}' => $e107::getFolder('web_js'), '{e_WEB_CSS}' => $e107::getFolder('web_css'), '{e_WEB_IMAGE}' => $e107::getFolder('web_images'), // '{e_WEB_PACK}' => $e107::getFolder('web_packs'), '{e_IMAGE}' => $e107::getFolder('images'), '{e_PLUGIN}' => $e107::getFolder('plugins'), '{e_FILE}' => $e107::getFolder('files'), '{e_THEME}' => $e107::getFolder('themes'), '{e_DOWNLOAD}' => $e107::getFolder('downloads'), '{e_ADMIN}' => $e107::getFolder('admin'), '{e_HANDLER}' => $e107::getFolder('handlers'), '{e_MEDIA}' => $e107::getFolder('media'), '{e_WEB}' => $e107::getFolder('web'), '{e_UPLOAD}' => $e107::getFolder('uploads'), ); break; case 1: // relative path only $tmp = array( '{e_MEDIA_FILE}' => e_MEDIA_FILE, '{e_MEDIA_VIDEO}' => e_MEDIA_VIDEO, '{e_MEDIA_IMAGE}' => e_MEDIA_IMAGE, '{e_MEDIA_ICON}' => e_MEDIA_ICON, '{e_AVATAR}' => e_AVATAR, '{e_IMPORT}' => e_IMPORT, '{e_WEB_JS}' => e_WEB_JS, '{e_WEB_CSS}' => e_WEB_CSS, '{e_WEB_IMAGE}' => e_WEB_IMAGE, // '{e_WEB_PACK}' => e_WEB_PACK, '{e_IMAGE}' => e_IMAGE, '{e_PLUGIN}' => e_PLUGIN, '{e_FILE}' => e_FILE, '{e_THEME}' => e_THEME, '{e_DOWNLOAD}' => e_DOWNLOAD, '{e_ADMIN}' => e_ADMIN, '{e_HANDLER}' => e_HANDLER, '{e_MEDIA}' => e_MEDIA, '{e_WEB}' => e_WEB, '{e_UPLOAD}' => e_UPLOAD, ); break; case 2: // absolute path only $tmp = array( '{e_MEDIA_FILE}' => e_MEDIA_FILE_ABS, '{e_MEDIA_VIDEO}' => e_MEDIA_VIDEO_ABS, '{e_MEDIA_IMAGE}' => e_MEDIA_IMAGE_ABS, '{e_MEDIA_ICON}' => e_MEDIA_ICON_ABS, '{e_AVATAR}' => e_AVATAR_ABS, '{e_WEB_JS}' => e_JS_ABS, '{e_WEB_CSS}' => e_CSS_ABS, '{e_WEB_IMAGE}' => e_WEB_IMAGE_ABS, // '{e_WEB_PACK}' => e_PACK_ABS, '{e_IMAGE}' => e_IMAGE_ABS, '{e_PLUGIN}' => e_PLUGIN_ABS, '{e_FILE}' => e_FILE_ABS, // deprecated '{e_THEME}' => e_THEME_ABS, '{e_DOWNLOAD}' => e_HTTP . 'request.php?',// FIXME - we need solution! '{e_ADMIN}' => e_ADMIN_ABS, //'{e_HANDLER}' => e_HANDLER_ABS, - no ABS path available '{e_MEDIA}' => e_MEDIA_ABS, '{e_WEB}' => e_WEB_ABS, '{e_BASE}' => e_HTTP, ); break; case 3: // full path (e.g http://domain.com/e107_images/) $tmp = array( '{e_MEDIA_FILE}' => SITEURLBASE . e_MEDIA_FILE_ABS, '{e_MEDIA_VIDEO}' => SITEURLBASE . e_MEDIA_VIDEO_ABS, '{e_MEDIA_IMAGE}' => SITEURLBASE . e_MEDIA_IMAGE_ABS, '{e_MEDIA_ICON}' => SITEURLBASE . e_MEDIA_ICON_ABS, '{e_AVATAR}' => SITEURLBASE . e_AVATAR_ABS, '{e_WEB_JS}' => SITEURLBASE . e_JS_ABS, '{e_WEB_CSS}' => SITEURLBASE . e_CSS_ABS, '{e_WEB_IMAGE}' => SITEURLBASE . e_WEB_IMAGE_ABS, // '{e_WEB_PACK}' => SITEURLBASE.e_PACK_ABS, '{e_IMAGE}' => SITEURLBASE . e_IMAGE_ABS, '{e_PLUGIN}' => SITEURLBASE . e_PLUGIN_ABS, '{e_FILE}' => SITEURLBASE . e_FILE_ABS, // deprecated '{e_THEME}' => SITEURLBASE . e_THEME_ABS, '{e_DOWNLOAD}' => SITEURLBASE . e_HTTP . 'request.php?',// FIXME - we need solution! '{e_ADMIN}' => SITEURLBASE . e_ADMIN_ABS, //'{e_HANDLER}' => e_HANDLER_ABS, - no ABS path available '{e_MEDIA}' => SITEURLBASE . e_MEDIA_ABS, '{e_WEB}' => SITEURLBASE . e_WEB_ABS, '{e_BASE}' => SITEURL, ); break; case 4: // absolute & relative paths $url = $this->createConstants($url, 3); $url = $this->createConstants($url, 2); $url = $this->createConstants($url, 1); return $url; break; case 5: // nice urls - e.g. e_MEDIA_VIDEO/mystream.flv $url = $this->createConstants($url, 4); return str_replace($this->getUrlConstants('sc'), $this->getUrlConstants('raw'), $url); break; default: $tmp = array(); break; } $hasCDN = strpos($url, '//') === 0; foreach ($tmp as $key => $val) { // Fix - don't break the CDN '//cdn.com' URLs if ($hasCDN && $val === '/') { continue; } $len = strlen($val); if (substr($url, 0, $len) == $val) { // replace the first instance only return substr_replace($url, $key, 0, $len); } } return $url; } //FIXME - $match not used? /** * @param $text * @param $match * @return array|string|string[]|null */ public function e_highlight($text, $match) { $tags = array(); preg_match_all('#<[^>]+>#', $text, $tags); $text = preg_replace('#<[^>]+>#', '<|>', $text); $text = preg_replace('#(\b".