diff options
Diffstat (limited to 'lib/htmlpurifier/plugins')
-rw-r--r-- | lib/htmlpurifier/plugins/modx.txt | 112 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/.gitignore | 2 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/Changelog | 27 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/INSTALL | 84 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/README | 45 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/config.default.php | 57 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/htmlpurifier.php | 309 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/info.txt | 18 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/init-config.php | 28 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/migrate.bbcode.php | 30 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/settings.php | 64 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/settings/form.php | 93 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php | 22 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/settings/migrate-sigs.php | 77 | ||||
-rw-r--r-- | lib/htmlpurifier/plugins/phorum/settings/save.php | 27 |
15 files changed, 0 insertions, 995 deletions
diff --git a/lib/htmlpurifier/plugins/modx.txt b/lib/htmlpurifier/plugins/modx.txt deleted file mode 100644 index 0763821b5..000000000 --- a/lib/htmlpurifier/plugins/modx.txt +++ /dev/null @@ -1,112 +0,0 @@ - -MODx Plugin - -MODx <http://www.modxcms.com/> is an open source PHP application framework. -I first came across them in my referrer logs when tillda asked if anyone -could implement an HTML Purifier plugin. This forum thread -<http://modxcms.com/forums/index.php/topic,6604.0.html> eventually resulted -in the fruition of this plugin that davidm says, "is on top of my favorite -list." HTML Purifier goes great with WYSIWYG editors! - - - -1. Credits - -PaulGregory wrote the overall structure of the code. I added the -slashes hack. - - - -2. Install - -First, you need to place HTML Purifier library somewhere. The code here -assumes that you've placed in MODx's assets/plugins/htmlpurifier (no version -number). - -Log into the manager, and navigate: - -Resources > Manage Resources > Plugins tab > New Plugin - -Type in a name (probably HTML Purifier), and copy paste this code into the -textarea: - --------------------------------------------------------------------------------- -$e = &$modx->Event; -if ($e->name == 'OnBeforeDocFormSave') { - global $content; - - include_once '../assets/plugins/htmlpurifier/library/HTMLPurifier.auto.php'; - $purifier = new HTMLPurifier(); - - static $magic_quotes = null; - if ($magic_quotes === null) { - // this is an ugly hack because this hook hasn't - // had the backslashes removed yet when magic_quotes_gpc is on, - // but HTMLPurifier must not have the quotes slashed. - $magic_quotes = get_magic_quotes_gpc(); - } - - if ($magic_quotes) $content = stripslashes($content); - $content = $purifier->purify($content); - if ($magic_quotes) $content = addslashes($content); -} --------------------------------------------------------------------------------- - -Then navigate to the System Events tab and check "OnBeforeDocFormSave". -Save the plugin. HTML Purifier now is integrated! - - - -3. Making sure it works - -You can test HTML Purifier by deliberately putting in crappy HTML and seeing -whether or not it gets fixed. A better way is to put in something like this: - -<p lang="fr">Il est bon</p> - -...and seeing whether or not the content comes out as: - -<p lang="fr" xml:lang="fr">Il est bon</p> - -(lang to xml:lang synchronization is one of the many features HTML Purifier -has). - - - -4. Caveat Emptor - -This code does not intercept save requests from the QuickEdit plugin, this may -be added in a later version. It also modifies things on save, so there's a -slight chance that HTML Purifier may make a boo-boo and accidently mess things -up (the original version is not saved). - -Finally, make sure that MODx is using UTF-8. If you are using, say, a French -localisation, you may be using Latin-1, if that's the case, configure -HTML Purifier properly like this: - -$config = HTMLPurifier_Config::createDefault(); -$config->set('Core', 'Encoding', 'ISO-8859-1'); // or whatever encoding -$purifier = new HTMLPurifier($config); - - - -5. Known Bugs - -'rn' characters sometimes mysteriously appear after purification. We are -currently investigating this issue. See: <http://htmlpurifier.org/phorum/read.php?3,1866> - - - -6. See Also - -A modified version of Jot 1.1.3 is available, which integrates with HTML -Purifier. You can check it out here: <http://modxcms.com/forums/index.php/topic,25621.msg161970.html> - - -X. Changelog - -2008-06-16 -- Updated code to work with 3.1.0 and later -- Add Known Bugs and See Also section - - vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/.gitignore b/lib/htmlpurifier/plugins/phorum/.gitignore deleted file mode 100644 index 8325e0902..000000000 --- a/lib/htmlpurifier/plugins/phorum/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -migrate.php -htmlpurifier/* diff --git a/lib/htmlpurifier/plugins/phorum/Changelog b/lib/htmlpurifier/plugins/phorum/Changelog deleted file mode 100644 index 9f939e54a..000000000 --- a/lib/htmlpurifier/plugins/phorum/Changelog +++ /dev/null @@ -1,27 +0,0 @@ -Changelog HTMLPurifier : Phorum Mod -||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| - -= KEY ==================== - # Breaks back-compat - ! Feature - - Bugfix - + Sub-comment - . Internal change -========================== - -Version 4.0.0 for Phorum 5.2, released July 9, 2009 -# Works only with HTML Purifier 4.0.0 -! Better installation documentation -- Fixed double encoded quotes -- Fixed fatal error when migrate.php is blank - -Version 3.0.0 for Phorum 5.2, released January 12, 2008 -# WYSIWYG and suppress_message options are now configurable via web - interface. -- Module now compatible with Phorum 5.2, primary bugs were in migration - code as well as signature and edit message handling. This module is NOT - compatible with Phorum 5.1. -- Buggy WYSIWYG mode refined -. AutoFormatParam added to list of default configuration namespaces - - vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/INSTALL b/lib/htmlpurifier/plugins/phorum/INSTALL deleted file mode 100644 index 23c76fc5c..000000000 --- a/lib/htmlpurifier/plugins/phorum/INSTALL +++ /dev/null @@ -1,84 +0,0 @@ - -Install - How to install the Phorum HTML Purifier plugin - -0. PREREQUISITES ----------------- -This Phorum module only works on PHP5 and with HTML Purifier 4.0.0 -or later. - -1. UNZIP --------- -Unzip phorum-htmlpurifier-x.y.z, producing an htmlpurifier folder. -You've already done this step if you're reading this! - -2. MOVE -------- -Move the htmlpurifier folder to the mods/ folder of your Phorum -installation, so the directory structure looks like: - -phorum/ - mods/ - htmlpurifier/ - INSTALL - this install file - info.txt, ... - the module files - htmlpurifier/ - -3. INSTALL HTML PURIFIER ------------------------- -Download and unzip HTML Purifier <htmlpurifier.org>. Place the contents of -the library/ folder in the htmlpurifier/htmlpurifier folder. Your directory -structure will look like: - -phorum/ - mods/ - htmlpurifier/ - htmlpurifier/ - HTMLPurifier.auto.php - ... - other files - HTMLPurifier/ - -Advanced users: - If you have HTML Purifier installed elsewhere on your server, - all you need is an HTMLPurifier.auto.php file in the library folder which - includes the HTMLPurifier.auto.php file in your install. - -4. MIGRATE ----------- -If you're setting up a new Phorum installation, all you need to do is create -a blank migrate.php file in the htmlpurifier module folder (NOT the library -folder. - -If you have an old Phorum installation and was using BBCode, -copy migrate.bbcode.php to migrate.php. If you were using a different input -format, follow the instructions in migrate.bbcode.php to create your own custom -migrate.php file. - -Your directory structure should now look like this: - -phorum/ - mods/ - htmlpurifier/ - migrate.php - -5. ENABLE ---------- -Navigate to your Phorum admin panel at http://example.com/phorum/admin.php, -click on Global Settings > Modules, scroll to "HTML Purifier Phorum Mod" and -turn it On. - -6. MIGRATE SIGNATURES ---------------------- -If you're setting up a new Phorum installation, skip this step. - -If you allowed your users to make signatures, navigate to the module settings -page of HTML Purifier (Global Settings > Modules > HTML Purifier Phorum Mod > -Configure), type in "yes" in the "Confirm" box, and press "Migrate." - -ONLY DO THIS ONCE! BE SURE TO BACK UP YOUR DATABASE! - -7. CONFIGURE ------------- -Configure using Edit settings. See that page for more information. - - vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/README b/lib/htmlpurifier/plugins/phorum/README deleted file mode 100644 index 0524ed39d..000000000 --- a/lib/htmlpurifier/plugins/phorum/README +++ /dev/null @@ -1,45 +0,0 @@ - -HTML Purifier Phorum Mod - Filter your HTML the Standards-Compliant Way! - -This Phorum mod enables HTML posting on Phorum. Under normal circumstances, -this would cause a huge security risk, but because we are running -HTML through HTML Purifier, output is guaranteed to be XSS free and -standards-compliant. - -This mod requires HTML input, and previous markup languages need to be -converted accordingly. Thus, it is vital that you create a 'migrate.php' -file that works with your installation. If