Vergleich inc/class_parser.php - 1.6.1 - 1.6.10

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: class_parser.php 5141 2010-07-29 23:32:11Z RyanGordon $	* $Id$
/ /	/ /
Zeile 114	Zeile 114
} else {	} else {
while(preg_match("#<script(.)>(.)</script(.*)>#is", $message))	while(preg_match("#<s(cript\|tyle)(.)>(.)</s(cript\|tyle)(.*)>#is", $message))
{	{
$message = preg_replace("#<script(.)>(.)</script(.*)>#is", "<script$1>$2</script$3>", $message);	$message = preg_replace("#<s(cript\|tyle)(.)>(.)</s(cript\|tyle)(.*)>#is", "<s$1$2>$3</s$4$5>", $message);
}	}
// Remove these completely $message = preg_replace("#\s<base[^>]>\s#is", "", $message); $message = preg_replace("#\s<meta[^>]>\s#is", "", $message); $message = str_replace(array('<?php', '<!--', '-->', '?>', "<br />\n", "<br>\n"), array('<?php', '<!--', '-->', '?>', "\n", "\n"), $message);	$find = array('<?php', '<!--', '-->', '?>', "<br />\n", "<br>\n"); $replace = array('<?php', '<!--', '-->', '?>', "\n", "\n"); $message = str_replace($find, $replace, $message);
} // If MyCode needs to be replaced, first filter out [code] and [php] tags. if($this->options['allow_mycode']) {	} // If MyCode needs to be replaced, first filter out [code] and [php] tags. if($this->options['allow_mycode']) {
// First we split up the contents of code and php tags to ensure they're not parsed.
preg_match_all("#\[(code\|php)\](.?)\[/\\1\](\r\n?\|\n?)#si", $message, $code_matches, PREG_SET_ORDER); $message = preg_replace("#\[(code\|php)\](.?)\[/\\1\](\r\n?\|\n?)#si", "<mybb-code>\n", $message);	preg_match_all("#\[(code\|php)\](.?)\[/\\1\](\r\n?\|\n?)#si", $message, $code_matches, PREG_SET_ORDER); $message = preg_replace("#\[(code\|php)\](.?)\[/\\1\](\r\n?\|\n?)#si", "<mybb-code>\n", $message);
}	}
// Always fix bad Javascript in the message. $message = $this->fix_javascript($message);	// Always fix bad Javascript in the message. $message = $this->fix_javascript($message);
Zeile 146	Zeile 145
// If we can, parse smilies if($this->options['allow_smilies'])	// If we can, parse smilies if($this->options['allow_smilies'])
{	{
$message = $this->parse_smilies($message, $this->options['allow_html']); }	$message = $this->parse_smilies($message, $this->options['allow_html']); }
Zeile 154	Zeile 153
if($this->options['allow_mycode']) { $message = $this->parse_mycode($message, $this->options);	if($this->options['allow_mycode']) { $message = $this->parse_mycode($message, $this->options);
}	}
// Parse Highlights	// Parse Highlights
if($this->options['highlight'])	if(!empty($this->options['highlight']))
{ $message = $this->highlight_message($message, $this->options['highlight']); }	{ $message = $this->highlight_message($message, $this->options['highlight']); }
Zeile 177	Zeile 176
{ $text[2] = $this->parse_html($text[2]); }	{ $text[2] = $this->parse_html($text[2]); }

if(my_strtolower($text[1]) == "code") { $code = $this->mycode_parse_code($text[2]);	if(my_strtolower($text[1]) == "code") { $code = $this->mycode_parse_code($text[2]);
