X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=include%2Fbbcode.php;h=fd380edc997582e21810fc8f03b01e07f827b9b2;hb=fdcb6d3c6f785ea588f3ce7db2659764032c114d;hp=81536d37200fdd5083a38685c306282856f8d0cb;hpb=c73d9611983b05cd1207d69c71a157c051b3f2e8;p=friendica.git
diff --git a/include/bbcode.php b/include/bbcode.php
index 81536d3720..fd380edc99 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -1,8 +1,12 @@
%s',
- $url, $title, $title);
- elseif (($simplehtml != 4) AND ($simplehtml != 0))
- $text = sprintf('%s ', $type);
-
- $bookmark = array(sprintf('[bookmark=%s]%s[/bookmark]', $url, $title), $url, $title);
- if ($tryoembed)
- $oembed = tryoembed($bookmark);
- else
- $oembed = $bookmark[0];
-
- if (strstr(strtolower($oembed), "', $Text);
- else
+ } else {
$Text = preg_replace("/\[iframe\](.*?)\[\/iframe\]/ism", '$1 ', $Text);
+ }
// Youtube extensions
if ($tryoembed) {
$Text = preg_replace_callback("/\[youtube\](https?:\/\/www.youtube.com\/watch\?v\=.*?)\[\/youtube\]/ism", 'tryoembed', $Text);
$Text = preg_replace_callback("/\[youtube\](www.youtube.com\/watch\?v\=.*?)\[\/youtube\]/ism", 'tryoembed', $Text);
- $Text = preg_replace_callback("/\[youtube\](https?:\/\/youtu.be\/.*?)\[\/youtube\]/ism",'tryoembed',$Text);
+ $Text = preg_replace_callback("/\[youtube\](https?:\/\/youtu.be\/.*?)\[\/youtube\]/ism", 'tryoembed', $Text);
}
- $Text = preg_replace("/\[youtube\]https?:\/\/www.youtube.com\/watch\?v\=(.*?)\[\/youtube\]/ism",'[youtube]$1[/youtube]',$Text);
- $Text = preg_replace("/\[youtube\]https?:\/\/www.youtube.com\/embed\/(.*?)\[\/youtube\]/ism",'[youtube]$1[/youtube]',$Text);
- $Text = preg_replace("/\[youtube\]https?:\/\/youtu.be\/(.*?)\[\/youtube\]/ism",'[youtube]$1[/youtube]',$Text);
+ $Text = preg_replace("/\[youtube\]https?:\/\/www.youtube.com\/watch\?v\=(.*?)\[\/youtube\]/ism", '[youtube]$1[/youtube]', $Text);
+ $Text = preg_replace("/\[youtube\]https?:\/\/www.youtube.com\/embed\/(.*?)\[\/youtube\]/ism", '[youtube]$1[/youtube]', $Text);
+ $Text = preg_replace("/\[youtube\]https?:\/\/youtu.be\/(.*?)\[\/youtube\]/ism", '[youtube]$1[/youtube]', $Text);
- if ($tryoembed)
+ if ($tryoembed) {
$Text = preg_replace("/\[youtube\]([A-Za-z0-9\-_=]+)(.*?)\[\/youtube\]/ism", 'VIDEO ', $Text);
- else
+ } else {
$Text = preg_replace("/\[youtube\]([A-Za-z0-9\-_=]+)(.*?)\[\/youtube\]/ism",
'https://www.youtube.com/watch?v=$1 ', $Text);
+ }
if ($tryoembed) {
- $Text = preg_replace_callback("/\[vimeo\](https?:\/\/player.vimeo.com\/video\/[0-9]+).*?\[\/vimeo\]/ism",'tryoembed',$Text);
- $Text = preg_replace_callback("/\[vimeo\](https?:\/\/vimeo.com\/[0-9]+).*?\[\/vimeo\]/ism",'tryoembed',$Text);
+ $Text = preg_replace_callback("/\[vimeo\](https?:\/\/player.vimeo.com\/video\/[0-9]+).*?\[\/vimeo\]/ism", 'tryoembed', $Text);
+ $Text = preg_replace_callback("/\[vimeo\](https?:\/\/vimeo.com\/[0-9]+).*?\[\/vimeo\]/ism", 'tryoembed', $Text);
}
- $Text = preg_replace("/\[vimeo\]https?:\/\/player.vimeo.com\/video\/([0-9]+)(.*?)\[\/vimeo\]/ism",'[vimeo]$1[/vimeo]',$Text);
- $Text = preg_replace("/\[vimeo\]https?:\/\/vimeo.com\/([0-9]+)(.*?)\[\/vimeo\]/ism",'[vimeo]$1[/vimeo]',$Text);
+ $Text = preg_replace("/\[vimeo\]https?:\/\/player.vimeo.com\/video\/([0-9]+)(.*?)\[\/vimeo\]/ism", '[vimeo]$1[/vimeo]', $Text);
+ $Text = preg_replace("/\[vimeo\]https?:\/\/vimeo.com\/([0-9]+)(.*?)\[\/vimeo\]/ism", '[vimeo]$1[/vimeo]', $Text);
- if ($tryoembed)
+ if ($tryoembed) {
$Text = preg_replace("/\[vimeo\]([0-9]+)(.*?)\[\/vimeo\]/ism", '', $Text);
- else
+ } else {
$Text = preg_replace("/\[vimeo\]([0-9]+)(.*?)\[\/vimeo\]/ism",
'https://vimeo.com/$1 ', $Text);
+ }
// $Text = preg_replace("/\[youtube\](.*?)\[\/youtube\]/", ' with
- $Text = preg_replace_callback("|(?!]*>)([^<]*)(?!]*>)|ism", 'bb_onelinecode_cb', $Text);
+ // Replace inline code blocks
+ $Text = preg_replace_callback("|(?!]*>)([^<]*)(?!]*>)|ism",
+ function ($match) use ($simplehtml) {
+ $return = '' . $match[1] . ' ';
+ // Use for Diaspora inline code blocks
+ if ($simplehtml === 3) {
+ $return = '' . $match[1] . '';
+ }
+ return $return;
+ }
+ , $Text);
// Unhide all [noparse] contained bbtags unspacefying them
// and triming the [noparse] tag.
