mirror/php-phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-05-08 08:35:31 +02:00
Code Issues Releases Wiki Activity

Added: admin definable bbcodes

Browse Source 
Changed: preg references, use the prefered $n form instead of the old \\n one
Fixed: tweaked PHP highlightning a little


git-svn-id: file:///svn/phpbb/trunk@4453 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Ludovic Arnaud 2003-08-28 20:50:20 +00:00
parent 2bbeda86c2
commit d80f50eb90
3 changed files with 608 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

416
phpBB/adm/admin_bbcodes.php Normal file
View File

@ -0,0 +1,416 @@
<?php
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : admin_bbcodes.php
// STARTED : Wed Aug 20, 2003
// COPYRIGHT : © 2001, 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
if (!empty($setmodules))
{
if (!$auth->acl_get('a_bbcode'))
{
return;
}
$filename = basename(__FILE__);
$module['POST']['BBCODES'] = $filename . $SID;
return;
}
define('IN_PHPBB', 1);
// Include files
$phpbb_root_path = '../';
$phpEx = substr(strrchr(__FILE__, '.'), 1);
require('pagestart.' . $phpEx);
// Do we have general permissions?
if (!$auth->acl_get('a_bbcode'))
{
trigger_error($user->lang['NO_ADMIN']);
}
// Set up general vars
$mode = (!empty($_REQUEST['mode'])) ? $_REQUEST['mode'] : '';
$bbcode_id = (!empty($_REQUEST['bbcode'])) ? intval($_REQUEST['bbcode']) : 0;
// Set up mode-specific vars
switch ($mode)
{
case 'add':
$bbcode_match = $bbcode_tpl = '';
break;
case 'edit':
$sql = 'SELECT bbcode_match, bbcode_tpl
FROM ' . BBCODES_TABLE . '
WHERE bbcode_id = ' . $bbcode_id;
$result = $db->sql_query($sql);
if (!$row = $db->sql_fetchrow($result))
{
trigger_error('BBCODE_NOT_EXIST');
}
$bbcode_match = $row['bbcode_match'];
$bbcode_tpl = htmlspecialchars($row['bbcode_tpl']);
break;
case 'modify':
$sql = 'SELECT bbcode_id
FROM ' . BBCODES_TABLE . '
WHERE bbcode_id = ' . $bbcode_id;
$result = $db->sql_query($sql);
if (!$row = $db->sql_fetchrow($result))
{
trigger_error('BBCODE_NOT_EXIST');
}
// No break here
case 'create':
$bbcode_match = htmlspecialchars(stripslashes($_POST['bbcode_match']));
$bbcode_tpl = stripslashes($_POST['bbcode_tpl']);
break;
}
// Do major work
switch ($mode)
{
case 'edit':
case 'add':
adm_page_header($user->lang['BBCODES']);
?>
<h1><?php echo $user->lang['BBCODES'] ?></h1>
<p><?php echo $user->lang['BBCODES_EXPLAIN'] ?></p>
<form method="post" action="admin_bbcodes.<?php echo $phpEx . $SID . '&amp;mode=' . (($mode == 'add') ? 'create' : 'modify') . (($bbcode_id) ? "&amp;bbcode=$bbcode_id" : '') ?>">
<table cellspacing="1" cellpadding="0" border="0" align="center" width="90%">
<tr>
<td><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $user->lang['BBCODE_USAGE'] ?></th>
</tr>
<tr>
<td class="row3" colspan="2"><?php echo $user->lang['BBCODE_USAGE_EXPLAIN'] ?></td>
</tr>
<tr valign="top">
<td class="row1" width="40%"><b><?php echo $user->lang['EXAMPLES'] ?></b><br /><br /><?php echo $user->lang['BBCODE_USAGE_EXAMPLE'] ?></td>
<td class="row2"><textarea name="bbcode_match" cols="60" rows="5"><?php echo $bbcode_match ?></textarea></td>
</tr>
</table></td>
</tr>
</table>
<br clear="all" />
<table cellspacing="1" cellpadding="0" border="0" align="center" width="90%">
<tr>
<td><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $user->lang['HTML_REPLACEMENT'] ?></th>
</tr>
<tr>
<td class="row3" colspan="2"><?php echo $user->lang['HTML_REPLACEMENT_EXPLAIN'] ?></td>
</tr>
<tr valign="top">
<td class="row1" width="40%"><b><?php echo $user->lang['EXAMPLES'] ?></b><br /><br /><?php echo $user->lang['HTML_REPLACEMENT_EXAMPLE'] ?></td>
<td class="row2"><textarea name="bbcode_tpl" cols="60" rows="8"><?php echo $bbcode_tpl ?></textarea></td>
</tr>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" value="<?php echo $user->lang['SUBMIT'] ?>" class="btnmain" /></td>
</tr>
</table></td>
</tr>
</table>
<br clear="all" />
<table cellspacing="1" cellpadding="0" border="0" align="center" width="90%">
<tr>
<td><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th colspan="2"><?php echo $user->lang['TOKENS'] ?></th>
</tr>
<tr>
<td class="row3" colspan="2"><?php echo $user->lang['TOKENS_EXPLAIN'] ?></td>
</tr>
<tr>
<th><?php echo $user->lang['TOKEN'] ?></th>
<th><?php echo $user->lang['TOKEN_DEFINITION'] ?></th>
