NobuNobu
nobun****@users*****
2006年 12月 9日 (土) 23:11:48 JST
Index: xoops2jp/html/class/module.textsanitizer.php
diff -u xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.2 xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.3
--- xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.2 Sun Dec 3 00:48:30 2006
+++ xoops2jp/html/class/module.textsanitizer.php Sat Dec 9 23:11:48 2006
@@ -1,5 +1,5 @@
<?php
-// $Id: module.textsanitizer.php,v 1.2.8.9.2.2 2006/12/02 15:48:30 nobunobu Exp $
+// $Id: module.textsanitizer.php,v 1.2.8.9.2.3 2006/12/09 14:11:48 nobunobu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -44,50 +44,27 @@
class MyTextSanitizer
{
/**
- * @var array
- */
- var $smileys = array();
-
- /**
*
*/
var $censorConf;
/**
- * @var XCube_Delegate
+ * @var XCube_TextFilter
*/
- var $mMakeClickablePre = null;
-
+ var $mTextFilter = null;
+
/**
* @var XCube_Delegate
+ * @deprecated
*/
var $mMakeClickablePostFilter = null;
/**
* @var XCube_Delegate
- */
- var $mXoopsCodePre = null;
-
- /**
- * @var XCube_Delegate
+ * @deprecated
*/
var $mXoopsCodePostFilter = null;
- /**
- * @var XCube_Delegate
- */
- var $mCodePreConvPre = null;
-
- /**
- * @var XCube_Delegate
- */
- var $mCodeConvPre = null;
-
- /**
- * @var XCube_TextFilter
- */
- var $mTextFilter = null;
-
/*
* Constructor of this class
*
@@ -101,24 +78,13 @@
*/
function MyTextSanitizer()
{
- $this->mMakeClickablePre =& new XCube_Delegate();
- $this->mMakeClickablePre->register('MyTextSanitizer.MakeClickablePre');
$this->mMakeClickablePostFilter =& new XCube_Delegate();
$this->mMakeClickablePostFilter->register('MyTextSanitizer.MakeClickablePostFilter');
- $this->mXoopsCodePre =& new XCube_Delegate();
- $this->mXoopsCodePre->register('MyTextSanitizer.XoopsCodePre');
-
$this->mXoopsCodePostFilter =& new XCube_Delegate();
$this->mXoopsCodePostFilter->register('MyTextSanitizer.XoopsCodePostFilter');
- $this->mCodePreConvPre =& new XCube_Delegate();
- $this->mCodePreConvPre->register('MyTextSanitizer.CodePreConvPre');
-
- $this->mCodeConvPre =& new XCube_Delegate();
- $this->mCodeConvPre->register('MyTextSanitizer.CodeConvPre');
-
$root =& XCube_Root::getSingleton();
$this->mTextFilter =& $root->getTextFilter();
@@ -148,7 +114,7 @@
*/
function getSmileys()
{
- return $this->smileys;
+ return $this->mTextFilter->getSmileys();
}
/**
@@ -158,23 +124,10 @@
*
* @return string
*/
- function &smiley($message)
+ function &smiley($text)
{
- $db =& Database::getInstance();
- if (count($this->smileys) == 0) {
- if ($getsmiles = $db->query("SELECT * FROM ".$db->prefix("smiles"))){
- while ($smiles = $db->fetchArray($getsmiles)) {
- $message = str_replace($smiles['code'], '<img src="'.XOOPS_UPLOAD_URL.'/'.htmlspecialchars($smiles['smile_url']).'" alt="" />', $message);
- array_push($this->smileys, $smiles);
- }
- }
- }
- elseif (is_array($this->smileys)) {
- foreach ($this->smileys as $smile) {
- $message = str_replace($smile['code'], '<img src="'.XOOPS_UPLOAD_URL.'/'.htmlspecialchars($smile['smile_url']).'" alt="" />', $message);
- }
- }
- return $message;
+ $text = $this->mTextFilter->Smiley($text);
+ return $text;
}
/**
@@ -185,18 +138,7 @@
**/
function &makeClickable(&$text)