- $Text = preg_replace_callback("/\[noparse\](.*?)\[\/noparse\]/ism", 'bb_unspacefy_and_trim',$Text);
- $Text = preg_replace_callback("/\[nobb\](.*?)\[\/nobb\]/ism", 'bb_unspacefy_and_trim',$Text);
- $Text = preg_replace_callback("/\[pre\](.*?)\[\/pre\]/ism", 'bb_unspacefy_and_trim',$Text);
+ $Text = preg_replace_callback("/\[noparse\](.*?)\[\/noparse\]/ism", 'bb_unspacefy_and_trim', $Text);
+ $Text = preg_replace_callback("/\[nobb\](.*?)\[\/nobb\]/ism", 'bb_unspacefy_and_trim', $Text);
+ $Text = preg_replace_callback("/\[pre\](.*?)\[\/pre\]/ism", 'bb_unspacefy_and_trim', $Text);
- $Text = preg_replace('/\[\&\;([#a-z0-9]+)\;\]/','&$1;',$Text);
- $Text = preg_replace('/\&\#039\;/','\'',$Text);
- $Text = preg_replace('/\"\;/','"',$Text);
+ $Text = preg_replace('/\[\&\;([#a-z0-9]+)\;\]/', '&$1;', $Text);
+ $Text = preg_replace('/\&\#039\;/', '\'', $Text);
+ $Text = preg_replace('/\"\;/', '"', $Text);
// fix any escaped ampersands that may have been converted into links
- $Text = preg_replace("/\<([^>]*?)(src|href)=(.*?)\&\;(.*?)\>/ism",'<$1$2=$3&$4>',$Text);
- $Text = preg_replace("/\<([^>]*?)(src|href)=\"(?!http|ftp|mailto|gopher|cid)(.*?)\>/ism",'<$1$2="">',$Text);
+ $Text = preg_replace('/\<([^>]*?)(src|href)=(.*?)\&\;(.*?)\>/ism', '<$1$2=$3&$4>', $Text);
+
+ // sanitizes src attributes (http and redir URLs for displaying in a web page, cid used for inline images in emails)
+ static $allowed_src_protocols = array('http', 'redir', 'cid');
+ $Text = preg_replace('#<([^>]*?)(src)="(?!' . implode('|', $allowed_src_protocols) . ')(.*?)"(.*?)>#ism',
+ '<$1$2=""$4 class="invalid-src" title="' . t('Invalid source protocol') . '">', $Text);
+
+ // sanitize href attributes (only whitelisted protocols URLs)
+ // default value for backward compatibility
+ $allowed_link_protocols = Config::get('system', 'allowed_link_protocols', array('ftp', 'mailto', 'gopher', 'cid'));
- if($saved_image)
+ // Always allowed protocol even if config isn't set or not including it
+ $allowed_link_protocols[] = 'http';
+
+ $regex = '#<([^>]*?)(href)="(?!' . implode('|', $allowed_link_protocols) . ')(.*?)"(.*?)>#ism';
+ $Text = preg_replace($regex, '<$1$2="javascript:void(0)"$4 class="invalid-href" title="' . t('Invalid link protocol') . '">', $Text);
+
+ if($saved_image) {
$Text = bb_replace_images($Text, $saved_image);
+ }
// Clean up the HTML by loading and saving the HTML with the DOM.
// Bad structured html can break a whole page.
@@ -1259,20 +1235,58 @@ function bbcode($Text,$preserve_nl = false, $tryoembed = true, $simplehtml = fal
$Text = $doc->saveHTML();
$Text = str_replace(array("", "", $doctype, $encoding), array("", "", "", ""), $Text);
- $Text = str_replace('',' ', $Text);
- // $Text = str_replace(' ', ' ', $Text);
+ //$Text = str_replace('
+
+/**
+ * @brief Removes the "abstract" element from the text
+ *
+ * @param string $text The text with BBCode
+ * @return string The same text - but without "abstract" element
+ */
+function remove_abstract($text) {
+ $text = preg_replace("/[\s|\n]*\[abstract\].*?\[\/abstract\][\s|\n]*/ism", '', $text);
+ $text = preg_replace("/[\s|\n]*\[abstract=.*?\].*?\[\/abstract][\s|\n]*/ism", '', $text);
+
+ return $text;
+}
+
+/**
+ * @brief Returns the value of the "abstract" element
+ *
+ * @param string $text The text that maybe contains the element
+ * @param string $addon The addon for which the abstract is meant for
+ * @return string The abstract
+ */
+function fetch_abstract($text, $addon = "") {
+ $abstract = "";
+ $abstracts = array();
+ $addon = strtolower($addon);
+
+ if (preg_match_all("/\[abstract=(.*?)\](.*?)\[\/abstract\]/ism",$text, $results, PREG_SET_ORDER))
+ foreach ($results AS $result)
+ $abstracts[strtolower($result[1])] = $result[2];
+
+ if (isset($abstracts[$addon]))
+ $abstract = $abstracts[$addon];
+
+ if ($abstract == "")
+ if (preg_match("/\[abstract\](.*?)\[\/abstract\]/ism",$text, $result))
+ $abstract = $result[1];
+
+ return $abstract;
+}