NobuNobu
nobun****@users*****
2006年 12月 3日 (日) 00:48:30 JST
Index: xoops2jp/html/class/module.textsanitizer.php
diff -u xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.1 xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.2
--- xoops2jp/html/class/module.textsanitizer.php:1.2.8.9.2.1 Sat Oct 14 13:51:56 2006
+++ xoops2jp/html/class/module.textsanitizer.php Sun Dec 3 00:48:30 2006
@@ -1,5 +1,5 @@
<?php
-// $Id: module.textsanitizer.php,v 1.2.8.9.2.1 2006/10/14 04:51:56 minahito Exp $
+// $Id: module.textsanitizer.php,v 1.2.8.9.2.2 2006/12/02 15:48:30 nobunobu Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
@@ -73,6 +73,21 @@
*/
var $mXoopsCodePostFilter = null;
+ /**
+ * @var XCube_Delegate
+ */
+ var $mCodePreConvPre = null;
+
+ /**
+ * @var XCube_Delegate
+ */
+ var $mCodeConvPre = null;
+
+ /**
+ * @var XCube_TextFilter
+ */
+ var $mTextFilter = null;
+
/*
* Constructor of this class
*
@@ -97,6 +112,16 @@
$this->mXoopsCodePostFilter =& new XCube_Delegate();
$this->mXoopsCodePostFilter->register('MyTextSanitizer.XoopsCodePostFilter');
+
+ $this->mCodePreConvPre =& new XCube_Delegate();
+ $this->mCodePreConvPre->register('MyTextSanitizer.CodePreConvPre');
+
+ $this->mCodeConvPre =& new XCube_Delegate();
+ $this->mCodeConvPre->register('MyTextSanitizer.CodeConvPre');
+
+ $root =& XCube_Root::getSingleton();
+ $this->mTextFilter =& $root->getTextFilter();
+
}
/**
@@ -163,9 +188,9 @@
$patterns = array("/(^|[^]_a-z0-9-=\"'\/])([a-z]+?):\/\/([^, \r\n\"\(\)'<>]+)/i", "/(^|[^]_a-z0-9-=\"'\/])www\.([a-z0-9\-]+)\.([^, \r\n\"\(\)'<>]+)/i", "/(^|[^]_a-z0-9-=\"'\/])ftp\.([a-z0-9\-]+)\.([^, \r\n\"\(\)'<>]+)/i", "/(^|[^]_a-z0-9-=\"'\/:\.])([a-z0-9\-_\.]+?)@([^, \r\n\"\(\)'<>\[\]]+)/i");
$replacements = array("\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", "\\1<a href=\"http://www.\\2.\\3\" target=\"_blank\">www.\\2.\\3</a>", "\\1<a href=\"ftp://ftp.\\2.\\3\" target=\"_blank\">ftp.\\2.\\3</a>", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>");
- // RaiseEvent 'MyTextSanitizer.MakeClickablePre' ('Legacy.TextSanitizer.MakeClicablePre')
+ // RaiseEvent 'MyTextSanitizer.MakeClickablePre'
// Delegate may replace makeClickable conversion table
- // varArgs :
+ // Args :
// 'patterns' [I/O] : &Array of pattern RegExp
// 'replacements' [I/O] : &Array of replacing string
//
@@ -173,9 +198,9 @@
$text = preg_replace($patterns, $replacements, $text);
- // RaiseEvent : 'MyTextSanitizer.MakeClickablePostFilter' ('Legacy.TextSanitizer.MakeClicablePostFilter')
+ // RaiseEvent : 'MyTextSanitizer.MakeClickablePostFilter'
// Delegate may convert output text with quickApplyFilter rule
- // varArgs :
+ // Args :
// 'string' [I/O] : Text to convert;
//
$this->mMakeClickablePostFilter->call(new XCube_Ref($text));
@@ -251,20 +276,20 @@
$patterns[] = "/about:/si";
$replacements[] = "about :";
- // RaiseEvent 'MyTextSanitizer.XoopsCodePre' ('Legacy.TextSanitizer.XoopsCodePre')
+ // RaiseEvent 'MyTextSanitizer.XoopsCodePre'
// Delegate may replace conversion table
- // varArgs :
+ // Args :
// 'patterns' [I/O] : &Array of pattern RegExp
// 'replacements' [I/O] : &Array of replacing string
// 'allowimage' [I] : xoopsCodeDecode $allowimage parameter
//
$this->mXoopsCodePre->call(new XCube_Ref($patterns), new XCube_Ref($replacements), $allowimage);
-
+
