diff options
Diffstat (limited to 'include/text.php')
| -rw-r--r-- | include/text.php | 481 |
1 files changed, 251 insertions, 230 deletions
diff --git a/include/text.php b/include/text.php index 8c01ed1d2..d81b59d75 100644 --- a/include/text.php +++ b/include/text.php @@ -3,8 +3,10 @@ * @file include/text.php */ -require_once("include/bbcode.php"); +use \Zotlabs\Lib as Zlib; +use \Michelf\MarkdownExtra; +require_once("include/bbcode.php"); // random string, there are 86 characters max in text mode, 128 for hex // output is urlsafe @@ -88,12 +90,10 @@ function escape_tags($string) { } -function z_input_filter($channel_id,$s,$type = 'text/bbcode') { +function z_input_filter($s,$type = 'text/bbcode',$allow_code = false) { if($type === 'text/bbcode') return escape_tags($s); - if($type === 'text/markdown') - return escape_tags($s); if($type == 'text/plain') return escape_tags($s); if($type == 'application/x-pdl') @@ -103,15 +103,15 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { return $s; } - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on channel_account_id = account_id where channel_id = %d limit 1", - intval($channel_id) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && (get_account_id() == $r[0]['account_id'])) { - return $s; - } - } + if($allow_code) { + if($type === 'text/markdown') + return htmlspecialchars($s,ENT_QUOTES); + return $s; + } + + if($type === 'text/markdown') { + $x = new Zlib\MarkdownSoap($s); + return $x->clean(); } if($type === 'text/html') @@ -121,13 +121,23 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { } - +/** + * @brief Use HTMLPurifier to get standards compliant HTML. + * + * Use the <a href="http://htmlpurifier.org/" target="_blank">HTMLPurifier</a> + * library to get filtered and standards compliant HTML. + * + * @see HTMLPurifier + * + * @param string $s raw HTML + * @param boolean $allow_position allow CSS position + * @return string standards compliant filtered HTML + */ function purify_html($s, $allow_position = false) { - require_once('library/HTMLPurifier.auto.php'); - require_once('include/html2bbcode.php'); /** * @FIXME this function has html output, not bbcode - so safely purify these + * require_once('include/html2bbcode.php'); * $s = html2bb_video($s); * $s = oembed_html2bbcode($s); */ @@ -136,6 +146,15 @@ function purify_html($s, $allow_position = false) { $config->set('Cache.DefinitionImpl', null); $config->set('Attr.EnableID', true); + // If enabled, target=blank attributes are added to all links. + //$config->set('HTML.TargetBlank', true); + //$config->set('Attr.AllowedFrameTargets', ['_blank', '_self', '_parent', '_top']); + // restore old behavior of HTMLPurifier < 4.8, only used when targets allowed at all + // do not add rel="noreferrer" to all links with target attributes + //$config->set('HTML.TargetNoreferrer', false); + // do not add noopener rel attributes to links which have a target attribute associated with them + //$config->set('HTML.TargetNoopener', false); + //Allow some custom data- attributes used by built-in libs. //In this way members which do not have allowcode set can still use the built-in js libs in webpages to some extent. @@ -273,7 +292,6 @@ function purify_html($s, $allow_position = false) { new HTMLPurifier_AttrDef_CSS_Length(), new HTMLPurifier_AttrDef_CSS_Percentage() )); - } $purifier = new HTMLPurifier($config); @@ -586,8 +604,10 @@ function photo_new_resource() { * @return boolean true if found */ function attribute_contains($attr, $s) { + // remove quotes + $attr = str_replace([ '"',"'" ],['',''],$attr); $a = explode(' ', $attr); - if(count($a) && in_array($s, $a)) + if($a && in_array($s, $a)) return true; return false; @@ -628,14 +648,10 @@ function logger($msg, $level = LOGGER_NORMAL, $priority = LOG_INFO) { $where = ''; - // We require > 5.4 but leave the version check so that install issues (including version) can be logged - - if(version_compare(PHP_VERSION, '5.4.0') >= 0) { - $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); - $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; - } + $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); + $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; - $s = datetime_convert() . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL; + $s = datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL; $pluginfo = array('filename' => $logfile, 'loglevel' => $level, 'message' => $s,'priority' => $priority, 'logged' => false); if(! (App::$module == 'setup')) @@ -663,20 +679,18 @@ function btlogger($msg, $level = LOGGER_NORMAL, $priority = LOG_INFO) { if(file_exists(BTLOGGER_DEBUG_FILE) && is_writable(BTLOGGER_DEBUG_FILE)) { $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; - $s = datetime_convert() . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL; + $s = datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . log_priority_str($priority) . ':' . session_id() . ':' . $where . $msg . PHP_EOL; @file_put_contents(BTLOGGER_DEBUG_FILE, $s, FILE_APPEND); } - if(version_compare(PHP_VERSION, '5.4.0') >= 0) { - $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS); - if($stack) { - for($x = 1; $x < count($stack); $x ++) { - $s = 'stack: ' . basename($stack[$x]['file']) . ':' . $stack[$x]['line'] . ':' . $stack[$x]['function'] . '()'; - logger($s,$level, $priority); + $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS); + if($stack) { + for($x = 1; $x < count($stack); $x ++) { + $s = 'stack: ' . basename($stack[$x]['file']) . ':' . $stack[$x]['line'] . ':' . $stack[$x]['function'] . '()'; + logger($s,$level, $priority); - if(file_exists(BTLOGGER_DEBUG_FILE) && is_writable(BTLOGGER_DEBUG_FILE)) { - @file_put_contents(BTLOGGER_DEBUG_FILE, $s . PHP_EOL, FILE_APPEND); - } + if(file_exists(BTLOGGER_DEBUG_FILE) && is_writable(BTLOGGER_DEBUG_FILE)) { + @file_put_contents(BTLOGGER_DEBUG_FILE, $s . PHP_EOL, FILE_APPEND); } } } @@ -731,12 +745,12 @@ function dlogger($msg, $level = 0) { return; $where = ''; - if(version_compare(PHP_VERSION, '5.4.0') >= 0) { - $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); - $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; - } - @file_put_contents($logfile, datetime_convert() . ':' . session_id() . ' ' . $where . $msg . PHP_EOL, FILE_APPEND); + $stack = debug_backtrace(DEBUG_BACKTRACE_IGNORE_ARGS, 2); + $where = basename($stack[0]['file']) . ':' . $stack[0]['line'] . ':' . $stack[1]['function'] . ': '; + + + @file_put_contents($logfile, datetime_convert('UTC','UTC', 'now', ATOM_TIME) . ':' . session_id() . ' ' . $where . $msg . PHP_EOL, FILE_APPEND); } @@ -747,16 +761,24 @@ function profiler($t1,$t2,$label) { function activity_match($haystack,$needle) { - if(($haystack === $needle) || ((basename($needle) === $haystack) && strstr($needle,NAMESPACE_ACTIVITY_SCHEMA))) - return true; + if(! is_array($needle)) + $needle = [ $needle ]; + + if($needle) { + foreach($needle as $n) { + if(($haystack === $n) || (strtolower(basename($n)) === strtolower(basename($haystack)))) { + return true; + } + } + } return false; } /** - * @brief Pull out all #hashtags and @person tags from $s. + * @brief Pull out all \#hashtags and \@person tags from $s. * - * We also get @person@domain.com - which would make + * We also get \@person\@domain.com - which would make * the regex quite complicated as tags can also * end a sentence. So we'll run through our results * and strip the period from any tags which end with one. @@ -780,7 +802,7 @@ function get_tags($s) { // match any double quoted tags - if(preg_match_all('/([@#]\"\;.