diff options
Diffstat (limited to 'include/bbcode.php')
-rw-r--r-- | include/bbcode.php | 25 |
1 files changed, 23 insertions, 2 deletions
diff --git a/include/bbcode.php b/include/bbcode.php index bb9144b1d..c7dea53c5 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -4,6 +4,8 @@ * @brief BBCode related functions for parsing, etc. */ +use Zotlabs\Lib\SvgSanitizer; + require_once('include/oembed.php'); require_once('include/event.php'); require_once('include/zot.php'); @@ -267,6 +269,22 @@ function bb_parse_app($match) { return Zotlabs\Lib\Apps::app_render($app); } +function bb_svg($match) { + + $params = str_replace(['<br>', '"'], [ '', '"'],$match[1]); + $Text = str_replace([ '[',']' ], [ '<','>' ], $match[2]); + + $output = '<svg' . (($params) ? $params : ' width="100%" height="480" ') . '>' . str_replace(['<br>', '"', ' '], [ '', '"', ' '],$Text) . '</svg>'; + + $purify = new SvgSanitizer(); + $purify->loadXML($output); + $purify->sanitize(); + $output = $purify->saveSVG(); + $output = preg_replace("/\<\?xml(.*?)\?\>/",'',$output); + return $output; +} + + function bb_parse_element($match) { $j = json_decode(base64url_decode($match[1]),true); @@ -948,9 +966,9 @@ function bbcode($Text, $options = []) { if (strpos($Text,'http') !== false) { if($tryoembed) { - $Text = preg_replace_callback("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", 'tryoembed', $Text); + $Text = preg_replace_callback("/([^\]\='".'"'."\;\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", 'tryoembed', $Text); } - $Text = preg_replace("/([^\]\='".'"'."\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1<a href="$2" ' . $target . ' rel="nofollow noopener">$2</a>', $Text); + $Text = preg_replace("/([^\]\='".'"'."\;\/]|^|\#\^)(https?\:\/\/$urlchars+)/ismu", '$1<a href="$2" ' . $target . ' rel="nofollow noopener">$2</a>', $Text); } if (strpos($Text,'[/share]') !== false) { @@ -1289,6 +1307,9 @@ function bbcode($Text, $options = []) { $Text = preg_replace_callback("/\[zaudio\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mp3|opus|m4a))\[\/zaudio\]/ism", 'tryzrlaudio', $Text); } + // SVG stuff + $Text = preg_replace_callback("/\[svg(.*?)\](.*?)\[\/svg\]/ism", 'bb_svg', $Text); + // Try to Oembed if ($tryoembed) { if (strpos($Text,'[/video]') !== false) { |