*
* @category UI
* @package StatusNet
- * @author Evan Prodromou <evan@controlyourself.ca>
- * @author Sarven Capadisli <csarven@controlyourself.ca>
+ * @author Evan Prodromou <evan@status.net>
+ * @author Sarven Capadisli <csarven@status.net>
* @copyright 2008 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
-if (!defined('LACONICA')) {
+if (!defined('STATUSNET') && !defined('LACONICA')) {
exit(1);
}
*
* @category UI
* @package StatusNet
- * @author Evan Prodromou <evan@controlyourself.ca>
+ * @author Evan Prodromou <evan@status.net>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
* @see Notice
* @see NoticeListItem
* @see ProfileNoticeList
*/
-
class AttachmentList extends Widget
{
/** the current stream of notices being displayed. */
*
* @param Notice $notice stream of notices from DB_DataObject
*/
-
function __construct($notice, $out=null)
{
parent::__construct($out);
*
* @return int count of notices listed.
*/
-
function show()
{
$atts = new File;
if (empty($att)) return 0;
$this->out->elementStart('dl', array('id' =>'attachments',
'class' => 'entry-content'));
+ // TRANS: DT element label in attachment list.
$this->out->element('dt', null, _('Attachments'));
$this->out->elementStart('dd');
$this->out->elementStart('ol', array('class' => 'attachments'));
*
* @return NoticeListItem a list item for displaying the notice
*/
-
function newListItem($attachment)
{
return new AttachmentListItem($attachment, $this->out);
*
* @category UI
* @package StatusNet
- * @author Evan Prodromou <evan@controlyourself.ca>
+ * @author Evan Prodromou <evan@status.net>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
* @see NoticeList
* @see ProfileNoticeListItem
*/
-
class AttachmentListItem extends Widget
{
/** The attachment this item will show. */
*
* @param Notice $notice The notice we'll display
*/
-
function __construct($attachment, $out=null)
{
parent::__construct($out);
*
* @return void
*/
-
function show()
{
$this->showStart();
*
* @return void
*/
-
function showStart()
{
// XXX: RDFa
*
* @return void
*/
-
function showEnd()
{
$this->out->elementEnd('li');
$this->out->elementStart('div', array('id' => 'attachment_view',
'class' => 'hentry'));
$this->out->elementStart('div', 'entry-title');
- $this->out->elementStart('a', $this->linkAttr());
- $this->out->element('span', null, $this->linkTitle());
- $this->out->elementEnd('a');
+ $this->out->element('a', $this->linkAttr(), $this->linkTitle());
$this->out->elementEnd('div');
$this->out->elementStart('div', 'entry-content');
$this->out->elementEnd('div');
if (!empty($this->oembed->author_name) || !empty($this->oembed->provider)) {
- $this->out->elementStart('div', array('id' => 'oembed_info',
+ $this->out->elementStart('div', array('id' => 'oembed_info',
'class' => 'entry-content'));
if (!empty($this->oembed->author_name)) {
$this->out->elementStart('dl', 'vcard author');
+ // TRANS: DT element label in attachment list item.
$this->out->element('dt', null, _('Author'));
$this->out->elementStart('dd', 'fn');
if (empty($this->oembed->author_url)) {
}
if (!empty($this->oembed->provider)) {
$this->out->elementStart('dl', 'vcard');
+ // TRANS: DT element label in attachment list item.
$this->out->element('dt', null, _('Provider'));
$this->out->elementStart('dd', 'fn');
if (empty($this->oembed->provider_url)) {
}
function linkAttr() {
- return array('class' => 'external', 'href' => $this->attachment->url);
+ return array('rel' => 'external', 'href' => $this->attachment->url);
}
function linkTitle() {
function showRepresentation() {
if (empty($this->oembed->type)) {
if (empty($this->attachment->mimetype)) {
- $this->out->element('pre', null, 'oh well... not sure how to handle the following: ' . print_r($this->attachment, true));
+ $this->showFallback();
} else {
switch ($this->attachment->mimetype) {
case 'image/gif':
$this->out->element('param', array('name' => 'autoStart', 'value' => 1));
$this->out->elementEnd('object');
break;
+
+ case 'text/html':
+ if ($this->attachment->filename) {
+ // Locally-uploaded HTML. Scrub and display inline.
+ $this->showHtmlFile($this->attachment);
+ break;
+ }
+ // Fall through to default.
+
+ default:
+ $this->showFallback();
}
}
} else {
break;
default:
- $this->out->element('pre', null, 'oh well... not sure how to handle the following oembed: ' . print_r($this->oembed, true));
+ $this->showFallback();
}
}
}
-}
+ protected function showHtmlFile(File $attachment)
+ {
+ $body = $this->scrubHtmlFile($attachment);
+ if ($body) {
+ $this->out->raw($body);
+ }
+ }
+
+ /**
+ * @return mixed false on failure, HTML fragment string on success
+ */
+ protected function scrubHtmlFile(File $attachment)
+ {
+ $path = File::path($attachment->filename);
+ if (!file_exists($path) || !is_readable($path)) {
+ common_log(LOG_ERR, "Missing local HTML attachment $path");
+ return false;
+ }
+ $raw = file_get_contents($path);
+
+ // Normalize...
+ $dom = new DOMDocument();
+ if(!$dom->loadHTML($raw)) {
+ common_log(LOG_ERR, "Bad HTML in local HTML attachment $path");
+ return false;
+ }
+
+ // Remove <script>s or htmlawed will dump their contents into output!
+ // Note: removing child nodes while iterating seems to mess things up,
+ // hence the double loop.
+ $scripts = array();
+ foreach ($dom->getElementsByTagName('script') as $script) {
+ $scripts[] = $script;
+ }
+ foreach ($scripts as $script) {
+ common_log(LOG_DEBUG, $script->textContent);
+ $script->parentNode->removeChild($script);
+ }
+
+ // Trim out everything outside the body...
+ $body = $dom->saveHTML();
+ $body = preg_replace('/^.*<body[^>]*>/is', '', $body);
+ $body = preg_replace('/<\/body[^>]*>.*$/is', '', $body);
+
+ require_once INSTALLDIR.'/extlib/htmLawed/htmLawed.php';
+ $config = array('safe' => 1,
+ 'deny_attribute' => 'id,style,on*',
+ 'comment' => 1); // remove comments
+ $scrubbed = htmLawed($body, $config);
+
+ return $scrubbed;
+ }
+
+ function showFallback()
+ {
+ // If we don't know how to display an attachment inline, we probably
+ // shouldn't have gotten to this point.
+ //
+ // But, here we are... displaying details on a file or remote URL
+ // either on the main view or in an ajax-loaded lightbox. As a lesser
+ // of several evils, we'll try redirecting to the actual target via
+ // client-side JS.
+
+ common_log(LOG_ERR, "Empty or unknown type for file id {$this->attachment->id}; falling back to client-side redirect.");
+ $this->out->raw('<script>window.location = ' . json_encode($this->attachment->url) . ';</script>');
+ }
+}