Zeile 191	Zeile 190
} }	} }
if($options['nl2br'] !== 0)	// Replace meta and base tags in our post - these are > dangerous < if($this->options['allow_html']) { $message = preg_replace_callback("#<((m[^a])\|(b[^diloru>])\|(s[^aemptu>]))(\s[^>])>#si", create_function( '$matches', 'return htmlspecialchars_uni($matches[0]);' ), $message); } if(!isset($options['nl2br']) \|\| $options['nl2br'] != 0)
{ $message = nl2br($message); // Fix up new lines and block level elements	{ $message = nl2br($message); // Fix up new lines and block level elements
Zeile 391	Zeile 399
*/ private function cache_smilies() {	*/ private function cache_smilies() {
global $cache;	global $cache, $mybb;
$this->smilies_cache = array(); $smilies = $cache->read("smilies"); if(is_array($smilies))	$this->smilies_cache = array(); $smilies = $cache->read("smilies"); if(is_array($smilies))
{	{
foreach($smilies as $sid => $smilie) {	foreach($smilies as $sid => $smilie) {
	if(defined("IN_ARCHIVE") && substr($smilie['image'], 0, 4) != "http") { // We're in the archive and not using an outside image, add in our address $smilie['image'] = $mybb->settings['bburl']."/".$smilie['image']; }
$this->smilies_cache[$smilie['find']] = "<img src=\"{$smilie['image']}\" style=\"vertical-align: middle;\" border=\"0\" alt=\"{$smilie['name']}\" title=\"{$smilie['name']}\" />"; }	$this->smilies_cache[$smilie['find']] = "<img src=\"{$smilie['image']}\" style=\"vertical-align: middle;\" border=\"0\" alt=\"{$smilie['name']}\" title=\"{$smilie['name']}\" />"; }
}	}
} /**	} /**
Zeile 422	Zeile 436
$message = ' ' . $message . ' '; // First we take out any of the tags we don't want parsed between (url= etc)	$message = ' ' . $message . ' '; // First we take out any of the tags we don't want parsed between (url= etc)
preg_match_all("#\[(url(=[^\]]])?\](.?)\[\/url\]\|quote=([^\]])?\])#i", $message, $bad_matches, PREG_PATTERN_ORDER); $message = preg_replace("#\[(url(=[^\]]])?\](.?)\[\/url\]\|quote=([^\]])?\])#si", "<mybb-bad-sm>", $message);	preg_match_all("#\[(url(=[^\]])?\]\|quote=([^\]])?\])#i", $message, $bad_matches, PREG_PATTERN_ORDER); $message = preg_replace("#\[(url(=[^\]])?\]\|quote=([^\]])?\])#si", "<mybb-bad-sm>", $message);
// Impose a hard limit of 500 smilies per message as to not overload the parser $remaining = 500;	// Impose a hard limit of 500 smilies per message as to not overload the parser $remaining = 500;
Zeile 435	Zeile 449
$orig_message = $message; $find = $this->parse_html($find); $find = preg_quote($find, "#");	$orig_message = $message; $find = $this->parse_html($find); $find = preg_quote($find, "#");
	$replace = strip_tags($replace, "<img>");
// Fix issues for smileys starting with a ";" $orig_find = $find;	// Fix issues for smileys starting with a ";" $orig_find = $find;
Zeile 519	Zeile 535
} } }	} } }
if($options['strip_tags'] == 1)	if(isset($options['strip_tags']) && $options['strip_tags'] == 1)
{ $message = strip_tags($message); }	{ $message = strip_tags($message); }