you're using the built-in -BBCode formatting, simply move migrate.bbcode.php to that place; for -other markup languages, consult said file for instructions on how -to adapt it to your needs. - - -- NOTE ------------------------------------------------- - You can also run this module in parallel with another - formatting module; this module attempts to place itself - at the end of the filtering chain. However, if any - previous modules produce insecure HTML (for instance, - a JavaScript email obfuscator) they will get cleaned. - -This module will not work if 'migrate.php' is not created, and an improperly -made migration file may *CORRUPT* Phorum, so please take your time to -do this correctly. It should go without saying to *BACKUP YOUR DATABASE* -before attempting anything here. If no migration is necessary, you can -simply create a blank migrate.php file. HTML Purifier is smart and will -not re-migrate already processed messages. However, the original code -is irretrievably lost (we may change this in the future.) - -This module will not automatically migrate user signatures, because this -process may take a long time. After installing the HTML Purifier module and -then configuring 'migrate.php', navigate to Settings and click 'Migrate -Signatures' to migrate all user signatures to HTML. - -All of HTML Purifier's usual functions are configurable via the mod settings -page. If you require custom configuration, create config.php file in -the mod directory that edits a $config variable. Be sure, also, to -set $PHORUM['mod_htmlpurifier']['wysiwyg'] to TRUE if you are using a -WYSIWYG editor (you can do this through a common hook or the web -configuration form). - -Visit HTML Purifier at <http://htmlpurifier.org/>. - - vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/config.default.php b/lib/htmlpurifier/plugins/phorum/config.default.php deleted file mode 100644 index e047c0b42..000000000 --- a/lib/htmlpurifier/plugins/phorum/config.default.php +++ /dev/null @@ -1,57 +0,0 @@ -<?php - -if(!defined("PHORUM")) exit; - -// default HTML Purifier configuration settings -$config->set('HTML.Allowed', - // alphabetically sorted -'a[href|title] -abbr[title] -acronym[title] -b -blockquote[cite] -br -caption -cite -code -dd -del -dfn -div -dl -dt -em -i -img[src|alt|title|class] -ins -kbd -li -ol -p -pre -s -strike -strong -sub -sup -table -tbody -td -tfoot -th -thead -tr -tt -u -ul -var'); -$config->set('AutoFormat.AutoParagraph', true); -$config->set('AutoFormat.Linkify', true); -$config->set('HTML.Doctype', 'XHTML 1.0 Transitional'); -$config->set('Core.AggressivelyFixLt', true); -$config->set('Core.Encoding', $GLOBALS['PHORUM']['DATA']['CHARSET']); // we'll change this eventually -if (strtolower($GLOBALS['PHORUM']['DATA']['CHARSET']) !== 'utf-8') { - $config->set('Core.EscapeNonASCIICharacters', true); -} - -// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/htmlpurifier.php b/lib/htmlpurifier/plugins/phorum/htmlpurifier.php deleted file mode 100644 index 6f74fc8c9..000000000 --- a/lib/htmlpurifier/plugins/phorum/htmlpurifier.php +++ /dev/null @@ -1,309 +0,0 @@ -<?php - -/** - * HTML Purifier Phorum Mod. Filter your HTML the Standards-Compliant Way! - * - * This Phorum mod enables users to post raw HTML into Phorum. But never - * fear: with the help of HTML Purifier, this HTML will be beat into - * de-XSSed and standards-compliant form, safe for general consumption. - * It is not recommended, but possible to run this mod in parallel - * with other formatters (in short, please DISABLE the BBcode mod). - * - * For help migrating from your previous markup language to pure HTML - * please check the migrate.bbcode.php file. - * - * If you'd like to use this with a WYSIWYG editor, make sure that - * editor sets $PHORUM['mod_htmlpurifier']['wysiwyg'] to true. Otherwise, - * administrators who need to edit other people's comments may be at - * risk for some nasty attacks. - * - * Tested with Phorum 5.2.11. - */ - -// Note: Cache data is base64 encoded because Phorum insists on flinging -// to the user and expecting it to come back unharmed, newlines and -// all, which ain't happening. It's slower, it takes up more space, but -// at least it won't get mutilated - -/** - * Purifies a data array - */ -function phorum_htmlpurifier_format($data) -{ - $PHORUM = $GLOBALS["PHORUM"]; - - $purifier =& HTMLPurifier::getInstance(); - $cache_serial = $PHORUM['mod_htmlpurifier']['body_cache_serial']; - - foreach($data as $message_id => $message){ - if(isset($message['body'])) { - - if ($message_id) { - // we're dealing with a real message, not a fake, so - // there a number of shortcuts that can be taken - - if (isset($message['meta']['htmlpurifier_light'])) { - // format hook was