</tr>
<?php
foreach ($user->lang['tokens'] as $token => $token_explain)
{
?><tr valign="top">
<td class="row1">{<?php echo $token ?>}</td>
<td class="row2"><?php echo $token_explain ?></td>
</tr><?php
}
?>
</table></td>
</tr>
</table>
</form>
<?php
adm_page_footer();
break;
case 'modify':
case 'create':
adm_page_header($user->lang['BBCODES']);
$data = build_regexp($bbcode_match, $bbcode_tpl);
$sql_ary = array(
'bbcode_tag' => $data['bbcode_tag'],
'bbcode_match' => $bbcode_match,
'bbcode_tpl' => $bbcode_tpl,
'first_pass_match' => $data['first_pass_match'],
'first_pass_replace' => $data['first_pass_replace'],
'second_pass_match' => $data['second_pass_match'],
'second_pass_replace' => $data['second_pass_replace']
);
if ($mode == 'create')
{
// TODO: look for SQL incompatibilities
// NOTE: I'm sure there was another simpler (and obvious) way of finding a suitable bbcode_id
$sql = 'SELECT b1.bbcode_id
FROM ' . BBCODES_TABLE . ' b1, ' . BBCODES_TABLE . ' b2
WHERE b2.bbcode_id > b1.bbcode_id
GROUP BY b1.bbcode_id
HAVING MIN(b2.bbcode_id) > b1.bbcode_id + 1
ORDER BY b1.bbcode_id ASC';
$result = $db->sql_query_limit($sql, 1);
if ($row = $db->sql_fetchrow($result))
{
$bbcode_id = $row['bbcode_id'] + 1;
}
else
{
$sql = 'SELECT MIN(bbcode_id) AS min_id, MAX(bbcode_id) AS max_id
FROM ' . BBCODES_TABLE;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
if (empty($row['min_id']) || $row['min_id'] > 12)
{
$bbcode_id = 12;
}
else
{
$bbcode_id = $row['max_id'] + 1;
}
}
if ($bbcode_id > 31)
{
trigger_error('TOO_MANY_BBCODES');
}
$sql_ary['bbcode_id'] = (int) $bbcode_id;
$db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary));
$lang = 'BBCODE_ADDED';
}
else
{
$db->sql_query('UPDATE ' . BBCODES_TABLE . ' SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' WHERE bbcode_id = ' . $bbcode_id);
$lang = 'BBCODE_EDITED';
}
trigger_error($lang);
break;
case 'delete':
$db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = $bbcode_id");
// No break here
default:
adm_page_header($user->lang['BBCODES']);
?>
<h1><?php echo $user->lang['BBCODES'] ?></h1>
<p><?php echo $user->lang['BBCODES_EXPLAIN'] ?></p>
<form method="post" action="admin_bbcodes.<?php echo $phpEx . $SID ?>&amp;mode=add"><table cellspacing="1" cellpadding="0" border="0" align="center">
<tr>
<td><table class="bg" width="100%" cellspacing="1" cellpadding="4" border="0" align="center">
<tr>
<th><?php echo $user->lang['BBCODE_TAG'] ?></th>
<th><?php echo $user->lang['ACTION'] ?></th>
</tr><?php
$sql = 'SELECT *
FROM ' . BBCODES_TABLE . '
ORDER BY bbcode_id';
$result = $db->sql_query($sql);
$row_class = '';
while ($row = $db->sql_fetchrow($result))
{
$row_class = ($row_class == 'row1') ? 'row2' : 'row1';
?>
<tr>
<td class="<?php echo $row_class ?>" align="center"><?php echo $row['bbcode_tag'] ?></td>
<td class="<?php echo $row_class ?>" align="center"><a href="admin_bbcodes.<?php echo $phpEx . $SID ?>&amp;mode=edit&amp;bbcode=<?php echo $row['bbcode_id'] ?>"><?php echo $user->lang['EDIT'] ?></a> | <a href="admin_bbcodes.<?php echo $phpEx . $SID ?>&amp;mode=delete&amp;bbcode=<?php echo $row['bbcode_id'] ?>"><?php echo $user->lang['DELETE'] ?></a></td>
</tr>
<?php
}
?>
<tr>
<td class="cat" colspan="2" align="center"><input type="submit" value="<?php echo $user->lang['ADD_BBCODE'] ?>" class="btnmain" /></td>
</tr>
</table></td>
</tr>
</table></form>
<?php
adm_page_footer();
}
// -----------------------------
// Functions
function build_regexp($msg_bbcode, $msg_html)
{
$msg_bbcode = trim($msg_bbcode);
$msg_html = trim($msg_html);
$fp_match = preg_quote($msg_bbcode, '!');
$fp_replace = preg_replace('#^\[(.*?)\]#', '[$1:$uid]', $msg_bbcode);
$fp_replace = preg_replace('#\[/(.*?)\]$#', '[/$1:$uid]', $fp_replace);
$sp_match = preg_quote($msg_bbcode, '!');
$sp_match = preg_replace('#^\\\\\[(.*?)\\\\\]#', '\[$1:$uid\]', $sp_match);
$sp_match = preg_replace('#\\\\\[/(.*?)\\\\\]$#', '\[/$1:$uid\]', $sp_match);
$sp_replace = $msg_html;
$tokens = array(
'URL' => array(
'!([a-z0-9]+://)?(.*?[^ \t\n\r<"]*)!ise' => "(('\$1') ? '\$1\$2' : 'http://\$2')"
),
'LOCAL_URL' => array(
'!([^:]+/[^ \t\n\r<"]*)!' => '$1'
),
'EMAIL' => array(
'!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i' => '$1'
),
'TEXT' => array(
'!(.*?)!es' => "str_replace('\\\"', '&quot;', str_replace('\\'', '&#39;', '\$1'))"
