Vergleich inc/class_parser.php - 1.8.10 - 1.8.26

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 141	Zeile 141
} // If MyCode needs to be replaced, first filter out [code] and [php] tags.	} // If MyCode needs to be replaced, first filter out [code] and [php] tags.
	$code_matches = array();
if(!empty($this->options['allow_mycode']) && $mybb->settings['allowcodemycode'] == 1) { // This code is reserved and could break codes $message = str_replace("<mybb-code>\n", "<mybb_code>\n", $message);	if(!empty($this->options['allow_mycode']) && $mybb->settings['allowcodemycode'] == 1) { // This code is reserved and could break codes $message = str_replace("<mybb-code>\n", "<mybb_code>\n", $message);
preg_match_all("#\[(code\|php)\](.?)\[/\\1\](\r\n?\|\n?)#si", $message, $code_matches, PREG_SET_ORDER); $message = preg_replace("#\[(code\|php)\](.?)\[/\\1\](\r\n?\|\n?)#si", "<mybb-code>\n", $message);	preg_match_all("#\[(code\|php)\](.?)(\[/\\1\])+(\r\n?\|\n?)#si", $message, $code_matches, PREG_SET_ORDER); foreach($code_matches as $point => $part) { if(isset($part[3])) { $part[1] = "[".$part[1]."]"; $code_matches[$point][2] = substr_replace($part[0], "", strrpos($part[0], $part[3]), strlen($part[3])); $code_matches[$point][2] = substr_replace($code_matches[$point][2], "", strpos($code_matches[$point][2], $part[1]), strlen($part[1])); } } $message = preg_replace("#\[(code\|php)\](.?)(\[/\\1\])+(\r\n?\|\n?)#si", "<mybb-code>\n", $message);
} if(empty($this->options['allow_html'])) { $message = $this->parse_html($message); $message = str_replace("<mybb-code>\n", "<mybb-code>\n", $message);	} if(empty($this->options['allow_html'])) { $message = $this->parse_html($message); $message = str_replace("<mybb-code>\n", "<mybb-code>\n", $message);
}	}
else { // Replace base, meta,script and style tags in our post - these are > dangerous < $message = preg_replace('#<(/?)(base\|meta\|script\|style)([^>]*)>#i', '<$1$2$3>', $message); $message = $this->fix_javascript($message);	else { // Replace base, meta,script and style tags in our post - these are > dangerous < $message = preg_replace('#<(/?)(base\|meta\|script\|style)([^>]*)>#i', '<$1$2$3>', $message); $message = $this->fix_javascript($message);

$find = array("<br />\n", "<br>\n"); $replace = array("\n", "\n"); $message = str_replace($find, $replace, $message); }	$find = array("<br />\n", "<br>\n"); $replace = array("\n", "\n"); $message = str_replace($find, $replace, $message); }
	$message = $plugins->run_hooks("parse_message_htmlsanitized", $message);
// Replace "me" code and slaps if we have a username if(!empty($this->options['me_username']) && $mybb->settings['allowmemycode'] == 1)	// Replace "me" code and slaps if we have a username if(!empty($this->options['me_username']) && $mybb->settings['allowmemycode'] == 1)
Zeile 174	Zeile 186
$message = preg_replace('#(>\|^\|\r\|\n)/me ([^\r\n<])#i', "\\1<span style=\"color: red;\" class=\"mycode_me\"> {$this->options['me_username']} \\2</span>", $message); $message = preg_replace('#(>\|^\|\r\|\n)/slap ([^\r\n<])#i', "\\1<span style=\"color: red;\" class=\"mycode_slap\"> {$this->options['me_username']} {$lang->slaps} \\2 {$lang->with_trout}</span>", $message); }	$message = preg_replace('#(>\|^\|\r\|\n)/me ([^\r\n<])#i', "\\1<span style=\"color: red;\" class=\"mycode_me\"> {$this->options['me_username']} \\2</span>", $message); $message = preg_replace('#(>\|^\|\r\|\n)/slap ([^\r\n<])#i', "\\1<span style=\"color: red;\" class=\"mycode_slap\"> {$this->options['me_username']} {$lang->slaps} \\2 {$lang->with_trout}</span>", $message); }
	$message = $plugins->run_hooks("parse_message_me_mycode", $message);
// If we can, parse smilies if(!empty($this->options['allow_smilies']))	// If we can, parse smilies if(!empty($this->options['allow_smilies']))
{	{
$message = $this->parse_smilies($message, $this->options['allow_html']);	$message = $this->parse_smilies($message, $this->options['allow_html']);
}	}
// Replace MyCode if requested. if(!empty($this->options['allow_mycode'])) { $message = $this->parse_mycode($message);	// Replace MyCode if requested. if(!empty($this->options['allow_mycode'])) { $message = $this->parse_mycode($message);
}	} // Filter url codes, if disabled. if($mybb->settings['allowlinkmycode'] != 1) { $message = preg_replace("#\[(\/)?url{1}(.*?)\]#i", "", $message); }
// Parse Highlights if(!empty($this->options['highlight']))	// Parse Highlights if(!empty($this->options['highlight']))
Zeile 195	Zeile 215
// Run plugin hooks $message = $plugins->run_hooks("parse_message", $message);	// Run plugin hooks $message = $plugins->run_hooks("parse_message", $message);

if(!empty($this->options['allow_mycode'])) { // Now that we're done, if we split up any code tags, parse them and glue it all back together	if(!empty($this->options['allow_mycode'])) { // Now that we're done, if we split up any code tags, parse them and glue it all back together
Zeile 291	Zeile 311