{
- $patterns = array("/(^|[^]_a-z0-9-=\"'\/])([a-z]+?):\/\/([^, \r\n\"\(\)'<>]+)/i", "/(^|[^]_a-z0-9-=\"'\/])www\.([a-z0-9\-]+)\.([^, \r\n\"\(\)'<>]+)/i", "/(^|[^]_a-z0-9-=\"'\/])ftp\.([a-z0-9\-]+)\.([^, \r\n\"\(\)'<>]+)/i", "/(^|[^]_a-z0-9-=\"'\/:\.])([a-z0-9\-_\.]+?)@([^, \r\n\"\(\)'<>\[\]]+)/i");
- $replacements = array("\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", "\\1<a href=\"http://www.\\2.\\3\" target=\"_blank\">www.\\2.\\3</a>", "\\1<a href=\"ftp://ftp.\\2.\\3\" target=\"_blank\">ftp.\\2.\\3</a>", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>");
-
- // RaiseEvent 'MyTextSanitizer.MakeClickablePre'
- // Delegate may replace makeClickable conversion table
- // Args :
- // 'patterns' [I/O] : &Array of pattern RegExp
- // 'replacements' [I/O] : &Array of replacing string
- //
- $this->mMakeClickablePre->call(new XCube_Ref($patterns), new XCube_Ref($replacements));
-
- $text = preg_replace($patterns, $replacements, $text);
+ $text = $this->mTextFilter->MakeClickable($text);
// RaiseEvent : 'MyTextSanitizer.MakeClickablePostFilter'
// Delegate may convert output text with quickApplyFilter rule
@@ -204,7 +146,6 @@
// 'string' [I/O] : Text to convert;
//
$this->mMakeClickablePostFilter->call(new XCube_Ref($text));
-
return $text;
}
@@ -218,74 +159,7 @@
**/
function &xoopsCodeDecode(&$text, $allowimage = 1)
{
- $imgCallbackPattern = "/\[img( align=\w+)]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
- $text = preg_replace_callback($imgCallbackPattern, array($this, '_filterImgUrl'), $text);
-
- $patterns = array();
- $replacements = array();
- // RMV: added new markup for intrasite url (allows easier site moves)
- // TODO: automatically convert other URLs to this format if XOOPS_URL matches??
- $patterns[] = "/\[siteurl=(['\"]?)([^\"'<>]*)\\1](.*)\[\/siteurl\]/sU";
- $replacements[] = '<a href="'.XOOPS_URL.'/\\2" target="_blank">\\3</a>';
- $patterns[] = "/\[url=(['\"]?)(http[s]?:\/\/[^\"'<>]*)\\1](.*)\[\/url\]/sU";
- $replacements[] = '<a href="\\2" target="_blank">\\3</a>';
- $patterns[] = "/\[url=(['\"]?)(ftp?:\/\/[^\"'<>]*)\\1](.*)\[\/url\]/sU";
- $replacements[] = '<a href="\\2" target="_blank">\\3</a>';
- $patterns[] = "/\[url=(['\"]?)([^\"'<>]*)\\1](.*)\[\/url\]/sU";
- $replacements[] = '<a href="http://\\2" target="_blank">\\3</a>';
- $patterns[] = "/\[color=(['\"]?)([a-zA-Z0-9]*)\\1](.*)\[\/color\]/sU";
- $replacements[] = '<span style="color: #\\2;">\\3</span>';
- $patterns[] = "/\[size=(['\"]?)([a-z0-9-]*)\\1](.*)\[\/size\]/sU";
- $replacements[] = '<span style="font-size: \\2;">\\3</span>';
- $patterns[] = "/\[font=(['\"]?)([^;<>\*\(\)\"']*)\\1](.*)\[\/font\]/sU";
- $replacements[] = '<span style="font-family: \\2;">\\3</span>';
- $patterns[] = "/\[email]([^;<>\*\(\)\"']*)\[\/email\]/sU";
- $replacements[] = '<a href="mailto:\\1">\\1</a>';
- $patterns[] = "/\[b](.*)\[\/b\]/sU";
- $replacements[] = '<b>\\1</b>';
- $patterns[] = "/\[i](.*)\[\/i\]/sU";
- $replacements[] = '<i>\\1</i>';
- $patterns[] = "/\[u](.*)\[\/u\]/sU";
- $replacements[] = '<u>\\1</u>';
- $patterns[] = "/\[d](.*)\[\/d\]/sU";
- $replacements[] = '<del>\\1</del>';
- //$patterns[] = "/\[li](.*)\[\/li\]/sU";
