| Zeile 115 | Zeile 115 |
|---|
$message = $plugins->run_hooks("parse_message_start", $message);
|
$message = $plugins->run_hooks("parse_message_start", $message);
|
// Get rid of cartridge returns for they are the workings of the devil
| // Get rid of carriage returns for they are the workings of the devil
|
$message = str_replace("\r", "", $message);
// Filter bad words if requested.
| $message = str_replace("\r", "", $message);
// Filter bad words if requested.
|
| Zeile 128 | Zeile 128 |
|---|
if(!empty($this->options['filter_cdata']))
{
$message = $this->parse_cdata($message);
|
if(!empty($this->options['filter_cdata']))
{
$message = $this->parse_cdata($message);
|
| | }
// If MyCode needs to be replaced, first filter out [code] and [php] tags.
if(!empty($this->options['allow_mycode']) && $mybb->settings['allowcodemycode'] == 1)
{
// This code is reserved and could break codes
$message = str_replace("<mybb-code>\n", "<mybb_code>\n", $message);
preg_match_all("#\[(code|php)\](.*?)\[/\\1\](\r\n?|\n?)#si", $message, $code_matches, PREG_SET_ORDER);
$message = preg_replace("#\[(code|php)\](.*?)\[/\\1\](\r\n?|\n?)#si", "<mybb-code>\n", $message);
|
}
if(empty($this->options['allow_html']))
{
$message = $this->parse_html($message);
|
}
if(empty($this->options['allow_html']))
{
$message = $this->parse_html($message);
|
| | $message = str_replace("<mybb-code>\n", "<mybb-code>\n", $message);
|
}
else
{
|
}
else
{
|
while(preg_match("#<s(cript|tyle)(.*)>(.*)</s(cript|tyle)(.*)>#is", $message))
{
$message = preg_replace("#<s(cript|tyle)(.*)>(.*)</s(cript|tyle)(.*)>#is", "<s$1$2>$3</s$4$5>", $message);
}
$find = array('<?php', '<!--', '-->', '?>', "<br />\n", "<br>\n");
$replace = array('<?php', '<!--', '-->', '?>', "\n", "\n");
| // Replace base, meta,script and style tags in our post - these are > dangerous <
$message = preg_replace('#<(/?)(base|meta|script|style)([^>]*)>#i', '<$1$2$3>', $message);
$message = $this->fix_javascript($message);
$find = array("<br />\n", "<br>\n");
$replace = array("\n", "\n");
|
$message = str_replace($find, $replace, $message);
}
|
$message = str_replace($find, $replace, $message);
}
|
// If MyCode needs to be replaced, first filter out [code] and [php] tags.
if(!empty($this->options['allow_mycode']) && $mybb->settings['allowcodemycode'] == 1)
{
preg_match_all("#\[(code|php)\](.*?)\[/\\1\](\r\n?|\n?)#si", $message, $code_matches, PREG_SET_ORDER);
$message = preg_replace("#\[(code|php)\](.*?)\[/\\1\](\r\n?|\n?)#si", "<mybb-code>\n", $message);
}
// Always fix bad Javascript in the message.
$message = $this->fix_javascript($message);
| |
// Replace "me" code and slaps if we have a username
if(!empty($this->options['me_username']) && $mybb->settings['allowmemycode'] == 1)
|
// Replace "me" code and slaps if we have a username
if(!empty($this->options['me_username']) && $mybb->settings['allowmemycode'] == 1)
|
{
| {
|
global $lang;
|
global $lang;
|
|
|
$message = preg_replace('#(>|^|\r|\n)/me ([^\r\n<]*)#i', "\\1<span style=\"color: red;\">* {$this->options['me_username']} \\2</span>", $message);
$message = preg_replace('#(>|^|\r|\n)/slap ([^\r\n<]*)#i', "\\1<span style=\"color: red;\">* {$this->options['me_username']} {$lang->slaps} \\2 {$lang->with_trout}</span>", $message);
|
$message = preg_replace('#(>|^|\r|\n)/me ([^\r\n<]*)#i', "\\1<span style=\"color: red;\">* {$this->options['me_username']} \\2</span>", $message);
$message = preg_replace('#(>|^|\r|\n)/slap ([^\r\n<]*)#i', "\\1<span style=\"color: red;\">* {$this->options['me_username']} {$lang->slaps} \\2 {$lang->with_trout}</span>", $message);
|
}
| }
|
// If we can, parse smilies
if(!empty($this->options['allow_smilies']))
{
| // If we can, parse smilies
if(!empty($this->options['allow_smilies']))
{
|
| Zeile 172 | Zeile 172 |
|---|
}
// Replace MyCode if requested.