called outside of Phorum's normal - // functions, do the abridged purification - $data[$message_id]['body'] = $purifier->purify($message['body']); - continue; - } - - if (!empty($PHORUM['args']['purge'])) { - // purge the cache, must be below the following if - unset($message['meta']['body_cache']); - } - - if ( - isset($message['meta']['body_cache']) && - isset($message['meta']['body_cache_serial']) && - $message['meta']['body_cache_serial'] == $cache_serial - ) { - // cached version is present, bail out early - $data[$message_id]['body'] = base64_decode($message['meta']['body_cache']); - continue; - } - } - - // migration might edit this array, that's why it's defined - // so early - $updated_message = array(); - - // create the $body variable - if ( - $message_id && // message must be real to migrate - !isset($message['meta']['body_cache_serial']) - ) { - // perform migration - $fake_data = array(); - list($signature, $edit_message) = phorum_htmlpurifier_remove_sig_and_editmessage($message); - $fake_data[$message_id] = $message; - $fake_data = phorum_htmlpurifier_migrate($fake_data); - $body = $fake_data[$message_id]['body']; - $body = str_replace("<phorum break>\n", "\n", $body); - $updated_message['body'] = $body; // save it in - $body .= $signature . $edit_message; // add it back in - } else { - // reverse Phorum's pre-processing - $body = $message['body']; - // order is important - $body = str_replace("<phorum break>\n", "\n", $body); - $body = str_replace(array('<','>','&', '"'), array('<','>','&','"'), $body); - if (!$message_id && defined('PHORUM_CONTROL_CENTER')) { - // we're in control.php, so it was double-escaped - $body = str_replace(array('<','>','&', '"'), array('<','>','&','"'), $body); - } - } - - $body = $purifier->purify($body); - - // dynamically update the cache (MUST BE DONE HERE!) - // this is inefficient because it's one db call per - // cache miss, but once the cache is in place things are - // a lot zippier. - - if ($message_id) { // make sure it's not a fake id - $updated_message['meta'] = $message['meta']; - $updated_message['meta']['body_cache'] = base64_encode($body); - $updated_message['meta']['body_cache_serial'] = $cache_serial; - phorum_db_update_message($message_id, $updated_message); - } - - // must not get overloaded until after we cache it, otherwise - // we'll inadvertently change the original text - $data[$message_id]['body'] = $body; - - } - } - - return $data; -} - -// ----------------------------------------------------------------------- -// This is fragile code, copied from read.php:596 (Phorum 5.2.6). Please -// keep this code in-sync with Phorum - -/** - * Generates a signature based on a message array - */ -function phorum_htmlpurifier_generate_sig($row) { - $phorum_sig = ''; - if(isset($row["user"]["signature"]) - && isset($row['meta']['show_signature']) && $row['meta']['show_signature']==1){ - $phorum_sig=trim($row["user"]["signature"]); - if(!empty($phorum_sig)){ - $phorum_sig="\n\n$phorum_sig"; - } - } - return $phorum_sig; -} - -/** - * Generates an edit message based on a message array - */ -function phorum_htmlpurifier_generate_editmessage($row) { - $PHORUM = $GLOBALS['PHORUM']; - $editmessage = ''; - if(isset($row['meta']['edit_count']) && $row['meta']['edit_count'] > 0) { - $editmessage = str_replace ("%count%", $row['meta']['edit_count'], $PHORUM["DATA"]["LANG"]["EditedMessage"]); - $editmessage = str_replace ("%lastedit%", phorum_date($PHORUM["short_date_time"],$row['meta']['edit_date']), $editmessage); - $editmessage = str_replace ("%lastuser%", $row['meta']['edit_username'], $editmessage); - $editmessage = "\n\n\n\n$editmessage"; - } - return $editmessage; -} - -// End fragile code -// ----------------------------------------------------------------------- - -/** - * Removes the signature and edit message from a message - * @param $row Message passed by reference - */ -function phorum_htmlpurifier_remove_sig_and_editmessage(&$row) { - $signature = phorum_htmlpurifier_generate_sig($row); - $editmessage = phorum_htmlpurifier_generate_editmessage($row); - $replacements = array(); - // we need to remove add <phorum break> as that is the form these - // extra bits are in. - if ($signature) $replacements[str_replace("\n", "<phorum break>\n", $signature)] = ''; - if ($editmessage) $replacements[str_replace("\n", "<phorum break>\n", $editmessage)] = ''; - $row['body'] = strtr($row['body'], $replacements); - return array($signature, $editmessage); -} - -/** - * Indicate that data is fully HTML and not from migration, invalidate - * previous caches - * @note This function could generate the actual cache entries, but - * since there's data missing that must be deferred to the first read - */ -function