aboutsummaryrefslogtreecommitdiffstats
path: root/lib/htmlpurifier/plugins
diff options
context:
space:
mode:
Diffstat (limited to 'lib/htmlpurifier/plugins')
-rw-r--r--lib/htmlpurifier/plugins/modx.txt112
-rw-r--r--lib/htmlpurifier/plugins/phorum/.gitignore2
-rw-r--r--lib/htmlpurifier/plugins/phorum/Changelog27
-rw-r--r--lib/htmlpurifier/plugins/phorum/INSTALL84
-rw-r--r--lib/htmlpurifier/plugins/phorum/README45
-rw-r--r--lib/htmlpurifier/plugins/phorum/config.default.php57
-rw-r--r--lib/htmlpurifier/plugins/phorum/htmlpurifier.php309
-rw-r--r--lib/htmlpurifier/plugins/phorum/info.txt18
-rw-r--r--lib/htmlpurifier/plugins/phorum/init-config.php28
-rw-r--r--lib/htmlpurifier/plugins/phorum/migrate.bbcode.php30
-rw-r--r--lib/htmlpurifier/plugins/phorum/settings.php64
-rw-r--r--lib/htmlpurifier/plugins/phorum/settings/form.php93
-rw-r--r--lib/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php22
-rw-r--r--lib/htmlpurifier/plugins/phorum/settings/migrate-sigs.php77
-rw-r--r--lib/htmlpurifier/plugins/phorum/settings/save.php27
15 files changed, 0 insertions, 995 deletions
diff --git a/lib/htmlpurifier/plugins/modx.txt b/lib/htmlpurifier/plugins/modx.txt
deleted file mode 100644
index 0763821b5..000000000
--- a/lib/htmlpurifier/plugins/modx.txt
+++ /dev/null
@@ -1,112 +0,0 @@
-
-MODx Plugin
-
-MODx <http://www.modxcms.com/> is an open source PHP application framework.
-I first came across them in my referrer logs when tillda asked if anyone
-could implement an HTML Purifier plugin. This forum thread
-<http://modxcms.com/forums/index.php/topic,6604.0.html> eventually resulted
-in the fruition of this plugin that davidm says, "is on top of my favorite
-list." HTML Purifier goes great with WYSIWYG editors!
-
-
-
-1. Credits
-
-PaulGregory wrote the overall structure of the code. I added the
-slashes hack.
-
-
-
-2. Install
-
-First, you need to place HTML Purifier library somewhere. The code here
-assumes that you've placed in MODx's assets/plugins/htmlpurifier (no version
-number).
-
-Log into the manager, and navigate:
-
-Resources > Manage Resources > Plugins tab > New Plugin
-
-Type in a name (probably HTML Purifier), and copy paste this code into the
-textarea:
-
---------------------------------------------------------------------------------
-$e = &$modx->Event;
-if ($e->name == 'OnBeforeDocFormSave') {
- global $content;
-
- include_once '../assets/plugins/htmlpurifier/library/HTMLPurifier.auto.php';
- $purifier = new HTMLPurifier();
-
- static $magic_quotes = null;
- if ($magic_quotes === null) {
- // this is an ugly hack because this hook hasn't
- // had the backslashes removed yet when magic_quotes_gpc is on,
- // but HTMLPurifier must not have the quotes slashed.
- $magic_quotes = get_magic_quotes_gpc();
- }
-
- if ($magic_quotes) $content = stripslashes($content);
- $content = $purifier->purify($content);
- if ($magic_quotes) $content = addslashes($content);
-}
---------------------------------------------------------------------------------
-
-Then navigate to the System Events tab and check "OnBeforeDocFormSave".
-Save the plugin. HTML Purifier now is integrated!
-
-
-
-3. Making sure it works
-
-You can test HTML Purifier by deliberately putting in crappy HTML and seeing
-whether or not it gets fixed. A better way is to put in something like this:
-
-<p lang="fr">Il est bon</p>
-
-...and seeing whether or not the content comes out as:
-
-<p lang="fr" xml:lang="fr">Il est bon</p>
-
-(lang to xml:lang synchronization is one of the many features HTML Purifier
-has).
-
-
-
-4. Caveat Emptor
-
-This code does not intercept save requests from the QuickEdit plugin, this may
-be added in a later version. It also modifies things on save, so there's a
-slight chance that HTML Purifier may make a boo-boo and accidently mess things
-up (the original version is not saved).