|
}
// Replace MyCode if requested.
|
if(!empty($this->options['allow_mycode']))
{
| if(!empty($this->options['allow_mycode']))
{
|
$message = $this->parse_mycode($message);
}
| $message = $this->parse_mycode($message);
}
|
| Zeile 193 | Zeile 193 |
|---|
{
foreach($code_matches as $text)
{
|
{
foreach($code_matches as $text)
{
|
// Fix up HTML inside the code tags so it is clean
if(!empty($this->options['allow_html']))
{
| if(my_strtolower($text[1]) == "code")
{
// Fix up HTML inside the code tags so it is clean
|
$text[2] = $this->parse_html($text[2]);
|
$text[2] = $this->parse_html($text[2]);
|
}
if(my_strtolower($text[1]) == "code")
{
|
|
$code = $this->mycode_parse_code($text[2]);
}
elseif(my_strtolower($text[1]) == "php")
| $code = $this->mycode_parse_code($text[2]);
}
elseif(my_strtolower($text[1]) == "php")
|
| Zeile 210 | Zeile 207 |
|---|
$message = preg_replace("#\<mybb-code>\n?#", $code, $message, 1);
}
}
|
$message = preg_replace("#\<mybb-code>\n?#", $code, $message, 1);
}
}
|
}
// Replace meta and base tags in our post - these are > dangerous <
if(!empty($this->options['allow_html']))
{
$message = preg_replace_callback("#<((m[^a])|(b[^diloru>])|(s[^aemptu>]))(\s*[^>]*)>#si", create_function(
'$matches',
'return htmlspecialchars_uni($matches[0]);'
), $message);
| |
}
if(!isset($this->options['nl2br']) || $this->options['nl2br'] != 0)
| }
if(!isset($this->options['nl2br']) || $this->options['nl2br'] != 0)
|
| Zeile 239 | Zeile 227 |
|---|
*
* @param string $message The message to be parsed.
* @return string The formatted message.
|
*
* @param string $message The message to be parsed.
* @return string The formatted message.
|
*/
| */
|
function parse_html($message)
|
function parse_html($message)
|
{
| {
|
$message = preg_replace("#&(?!\#[0-9]+;)#si", "&", $message); // fix & but allow unicode
$message = str_replace("<","<",$message);
$message = str_replace(">",">",$message);
return $message;
}
|
$message = preg_replace("#&(?!\#[0-9]+;)#si", "&", $message); // fix & but allow unicode
$message = str_replace("<","<",$message);
$message = str_replace(">",">",$message);
return $message;
}
|
|
|
/**
* Generates a cache of MyCode, both standard and custom.
*
| /**
* Generates a cache of MyCode, both standard and custom.