Zeile 535	Zeile 551
function fix_javascript($message) { $js_array = array(	function fix_javascript($message) { $js_array = array(
"#(&\#(0)106;\|&\#(0)74;\|j)((&\#(0)97;\|&\#(0)65;\|a)(&\#(0)118;\|&\#(0)86;\|v)(&\#(0)97;\|&\#(0)65;\|a)(\s)?(&\#(0)115;\|&\#(0)83;\|s)(&\#(0)99;\|&\#(0)67;\|c)(&\#(0)114;\|&\#(0)82;\|r)(&\#(0)105;\|&\#(0)73;\|i)(&\#112;\|&\#(0)80;\|p)(&\#(0)116;\|&\#(0)84;\|t)(&\#(0)58;\|\:))#i",	"#(&\#(0)106;?\|&\#(0)74;?\|&\#x(0)4a;?\|&\#x(0)6a;?\|j)((&\#(0)97;?\|&\#(0)65;?\|a)(&\#(0)118;?\|&\#(0)86;?\|v)(&\#(0)97;?\|&\#(0)65;?\|a)(\s)?(&\#(0)115;?\|&\#(0)83;?\|s)(&\#(0)99;?\|&\#(0)67;?\|c)(&\#(0)114;?\|&\#(0)82;?\|r)(&\#(0)105;?\|&\#(0)73;?\|i)(&\#112;?\|&\#(0)80;?\|p)(&\#(0)116;?\|&\#(0)84;?\|t)(&\#(0)58;?\|\:))#i",
"#(o)(nmouseover\s?=)#i", "#(o)(nmouseout\s?=)#i", "#(o)(nmousedown\s?=)#i",	"#(o)(nmouseover\s?=)#i", "#(o)(nmouseout\s?=)#i", "#(o)(nmousedown\s?=)#i",
Zeile 550	Zeile 566
"#(o)(nfocus\s?=)#i", "#(o)(nselect\s?=)#i", "#(o)(nunload\s?=)#i",	"#(o)(nfocus\s?=)#i", "#(o)(nselect\s?=)#i", "#(o)(nunload\s?=)#i",
"#(o)(nkeypress\s?=)#i"	"#(o)(nkeypress\s?=)#i", "#(o)(nerror\s?=)#i", "#(o)(nreset\s?=)#i", "#(o)(nabort\s?=)#i"
); $message = preg_replace($js_array, "$1<strong></strong>$2$4", $message);	); $message = preg_replace($js_array, "$1<strong></strong>$2$4", $message);
Zeile 592	Zeile 611
// Assign pattern and replace values. $pattern = array(	// Assign pattern and replace values. $pattern = array(
"#\[quote=(?:"\|\"\|')?(.?)[\"']?(?:"\|\"\|')?\](.?)\[\/quote\](\r\n?\|\n?)#esi",	"#\[quote=([\"']\|"\|)(.?)(?:\\1)(.?)(?:[\"']\|")?\](.*?)\[/quote\](\r\n?\|\n?)#esi",
"#\[quote\](.*?)\[\/quote\](\r\n?\|\n?)#si" ); if($text_only == false) { $replace = array(	"#\[quote\](.*?)\[\/quote\](\r\n?\|\n?)#si" ); if($text_only == false) { $replace = array(
"\$this->mycode_parse_post_quotes('$2','$1')",	"\$this->mycode_parse_post_quotes('$4','$2$3')",
"<blockquote><cite>$lang->quote</cite>$1</blockquote>\n" ); } else { $replace = array(	"<blockquote><cite>$lang->quote</cite>$1</blockquote>\n" ); } else { $replace = array(
"\$this->mycode_parse_post_quotes('$2', '$1', true)",	"\$this->mycode_parse_post_quotes('$4','$2$3', true)",
"\n{$lang->quote}\n--\n$1\n--\n" ); }	"\n{$lang->quote}\n--\n$1\n--\n" ); }
while(preg_match($pattern[0], $message) \|\| preg_match($pattern[1], $message))	do
{	{
$message = preg_replace($pattern, $replace, $message); }	// preg_replace has erased the message? Restore it... if(!$message) { $message = $previous_message; break; } $previous_message = $message; $message = preg_replace($pattern, $replace, $message, -1, $count); } while($count);
if($text_only == false) {	if($text_only == false) {
Zeile 637	Zeile 663
* * @param string The message to be parsed * @param string The username to be parsed	* * @param string The message to be parsed * @param string The username to be parsed
* @param boolean Are we formatting as text?	* @param boolean Are we formatting as text?
