Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

message_parser.php

Last change on this file was 702, checked in by george, 15 years ago
Upraveno: Aktualizace fóra.
File size: 48.0 KB

Line
1	<?php
2	/**
3	*
4	* @package phpBB3
5	* @version $Id$
6	* @copyright (c) 2005 phpBB Group
7	* @license http://opensource.org/licenses/gpl-license.php GNU Public License
8	*
9	*/
10
11	/**
12	* @ignore
13	*/
14	if (!defined('IN_PHPBB'))
15	{
16	exit;
17	}
18
19	if (!class_exists('bbcode'))
20	{
21	include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
22	}
23
24	/**
25	* BBCODE FIRSTPASS
26	* BBCODE first pass class (functions for parsing messages for db storage)
27	* @package phpBB3
28	*/
29	class bbcode_firstpass extends bbcode
30	{
31	var $message = '';
32	var $warn_msg = array();
33	var $parsed_items = array();
34
35	/**
36	* Parse BBCode
37	*/
38	function parse_bbcode()
39	{
40	if (!$this->bbcodes)
41	{
42	$this->bbcode_init();
43	}
44
45	global $user;
46
47	$this->bbcode_bitfield = '';
48	$bitfield = new bitfield();
49
50	foreach ($this->bbcodes as $bbcode_name => $bbcode_data)
51	{
52	if (isset($bbcode_data['disabled']) && $bbcode_data['disabled'])
53	{
54	foreach ($bbcode_data['regexp'] as $regexp => $replacement)
55	{
56	if (preg_match($regexp, $this->message))
57	{
58	$this->warn_msg[] = sprintf($user->lang['UNAUTHORISED_BBCODE'] , '[' . $bbcode_name . ']');
59	continue;
60	}
61	}
62	}
63	else
64	{
65	foreach ($bbcode_data['regexp'] as $regexp => $replacement)
66	{
67	// The pattern gets compiled and cached by the PCRE extension,
68	// it should not demand recompilation
69	if (preg_match($regexp, $this->message))
70	{
71	$this->message = preg_replace($regexp, $replacement, $this->message);
72	$bitfield->set($bbcode_data['bbcode_id']);
73	}
74	}
75	}
76	}
77
78	$this->bbcode_bitfield = $bitfield->get_base64();
79	}
80
81	/**
82	* Prepare some bbcodes for better parsing
83	*/
84	function prepare_bbcodes()
85	{
86	// Ok, seems like users instead want the no-parsing of urls, smilies, etc. after and before and within quote tags being tagged as "not a bug".
87	// Fine by me ;) Will ease our live... but do not come back and cry at us, we won't hear you.
88
89	/* Add newline at the end and in front of each quote block to prevent parsing errors (urls, smilies, etc.)
90	if (strpos($this->message, '[quote') !== false && strpos($this->message, '[/quote]') !== false)
91	{
92	$this->message = str_replace("\r\n", "\n", $this->message);
93
94	// We strip newlines and spaces after and before quotes in quotes (trimming) and then add exactly one newline
95	$this->message = preg_replace('#\[quote(=".?")?\]\s(.?)\s\[/quote\]#siu', '[quote\1]' . "\n" . '\2' ."\n[/quote]", $this->message);
96	}
97	*/
98
99	// Add other checks which needs to be placed before actually parsing anything (be it bbcodes, smilies, urls...)
100	}
101
102	/**
103	* Init bbcode data for later parsing
104	*/
105	function bbcode_init()
106	{
107	static $rowset;
108
109	// This array holds all bbcode data. BBCodes will be processed in this
110	// order, so it is important to keep [code] in first position and
111	// [quote] in second position.