*?\"\;)/',$s,$match)) { + if(preg_match_all('/([@#!]\"\;.*?\"\;)/',$s,$match)) { foreach($match[1] as $mtch) { $ret[] = $mtch; } @@ -809,7 +831,7 @@ function get_tags($s) { // Otherwise pull out single word tags. These can be @nickname, @first_last // and #hash tags. - if(preg_match_all('/(?<![a-zA-Z0-9=\/\?\;])([@#][^ \x0D\x0A,;:?\[]+)/',$s,$match)) { + if(preg_match_all('/(?<![a-zA-Z0-9=\/\?\;])([@#\!][^ \x0D\x0A,;:?\[]+)/',$s,$match)) { foreach($match[1] as $mtch) { if(substr($mtch,-1,1) === '.') $mtch = substr($mtch,0,-1); @@ -851,6 +873,11 @@ function tag_sort_length($a,$b) { return((mb_strlen($b) < mb_strlen($a)) ? (-1) : 1); } +function total_sort($a,$b) { + if($a['total'] == $b['total']) + return 0; + return(($b['total'] > $a['total']) ? 1 : (-1)); +} /** @@ -968,7 +995,7 @@ function chanlink_cid($d) { function magiclink_url($observer,$myaddr,$url) { return (($observer) - ? z_root() . '/magic?f=&dest=' . $url . '&addr=' . $myaddr + ? z_root() . '/magic?f=&owa=1&dest=' . $url . '&addr=' . $myaddr : $url ); } @@ -1017,19 +1044,6 @@ function searchbox($s,$id='search-box',$url='/search',$save = false) { )); } -function valid_email_regex($x){ - if(preg_match('/^[_a-zA-Z0-9\-\+]+(\.[_a-zA-Z0-9\-\+]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$/',$x)) - return true; - return false; -} - -function valid_email($x){ - if(get_config('system','disable_email_validation')) - return true; - - return valid_email_regex($x); -} - /** * @brief Replace naked text hyperlink with HTML formatted hyperlink. * @@ -1141,12 +1155,11 @@ function get_mood_verbs() { * * @return Returns array with keys 'texts' and 'icons' */ -function list_smilies() { +function list_smilies($default_only = false) { $texts = array( '<3', '</3', - '<\\3', ':-)', ';-)', ':-(', @@ -1175,14 +1188,12 @@ function list_smilies() { ':coffee', ':facepalm', ':like', - ':dislike', - ':hubzilla' + ':dislike' ); $icons = array( '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-heart.gif" alt="<3" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-brokenheart.gif" alt="</3" />', - '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-brokenheart.gif" alt="<\\3" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-smile.gif" alt=":-)" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-wink.gif" alt=";-)" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-frown.gif" alt=":-(" />', @@ -1211,30 +1222,20 @@ function list_smilies() { '<img class="smiley" src="' . z_root() . '/images/emoticons/coffee.gif" alt=":coffee" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/smiley-facepalm.gif" alt=":facepalm" />', '<img class="smiley" src="' . z_root() . '/images/emoticons/like.gif" alt=":like" />', - '<img class="smiley" src="' . z_root() . '/images/emoticons/dislike.gif" alt=":dislike" />', - '<img class="smiley" src="' . z_root() . '/images/hz-16.png" alt=":hubzilla" />', + '<img class="smiley" src="' . z_root() . '/images/emoticons/dislike.gif" alt=":dislike" />' ); - $x = get_config('feature','emoji'); - if($x === false) - $x = 1; - if($x) { - if(! App::$emojitab) - App::$emojitab = json_decode(file_get_contents('library/emoji.json'),true); - foreach(App::$emojitab as $e) { - if(strpos($e['shortname'],':tone') === 0) - continue; - $texts[] = $e['shortname']; - $icons[] = '<img class="smiley emoji" height="16" width="16" src="images/emoji/' . $e['unicode'] . '.png' . '" alt="' . $e['name'] . '" />'; - } - } - $params = array('texts' => $texts, 'icons' => $icons); + + if($default_only) + return $params; + call_hooks('smilie', $params); return $params; } + /** * @brief Replaces text emoticons with graphical images. * @@ -1363,20 +1364,7 @@ function link_compare($a, $b) { function unobscure(&$item) { - if(array_key_exists('item_obscured',$item) && intval($item['item_obscured'])) { - $key = get_config('system','prvkey'); - if($item['title']) - $item['title'] = crypto_unencapsulate(json_decode($item['title'],true),$key); - if($item['body']) - $item['body'] = crypto_unencapsulate(json_decode($item['body'],true),$key); - if(get_config('system','item_cache')) { - q("update item set title = '%s', body = '%s', item_obscured = 0 where id = %d", - dbesc($item['title']), - dbesc($item['body']), - intval($item['id']) - ); - } - } + return; } function unobscure_mail(&$item) { @@ -1409,7 +1397,7 @@ function theme_attachments(&$item) { if(is_foreigner($item['author_xchan'])) $url = $r['href']; else - $url = z_root() . '/magic?f=&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision']; + $url = z_root() . '/magic?f=&owa=1&hash=' . $item['author_xchan'] . '&dest=' . $r['href'] . '/' . $r['revision']; //$s .= '<a href="' . $url . '" title="' . $title . '" class="attachlink" >' . $icon . '</a>'; $attaches[] = array('label' => $label, 'url' => $url, 'icon' => $icon, 'title' => $title); @@ -1465,11 +1453,10 @@ function format_hashtags(&$item) { continue; if(strpos($item['body'], $t['url'])) continue; - if($s) - $s .= ' '; + $s .= ' '; - $s .= '#<a href="' . zid($t['url']) . '" >' . $term . '</a>'; + $s .= '<span class="badge badge-pill badge-info"><i class="fa fa-hashtag"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1489,11 +1476,9 @@ function format_mentions(&$item) { continue; if(strpos($item['body'], $t['url'])) continue; - if($s) - $s .= ' '; - - $s .= '@<a href="' . zid($t['url']) . '" >' . $term . '</a>'; + $s .= ' '; + $s .= '<span class="badge badge-pill badge-success"><i class="fa fa-at"></i> <a class="text-white" href="' . zid($t['url']) . '" >' . $term . '</a></span>'; } } @@ -1554,17 +1539,22 @@ function prepare_body(&$item,$attach = false) { // if original photo width is <= 640px prepend it to item body if($object['link'][0]['width'] && $object['link'][0]['width'] <= 640) { - $s .= '<div class="inline-photo-item-wrapper"><a href="' . zid(rawurldecode($object['id'])) . '" target="_blank"><img class="inline-photo-item" style="max-width:' . $object['link'][0]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][0]['href'])) . '"></a></div>' . $s; + $s .= '<div class="inline-photo-item-wrapper"><a href="' . zid(rawurldecode($object['id'])) . '" target="_blank" rel="nofollow noopener" ><img class="inline-photo-item" style="max-width:' . $object['link'][0]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][0]['href'])) . '"></a></div>' . $s; } // if original photo width is > 640px make it a cover photo if($object['link'][0]['width'] && $object['link'][0]['width'] > 640) { $scale = ((($object['link'][1]['width'] == 1024) || ($object['link'][1]['height'] == 1024)) ? 1 : 0); - $photo = '<a href="' . zid(rawurldecode($object['id'])) . '" target="_blank"><img style="max-width:' . $object['link'][$scale]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][$scale]['href'])) . '"></a>'; + $photo = '<a href="' . zid(rawurldecode($object['id'])) . '" target="_blank" rel="nofollow noopener"><img style="max-width:' . $object['link'][$scale]['width'] . 'px; width:100%; height:auto;" src="' . zid(rawurldecode($object['link'][$scale]['href'])) . '"></a>'; } } - $s .