* @return string The parsed message. */ function mycode_parse_post_quotes($message, $username, $text_only=false)	* @return string The parsed message. */ function mycode_parse_post_quotes($message, $username, $text_only=false)
Zeile 716	Zeile 742
* @return string The parsed message. */ function mycode_parse_code($code, $text_only=false)	* @return string The parsed message. */ function mycode_parse_code($code, $text_only=false)
{	{
global $lang;	global $lang;

if($text_only == true)	if($text_only == true)
{	{
return "\n{$lang->code}\n--\n{$code}\n--\n"; }	return "\n{$lang->code}\n--\n{$code}\n--\n"; }
Zeile 731	Zeile 757
if(empty($original)) {	if(empty($original)) {
return;	return;
} $code = str_replace('$', '$', $code);	} $code = str_replace('$', '$', $code);
Zeile 762	Zeile 788
// Clean the string before parsing except tab spaces. $str = preg_replace('#^(\t)(\n\|\r\|\0\|\x0B\| )#', '\\1', $str);	// Clean the string before parsing except tab spaces. $str = preg_replace('#^(\t)(\n\|\r\|\0\|\x0B\| )#', '\\1', $str);
$str = rtrim($str);	$str = rtrim($str);
$original = preg_replace('#^\t*#', '', $str);	$original = preg_replace('#^\t*#', '', $str);
Zeile 770	Zeile 796
{ return; }	{ return; }

$str = str_replace('&', '&', $str); $str = str_replace('<', '<', $str); $str = str_replace('>', '>', $str);	$str = str_replace('&', '&', $str); $str = str_replace('<', '<', $str); $str = str_replace('>', '>', $str);
Zeile 778	Zeile 804
// See if open and close tags are provided. $added_open_tag = false; if(!preg_match("#^\s*<\?#si", $str))	// See if open and close tags are provided. $added_open_tag = false; if(!preg_match("#^\s*<\?#si", $str))
{	{
$added_open_tag = true; $str = "<?php \n".$str; }	$added_open_tag = true; $str = "<?php \n".$str; }
Zeile 810	Zeile 836
$code = str_replace("?></span></code>", "</span></code>", $code); // Wait a minute. It fails highlighting? Stupid highlighter. $code = str_replace("?></code>", "</code>", $code);	$code = str_replace("?></span></code>", "</span></code>", $code); // Wait a minute. It fails highlighting? Stupid highlighter. $code = str_replace("?></code>", "</code>", $code);
}	}
$code = preg_replace("#<span style=\"color: \#([A-Z0-9]{6})\"></span>#", "", $code); $code = str_replace("<code>", "<div dir=\"ltr\"><code>", $code); $code = str_replace("</code>", "</code></div>", $code); $code = preg_replace("# *$#", "", $code);	$code = preg_replace("#<span style=\"color: \#([A-Z0-9]{6})\"></span>#", "", $code); $code = str_replace("<code>", "<div dir=\"ltr\"><code>", $code); $code = str_replace("</code>", "</code></div>", $code); $code = preg_replace("# *$#", "", $code);

if($bare_return) { return $code;	if($bare_return) { return $code;
Zeile 824	Zeile 850
// Send back the code all nice and pretty return "<div class=\"codeblock phpcodeblock\"><div class=\"title\">$lang->php_code\n</div><div class=\"body\">".$code."</div></div>\n";	// Send back the code all nice and pretty return "<div class=\"codeblock phpcodeblock\"><div class=\"title\">$lang->php_code\n</div><div class=\"body\">".$code."</div></div>\n";
}	}
/** * Parses URL MyCode. *	/** * Parses URL MyCode. *
Zeile 860	Zeile 886
$name = my_substr($url, 0, 40)."...".my_substr($url, -10); } }	$name = my_substr($url, 0, 40)."...".my_substr($url, -10); } }
	$nofollow = ''; if(isset($this->options['nofollow_on'])) { $nofollow = " rel=\"nofollow\""; }
// Fix some entities in URLs $entities = array('$' => '%24', '$' => '%24', '^' => '%5E', '`' => '%60', '[' => '%5B', ']' => '%5D', '{' => '%7B', '}' => '%7D', '"' => '%22', '<' => '%3C', '>' => '%3E', ' ' => '%20'); $fullurl = str_replace(array_keys($entities), array_values($entities), $fullurl); $name = preg_replace("#&\#([0-9]+);#si", "&#$1;", $name); // Fix & but allow unicode	// Fix some entities in URLs $entities = array('$' => '%24', '$' => '%24', '^' => '%5E', '`' => '%60', '[' => '%5B', ']' => '%5D', '{' => '%7B', '}' => '%7D', '"' => '%22', '<' => '%3C', '>' => '%3E', ' ' => '%20'); $fullurl = str_replace(array_keys($entities), array_values($entities), $fullurl); $name = preg_replace("#&\#([0-9]+);#si", "&#$1;", $name); // Fix & but allow unicode
$link = "<a href=\"$fullurl\" target=\"_blank\">$name</a>";	$link = "<a href=\"$fullurl\" target=\"_blank\"{$nofollow}>$name</a>";