112	$this->bbcodes = array(
113	'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#ise' => "\$this->bbcode_code('\$1', '\$2')")),
114	'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:="(.*?)")?\](.+)\[/quote\]#ise' => "\$this->bbcode_quote('\$0')")),
115	'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#ise' => "\$this->bbcode_attachment('\$1', '\$2')")),
116	'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")),
117	'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")),
118	'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.))?\](.)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")),
119	'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](.*)\[/img\]#iUe' => "\$this->bbcode_img('\$1')")),
120	'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?\d+)\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")),
121	'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9a-f]{3}\|#[0-9a-f]{6}\|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")),
122	'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#ise' => "\$this->bbcode_underline('\$1')")),
123	'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(?:=(?:[a-z0-9]\|disc\|circle\|square))?].*\[/list]#ise' => "\$this->bbcode_parse_list('\$0')")),
124	'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.?)?\](.?)\[/email\]#ise' => "\$this->validate_email('\$1', '\$2')")),
125	'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')"))
126	);
127
128	// Zero the parsed items array
129	$this->parsed_items = array();
130
131	foreach ($this->bbcodes as $tag => $bbcode_data)
132	{
133	$this->parsed_items[$tag] = 0;
134	}
135
136	if (!is_array($rowset))
137	{
138	global $db;
139	$rowset = array();
140
141	$sql = 'SELECT *
142	FROM ' . BBCODES_TABLE;
143	$result = $db->sql_query($sql);
144
145	while ($row = $db->sql_fetchrow($result))
146	{
147	$rowset[] = $row;
148	}
149	$db->sql_freeresult($result);
150	}
151
152	foreach ($rowset as $row)
153	{
154	$this->bbcodes[$row['bbcode_tag']] = array(
155	'bbcode_id' => (int) $row['bbcode_id'],
156	'regexp' => array($row['first_pass_match'] => str_replace('$uid', $this->bbcode_uid, $row['first_pass_replace']))
157	);
158	}
159	}
160
161	/**
162	* Making some pre-checks for bbcodes as well as increasing the number of parsed items
163	*/
164	function check_bbcode($bbcode, &$in)
165	{
166	// when using the /e modifier, preg_replace slashes double-quotes but does not
167	// seem to slash anything else
168	$in = str_replace("\r\n", "\n", str_replace('\"', '"', $in));
169
170	// Trimming here to make sure no empty bbcodes are parsed accidently
171	if (trim($in) == '')
172	{
173	return false;
174	}
175
176	$this->parsed_items[$bbcode]++;
177
178	return true;
179	}
180
181	/**
182	* Transform some characters in valid bbcodes
183	*/
184	function bbcode_specialchars($text)
185	{
186	$str_from = array('<', '>', '[', ']', '.', ':');
187	$str_to = array('<', '>', '[', ']', '.', ':');
188
189	return str_replace($str_from, $str_to, $text);
190	}
191
192	/**
193	* Parse size tag
194	*/
195	function bbcode_size($stx, $in)
196	{
197	global $user, $config;
198
199	if (!$this->check_bbcode('size', $in))
200	{
201	return $in;
202	}
203
204	if ($config['max_' . $this->mode . '_font_size'] && $config['max_' . $this->mode . '_font_size'] < $stx)
205	{
206	$this->warn_msg[] = sprintf($user->lang['MAX_FONT_SIZE_EXCEEDED'], $config['max_' . $this->mode . '_font_size']);
207
208	return '[size=' . $stx . ']' . $in . '[/size]';
209	}
210
211	// Do not allow size=0
212	if ($stx <= 0)
213	{
214	return '[size=' . $stx . ']' . $in . '[/size]';
215	}
216
217	return '[size=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/size:' . $this->bbcode_uid . ']';
218	}
219
220	/**
221	* Parse color tag
222	*/
223	function bbcode_color($stx, $in)
224	{
225	if (!$this->check_bbcode('color', $in))
226	{
227	return $in;
228	}
229
230	return '[color=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/color:' . $this->bbcode_uid . ']';
231	}
232
233	/**
234	* Parse u tag
235	*/
236	function bbcode_underline($in)
237	{
238	if (!$this->check_bbcode('u', $in))
239	{
240	return $in;
241	}
242
