Vergleich inc/class_parser.php - 1.6.4 - 1.6.10

Keine Änderungen Hinzugefügt Modifiziert Entfernt
Zeile 6	Zeile 6
* Website: http://mybb.com * License: http://mybb.com/about/license *	* Website: http://mybb.com * License: http://mybb.com/about/license *
* $Id: class_parser.php 5520 2011-07-28 08:56:12Z Tomm $	* $Id$
/ /	/ /
Zeile 114	Zeile 114
} else {	} else {
while(preg_match("#<script(.)>(.)</script(.*)>#is", $message))	while(preg_match("#<s(cript\|tyle)(.)>(.)</s(cript\|tyle)(.*)>#is", $message))
{	{
$message = preg_replace("#<script(.)>(.)</script(.*)>#is", "<script$1>$2</script$3>", $message);	$message = preg_replace("#<s(cript\|tyle)(.)>(.)</s(cript\|tyle)(.*)>#is", "<s$1$2>$3</s$4$5>", $message);
}	}
$message = str_replace(array('<?php', '<!--', '-->', '?>', "<br />\n", "<br>\n"), array('<?php', '<!--', '-->', '?>', "\n", "\n"), $message);	$find = array('<?php', '<!--', '-->', '?>', "<br />\n", "<br>\n"); $replace = array('<?php', '<!--', '-->', '?>', "\n", "\n"); $message = str_replace($find, $replace, $message);
} // If MyCode needs to be replaced, first filter out [code] and [php] tags.	} // If MyCode needs to be replaced, first filter out [code] and [php] tags.
Zeile 154	Zeile 156
} // Parse Highlights	} // Parse Highlights
if($this->options['highlight'])	if(!empty($this->options['highlight']))
{ $message = $this->highlight_message($message, $this->options['highlight']); }	{ $message = $this->highlight_message($message, $this->options['highlight']); }
Zeile 169	Zeile 171
{ foreach($code_matches as $text) {	{ foreach($code_matches as $text) {
if(my_strtolower($text[1]) == "code")	// Fix up HTML inside the code tags so it is clean if($options['allow_html'] != 0) { $text[2] = $this->parse_html($text[2]); } if(my_strtolower($text[1]) == "code")
{ $code = $this->mycode_parse_code($text[2]);	{ $code = $this->mycode_parse_code($text[2]);
}	}
elseif(my_strtolower($text[1]) == "php") { $code = $this->mycode_parse_php($text[2]);	elseif(my_strtolower($text[1]) == "php") { $code = $this->mycode_parse_php($text[2]);
Zeile 180	Zeile 188
$message = preg_replace("#\<mybb-code>\n?#", $code, $message, 1); } }	$message = preg_replace("#\<mybb-code>\n?#", $code, $message, 1); } }
}	}
// Replace meta and base tags in our post - these are > dangerous < if($this->options['allow_html']) { $message = preg_replace_callback("#<((m[^a])\|(b[^diloru>])\|(s[^aemptu>]))(\s[^>])>#si", create_function( '$matches',	// Replace meta and base tags in our post - these are > dangerous < if($this->options['allow_html']) { $message = preg_replace_callback("#<((m[^a])\|(b[^diloru>])\|(s[^aemptu>]))(\s[^>])>#si", create_function( '$matches',
'return htmlspecialchars($matches[0]);'	'return htmlspecialchars_uni($matches[0]);'
), $message); }	), $message); }
if($options['nl2br'] !== 0)	if(!isset($options['nl2br']) \|\| $options['nl2br'] != 0)
{ $message = nl2br($message); // Fix up new lines and block level elements	{ $message = nl2br($message); // Fix up new lines and block level elements
Zeile 208	Zeile 216
/** * Converts HTML in a message to their specific entities whilst allowing unicode characters.	/** * Converts HTML in a message to their specific entities whilst allowing unicode characters.