$standard_mycode['tm']['regex'] = "#$tm$#i"; $standard_mycode['tm']['replacement'] = "";	$standard_mycode['tm']['regex'] = "#$tm$#i"; $standard_mycode['tm']['replacement'] = "";

$standard_mycode['reg']['regex'] = "#$r$#i"; $standard_mycode['reg']['replacement'] = "®";	$standard_mycode['reg']['regex'] = "#$r$#i"; $standard_mycode['reg']['replacement'] = "®";
Zeile 317	Zeile 337
if($mybb->settings['allowemailmycode'] == 1) {	if($mybb->settings['allowemailmycode'] == 1) {
$callback_mycode['email_simple']['regex'] = "#\[email\](.*?)\[/email\]#i";	$callback_mycode['email_simple']['regex'] = "#\[email\]((?:[a-zA-Z0-9-_\+\.]+?)@[a-zA-Z0-9-]+\.[a-zA-Z0-9\.-]+(?:\?.*?)?)\[/email\]#i";
$callback_mycode['email_simple']['replacement'] = array($this, 'mycode_parse_email_callback');	$callback_mycode['email_simple']['replacement'] = array($this, 'mycode_parse_email_callback');
$callback_mycode['email_complex']['regex'] = "#\[email=(.?)\](.?)\[/email\]#i";	$callback_mycode['email_complex']['regex'] = "#\[email=((?:[a-zA-Z0-9-_\+\.]+?)@[a-zA-Z0-9-]+\.[a-zA-Z0-9\.-]+(?:\?.?)?)\](.?)\[/email\]#i";
$callback_mycode['email_complex']['replacement'] = array($this, 'mycode_parse_email_callback'); ++$callback_count;	$callback_mycode['email_complex']['replacement'] = array($this, 'mycode_parse_email_callback'); ++$callback_count;
Zeile 341	Zeile 361
$callback_mycode['size_int']['regex'] = "#\[size=([0-9\+\-]+?)\](.*?)\[/size\]#si"; $callback_mycode['size_int']['replacement'] = array($this, 'mycode_handle_size_callback');	$callback_mycode['size_int']['regex'] = "#\[size=([0-9\+\-]+?)\](.*?)\[/size\]#si"; $callback_mycode['size_int']['replacement'] = array($this, 'mycode_handle_size_callback');

++$nestable_count; ++$callback_count;	++$nestable_count; ++$callback_count;
}	}
if($mybb->settings['allowfontmycode'] == 1)	if($mybb->settings['allowfontmycode'] == 1)
{ $nestable_mycode['font']['regex'] = "#\[font=([a-z0-9 ,\-_'\"]+)\](.*?)\[/font\]#si"; $nestable_mycode['font']['replacement'] = "<span style=\"font-family: $1;\" class=\"mycode_font\">$2</span>"; ++$nestable_count; }	{ $nestable_mycode['font']['regex'] = "#\[font=(\"?)([a-z0-9 ,\-_']+)\\1\](.*?)\[/font\]#si"; $nestable_mycode['font']['replacement'] = "<span style=\"font-family: $2;\" class=\"mycode_font\">$3</span>"; ++$nestable_count; }
if($mybb->settings['allowalignmycode'] == 1) { $nestable_mycode['align']['regex'] = "#\[align=(left\|center\|right\|justify)\](.*?)\[/align\]#si"; $nestable_mycode['align']['replacement'] = "<div style=\"text-align: $1;\" class=\"mycode_align\">$2</div>"; ++$nestable_count;	if($mybb->settings['allowalignmycode'] == 1) { $nestable_mycode['align']['regex'] = "#\[align=(left\|center\|right\|justify)\](.*?)\[/align\]#si"; $nestable_mycode['align']['replacement'] = "<div style=\"text-align: $1;\" class=\"mycode_align\">$2</div>"; ++$nestable_count;
} $custom_mycode = $cache->read("mycode");	} $custom_mycode = $cache->read("mycode");
// If there is custom MyCode, load it. if(is_array($custom_mycode))	// If there is custom MyCode, load it. if(is_array($custom_mycode))
{	{
foreach($custom_mycode as $key => $mycode) { $mycode['regex'] = str_replace("\x0", "", $mycode['regex']); $custom_mycode[$key]['regex'] = "#".$mycode['regex']."#si";	foreach($custom_mycode as $key => $mycode) { $mycode['regex'] = str_replace("\x0", "", $mycode['regex']); $custom_mycode[$key]['regex'] = "#".$mycode['regex']."#si";

++$standard_count; } $mycode = array_merge($standard_mycode, $custom_mycode);	++$standard_count; } $mycode = array_merge($standard_mycode, $custom_mycode);
Zeile 383	Zeile 403
// Assign the MyCode to the cache. foreach($mycode as $code)	// Assign the MyCode to the cache. foreach($mycode as $code)
{	{
$this->mycode_cache['standard']['find'][] = $code['regex']; $this->mycode_cache['standard']['replacement'][] = $code['replacement']; }	$this->mycode_cache['standard']['find'][] = $code['regex']; $this->mycode_cache['standard']['replacement'][] = $code['replacement']; }
Zeile 430	Zeile 450
// Parse quotes first $message = $this->mycode_parse_quotes($message);	// Parse quotes first $message = $this->mycode_parse_quotes($message);
$message = $this->mycode_auto_url($message);	// Convert images when allowed. if(!empty($this->options['allow_imgcode'])) { $message = preg_replace_callback("#\[img\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_callback1'), $message); $message = preg_replace_callback("#\[img=([1-9][0-9])x([1-9][0-9])\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_callback2'), $message); $message = preg_replace_callback("#\[img align=(left\|right)\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_callback3'), $message); $message = preg_replace_callback("#\[img=([1-9][0-9])x([1-9][0-9]) align=(left\|right)\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_callback4'), $message); } else { $message = preg_replace_callback("#\[img\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_disabled_callback1'), $message); $message = preg_replace_callback("#\[img=([1-9][0-9])x([1-9][0-9])\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_disabled_callback2'), $message); $message = preg_replace_callback("#\[img align=(left\|right)\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_disabled_callback3'), $message); $message = preg_replace_callback("#\[img=([1-9][0-9])x([1-9][0-9]) align=(left\|right)\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_disabled_callback4'), $message); } // Convert videos when allow. if(!empty($this->options['allow_videocode'])) { $message = preg_replace_callback("#\[video=(.?)