|
- <?php
-
-
-
-
-
-
-
-
-
- function phorum_htmlpurifier_format($data)
- {
- $PHORUM = $GLOBALS["PHORUM"];
-
- $purifier =& HTMLPurifier::getInstance();
- $cache_serial = $PHORUM['mod_htmlpurifier']['body_cache_serial'];
-
- foreach($data as $message_id => $message){
- if(isset($message['body'])) {
-
- if ($message_id) {
-
-
-
- if (isset($message['meta']['htmlpurifier_light'])) {
-
-
- $data[$message_id]['body'] = $purifier->purify($message['body']);
- continue;
- }
-
- if (!empty($PHORUM['args']['purge'])) {
-
- unset($message['meta']['body_cache']);
- }
-
- if (
- isset($message['meta']['body_cache']) &&
- isset($message['meta']['body_cache_serial']) &&
- $message['meta']['body_cache_serial'] == $cache_serial
- ) {
-
- $data[$message_id]['body'] = base64_decode($message['meta']['body_cache']);
- continue;
- }
- }
-
-
-
- $updated_message = array();
-
-
- if (
- $message_id &&
- !isset($message['meta']['body_cache_serial'])
- ) {
-
- $fake_data = array();
- list($signature, $edit_message) = phorum_htmlpurifier_remove_sig_and_editmessage($message);
- $fake_data[$message_id] = $message;
- $fake_data = phorum_htmlpurifier_migrate($fake_data);
- $body = $fake_data[$message_id]['body'];
- $body = str_replace("<phorum break>\n", "\n", $body);
- $updated_message['body'] = $body;
- $body .= $signature . $edit_message;
- } else {
-
- $body = $message['body'];
-
- $body = str_replace("<phorum break>\n", "\n", $body);
- $body = str_replace(array('<','>','&', '"'), array('<','>','&','"'), $body);
- if (!$message_id && defined('PHORUM_CONTROL_CENTER')) {
-
- $body = str_replace(array('<','>','&', '"'), array('<','>','&','"'), $body);
- }
- }
-
- $body = $purifier->purify($body);
-
-
-
-
-
-
- if ($message_id) {
- $updated_message['meta'] = $message['meta'];
- $updated_message['meta']['body_cache'] = base64_encode($body);
- $updated_message['meta']['body_cache_serial'] = $cache_serial;
- phorum_db_update_message($message_id, $updated_message);
- }
-
-
-
- $data[$message_id]['body'] = $body;
-
- }
- }
-
- return $data;
- }
-
-
-
-
-
-
- function phorum_htmlpurifier_generate_sig($row)
- {
- $phorum_sig = '';
- if(isset($row["user"]["signature"])
- && isset($row['meta']['show_signature']) && $row['meta']['show_signature']==1){
- $phorum_sig=trim($row["user"]["signature"]);
- if(!empty($phorum_sig)){
- $phorum_sig="\n\n$phorum_sig";
- }
- }
- return $phorum_sig;
- }
-
-
- function phorum_htmlpurifier_generate_editmessage($row)
- {
- $PHORUM = $GLOBALS['PHORUM'];
- $editmessage = '';
- if(isset($row['meta']['edit_count']) && $row['meta']['edit_count'] > 0) {
- $editmessage = str_replace ("%count%", $row['meta']['edit_count'], $PHORUM["DATA"]["LANG"]["EditedMessage"]);
- $editmessage = str_replace ("%lastedit%", phorum_date($PHORUM["short_date_time"],$row['meta']['edit_date']), $editmessage);
- $editmessage = str_replace ("%lastuser%", $row['meta']['edit_username'], $editmessage);
- $editmessage = "\n\n\n\n$editmessage";
- }
- return $editmessage;
- }
-
-
-
-
-
- function phorum_htmlpurifier_remove_sig_and_editmessage(&$row)
- {
- $signature = phorum_htmlpurifier_generate_sig($row);
- $editmessage = phorum_htmlpurifier_generate_editmessage($row);
- $replacements = array();
-
-
- if ($signature) $replacements[str_replace("\n", "<phorum break>\n", $signature)] = '';
- if ($editmessage) $replacements[str_replace("\n", "<phorum break>\n", $editmessage)] = '';
- $row['body'] = strtr($row['body'], $replacements);
- return array($signature, $editmessage);
- }
-
-