return $link; }	return $link; }
Zeile 889	Zeile 921
else if($align == "left") { $css_align = " style=\"float: left;\"";	else if($align == "left") { $css_align = " style=\"float: left;\"";
}	}
$alt = htmlspecialchars_uni(basename($url)); if(my_strlen($alt) > 55) {	$alt = htmlspecialchars_uni(basename($url)); if(my_strlen($alt) > 55) {
Zeile 914	Zeile 946
* @return string The built-up email link. */ function mycode_parse_email($email, $name="")	* @return string The built-up email link. */ function mycode_parse_email($email, $name="")
{	{
$name = str_replace("\\'", "'", $name); $email = str_replace("\\'", "'", $email); if(!$name) { $name = $email;	$name = str_replace("\\'", "'", $name); $email = str_replace("\\'", "'", $email); if(!$name) { $name = $email;
}	}
if(preg_match("/^([a-zA-Z0-9-_\+\.]+?)@[a-zA-Z0-9-]+\.[a-zA-Z0-9\.-]+$/si", $email)) { return "<a href=\"mailto:$email\">".$name."</a>"; } else	if(preg_match("/^([a-zA-Z0-9-_\+\.]+?)@[a-zA-Z0-9-]+\.[a-zA-Z0-9\.-]+$/si", $email)) { return "<a href=\"mailto:$email\">".$name."</a>"; } else
{	{
return $email;	return $email;
}	}
} function mycode_parse_video($video, $url)	} function mycode_parse_video($video, $url)
Zeile 936	Zeile 968
global $templates; if(empty($video) \|\| empty($url))	global $templates; if(empty($video) \|\| empty($url))
{ return "[video={$video}]{$url}[/video]"; }	{ return "[video={$video}]{$url}[/video]"; }

$parsed_url = @parse_url($url);	$parsed_url = @parse_url(urldecode($url));
if($parsed_url == false)	if($parsed_url == false)
{ return "[video={$video}]{$url}[/video]";;	{ return "[video={$video}]{$url}[/video]";
} $fragments = array(); if($parsed_url['fragment']) { $fragments = explode("&", $parsed_url['fragment']);	} $fragments = array(); if($parsed_url['fragment']) { $fragments = explode("&", $parsed_url['fragment']);
} $queries = explode("&", $parsed_url['query']);	} $queries = explode("&", $parsed_url['query']);
$input = array(); foreach($queries as $query)	$input = array(); foreach($queries as $query)
Zeile 968	Zeile 1000
{ case "dailymotion": list($id, ) = split("_", $path[2], 1); // http://www.dailymotion.com/video/fds123_title-goes-here	{ case "dailymotion": list($id, ) = split("_", $path[2], 1); // http://www.dailymotion.com/video/fds123_title-goes-here
break; case "googlevideo": $id = $input['docid']; // http://video.google.com/videoplay?docid=fds123
break; case "metacafe": $id = $path[2]; // http://www.metacafe.com/watch/fds123/title_goes_here/ $title = htmlspecialchars_uni($path[3]); break; case "myspacetv":	break; case "metacafe": $id = $path[2]; // http://www.metacafe.com/watch/fds123/title_goes_here/ $title = htmlspecialchars_uni($path[3]); break; case "myspacetv":
$id = $input['videoid']; // http://myspacetv.com/index.cfm?fuseaction=vids.individual&videoid=fds123	$id = $path[4]; // http://www.myspace.com/video/fds/fds/123
break; case "yahoo":	break; case "yahoo":
$id = $path[3]; // http://video.yahoo.com/watch/fds123/abc567 $vid = htmlspecialchars_uni($path[2]);	$id = $path[1]; // http://xy.screen.yahoo.com/fds-123.html // Support for localized portals $domain = explode('.', $parsed_url['host']); if($domain[0] != 'screen') { $local = $domain[0].'.'; } else { $local = ''; }
break; case "vimeo": $id = $path[1]; // http://vimeo.com/fds123	break; case "vimeo": $id = $path[1]; // http://vimeo.com/fds123
Zeile 990	Zeile 1028
if($fragments[0]) { $id = str_replace('!v=', '', $fragments[0]); // http://www.youtube.com/watch#!v=fds123	if($fragments[0]) { $id = str_replace('!v=', '', $fragments[0]); // http://www.youtube.com/watch#!v=fds123
	} elseif($input['v']) { $id = $input['v']; // http://www.youtube.com/watch?v=fds123
} else {	} else {
$id = $input['v']; // http://www.youtube.com/watch?v=fds123	$id = $path[1]; // http://www.youtu.be/fds123
} break; default: return "[video={$video}]{$url}[/video]"; }	} break; default: return "[video={$video}]{$url}[/video]"; }
if(empty($id) \|\| ($video == "yahoo" && empty($vid)))	if(empty($id))
{ return "[video={$video}]{$url}[/video]"; }	{ return "[video={$video}]{$url}[/video]"; }
Zeile 1096	Zeile 1138
} /**	} /**
* Parses message to plain text equivilents of MyCode.	* Parses message to plain text equivalents of MyCode.