\](.?)\[/video\]#i", array($this, 'mycode_parse_video_callback'), $message); } else { $message = preg_replace_callback("#\[video=(.?)\](.?)\[/video\]#i", array($this, 'mycode_parse_video_disabled_callback'), $message); }
$message = str_replace('$', '$', $message);	$message = str_replace('$', '$', $message);
Zeile 477	Zeile 521
} }	} }
// Convert images when allowed. if(!empty($this->options['allow_imgcode'])) { $message = preg_replace_callback("#\[img\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_callback1'), $message); $message = preg_replace_callback("#\[img=([1-9][0-9])x([1-9][0-9])\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_callback2'), $message); $message = preg_replace_callback("#\[img align=(left\|right)\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_callback3'), $message); $message = preg_replace_callback("#\[img=([1-9][0-9])x([1-9][0-9]) align=(left\|right)\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_callback4'), $message); } else { $message = preg_replace_callback("#\[img\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_disabled_callback1'), $message); $message = preg_replace_callback("#\[img=([1-9][0-9])x([1-9][0-9])\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_disabled_callback2'), $message); $message = preg_replace_callback("#\[img align=(left\|right)\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_disabled_callback3'), $message); $message = preg_replace_callback("#\[img=([1-9][0-9])x([1-9][0-9]) align=(left\|right)\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", array($this, 'mycode_parse_img_disabled_callback4'), $message); } // Convert videos when allow. if(!empty($this->options['allow_videocode'])) { $message = preg_replace_callback("#\[video=(.?)\](.?)\[/video\]#i", array($this, 'mycode_parse_video_callback'), $message); } else { $message = preg_replace_callback("#\[video=(.?)\](.?)\[/video\]#i", array($this, 'mycode_parse_video_disabled_callback'), $message); }	$message = $this->mycode_auto_url($message);
return $message; }	return $message; }
Zeile 631	Zeile 651
$badword['replacement'] = "*****"; }	$badword['replacement'] = "*****"; }
// Take into account the position offset for our last replacement. $badword['badword'] = str_replace('\*', '([a-zA-Z0-9_]{1})', preg_quote($badword['badword'], "#")); // Ensure we run the replacement enough times but not recursively (i.e. not while(preg_match..)) $message = preg_replace("#(^\|\W)".$badword['badword']."(?=\W\|$)#i", '\1'.$badword['replacement'], $message); }	if(!$badword['regex']) { $badword['badword'] = $this->generate_regex($badword['badword']); } $message = preg_replace('#'.$badword['badword'].'#is', $badword['replacement'], $message); }
} if(!empty($this->options['strip_tags']))	} if(!empty($this->options['strip_tags']))
{	{
$message = strip_tags($message);	$message = strip_tags($message);
}	}
return $message;	return $message;
	} /** * Generates REGEX patterns based on user defined badword string. * * @param string $badword The word defined to replace. * @return string The regex pattern to match the word or null on error. / function generate_regex($bad_word = "") { if($bad_word == "") { return; } // Neutralize escape character, regex operators, multiple adjacent wildcards and generate pattern $ptrn = array('/\\\\/', '/([\[\^\$\.\\|\?\{\}]{1})/', '/\\++/', '/\++\/', '/\+/'); $rplc = array('\\\\\\\\','\\\\${1}', '', '', '[^\s\n]*'); $bad_word = preg_replace($ptrn, $rplc, $bad_word); // Count + and generate pattern $bad_word = explode('+', $bad_word); $trap = ""; $plus = 0; foreach($bad_word as $bad_piece) { if($bad_piece) { $trap .= $plus ? '[^\s\n]{'.$plus.'}'.$bad_piece : $bad_piece; $plus = 1; } else { $plus++; } } // Handle trailing + if($plus > 1) { $trap .= '[^\s\n]{'.($plus-1).'}'; } return '\b'.$trap.'\b';
} /** * Resolves nested CDATA tags in the specified message.	} /** * Resolves nested CDATA tags in the specified message.
*	*
* @param string $message The message to be parsed. * @return string The parsed message. */	* @param string $message The message to be parsed. * @return string The parsed message. */
Zeile 682	Zeile 747
* * @param int $size The original size. * @param string $text The text within a size tag.	* * @param int $size The original size. * @param string $text The text within a size tag.
