aboutsummaryrefslogtreecommitdiffstats
path: root/include/text.php
diff options
context:
space:
mode:
Diffstat (limited to 'include/text.php')
-rw-r--r--include/text.php366
1 files changed, 206 insertions, 160 deletions
diff --git a/include/text.php b/include/text.php
index 86da3ee42..664d5f83d 100644
--- a/include/text.php
+++ b/include/text.php
@@ -1,18 +1,26 @@
-<?php /** @file */
-
+<?php
+/**
+ * @file include/text.php
+ */
require_once("include/template_processor.php");
require_once("include/smarty.php");
+// random string, there are 86 characters max in text mode, 128 for hex
+// output is urlsafe
+
+define('RANDOM_STRING_HEX', 0x00 );
+define('RANDOM_STRING_TEXT', 0x01 );
+
/**
- * This is our template processor
+ * @brief This is our template processor.
*
* @param string|FriendicaSmarty $s the string requiring macro substitution,
- * or an instance of FriendicaSmarty
+ * or an instance of FriendicaSmarty
* @param array $r key value pairs (search => replace)
* @return string substituted string
*/
-function replace_macros($s,$r) {
+function replace_macros($s, $r) {
$a = get_app();
$arr = array('template' => $s, 'params' => $r);
@@ -24,40 +32,38 @@ function replace_macros($s,$r) {
return $output;
}
-
-// random string, there are 86 characters max in text mode, 128 for hex
-// output is urlsafe
-
-define('RANDOM_STRING_HEX', 0x00 );
-define('RANDOM_STRING_TEXT', 0x01 );
-
-
-function random_string($size = 64,$type = RANDOM_STRING_HEX) {
+/**
+ * @brief Generates a random string.
+ *
+ * @param number $size
+ * @param int $type
+ * @return string
+ */
+function random_string($size = 64, $type = RANDOM_STRING_HEX) {
// generate a bit of entropy and run it through the whirlpool
$s = hash('whirlpool', (string) rand() . uniqid(rand(),true) . (string) rand(),(($type == RANDOM_STRING_TEXT) ? true : false));
$s = (($type == RANDOM_STRING_TEXT) ? str_replace("\n","",base64url_encode($s,true)) : $s);
- return(substr($s,0,$size));
+
+ return(substr($s, 0, $size));
}
/**
- * This is our primary input filter.
+ * @brief This is our primary input filter.
*
* The high bit hack only involved some old IE browser, forget which (IE5/Mac?)
* that had an XSS attack vector due to stripping the high-bit on an 8-bit character
* after cleansing, and angle chars with the high bit set could get through as markup.
- *
+ *
* This is now disabled because it was interfering with some legitimate unicode sequences
* and hopefully there aren't a lot of those browsers left.
*
* Use this on any text input where angle chars are not valid or permitted
* They will be replaced with safer brackets. This may be filtered further
- * if these are not allowed either.
+ * if these are not allowed either.
*
* @param string $string Input string
* @return string Filtered string
*/
-
-
function notags($string) {
return(str_replace(array("<",">"), array('[',']'), $string));
@@ -105,7 +111,6 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') {
return purify_html($s);
return escape_tags($s);
-
}
@@ -114,39 +119,38 @@ function purify_html($s) {
require_once('library/HTMLPurifier.auto.php');
require_once('include/html2bbcode.php');
-// FIXME this function has html output, not bbcode - so safely purify these
-// $s = html2bb_video($s);
-// $s = oembed_html2bbcode($s);
+/**
+ * @FIXME this function has html output, not bbcode - so safely purify these
+ * $s = html2bb_video($s);
+ * $s = oembed_html2bbcode($s);
+ */
$config = HTMLPurifier_Config::createDefault();
$config->set('Cache.DefinitionImpl', null);
$config->set('Attr.EnableID', true);
$purifier = new HTMLPurifier($config);
+
return $purifier->purify($s);
}
-
-
-// generate a string that's random, but usually pronounceable.