243	return '[u:' . $this->bbcode_uid . ']' . $in . '[/u:' . $this->bbcode_uid . ']';
244	}
245
246	/**
247	* Parse b tag
248	*/
249	function bbcode_strong($in)
250	{
251	if (!$this->check_bbcode('b', $in))
252	{
253	return $in;
254	}
255
256	return '[b:' . $this->bbcode_uid . ']' . $in . '[/b:' . $this->bbcode_uid . ']';
257	}
258
259	/**
260	* Parse i tag
261	*/
262	function bbcode_italic($in)
263	{
264	if (!$this->check_bbcode('i', $in))
265	{
266	return $in;
267	}
268
269	return '[i:' . $this->bbcode_uid . ']' . $in . '[/i:' . $this->bbcode_uid . ']';
270	}
271
272	/**
273	* Parse img tag
274	*/
275	function bbcode_img($in)
276	{
277	global $user, $config;
278
279	if (!$this->check_bbcode('img', $in))
280	{
281	return $in;
282	}
283
284	$in = trim($in);
285	$error = false;
286
287	$in = str_replace(' ', '%20', $in);
288
289	// Checking urls
290	if (!preg_match('#^' . get_preg_expression('url') . '$#i', $in) && !preg_match('#^' . get_preg_expression('www_url') . '$#i', $in))
291	{
292	return '[img]' . $in . '[/img]';
293	}
294
295	// Try to cope with a common user error... not specifying a protocol but only a subdomain
296	if (!preg_match('#^[a-z0-9]+://#i', $in))
297	{
298	$in = 'http://' . $in;
299	}
300
301	if ($config['max_' . $this->mode . '_img_height'] \|\| $config['max_' . $this->mode . '_img_width'])
302	{
303	$stats = @getimagesize($in);
304
305	if ($stats === false)
306	{
307	$error = true;
308	$this->warn_msg[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
309	}
310	else
311	{
312	if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $stats[1])
313	{
314	$error = true;
315	$this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']);
316	}
317
318	if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $stats[0])
319	{
320	$error = true;
321	$this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']);
322	}
323	}
324	}
325
326	if ($error \|\| $this->path_in_domain($in))
327	{
328	return '[img]' . $in . '[/img]';
329	}
330
331	return '[img:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/img:' . $this->bbcode_uid . ']';
332	}
333
334	/**
335	* Parse flash tag
336	*/
337	function bbcode_flash($width, $height, $in)
338	{
339	global $user, $config;
340
341	if (!$this->check_bbcode('flash', $in))
342	{
343	return $in;
344	}
345
346	$in = trim($in);
347	$error = false;
348
349	// Do not allow 0-sizes generally being entered
350	if ($width <= 0 \|\| $height <= 0)
351	{
352	return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]';
353	}
354
355	// Apply the same size checks on flash files as on images
356	if ($config['max_' . $this->mode . '_img_height'] \|\| $config['max_' . $this->mode . '_img_width'])
357	{
358	if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $height)
359	{
360	$error = true;
361	$this->warn_msg[] = sprintf($user->lang['MAX_FLASH_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']);
362	}
363
364	if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $width)
365	{
366	$error = true;
367	$this->warn_msg[] = sprintf($user->lang['MAX_FLASH_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']);
368	}
369	}
370
371	if ($error \|\| $this->path_in_domain($in))
372	{
373	return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]';
374	}
375
376	return '[flash=' . $width . ',' . $height . ':' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/flash:' . $this->bbcode_uid . ']';
377	}
378
379	/**
380	* Parse inline attachments [ia]
381	*/
382	function bbcode_attachment($stx, $in)
383	{
384	if (!$this->check_bbcode('attachment', $in))
385	{
386	return $in;
387	}
388
389	return '[attachment=' . $stx . ':' . $this->bbcode_uid . ']<!-- ia' . $stx . ' -->' . trim($in) . '<!-- ia' . $stx . ' -->[/attachment:' . $this->bbcode_uid . ']';
390	}
391
392	/**
393	* Parse code text from code tag
394	* @access private
395	*/
396	function bbcode_parse_code($stx, &$code)
397	{
398	switch (strtolower($stx))
399	{
400	case 'php':
401
402	$remove_tags = false;
403
404	$str_from = array('<', '>', '[', ']', '.', ':', ':');
405	$str_to = array('<', '>', '[', ']', '.', ':', ':');
406	$code = str_replace($str_from, $str_to, $code);
407
408	if (!preg_match('/\<\?.*?\?\>/is', $code))
409	{
410	$remove_tags = true;
