mirror/php-htmlpurifier
1
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-08-03 20:58:11 +02:00
Code Issues Releases Wiki Activity

Remove trailing whitespace.

Browse Source 
Signed-off-by: Edward Z. Yang <edwardzyang@thewritingpot.com>
This commit is contained in:
Edward Z. Yang
2008-12-06 02:28:20 -05:00
parent 3a6b63dff1
commit 2c955af135
476 changed files with 5595 additions and 5547 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
plugins/phorum/htmlpurifier.php
View File

@@ -2,21 +2,21 @@
/**
* HTML Purifier Phorum Mod. Filter your HTML the Standards-Compliant Way!
*
*
* This Phorum mod enables users to post raw HTML into Phorum. But never
* fear: with the help of HTML Purifier, this HTML will be beat into
* de-XSSed and standards-compliant form, safe for general consumption.
* It is not recommended, but possible to run this mod in parallel
* with other formatters (in short, please DISABLE the BBcode mod).
*
*
* For help migrating from your previous markup language to pure HTML
* please check the migrate.bbcode.php file.
*
*
* If you'd like to use this with a WYSIWYG editor, make sure that
* editor sets $PHORUM['mod_htmlpurifier']['wysiwyg'] to true. Otherwise,
* administrators who need to edit other people's comments may be at
* risk for some nasty attacks.
*
*
* Tested with Phorum 5.2.6.
*/
@@ -31,29 +31,29 @@
function phorum_htmlpurifier_format($data)
{
$PHORUM = $GLOBALS["PHORUM"];
$purifier =& HTMLPurifier::getInstance();
$cache_serial = $PHORUM['mod_htmlpurifier']['body_cache_serial'];
foreach($data as $message_id => $message){
if(isset($message['body'])) {
if ($message_id) {
// we're dealing with a real message, not a fake, so
// there a number of shortcuts that can be taken
if (isset($message['meta']['htmlpurifier_light'])) {
// format hook was called outside of Phorum's normal
// functions, do the abridged purification
$data[$message_id]['body'] = $purifier->purify($message['body']);
continue;
}
if (!empty($PHORUM['args']['purge'])) {
// purge the cache, must be below the following if
unset($message['meta']['body_cache']);
}
if (
isset($message['meta']['body_cache']) &&
isset($message['meta']['body_cache_serial']) &&
@@ -64,11 +64,11 @@ function phorum_htmlpurifier_format($data)
continue;
}
}
// migration might edit this array, that's why it's defined
// so early
$updated_message = array();
// create the $body variable
if (
$message_id && // message must be real to migrate
@@ -94,28 +94,28 @@ function phorum_htmlpurifier_format($data)
$body = str_replace(array('&lt;','&gt;','&amp;', '&quot;'), array('<','>','&','"'), $body);
}
}
$body = $purifier->purify($body);
// dynamically update the cache (MUST BE DONE HERE!)
// this is inefficient because it's one db call per
// cache miss, but once the cache is in place things are
// a lot zippier.
if ($message_id) { // make sure it's not a fake id
$updated_message['meta'] = $message['meta'];
$updated_message['meta']['body_cache'] = base64_encode($body);
$updated_message['meta']['body_cache_serial'] = $cache_serial;
phorum_db_update_message($message_id, $updated_message);
}
// must not get overloaded until after we cache it, otherwise
// we'll inadvertently change the original text
$data[$message_id]['body'] = $body;
}
}
return $data;
}
@@ -201,16 +201,16 @@ function phorum_htmlpurifier_quote($array) {
* @credits <http://secretsauce.phorum.org/snippets/make_bbcode_last_formatter.php.txt>
*/
function phorum_htmlpurifier_common() {
require_once(dirname(__FILE__).'/htmlpurifier/HTMLPurifier.auto.php');
require(dirname(__FILE__).'/init-config.php');
$config = phorum_htmlpurifier_get_config();
HTMLPurifier::getInstance($config);
// increment revision.txt if you want to invalidate the cache
$GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial();
// load migration
if (file_exists(dirname(__FILE__) . '/migrate.php')) {
include(dirname(__FILE__) . '/migrate.php');
@@ -220,12 +220,12 @@ function phorum_htmlpurifier_common() {
how to migrate from your previous markup language.';
exit;
}
if (!function_exists('phorum_htmlpurifier_migrate')) {
// Dummy function
function phorum_htmlpurifier_migrate($data) {return $data;}
}
}
/**

2
plugins/phorum/htmlpurifier/LICENSE
View File

@@ -146,7 +146,7 @@ such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an

4
plugins/phorum/migrate.bbcode.php
View File

@@ -3,11 +3,11 @@
/**
* This file is responsible for migrating from a specific markup language
* like BBCode or Markdown to HTML. WARNING: THIS PROCESS IS NOT REVERSIBLE
*
*
* Copy this file to 'migrate.php' and it will automatically work for
* BBCode; you may need to tweak this a little to get it to work for other
* languages (usually, just replace the include name and the function name).
*
*
* If you do NOT want to have any migration performed (for instance, you
* are installing the module on a new forum with no posts), simply remove
* phorum_htmlpurifier_migrate() function. You still need migrate.php