-// used to generate initial passwords
-
-
/**
- * generate a string that's random, but usually pronounceable.
- * used to generate initial passwords
+ * @brief generate a string that's random, but usually pronounceable.
+ *
+ * Used to generate initial passwords.
+ *
* @param int $len
* @return string
*/
function autoname($len) {
- if($len <= 0)
+ if ($len <= 0)
return '';
$vowels = array('a','a','ai','au','e','e','e','ee','ea','i','ie','o','ou','u');
- if(mt_rand(0,5) == 4)
+ if (mt_rand(0, 5) == 4)
$vowels[] = 'y';
$cons = array(
@@ -178,8 +182,8 @@ function autoname($len) {
$noend = array('bl', 'br', 'cl','cr','dr','fl','fr','gl','gr',
'kh', 'kl','kr','mn','pl','pr','rh','tr','qu','wh');
- $start = mt_rand(0,2);
- if($start == 0)
+ $start = mt_rand(0, 2);
+ if ($start == 0)
$table = $vowels;
else
$table = $cons;
@@ -190,33 +194,30 @@ function autoname($len) {
$r = mt_rand(0,count($table) - 1);
$word .= $table[$r];
- if($table == $vowels)
- $table = array_merge($cons,$midcons);
+ if ($table == $vowels)
+ $table = array_merge($cons, $midcons);
else
$table = $vowels;
-
}
$word = substr($word,0,$len);
- foreach($noend as $noe) {
- if((strlen($word) > 2) && (substr($word,-2) == $noe)) {
+ foreach ($noend as $noe) {
+ if ((strlen($word) > 2) && (substr($word,-2) == $noe)) {
$word = substr($word,0,-1);
break;
}
}
- if(substr($word,-1) == 'q')
- $word = substr($word,0,-1);
+ if (substr($word, -1) == 'q')
+ $word = substr($word, 0, -1);
+
return $word;
}
-// escape text ($str) for XML transport
-// returns escaped text.
-
-
/**
- * escape text ($str) for XML transport
+ * @brief escape text ($str) for XML transport
+ *
* @param string $str
* @return string Escaped text.
*/
@@ -228,7 +229,6 @@ function xmlify($str) {
$char = mb_substr($str,$x,1);
switch( $char ) {
-
case "\r" :
break;
case "&" :
@@ -252,9 +252,10 @@ function xmlify($str) {
default :
$buffer .= $char;
break;
- }
+ }
}
$buffer = trim($buffer);
+
return($buffer);
}
@@ -268,10 +269,12 @@ function unxmlify($s) {
return $ret;
}
-// convenience wrapper, reverse the operation "bin2hex"
-
-// This is a built-in function in php >= 5.4
-
+/**
+ * Convenience wrapper, reverse the operation "bin2hex"
+ * This is a built-in function in php >= 5.4
+ *
+ * @FIXME We already have php >= 5.4 requirements, so can we remove this?
+ */
if(! function_exists('hex2bin')) {
function hex2bin($s) {
if(! (is_string($s) && strlen($s)))
@@ -381,14 +384,16 @@ function alt_pager(&$a, $i, $more = '', $less = '') {
}
-// Turn user/group ACLs stored as angle bracketed text into arrays
-
-
+/**
+ * @brief Turn user/group ACLs stored as angle bracketed text into arrays.
+ *
+ * turn string array of angle-bracketed elements into string array
+ * e.g. "<123xyz><246qyo><sxo33e>" => array(123xyz,246qyo,sxo33e);
+ *
+ * @param string $s
+ * @return array
+ */
function expand_acl($s) {
-
- // turn string array of angle-bracketed elements into string array
- // e.g. "<123xyz><246qyo><sxo33e>" => array(123xyz,246qyo,sxo33e);
-
$ret = array();
if(strlen($s)) {
@@ -399,34 +404,41 @@ function expand_acl($s) {
$ret[] = $aa;
}
}
+
return $ret;
}
-// Used to wrap ACL elements in angle brackets for storage
-
-
+/**
+ * @brief Used to wrap ACL elements in angle brackets for storage.