-
-Finally, make sure that MODx is using UTF-8. If you are using, say, a French
-localisation, you may be using Latin-1, if that's the case, configure
-HTML Purifier properly like this:
-
-$config = HTMLPurifier_Config::createDefault();
-$config->set('Core', 'Encoding', 'ISO-8859-1'); // or whatever encoding
-$purifier = new HTMLPurifier($config);
-
-
-
-5. Known Bugs
-
-'rn' characters sometimes mysteriously appear after purification. We are
-currently investigating this issue. See: <http://htmlpurifier.org/phorum/read.php?3,1866>
-
-
-
-6. See Also
-
-A modified version of Jot 1.1.3 is available, which integrates with HTML
-Purifier. You can check it out here: <http://modxcms.com/forums/index.php/topic,25621.msg161970.html>
-
-
-X. Changelog
-
-2008-06-16
-- Updated code to work with 3.1.0 and later
-- Add Known Bugs and See Also section
-
- vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/.gitignore b/lib/htmlpurifier/plugins/phorum/.gitignore
deleted file mode 100644
index 8325e0902..000000000
--- a/lib/htmlpurifier/plugins/phorum/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-migrate.php
-htmlpurifier/*
diff --git a/lib/htmlpurifier/plugins/phorum/Changelog b/lib/htmlpurifier/plugins/phorum/Changelog
deleted file mode 100644
index 9f939e54a..000000000
--- a/lib/htmlpurifier/plugins/phorum/Changelog
+++ /dev/null
@@ -1,27 +0,0 @@
-Changelog HTMLPurifier : Phorum Mod
-|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-
-= KEY ====================
- # Breaks back-compat
- ! Feature
- - Bugfix
- + Sub-comment
- . Internal change
-==========================
-
-Version 4.0.0 for Phorum 5.2, released July 9, 2009
-# Works only with HTML Purifier 4.0.0
-! Better installation documentation
-- Fixed double encoded quotes
-- Fixed fatal error when migrate.php is blank
-
-Version 3.0.0 for Phorum 5.2, released January 12, 2008
-# WYSIWYG and suppress_message options are now configurable via web
- interface.
-- Module now compatible with Phorum 5.2, primary bugs were in migration
- code as well as signature and edit message handling. This module is NOT
- compatible with Phorum 5.1.
-- Buggy WYSIWYG mode refined
-. AutoFormatParam added to list of default configuration namespaces
-
- vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/INSTALL b/lib/htmlpurifier/plugins/phorum/INSTALL
deleted file mode 100644
index 23c76fc5c..000000000
--- a/lib/htmlpurifier/plugins/phorum/INSTALL
+++ /dev/null
@@ -1,84 +0,0 @@
-
-Install
- How to install the Phorum HTML Purifier plugin
-
-0. PREREQUISITES
-----------------
-This Phorum module only works on PHP5 and with HTML Purifier 4.0.0
-or later.
-
-1. UNZIP
---------
-Unzip phorum-htmlpurifier-x.y.z, producing an htmlpurifier folder.
-You've already done this step if you're reading this!
-
-2. MOVE
--------
-Move the htmlpurifier folder to the mods/ folder of your Phorum
-installation, so the directory structure looks like:
-
-phorum/
- mods/
- htmlpurifier/
- INSTALL - this install file
- info.txt, ... - the module files
- htmlpurifier/
-
-3. INSTALL HTML PURIFIER
-------------------------
-Download and unzip HTML Purifier <htmlpurifier.org>. Place the contents of
-the library/ folder in the htmlpurifier/htmlpurifier folder. Your directory
-structure will look like:
-
-phorum/
- mods/
- htmlpurifier/
- htmlpurifier/
- HTMLPurifier.auto.php
- ... - other files
- HTMLPurifier/
-
-Advanced users:
- If you have HTML Purifier installed elsewhere on your server,
- all you need is an HTMLPurifier.auto.php file in the library folder which
- includes the HTMLPurifier.auto.php file in your install.
-
-4. MIGRATE
-----------
-If you're setting up a new Phorum installation, all you need to do is create
-a blank migrate.php file in the htmlpurifier module folder (NOT the library
-folder.
-
-If you have an old Phorum installation and was using BBCode,
-copy migrate.bbcode.php to migrate.php. If you were using a different input
-format, follow the instructions in migrate.bbcode.php to create your own custom
-migrate.php file.
-
-Your directory structure should now look like this:
-
-phorum/
- mods/
- htmlpurifier/
- migrate.php
-
-5. ENABLE
----------
-Navigate to your Phorum admin panel at http://example.com/phorum/admin.php,
-click on Global Settings > Modules, scroll to "HTML Purifier Phorum Mod" and
-turn it On.
-
-6. MIGRATE SIGNATURES
----------------------
-If you're setting up a new Phorum installation, skip this step.
-
-If you allowed your users to make signatures, navigate to the module settings
-page of HTML Purifier (Global Settings > Modules > HTML Purifier Phorum Mod >
-Configure), type in "yes" in the "Confirm" box, and press "Migrate."
-
-ONLY DO THIS ONCE! BE SURE TO BACK UP YOUR DATABASE!
-
-7. CONFIGURE
-------------
-Configure using Edit settings. See that page for more information.
-
- vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/README b/lib/htmlpurifier/plugins/phorum/README
deleted file mode 100644
index 0524ed39d..000000000
--- a/lib/htmlpurifier/plugins/phorum/README
+++ /dev/null
@@ -1,45 +0,0 @@
-
-HTML Purifier Phorum Mod - Filter your HTML the Standards-Compliant Way!
-
-This Phorum mod enables HTML posting on Phorum. Under normal circumstances,
-this would cause a huge security risk, but because we are running
-HTML through HTML Purifier, output is guaranteed to be XSS free and
-standards-compliant.
-
-This mod requires HTML input, and previous markup languages need to be
-converted accordingly. Thus, it is vital that you create a 'migrate.php'
-file that works with your installation. If you're using the built-in
-BBCode formatting, simply move migrate.bbcode.php to that place; for
-other markup languages, consult said file for instructions on how
-to adapt it to your needs.