$match."\b)#i', '\\1', $text); foreach ($tags[0] as $tag) { $text = preg_replace('#<\|>#', $tag, $text, 1); } return $text; } /** * Convert Text to a suitable format for use in emails. eg. relative links will be replaced with full links etc. * * @param string $text * @param boolean $posted - if the text has been posted. (uses stripslashes etc) * @param string $mods - flags for text transformation. */ public function toEmail($text, $posted = '', $mods = 'parse_sc, no_make_clickable') { if ($posted === true) { if (MAGIC_QUOTES_GPC) { $text = stripslashes($text); } $text = preg_replace('#\[(php)#i', '[\\1', $text); } $text = (strtolower($mods) !== 'rawtext') ? $this->replaceConstants($text, 'full') : $text; if ($this->isHtml($text)) { $text = str_replace(array('[html]', '[/html]'), '', $text); $text = html_entity_decode($text, ENT_COMPAT, 'UTF-8'); } else { $text = $this->toHTML($text, true, $mods); } return $text; } /** * Given an email address, returns a link including with obfuscated text. * e-email css in e107.css inserts the user/domain data for display. * * @param string $email * @param string $words [optional] text to display * @param null $subject [optional] default subject for email. * @return string */ public function emailObfuscate($email, $words = null, $subject = null) { if (strpos($email, '@') === false) { return ''; } if ($subject) { $subject = '?subject=' . $subject; } list($name, $address) = explode('@', $email, 2); if (empty($words)) { $words = '@'; $user = "data-user='" . $this->obfuscate($name) . "'"; $dom = "data-dom='" . $this->obfuscate($address) . "'"; } else { $user = ''; $dom = ''; } $url = 'mailto:' . $email . $subject; $safe = $this->obfuscate($url); return "" . $words . ''; } /** * Obfuscate text from bots using Randomized encoding. * * @param $text * @return string */ public function obfuscate($text) { $ret = ''; foreach (str_split($text) as $letter) { switch (mt_rand(1, 3)) { // HTML entity code case 1: $ret .= '&#' . ord($letter) . ';'; break; // Hex character code case 2: $ret .= '&#x' . dechex(ord($letter)) . ';'; break; // Raw (no) encoding case 3: $ret .= $letter; } } return $ret; } /** * @param $name * @return array|e_parse_shortcode|null */ public function __get($name) { switch ($name) { case 'e_sc': $ret = e107::getScParser(); break; default: // trigger_error('$e107->$'.$name.' not defined', E_USER_WARNING); return null; break; } $this->$name = $ret; return $ret; } // Formerly located in e_parser -------------------------- /** * Merge default 'global' attributes into assigned tags. */ private function compileAttributeDefaults() { foreach ($this->allowedAttributes as $tag => $array) { if ($tag === 'default') { continue; } foreach ($this->allowedAttributes['default'] as $def) { $this->allowedAttributes[$tag][] = $def; } } } /** * Used by e_parse to start */ public function init() { if (defined('FONTAWESOME')) { $this->fontawesome = (int) FONTAWESOME; } if (defined('BOOTSTRAP')) { $this->bootstrap = (int) BOOTSTRAP; } $this->modRewriteMedia = deftrue('e_MOD_REWRITE_MEDIA'); if (defined('e_HTTP_STATIC')) { $this->staticUrl = e_HTTP_STATIC; } // Preprocess the supermods to be useful default arrays with