$text = preg_replace($patterns, $replacements, $text);
- // RaiseEvent : 'MyTextSanitizer.XoopsCodePostFilter' ('Legacy.TextSanitizer.XoopsCodePostFilter')
+ // RaiseEvent : 'MyTextSanitizer.XoopsCodePostFilter'
// Delegate may convert output text with quickApplyFilter rule
- // varArgs :
+ // Args :
// 'string' [I/O] : Text to convert;
// 'allowimage' [I] : xoopsCodeDecode $allowimage parameter
//
@@ -349,13 +374,17 @@
* for displaying data in html textbox forms
*
* @param string $text
+ * @param bool $forEdit (experimental)
*
* @return string
*/
- function &htmlSpecialChars($text)
+ function &htmlSpecialChars($text, $forEdit=false)
{
- //return preg_replace("/&/i", '&', htmlspecialchars($text, ENT_QUOTES));
- $ret = preg_replace(array("/&/i", "/ /i"), array('&', '&nbsp;'), htmlspecialchars($text, ENT_QUOTES));
+ if (!$forEdit) {
+ $ret = $this->mTextFilter->ToShow($text);
+ } else {
+ $ret = $this->mTextFilter->ToEdit($text);
+ }
return $ret;
}
@@ -385,11 +414,11 @@
**/
function &displayTarea(&$text, $html = 0, $smiley = 1, $xcode = 1, $image = 1, $br = 1)
{
+ $text = $this->codePreConv($text, $xcode); // Ryuji_edit(2003-11-18)
if ($html != 1) {
// html not allowed
- $text =& $this->htmlSpecialChars($text);
+ $text = $this->mTextFilter->ToShow($text);
}
- $text = $this->codePreConv($text, $xcode); // Ryuji_edit(2003-11-18)
$text =& $this->makeClickable($text);
if ($smiley != 0) {
// process smiley
@@ -426,11 +455,11 @@
function &previewTarea(&$text, $html = 0, $smiley = 1, $xcode = 1, $image = 1, $br = 1)
{
$text =& $this->stripSlashesGPC($text);
+ $text = $this->codePreConv($text, $xcode); // Ryuji_edit(2003-11-18)
if ($html != 1) {
// html not allowed
- $text =& $this->htmlSpecialChars($text);
+ $text = $this->mTextFilter->ToShow($text);
}
- $text = $this->codePreConv($text, $xcode); // Ryuji_edit(2003-11-18)
$text =& $this->makeClickable($text);
if ($smiley != 0) {
// process smiley
@@ -493,8 +522,17 @@
*/
function codePreConv($text, $xcode = 1) {
if($xcode != 0){
- $patterns = "/\[code](.*)\[\/code\]/esU";
- $replacements = "'[code]'.base64_encode('$1').'[/code]'";
+ $patterns = array();
+ $replacements = array();
+ $patterns[] = "/\[code](.*)\[\/code\]/esU";
+ $replacements[] = "'[code]'.base64_encode('$1').'[/code]'";
+ // RaiseEvent 'MyTextSanitizer.CodePreConvePre'
+ // Delegate may replace conversion table
+ // Args :
+ // 'patterns' [I/O] : &Array of pattern RegExp
+ // 'replacements' [I/O] : &Array of replacing string
+ //
+ $this->mCodePreConvPre->call(new XCube_Ref($patterns), new XCube_Ref($replacements));
$text = preg_replace($patterns, $replacements, $text);
}
return $text;
@@ -502,16 +540,30 @@
function codeConv($text, $xcode = 1, $image = 1){
if($xcode != 0){
- $patterns = "/\[code](.*)\[\/code\]/esU";
+ $patterns = array();
+ $replacements = array();
+ // RaiseEvent 'MyTextSanitizer.CodeConvPre'
+ // Delegate may replace conversion table
+ // Args :
+ // 'patterns' [I/O] : &Array of pattern RegExp
+ // 'replacements' [I/O] : &Array of replacing string
+ // 'allowimage' [I] : xoopsCodeDecode $allowimage parameter
+ // Caution :
+ // - Conversion table order should be reverse order with codePreConv conversion table.
+ // So, conversion rule for[code] is defined after call delegate function.
+ // - Conversion rule should treat input string as raw text(not sanitized).