* @return string The parsed text. */	* @return string The parsed text. */
function mycode_handle_size($size, $text) { global $templates;	function mycode_handle_size($size, $text) { global $templates;
Zeile 730	Zeile 795
// Assign pattern and replace values. $pattern = "#\[quote\](.*?)\[\/quote\](\r\n?\|\n?)#si";	// Assign pattern and replace values. $pattern = "#\[quote\](.*?)\[\/quote\](\r\n?\|\n?)#si";
$pattern_callback = "#\[quote=([\"']\|"\|)(.?)(?:\\1)(.?)(?:[\"']\|")?\](.*?)\[/quote\](\r\n?\|\n?)#si";	$pattern_callback = "#\[quote=([\"']\|"\|)(.?)(?:\\1)(.?)(?:[\"']\|")?\](.*?)\[/quote\](\r\n?\|\n?)#si";
if($text_only == false) { $replace = "<blockquote class=\"mycode_quote\"><cite>$lang->quote</cite>$1</blockquote>\n";	if($text_only == false) { $replace = "<blockquote class=\"mycode_quote\"><cite>$lang->quote</cite>$1</blockquote>\n";
Zeile 739	Zeile 804
} else {	} else {
$replace = "\n{$lang->quote}\n--\n$1\n--\n";	$replace = empty($this->options['signature_parse']) ? "\n{$lang->quote}\n--\n$1\n--\n" : "$1";
$replace_callback = array($this, 'mycode_parse_post_quotes_callback2'); }	$replace_callback = array($this, 'mycode_parse_post_quotes_callback2'); }
Zeile 821	Zeile 886
{ if($match[1] < TIME_NOW) {	{ if($match[1] < TIME_NOW) {
$postdate = my_date('relative', (int)$match[1]);	if($text_only) { $postdate = my_date('normal', (int)$match[1]); } else { $postdate = my_date('relative', (int)$match[1]); }
$date = " ({$postdate})"; } $username = preg_replace("#(?:"\|\"\|')? dateline=(?:"\|\"\|')?[0-9]+(?:"\|\"\|')?#i", '', $username);	$date = " ({$postdate})"; } $username = preg_replace("#(?:"\|\"\|')? dateline=(?:"\|\"\|')?[0-9]+(?:"\|\"\|')?#i", '', $username);
Zeile 829	Zeile 901
} if($delete_quote)	} if($delete_quote)
{	{
$username = my_substr($username, 0, my_strlen($username)-1);	$username = my_substr($username, 0, my_strlen($username)-1);
}	}
if(!empty($this->options['allow_html']))	if(!empty($this->options['allow_html']))
{	{
$username = htmlspecialchars_uni($username);	$username = htmlspecialchars_uni($username);
}	}
if($text_only) { return "\n{$username} {$lang->wrote}{$date}\n--\n{$message}\n--\n";	if($text_only) { return "\n{$username} {$lang->wrote}{$date}\n--\n{$message}\n--\n";
Zeile 852	Zeile 924
eval("\$mycode_quote = \"".$templates->get("mycode_quote_post", 1, 0)."\";"); return $mycode_quote;	eval("\$mycode_quote = \"".$templates->get("mycode_quote_post", 1, 0)."\";"); return $mycode_quote;
} } /** * Parses quotes with post id and/or dateline. * * @param array $matches Matches. * @return string The parsed message. */	} } /** * Parses quotes with post id and/or dateline. * * @param array $matches Matches. * @return string The parsed message. */
function mycode_parse_post_quotes_callback1($matches) { return $this->mycode_parse_post_quotes($matches[4],$matches[2].$matches[3]);	function mycode_parse_post_quotes_callback1($matches) { return $this->mycode_parse_post_quotes($matches[4],$matches[2].$matches[3]);
} /**	} /**
* Parses quotes with post id and/or dateline. * * @param array $matches Matches.	* Parses quotes with post id and/or dateline. * * @param array $matches Matches.
Zeile 875	Zeile 947
function mycode_parse_post_quotes_callback2($matches) { return $this->mycode_parse_post_quotes($matches[4],$matches[2].$matches[3], true);	function mycode_parse_post_quotes_callback2($matches) { return $this->mycode_parse_post_quotes($matches[4],$matches[2].$matches[3], true);
} /**	} /**
* Parses code MyCode. * * @param string $code The message to be parsed	* Parses code MyCode. * * @param string $code The message to be parsed
Zeile 889	Zeile 961
global $lang, $templates; if($text_only == true)	global $lang, $templates; if($text_only == true)
{ return "\n{$lang->code}\n--\n{$code}\n--\n";	{ return empty($this->options['signature_parse']) ? "\n{$lang->code}\n--\n{$code}\n--\n" : $code;
} // Clean the string before parsing.	} // Clean the string before parsing.
Zeile 902	Zeile 974
{ return; }	{ return; }

$code = str_replace('$', '$', $code); $code = preg_replace('#\$([0-9])#', '\\\$\\1', $code); $code = str_replace('\\', '\', $code);	$code = str_replace('$', '$', $code); $code = preg_replace('#\$([0-9])#', '\\\$\\1', $code); $code = str_replace('\\', '\', $code);
Zeile 911	Zeile 983
eval("\$mycode_code = \"".$templates->get("mycode_code", 1, 0)."\";"); return $mycode_code;	eval("\$mycode_code = \"".$templates->get("mycode_code", 1, 0)."\";"); return $mycode_code;
}	}
/** * Parses code MyCode.	/** * Parses code MyCode.
Zeile 922	Zeile 994
function mycode_parse_code_callback($matches) { return $this->mycode_parse_code($matches[1], true);	function mycode_parse_code_callback($matches) { return $this->mycode_parse_code($matches[1], true);
} /** * Parses PHP code MyCode.	} /** * Parses PHP code MyCode.
* * @param string $str The message to be parsed * @param boolean $bare_return Whether or not it should return it as pre-wrapped in a div or not.	* * @param string $str The message to be parsed * @param boolean $bare_return Whether or not it should return it as pre-wrapped in a div or not.