),
'COLOR' => array(
'!([a-z]+|#[0-9abcdef]+!i' => '$1'
),
'NUMBER' => array(
'!([0-9]+)!' => '$1'
)
);
if (preg_match_all('/\{(' . implode('|', array_keys($tokens)) . ')[0-9]*\}/i', $msg_bbcode, $m))
{
$pad = 0;
$modifiers = 'i';
foreach ($m[0] as $n => $token)
{
$token_type = $m[1][$n];
reset($tokens[$token_type]);
list($match, $replace) = each($tokens[$token_type]);
// Pad backreference numbers from tokens
if (preg_match_all('/(?<!\\\\)\$([0-9]+)/', $replace, $repad))
{
$repad = $pad + count(array_unique($repad[0]));
$replace = preg_replace('/(?<!\\\\)\$([0-9]+)/e', "'\$' . (\$1 + \$pad)", $replace);
$pad = $repad;
}
// Obtain pattern modifiers to use and alter the regex accordingly
$regex = preg_replace('/!(.*)!([a-z]*)/', '$1', $match);
$regex_modifiers = preg_replace('/!(.*)!([a-z]*)/', '$2', $match);
for ($i = 0; $i < strlen($regex_modifiers); ++$i)
{
if (strpos($modifiers, $regex_modifiers[$i]) === FALSE)
{
$modifiers .= $regex_modifiers[$i];
if ($regex_modifiers[$i] == 'e')
{
$fp_replace = "'" . str_replace("'", "\\'", $fp_replace) . "'";
}
}
if ($regex_modifiers[$i] == 'e')
{
$replace = "'.$replace.'";
}
}
$fp_match = str_replace(preg_quote($token, '!'), $regex, $fp_match);
$fp_replace = str_replace($token, $replace, $fp_replace);
$sp_match = str_replace(preg_quote($token, '!'), '(.*?)', $sp_match);
$sp_replace = str_replace($token, '$' . ($n + 1), $sp_replace);
}
$fp_match = '!' . $fp_match . '!' . $modifiers;
$sp_match = '!' . $sp_match . '!s';
if (strpos($fp_match, 'e') !== FALSE)
{
$fp_replace = str_replace("'.'", '', $fp_replace);
$fp_replace = str_replace(".''.", '.', $fp_replace);
}
}
else
{
// No replacement is present, no need for a second-pass pattern replacement
// A simple str_replace will suffice
$fp_match = '!' . $fp_match . '!' . $modifiers;
$sp_match = $fp_replace;
$sp_replace = '';
}
// Lowercase tags
$bbcode_tag = preg_replace('/.*?\[([a-z]+).*/i', '$1', $msg_bbcode);
$fp_match = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $fp_match);
$fp_replace = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $fp_replace);
$sp_match = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $sp_match);
$sp_replace = preg_replace('#\[/?' . $bbcode_tag . '#ie', "strtolower('\$0')", $sp_replace);
return array(
'bbcode_tag' => $bbcode_tag,
'first_pass_match' => $fp_match,
'first_pass_replace' => $fp_replace,
'second_pass_match' => $sp_match,
'second_pass_replace' => $sp_replace
);
}
// End Functions
// -----------------------------
?>

172
phpBB/includes/bbcode.php
View File

@ -1,23 +1,15 @@
<?php
/***************************************************************************
* bbcode.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : bbcode.php
// STARTED : Sat Feb 13, 2001
// COPYRIGHT : © 2001, 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
class bbcode
{
@ -67,13 +59,15 @@ class bbcode
{
if ($this->bbcode_bitfield & (1 << $bbcode_id))
{
foreach ($this->bbcode_cache[$bbcode_id] as $type => $array)
if (!empty($this->bbcode_cache[$bbcode_id]))
{
foreach ($array as $search => $replace)
foreach ($this->bbcode_cache[$bbcode_id] as $type => $array)
{
${$type}['search'][] = str_replace('$uid', $this->bbcode_uid, $search);
${$type}['replace'][] = $replace;
foreach ($array as $search => $replace)
{
${$type}['search'][] = str_replace('$uid', $this->bbcode_uid, $search);
${$type}['replace'][] = $replace;
}
}
}
}
@ -88,7 +82,8 @@ class bbcode
$message = preg_replace($preg['search'], $preg['replace'], $message);
}
return $message;
// Remove the uid from tags that have not been transformed into HTML
$message = str_replace(':' . $this->bbcode_uid, '', $message);
}
//
@ -99,19 +94,17 @@ class bbcode
//
function bbcode_cache_init()
{
global $user, $phpbb_root_path;
if (empty($this->template_filename))
{
global $user, $phpbb_root_path;
$style = 'primary';
if (!empty($user->theme['secondary']))
{
$merged_bitfield = $user->theme['primary']['bbcode_bitfield'] | $user->theme['secondary']['bbcode_bitfield'];
// If the primary style has custom templates for BBCodes then we'll make sure
// the bbcode.html file is present, otherwise we'll use the secondary style
// If any of styles has a specific template for any of applicable
// bbcodes then load the primary bbcode.html if present, otherwise