+ *
+ * @param[in,out] array &$item
+ */
function sanitise_acl(&$item) {
- if(strlen($item))
+ if (strlen($item))
$item = '<' . notags(trim($item)) . '>';
else
unset($item);
}
-
-// Convert an ACL array to a storable string
-
+/**
+ * @brief Convert an ACL array to a storable string.
+ *
+ * @param array $p
+ * @return array
+ */
function perms2str($p) {
$ret = '';
- if(is_array($p))
+ if (is_array($p))
$tmp = $p;
else
- $tmp = explode(',',$p);
+ $tmp = explode(',', $p);
- if(is_array($tmp)) {
- array_walk($tmp,'sanitise_acl');
- $ret = implode('',$tmp);
+ if (is_array($tmp)) {
+ array_walk($tmp, 'sanitise_acl');
+ $ret = implode('', $tmp);
}
+
return $ret;
}
@@ -858,51 +870,48 @@ function valid_email($x){
return false;
}
-
/**
+ * @brief Replace naked text hyperlink with HTML formatted hyperlink.
*
- * Function: linkify
- *
- * Replace naked text hyperlink with HTML formatted hyperlink
- *
+ * @param string $s
+ * @param boolean $me (optional) default false
+ * @return string
*/
-
-
-function linkify($s,$me = false) {
+function linkify($s, $me = false) {
$s = preg_replace("/(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\@\~\#\'\%\$\!\+\,\@]*)/", (($me) ? ' <a href="$1" rel="me" >$1</a>' : ' <a href="$1" >$1</a>'), $s);
$s = preg_replace("/\<(.*?)(src|href)=(.*?)\&amp\;(.*?)\>/ism",'<$1$2=$3&$4>',$s);
+
return($s);
}
-
/**
- * @function sslify($s)
- * Replace media element using http url with https to a local redirector if using https locally
- * @param string $s
+ * @brief Replace media element using http url with https to a local redirector
+ * if using https locally.
*
* Looks for HTML tags containing src elements that are http when we're viewing an https page
* Typically this throws an insecure content violation in the browser. So we redirect them
* to a local redirector which uses https and which redirects to the selected content
*
+ * @param string $s
* @returns string
*/
function sslify($s) {
- if(strpos(z_root(),'https:') === false)
+ if (strpos(z_root(),'https:') === false)
return $s;
$matches = null;
$cnt = preg_match_all("/\<(.*?)src=\"(http\:.*?)\"(.*?)\>/",$s,$matches,PREG_SET_ORDER);
- if($cnt) {
- foreach($matches as $match) {
- $filename = basename( parse_url($match[2],PHP_URL_PATH) );
+ if ($cnt) {
+ foreach ($matches as $match) {
+ $filename = basename( parse_url($match[2], PHP_URL_PATH) );
$s = str_replace($match[2],z_root() . '/sslify/' . $filename . '?f=&url=' . urlencode($match[2]),$s);
}
}
+
return $s;
}
-
function get_poke_verbs() {
// index is present tense verb
// value is array containing past tense verb, translation of present, translation of past
@@ -1033,47 +1042,42 @@ function list_smilies() {
$params = array('texts' => $texts, 'icons' => $icons);
call_hooks('smilie', $params);
+
return $params;
}
/**
- *
- * Function: smilies
- *
- * Description:
- * Replaces text emoticons with graphical images
- *
- * @Parameter: string $s
- *
- * Returns string
+ * @brief Replaces text emoticons with graphical images.
*
* It is expected that this function will be called using HTML text.
* We will escape text between HTML pre and code blocks, and HTML attributes
* (such as urls) from being processed.
- *
+ *
* At a higher level, the bbcode [nosmile] tag can be used to prevent this
* function from being executed by the prepare_text() routine when preparing
- * bbcode source for HTML display
+ * bbcode source for HTML display.