phorum_htmlpurifier_posting($message) { - $PHORUM = $GLOBALS["PHORUM"]; - unset($message['meta']['body_cache']); // invalidate the cache - $message['meta']['body_cache_serial'] = $PHORUM['mod_htmlpurifier']['body_cache_serial']; - return $message; -} - -/** - * Overload quoting mechanism to prevent default, mail-style quote from happening - */ -function phorum_htmlpurifier_quote($array) { - $PHORUM = $GLOBALS["PHORUM"]; - $purifier =& HTMLPurifier::getInstance(); - $text = $purifier->purify($array[1]); - $source = htmlspecialchars($array[0]); - return "<blockquote cite=\"$source\">\n$text\n</blockquote>"; -} - -/** - * Ensure that our format hook is processed last. Also, loads the library. - * @credits <http://secretsauce.phorum.org/snippets/make_bbcode_last_formatter.php.txt> - */ -function phorum_htmlpurifier_common() { - - require_once(dirname(__FILE__).'/htmlpurifier/HTMLPurifier.auto.php'); - require(dirname(__FILE__).'/init-config.php'); - - $config = phorum_htmlpurifier_get_config(); - HTMLPurifier::getInstance($config); - - // increment revision.txt if you want to invalidate the cache - $GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial(); - - // load migration - if (file_exists(dirname(__FILE__) . '/migrate.php')) { - include(dirname(__FILE__) . '/migrate.php'); - } else { - echo '<strong>Error:</strong> No migration path specified for HTML Purifier, please check - <tt>modes/htmlpurifier/migrate.bbcode.php</tt> for instructions on - how to migrate from your previous markup language.'; - exit; - } - - if (!function_exists('phorum_htmlpurifier_migrate')) { - // Dummy function - function phorum_htmlpurifier_migrate($data) {return $data;} - } - -} - -/** - * Pre-emptively performs purification if it looks like a WYSIWYG editor - * is being used - */ -function phorum_htmlpurifier_before_editor($message) { - if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) { - if (!empty($message['body'])) { - $body = $message['body']; - // de-entity-ize contents - $body = str_replace(array('<','>','&'), array('<','>','&'), $body); - $purifier =& HTMLPurifier::getInstance(); - $body = $purifier->purify($body); - // re-entity-ize contents - $body = htmlspecialchars($body, ENT_QUOTES, $GLOBALS['PHORUM']['DATA']['CHARSET']); - $message['body'] = $body; - } - } - return $message; -} - -function phorum_htmlpurifier_editor_after_subject() { - // don't show this message if it's a WYSIWYG editor, since it will - // then be handled automatically - if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) { - $i = $GLOBALS['PHORUM']['DATA']['MODE']; - if ($i == 'quote' || $i == 'edit' || $i == 'moderation') { - ?> - <div> - <p> - <strong>Notice:</strong> HTML has been scrubbed for your safety. - If you would like to see the original, turn off WYSIWYG mode - (consult your administrator for details.) - </p> - </div> - <?php - } - return; - } - if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['suppress_message'])) return; - ?><div class="htmlpurifier-help"> - <p> - <strong>HTML input</strong> is enabled. Make sure you escape all HTML and - angled brackets with <code>&lt;</code> and <code>&gt;</code>. - </p><?php - $purifier =& HTMLPurifier::getInstance(); - $config = $purifier->config; - if ($config->get('AutoFormat.AutoParagraph')) { - ?><p> - <strong>Auto-paragraphing</strong> is enabled. Double - newlines will be converted to paragraphs; for single - newlines, use the <code>pre</code> tag. - </p><?php - } - $html_definition = $config->getDefinition('HTML'); - $allowed = array(); - foreach ($html_definition->info as $name => $x) $allowed[] = "<code>$name</code>"; - sort($allowed); - $allowed_text = implode(', ', $allowed); - ?><p><strong>Allowed tags:</strong> <?php - echo $allowed_text; - ?>.</p><?php - ?> - </p> - <p> - For inputting literal code such as HTML and PHP for display, use - CDATA tags to auto-escape your angled brackets, and <code>pre</code> - to preserve newlines: - </p> - <pre><pre><![CDATA[ -<em>Place code here</em> -]]></pre></pre> - <p> - Power users, you can hide this notice with: - <pre>.htmlpurifier-help {display:none;}</pre> - </p> - </div><?php -} - -// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/info.txt b/lib/htmlpurifier/plugins/phorum/info.txt deleted file mode 100644 index 723465490..000000000 --- a/lib/htmlpurifier/plugins/phorum/info.txt +++ /dev/null @@ -1,18 +0,0 @@ -title: HTML Purifier Phorum Mod -desc: This module enables standards-compliant HTML filtering on Phorum. Please check migrate.bbcode.php before enabling this mod. -author: Edward Z. Yang -url: http://htmlpurifier.org/ -version: 4.0.0 - -hook: format|phorum_htmlpurifier_format -hook: quote|phorum_htmlpurifier_quote -hook: posting_custom_action|phorum_htmlpurifier_posting -hook: common|phorum_htmlpurifier_common -hook: before_editor|phorum_htmlpurifier_before_editor -hook: tpl_editor_after_subject|phorum_htmlpurifier_editor_after_subject - -# This module is meant to be a drop-in for bbcode, so make it run last. -priority: run module after * -priority: run hook format after * - - vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/init-config.php b/lib/htmlpurifier/plugins/phorum/init-config.php deleted file mode 100644 index aa7b15599..000000000 --- a/lib/htmlpurifier/plugins/phorum/init-config.php +++ /dev/null @@ -1,28 +0,0 @@ -<?php - -/** - * Initializes the appropriate configuration from either a PHP file - * or a module configuration value - * @return Instance of HTMLPurifier_Config - */ -function phorum_htmlpurifier_get_config($default = false) { - global $PHORUM; - $config_exists = phorum_htmlpurifier_config_file_exists(); - if ($default || $config_exists || !isset($PHORUM['mod_htmlpurifier']['config'])) { - $config = HTMLPurifier_Config::createDefault(); - include(dirname(__FILE__) . '/config.default.php'); - if ($config_exists) { - include(dirname(__FILE__) . '/config.php'); - } - unset($PHORUM['mod_htmlpurifier']['config']); // unnecessary - } else { - $config = HTMLPurifier_Config::create($PHORUM['mod_htmlpurifier']['config']); - } - return $config; -} - -function phorum_htmlpurifier_config_file_exists() { - return file_exists(dirname(__FILE__) . '/config.php'); -} - -// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/migrate.bbcode.php b/lib/htmlpurifier/plugins/phorum/migrate.bbcode.php deleted file mode 100644 index 24f0ec4a9..000000000 --- a/lib/htmlpurifier/plugins/phorum/migrate.bbcode.php +++ /dev/null @@ -1,30 +0,0 @@ -<?php - -/** - * This file is responsible for migrating from a specific markup language - * like BBCode or Markdown to HTML. WARNING: THIS PROCESS IS NOT REVERSIBLE - * - * Copy this file to 'migrate.php' and it will automatically work for - * BBCode; you may need to tweak this a little to get it to work for other - * languages (usually, just replace the include name and the function name). - * - * If you do NOT want to have any migration performed (for instance, you - * are installing the module on a new forum with no posts), simply remove - * phorum_htmlpurifier_migrate() function. You still need migrate.php - * present, otherwise the module won't work. This ensures that the user - * explicitly says, "No, I do not need to migrate." - */ - -if(!defined("PHORUM")) exit; - -require_once(dirname(__FILE__) . "/../bbcode/bbcode.php"); - -/** - * 'format' hook style function that will be called to convert - * legacy markup into HTML. - */ -function phorum_htmlpurifier_migrate($data) { - return phorum_mod_bbcode_format($data); // bbcode's 'format' hook -} - -// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/settings.php b/lib/htmlpurifier/plugins/phorum/settings.php deleted file mode 100644 index 8158f0282..000000000 --- a/lib/htmlpurifier/plugins/phorum/settings.php +++ /dev/null @@ -1,64 +0,0 @@ -<?php - -// based off of BBCode's settings file - -/** - * HTML Purifier Phorum mod settings configuration. This provides - * a convenient web-interface for editing the most common HTML Purifier - * configuration directives. You can also specify custom configuration - * by creating a 'config.php' file. - */ - -if(!defined("PHORUM_ADMIN")) exit; - -// error reporting is good! -error_reporting(E_ALL ^ E_NOTICE); - -// load library and other paraphenalia -require_once './include/admin/PhorumInputForm.php'; -require_once (dirname(__FILE__) . '/htmlpurifier/HTMLPurifier.auto.php'); -require_once (dirname(__FILE__) . '/init-config.php'); -require_once (dirname(__FILE__) . '/settings/migrate-sigs-form.php'); -require_once (dirname(__FILE__) . '/settings/migrate-sigs.php'); -require_once (dirname(__FILE__) . '/settings/form.php'); -require_once (dirname(__FILE__) . '/settings/save.php'); - -// define friendly configuration directives. you can expand this array -// to get more web-definable directives -$PHORUM['mod_htmlpurifier']['directives'] = array( - 'URI.Host', // auto-detectable - 'URI.DisableExternal', - 'URI.DisableExternalResources', - 'URI.DisableResources', - 'URI.Munge', - 'URI.HostBlacklist', - 'URI.Disable', - 'HTML.TidyLevel', - 'HTML.Doctype', // auto-detectable - 'HTML.Allowed', - 'AutoFormat', - '-AutoFormat.Custom', - 'AutoFormatParam', - 'Output.TidyFormat', -); - -// lower this setting if you're getting time outs/out of memory -$PHORUM['mod_htmlpurifier']['migrate-sigs-increment'] = 100; - -if (isset($_POST['reset'])) { - unset($PHORUM['mod_htmlpurifier']['config']); -} - -if ($offset = phorum_htmlpurifier_migrate_sigs_check()) { - // migrate signatures - phorum_htmlpurifier_migrate_sigs($offset); -} elseif(!empty($_POST)){ - // save settings - phorum_htmlpurifier_save_settings(); -} - -phorum_htmlpurifier_show_migrate_sigs_form(); -echo '<br />'; -phorum_htmlpurifier_show_form(); - -// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/settings/form.php b/lib/htmlpurifier/plugins/phorum/settings/form.php deleted file mode 100644 index a47a5fae7..000000000 --- a/lib/htmlpurifier/plugins/phorum/settings/form.php +++ /dev/null @@ -1,93 +0,0 @@ -<?php - -function phorum_htmlpurifier_show_form() { - if (phorum_htmlpurifier_config_file_exists()) { - phorum_htmlpurifier_show_config_info(); - return; - } - - global $PHORUM; - - $config = phorum_htmlpurifier_get_config(); - - $frm = new PhorumInputForm ("", "post", "Save"); - $frm->hidden("module", "modsettings"); - $frm->hidden("mod", "htmlpurifier"); // this is the directory name that the Settings file lives in - - if (!empty($error)){ - echo "$error<br />"; - } - - $frm->addbreak("Edit settings for the HTML Purifier module"); - - $frm->addMessage('<p>The box below sets <code>$PHORUM[\'mod_htmlpurifier\'][\'wysiwyg\']</code>. - When checked, contents sent for edit are now purified and the - informative message is disabled. If your WYSIWYG editor is disabled for - admin edits, you can safely keep this unchecked.</p>'); - $frm->addRow('Use WYSIWYG?', $frm->checkbox('wysiwyg', '1', '', $PHORUM['mod_htmlpurifier']['wysiwyg'])); - - $frm->addMessage('<p>The box below sets <code>$PHORUM[\'mod_htmlpurifier\'][\'suppress_message\']</code>, - which removes the big how-to use - HTML Purifier message.</p>'); - $frm->addRow('Suppress information?', $frm->checkbox('suppress_message', '1', '', $PHORUM['mod_htmlpurifier']['suppress_message'])); - - $frm->addMessage('<p>Click on directive links to read what each option does - (links do not open in new windows).</p> - <p>For more flexibility (for instance, you want to edit the full - range of configuration directives), you can create a <tt>config.php</tt> - file in your <tt>mods/htmlpurifier/</tt> directory. Doing so will, - however, make the web configuration interface unavailable.</p>'); - - require_once 'HTMLPurifier/Printer/ConfigForm.php'; - $htmlpurifier_form = new HTMLPurifier_Printer_ConfigForm('config', 'http://htmlpurifier.org/live/configdoc/plain.html#%s'); - $htmlpurifier_form->setTextareaDimensions(23, 7); // widen a little, since we have space - - $frm->addMessage($htmlpurifier_form->render( - $config, $PHORUM['mod_htmlpurifier']['directives'], false)); - - $frm->addMessage("<strong>Warning: Changing HTML Purifier's configuration will invalidate - the cache. Expect to see a flurry of database activity after you change - any of these settings.</strong>"); - - $frm->addrow('Reset to defaults:', $frm->checkbox("reset", "1", "", false)); - - // hack to include extra styling - echo '<style type="text/css">' . $htmlpurifier_form->getCSS() . ' - .hp-config {margin-left:auto;margin-right:auto;} - </style>'; - $js = $htmlpurifier_form->getJavaScript(); - echo '<script type="text/javascript">'."<!--\n$js\n//-->".'</script>'; - - $frm->show(); -} - -function phorum_htmlpurifier_show_config_info() { - global $PHORUM; - - // update mod_htmlpurifier for housekeeping - phorum_htmlpurifier_commit_settings(); - - // politely tell user how to edit settings manually -?> - <div class="input-form-td-break">How to edit settings for HTML Purifier module</div> - <p> - A <tt>config.php</tt> file exists in your <tt>mods/htmlpurifier/</tt> - directory. This file contains your custom configuration: in order to - change it, please navigate to that file and edit it accordingly. - You can also set <code>$GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg']</code> - or <code>$GLOBALS['PHORUM']['mod_htmlpurifier']['suppress_message']</code> - </p> - <p> - To use the web interface, delete <tt>config.php</tt> (or rename it to - <tt>config.php.bak</tt>). - </p> - <p> - <strong>Warning: Changing HTML Purifier's configuration will invalidate - the cache. Expect to see a flurry of database activity after you change - any of these settings.</strong> - </p> -<?php - -} - -// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php b/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php deleted file mode 100644 index 2d63ebe48..000000000 --- a/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php +++ /dev/null @@ -1,22 +0,0 @@ -<?php - -function phorum_htmlpurifier_show_migrate_sigs_form() { - - $frm = new PhorumInputForm ('', "post", "Migrate"); - $frm->hidden("module", "modsettings"); - $frm->hidden("mod", "htmlpurifier"); - $frm->hidden("migrate-sigs", "1"); - $frm->addbreak("Migrate user signatures to HTML"); - $frm->addMessage('This operation will migrate your users signatures - to HTML. <strong>This process is irreversible and must only be performed once.