- function phorum_htmlpurifier_posting($message)
- {
- $PHORUM = $GLOBALS["PHORUM"];
- unset($message['meta']['body_cache']);
- $message['meta']['body_cache_serial'] = $PHORUM['mod_htmlpurifier']['body_cache_serial'];
- return $message;
- }
-
-
- function phorum_htmlpurifier_quote($array)
- {
- $PHORUM = $GLOBALS["PHORUM"];
- $purifier =& HTMLPurifier::getInstance();
- $text = $purifier->purify($array[1]);
- $source = htmlspecialchars($array[0]);
- return "<blockquote cite=\"$source\">\n$text\n</blockquote>";
- }
-
-
- function phorum_htmlpurifier_common()
- {
- require_once(dirname(__FILE__).'/htmlpurifier/HTMLPurifier.auto.php');
- require(dirname(__FILE__).'/init-config.php');
-
- $config = phorum_htmlpurifier_get_config();
- HTMLPurifier::getInstance($config);
-
-
- $GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial();
-
-
- if (file_exists(dirname(__FILE__) . '/migrate.php')) {
- include(dirname(__FILE__) . '/migrate.php');
- } else {
- echo '<strong>Error:</strong> No migration path specified for HTML Purifier, please check
- <tt>modes/htmlpurifier/migrate.bbcode.php</tt> for instructions on
- how to migrate from your previous markup language.';
- exit;
- }
-
- if (!function_exists('phorum_htmlpurifier_migrate')) {
-
- function phorum_htmlpurifier_migrate($data) {return $data;}
- }
-
- }
-
-
- function phorum_htmlpurifier_before_editor($message)
- {
- if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) {
- if (!empty($message['body'])) {
- $body = $message['body'];
-
- $body = str_replace(array('<','>','&'), array('<','>','&'), $body);
- $purifier =& HTMLPurifier::getInstance();
- $body = $purifier->purify($body);
-
- $body = htmlspecialchars($body, ENT_QUOTES, $GLOBALS['PHORUM']['DATA']['CHARSET']);
- $message['body'] = $body;
- }
- }
- return $message;
- }
-
- function phorum_htmlpurifier_editor_after_subject()
- {
-
-
- if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) {
- $i = $GLOBALS['PHORUM']['DATA']['MODE'];
- if ($i == 'quote' || $i == 'edit' || $i == 'moderation') {
- ?>
- <div>
- <p>
- <strong>Notice:</strong> HTML has been scrubbed for your safety.
- If you would like to see the original, turn off WYSIWYG mode
- (consult your administrator for details.)
- </p>
- </div>
- <?php
- }
- return;
- }
- if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['suppress_message'])) return;
- ?><div class="htmlpurifier-help">
- <p>
- <strong>HTML input</strong> is enabled. Make sure you escape all HTML and
- angled brackets with <code>&lt;</code> and <code>&gt;</code>.
- </p><?php
- $purifier =& HTMLPurifier::getInstance();
- $config = $purifier->config;
- if ($config->get('AutoFormat.AutoParagraph')) {
- ?><p>
- <strong>Auto-paragraphing</strong> is enabled. Double
- newlines will be converted to paragraphs; for single
- newlines, use the <code>pre</code> tag.
- </p><?php
- }
- $html_definition = $config->getDefinition('HTML');
- $allowed = array();
- foreach ($html_definition->info as $name => $x) $allowed[] = "<code>$name</code>";
- sort($allowed);
- $allowed_text = implode(', ', $allowed);
- ?><p><strong>Allowed tags:</strong> <?php
- echo $allowed_text;
- ?>.</p><?php
- ?>
- </p>
- <p>
- For inputting literal code such as HTML and PHP for display, use
- CDATA tags to auto-escape your angled brackets, and <code>pre</code>
- to preserve newlines:
- </p>
- <pre><pre><![CDATA[
- <em>Place code here</em>
- ]]></pre></pre>
- <p>
- Power users, you can hide this notice with:
- <pre>.htmlpurifier-help {display:none;}</pre>
- </p>
- </div><?php
- }
-
|