*
+ * @param string $s
+ * @param boolean $sample (optional) default false
+ * @return string
*/
function smilies($s, $sample = false) {
- if(intval(get_config('system','no_smilies'))
- || (local_channel() && intval(get_pconfig(local_channel(),'system','no_smilies'))))
+ if(intval(get_config('system', 'no_smilies'))
+ || (local_channel() && intval(get_pconfig(local_channel(), 'system', 'no_smilies'))))
return $s;
- $s = preg_replace_callback('{<(pre|code)>.*?</\1>}ism','smile_shield',$s);
- $s = preg_replace_callback('/<[a-z]+ .*?>/ism','smile_shield',$s);
+ $s = preg_replace_callback('{<(pre|code)>.*?</\1>}ism', 'smile_shield', $s);
+ $s = preg_replace_callback('/<[a-z]+ .*?>/ism', 'smile_shield', $s);
$params = list_smilies();
$params['string'] = $s;
- if($sample) {
+ if ($sample) {
$s = '<div class="smiley-sample">';
- for($x = 0; $x < count($params['texts']); $x ++) {
+ for ($x = 0; $x < count($params['texts']); $x ++) {
$s .= '<dl><dt>' . $params['texts'][$x] . '</dt><dd>' . $params['icons'][$x] . '</dd></dl>';
}
- }
- else {
+ } else {
$params['string'] = preg_replace_callback('/&lt;(3+)/','preg_heart',$params['string']);
$s = str_replace($params['texts'],$params['icons'],$params['string']);
}
@@ -1083,6 +1087,12 @@ function smilies($s, $sample = false) {
return $s;
}
+/**
+ * @brief
+ *
+ * @param array $m
+ * @return string
+ */
function smile_shield($m) {
return '<!--base64:' . base64url_encode($m[0]) . '-->';
}
@@ -1091,16 +1101,22 @@ function smile_unshield($m) {
return base64url_decode($m[1]);
}
-// expand <3333 to the correct number of hearts
-
+/**
+ * @brief Expand <3333 to the correct number of hearts.
+ *
+ * @param array $x
+ */
function preg_heart($x) {
$a = get_app();
- if(strlen($x[1]) == 1)
+ if (strlen($x[1]) == 1)
return $x[0];
+
$t = '';
for($cnt = 0; $cnt < strlen($x[1]); $cnt ++)
$t .= '<img class="smiley" src="' . $a->get_baseurl() . '/images/smiley-heart.gif" alt="<3" />';
+
$r = str_replace($x[0],$t,$x[0]);
+
return $r;
}
@@ -1118,27 +1134,33 @@ function day_translate($s) {
return $ret;
}
-
-
+/**
+ * @brief normalises a string.
+ *
+ * @param string $url
+ * @return string
+ */
function normalise_link($url) {
- $ret = str_replace(array('https:','//www.'), array('http:','//'), $url);
- return(rtrim($ret,'/'));
+ $ret = str_replace(array('https:', '//www.'), array('http:', '//'), $url);
+
+ return(rtrim($ret, '/'));
}
/**
+ * @brief Compare two URLs to see if they are the same.
*
- * Compare two URLs to see if they are the same, but ignore
- * slight but hopefully insignificant differences such as if one
- * is https and the other isn't, or if one is www.something and
- * the other isn't - and also ignore case differences.
+ * But ignore slight but hopefully insignificant differences such as if one
+ * is https and the other isn't, or if one is www.something and the other
+ * isn't - and also ignore case differences.
*
- * Return true if the URLs match, otherwise false.