-
- -- NOTE -------------------------------------------------
- You can also run this module in parallel with another
- formatting module; this module attempts to place itself
- at the end of the filtering chain. However, if any
- previous modules produce insecure HTML (for instance,
- a JavaScript email obfuscator) they will get cleaned.
-
-This module will not work if 'migrate.php' is not created, and an improperly
-made migration file may *CORRUPT* Phorum, so please take your time to
-do this correctly. It should go without saying to *BACKUP YOUR DATABASE*
-before attempting anything here. If no migration is necessary, you can
-simply create a blank migrate.php file. HTML Purifier is smart and will
-not re-migrate already processed messages. However, the original code
-is irretrievably lost (we may change this in the future.)
-
-This module will not automatically migrate user signatures, because this
-process may take a long time. After installing the HTML Purifier module and
-then configuring 'migrate.php', navigate to Settings and click 'Migrate
-Signatures' to migrate all user signatures to HTML.
-
-All of HTML Purifier's usual functions are configurable via the mod settings
-page. If you require custom configuration, create config.php file in
-the mod directory that edits a $config variable. Be sure, also, to
-set $PHORUM['mod_htmlpurifier']['wysiwyg'] to TRUE if you are using a
-WYSIWYG editor (you can do this through a common hook or the web
-configuration form).
-
-Visit HTML Purifier at <http://htmlpurifier.org/>.
-
- vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/config.default.php b/lib/htmlpurifier/plugins/phorum/config.default.php
deleted file mode 100644
index e047c0b42..000000000
--- a/lib/htmlpurifier/plugins/phorum/config.default.php
+++ /dev/null
@@ -1,57 +0,0 @@
-<?php
-
-if(!defined("PHORUM")) exit;
-
-// default HTML Purifier configuration settings
-$config->set('HTML.Allowed',
- // alphabetically sorted
-'a[href|title]
-abbr[title]
-acronym[title]
-b
-blockquote[cite]
-br
-caption
-cite
-code
-dd
-del
-dfn
-div
-dl
-dt
-em
-i
-img[src|alt|title|class]
-ins
-kbd
-li
-ol
-p
-pre
-s
-strike
-strong
-sub
-sup
-table
-tbody
-td
-tfoot
-th
-thead
-tr
-tt
-u
-ul
-var');
-$config->set('AutoFormat.AutoParagraph', true);
-$config->set('AutoFormat.Linkify', true);
-$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
-$config->set('Core.AggressivelyFixLt', true);
-$config->set('Core.Encoding', $GLOBALS['PHORUM']['DATA']['CHARSET']); // we'll change this eventually
-if (strtolower($GLOBALS['PHORUM']['DATA']['CHARSET']) !== 'utf-8') {
- $config->set('Core.EscapeNonASCIICharacters', true);
-}
-
-// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/htmlpurifier.php b/lib/htmlpurifier/plugins/phorum/htmlpurifier.php
deleted file mode 100644
index 6f74fc8c9..000000000
--- a/lib/htmlpurifier/plugins/phorum/htmlpurifier.php
+++ /dev/null
@@ -1,309 +0,0 @@
-<?php
-
-/**
- * HTML Purifier Phorum Mod. Filter your HTML the Standards-Compliant Way!
- *
- * This Phorum mod enables users to post raw HTML into Phorum. But never
- * fear: with the help of HTML Purifier, this HTML will be beat into
- * de-XSSed and standards-compliant form, safe for general consumption.
- * It is not recommended, but possible to run this mod in parallel
- * with other formatters (in short, please DISABLE the BBcode mod).
- *
- * For help migrating from your previous markup language to pure HTML
- * please check the migrate.bbcode.php file.
- *
- * If you'd like to use this with a WYSIWYG editor, make sure that
- * editor sets $PHORUM['mod_htmlpurifier']['wysiwyg'] to true. Otherwise,
- * administrators who need to edit other people's comments may be at
- * risk for some nasty attacks.
- *
- * Tested with Phorum 5.2.11.