= prepare_text($item['body'],$item['mimetype'], false); + if($item['item_obscured']) { + $s .= prepare_binary($item); + } + else { + $s .= prepare_text($item['body'],$item['mimetype'], false); + } $event = (($item['obj_type'] === ACTIVITY_OBJ_EVENT) ? format_event_obj($item['obj']) : false); @@ -1581,11 +1571,6 @@ function prepare_body(&$item,$attach = false) { $photo = $prep_arr['photo']; $event = $prep_arr['event']; -// q("update item set html = '%s' where id = %d", -// dbesc($s), -// intval($item['id']) -// ); - if(! $attach) { return $s; } @@ -1632,6 +1617,17 @@ function prepare_body(&$item,$attach = false) { return $prep_arr; } + +function prepare_binary($item) { + return replace_macros(get_markup_template('item_binary.tpl'), [ + '$download' => t('Download binary/encrypted content'), + '$url' => z_root() . '/viewsrc/' . $item['id'] . '/download' + ]); +} + + + + /** * @brief Given a text string, convert from bbcode to html and add smilie icons. * @@ -1653,8 +1649,8 @@ function prepare_text($text, $content_type = 'text/bbcode', $cache = false) { break; case 'text/markdown': - require_once('library/markdown.php'); - $s = Markdown($text); + $text = Zlib\MarkdownSoap::unescape($text); + $s = MarkdownExtra::defaultTransform($text); break; case 'application/x-pdl'; @@ -1798,42 +1794,28 @@ function layout_select($channel_id, $current = '') { } -function mimetype_select($channel_id, $current = 'text/bbcode') { +function mimetype_select($channel_id, $current = 'text/bbcode', $choices = null, $element = 'mimetype') { - $x = array( - 'text/bbcode', - 'text/html', - 'text/markdown', - 'text/plain', - 'application/x-pdl' - ); + $x = (($choices) ? $choices : [ + 'text/bbcode' => t('BBcode'), + 'text/html' => t('HTML'), + 'text/markdown' => t('Markdown'), + 'text/plain' => t('Text'), + 'application/x-pdl' => t('Comanche Layout') + ]); - if(App::$is_sys) { - $x[] = 'application/x-php'; + if((App::$is_sys) || (channel_codeallowed($channel_id) && $channel_id == local_channel())){ + $x['application/x-php'] = t('PHP'); } - else { - $r = q("select account_id, account_roles, channel_pageflags from account left join channel on account_id = channel_account_id where - channel_id = %d limit 1", - intval($channel_id) - ); - if($r) { - if(($r[0]['account_roles'] & ACCOUNT_ROLE_ALLOWCODE) || ($r[0]['channel_pageflags'] & PAGE_ALLOWCODE)) { - if(local_channel() && get_account_id() == $r[0]['account_id']) { - $x[] = 'application/x-php'; - } - } - } - } - - foreach($x as $y) { + foreach($x as $y => $z) { $selected = (($y == $current) ? ' selected="selected" ' : ''); - $options .= '<option name="' . $y . '"' . $selected . '>' . $y . '</option>'; + $options .= '<option value="' . $y . '"' . $selected . '>' . $z . '</option>'; } $o = replace_macros(get_markup_template('field_select_raw.tpl'), array( - '$field' => array('mimetype', t('Page content type'), $selected, '', $options) + '$field' => array( $element, t('Page content type'), $selected, '', $options) )); return $o; @@ -2010,26 +1992,47 @@ function is_a_date_arg($s) { } function legal_webbie($s) { - if(! strlen($s)) + if(! $s) return ''; - $x = $s; - do { - $s = $x; - $x = preg_replace('/^([^a-z])(.*?)