*	*
* @param string The message to be parsed. * @return string The formatted message. */	* @param string The message to be parsed. * @return string The formatted message. */
Zeile 259	Zeile 267
$standard_mycode['url_complex']['regex'] = "#\[url=([a-z]+?://)([^\r\n\"<]+?)\](.+?)\[/url\]#esi"; $standard_mycode['url_complex']['replacement'] = "\$this->mycode_parse_url(\"$1$2\", \"$3\")";	$standard_mycode['url_complex']['regex'] = "#\[url=([a-z]+?://)([^\r\n\"<]+?)\](.+?)\[/url\]#esi"; $standard_mycode['url_complex']['replacement'] = "\$this->mycode_parse_url(\"$1$2\", \"$3\")";

$standard_mycode['url_complex2']['regex'] = "#\[url=([^\r\n\"<&]+?)\](.+?)\[/url\]#esi"; $standard_mycode['url_complex2']['replacement'] = "\$this->mycode_parse_url(\"$1\", \"$2\")";	$standard_mycode['url_complex2']['regex'] = "#\[url=([^\r\n\"<&]+?)\](.+?)\[/url\]#esi"; $standard_mycode['url_complex2']['replacement'] = "\$this->mycode_parse_url(\"$1\", \"$2\")";

$standard_mycode['email_simple']['regex'] = "#\[email\](.*?)\[/email\]#ei"; $standard_mycode['email_simple']['replacement'] = "\$this->mycode_parse_email(\"$1\")";	$standard_mycode['email_simple']['regex'] = "#\[email\](.*?)\[/email\]#ei"; $standard_mycode['email_simple']['replacement'] = "\$this->mycode_parse_email(\"$1\")";
Zeile 271	Zeile 279
$standard_mycode['hr']['regex'] = "#\[hr\]#si"; $standard_mycode['hr']['replacement'] = "<hr />";	$standard_mycode['hr']['regex'] = "#\[hr\]#si"; $standard_mycode['hr']['replacement'] = "<hr />";

$nestable_mycode['color']['regex'] = "#\[color=([a-zA-Z]\|\#?[0-9a-fA-F]{6})](.?)\[/color\]#si"; $nestable_mycode['color']['replacement'] = "<span style=\"color: $1;\">$2</span>";	$nestable_mycode['color']['regex'] = "#\[color=([a-zA-Z]\|\#?[0-9a-fA-F]{6})](.?)\[/color\]#si"; $nestable_mycode['color']['replacement'] = "<span style=\"color: $1;\">$2</span>";
Zeile 428	Zeile 436
$message = ' ' . $message . ' '; // First we take out any of the tags we don't want parsed between (url= etc)	$message = ' ' . $message . ' '; // First we take out any of the tags we don't want parsed between (url= etc)
preg_match_all("#\[(url(=[^\]])?\](.?)\[\/url\]\|quote=([^\]])?\])#i", $message, $bad_matches, PREG_PATTERN_ORDER); $message = preg_replace("#\[(url(=[^\]])?\](.?)\[\/url\]\|quote=([^\]])?\])#si", "<mybb-bad-sm>", $message);	preg_match_all("#\[(url(=[^\]])?\]\|quote=([^\]])?\])#i", $message, $bad_matches, PREG_PATTERN_ORDER); $message = preg_replace("#\[(url(=[^\]])?\]\|quote=([^\]])?\])#si", "<mybb-bad-sm>", $message);
// Impose a hard limit of 500 smilies per message as to not overload the parser $remaining = 500;	// Impose a hard limit of 500 smilies per message as to not overload the parser $remaining = 500;
Zeile 474	Zeile 482
{ $match = str_replace('$', '\$', $match); $message = preg_replace("#<mybb-bad-sm>#", $match, $message, 1);	{ $match = str_replace('$', '\$', $match); $message = preg_replace("#<mybb-bad-sm>#", $match, $message, 1);
} }	} }
return trim($message); }	return trim($message); }
Zeile 513	Zeile 521
if(!$badword['replacement']) { $badword['replacement'] = "*****";	if(!$badword['replacement']) { $badword['replacement'] = "*****";
}	}
// Take into account the position offset for our last replacement. $index = substr_count($badword['badword'], '*')+2;	// Take into account the position offset for our last replacement. $index = substr_count($badword['badword'], '*')+2;
Zeile 526	Zeile 534
$message = preg_replace("#(^\|\W)".$badword['badword']."(\W\|$)#i", "\\1".$badword['replacement'].'\\'.$index, $message); } }	$message = preg_replace("#(^\|\W)".$badword['badword']."(\W\|$)#i", "\\1".$badword['replacement'].'\\'.$index, $message); } }
} if($options['strip_tags'] == 1)	} if(isset($options['strip_tags']) && $options['strip_tags'] == 1)
{ $message = strip_tags($message); }	{ $message = strip_tags($message); }
Zeile 558	Zeile 566
"#(o)(nfocus\s?=)#i", "#(o)(nselect\s?=)#i", "#(o)(nunload\s?=)#i",	"#(o)(nfocus\s?=)#i", "#(o)(nselect\s?=)#i", "#(o)(nunload\s?=)#i",
"#(o)(nkeypress\s?=)#i"	"#(o)(nkeypress\s?=)#i", "#(o)(nerror\s?=)#i", "#(o)(nreset\s?=)#i", "#(o)(nabort\s?=)#i"
); $message = preg_replace($js_array, "$1<strong></strong>$2$4", $message);	); $message = preg_replace($js_array, "$1<strong></strong>$2$4", $message);
Zeile 578	Zeile 589
$size = intval($size)+10; if($size > 50)	$size = intval($size)+10; if($size > 50)
{	{
$size = 50; } $text = "<span style=\"font-size: {$size}pt;\">".str_replace("\'", "'", $text)."</span>";	$size = 50; } $text = "<span style=\"font-size: {$size}pt;\">".str_replace("\'", "'", $text)."</span>";

return $text; } /** * Parses quote MyCode.	return $text; } /** * Parses quote MyCode.