- */
-
-// Note: Cache data is base64 encoded because Phorum insists on flinging
-// to the user and expecting it to come back unharmed, newlines and
-// all, which ain't happening. It's slower, it takes up more space, but
-// at least it won't get mutilated
-
-/**
- * Purifies a data array
- */
-function phorum_htmlpurifier_format($data)
-{
- $PHORUM = $GLOBALS["PHORUM"];
-
- $purifier =& HTMLPurifier::getInstance();
- $cache_serial = $PHORUM['mod_htmlpurifier']['body_cache_serial'];
-
- foreach($data as $message_id => $message){
- if(isset($message['body'])) {
-
- if ($message_id) {
- // we're dealing with a real message, not a fake, so
- // there a number of shortcuts that can be taken
-
- if (isset($message['meta']['htmlpurifier_light'])) {
- // format hook was called outside of Phorum's normal
- // functions, do the abridged purification
- $data[$message_id]['body'] = $purifier->purify($message['body']);
- continue;
- }
-
- if (!empty($PHORUM['args']['purge'])) {
- // purge the cache, must be below the following if
- unset($message['meta']['body_cache']);
- }
-
- if (
- isset($message['meta']['body_cache']) &&
- isset($message['meta']['body_cache_serial']) &&
- $message['meta']['body_cache_serial'] == $cache_serial
- ) {
- // cached version is present, bail out early
- $data[$message_id]['body'] = base64_decode($message['meta']['body_cache']);
- continue;
- }
- }
-
- // migration might edit this array, that's why it's defined
- // so early
- $updated_message = array();
-
- // create the $body variable
- if (
- $message_id && // message must be real to migrate
- !isset($message['meta']['body_cache_serial'])
- ) {
- // perform migration
- $fake_data = array();
- list($signature, $edit_message) = phorum_htmlpurifier_remove_sig_and_editmessage($message);
- $fake_data[$message_id] = $message;
- $fake_data = phorum_htmlpurifier_migrate($fake_data);
- $body = $fake_data[$message_id]['body'];
- $body = str_replace("<phorum break>\n", "\n", $body);
- $updated_message['body'] = $body; // save it in
- $body .= $signature . $edit_message; // add it back in
- } else {
- // reverse Phorum's pre-processing
- $body = $message['body'];
- // order is important
- $body = str_replace("<phorum break>\n", "\n", $body);
- $body = str_replace(array('&lt;','&gt;','&amp;', '&quot;'), array('<','>','&','"'), $body);
- if (!$message_id && defined('PHORUM_CONTROL_CENTER')) {
- // we're in control.php, so it was double-escaped
- $body = str_replace(array('&lt;','&gt;','&amp;', '&quot;'), array('<','>','&','"'), $body);
- }
- }
-
- $body = $purifier->purify($body);
-
- // dynamically update the cache (MUST BE DONE HERE!)
- // this is inefficient because it's one db call per
- // cache miss, but once the cache is in place things are
- // a lot zippier.
-
- if ($message_id) { // make sure it's not a fake id
- $updated_message['meta'] = $message['meta'];
- $updated_message['meta']['body_cache'] = base64_encode($body);
- $updated_message['meta']['body_cache_serial'] = $cache_serial;
- phorum_db_update_message($message_id, $updated_message);
- }
-
- // must not get overloaded until after we cache it, otherwise
- // we'll inadvertently change the original text
- $data[$message_id]['body'] = $body;
-
- }
- }
-
- return $data;
-}
-
-// -----------------------------------------------------------------------
-// This is fragile code, copied from read.php:596 (Phorum 5.2.6). Please
-// keep this code in-sync with Phorum
-
-/**
- * Generates a signature based on a message array
- */
-function phorum_htmlpurifier_generate_sig($row) {
- $phorum_sig = '';
- if(isset($row["user"]["signature"])
- && isset($row['meta']['show_signature']) && $row['meta']['show_signature']==1){
- $phorum_sig=trim($row["user"]["signature"]);
- if(!empty($phorum_sig)){
- $phorum_sig="\n\n$phorum_sig";
- }
- }
- return $phorum_sig;
-}
-
-/**
- * Generates an edit message based on a message array
- */
-function phorum_htmlpurifier_generate_editmessage($row) {
- $PHORUM = $GLOBALS['PHORUM'];
- $editmessage = '';
- if(isset($row['meta']['edit_count']) && $row['meta']['edit_count'] > 0) {
- $editmessage = str_replace ("%count%", $row['meta']['edit_count'], $PHORUM["DATA"]["LANG"]["EditedMessage"]);
- $editmessage = str_replace ("%lastedit%", phorum_date($PHORUM["short_date_time"],$row['meta']['edit_date']), $editmessage);
- $editmessage = str_replace ("%lastuser%", $row['meta']['edit_username'], $editmessage);
- $editmessage = "\n\n\n\n$editmessage";
- }
- return $editmessage;
-}
-
-// End fragile code
-// -----------------------------------------------------------------------
-
-/**
- * Removes the signature and edit message from a message
- * @param $row Message passed by reference
- */
-function phorum_htmlpurifier_remove_sig_and_editmessage(&$row) {
- $signature = phorum_htmlpurifier_generate_sig($row);
- $editmessage = phorum_htmlpurifier_generate_editmessage($row);
- $replacements = array();
- // we need to remove add <phorum break> as that is the form these
- // extra bits are in.
- if ($signature) $replacements[str_replace("\n", "<phorum break>\n", $signature)] = '';
- if ($editmessage) $replacements[str_replace("\n", "<phorum break>\n", $editmessage)] = '';
- $row['body'] = strtr($row['body'], $replacements);
- return array($signature, $editmessage);
-}
-
-/**
- * Indicate that data is fully HTML and not from migration, invalidate
- * previous caches
- * @note This function could generate the actual cache entries, but
- * since there's data missing that must be deferred to the first read
- */
-function phorum_htmlpurifier_posting($message) {
- $PHORUM = $GLOBALS["PHORUM"];
- unset($message['meta']['body_cache']); // invalidate the cache
- $message['meta']['body_cache_serial'] = $PHORUM['mod_htmlpurifier']['body_cache_serial'];
- return $message;
-}
-
-/**
- * Overload quoting mechanism to prevent default, mail-style quote from happening
- */
-function phorum_htmlpurifier_quote($array) {
- $PHORUM = $GLOBALS["PHORUM"];
- $purifier =& HTMLPurifier::getInstance();
- $text = $purifier->purify($array[1]);
- $source = htmlspecialchars($array[0]);
- return "<blockquote cite=\"$source\">\n$text\n</blockquote>";
-}
-
-/**
- * Ensure that our format hook is processed last. Also, loads the library.