all values foreach ($this->e_SuperMods as $key => $val) { // precalculate super defaults $this->e_SuperMods[$key] = array_merge($this->e_optDefault, $this->e_SuperMods[$key]); $this->e_SuperMods[$key]['context'] = $key; } $this->allowedTags = array('html', 'body', 'div', 'a', 'img', 'table', 'tr', 'td', 'th', 'tbody', 'thead', 'colgroup', 'b', 'i', 'pre', 'code', 'strong', 'u', 'em', 'ul', 'ol', 'li', 'img', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'p', 'section', 'article', 'blockquote', 'hgroup', 'aside', 'figure', 'figcaption', 'abbr', 'span', 'audio', 'video', 'source', 'br', 'small', 'caption', 'noscript', 'hr', 'section', 'iframe', 'sub', 'sup', 'cite', 'x-bbcode', 'label', 'dl', 'dt', 'dd', ); $this->scriptTags = array('script', 'applet', 'form', 'input', 'button', 'embed', 'object', 'ins', 'select', 'textarea'); //allowed when $pref['post_script'] is enabled. $this->allowedAttributes = array( 'default' => array('id', 'style', 'class', 'title', 'lang', 'accesskey'), 'img' => array('src', 'alt', 'width', 'height'), 'a' => array('href', 'target', 'rel'), 'script' => array('type', 'src', 'language', 'async'), 'iframe' => array('src', 'frameborder', 'width', 'height', 'allowfullscreen', 'allow'), 'input' => array('type', 'name', 'value'), 'form' => array('action', 'method', 'target'), 'audio' => array('src', 'controls', 'autoplay', 'loop', 'muted', 'preload'), 'video' => array('autoplay', 'controls', 'height', 'loop', 'muted', 'poster', 'preload', 'src', 'width'), 'table' => array('border', 'cellpadding', 'cellspacing'), // BC Fix. 'td' => array('colspan', 'rowspan', 'name', 'bgcolor'), 'th' => array('colspan', 'rowspan'), 'col' => array('span'), 'embed' => array('src', 'wmode', 'type', 'width', 'height'), 'x-bbcode' => array('alt'), 'label' => array('for'), 'source' => array('media', 'sizes', 'src', 'srcset', 'type'), ); $this->scriptAttributes = array('onclick', 'onchange', 'onblur', 'onload', 'onfocus', 'onkeydown', 'onkeypress', 'onkeyup', 'ondblclick', 'onmousedown', 'onmousemove', 'onmouseout', 'onmouseover', 'onmouseup', 'onmousewheel', 'onwheel', 'oncopy', 'oncut', 'onpaste' ); $this->blockTags = array('p', 'pre', 'div', 'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'blockquote'); // element includes its own line-break. $this->badAttrValues = array('javascript[\s]*?:', 'alert\(', 'vbscript[\s]*?:', 'data:text\/html', 'mhtml[\s]*?:', 'data:[\s]*?image'); $this->replaceAttrValues = array( 'default' => array() ); } /** * Add Allowed Tags. * * @param string */ public function addAllowedTag($tag) { $this->allowedTags[] = $tag; } /** * @param $tag - html tag. * @param $attArray - array of attributes. eg. array('style', 'id', 'class') etc. */ public function addAllowedAttribute($tag, $attArray) { $this->allowedAttributes[$tag] = (array) $attArray; } /** * Set Allowed Tags. * * @param $array */ public function setAllowedTags($array = array()) { $this->allowedTags = $array; } /** * Set Script Access * * @param $val int e_UC_MEMBER, e_UC_NOBODY, e_UC_MAINADMIN or userclass number. */ public function setScriptAccess($val) { $this->scriptAccess = $val; } /** * @param array $arr * @return void */ public function setScriptAttibutes($arr) { $this->scriptAttributes = (array) $arr; } /** * @return array */ public function getAllowedTags() { return $this->allowedTags; } /** * @return array */ public function getAllowedAttributes() { return $this->allowedAttributes; } /** * @return bool */ public function getScriptAccess() { return $this->scriptAccess; } /** * @return array */ public function