*
|
| Zeile 257 | Zeile 245 |
|---|
{
global $cache, $lang, $mybb;
$this->mycode_cache = array();
|
{
global $cache, $lang, $mybb;
$this->mycode_cache = array();
|
|
|
$standard_mycode = $callback_mycode = $nestable_mycode = array();
$standard_count = $callback_count = $nestable_count = 0;
| $standard_mycode = $callback_mycode = $nestable_mycode = array();
$standard_count = $callback_count = $nestable_count = 0;
|
| Zeile 293 | Zeile 281 |
|---|
$standard_mycode['reg']['replacement'] = "®";
++$standard_count;
|
$standard_mycode['reg']['replacement'] = "®";
++$standard_count;
|
}
| }
|
if($mybb->settings['allowlinkmycode'] == 1)
{
$callback_mycode['url_simple']['regex'] = "#\[url\]([a-z]+?://)([^\r\n\"<]+?)\[/url\]#si";
| if($mybb->settings['allowlinkmycode'] == 1)
{
$callback_mycode['url_simple']['regex'] = "#\[url\]([a-z]+?://)([^\r\n\"<]+?)\[/url\]#si";
|
| Zeile 306 | Zeile 294 |
|---|
$callback_mycode['url_complex']['regex'] = "#\[url=([a-z]+?://)([^\r\n\"<]+?)\](.+?)\[/url\]#si";
$callback_mycode['url_complex']['replacement'] = array($this, 'mycode_parse_url_callback1');
|
$callback_mycode['url_complex']['regex'] = "#\[url=([a-z]+?://)([^\r\n\"<]+?)\](.+?)\[/url\]#si";
$callback_mycode['url_complex']['replacement'] = array($this, 'mycode_parse_url_callback1');
|
$callback_mycode['url_complex2']['regex'] = "#\[url=([^\r\n\"<&\(\)]+?)\](.+?)\[/url\]#si";
| $callback_mycode['url_complex2']['regex'] = "#\[url=([^\r\n\"<]+?)\](.+?)\[/url\]#si";
|
$callback_mycode['url_complex2']['replacement'] = array($this, 'mycode_parse_url_callback2');
++$callback_count;
| $callback_mycode['url_complex2']['replacement'] = array($this, 'mycode_parse_url_callback2');
++$callback_count;
|
| Zeile 663 | Zeile 651 |
|---|
/**
* Attempts to move any javascript references in the specified message.
*
|
/**
* Attempts to move any javascript references in the specified message.
*
|
* @param string $message The message to be parsed.
| * @param string The message to be parsed.
|
* @return string The parsed message.
*/
function fix_javascript($message)
{
$js_array = array(
"#(&\#(0*)106;?|&\#(0*)74;?|&\#x(0*)4a;?|&\#x(0*)6a;?|j)((&\#(0*)97;?|&\#(0*)65;?|a)(&\#(0*)118;?|&\#(0*)86;?|v)(&\#(0*)97;?|&\#(0*)65;?|a)(\s)?(&\#(0*)115;?|&\#(0*)83;?|s)(&\#(0*)99;?|&\#(0*)67;?|c)(&\#(0*)114;?|&\#(0*)82;?|r)(&\#(0*)105;?|&\#(0*)73;?|i)(&\#112;?|&\#(0*)80;?|p)(&\#(0*)116;?|&\#(0*)84;?|t)(&\#(0*)58;?|\:))#i",
|
* @return string The parsed message.