+ * @see normalis_link()
*
+ * @param string $a
+ * @param string $b
+ * @return true if the URLs match, otherwise false
*/
-
-
-function link_compare($a,$b) {
- if(strcasecmp(normalise_link($a),normalise_link($b)) === 0)
+function link_compare($a, $b) {
+ if (strcasecmp(normalise_link($a), normalise_link($b)) === 0)
return true;
return false;
@@ -1167,8 +1189,10 @@ function theme_attachments(&$item) {
$icon = '';
$icontype = substr($r['type'],0,strpos($r['type'],'/'));
- // FIXME This should probably be a giant "if" statement in the template so that we don't have icon names
- // embedded in php code
+ /**
+ * @FIXME This should probably be a giant "if" statement in the
+ * template so that we don't have icon names embedded in php code.
+ */
switch($icontype) {
case 'video':
@@ -1309,13 +1333,13 @@ function generate_map($coord) {
$coord = str_replace(array(',','/',' '),array(' ',' ',' '),$coord);
$arr = array('lat' => trim(substr($coord,0,strpos($coord,' '))), 'lon' => trim(substr($coord,strpos($coord,' ')+1)), 'html' => '');
call_hooks('generate_map',$arr);
- return $arr['html'];
+ return (($arr['html']) ? $arr['html'] : $coord);
}
function generate_named_map($location) {
$arr = array('location' => $location, 'html' => '');
call_hooks('generate_named_map',$arr);
- return $arr['html'];
+ return (($arr['html']) ? $arr['html'] : $location);
}
@@ -1394,11 +1418,14 @@ function prepare_body(&$item,$attach = false) {
return $prep_arr['html'];
}
-
-// Given a text string, convert from bbcode to html and add smilie icons.
-
-
-function prepare_text($text,$content_type = 'text/bbcode') {
+/**
+ * @brief Given a text string, convert from bbcode to html and add smilie icons.
+ *
+ * @param string $text
+ * @param sting $content_type
+ * @return string
+ */
+function prepare_text($text, $content_type = 'text/bbcode') {
switch($content_type) {
case 'text/plain':
@@ -1451,19 +1478,21 @@ function prepare_text($text,$content_type = 'text/bbcode') {
/**
* zidify_callback() and zidify_links() work together to turn any HTML a tags with class="zrl" into zid links
- * These will typically be generated by a bbcode '[zrl]' tag. This is done inside prepare_text() rather than bbcode()
+ * These will typically be generated by a bbcode '[zrl]' tag. This is done inside prepare_text() rather than bbcode()
* because the latter is used for general purpose conversions and the former is used only when preparing text for
* immediate display.
- *
+ *
* Issues: Currently the order of HTML parameters in the text is somewhat rigid and inflexible.
- * We assume it looks like <a class="zrl" href="xxxxxxxxxx"> and will not work if zrl and href appear in a different order.
+ * We assume it looks like \<a class="zrl" href="xxxxxxxxxx"\> and will not work if zrl and href appear in a different order.
+ *
+ * @param array $match
+ * @return string
*/
-
-
function zidify_callback($match) {
$is_zid = ((feature_enabled(local_channel(),'sendzid')) || (strpos($match[1],'zrl')) ? true : false);
$replace = '<a' . $match[1] . ' href="' . (($is_zid) ? zid($match[2]) : $match[2]) . '"';
$x = str_replace($match[0],$replace,$match[0]);
+
return $x;
}
@@ -1472,6 +1501,7 @@ function zidify_img_callback($match) {
$replace = '<img' . $match[1] . ' src="' . (($is_zid) ? zid($match[2]) : $match[2]) . '"';
$x = str_replace($match[0],$replace,$match[0]);
+
return $x;
}
@@ -1479,16 +1509,17 @@ function zidify_img_callback($match) {
function zidify_links($s) {
$s = preg_replace_callback('/\<a(.*?)href\=\"(.*?)\"/ism','zidify_callback',$s);
$s = preg_replace_callback('/\<img(.*?)src\=\"(.*?)\"/ism','zidify_img_callback',$s);
+
return $s;
}
-
/**
- * return atom link elements for all of our hubs
+ * @brief Return atom link elements for all of our hubs.