- //$replacements[] = '<li>\\1</li>';
- $patterns[] = "/\[img align=(['\"]?)(left|center|right)\\1]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
- $patterns[] = "/\[img]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
- $patterns[] = "/\[img align=(['\"]?)(left|center|right)\\1 id=(['\"]?)([0-9]*)\\3]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
- $patterns[] = "/\[img id=(['\"]?)([0-9]*)\\1]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
- if ($allowimage != 1) {
- $replacements[] = '<a href="\\3" target="_blank">\\3</a>';
- $replacements[] = '<a href="\\1" target="_blank">\\1</a>';
- $replacements[] = '<a href="'.XOOPS_URL.'/image.php?id=\\4" target="_blank">\\5</a>';
- $replacements[] = '<a href="'.XOOPS_URL.'/image.php?id=\\2" target="_blank">\\3</a>';
- } else {
- $replacements[] = '<img src="\\3" align="\\2" alt="" />';
- $replacements[] = '<img src="\\1" alt="" />';
- $replacements[] = '<img src="'.XOOPS_URL.'/image.php?id=\\4" align="\\2" alt="\\5" />';
- $replacements[] = '<img src="'.XOOPS_URL.'/image.php?id=\\2" alt="\\3" />';
- }
- $patterns[] = "/\[quote]/sU";
- $replacements[] = _QUOTEC.'<div class="xoopsQuote"><blockquote>';
- //$replacements[] = 'Quote: <div class="xoopsQuote"><blockquote>';
- $patterns[] = "/\[\/quote]/sU";
- $replacements[] = '</blockquote></div>';
- $patterns[] = "/javascript:/si";
- $replacements[] = "java script:";
- $patterns[] = "/about:/si";
- $replacements[] = "about :";
-
- // RaiseEvent 'MyTextSanitizer.XoopsCodePre'
- // Delegate may replace conversion table
- // Args :
- // 'patterns' [I/O] : &Array of pattern RegExp
- // 'replacements' [I/O] : &Array of replacing string
- // 'allowimage' [I] : xoopsCodeDecode $allowimage parameter
- //
- $this->mXoopsCodePre->call(new XCube_Ref($patterns), new XCube_Ref($replacements), $allowimage);
-
- $text = preg_replace($patterns, $replacements, $text);
+ $text = $this->mTextFilter->ConvertXCode($text, $allowimage);
// RaiseEvent : 'MyTextSanitizer.XoopsCodePostFilter'
// Delegate may convert output text with quickApplyFilter rule
@@ -294,42 +168,10 @@
// 'allowimage' [I] : xoopsCodeDecode $allowimage parameter
//
$this->mXoopsCodePostFilter->call(new XCube_Ref($text), $allowimage);
-
return $text;
}
/**
- * Filters out invalid strings included in URL, if any
- *
- * @param array $matches
- * @return string
- */
- function _filterImgUrl($matches)
- {
- if ($this->checkUrlString($matches[2])) {
- return $matches[0];
- } else {
- return "";
- }
- }
-
- /**
- * Checks if invalid strings are included in URL
- *
- * @param string $text
- * @return bool
- */
- function checkUrlString($text)
- {
- // Check control code
- if (preg_match("/[\\0-\\31]/", $text)) {
- return false;
- }
- // check black pattern(deprecated)
- return !preg_match("/^(javascript|vbscript|about):/i", $text);
- }
-
- /**
* Convert linebreaks to <br /> tags
*
* @param string $text
@@ -338,7 +180,7 @@
*/
function &nl2Br($text)
{
- $ret = preg_replace("/(\015\012)|(\015)|(\012)/","<br />",$text);
+ $ret = $this->mTextFilter->Nl2Br($text);
return $ret;
}
@@ -381,7 +223,7 @@
function &htmlSpecialChars($text, $forEdit=false)
{
if (!$forEdit) {