- * @credits <http://secretsauce.phorum.org/snippets/make_bbcode_last_formatter.php.txt>
- */
-function phorum_htmlpurifier_common() {
-
- require_once(dirname(__FILE__).'/htmlpurifier/HTMLPurifier.auto.php');
- require(dirname(__FILE__).'/init-config.php');
-
- $config = phorum_htmlpurifier_get_config();
- HTMLPurifier::getInstance($config);
-
- // increment revision.txt if you want to invalidate the cache
- $GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial();
-
- // load migration
- if (file_exists(dirname(__FILE__) . '/migrate.php')) {
- include(dirname(__FILE__) . '/migrate.php');
- } else {
- echo '<strong>Error:</strong> No migration path specified for HTML Purifier, please check
- <tt>modes/htmlpurifier/migrate.bbcode.php</tt> for instructions on
- how to migrate from your previous markup language.';
- exit;
- }
-
- if (!function_exists('phorum_htmlpurifier_migrate')) {
- // Dummy function
- function phorum_htmlpurifier_migrate($data) {return $data;}
- }
-
-}
-
-/**
- * Pre-emptively performs purification if it looks like a WYSIWYG editor
- * is being used
- */
-function phorum_htmlpurifier_before_editor($message) {
- if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) {
- if (!empty($message['body'])) {
- $body = $message['body'];
- // de-entity-ize contents
- $body = str_replace(array('&lt;','&gt;','&amp;'), array('<','>','&'), $body);
- $purifier =& HTMLPurifier::getInstance();
- $body = $purifier->purify($body);
- // re-entity-ize contents
- $body = htmlspecialchars($body, ENT_QUOTES, $GLOBALS['PHORUM']['DATA']['CHARSET']);
- $message['body'] = $body;
- }
- }
- return $message;
-}
-
-function phorum_htmlpurifier_editor_after_subject() {
- // don't show this message if it's a WYSIWYG editor, since it will
- // then be handled automatically
- if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) {
- $i = $GLOBALS['PHORUM']['DATA']['MODE'];
- if ($i == 'quote' || $i == 'edit' || $i == 'moderation') {
- ?>
- <div>
- <p>
- <strong>Notice:</strong> HTML has been scrubbed for your safety.
- If you would like to see the original, turn off WYSIWYG mode
- (consult your administrator for details.)
- </p>
- </div>
- <?php
- }
- return;
- }
- if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['suppress_message'])) return;
- ?><div class="htmlpurifier-help">
- <p>
- <strong>HTML input</strong> is enabled. Make sure you escape all HTML and
- angled brackets with <code>&amp;lt;</code> and <code>&amp;gt;</code>.
- </p><?php
- $purifier =& HTMLPurifier::getInstance();
- $config = $purifier->config;
- if ($config->get('AutoFormat.AutoParagraph')) {
- ?><p>
- <strong>Auto-paragraphing</strong> is enabled. Double
- newlines will be converted to paragraphs; for single
- newlines, use the <code>pre</code> tag.
- </p><?php
- }
- $html_definition = $config->getDefinition('HTML');
- $allowed = array();
- foreach ($html_definition->info as $name => $x) $allowed[] = "<code>$name</code>";
- sort($allowed);
- $allowed_text = implode(', ', $allowed);
- ?><p><strong>Allowed tags:</strong> <?php
- echo $allowed_text;
- ?>.</p><?php
- ?>
- </p>
- <p>
- For inputting literal code such as HTML and PHP for display, use
- CDATA tags to auto-escape your angled brackets, and <code>pre</code>
- to preserve newlines:
- </p>
- <pre>&lt;pre&gt;&lt;![CDATA[
-<em>Place code here</em>
-]]&gt;&lt;/pre&gt;</pre>
- <p>
- Power users, you can hide this notice with:
- <pre>.htmlpurifier-help {display:none;}</pre>
- </p>
- </div><?php
-}
-
-// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/info.txt b/lib/htmlpurifier/plugins/phorum/info.txt
deleted file mode 100644
index 723465490..000000000
--- a/lib/htmlpurifier/plugins/phorum/info.txt
+++ /dev/null
@@ -1,18 +0,0 @@
-title: HTML Purifier Phorum Mod
-desc: This module enables standards-compliant HTML filtering on Phorum. Please check migrate.bbcode.php before enabling this mod.
-author: Edward Z. Yang
-url: http://htmlpurifier.org/
-version: 4.0.0
-
-hook: format|phorum_htmlpurifier_format
-hook: quote|phorum_htmlpurifier_quote
-hook: posting_custom_action|phorum_htmlpurifier_posting
-hook: common|phorum_htmlpurifier_common
-hook: before_editor|phorum_htmlpurifier_before_editor
-hook: tpl_editor_after_subject|phorum_htmlpurifier_editor_after_subject
-
-# This module is meant to be a drop-in for bbcode, so make it run last.