*/
function fix_javascript($message)
{
$js_array = array(
"#(&\#(0*)106;?|&\#(0*)74;?|&\#x(0*)4a;?|&\#x(0*)6a;?|j)((&\#(0*)97;?|&\#(0*)65;?|a)(&\#(0*)118;?|&\#(0*)86;?|v)(&\#(0*)97;?|&\#(0*)65;?|a)(\s)?(&\#(0*)115;?|&\#(0*)83;?|s)(&\#(0*)99;?|&\#(0*)67;?|c)(&\#(0*)114;?|&\#(0*)82;?|r)(&\#(0*)105;?|&\#(0*)73;?|i)(&\#112;?|&\#(0*)80;?|p)(&\#(0*)116;?|&\#(0*)84;?|t)(&\#(0*)58;?|\:))#i",
|
"#(o)(nmouseover\s?=)#i",
"#(o)(nmouseout\s?=)#i",
"#(o)(nmousedown\s?=)#i",
"#(o)(nmousemove\s?=)#i",
"#(o)(nmouseup\s?=)#i",
"#(o)(nclick\s?=)#i",
"#(o)(ndblclick\s?=)#i",
"#(o)(nload\s?=)#i",
"#(o)(nsubmit\s?=)#i",
"#(o)(nblur\s?=)#i",
"#(o)(nchange\s?=)#i",
"#(o)(nfocus\s?=)#i",
"#(o)(nselect\s?=)#i",
"#(o)(nunload\s?=)#i",
"#(o)(nkeypress\s?=)#i",
"#(o)(nerror\s?=)#i",
"#(o)(nreset\s?=)#i",
"#(o)(nabort\s?=)#i"
| "#([\s\"']on)([a-z]+\s*=)#i",
|
);
|
);
|
$message = preg_replace($js_array, "$1<strong></strong>$2$6", $message);
| // Add invisible white space
$message = preg_replace($js_array, "$1\xE2\x80\x8C$2$6", $message);
|
return $message;
|
return $message;
|
}
| }
|
/**
* Handles fontsize.
|
/**
* Handles fontsize.
|
| Zeile 703 | Zeile 675 |
|---|
* @return string The parsed text.
*/
function mycode_handle_size($size, $text)
|
* @return string The parsed text.
*/
function mycode_handle_size($size, $text)
|
{
| {
|
$size = (int)$size+10;
|
$size = (int)$size+10;
|
|
|
if($size > 50)
{
$size = 50;
| if($size > 50)
{
$size = 50;
|
| Zeile 714 | Zeile 686 |
|---|
$text = "<span style=\"font-size: {$size}pt;\">".str_replace("\'", "'", $text)."</span>";
return $text;
|
$text = "<span style=\"font-size: {$size}pt;\">".str_replace("\'", "'", $text)."</span>";
return $text;
|
}
| }
|
/**
* Handles fontsize.
|
/**
* Handles fontsize.
|
| Zeile 767 | Zeile 739 |
|---|
} while($count || $count_callback);
if($text_only == false)
|
} while($count || $count_callback);
if($text_only == false)
|
{
| {
|
$find = array(
"#(\r\n*|\n*)<\/cite>(\r\n*|\n*)#",
"#(\r\n*|\n*)<\/blockquote>#"
| $find = array(
"#(\r\n*|\n*)<\/cite>(\r\n*|\n*)#",
"#(\r\n*|\n*)<\/blockquote>#"
|
| Zeile 959 | Zeile 931 |
|---|
{
return;
}
|
{
return;
}
|
$str = str_replace('&', '&', $str);
$str = str_replace('<', '<', $str);
$str = str_replace('>', '>', $str);
| |
// See if open and close tags are provided.
$added_open_tag = false;
|
// See if open and close tags are provided.
$added_open_tag = false;
|
| Zeile 1223 | Zeile 1191 |
|---|
* @return string Image code.
*/
function mycode_parse_img_disabled_callback1($matches)
|
* @return string Image code.
*/
function mycode_parse_img_disabled_callback1($matches)
|
{
| {
|
return $this->mycode_parse_img_disabled($matches[2]);
}
| return $this->mycode_parse_img_disabled($matches[2]);
}
|
| Zeile 1232 | Zeile 1200 |
|---|
*
* @param array $matches Matches.
* @return string Image code.
|
*
* @param array $matches Matches.
* @return string Image code.
|
*/
function mycode_parse_img_disabled_callback2($matches)
{
return $this->mycode_parse_img_disabled($matches[4]);
}
/**
* Parses IMG MyCode disabled.
*
* @param array $matches Matches.
* @return string Image code.
| */
function mycode_parse_img_disabled_callback2($matches)
{
return $this->mycode_parse_img_disabled($matches[4]);
}
/**
* Parses IMG MyCode disabled.
*
* @param array $matches Matches.