Zeile 938	Zeile 1010
if($text_only == true) {	if($text_only == true) {
return "\n{$lang->php_code}\n--\n$str\n--\n";	return empty($this->options['signature_parse']) ? "\n{$lang->php_code}\n--\n{$str}\n--\n" : $str;
} // Clean the string before parsing except tab spaces.	} // Clean the string before parsing except tab spaces.
Zeile 958	Zeile 1030
{ $added_open_tag = true; $str = "<?php \n".$str;	{ $added_open_tag = true; $str = "<?php \n".$str;
}	}
$added_end_tag = false; if(!preg_match("#\?>\s*$#si", $str)) { $added_end_tag = true; $str = $str." \n?>"; }	$added_end_tag = false; if(!preg_match("#\?>\s*$#si", $str)) { $added_end_tag = true; $str = $str." \n?>"; }

$code = @highlight_string($str, true); // Do the actual replacing.	$code = @highlight_string($str, true); // Do the actual replacing.
Zeile 976	Zeile 1048
$code = str_replace("\\", '\', $code); $code = str_replace('$', '$', $code); $code = preg_replace("#&\#([0-9]+);#si", "&#$1;", $code);	$code = str_replace("\\", '\', $code); $code = str_replace('$', '$', $code); $code = preg_replace("#&\#([0-9]+);#si", "&#$1;", $code);

if($added_open_tag) { $code = preg_replace("#<code><span style=\"color: \#([A-Z0-9]{6})\"><\?php( \| )(<br />?)#", "<code><span style=\"color: #$1\">", $code);	if($added_open_tag) { $code = preg_replace("#<code><span style=\"color: \#([A-Z0-9]{6})\"><\?php( \| )(<br />?)#", "<code><span style=\"color: #$1\">", $code);
Zeile 1041	Zeile 1113
} if($name == $url && (!isset($this->options['shorten_urls']) \|\| !empty($this->options['shorten_urls'])))	} if($name == $url && (!isset($this->options['shorten_urls']) \|\| !empty($this->options['shorten_urls'])))
{	{
$name = htmlspecialchars_decode($name); if(my_strlen($name) > 55) { $name = my_substr($name , 0, 40).'...'.my_substr($name , -10); } $name = htmlspecialchars_uni($name);	$name = htmlspecialchars_decode($name); if(my_strlen($name) > 55) { $name = my_substr($name , 0, 40).'...'.my_substr($name , -10); } $name = htmlspecialchars_uni($name);
} $nofollow = '';	}
if(!empty($this->options['nofollow_on'])) {	if(!empty($this->options['nofollow_on'])) {
$nofollow = " rel=\"nofollow\"";	$rel = " rel=\"noopener nofollow\""; } else { $rel = " rel=\"noopener\"";
} // Fix some entities in URLs	} // Fix some entities in URLs
$entities = array('$' => '%24', '$' => '%24', '^' => '%5E', '`' => '%60', '[' => '%5B', ']' => '%5D', '{' => '%7B', '}' => '%7D', '"' => '%22', '<' => '%3C', '>' => '%3E', ' ' => '%20'); $url = str_replace(array_keys($entities), array_values($entities), $url); $name = preg_replace("#&\#([0-9]+);#si", "&#$1;", $name); // Fix & but allow unicode	$url = $this->encode_url($url); $name = $this->parse_badwords(preg_replace("#&\#([0-9]+);#si", "&#$1;", $name)); // Fix & but allow unicode, filter bad words
eval("\$mycode_url = \"".$templates->get("mycode_url", 1, 0)."\";"); return $mycode_url;	eval("\$mycode_url = \"".$templates->get("mycode_url", 1, 0)."\";"); return $mycode_url;
Zeile 1137	Zeile 1210
{ $alt = my_substr($alt, 0, 40).'...'.my_substr($alt, -10); }	{ $alt = my_substr($alt, 0, 40).'...'.my_substr($alt, -10); }
$alt = htmlspecialchars_uni($alt);	$alt = $this->encode_url($alt);
$alt = $lang->sprintf($lang->posted_image, $alt); $width = $height = '';	$alt = $lang->sprintf($lang->posted_image, $alt); $width = $height = '';
Zeile 1146	Zeile 1219
$width = " width=\"{$dimensions[0]}\""; $height = " height=\"{$dimensions[1]}\""; }	$width = " width=\"{$dimensions[0]}\""; $height = " height=\"{$dimensions[1]}\""; }
	$url = $this->encode_url($url);
eval("\$mycode_img = \"".$templates->get("mycode_img", 1, 0)."\";"); return $mycode_img; }	eval("\$mycode_img = \"".$templates->get("mycode_img", 1, 0)."\";"); return $mycode_img; }
/** * Parses IMG MyCode. * * @param array $matches Matches. * @return string Image code. */ function mycode_parse_img_callback1($matches) { return $this->mycode_parse_img($matches[2]); }	/** * Parses IMG MyCode. * * @param array $matches Matches. * @return string Image code. */ function mycode_parse_img_callback1($matches) { return $this->mycode_parse_img($matches[2]); }
/** * Parses IMG MyCode. *	/** * Parses IMG MyCode. *
Zeile 1169	Zeile 1244
* @return string Image code. */ function mycode_parse_img_callback2($matches)	* @return string Image code. */ function mycode_parse_img_callback2($matches)
{	{
return $this->mycode_parse_img($matches[4], array($matches[1], $matches[2]));	return $this->mycode_parse_img($matches[4], array($matches[1], $matches[2]));
} /** * Parses IMG MyCode.	} /** * Parses IMG MyCode.
* * @param array $matches Matches. * @return string Image code.	* * @param array $matches Matches. * @return string Image code.