-priority: run module after *
-priority: run hook format after *
-
- vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/init-config.php b/lib/htmlpurifier/plugins/phorum/init-config.php
deleted file mode 100644
index aa7b15599..000000000
--- a/lib/htmlpurifier/plugins/phorum/init-config.php
+++ /dev/null
@@ -1,28 +0,0 @@
-<?php
-
-/**
- * Initializes the appropriate configuration from either a PHP file
- * or a module configuration value
- * @return Instance of HTMLPurifier_Config
- */
-function phorum_htmlpurifier_get_config($default = false) {
- global $PHORUM;
- $config_exists = phorum_htmlpurifier_config_file_exists();
- if ($default || $config_exists || !isset($PHORUM['mod_htmlpurifier']['config'])) {
- $config = HTMLPurifier_Config::createDefault();
- include(dirname(__FILE__) . '/config.default.php');
- if ($config_exists) {
- include(dirname(__FILE__) . '/config.php');
- }
- unset($PHORUM['mod_htmlpurifier']['config']); // unnecessary
- } else {
- $config = HTMLPurifier_Config::create($PHORUM['mod_htmlpurifier']['config']);
- }
- return $config;
-}
-
-function phorum_htmlpurifier_config_file_exists() {
- return file_exists(dirname(__FILE__) . '/config.php');
-}
-
-// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/migrate.bbcode.php b/lib/htmlpurifier/plugins/phorum/migrate.bbcode.php
deleted file mode 100644
index 24f0ec4a9..000000000
--- a/lib/htmlpurifier/plugins/phorum/migrate.bbcode.php
+++ /dev/null
@@ -1,30 +0,0 @@
-<?php
-
-/**
- * This file is responsible for migrating from a specific markup language
- * like BBCode or Markdown to HTML. WARNING: THIS PROCESS IS NOT REVERSIBLE
- *
- * Copy this file to 'migrate.php' and it will automatically work for
- * BBCode; you may need to tweak this a little to get it to work for other
- * languages (usually, just replace the include name and the function name).
- *
- * If you do NOT want to have any migration performed (for instance, you
- * are installing the module on a new forum with no posts), simply remove
- * phorum_htmlpurifier_migrate() function. You still need migrate.php
- * present, otherwise the module won't work. This ensures that the user
- * explicitly says, "No, I do not need to migrate."
- */
-
-if(!defined("PHORUM")) exit;
-
-require_once(dirname(__FILE__) . "/../bbcode/bbcode.php");
-
-/**
- * 'format' hook style function that will be called to convert
- * legacy markup into HTML.
- */
-function phorum_htmlpurifier_migrate($data) {
- return phorum_mod_bbcode_format($data); // bbcode's 'format' hook
-}
-
-// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/settings.php b/lib/htmlpurifier/plugins/phorum/settings.php
deleted file mode 100644
index 8158f0282..000000000
--- a/lib/htmlpurifier/plugins/phorum/settings.php
+++ /dev/null
@@ -1,64 +0,0 @@
-<?php
-
-// based off of BBCode's settings file
-
-/**
- * HTML Purifier Phorum mod settings configuration. This provides
- * a convenient web-interface for editing the most common HTML Purifier
- * configuration directives. You can also specify custom configuration
- * by creating a 'config.php' file.
- */
-
-if(!defined("PHORUM_ADMIN")) exit;
-
-// error reporting is good!
-error_reporting(E_ALL ^ E_NOTICE);
-
-// load library and other paraphenalia
-require_once './include/admin/PhorumInputForm.php';
-require_once (dirname(__FILE__) . '/htmlpurifier/HTMLPurifier.auto.php');
-require_once (dirname(__FILE__) . '/init-config.php');
-require_once (dirname(__FILE__) . '/settings/migrate-sigs-form.php');
-require_once (dirname(__FILE__) . '/settings/migrate-sigs.php');
-require_once (dirname(__FILE__) . '/settings/form.php');
-require_once (dirname(__FILE__) . '/settings/save.php');
-
-// define friendly configuration directives. you can expand this array
-// to get more web-definable directives
-$PHORUM['mod_htmlpurifier']['directives'] = array(
- 'URI.Host', // auto-detectable
- 'URI.DisableExternal',
- 'URI.DisableExternalResources',
- 'URI.DisableResources',
- 'URI.Munge',
- 'URI.HostBlacklist',
- 'URI.Disable',
- 'HTML.TidyLevel',
- 'HTML.Doctype', // auto-detectable
- 'HTML.Allowed',
- 'AutoFormat',
- '-AutoFormat.Custom',
- 'AutoFormatParam',
- 'Output.TidyFormat',
-);
-
-// lower this setting if you're getting time outs/out of memory
-$PHORUM['mod_htmlpurifier']['migrate-sigs-increment'] = 100;
-
-if (isset($_POST['reset'])) {
- unset($PHORUM['mod_htmlpurifier']['config']);
-}
-
-if ($offset = phorum_htmlpurifier_migrate_sigs_check()) {
- // migrate signatures
- phorum_htmlpurifier_migrate_sigs($offset);
-} elseif(!empty($_POST)){
- // save settings
- phorum_htmlpurifier_save_settings();
-}
-
-phorum_htmlpurifier_show_migrate_sigs_form();
-echo '<br />';
-phorum_htmlpurifier_show_form();
-
-// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/settings/form.php b/lib/htmlpurifier/plugins/phorum/settings/form.php
deleted file mode 100644
index a47a5fae7..000000000
--- a/lib/htmlpurifier/plugins/phorum/settings/form.php
+++ /dev/null
@@ -1,93 +0,0 @@
-<?php
-
-function phorum_htmlpurifier_show_form() {
- if (phorum_htmlpurifier_config_file_exists()) {
- phorum_htmlpurifier_show_config_info();
- return;
- }
-
- global $PHORUM;
-
- $config = phorum_htmlpurifier_get_config();
-
- $frm = new PhorumInputForm ("", "post", "Save");
- $frm->hidden("module", "modsettings");
- $frm->hidden("mod", "htmlpurifier"); // this is the directory name that the Settings file lives in
-
- if (!empty($error)){
- echo "$error<br />";
- }
-
- $frm->addbreak("Edit settings for the HTML Purifier module");
-
- $frm->addMessage('<p>The box below sets <code>$PHORUM[\'mod_htmlpurifier\'][\'wysiwyg\']</code>.