// load the secondary bbcode.html file
if ($this->bbcode_bitfield & $merged_bitfield)
if ($this->bbcode_bitfield & $user->theme['primary']['bbcode_bitfield'])
{
$style = (file_exists($phpbb_root_path . 'styles/templates/' . $user->theme['primary']['template_path'] . '/bbcode.html')) ? 'primary' : 'secondary';
}
@ -134,21 +127,20 @@ class bbcode
}
$bbcode_ids[$bbcode_id] = $bbcode_id;
// WARNING: hardcoded values. it assumes that bbcodes with bbcode_id > 11 are user-defined bbcodes
if ($bbcode_id > 11)
{
$sql .= (($sql) ? ',' : '') . $bbcode_id . ',';
$sql .= (($sql) ? ',' : '') . $bbcode_id;
}
}
/*
if ($sql)
{
global $db;
$rowset = array();
$sql = 'SELECT bbcode_id, second_pass_regexp, second_pass_replacement
$sql = 'SELECT *
FROM ' . BBCODES_TABLE . "
WHERE bbcode_id IN ($sql);
WHERE bbcode_id IN ($sql)";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
@ -157,7 +149,6 @@ class bbcode
}
$db->sql_freeresult($result);
}
*/
foreach ($bbcode_ids as $bbcode_id)
{
@ -202,7 +193,7 @@ class bbcode
else
{
$this->bbcode_cache[$bbcode_id] = array('preg' => array(
'#\[img:$uid\](.*?)\[/img:$uid\]#s' => str_replace('\\2', '[ img ]', $this->bbcode_tpl('url', $bbcode_id))
'#\[img:$uid\](.*?)\[/img:$uid\]#s' => str_replace('$2', '[ img ]', $this->bbcode_tpl('url', $bbcode_id))
));
}
break;
@ -224,7 +215,7 @@ class bbcode
break;
case 8:
$this->bbcode_cache[$bbcode_id] = array('preg' => array(
'#\[code(?:=([a-z]+))?:$uid\](.*?)\[/code:$uid\]#ise' => "\$this->bbcode_second_pass_code('\\1', '\\2')"
'#\[code(?:=([a-z]+))?:$uid\](.*?)\[/code:$uid\]#ise' => "\$this->bbcode_second_pass_code('\$1', '\$2')"
));
break;
case 9:
@ -238,13 +229,13 @@ class bbcode
'[/*:m:$uid]' => $this->bbcode_tpl('listitem_close', $bbcode_id)
),
'preg' => array(
'#\[list=([^\[]+):$uid\]#e' => "\$this->bbcode_list('\\1')",
'#\[list=([^\[]+):$uid\]#e' => "\$this->bbcode_list('\$1')",
)
);
break;
case 10:
$this->bbcode_cache[$bbcode_id] = array('preg' => array(
'#\[email:$uid\]((.*?))\[/email:$uid\]#is' => $this->bbcode_tpl('email', $bbcode_id),
'#\[email:$uid\]((.*?))\[/email:$uid\]#is' => $this->bbcode_tpl('email', $bbcode_id),
'#\[email=([^\[]+):$uid\](.*?)\[/email:$uid\]#is' => $this->bbcode_tpl('email', $bbcode_id)
));
break;
@ -258,20 +249,67 @@ class bbcode
else
{
$this->bbcode_cache[$bbcode_id] = array('preg' => array(
'#\[flash=([0-9]+),([0-9]+):$uid\](.*?)\[/flash:$uid\]#' => str_replace('\\1', '\\3', str_replace('\\2', '[ flash ]', $this->bbcode_tpl('url', $bbcode_id)))
'#\[flash=([0-9]+),([0-9]+):$uid\](.*?)\[/flash:$uid\]#' => str_replace('$1', '$3', str_replace('$2', '[ flash ]', $this->bbcode_tpl('url', $bbcode_id)))
));
}
break;
default:
if (isset($rowset[$bbcode_id]))
{
$this->bbcode_cache[$bbcode_id] = array(
'preg' => array($rowset[$bbcode_id]['second_pass_regexp'], $rowset[$bbcode_id]['second_pass_replacement'])
);
if ($this->template_bitfield & (1 << $bbcode_id))
{
// The bbcode requires a custom template to be loaded
if (!$bbcode_tpl = $this->bbcode_tpl($rowset[$bbcode_id]['bbcode_tag'], $bbcode_id))
{
// For some reason, the required template seems not to be available,
// use the default template
$bbcode_tpl = (!empty($rowset[$bbcode_id]['second_pass_replace'])) ? $rowset[$bbcode_id]['second_pass_replace'] : $rowset[$bbcode_id]['bbcode_tpl'];
}
else
{
// In order to use templates with custom bbcodes we need
// to replace all {VARS} to corresponding backreferences
// Note that backreferences are numbered from bbcode_match
if (preg_match_all('/\{(URL|EMAIL|TEXT|COLOR|NUMBER)[0-9]*\}/', $rowset[$bbcode_id]['bbcode_match'], $m))
{
foreach ($m[0] as $i => $tok)
{
$bbcode_tpl = str_replace($tok, '$' . ($i + 1), $bbcode_tpl);
}
}
}
}
else
{
// Default template
$bbcode_tpl = (!empty($rowset[$bbcode_id]['second_pass_replace'])) ? $rowset[$bbcode_id]['second_pass_replace'] : $rowset[$bbcode_id]['bbcode_tpl'];
}
// Replace {L_*} lang strings
$bbcode_tpl = preg_replace('/{L_([A-Z_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace'_', ' ', '\$1')))", $bbcode_tpl);
if (!empty($rowset[$bbcode_id]['second_pass_replace']))
{
// The custom BBCode requires second-pass pattern replacements
$this->bbcode_cache[$bbcode_id] = array(
'preg' => array($rowset[$bbcode_id]['second_pass_match'] => $bbcode_tpl)