</strong> - Type in yes in the confirmation field to migrate.'); - if (!file_exists(dirname(__FILE__) . '/../migrate.php')) { - $frm->addMessage('Migration file does not exist, cannot migrate signatures. - Please check <tt>migrate.bbcode.php</tt> on how to create an appropriate file.'); - } else { - $frm->addrow('Confirm:', $frm->text_box("confirmation", "")); - } - $frm->show(); -} - -// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs.php b/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs.php deleted file mode 100644 index 81c1f0ba9..000000000 --- a/lib/htmlpurifier/plugins/phorum/settings/migrate-sigs.php +++ /dev/null @@ -1,77 +0,0 @@ -<?php - -function phorum_htmlpurifier_migrate_sigs_check() { - global $PHORUM; - $offset = 0; - if (!empty($_POST['migrate-sigs'])) { - if (!isset($_POST['confirmation']) || strtolower($_POST['confirmation']) !== 'yes') { - echo 'Invalid confirmation code.'; - exit; - } - $PHORUM['mod_htmlpurifier']['migrate-sigs'] = true; - phorum_db_update_settings(array("mod_htmlpurifier"=>$PHORUM["mod_htmlpurifier"])); - $offset = 1; - } elseif (!empty($_GET['migrate-sigs']) && $PHORUM['mod_htmlpurifier']['migrate-sigs']) { - $offset = (int) $_GET['migrate-sigs']; - } - return $offset; -} - -function phorum_htmlpurifier_migrate_sigs($offset) { - global $PHORUM; - - if(!$offset) return; // bail out quick if $offset == 0 - - // theoretically, we could get rid of this multi-request - // doo-hickery if safe mode is off - @set_time_limit(0); // attempt to let this run - $increment = $PHORUM['mod_htmlpurifier']['migrate-sigs-increment']; - - require_once(dirname(__FILE__) . '/../migrate.php'); - // migrate signatures - // do this in batches so we don't run out of time/space - $end = $offset + $increment; - $user_ids = array(); - for ($i = $offset; $i < $end; $i++) { - $user_ids[] = $i; - } - $userinfos = phorum_db_user_get_fields($user_ids, 'signature'); - foreach ($userinfos as $i => $user) { - if (empty($user['signature'])) continue; - $sig = $user['signature']; - // perform standard Phorum processing on the sig - $sig = str_replace(array("&","<",">"), array("&","<",">"), $sig); - $sig = preg_replace("/<((http|https|ftp):\/\/[a-z0-9;\/\?:@=\&\$\-_\.\+!*'\(\),~%]+?)>/i", "$1", $sig); - // prepare fake data to pass to migration function - $fake_data = array(array("author"=>"", "email"=>"", "subject"=>"", 'body' => $sig)); - list($fake_message) = phorum_htmlpurifier_migrate($fake_data); - $user['signature'] = $fake_message['body']; - if (!phorum_api_user_save($user)) { - exit('Error while saving user data'); - } - } - unset($userinfos); // free up memory - - // query for highest ID in database - $type = $PHORUM['DBCONFIG']['type']; - $sql = "select MAX(user_id) from {$PHORUM['user_table']}"; - $row = phorum_db_interact(DB_RETURN_ROW, $sql); - $top_id = (int) $row[0]; - - $offset += $increment; - if ($offset > $top_id) { // test for end condition - echo 'Migration finished'; - $PHORUM['mod_htmlpurifier']['migrate-sigs'] = false; - phorum_htmlpurifier_commit_settings(); - return true; - } - $host = $_SERVER['HTTP_HOST']; - $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); - $extra = 'admin.php?module=modsettings&mod=htmlpurifier&migrate-sigs=' . $offset; - // relies on output buffering to work - header("Location: http://$host$uri/$extra"); - exit; - -} - -// vim: et sw=4 sts=4 diff --git a/lib/htmlpurifier/plugins/phorum/settings/save.php b/lib/htmlpurifier/plugins/phorum/settings/save.php deleted file mode 100644 index 7dbb767d0..000000000 --- a/lib/htmlpurifier/plugins/phorum/settings/save.php +++ /dev/null @@ -1,27 +0,0 @@ -<?php - -function phorum_htmlpurifier_save_settings() { - global $PHORUM; - if (phorum_htmlpurifier_config_file_exists()) { - echo "Cannot update settings, <code>mods/htmlpurifier/config.php</code> already exists. To change - settings, edit that file. To use the web form, delete that file.<br />"; - } else { - $config = phorum_htmlpurifier_get_config(true); - if (!isset($_POST['reset'])) $config->mergeArrayFromForm($_POST, 'config', $PHORUM['mod_htmlpurifier']['directives']); - $PHORUM['mod_htmlpurifier']['config'] = $config->getAll(); - } - $PHORUM['mod_htmlpurifier']['wysiwyg'] = !empty($_POST['wysiwyg']); - $PHORUM['mod_htmlpurifier']['suppress_message'] = !empty($_POST['suppress_message']); - if(!phorum_htmlpurifier_commit_settings()){ - $error="Database error while updating settings."; - } else { - echo "Settings Updated<br />"; - } -} - -function phorum_htmlpurifier_commit_settings() { - global $PHORUM; - return phorum_db_update_settings(array("mod_htmlpurifier"=>$PHORUM["mod_htmlpurifier"])); -} - -// vim: et sw=4 sts=4 |