/',"$2",$s); - } while($x != $s); + // WARNING: This regex may not work in a federated environment. + // You will probably want something like + // preg_replace('/([^a-z0-9\_])/','',strtolower($s)); + + $r = preg_replace('/([^a-z0-9\-\_])/','',strtolower($s)); + + $x = [ 'input' => $s, 'output' => $r ]; + call_hooks('legal_webbie',$x); + return $x['output']; - return preg_replace('/([^a-z0-9\-\_])/','',$x); } +function legal_webbie_text() { + + // WARNING: This will not work in a federated environment. + + $s = t('a-z, 0-9, -, and _ only'); + + $x = [ 'text' => $s ]; + call_hooks('legal_webbie_text',$x); + return $x['text']; + +} + + + + function check_webbie($arr) { + + // These names conflict with the CalDAV server + $taken = [ 'principals', 'addressbooks', 'calendars' ]; + $reservechan = get_config('system','reserved_channels'); - if(strlen($reservechan)) - $taken = explode(',', $reservechan); - else - $taken = array('principals','addressbooks','calendars'); + if(strlen($reservechan)) { + $taken = array_merge($taken,explode(',', $reservechan)); + } $str = ''; if(count($arr)) { @@ -2065,7 +2068,7 @@ function ids_to_array($arr,$idx = 'id') { $t = array(); if($arr) { foreach($arr as $x) { - if(array_key_exists($idx,$x) && strlen($x[$idx]) && (! in_array($x[$idx],$t))) { + if(array_key_exists($idx,$x) && strlen($x[$idx]) && (! in_array($x[$idx],$t))) { $t[] = $x[$idx]; } } @@ -2081,7 +2084,7 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { if($arr) { foreach($arr as $x) { if(! in_array($x[$idx],$t)) { - if($quote) + if($quote) $t[] = "'" . dbesc($x[$idx]) . "'"; else $t[] = $x[$idx]; @@ -2098,7 +2101,7 @@ function ids_to_querystr($arr,$idx = 'id',$quote = false) { * If $abook is true also include the abook info. This is needed in the API to * save extra per item lookups there. * - * @param array[in,out] &$items + * @param[in,out] array &$items * @param boolean $abook If true also include the abook info * @param number $effective_uid */ @@ -2194,10 +2197,10 @@ function magic_link($s) { } /** - * if $escape is true, dbesc() each element before adding quotes + * @brief If $escape is true, dbesc() each element before adding quotes. * - * @param array[in,out] &$arr - * @param boolean $escape default false + * @param[in,out] array &$arr + * @param boolean $escape (optional) default false */ function stringify_array_elms(&$arr, $escape = false) { for($x = 0; $x < count($arr); $x ++) @@ -2208,7 +2211,6 @@ function stringify_array_elms(&$arr, $escape = false) { * @brief Indents a flat JSON string to make it more human-readable. * * @param string $json The original JSON string to process. - * * @return string Indented version of the original JSON string. */ function jindent($json) { @@ -2280,13 +2282,13 @@ function design_tools() { $who = $channel['channel_address']; return replace_macros(get_markup_template('design_tools.tpl'), array( - '$title' => t('Design Tools'), - '$who' => $who, - '$sys' => $sys, + '$title' => t('Design Tools'), + '$who' => $who, + '$sys' => $sys, '$blocks' => t('Blocks'), - '$menus' => t('Menus'), + '$menus' => t('Menus'), '$layout' => t('Layouts'), - '$pages' => t('Pages') + '$pages' => t('Pages') )); } @@ -2307,21 +2309,21 @@ function website_portation_tools() { } return replace_macros(get_markup_template('website_portation_tools.tpl'), array( - '$title' => t('Import'), - '$import_label' => t('Import website...'), - '$import_placeholder' => t('Select folder to import'), - '$file_upload_text' => t('Import from a zipped folder:'), - '$file_import_text' => t('Import from cloud files:'), - '$desc' => t('/cloud/channel/path/to/folder'), - '$hint' => t('Enter path to website files'), - '$select' => t('Select folder'), - '$export_label' => t('Export website...'), - '$file_download_text' => t('Export to a zip file'), - '$filename_desc' => t('website.zip'), - '$filename_hint' => t('Enter a name for the zip file.'), - '$cloud_export_text' => t('Export to cloud files'), - '$cloud_export_desc' => t('/path/to/export/folder'), - '$cloud_export_hint' => t('Enter a path to a cloud files