411	$code = "<?php $code ?>";
412	}
413
414	$conf = array('highlight.bg', 'highlight.comment', 'highlight.default', 'highlight.html', 'highlight.keyword', 'highlight.string');
415	foreach ($conf as $ini_var)
416	{
417	@ini_set($ini_var, str_replace('highlight.', 'syntax', $ini_var));
418	}
419
420	// Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results
421	$code = htmlspecialchars_decode($code);
422	$code = highlight_string($code, true);
423
424	$str_from = array('<span style="color: ', '<font color="syntax', '</font>', '<code>', '</code>','[', ']', '.', ':');
425	$str_to = array('<span class="', '<span class="syntax', '</span>', '', '', '[', ']', '.', ':');
426
427	if ($remove_tags)
428	{
429	$str_from[] = '<span class="syntaxdefault"><?php </span>';
430	$str_to[] = '';
431	$str_from[] = '<span class="syntaxdefault"><?php ';
432	$str_to[] = '<span class="syntaxdefault">';
433	}
434
435	$code = str_replace($str_from, $str_to, $code);
436	$code = preg_replace('#^(<span class="[a-z_]+">)\n?(.*?)\n?(</span>)$#is', '$1$2$3', $code);
437
438	if ($remove_tags)
439	{
440	$code = preg_replace('#(<span class="[a-z]+">)?\?>(</span>)#', '$1 $2', $code);
441	}
442
443	$code = preg_replace('#^<span class="[a-z]+"><span class="([a-z]+)">(.*)</span></span>#s', '<span class="$1">$2</span>', $code);
444	$code = preg_replace('#(?:\s++\| )*+</span>$#u', '</span>', $code);
445
446	// remove newline at the end
447	if (!empty($code) && substr($code, -1) == "\n")
448	{
449	$code = substr($code, 0, -1);
450	}
451
452	return "[code=$stx:" . $this->bbcode_uid . ']' . $code . '[/code:' . $this->bbcode_uid . ']';
453	break;
454
455	default:
456	return '[code:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($code) . '[/code:' . $this->bbcode_uid . ']';
457	break;
458	}
459	}
460
461	/**
462	* Parse code tag
463	* Expects the argument to start right after the opening [code] tag and to end with [/code]
464	*/
465	function bbcode_code($stx, $in)
466	{
467	if (!$this->check_bbcode('code', $in))
468	{
469	return $in;
470	}
471
472	// We remove the hardcoded elements from the code block here because it is not used in code blocks
473	// Having it here saves us one preg_replace per message containing [code] blocks
474	// Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too...
475	$htm_match = get_preg_expression('bbcode_htm');
476	unset($htm_match[4], $htm_match[5]);
477	$htm_replace = array('\1', '\1', '\2', '\1');
478
479	$out = $code_block = '';
480	$open = 1;
481
482	while ($in)
483	{
484	// Determine position and tag length of next code block
485	preg_match('#(.*?)(\[code(?:=([a-z]+))?\])(.+)#is', $in, $buffer);
486	$pos = (isset($buffer[1])) ? strlen($buffer[1]) : false;
487	$tag_length = (isset($buffer[2])) ? strlen($buffer[2]) : false;
488
489	// Determine position of ending code tag
490	$pos2 = stripos($in, '[/code]');
491
492	// Which is the next block, ending code or code block
493	if ($pos !== false && $pos < $pos2)
494	{
495	// Open new block
496	if (!$open)
497	{
498	$out .= substr($in, 0, $pos);
499	$in = substr($in, $pos);
500	$stx = (isset($buffer[3])) ? $buffer[3] : '';
501	$code_block = '';
502	}
503	else
504	{
505	// Already opened block, just append to the current block
506	$code_block .= substr($in, 0, $pos) . ((isset($buffer[2])) ? $buffer[2] : '');
507	$in = substr($in, $pos);
508	}
509
510	$in = substr($in, $tag_length);
511	$open++;
512	}
513	else
514	{
515	// Close the block
516	if ($open == 1)
517	{
518	$code_block .= substr($in, 0, $pos2);
519	$code_block = preg_replace($htm_match, $htm_replace, $code_block);
520
521	// Parse this code block
522	$out .= $this->bbcode_parse_code($stx, $code_block);
523	$code_block = '';
524	$open--;
525	}
526	else if ($open)
527	{
528	// Close one open tag... add to the current code block
529	$code_block .= substr($in, 0, $pos2 + 7);
530	$open--;
531	}
532	else
533	{
534	// end code without opening code... will be always outside code block
535	$out .= substr($in, 0, $pos2 + 7);
536	}
537
538	$in = substr($in, $pos2 + 7);
539	}
540	}
541
542	// if now $code_block has contents we need to parse the remaining code while removing the last closing tag to match up.