);
}
else
{
$this->bbcode_cache[$bbcode_id] = array(
'str' => array($rowset[$bbcode_id]['second_pass_match'] => $bbcode_tpl)
);
}
}
else
{
$this->bbcode_cache[$bbcode_id] = array();
$this->bbcode_cache[$bbcode_id] = FALSE;
}
}
}
@ -284,21 +322,21 @@ class bbcode
static $bbcode_hardtpl = array(
'b_open' => '<span style="font-weight: bold">',
'b_close' => '</span>',
'i_open' => '<span style="font-style: italic">',
'i_close' => '</span>',
'i_open' => '<span style="font-style: italic">',
'i_close' => '</span>',
'u_open' => '<span style="text-decoration: underline">',
'u_close' => '</span>',
'url' => '<a href="\1" target="_blank">\2</a>',
'img' => '<img src="\1" border="0" />',
'size' => '<span style="font-size: \1px; line-height: normal">\2</span>',
'color' => '<span style="color: \1">\2</span>',
'email' => '<a href="mailto:\1">\2</a>'
'url' => '<a href="$1" target="_blank">$2</a>',
'img' => '<img src="$1" border="0" />',
'size' => '<span style="font-size: $1px; line-height: normal">$2</span>',
'color' => '<span style="color: $1">$2</span>',
'email' => '<a href="mailto:$1">$2</a>'
);
}
if ($bbcode_id != -1 && !($this->template_bitfield & (1 << $bbcode_id)))
{
return $bbcode_hardtpl[$tpl_name];
return (isset($bbcode_hardtpl[$tpl_name])) ? $bbcode_hardtpl[$tpl_name] : FALSE;
}
if (empty($this->bbcode_template))
@ -318,28 +356,28 @@ class bbcode
$tpl = preg_replace("/\n[\n\r\s\t]*/", '', $tpl);
// Turn template blocks into PHP assignment statements for the values of $bbcode_tpl..
$tpl = preg_replace('#<!-- BEGIN (.*?) -->(.*?)<!-- END (.*?) -->#', "\n" . "\$this->bbcode_template['\\1'] = \$this->bbcode_tpl_replace('\\1','\\2');", $tpl);
$tpl = preg_replace('#<!-- BEGIN (.*?) -->(.*?)<!-- END (.*?) -->#', "\n" . "\$this->bbcode_template['\$1'] = \$this->bbcode_tpl_replace('\$1','\$2');", $tpl);
$this->bbcode_template = array();
eval($tpl);
}
return $this->bbcode_template[$tpl_name];
return (isset($this->bbcode_template[$tpl_name])) ? $this->bbcode_template[$tpl_name] : ((isset($bbcode_hardtpl[$tpl_name])) ? $bbcode_hardtpl[$tpl_name] : FALSE);
}
function bbcode_tpl_replace($tpl_name, $tpl)
{
static $replacements = array(
'quote_username_open' => array('{USERNAME}' => '\\1'),
'color' => array('{COLOR}' => '\\1', 'TEXT' => '\\2'),
'size' => array('{SIZE}' => '\\1', 'TEXT' => '\\2'),
'img' => array('{URL}' => '\\1'),
'flash' => array('{WIDTH}' => '\\1', '{HEIGHT}' => '\\2', '{URL}' => '\\3'),
'url' => array('{URL}' => '\\1', '{DESCRIPTION}' => '\\2'),
'email' => array('{EMAIL}' => '\\1', '{DESCRIPTION}' => '\\2')
'quote_username_open' => array('{USERNAME}' => '$1'),
'color' => array('{COLOR}' => '$1', '{TEXT}' => '$2'),
'size' => array('{SIZE}' => '$1', '{TEXT}' => '$2'),
'img' => array('{URL}' => '$1'),
'flash' => array('{WIDTH}' => '$1', '{HEIGHT}' => '$2', '{URL}' => '$3'),
'url' => array('{URL}' => '$1', '{DESCRIPTION}' => '$2'),
'email' => array('{EMAIL}' => '$1', '{DESCRIPTION}' => '$2')
);
$tpl = preg_replace('/{L_([A-Z_]+)}/e', "(!empty(\$user->lang['\\1'])) ? \$user->lang['\\1'] : ucwords(strtolower('\\1'))", $tpl);
$tpl = preg_replace('/{L_([A-Z_]+)}/e', "(!empty(\$user->lang['\$1'])) ? \$user->lang['\$1'] : ucwords(strtolower(str_replace('_', ' ', '\$1')))", $tpl);
if (!empty($replacements[$tpl_name]))
{
@ -405,7 +443,9 @@ class bbcode
function bbcode_second_pass_code($type, $code)
{
$code = stripslashes($code);
// when using the /e modifier, preg_replace slashes double-quotes but does not
// seem to slash anything else
$code = str_replace('\"', '"', $code);
switch ($type)
{

152
phpBB/includes/message_parser.php
View File

@ -1,31 +1,21 @@
<?php
/***************************************************************************
* message_parser.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id$
*
***************************************************************************/
/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/
// -------------------------------------------------------------
//
// $Id$
//
// FILENAME : message_parser.php
// STARTED : Sat Feb 13, 2001
// COPYRIGHT : © 2003 phpBB Group
// WWW : http://www.phpbb.com/
// LICENCE : GPL vs2.0 [ see /docs/COPYING ]
//
// -------------------------------------------------------------
/*
TODO list:
- fix [flash], add width/height parameters?