26
plugins/phorum/settings/form.php
View File

@@ -5,11 +5,11 @@ function phorum_htmlpurifier_show_form() {
phorum_htmlpurifier_show_config_info();
return;
}
global $PHORUM;
$config = phorum_htmlpurifier_get_config();
$frm = new PhorumInputForm ("", "post", "Save");
$frm->hidden("module", "modsettings");
$frm->hidden("mod", "htmlpurifier"); // this is the directory name that the Settings file lives in
@@ -17,38 +17,38 @@ function phorum_htmlpurifier_show_form() {
if (!empty($error)){
echo "$error<br />";
}
$frm->addbreak("Edit settings for the HTML Purifier module");
$frm->addMessage('<p>The box below sets <code>$PHORUM[\'mod_htmlpurifier\'][\'wysiwyg\']</code>.
When checked, contents sent for edit are now purified and the
informative message is disabled. If your WYSIWYG editor is disabled for
admin edits, you can safely keep this unchecked.</p>');
$frm->addRow('Use WYSIWYG?', $frm->checkbox('wysiwyg', '1', '', $PHORUM['mod_htmlpurifier']['wysiwyg']));
$frm->addMessage('<p>The box below sets <code>$PHORUM[\'mod_htmlpurifier\'][\'suppress_message\']</code>,
which removes the big how-to use
HTML Purifier message.</p>');
$frm->addRow('Suppress information?', $frm->checkbox('suppress_message', '1', '', $PHORUM['mod_htmlpurifier']['suppress_message']));
$frm->addMessage('<p>Click on directive links to read what each option does
(links do not open in new windows).</p>
<p>For more flexibility (for instance, you want to edit the full
range of configuration directives), you can create a <tt>config.php</tt>
file in your <tt>mods/htmlpurifier/</tt> directory. Doing so will,
however, make the web configuration interface unavailable.</p>');
require_once 'HTMLPurifier/Printer/ConfigForm.php';
$htmlpurifier_form = new HTMLPurifier_Printer_ConfigForm('config', 'http://htmlpurifier.org/live/configdoc/plain.html#%s');
$htmlpurifier_form->setTextareaDimensions(23, 7); // widen a little, since we have space
$frm->addMessage($htmlpurifier_form->render(
$config, $PHORUM['mod_htmlpurifier']['directives'], false));
$frm->addMessage("<strong>Warning: Changing HTML Purifier's configuration will invalidate
the cache. Expect to see a flurry of database activity after you change
any of these settings.</strong>");
$frm->addrow('Reset to defaults:', $frm->checkbox("reset", "1", "", false));
// hack to include extra styling
@@ -57,16 +57,16 @@ function phorum_htmlpurifier_show_form() {
</style>';
$js = $htmlpurifier_form->getJavaScript();
echo '<script type="text/javascript">'."<!--\n$js\n//-->".'</script>';
$frm->show();
}
function phorum_htmlpurifier_show_config_info() {
global $PHORUM;
// update mod_htmlpurifier for housekeeping
phorum_htmlpurifier_commit_settings();
// politely tell user how to edit settings manually
?>
<div class="input-form-td-break">How to edit settings for HTML Purifier module</div>

2
plugins/phorum/settings/migrate-sigs-form.php
View File

@@ -1,7 +1,7 @@
<?php
function phorum_htmlpurifier_show_migrate_sigs_form() {
$frm = new PhorumInputForm ('', "post", "Migrate");
$frm->hidden("module", "modsettings");
$frm->hidden("mod", "htmlpurifier");

12
plugins/phorum/settings/migrate-sigs.php
View File

@@ -19,14 +19,14 @@ function phorum_htmlpurifier_migrate_sigs_check() {
function phorum_htmlpurifier_migrate_sigs($offset) {
global $PHORUM;
if(!$offset) return; // bail out quick if $offset == 0
// theoretically, we could get rid of this multi-request
// doo-hickery if safe mode is off
@set_time_limit(0); // attempt to let this run
$increment = $PHORUM['mod_htmlpurifier']['migrate-sigs-increment'];
require_once(dirname(__FILE__) . '/../migrate.php');
// migrate signatures
// do this in batches so we don't run out of time/space
@@ -51,13 +51,13 @@ function phorum_htmlpurifier_migrate_sigs($offset) {
}
}
unset($userinfos); // free up memory
// query for highest ID in database
$type = $PHORUM['DBCONFIG']['type'];
$sql = "select MAX(user_id) from {$PHORUM['user_table']}";
$row = phorum_db_interact(DB_RETURN_ROW, $sql);
$top_id = (int) $row[0];
$offset += $increment;
if ($offset > $top_id) { // test for end condition
echo 'Migration finished';
@@ -71,5 +71,5 @@ function phorum_htmlpurifier_migrate_sigs($offset) {
// relies on output buffering to work
header("Location: http://$host$uri/$extra");
exit;
}