- $ret = $this->mTextFilter->ToShow($text);
+ $ret = $this->mTextFilter->ToShow($text, true);
} else {
$ret = $this->mTextFilter->ToEdit($text);
}
@@ -414,30 +256,7 @@
**/
function &displayTarea(&$text, $html = 0, $smiley = 1, $xcode = 1, $image = 1, $br = 1)
{
- $text = $this->codePreConv($text, $xcode); // Ryuji_edit(2003-11-18)
- if ($html != 1) {
- // html not allowed
- $text = $this->mTextFilter->ToShow($text);
- }
- $text =& $this->makeClickable($text);
- if ($smiley != 0) {
- // process smiley
- $text =& $this->smiley($text);
- }
- if ($xcode != 0) {
- // decode xcode
- if ($image != 0) {
- // image allowed
- $text =& $this->xoopsCodeDecode($text);
- } else {
- // image not allowed
- $text =& $this->xoopsCodeDecode($text, 0);
- }
- }
- if ($br != 0) {
- $text =& $this->nl2Br($text);
- }
- $text = $this->codeConv($text, $xcode, $image); // Ryuji_edit(2003-11-18)
+ $text = $this->mTextFilter->ToShowTarea($text, $html, $smiley, $xcode, $image, $br, true);
return $text;
}
@@ -455,30 +274,7 @@
function &previewTarea(&$text, $html = 0, $smiley = 1, $xcode = 1, $image = 1, $br = 1)
{
$text =& $this->stripSlashesGPC($text);
- $text = $this->codePreConv($text, $xcode); // Ryuji_edit(2003-11-18)
- if ($html != 1) {
- // html not allowed
- $text = $this->mTextFilter->ToShow($text);
- }
- $text =& $this->makeClickable($text);
- if ($smiley != 0) {
- // process smiley
- $text =& $this->smiley($text);
- }
- if ($xcode != 0) {
- // decode xcode
- if ($image != 0) {
- // image allowed
- $text =& $this->xoopsCodeDecode($text);
- } else {
- // image not allowed
- $text =& $this->xoopsCodeDecode($text, 0);
- }
- }
- if ($br != 0) {
- $text =& $this->nl2Br($text);
- }
- $text = $this->codeConv($text, $xcode, $image); // Ryuji_edit(2003-11-18)
+ $text = $this->mTextFilter->ToShowTarea($text, $html, $smiley, $xcode, $image, $br, true);
return $text;
}
@@ -522,69 +318,18 @@
*/
function codePreConv($text, $xcode = 1) {
if($xcode != 0){
- $patterns = array();
- $replacements = array();
- $patterns[] = "/\[code](.*)\[\/code\]/esU";
- $replacements[] = "'[code]'.base64_encode('$1').'[/code]'";
- // RaiseEvent 'MyTextSanitizer.CodePreConvePre'
- // Delegate may replace conversion table
- // Args :
- // 'patterns' [I/O] : &Array of pattern RegExp
- // 'replacements' [I/O] : &Array of replacing string
- //
- $this->mCodePreConvPre->call(new XCube_Ref($patterns), new XCube_Ref($replacements));
- $text = preg_replace($patterns, $replacements, $text);
+ $text = $this->mTextFilter->PreConvertXCode($text, $xcode);
}
return $text;
}
function codeConv($text, $xcode = 1, $image = 1){
if($xcode != 0){
- $patterns = array();
- $replacements = array();
- // RaiseEvent 'MyTextSanitizer.CodeConvPre'
- // Delegate may replace conversion table
- // Args :
- // 'patterns' [I/O] : &Array of pattern RegExp
- // 'replacements' [I/O] : &Array of replacing string
- // 'allowimage' [I] : xoopsCodeDecode $allowimage parameter
- // Caution :
- // - Conversion table order should be reverse order with codePreConv conversion table.
- // So, conversion rule for[code] is defined after call delegate function.
- // - Conversion rule should treat input string as raw text(not sanitized).