- check that PHP syntax highlightning works well
- add other languages?
- add validation regexp to [email], [flash]
- need size limit checks on img/flash tags ... probably warrants some discussion)
TODO list for M-3:
- add other languages to syntax highlighter
- better (and unified, wrt other pages such as registration) validation for urls, emails, etc...
- need size limit checks on img/flash tags ... probably warrants some discussion
*/
// case-insensitive strpos() - needed for some functions
@ -57,6 +47,8 @@ class parse_message
var $attachment_data = array();
var $filename_data = array();
var $smilies = '';
function parse_message($message_type)
{
$this->message_mode = $message_type;
@ -116,7 +108,7 @@ class parse_message
if (sizeof($allowed_tags))
{
$this->message = preg_replace('#&lt;(\/?)(' . str_replace('*', '.*?', implode('|', $allowed_tags)) . ')&gt;#is', '<\1\2>', $this->message);
$this->message = preg_replace('#&lt;(\/?)(' . str_replace('*', '.*?', implode('|', $allowed_tags)) . ')&gt;#is', '<$1$2>', $this->message);
}
}
}
@ -170,27 +162,29 @@ class parse_message
// This array holds all bbcode data. BBCodes will be processed in this order, so it is important to
// keep [code] in first position and [quote] in second position.
$this->bbcodes = array(
'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#ise' => "\$this->bbcode_code('\\1', '\\2')")),
'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#ise' => "\$this->bbcode_quote('\\0')")),
'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#is' => '[b:' . $this->bbcode_uid . ']\1[/b:' . $this->bbcode_uid . ']')),
'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#is' => '[i:' . $this->bbcode_uid . ']\1[/i:' . $this->bbcode_uid . ']')),
'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url=?(.*?)?\](.*?)\[/url\]#ise' => "\$this->validate_url('\\1', '\\2')")),
'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](https?://)([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)\[/img\]#i' => '[img:' . $this->bbcode_uid . ']\1\2[/img:' . $this->bbcode_uid . ']')),
'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?[1-2]?[0-9])\](.*?)\[/size\]#is' => '[size=\1:' . $this->bbcode_uid . ']\2[/size:' . $this->bbcode_uid . ']')),
'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9A-F]{6}|[a-z\-]+)\](.*?)\[/color\]!is' => '[color=\1:' . $this->bbcode_uid . ']\2[/color:' . $this->bbcode_uid . ']')),
'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#is' => '[u:' . $this->bbcode_uid . ']\1[/u:' . $this->bbcode_uid . ']')),
'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(=[a-z|0-9|(?:disc|circle|square))]+)?\].*\[/list\]#ise' => "\$this->bbcode_list('\\0')")),
'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#ise' => "\$this->validate_email('\\1', '\\2')")),
'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#i' => '[flash=\1,\2:' . $this->bbcode_uid . ']\3[/flash:' . $this->bbcode_uid . ']'))
'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#ise' => "\$this->bbcode_code('\$1', '\$2')")),
'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#ise' => "\$this->bbcode_quote('\$0')")),
'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#is' => '[b:' . $this->bbcode_uid . ']$1[/b:' . $this->bbcode_uid . ']')),
'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#is' => '[i:' . $this->bbcode_uid . ']$1[/i:' . $this->bbcode_uid . ']')),
'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url=?(.*?)?\](.*?)\[/url\]#ise' => "\$this->validate_url('\$1', '\$2')")),
'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](https?://)([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)\[/img\]#i' => '[img:' . $this->bbcode_uid . ']$1$2[/img:' . $this->bbcode_uid . ']')),
'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?[1-2]?[0-9])\](.*?)\[/size\]#is' => '[size=$1:' . $this->bbcode_uid . ']$2[/size:' . $this->bbcode_uid . ']')),
'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9A-F]{6}|[a-z\-]+)\](.*?)\[/color\]!is' => '[color=$1:' . $this->bbcode_uid . ']$2[/color:' . $this->bbcode_uid . ']')),
'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#is' => '[u:' . $this->bbcode_uid . ']$1[/u:' . $this->bbcode_uid . ']')),
'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(=[a-z|0-9|(?:disc|circle|square))]+)?\].*\[/list\]#ise' => "\$this->bbcode_list('\$0')")),
'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#ise' => "\$this->validate_email('\$1', '\$2')")),
'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#i' => '[flash=$1,$2:' . $this->bbcode_uid . ']$3[/flash:' . $this->bbcode_uid . ']'))