* @return string Image code.
|
*/
function mycode_parse_img_disabled_callback3($matches)
|
*/
function mycode_parse_img_disabled_callback3($matches)
|
{
| {
|
return $this->mycode_parse_img_disabled($matches[3]);
}
| return $this->mycode_parse_img_disabled($matches[3]);
}
|
| Zeile 1258 | Zeile 1226 |
|---|
function mycode_parse_img_disabled_callback4($matches)
{
return $this->mycode_parse_img_disabled($matches[5]);
|
function mycode_parse_img_disabled_callback4($matches)
{
return $this->mycode_parse_img_disabled($matches[5]);
|
}
/**
* Parses email MyCode.
| }
/**
* Parses email MyCode.
|
*
* @param string $email The email address to link to.
* @param string $name The name for the link.
| *
* @param string $email The email address to link to.
* @param string $name The name for the link.
|
| Zeile 1280 | Zeile 1248 |
|---|
elseif(preg_match("/^([a-zA-Z0-9-_\+\.]+?)@[a-zA-Z0-9-]+\.[a-zA-Z0-9\.-]+\?(.*?)$/si", $email))
{
return "<a href=\"mailto:".htmlspecialchars_uni($email)."\">".$name."</a>";
|
elseif(preg_match("/^([a-zA-Z0-9-_\+\.]+?)@[a-zA-Z0-9-]+\.[a-zA-Z0-9\.-]+\?(.*?)$/si", $email))
{
return "<a href=\"mailto:".htmlspecialchars_uni($email)."\">".$name."</a>";
|
}
| }
|
else
{
return $email;
| else
{
return $email;
|
| Zeile 1355 | Zeile 1323 |
|---|
$id = $path[4]; // http://www.myspace.com/video/fds/fds/123
break;
case "facebook":
|
$id = $path[4]; // http://www.myspace.com/video/fds/fds/123
break;
case "facebook":
|
$id = $input['v']; // http://www.facebook.com/video/video.php?v=123
| if(isset($input['v']))
{
$id = $input['v']; // http://www.facebook.com/video/video.php?v=123
}
elseif(substr($path[3], 0, 3) == 'vb.')
{
$id = $path[4]; // https://www.facebook.com/fds/videos/vb.123/123/
}
else
{
$id = $path[3]; // https://www.facebook.com/fds/videos/123/
}
|
break;
case "veoh":
$id = $path[2]; // http://www.veoh.com/watch/123
| break;
case "veoh":
$id = $path[2]; // http://www.veoh.com/watch/123
|
| Zeile 1364 | Zeile 1343 |
|---|
$id = $input['i']; // http://www.liveleak.com/view?i=123
break;
case "yahoo":
|
$id = $input['i']; // http://www.liveleak.com/view?i=123
break;
case "yahoo":
|
$id = $path[1]; // http://xy.screen.yahoo.com/fds-123.html
| if(isset($path[2]))
{
$id = $path[2]; // http://xy.screen.yahoo.com/fds/fds-123.html
}
else
{
$id = $path[1]; // http://xy.screen.yahoo.com/fds-123.html
}
|
// Support for localized portals
$domain = explode('.', $parsed_url['host']);
if($domain[0] != 'screen' && preg_match('#^([a-z-]+)$#', $domain[0]))
{
$local = "{$domain[0]}.";
|
// Support for localized portals
$domain = explode('.', $parsed_url['host']);
if($domain[0] != 'screen' && preg_match('#^([a-z-]+)$#', $domain[0]))
{
$local = "{$domain[0]}.";
|
}
else
{
| }
else
{
|
$local = '';
}
break;
case "vimeo":
|
$local = '';
}
break;
case "vimeo":
|
$id = $path[1]; // http://vimeo.com/fds123
| if(isset($path[3]))
{
$id = $path[3]; // http://vimeo.com/fds/fds/fds123
}
else
{
$id = $path[1]; // http://vimeo.com/fds123
}
|
break;
case "youtube":
if($fragments[0])
| break;
case "youtube":
if($fragments[0])
|