Zeile 1186	Zeile 1261
/** * Parses IMG MyCode.	/** * Parses IMG MyCode.
* * @param array $matches Matches.	* * @param array $matches Matches.
* @return string Image code. */ function mycode_parse_img_callback4($matches)	* @return string Image code. */ function mycode_parse_img_callback4($matches)
Zeile 1208	Zeile 1283
$url = str_replace("\n", "", $url); $url = str_replace("\r", "", $url); $url = str_replace("\'", "'", $url);	$url = str_replace("\n", "", $url); $url = str_replace("\r", "", $url); $url = str_replace("\'", "'", $url);

$image = $lang->sprintf($lang->posted_image, $this->mycode_parse_url($url)); return $image; }	$image = $lang->sprintf($lang->posted_image, $this->mycode_parse_url($url)); return $image; }
/** * Parses IMG MyCode disabled. * * @param array $matches Matches. * @return string Image code. */ function mycode_parse_img_disabled_callback1($matches) { return $this->mycode_parse_img_disabled($matches[2]); }	/** * Parses IMG MyCode disabled. * * @param array $matches Matches. * @return string Image code. */ function mycode_parse_img_disabled_callback1($matches) { return $this->mycode_parse_img_disabled($matches[2]); }
/** * Parses IMG MyCode disabled.	/** * Parses IMG MyCode disabled.
Zeile 1272	Zeile 1347
{ $name = $email; }	{ $name = $email; }
if(preg_match("/^([a-zA-Z0-9-_\+\.]+?)@[a-zA-Z0-9-]+\.[a-zA-Z0-9\.-]+$/si", $email)) { $email = $email; } elseif(preg_match("/^([a-zA-Z0-9-_\+\.]+?)@[a-zA-Z0-9-]+\.[a-zA-Z0-9\.-]+\?(.*?)$/si", $email)) { $email = htmlspecialchars_uni($email); }	$email = $this->encode_url($email);
eval("\$mycode_email = \"".$templates->get("mycode_email", 1, 0)."\";"); return $mycode_email;	eval("\$mycode_email = \"".$templates->get("mycode_email", 1, 0)."\";"); return $mycode_email;
Zeile 1316	Zeile 1385
return "[video={$video}]{$url}[/video]"; }	return "[video={$video}]{$url}[/video]"; }
$parsed_url = @parse_url(urldecode($url)); if($parsed_url == false)	// Check URL is a valid URL first, as `parse_url` doesn't check validity. if(false === filter_var($url, FILTER_VALIDATE_URL))
{	{
return "[video={$video}]{$url}[/video]";	return "[video={$video}]{$url}[/video]"; } $parsed_url = @parse_url(urldecode($url)); if($parsed_url === false) { return "[video={$video}]{$url}[/video]";
} $fragments = array(); if($parsed_url['fragment']) { $fragments = explode("&", $parsed_url['fragment']);	} $fragments = array(); if($parsed_url['fragment']) { $fragments = explode("&", $parsed_url['fragment']);
} $queries = explode("&", $parsed_url['query']);	} if($video == "liveleak") { // The query part can start with any alphabet, but set only 'i' to catch in index key later $parsed_url['query'] = "i".substr($parsed_url['query'], 1); } $queries = explode("&", $parsed_url['query']);
$input = array(); foreach($queries as $query)	$input = array(); foreach($queries as $query)
Zeile 1337	Zeile 1418
$key = str_replace("amp;", "", $key); $input[$key] = $value; }	$key = str_replace("amp;", "", $key); $input[$key] = $value; }

$path = explode('/', $parsed_url['path']); switch($video) { case "dailymotion":	$path = explode('/', $parsed_url['path']); switch($video) { case "dailymotion":
list($id) = explode('_', $path[2], 2); // http://www.dailymotion.com/video/fds123_title-goes-here break;	if(isset($path[2])) { list($id) = explode('_', $path[2], 2); // http://www.dailymotion.com/video/fds123_title-goes-here } else { $id = $path[1]; // http://dai.ly/fds123 } break;
case "metacafe": $id = $path[2]; // http://www.metacafe.com/watch/fds123/title_goes_here/ $title = htmlspecialchars_uni($path[3]);	case "metacafe": $id = $path[2]; // http://www.metacafe.com/watch/fds123/title_goes_here/ $title = htmlspecialchars_uni($path[3]);
Zeile 1366	Zeile 1454
$id = $path[3]; // https://www.facebook.com/fds/videos/123/ } break;	$id = $path[3]; // https://www.facebook.com/fds/videos/123/ } break;
case "veoh": $id = $path[2]; // http://www.veoh.com/watch/123	case "mixer": $id = $path[1]; // https://mixer.com/streamer
break; case "liveleak": $id = $input['i']; // http://www.liveleak.com/view?i=123	break; case "liveleak": $id = $input['i']; // http://www.liveleak.com/view?i=123
Zeile 1394	Zeile 1482
break; case "vimeo": if(isset($path[3]))	break; case "vimeo": if(isset($path[3]))
{	{
$id = $path[3]; // http://vimeo.com/fds/fds/fds123	$id = $path[3]; // http://vimeo.com/fds/fds/fds123
} else	} else
{ $id = $path[1]; // http://vimeo.com/fds123	{ $id = $path[1]; // http://vimeo.com/fds123
}	}
break; case "youtube": if($fragments[0]) { $id = str_replace('!v=', '', $fragments[0]); // http://www.youtube.com/watch#!v=fds123	break; case "youtube": if($fragments[0]) { $id = str_replace('!v=', '', $fragments[0]); // http://www.youtube.com/watch#!v=fds123
}	}