);
/**************
if (!isset($rowset))
{
global $db;
$rowset = array();
$result = $db->sql_query('SELECT * FROM ' . BBCODES_TABLE);
$sql = 'SELECT bbcode_id, bbcode_tag, first_pass_match, first_pass_replace
FROM ' . BBCODES_TABLE;
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result))
{
$rowset[] = $row;
@ -198,19 +192,19 @@ class parse_message
}
foreach ($rowset as $row)
{
$this->bbcodes[$row['bbcode_name']] = array(
'bbcode_id' => $row['bbcode_id'],
'regexp' => array($row['first_pass_regexp'] => str_replace('$uid', $this->bbcode_uid, $row['first_pass_replacement']))
$this->bbcodes[$row['bbcode_tag']] = array(
'bbcode_id' => intval($row['bbcode_id']),
'regexp' => array($row['first_pass_match'] => str_replace('$uid', $this->bbcode_uid, $row['first_pass_replace']))
);
}
**************/
}
// Expects the argument to start right after the opening [code] tag and to end with [/code]
function bbcode_code($stx, $in)
{
// if I remember correctly, preg_replace() will slash passed vars
$in = str_replace("\r\n", "\n", stripslashes($in));
// when using the /e modifier, preg_replace slashes double-quotes but does not
// seem to slash anything else
$in = str_replace("\r\n", "\n", str_replace('\"', '"', $in));
$out = '';
do
@ -237,7 +231,7 @@ class parse_message
}
$code = substr($code, 0, -7);
$code = preg_replace('#^[\r\n]*(.*?)[\n\r\s\t]*$#s', '\1', $code);
$code = preg_replace('#^[\r\n]*(.*?)[\n\r\s\t]*$#s', '$1', $code);
switch (strtolower($stx))
{
@ -273,12 +267,18 @@ class parse_message
$str_to[] = '';
$str_from[] = '<span class="syntaxdefault">&lt;?php&nbsp;';
$str_to[] = '<span class="syntaxdefault">';
$str_from[] = '<span class="syntaxdefault">?&gt;</span>';
$str_to[] = '';
}
$code = str_replace($str_from, $str_to, $code);
$code = preg_replace('#^(<span class="[a-z_]+">)\n?(.*?)\n?(</span>)$#is', '\1\2\3', $code);
$code = preg_replace('#^(<span class="[a-z_]+">)\n?(.*?)\n?(</span>)$#is', '$1$2$3', $code);
if ($remove_tags)
{
$code = preg_replace('#(<span class="[a-z]+">)?\?&gt;</span>#', '', $code);
}
$code = preg_replace('#^<span class="[a-z]+"><span class="([a-z]+)">(.*)</span></span>#s', '<span class="$1">$2</span>', $code);
$code = preg_replace('#(?:[\n\r\s\t]|&nbsp;)*</span>$#', '</span>', $code);
$out .= "[code=$stx:" . $this->bbcode_uid . ']' . trim($code) . '[/code:' . $this->bbcode_uid . ']';
break;
@ -308,7 +308,8 @@ class parse_message
$tok = ']';
$out = '[';
$in = substr(stripslashes($in), 1);
$in = substr(str_replace('\"', '"', $in), 1);
$list_end_tags = $item_end_tags = array();
do
@ -423,7 +424,7 @@ class parse_message
$tok = ']';
$out = '[';
$in = substr(stripslashes($in), 1);
$in = substr(str_replace('\"', '"', $in), 1);
$close_tags = $error_ary = array();
$buffer = '';
@ -472,7 +473,7 @@ class parse_message
if (!empty($m[1]))
{
$username = preg_replace('#\[(?!b|i|u|color|url|email|/b|/i|/u|/color|/url|/email)#iU', '&#91;\1', $m[1]);
$username = preg_replace('#\[(?!b|i|u|color|url|email|/b|/i|/u|/color|/url|/email)#iU', '&#91;$1', $m[1]);
$end_tags = array();
$error = FALSE;
@ -547,10 +548,29 @@ class parse_message
function validate_email($var1, $var2)
{
$var1 = stripslashes($var1);
$var2 = stripslashes($var2);
$txt = stripslashes($var2);
$email = ($var1 != '') ? stripslashes($var1) : stripslashes($var2);
$retval = '[email' . $var1 . ':' . $this->bbcode_uid . ']' . $var2 . '[/email:' . $this->bbcode_uid . ']';
$validated = TRUE;
if (!preg_match('!([a-z0-9]+[a-z0-9\-\._]*@(?:(?:[0-9]{1,3}\.){3,5}[0-9]{1,3}|[a-z0-9]+[a-z0-9\-\._]*\.[a-z]+))!i', $email))
{
$validated = FALSE;
}
if (!$validated)
{
return '[email' . (($var1) ? "=$var1" : '') . ']' . $var2 . '[/email]';
}
if ($var1)
{
$retval = '[email=' . $email . ':' . $this->bbcode_uid . ']' . $txt . '[/email:' . $this->bbcode_uid . ']';
}
else
{
$retval = '[email:' . $this->bbcode_uid . ']' . $email . '[/email:' . $this->bbcode_uid . ']';
}
return $retval;
}
@ -587,20 +607,20 @@ class parse_message
$replace = array();
// relative urls for this board
$match[] = '#(^|[\n ])' . $server_protocol . trim($config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '\1', trim($config['script_path'])) . '/([^ \t\n\r <"\']+)#i';
$replace[] = '<!-- l --><a href="\1" target="_blank">\1</a><!-- l -->';
$match[] = '#(^|[\n ])' . $server_protocol . trim($config['server_name']) . $server_port . preg_replace('/^\/?(.*?)(\/)?$/', '$1', trim($config['script_path'])) . '/([^ \t\n\r <"\']+)#i';
$replace[] = '<!-- l --><a href="$1" target="_blank">$1</a><!-- l -->';
// matches a xxxx://aaaaa.bbb.cccc. ...