+ *
+ * @return string
*/
-
function feed_hublinks() {
- $hub = get_config('system','huburl');
+ $hub = get_config('system', 'huburl');
$hubxml = '';
if(strlen($hub)) {
@@ -1498,6 +1529,7 @@ function feed_hublinks() {
$h = trim($h);
if(! strlen($h))
continue;
+
$hubxml .= '<link rel="hub" href="' . xmlify($h) . '" />' . "\n" ;
}
}
@@ -1855,9 +1887,13 @@ function check_webbie($arr) {
function ids_to_querystr($arr,$idx = 'id') {
$t = array();
- foreach($arr as $x)
- $t[] = $x[$idx];
-
+ if($arr) {
+ foreach($arr as $x) {
+ if(! in_array($x[$idx],$t)) {
+ $t[] = $x[$idx];
+ }
+ }
+ }
return(implode(',', $t));
}
@@ -2090,18 +2126,19 @@ function extra_query_args() {
}
/**
- * This function removes the tag $tag from the text $body and replaces it with
- * the appropiate link.
- *
- * @param unknown_type $body the text to replace the tag in
- * @param unknown_type $access_tag - used to return tag ACL exclusions e.g. @!foo
- * @param unknown_type $str_tags string to add the tag to
- * @param unknown_type $profile_uid
- * @param unknown_type $tag the tag to replace
+ * @brief This function removes the tag $tag from the text $body and replaces it
+ * with the appropiate link.
*
+ * @param App $a
+ * @param[in,out] string &$body the text to replace the tag in
+ * @param[in,out] string &$access_tag used to return tag ACL exclusions e.g. @!foo
+ * @param[in,out] string &$str_tags string to add the tag to
+ * @param int $profile_uid
+ * @param string $tag the tag to replace
+ * @param boolean $diaspora default false
* @return boolean true if replaced, false if not replaced
*/
-function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
+function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag, $diaspora = false) {
$replaced = false;
$r = null;
@@ -2169,7 +2206,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
if(strpos($tag,'@') === 0) {
// The @! tag will alter permissions
- $exclusive = ((strpos($tag,'!') === 1) ? true : false);
+ $exclusive = ((strpos($tag,'!') === 1 && (! $diaspora)) ? true : false);
//is it already replaced?
if(strpos($tag,'[zrl='))
@@ -2198,10 +2235,19 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
// Here we're looking for an address book entry as provided by the auto-completer
// of the form something+nnn where nnn is an abook_id or the first chars of xchan_hash
- if(strrpos($newname,'+')) {
+
+ // If there's a +nnn in the string make sure there isn't a space preceding it
+
+ $t1 = strpos($newname,' ');
+ $t2 = strrpos($newname,'+');
+
+ if($t1 && $t2 && $t1 < $t2)
+ $t2 = 0;
+
+ if(($t2) && (! $diaspora)) {
//get the id
- $tagcid = substr($newname,strrpos($newname,'+') + 1);
+ $tagcid = substr($newname,$t2 + 1);
if(strrpos($tagcid,' '))
$tagcid = substr($tagcid,0,strrpos($tagcid,' '));
@@ -2346,7 +2392,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) {
return array('replaced' => $replaced, 'termtype' => $termtype, 'term' => $newname, 'url' => $url, 'contact' => $r[0]);
}
-function linkify_tags($a, &$body, $uid) {
+function linkify_tags($a, &$body, $uid, $diaspora = false) {
$str_tags = '';
$tagged = array();
$results = array();
@@ -2370,7 +2416,7 @@ function linkify_tags($a, &$body, $uid) {
if($fullnametagged)
continue;
- $success = handle_tag($a, $body, $access_tag, $str_tags, ($uid) ? $uid : $a->profile_uid , $tag);
+ $success = handle_tag($a, $body, $access_tag, $str_tags, ($uid) ? $uid : $a->profile_uid , $tag, $diaspora);
$results[] = array('success' => $success, 'access_tag' => $access_tag);
if($success['replaced']) $tagged[] = $tag;
}