elseif($input['v']) { $id = $input['v']; // http://www.youtube.com/watch?v=fds123 } else	elseif($input['v']) { $id = $input['v']; // http://www.youtube.com/watch?v=fds123 } else
{	{
$id = $path[1]; // http://www.youtu.be/fds123 } break; case "twitch":	$id = $path[1]; // http://www.youtu.be/fds123 } break; case "twitch":
if(isset($path[3]))	if(count($path) >= 3 && $path[1] == 'videos') { // Direct video embed with URL like: https://www.twitch.tv/videos/179723472 $id = 'video=v'.$path[2]; } elseif(count($path) >= 4 && $path[2] == 'v') { // Direct video embed with URL like: https://www.twitch.tv/waypoint/v/179723472 $id = 'video=v'.$path[3]; } elseif(count($path) >= 2)
{	{
$id = $path[3]; // https://www.twitch.tv/giantbomb/v/100048090	// Channel (livestream) embed with URL like: https://twitch.tv/waypoint $id = 'channel='.$path[1];
} break; default:	} break; default:
Zeile 1431	Zeile 1530
return "[video={$video}]{$url}[/video]"; }	return "[video={$video}]{$url}[/video]"; }
$id = htmlspecialchars_uni($id);	$id = $this->encode_url($id);

eval("\$video_code = \"".$templates->get("video_{$video}_embed")."\";");	eval("\$video_code = \"".$templates->get("video_{$video}_embed", 1, 0)."\";");
return $video_code; }	return $video_code; }
Zeile 1486	Zeile 1585
function mycode_auto_url($message) { $message = " ".$message;	function mycode_auto_url($message) { $message = " ".$message;

// Links should end with slashes, numbers, characters and braces but not with dots, commas or question marks	// Links should end with slashes, numbers, characters and braces but not with dots, commas or question marks
$message = preg_replace_callback("#([\>\s])(http\|https\|ftp\|news\|irc\|ircs\|irc6){1}://([^\/\"\s\<\[\.]+\.([^\/\"\s\<\[\.]+\.)[\w]+(:[0-9]+)?(/([^\"\s<\[]\|\[\]))?([\w\/\)]))#iu", array($this, 'mycode_auto_url_callback'), $message); $message = preg_replace_callback("#([\>\s])(www\|ftp)\.(([^\/\"\s\<\[\.]+\.)[\w]+(:[0-9]+)?(/([^\"\s<\[]\|\[\]))?([\w\/\)]))#iu", array($this, 'mycode_auto_url_callback'), $message);	// Don't create links within existing links (handled up-front in the callback function). $message = preg_replace_callback("#<a\\s[^>]>.?</a>\|([\s\[\>])(http\|https\|ftp\|news\|irc\|ircs\|irc6){1}(://)([^\/\"\s\<\[\.]+\.([^\/\"\s\<\[\.]+\.)[\w]+(:[0-9]+)?(/([^\"\s<\[]\|\[\]))?([\w\/\)]))(?![^<>]?>)#ius", array($this, 'mycode_auto_url_callback'), $message); $message = preg_replace_callback("#<a\\s[^>]>.?</a>\|([\s\[\>])(www\|ftp)(\.)(([^\/\"\s\<\[\.]+\.)[\w]+(:[0-9]+)?(/([^\"\s<\[]\|\[\]))?([\w\/\)]))(?![^<>]?>)#ius", array($this, 'mycode_auto_url_callback'), $message);
$message = my_substr($message, 1); return $message;	$message = my_substr($message, 1); return $message;
Zeile 1500	Zeile 1601
* @param array $matches Matches * @return string The parsed message. */	* @param array $matches Matches * @return string The parsed message. */
function mycode_auto_url_callback($matches)	function mycode_auto_url_callback($matches=array())
{	{
	// If we matched a preexisting link (the part of the regexes in mycode_auto_url() before the pipe symbol), // then simply return it - we don't create links within existing links. if(count($matches) == 1) { return $matches[0]; }
$external = ''; // Allow links like http://en.wikipedia.org/wiki/PHP_(disambiguation) but detect mismatching braces	$external = ''; // Allow links like http://en.wikipedia.org/wiki/PHP_(disambiguation) but detect mismatching braces
while(my_substr($matches[3], -1) == ')') { if(substr_count($matches[3], ')') > substr_count($matches[3], '(')) { $matches[3] = my_substr($matches[3], 0, -1);	while(my_substr($matches[4], -1) == ')') { if(substr_count($matches[4], ')') > substr_count($matches[4], '(')) { $matches[4] = my_substr($matches[4], 0, -1);
$external = ')'.$external;	$external = ')'.$external;
}	}
else { break; } // Example: ([...] http://en.wikipedia.org/Example_(disambiguation).)	else { break; } // Example: ([...] http://en.wikipedia.org/Example_(disambiguation).)
$last_char = my_substr($matches[3], -1);	$last_char = my_substr($matches[4], -1);
while($last_char == '.' \|\| $last_char == ',' \|\| $last_char == '?' \|\| $last_char == '!') {	while($last_char == '.' \|\| $last_char == ',' \|\| $last_char == '?' \|\| $last_char == '!') {
$matches[3] = my_substr($matches[3], 0, -1);	$matches[4] = my_substr($matches[4], 0, -1);
$external = $last_char.$external;	$external = $last_char.$external;
$last_char = my_substr($matches[3], -1); } } if($matches[2] == 'www' \|\| $matches[2] == 'ftp') { return "{$matches[1]}[url]{$matches[2]}.{$matches[3]}[/url]{$external}"; } else { return "{$matches[1]}[url]{$matches[2]}://{$matches[3]}[/url]{$external}"; } }	$last_char = my_substr($matches[4], -1); } } $url = "{$matches[2]}{$matches[3]}{$matches[4]}"; return $matches[1].$this->mycode_parse_url($url, $url).$external; }
/** * Parses list MyCode.	/** * Parses list MyCode.