+ //
+ $this->mCodeConvPre->call(new XCube_Ref($patterns), new XCube_Ref($replacements), $image);
+
+ $patterns[] = "/\[code](.*)\[\/code\]/esU";
if ($image != 0) {
// image allowed
- $replacements = "'<div class=\"xoopsCode\"><pre><code>'.MyTextSanitizer::codeSanitizer('$1').'</code></pre></div>'";
- //$text =& $this->xoopsCodeDecode($text);
+ $replacements[] = "'<div class=\"xoopsCode\"><pre><code>'.MyTextSanitizer::codeSanitizer('$1').'</code></pre></div>'";
} else {
// image not allowed
- $replacements = "'<div class=\"xoopsCode\"><pre><code>'.MyTextSanitizer::codeSanitizer('$1', 0).'</code></pre></div>'";
- //$text =& $this->xoopsCodeDecode($text, 0);
+ $replacements[] = "'<div class=\"xoopsCode\"><pre><code>'.MyTextSanitizer::codeSanitizer('$1', 0).'</code></pre></div>'";
}
+
$text = preg_replace($patterns, $replacements, $text);
}
return $text;
@@ -520,17 +572,16 @@
function codeSanitizer($str, $image = 1){
if($image != 0){
$str = $this->xoopsCodeDecode(
- $this->htmlSpecialChars(str_replace('\"', '"', base64_decode($str)))
+ htmlspecialchars(str_replace('\"', '"', base64_decode($str)),ENT_QUOTES)
);
}else{
$str = $this->xoopsCodeDecode(
- $this->htmlSpecialChars(str_replace('\"', '"', base64_decode($str))),0
+ htmlspecialchars(str_replace('\"', '"', base64_decode($str)),ENT_QUOTES),0
);
}
return $str;
}
-
/**#@-*/
@@ -542,7 +593,7 @@
function sanitizeForDisplay($text, $allowhtml = 0, $smiley = 1, $bbcode = 1)
{
if ( $allowhtml == 0 ) {
- $text = $this->htmlSpecialChars($text);
+ $text = $this->mTextFilter->ToShow($text);
} else {
//$config =& $GLOBALS['xoopsConfig'];
//$allowed = $config['allowed_html'];
@@ -563,7 +614,7 @@
{
$text = $this->oopsStripSlashesGPC($text);
if ( $allowhtml == 0 ) {
- $text = $this->htmlSpecialChars($text);
+ $text = $this->mTextFilter->ToShow($text);
} else {
//$config =& $GLOBALS['xoopsConfig'];
//$allowed = $config['allowed_html'];
@@ -588,26 +639,26 @@
function makeTboxData4Show($text, $smiley=0)
{
- $text = $this->htmlSpecialChars($text);
+ $text = $this->mTextFilter->ToShow($text);
return $text;
}
function makeTboxData4Edit($text)
{
- return $this->htmlSpecialChars($text);
+ return $this->mTextFilter->ToEdit($text);
}
function makeTboxData4Preview($text, $smiley=0)
{
$text = $this->stripSlashesGPC($text);
- $text = $this->htmlSpecialChars($text);
+ $text = $this->mTextFilter->ToShow($text);
return $text;
}
function makeTboxData4PreviewInForm($text)
{
$text = $this->stripSlashesGPC($text);
- return $this->htmlSpecialChars($text);
+ return $this->mTextFilter->ToShow($text);
}
function makeTareaData4Save($text)
@@ -623,7 +674,7 @@
function makeTareaData4Edit($text)
{
- return $this->htmlSpecialChars($text);
+ return $this->mTextFilter->ToEdit($text);
}
function &makeTareaData4Preview(&$text, $html=1, $smiley=1, $xcode=1)
@@ -636,12 +687,12 @@
{
//if magic_quotes_gpc is on, do stipslashes
$text = $this->stripSlashesGPC($text);
- return $this->htmlSpecialChars($text);
+ return $this->mTextFilter->ToShow($text);
}
function makeTareaData4InsideQuotes($text)
{
- return $this->htmlSpecialChars($text);
+ return $this->mTextFilter->ToShow($text);
}
function &oopsStripSlashesGPC($text)
@@ -666,7 +717,7 @@
function &oopsHtmlSpecialChars($text)
{
- $ret = $this->htmlSpecialChars($text);
+ $ret = $this->mTextFilter->ToShow($text);
return $ret;
}