543	if ($code_block)
544	{
545	$code_block = substr($code_block, 0, -7);
546	$code_block = preg_replace($htm_match, $htm_replace, $code_block);
547
548	$out .= $this->bbcode_parse_code($stx, $code_block);
549	}
550
551	return $out;
552	}
553
554	/**
555	* Parse list bbcode
556	* Expects the argument to start with a tag
557	*/
558	function bbcode_parse_list($in)
559	{
560	if (!$this->check_bbcode('list', $in))
561	{
562	return $in;
563	}
564
565	// $tok holds characters to stop at. Since the string starts with a '[' we'll get everything up to the first ']' which should be the opening [list] tag
566	$tok = ']';
567	$out = '[';
568
569	// First character is [
570	$in = substr($in, 1);
571	$list_end_tags = $item_end_tags = array();
572
573	do
574	{
575	$pos = strlen($in);
576
577	for ($i = 0, $tok_len = strlen($tok); $i < $tok_len; ++$i)
578	{
579	$tmp_pos = strpos($in, $tok[$i]);
580
581	if ($tmp_pos !== false && $tmp_pos < $pos)
582	{
583	$pos = $tmp_pos;
584	}
585	}
586
587	$buffer = substr($in, 0, $pos);
588	$tok = $in[$pos];
589
590	$in = substr($in, $pos + 1);
591
592	if ($tok == ']')
593	{
594	// if $tok is ']' the buffer holds a tag
595	if (strtolower($buffer) == '/list' && sizeof($list_end_tags))
596	{
597	// valid [/list] tag, check nesting so that we don't hit false positives
598	if (sizeof($item_end_tags) && sizeof($item_end_tags) >= sizeof($list_end_tags))
599	{
600	// current li tag has not been closed
601	$out = preg_replace('/\n?\[$/', '[', $out) . array_pop($item_end_tags) . '][';
602	}
603
604	$out .= array_pop($list_end_tags) . ']';
605	$tok = '[';
606	}
607	else if (preg_match('#^list(=[0-9a-z]+)?$#i', $buffer, $m))
608	{
609	// sub-list, add a closing tag
610	if (empty($m[1]) \|\| preg_match('/^=(?:disc\|square\|circle)$/i', $m[1]))
611	{
612	array_push($list_end_tags, '/list:u:' . $this->bbcode_uid);
613	}
614	else
615	{
616	array_push($list_end_tags, '/list:o:' . $this->bbcode_uid);
617	}
618	$out .= 'list' . substr($buffer, 4) . ':' . $this->bbcode_uid . ']';
619	$tok = '[';
620	}
621	else
622	{
623	if (($buffer == '' \|\| substr($buffer, -2) == '[') && sizeof($list_end_tags))
624	{
625	// the buffer holds a bullet tag and we have a [list] tag open
626	if (sizeof($item_end_tags) >= sizeof($list_end_tags))
627	{
628	if (substr($buffer, -2) == '[*')
629	{
630	$out .= substr($buffer, 0, -2) . '[';
631	}
632	// current li tag has not been closed
633	if (preg_match('/\n\[$/', $out, $m))
634	{
635	$out = preg_replace('/\n\[$/', '[', $out);
636	$buffer = array_pop($item_end_tags) . "]\n[*:" . $this->bbcode_uid;
637	}
638	else
639	{
640	$buffer = array_pop($item_end_tags) . '][*:' . $this->bbcode_uid;
641	}
642	}
643	else
644	{
645	$buffer = '*:' . $this->bbcode_uid;
646	}
647
648	$item_end_tags[] = '/*:m:' . $this->bbcode_uid;
649	}
650	else if ($buffer == '/*')
651	{
652	array_pop($item_end_tags);