* * @param string The message to be parsed * @param boolean Are we formatting as text?	* * @param string The message to be parsed * @param boolean Are we formatting as text?
* @return string The parsed message. */ function mycode_parse_quotes($message, $text_only=false)	* @return string The parsed message. */ function mycode_parse_quotes($message, $text_only=false)
Zeile 602	Zeile 613
$pattern = array( "#\[quote=([\"']\|"\|)(.?)(?:\\1)(.?)(?:[\"']\|")?\](.?)\[/quote\](\r\n?\|\n?)#esi", "#\[quote\](.?)\[\/quote\](\r\n?\|\n?)#si"	$pattern = array( "#\[quote=([\"']\|"\|)(.?)(?:\\1)(.?)(?:[\"']\|")?\](.?)\[/quote\](\r\n?\|\n?)#esi", "#\[quote\](.?)\[\/quote\](\r\n?\|\n?)#si"
); if($text_only == false) { $replace = array(	); if($text_only == false) { $replace = array(
"\$this->mycode_parse_post_quotes('$4','$2$3')", "<blockquote><cite>$lang->quote</cite>$1</blockquote>\n" );	"\$this->mycode_parse_post_quotes('$4','$2$3')", "<blockquote><cite>$lang->quote</cite>$1</blockquote>\n" );
Zeile 616	Zeile 627
$replace = array( "\$this->mycode_parse_post_quotes('$4','$2$3', true)", "\n{$lang->quote}\n--\n$1\n--\n"	$replace = array( "\$this->mycode_parse_post_quotes('$4','$2$3', true)", "\n{$lang->quote}\n--\n$1\n--\n"
);	);
}	}

do	do
{	{ // preg_replace has erased the message? Restore it... if(!$message) { $message = $previous_message; break; } $previous_message = $message;
$message = preg_replace($pattern, $replace, $message, -1, $count); } while($count);	$message = preg_replace($pattern, $replace, $message, -1, $count); } while($count);
Zeile 629	Zeile 647
$find = array( "#(\r\n\|\n)<\/cite>(\r\n\|\n)#", "#(\r\n\|\n)<\/blockquote>#"	$find = array( "#(\r\n\|\n)<\/cite>(\r\n\|\n)#", "#(\r\n\|\n)<\/blockquote>#"
);	);
$replace = array( "</cite><br />",	$replace = array( "</cite><br />",
Zeile 678	Zeile 696
} $username = preg_replace("#(?:"\|\"\|')? pid=(?:"\|\"\|')?[0-9]+[\"']?(?:"\|\"\|')?#i", '', $username);	} $username = preg_replace("#(?:"\|\"\|')? pid=(?:"\|\"\|')?[0-9]+[\"']?(?:"\|\"\|')?#i", '', $username);
$delete_quote = false; }	$delete_quote = false; }
unset($match); preg_match("#dateline=(?:"\|\"\|')?([0-9]+)(?:"\|\"\|')?#i", $username, $match);	unset($match); preg_match("#dateline=(?:"\|\"\|')?([0-9]+)(?:"\|\"\|')?#i", $username, $match);
Zeile 868	Zeile 886
$name = my_substr($url, 0, 40)."...".my_substr($url, -10); } }	$name = my_substr($url, 0, 40)."...".my_substr($url, -10); } }
	$nofollow = ''; if(isset($this->options['nofollow_on'])) { $nofollow = " rel=\"nofollow\""; }
// Fix some entities in URLs $entities = array('$' => '%24', '$' => '%24', '^' => '%5E', '`' => '%60', '[' => '%5B', ']' => '%5D', '{' => '%7B', '}' => '%7D', '"' => '%22', '<' => '%3C', '>' => '%3E', ' ' => '%20'); $fullurl = str_replace(array_keys($entities), array_values($entities), $fullurl); $name = preg_replace("#&\#([0-9]+);#si", "&#$1;", $name); // Fix & but allow unicode	// Fix some entities in URLs $entities = array('$' => '%24', '$' => '%24', '^' => '%5E', '`' => '%60', '[' => '%5B', ']' => '%5D', '{' => '%7B', '}' => '%7D', '"' => '%22', '<' => '%3C', '>' => '%3E', ' ' => '%20'); $fullurl = str_replace(array_keys($entities), array_values($entities), $fullurl); $name = preg_replace("#&\#([0-9]+);#si", "&#$1;", $name); // Fix & but allow unicode