- When checked, contents sent for edit are now purified and the
- informative message is disabled. If your WYSIWYG editor is disabled for
- admin edits, you can safely keep this unchecked.</p>');
- $frm->addRow('Use WYSIWYG?', $frm->checkbox('wysiwyg', '1', '', $PHORUM['mod_htmlpurifier']['wysiwyg']));
-
- $frm->addMessage('<p>The box below sets <code>$PHORUM[\'mod_htmlpurifier\'][\'suppress_message\']</code>,
- which removes the big how-to use
- HTML Purifier message.</p>');
- $frm->addRow('Suppress information?', $frm->checkbox('suppress_message', '1', '', $PHORUM['mod_htmlpurifier']['suppress_message']));
-
- $frm->addMessage('<p>Click on directive links to read what each option does
- (links do not open in new windows).</p>
- <p>For more flexibility (for instance, you want to edit the full
- range of configuration directives), you can create a <tt>config.php</tt>
- file in your <tt>mods/htmlpurifier/</tt> directory. Doing so will,
- however, make the web configuration interface unavailable.</p>');
-
- require_once 'HTMLPurifier/Printer/ConfigForm.php';
- $htmlpurifier_form = new HTMLPurifier_Printer_ConfigForm('config', 'http://htmlpurifier.org/live/configdoc/plain.html#%s');
- $htmlpurifier_form->setTextareaDimensions(23, 7); // widen a little, since we have space
-
- $frm->addMessage($htmlpurifier_form->render(
- $config, $PHORUM['mod_htmlpurifier']['directives'], false));
-
- $frm->addMessage("<strong>Warning: Changing HTML Purifier's configuration will invalidate
- the cache. Expect to see a flurry of database activity after you change
- any of these settings.</strong>");
-
- $frm->addrow('Reset to defaults:', $frm->checkbox("reset", "1", "", false));
-
- // hack to include extra styling
- echo '<style type="text/css">' . $htmlpurifier_form->getCSS() . '
- .hp-config {margin-left:auto;margin-right:auto;}
- </style>';
- $js = $htmlpurifier_form->getJavaScript();
- echo '<script type="text/javascript">'."<!--\n$js\n//-->".'</script>';
-
- $frm->show();
-}
-
-function phorum_htmlpurifier_show_config_info() {
- global $PHORUM;
-
- // update mod_htmlpurifier for housekeeping
- phorum_htmlpurifier_commit_settings();
-
- // politely tell user how to edit settings manually
-?>
- <div class="input-form-td-break">How to edit settings for HTML Purifier module</div>
- <p>
- A <tt>config.php</tt> file exists in your <tt>mods/htmlpurifier/</tt>
- directory. This file contains your custom configuration: in order to
- change it, please navigate to that file and edit it accordingly.
- You can also set <code>$GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg']</code>
- or <code>$GLOBALS['PHORUM']['mod_htmlpurifier']['suppress_message']</code>
- </p>
- <p>
- To use the web interface, delete <tt>config.php</tt> (or rename it to
- <tt>config.php.bak</tt>).
- </p>
- <p>
- <strong>Warning: Changing HTML Purifier's configuration will invalidate
- the cache. Expect to see a flurry of database activity after you change
- any of these settings.</strong>
- </p>
-<?php
-
-}
-
-// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php b/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php
deleted file mode 100644
index 2d63ebe48..000000000
--- a/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php
+++ /dev/null
@@ -1,22 +0,0 @@
-<?php
-
-function phorum_htmlpurifier_show_migrate_sigs_form() {
-
- $frm = new PhorumInputForm ('', "post", "Migrate");
- $frm->hidden("module", "modsettings");
- $frm->hidden("mod", "htmlpurifier");
- $frm->hidden("migrate-sigs", "1");
- $frm->addbreak("Migrate user signatures to HTML");
- $frm->addMessage('This operation will migrate your users signatures
- to HTML. <strong>This process is irreversible and must only be performed once.</strong>
- Type in yes in the confirmation field to migrate.');
- if (!file_exists(dirname(__FILE__) . '/../migrate.php')) {
- $frm->addMessage('Migration file does not exist, cannot migrate signatures.