Zeile 1550	Zeile 1653
$message = "[*]{$message}"; }	$message = "[*]{$message}"; }
$message = preg_replace("#[^\S\n\r]\[\\]\s*#", "</li>\n<li>", $message); $message .= "</li>";	$message = preg_split("#[^\S\n\r]\[\\]\s*#", $message); if(isset($message[0]) && trim($message[0]) == '') { array_shift($message); } $message = '<li>'.implode("</li>\n<li>", $message)."</li>\n";
if($type) {	if($type) {
Zeile 1603	Zeile 1710
++$this->list_count; $this->list_elements[] = $this->list_count; if(!empty($matches[2]))	++$this->list_count; $this->list_elements[] = $this->list_count; if(!empty($matches[2]))
{	{
return "[list{$matches[2]}&{$this->list_count}]"; } else	return "[list{$matches[2]}&{$this->list_count}]"; } else
Zeile 1649	Zeile 1756
if(is_array($this->highlight_cache) && !empty($this->highlight_cache)) { $message = preg_replace(array_keys($this->highlight_cache), $this->highlight_cache, $message);	if(is_array($this->highlight_cache) && !empty($this->highlight_cache)) { $message = preg_replace(array_keys($this->highlight_cache), $this->highlight_cache, $message);
} return $message;	} return $message;
} /**	} /**
Zeile 1666	Zeile 1773
global $plugins; if(empty($this->options))	global $plugins; if(empty($this->options))
{	{
$this->options = $options;	$this->options = $options;
	} else { foreach($options as $option_name => $option_value) { $this->options[$option_name] = $option_value; }
} // Filter bad words if requested. if(!empty($this->options['filter_badwords'])) { $message = $this->parse_badwords($message);	} // Filter bad words if requested. if(!empty($this->options['filter_badwords'])) { $message = $this->parse_badwords($message);
}	}
// Parse quotes first $message = $this->mycode_parse_quotes($message, true);	// Parse quotes first $message = $this->mycode_parse_quotes($message, true);

$message = preg_replace_callback("#\[php\](.?)\[/php\](\r\n?\|\n?)#is", array($this, 'mycode_parse_php_callback'), $message); $message = preg_replace_callback("#\[code\](.?)\[/code\](\r\n?\|\n?)#is", array($this, 'mycode_parse_code_callback'), $message); $find = array( "#\[(b\|u\|i\|s\|url\|email\|color\|img)\](.*?)\[/\\1\]#is",	$message = preg_replace_callback("#\[php\](.?)\[/php\](\r\n?\|\n?)#is", array($this, 'mycode_parse_php_callback'), $message); $message = preg_replace_callback("#\[code\](.?)\[/code\](\r\n?\|\n?)#is", array($this, 'mycode_parse_code_callback'), $message); $find = array( "#\[(b\|u\|i\|s\|url\|email\|color\|img)\](.*?)\[/\\1\]#is",
	"#\[(email\|color\|size\|font\|align\|video)=[^]]\](.?)\[/\\1\]#is",
"#\[img=([1-9][0-9])x([1-9][0-9])\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", "#\[url=((?!javascript)[a-z]+?://)([^\r\n\"<]+?)\](.+?)\[/url\]#si", "#\[url=((?!javascript:)[^\r\n\"<&]+?)\](.+?)\[/url\]#si",	"#\[img=([1-9][0-9])x([1-9][0-9])\](\r\n?\|\n?)(https?://([^<>\"']+?))\[/img\]#is", "#\[url=((?!javascript)[a-z]+?://)([^\r\n\"<]+?)\](.+?)\[/url\]#si", "#\[url=((?!javascript:)[^\r\n\"<&]+?)\](.+?)\[/url\]#si",
);	"#\[attachment=([0-9]+?)\]#i", );
$replace = array(	$replace = array(
	"$2",
"$2", "$4", "$3 ($1$2)", "$2 ($1)",	"$2", "$4", "$3 ($1$2)", "$2 ($1)",
	"",
);	);
$message = preg_replace($find, $replace, $message);	$messageBefore = ""; // The counter limit for this "for" loop is for defensive programming purpose only. It protects against infinite repetition. for($cnt = 1; $cnt < 20 && $message != $messageBefore; $cnt++) { $messageBefore = $message; $message = preg_replace($find, $replace, $messageBefore); }
// Replace "me" code and slaps if we have a username if(!empty($this->options['me_username']))	// Replace "me" code and slaps if we have a username if(!empty($this->options['me_username']))
Zeile 1724	Zeile 1849
$message = $plugins->run_hooks("text_parse_message", $message); return $message;	$message = $plugins->run_hooks("text_parse_message", $message); return $message;
	} /** * Replaces certain characters with their entities in a URL. * * @param string $url The URL to be escaped. * @return string The escaped URL. */ function encode_url($url) { $entities = array('$' => '%24', '$' => '%24', '^' => '%5E', '`' => '%60', '[' => '%5B', ']' => '%5D', '{' => '%7B', '}' => '%7D', '"' => '%22', '<' => '%3C', '>' => '%3E', ' ' => '%20'); $url = str_replace(array_keys($entities), array_values($entities), $url); return $url;
} }	} }