653	$buffer = '/*:' . $this->bbcode_uid;
654	}
655
656	$out .= $buffer . $tok;
657	$tok = '[]';
658	}
659	}
660	else
661	{
662	// Not within a tag, just add buffer to the return string
663	$out .= $buffer . $tok;
664	$tok = ($tok == '[') ? ']' : '[]';
665	}
666	}
667	while ($in);
668
669	// do we have some tags open? close them now
670	if (sizeof($item_end_tags))
671	{
672	$out .= '[' . implode('][', $item_end_tags) . ']';
673	}
674	if (sizeof($list_end_tags))
675	{
676	$out .= '[' . implode('][', $list_end_tags) . ']';
677	}
678
679	return $out;
680	}
681
682	/**
683	* Parse quote bbcode
684	* Expects the argument to start with a tag
685	*/
686	function bbcode_quote($in)
687	{
688	global $config, $user;
689
690	/**
691	* If you change this code, make sure the cases described within the following reports are still working:
692	* #3572 - [quote="[test]test"]test [ test[/quote] - (correct: parsed)
693	* #14667 - [quote]test[/quote] test ] and [ test [quote]test[/quote] (correct: parsed)
694	* #14770 - [quote="["]test[/quote] (correct: parsed)
695	* [quote="[i]test[/i]"]test[/quote] (correct: parsed)
696	* [quote="[quote]test[/quote]"]test[/quote] (correct: parsed - Username displayed as [quote]test[/quote])
697	* #20735 - [quote]test[/[/b]quote] test [/quote][/quote] test - (correct: quoted: "test[/[/b]quote] test" / non-quoted: "[/quote] test" - also failed if layout distorted)
698	* #40565 - [quote="a"]a[/quote][quote="a]a[/quote] (correct: first quote tag parsed, second quote tag unparsed)
699	*/
700
701	$in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in)));
702
703	if (!$in)
704	{
705	return '';
706	}
707
708	// To let the parser not catch tokens within quote_username quotes we encode them before we start this...
709	$in = preg_replace('#quote="(.*?)"\]#ie', "'quote="' . str_replace(array('[', ']', '\\\"'), array('[', ']', '\"'), '\$1') . '"]'", $in);
710
711	$tok = ']';
712	$out = '[';
713
714	$in = substr($in, 1);
715	$close_tags = $error_ary = array();
716	$buffer = '';
717
718	do
719	{
720	$pos = strlen($in);
721	for ($i = 0, $tok_len = strlen($tok); $i < $tok_len; ++$i)
722	{
723	$tmp_pos = strpos($in, $tok[$i]);
724	if ($tmp_pos !== false && $tmp_pos < $pos)
725	{
726	$pos = $tmp_pos;
727	}
728	}
729
730	$buffer .= substr($in, 0, $pos);
731	$tok = $in[$pos];
732	$in = substr($in, $pos + 1);
733
734	if ($tok == ']')
735	{
736	if (strtolower($buffer) == '/quote' && sizeof($close_tags) && substr($out, -1, 1) == '[')
737	{
738	// we have found a closing tag
739	$out .= array_pop($close_tags) . ']';
740	$tok = '[';
741	$buffer = '';
742
743	/* Add space at the end of the closing tag if not happened before to allow following urls/smilies to be parsed correctly
744	* Do not try to think for the user. :/ Do not parse urls/smilies if there is no space - is the same as with other bbcodes too.