destination.'), + '$title' => t('Import'), + '$import_label' => t('Import website...'), + '$import_placeholder' => t('Select folder to import'), + '$file_upload_text' => t('Import from a zipped folder:'), + '$file_import_text' => t('Import from cloud files:'), + '$desc' => t('/cloud/channel/path/to/folder'), + '$hint' => t('Enter path to website files'), + '$select' => t('Select folder'), + '$export_label' => t('Export website...'), + '$file_download_text' => t('Export to a zip file'), + '$filename_desc' => t('website.zip'), + '$filename_hint' => t('Enter a name for the zip file.'), + '$cloud_export_text' => t('Export to cloud files'), + '$cloud_export_desc' => t('/path/to/export/folder'), + '$cloud_export_hint' => t('Enter a path to a cloud files destination.'), '$cloud_export_select' => t('Specify folder'), )); } @@ -2389,8 +2391,9 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d $r = null; $match = array(); - $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN); - $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype); + $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN); + $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype); + $termtype = ((strpos($tag,'!') === 0) ? TERM_FORUM : $termtype); $termtype = ((strpos($tag,'#^[') === 0) ? TERM_BOOKMARK : $termtype); //is it a hash tag? @@ -2407,16 +2410,9 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d //...do nothing return $replaced; } - if($tag == '#getzot') { - $basetag = 'getzot'; - $url = 'http://hubzilla.org'; - $newtag = '#[zrl=' . $url . ']' . $basetag . '[/zrl]'; - $body = str_replace($tag,$newtag,$body); - $replaced = true; - } if(! $replaced) { - //base tag has the tags name only + // base tag has the tags name only if((substr($tag,0,7) === '#"') && (substr($tag,-6,6) === '"')) { $basetag = substr($tag,7); @@ -2454,10 +2450,16 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d //is it a person tag? - if(strpos($tag,'@') === 0) { + $grouptag = false; + + if(strpos($tag,'!') === 0) { + $grouptag = true; + } + + if(strpos($tag,'@') === 0 || $grouptag) { // The @! tag will alter permissions - $exclusive = ((strpos($tag,'!') === 1 && (! $diaspora)) ? true : false); + $exclusive = (((! $grouptag) && (strpos($tag,'!') === 1) && (! $diaspora)) ? true : false); //is it already replaced? if(strpos($tag,'[zrl=')) @@ -2498,7 +2500,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d if(($t2) && (! $diaspora)) { //get the id - $tagcid = substr($newname,$t2 + 1); + $tagcid = urldecode(substr($newname,$t2 + 1)); if(strrpos($tagcid,' ')) $tagcid = substr($tagcid,0,strrpos($tagcid,' ')); @@ -2629,8 +2631,15 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $d //create profile link $profile = str_replace(',','%2c',$profile); $url = $profile; - $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]'; - $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); + if($grouptag) { + $newtag = '!' . '[zrl=' . $profile . ']' . $newname . '[/zrl]'; + $body = str_replace('!' . $name, $newtag, $body); + } + else { + $newtag = '@' . (($exclusive) ? '!' : '') . '[zrl=' . $profile . ']' . $newname . (($forum && ! $trailing_plus_name) ? '+' : '') . '[/zrl]'; + $body = str_replace('@' . (($exclusive) ? '!' : '') . $name, $newtag, $body); + } + //append tag to str_tags if(! stristr($str_tags,$newtag)) { if(strlen($str_tags)) @@ -2837,7 +2846,7 @@ function item_url_replace($channel,&$item,$old,$new,$oldnick = '') { */ function sanitise_acl(&$item) { if (strlen($item)) - $item = '<' . notags(trim($item)) . '>'; + $item = '<' . notags(trim(urldecode($item))) . '>'; else unset($item); } @@ -2919,7 +2928,7 @@ function pdl_selector($uid, $current='') { $sql_extra = item_permissions_sql($uid); - $r = q("select iconfig.