$match[] = '#(^|[\n ])([\w]+?://.*?[^ \t\n\r<"]*)#ie';
$replace[] = "'\\1<!-- m --><a href=\"\\2\" target=\"_blank\">' . ((strlen('\\2') > 55) ? substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2') . '</a><!-- m -->'";
$replace[] = "'\$1<!-- m --><a href=\"\$2\" target=\"_blank\">' . ((strlen('\$2') > 55) ? substr('\$2', 0, 39) . ' ... ' . substr('\$2', -10) : '\$2') . '</a><!-- m -->'";
// matches a "www.xxxx.yyyy[/zzzz]" kinda lazy URL thing
$match[] = '#(^|[\n ])(www\.[\w\-]+\.[\w\-.\~]+(?:/[^ \t\n\r<"]*)?)#ie';
$replace[] = "'\\1<!-- w --><a href=\"http://\\2\" target=\"_blank\">' . ((strlen('\\2') > 55) ? substr(str_replace(' ', '%20', '\\2'), 0, 39) . ' ... ' . substr('\\2', -10) : '\\2') . '</a><!-- w -->'";
$replace[] = "'\$1<!-- w --><a href=\"http://\$2\" target=\"_blank\">' . ((strlen('\$2') > 55) ? substr(str_replace(' ', '%20', '\$2'), 0, 39) . ' ... ' . substr('\$2', -10) : '\$2') . '</a><!-- w -->'";
// matches an email@domain type address at the start of a line, or after a space.
$match[] = '#(^|[\n ])([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)#ie';
$replace[] = "'\\1<!-- e --><a href=\"mailto:\\2\">' . ((strlen('\\2') > 55) ? substr('\\2', 0, 39) . ' ... ' . substr('\\2', -10) : '\\2') . '</a><!-- e -->'";
$replace[] = "'\$1<!-- e --><a href=\"mailto:\$2\">' . ((strlen('\$2') > 55) ? substr('\$2', 0, 39) . ' ... ' . substr('\$2', -10) : '\$2') . '</a><!-- e -->'";
$this->message = preg_replace($match, $replace, $this->message);
}
@ -622,6 +642,7 @@ class parse_message
if ($row = $db->sql_fetchrow($result))
{
$match = $replace = array();
do
{
$match[] = '#(' . preg_quote($row['code'], '#') . ')#';
@ -643,7 +664,6 @@ class parse_message
$this->message = preg_replace($match, $replace, ' ' . $this->message . ' ');
}
$db->sql_freeresult($result);
}
function parse_attachments($mode, $post_id, $submit, $preview, $refresh)
@ -956,7 +976,7 @@ class fulltext_search
{
$sql = 'SELECT word_id, word_text
FROM ' . SEARCH_WORD_TABLE . '
WHERE word_text IN (' . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $unique_add_words)) . ")";
WHERE word_text IN (' . implode(', ', preg_replace('#^(.*)$#', '\'$1\'', $unique_add_words)) . ")";
$result = $db->sql_query($sql);
$word_ids = array();
@ -976,13 +996,13 @@ class fulltext_search
case 'mysql':
case 'mysql4':
$sql = 'INSERT INTO ' . SEARCH_WORD_TABLE . ' (word_text)
VALUES ' . implode(', ', preg_replace('#^(.*)$#', '(\'\1\')', $new_words));
VALUES ' . implode(', ', preg_replace('#^(.*)$#', '(\'$1\')', $new_words));
$db->sql_query($sql);
break;
case 'mssql':
case 'sqlite':
$sql = 'INSERT INTO ' . SEARCH_WORD_TABLE . ' (word_text) ' . implode(' UNION ALL ', preg_replace('#^(.*)$#', "SELECT '\\1'", $new_words));
$sql = 'INSERT INTO ' . SEARCH_WORD_TABLE . ' (word_text) ' . implode(' UNION ALL ', preg_replace('#^(.*)$#', "SELECT '\$1'", $new_words));
$db->sql_query($sql);
break;
@ -1029,7 +1049,7 @@ class fulltext_search
$sql = 'INSERT INTO ' . SEARCH_MATCH_TABLE . " (post_id, word_id, title_match)
SELECT $post_id, word_id, $title_match
FROM " . SEARCH_WORD_TABLE . '
WHERE word_text IN (' . implode(', ', preg_replace('#^(.*)$#', '\'\1\'', $word_ary)) . ')';
WHERE word_text IN (' . implode(', ', preg_replace('#^(.*)$#', '\'$1\'', $word_ary)) . ')';
$db->sql_query($sql);
}
}