* * @param string The message to be parsed * @return string The parsed message.	* * @param string The message to be parsed * @return string The parsed message.
Zeile 1116	Zeile 1158
$find = array( "#\[(b\|u\|i\|s\|url\|email\|color\|img)\](.*?)\[/\\1\]#is",	$find = array( "#\[(b\|u\|i\|s\|url\|email\|color\|img)\](.*?)\[/\\1\]#is",
"#\[code\](.*?)\[/code\](\r\n?\|\n?)#ise",
"#\[php\](.*?)\[/php\](\r\n?\|\n?)#ise",	"#\[php\](.*?)\[/php\](\r\n?\|\n?)#ise",
	"#\[code\](.*?)\[/code\](\r\n?\|\n?)#ise",
"#\[img=([0-9]{1,3})x([0-9]{1,3})\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", "#\[url=([a-z]+?://)([^\r\n\"<]+?)\](.+?)\[/url\]#si", "#\[url=([^\r\n\"<&]+?)\](.+?)\[/url\]#si",	"#\[img=([0-9]{1,3})x([0-9]{1,3})\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", "#\[url=([a-z]+?://)([^\r\n\"<]+?)\](.+?)\[/url\]#si", "#\[url=([^\r\n\"<&]+?)\](.+?)\[/url\]#si",
Zeile 1140	Zeile 1182
$message = preg_replace('#(>\|^\|\r\|\n)/me ([^\r\n<])#i', "\\1 {$options['me_username']} \\2", $message); $message = preg_replace('#(>\|^\|\r\|\n)/slap ([^\r\n<])#i', "\\1 {$options['me_username']} {$lang->slaps} \\2 {$lang->with_trout}", $message);	$message = preg_replace('#(>\|^\|\r\|\n)/me ([^\r\n<])#i', "\\1 {$options['me_username']} \\2", $message); $message = preg_replace('#(>\|^\|\r\|\n)/slap ([^\r\n<])#i', "\\1 {$options['me_username']} {$lang->slaps} \\2 {$lang->with_trout}", $message);
}	}
// Special code requiring special attention	// Special code requiring special attention
while(preg_match("#\[list\](.*?)\[/list\]#si", $message))	while(preg_match("#\[list\](.*?)\[/list\]#esi", $message))
{	{
$message = preg_replace("#\[list\](.*?)\[/list\](\r\n?\|\n?)#esi", "\$this->mycode_parse_list('$1', '', true)\n", $message);	$message = preg_replace("#\s?\[list\](.*?)\[/list\](\r\n?\|\n?)#esi", "\$this->mycode_parse_list('$1')\n", $message);
} // Replace lists. while(preg_match("#\[list=(a\|A\|i\|I\|1)\](.*?)\[/list\](\r\n?\|\n?)#esi", $message)) {	} // Replace lists. while(preg_match("#\[list=(a\|A\|i\|I\|1)\](.*?)\[/list\](\r\n?\|\n?)#esi", $message)) {
$message = preg_replace("#\[list=(a\|A\|i\|I\|1)\](.*?)\[/list\]#esi", "\$this->mycode_parse_list('$2', '$1', true)\n", $message);	$message = preg_replace("#\s?\[list=(a\|A\|i\|I\|1)\](.*?)\[/list\]#esi", "\$this->mycode_parse_list('$2', '$1')\n", $message);
} // Run plugin hooks	} // Run plugin hooks