*, mid from item_id left join item on iconfig.iid = item.id + $r = q("select iconfig.*, mid from iconfig left join item on iconfig.iid = item.id where item.uid = %d and iconfig.cat = 'system' and iconfig.k = 'PDL' $sql_extra order by v asc", intval($uid) ); @@ -2979,6 +2988,9 @@ function flatten_array_recursive($arr) { * @param string $s Text to highlight * @param string $lang Which language should be highlighted * @return string + * Important: The returned text has the text pattern 'http' translated to '%eY9-!' which should be converted back + * after further processing. This was done to prevent oembed links from occurring inside code blocks. + * See include/bbcode.php */ function text_highlight($s, $lang) { @@ -2991,40 +3003,15 @@ function text_highlight($s, $lang) { $s = jindent($s); } - if(! strpos('Text_Highlighter', get_include_path())) { - set_include_path(get_include_path() . PATH_SEPARATOR . 'library/Text_Highlighter'); - } - require_once('library/Text_Highlighter/Text/Highlighter.php'); - require_once('library/Text_Highlighter/Text/Highlighter/Renderer/Html.php'); - $options = array( - 'numbers' => HL_NUMBERS_LI, - 'tabsize' => 4, - ); - $tag_added = false; - $s = trim(html_entity_decode($s, ENT_COMPAT)); - $s = str_replace(" ", "\t", $s); - - // The highlighter library insists on an opening php tag for php code blocks. If - // it isn't present, nothing is highlighted. So we're going to see if it's present. - // If not, we'll add it, and then quietly remove it after we get the processed output back. - - if($lang === 'php') { - if(strpos('<?php', $s) !== 0) { - $s = '<?php' . "\n" . $s; - $tag_added = true; - } - } - $renderer = new Text_Highlighter_Renderer_HTML($options); - $hl = Text_Highlighter::factory($lang); - $hl->setRenderer($renderer); - $o = $hl->highlight($s); - $o = str_replace([" ", "\n"], [" ", ''], $o); + $arr = [ 'text' => $s, 'language' => $lang, 'success' => false ]; + call_hooks('text_highlight',$arr); - if($tag_added) { - $b = substr($o, 0, strpos($o, '<li>')); - $e = substr($o, strpos($o, '</li>')); - $o = $b . $e; - } + if($arr['success']) + $o = $arr['text']; + else + $o = $s; + + $o = str_replace('http','%eY9-!',$o); return('<code>' . $o . '</code>'); } @@ -3055,13 +3042,22 @@ function array2XML($obj, $array) { if(is_array($value)) { $node = $obj->addChild($key); array2XML($node, $value); - } else { + } + else { $obj->addChild($key, htmlspecialchars($value)); } } } - +/** + * @brief Inserts an array into $table. + * + * @TODO Why is this function in include/text.php? + * + * @param string $table + * @param array $arr + * @return boolean|PDOStatement + */ function create_table_from_array($table, $arr) { if(! ($arr && $table)) @@ -3079,6 +3075,14 @@ function create_table_from_array($table, $arr) { return $r; } +function share_shield($m) { + return str_replace($m[1],'!=+=+=!' . base64url_encode($m[1]) . '=+!=+!=',$m[0]); +} + +function share_unshield($m) { + $x = str_replace(array('!=+=+=!','=+!=+!='),array('',''),$m[1]); + return str_replace($m[1], base64url_decode($x), $m[0]); +} function cleanup_bbcode($body) { @@ -3141,3 +3145,20 @@ function array_escape_tags(&$v,$k) { $v = escape_tags($v); } +function ellipsify($s,$maxlen) { + if($maxlen & 1) + $maxlen --; + if($maxlen < 4) + $maxlen = 4; + + if(mb_strlen($s) < $maxlen) + return $s; + + return mb_substr($s,0,$maxlen / 2) . '...' . mb_substr($s,mb_strlen($s) - ($maxlen / 2)); +} + +function purify_filename($s) { + if(($s[0] === '.') || strpos($s,'/') !== false) + return ''; + return $s; +} |