$link = "<a href=\"$fullurl\" target=\"_blank\">$name</a>";	$link = "<a href=\"$fullurl\" target=\"_blank\"{$nofollow}>$name</a>";
return $link; }	return $link; }
Zeile 948	Zeile 972
return "[video={$video}]{$url}[/video]"; }	return "[video={$video}]{$url}[/video]"; }
$parsed_url = @parse_url($url);	$parsed_url = @parse_url(urldecode($url));
if($parsed_url == false) {	if($parsed_url == false) {
return "[video={$video}]{$url}[/video]";;	return "[video={$video}]{$url}[/video]";
} $fragments = array(); if($parsed_url['fragment'])	} $fragments = array(); if($parsed_url['fragment'])
{	{
$fragments = explode("&", $parsed_url['fragment']);	$fragments = explode("&", $parsed_url['fragment']);
} $queries = explode("&", $parsed_url['query']);	} $queries = explode("&", $parsed_url['query']);
$input = array(); foreach($queries as $query)	$input = array(); foreach($queries as $query)
{	{
list($key, $value) = explode("=", $query); $key = str_replace("amp;", "", $key); $input[$key] = $value;	list($key, $value) = explode("=", $query); $key = str_replace("amp;", "", $key); $input[$key] = $value;
Zeile 976	Zeile 1000
{ case "dailymotion": list($id, ) = split("_", $path[2], 1); // http://www.dailymotion.com/video/fds123_title-goes-here	{ case "dailymotion": list($id, ) = split("_", $path[2], 1); // http://www.dailymotion.com/video/fds123_title-goes-here
break; case "googlevideo": $id = $input['docid']; // http://video.google.com/videoplay?docid=fds123
break; case "metacafe": $id = $path[2]; // http://www.metacafe.com/watch/fds123/title_goes_here/ $title = htmlspecialchars_uni($path[3]); break; case "myspacetv":	break; case "metacafe": $id = $path[2]; // http://www.metacafe.com/watch/fds123/title_goes_here/ $title = htmlspecialchars_uni($path[3]); break; case "myspacetv":
$id = $input['videoid']; // http://myspacetv.com/index.cfm?fuseaction=vids.individual&videoid=fds123	$id = $path[4]; // http://www.myspace.com/video/fds/fds/123
break; case "yahoo":	break; case "yahoo":
$id = $path[3]; // http://video.yahoo.com/watch/fds123/abc567 $vid = htmlspecialchars_uni($path[2]);	$id = $path[1]; // http://xy.screen.yahoo.com/fds-123.html // Support for localized portals $domain = explode('.', $parsed_url['host']); if($domain[0] != 'screen') { $local = $domain[0].'.'; } else { $local = ''; }
break; case "vimeo": $id = $path[1]; // http://vimeo.com/fds123	break; case "vimeo": $id = $path[1]; // http://vimeo.com/fds123
Zeile 1012	Zeile 1042
return "[video={$video}]{$url}[/video]"; }	return "[video={$video}]{$url}[/video]"; }
if(empty($id) \|\| ($video == "yahoo" && empty($vid)))	if(empty($id))
{ return "[video={$video}]{$url}[/video]"; }	{ return "[video={$video}]{$url}[/video]"; }