- //
- $this->mCodeConvPre->call(new XCube_Ref($patterns), new XCube_Ref($replacements), $image);
-
- $patterns[] = "/\[code](.*)\[\/code\]/esU";
- if ($image != 0) {
- // image allowed
- $replacements[] = "'<div class=\"xoopsCode\"><pre><code>'.MyTextSanitizer::codeSanitizer('$1').'</code></pre></div>'";
- } else {
- // image not allowed
- $replacements[] = "'<div class=\"xoopsCode\"><pre><code>'.MyTextSanitizer::codeSanitizer('$1', 0).'</code></pre></div>'";
- }
-
- $text = preg_replace($patterns, $replacements, $text);
+ $text = $this->mTextFilter->PostConvertXCode($text, $xcode);
}
return $text;
}
- function codeSanitizer($str, $image = 1){
- if($image != 0){
- $str = $this->xoopsCodeDecode(
- htmlspecialchars(str_replace('\"', '"', base64_decode($str)),ENT_QUOTES)
- );
- }else{
- $str = $this->xoopsCodeDecode(
- htmlspecialchars(str_replace('\"', '"', base64_decode($str)),ENT_QUOTES),0
- );
- }
- return $str;
- }
-
- /**#@-*/
-
-
##################### Deprecated Methods ######################
/**#@+
@@ -592,54 +337,25 @@
*/
function sanitizeForDisplay($text, $allowhtml = 0, $smiley = 1, $bbcode = 1)
{
- if ( $allowhtml == 0 ) {
- $text = $this->mTextFilter->ToShow($text);
- } else {
- //$config =& $GLOBALS['xoopsConfig'];
- //$allowed = $config['allowed_html'];
- //$text = strip_tags($text, $allowed);
- $text = $this->makeClickable($text);
- }
- if ( $smiley == 1 ) {
- $text = $this->smiley($text);
- }
- if ( $bbcode == 1 ) {
- $text = $this->xoopsCodeDecode($text);
- }
- $text = $this->nl2Br($text);
+ $text = $this->mTextFilter->ToShowTarea($text, $allowhtml, $smiley, $bbcode, 1, 1, true);
return $text;
}
function sanitizeForPreview($text, $allowhtml = 0, $smiley = 1, $bbcode = 1)
{
$text = $this->oopsStripSlashesGPC($text);
- if ( $allowhtml == 0 ) {
- $text = $this->mTextFilter->ToShow($text);
- } else {
- //$config =& $GLOBALS['xoopsConfig'];
- //$allowed = $config['allowed_html'];
- //$text = strip_tags($text, $allowed);
- $text = $this->makeClickable($text);
- }
- if ( $smiley == 1 ) {
- $text = $this->smiley($text);
- }
- if ( $bbcode == 1 ) {
- $text = $this->xoopsCodeDecode($text);
- }
- $text = $this->nl2Br($text);
+ $text = $this->mTextFilter->ToShowTarea($text, $allowhtml, $smiley, $bbcode, 1, 1, true);
return $text;
}
function makeTboxData4Save($text)
{
- //$text = $this->undoHtmlSpecialChars($text);
return $this->addSlashes($text);
}
function makeTboxData4Show($text, $smiley=0)
{
- $text = $this->mTextFilter->ToShow($text);
+ $text = $this->mTextFilter->ToShow($text, true);
return $text;
}
@@ -651,14 +367,14 @@
function makeTboxData4Preview($text, $smiley=0)
{
$text = $this->stripSlashesGPC($text);
- $text = $this->mTextFilter->ToShow($text);
+ $text = $this->mTextFilter->ToShow($text, true);
return $text;
}
function makeTboxData4PreviewInForm($text)
{
$text = $this->stripSlashesGPC($text);
- return $this->mTextFilter->ToShow($text);
+ return $this->mTextFilter->ToEdit($text);
}
function makeTareaData4Save($text)
@@ -687,12 +403,12 @@
{
//if magic_quotes_gpc is on, do stipslashes
$text = $this->stripSlashesGPC($text);
- return $this->mTextFilter->ToShow($text);
+ return $this->mTextFilter->ToEdit($text);
}
function makeTareaData4InsideQuotes($text)
{
- return $this->mTextFilter->ToShow($text);
+ return $this->mTextFilter->ToShow($text, true);
}
function &oopsStripSlashesGPC($text)
@@ -717,7 +433,7 @@
function &oopsHtmlSpecialChars($text)
{
- $ret = $this->mTextFilter->ToShow($text);
+ $ret = $this->mTextFilter->ToShow($text, true);
return $ret;
}