getRemoved() { return $this->removedList; } /** * Set Allowed Attributes. * * @param $array */ public function setAllowedAttributes($array = array()) { $this->allowedAttributes = $array; } /** * Set Script Tags. * * @param $array */ public function setScriptTags($array = array()) { $this->scriptTags = $array; } /** * @param int $version */ public function setFontAwesome($version) { $this->fontawesome = (int) $version; } /** * @param int $version */ public function setBootstrap($version) { $this->bootstrap = (int) $version; } public function setmodRewriteMedia($bool) { $this->modRewriteMedia = (bool) $bool; } /** * Add leading zeros to a number. eg. 3 might become 000003 * * @param $num integer * @param $numDigits - total number of digits * @return string number with leading zeros. */ public function leadingZeros($num, $numDigits) { return (string) sprintf('%0' . $numDigits . 'd', $num); } /** * Generic variable translator for LAN definitions. * * @param string $lan - string LAN or LAN constant. * @param string | array $vals - either a single value, which will replace '[x]' or an array with key=>value pairs. * @return string * @example $tp->lanVars("My name is [x] and I own a [y]", array("John","Cat")); * @example $tp->lanVars("My name is [x] and I own a [y]", array('x'=>"John", 'y'=>"Cat")); */ public function lanVars($lan, $vals, $bold = false) { $lan = defset($lan, $lan); $array = (!is_array($vals)) ? array('x' => $vals) : $vals; $search = array(); $replace = array(); $defaults = array('x', 'y', 'z'); foreach ($array as $k => $v) { if (is_numeric($k)) // convert array of numeric to x,y,z { $k = $defaults[$k]; } $search[] = '[' . $k . ']'; $replace[] = ($bold === true) ? '' . $v . '' : $v; } return str_replace($search, $replace, $lan); } public function lanLink($lan, $url, $options=[]) { $srch =["[", "]"]; $repl = ["", ""]; $text = defset($lan, $lan); return str_replace($srch, $repl, $text); } /** * Return an Array of all specific tags found in an HTML document and their attributes. * * @param $html - raw html code * @param $taglist - comma separated list of tags to search or '*' for all. * @param $header - if the $html includes the html head or body tags - it should be set to true. */ public function getTags($html, $taglist = '*', $header = false) { if ($header == false) { $html = '' . $html . ''; } $doc = $this->domObj; $doc->preserveWhiteSpace = true; libxml_use_internal_errors(true); $doc->loadHTML($html); $tg = explode(',', $taglist); $ret = array(); foreach ($tg as $find) { $tmp = $doc->getElementsByTagName($find); /** * @var $k * @var DOMDocument $node */ foreach ($tmp as $k => $node) { $tag = $node->nodeName; $inner = $node->C14N(); $inner = str_replace(' ', '', $inner); foreach ($node->attributes as $attr) { $name = $attr->nodeName; $value = $attr->nodeValue; $ret[$tag][$k][$name] = $value; } $ret[$tag][$k]['@value'] = $inner; } } if ($header == false) { unset($ret['html'], $ret['body']); } return $ret; } /** * Glyph Embed Method Direct from svg file. * * @param string $cat far|fab|fas * @param string $id eg. fa-search * @param array $parm eg. ['fw'=>true] * @return string|false */ private function toGlyphEmbed($cat, $id, $parm = array()) { $dirs = ['far' => 'regular', 'fab' => 'brands', 'fas' => 'solid']; $path = e_WEB . 'lib/font-awesome/5/svgs/'; $path .= $dirs[$cat] . '/'; $path .= str_replace('fa-', '', $id) . ".svg"; if ($ret = file_get_contents($path)) { $class = 'svg-inline--fa '; $class .= $id; $class .= ' fa-w-16'; $class .= !empty($parm['fw']) ? ' fa-fw' : ''; return str_replace('