- Please check <tt>migrate.bbcode.php</tt> on how to create an appropriate file.');
- } else {
- $frm->addrow('Confirm:', $frm->text_box("confirmation", ""));
- }
- $frm->show();
-}
-
-// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs.php b/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs.php
deleted file mode 100644
index 81c1f0ba9..000000000
--- a/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs.php
+++ /dev/null
@@ -1,77 +0,0 @@
-<?php
-
-function phorum_htmlpurifier_migrate_sigs_check() {
- global $PHORUM;
- $offset = 0;
- if (!empty($_POST['migrate-sigs'])) {
- if (!isset($_POST['confirmation']) || strtolower($_POST['confirmation']) !== 'yes') {
- echo 'Invalid confirmation code.';
- exit;
- }
- $PHORUM['mod_htmlpurifier']['migrate-sigs'] = true;
- phorum_db_update_settings(array("mod_htmlpurifier"=>$PHORUM["mod_htmlpurifier"]));
- $offset = 1;
- } elseif (!empty($_GET['migrate-sigs']) && $PHORUM['mod_htmlpurifier']['migrate-sigs']) {
- $offset = (int) $_GET['migrate-sigs'];
- }
- return $offset;
-}
-
-function phorum_htmlpurifier_migrate_sigs($offset) {
- global $PHORUM;
-
- if(!$offset) return; // bail out quick if $offset == 0
-
- // theoretically, we could get rid of this multi-request
- // doo-hickery if safe mode is off
- @set_time_limit(0); // attempt to let this run
- $increment = $PHORUM['mod_htmlpurifier']['migrate-sigs-increment'];
-
- require_once(dirname(__FILE__) . '/../migrate.php');
- // migrate signatures
- // do this in batches so we don't run out of time/space
- $end = $offset + $increment;
- $user_ids = array();
- for ($i = $offset; $i < $end; $i++) {
- $user_ids[] = $i;
- }
- $userinfos = phorum_db_user_get_fields($user_ids, 'signature');
- foreach ($userinfos as $i => $user) {
- if (empty($user['signature'])) continue;
- $sig = $user['signature'];
- // perform standard Phorum processing on the sig
- $sig = str_replace(array("&","<",">"), array("&amp;","&lt;","&gt;"), $sig);
- $sig = preg_replace("/<((http|https|ftp):\/\/[a-z0-9;\/\?:@=\&\$\-_\.\+!*'\(\),~%]+?)>/i", "$1", $sig);
- // prepare fake data to pass to migration function
- $fake_data = array(array("author"=>"", "email"=>"", "subject"=>"", 'body' => $sig));
- list($fake_message) = phorum_htmlpurifier_migrate($fake_data);
- $user['signature'] = $fake_message['body'];
- if (!phorum_api_user_save($user)) {
- exit('Error while saving user data');
- }
- }
- unset($userinfos); // free up memory
-
- // query for highest ID in database
- $type = $PHORUM['DBCONFIG']['type'];
- $sql = "select MAX(user_id) from {$PHORUM['user_table']}";
- $row = phorum_db_interact(DB_RETURN_ROW, $sql);
- $top_id = (int) $row[0];
-
- $offset += $increment;
- if ($offset > $top_id) { // test for end condition
- echo 'Migration finished';
- $PHORUM['mod_htmlpurifier']['migrate-sigs'] = false;
- phorum_htmlpurifier_commit_settings();
- return true;
- }
- $host = $_SERVER['HTTP_HOST'];
- $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
- $extra = 'admin.php?module=modsettings&mod=htmlpurifier&migrate-sigs=' . $offset;
- // relies on output buffering to work
- header("Location: http://$host$uri/$extra");
- exit;
-
-}
-
-// vim: et sw=4 sts=4
diff --git a/lib/htmlpurifier/plugins/phorum/settings/save.php b/lib/htmlpurifier/plugins/phorum/settings/save.php
deleted file mode 100644
index 7dbb767d0..000000000
--- a/lib/htmlpurifier/plugins/phorum/settings/save.php
+++ /dev/null
@@ -1,27 +0,0 @@
-<?php
-
-function phorum_htmlpurifier_save_settings() {
- global $PHORUM;
- if (phorum_htmlpurifier_config_file_exists()) {
- echo "Cannot update settings, <code>mods/htmlpurifier/config.php</code> already exists. To change
- settings, edit that file. To use the web form, delete that file.<br />";
- } else {
- $config = phorum_htmlpurifier_get_config(true);
- if (!isset($_POST['reset'])) $config->mergeArrayFromForm($_POST, 'config', $PHORUM['mod_htmlpurifier']['directives']);
- $PHORUM['mod_htmlpurifier']['config'] = $config->getAll();
- }
- $PHORUM['mod_htmlpurifier']['wysiwyg'] = !empty($_POST['wysiwyg']);
- $PHORUM['mod_htmlpurifier']['suppress_message'] = !empty($_POST['suppress_message']);
- if(!phorum_htmlpurifier_commit_settings()){
- $error="Database error while updating settings.";
- } else {
- echo "Settings Updated<br />";
- }
-}
-
-function phorum_htmlpurifier_commit_settings() {
- global $PHORUM;
- return phorum_db_update_settings(array("mod_htmlpurifier"=>$PHORUM["mod_htmlpurifier"]));
-}
-
-// vim: et sw=4 sts=4