745	* Also, we won't have any spaces within $in anyway, only adding up spaces -> #10982
746	if (!$in \|\| $in[0] !== ' ')
747	{
748	$out .= ' ';
749	}*/
750	}
751	else if (preg_match('#^quote(?:="(.*?)")?$#is', $buffer, $m) && substr($out, -1, 1) == '[')
752	{
753	$this->parsed_items['quote']++;
754
755	// the buffer holds a valid opening tag
756	if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth'])
757	{
758	// there are too many nested quotes
759	$error_ary['quote_depth'] = sprintf($user->lang['QUOTE_DEPTH_EXCEEDED'], $config['max_quote_depth']);
760
761	$out .= $buffer . $tok;
762	$tok = '[]';
763	$buffer = '';
764
765	continue;
766	}
767
768	array_push($close_tags, '/quote:' . $this->bbcode_uid);
769
770	if (isset($m[1]) && $m[1])
771	{
772	$username = str_replace(array('[', ']'), array('[', ']'), $m[1]);
773	$username = preg_replace('#\[(?!b\|i\|u\|color\|url\|email\|/b\|/i\|/u\|/color\|/url\|/email)#iU', '[$1', $username);
774
775	$end_tags = array();
776	$error = false;
777
778	preg_match_all('#\[((?:/)?(?:[a-z]+))#i', $username, $tags);
779	foreach ($tags[1] as $tag)
780	{
781	if ($tag[0] != '/')
782	{
783	$end_tags[] = '/' . $tag;
784	}
785	else
786	{
787	$end_tag = array_pop($end_tags);
788	$error = ($end_tag != $tag) ? true : false;
789	}
790	}
791
792	if ($error)
793	{
794	$username = $m[1];
795	}
796
797	$out .= 'quote="' . $username . '":' . $this->bbcode_uid . ']';
798	}
799	else
800	{
801	$out .= 'quote:' . $this->bbcode_uid . ']';
802	}
803
804	$tok = '[';
805	$buffer = '';
806	}
807	else if (preg_match('#^quote="(.*?)#is', $buffer, $m))
808	{
809	// the buffer holds an invalid opening tag
810	$buffer .= ']';
811	}
812	else
813	{
814	$out .= $buffer . $tok;
815	$tok = '[]';
816	$buffer = '';
817	}
818	}
819	else
820	{
821	/**
822	* Old quote code working fine, but having errors listed in bug #3572
823	*
824	* $out .= $buffer . $tok;
825	* $tok = ($tok == '[') ? ']' : '[]';
826	* $buffer = '';
827	*/
828
829	$out .= $buffer . $tok;
830
831	if ($tok == '[')
832	{
833	// Search the text for the next tok... if an ending quote comes first, then change tok to []
834	$pos1 = stripos($in, '[/quote');
835	// If the token ] comes first, we change it to ]
836	$pos2 = strpos($in, ']');
837	// If the token [ comes first, we change it to [
838	$pos3 = strpos($in, '[');
839
840	if ($pos1 !== false && ($pos2 === false \|\| $pos1 < $pos2) && ($pos3 === false \|\| $pos1 < $pos3))
841	{
842	$tok = '[]';
843	}
844	else if ($pos3 !== false && ($pos2 === false \|\| $pos3 < $pos2))
845	{
846	$tok = '[';
847	}
848	else
849	{
850	$tok = ']';
851	}
852	}
853	else
854	{
855	$tok = '[]';
856	}
857	$buffer = '';
858	}
859	}
860	while ($in);
861
862	$out .= $buffer;
863
864	if (sizeof($close_tags))
865	{
866	$out .= '[' . implode('][', $close_tags) . ']';
867	}
868
869	foreach ($error_ary as $error_msg)
870	{
871	$this->warn_msg[] = $error_msg;
872	}
873
874	return $out;
875	}
876
877	/**
878	* Validate email
879	*/
880	function validate_email($var1, $var2)
881	{
882	$var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1)));
883	$var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2)));
884
885	$txt = $var2;
886	$email = ($var1) ? $var1 : $var2;
887
888	$validated = true;
889
890	if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email))
891	{
892	$validated = false;
893	}
894
895	if (!$validated)
896	{
897	return '[email' . (($var1) ? "=$var1" : '') . ']' . $var2 . '[/email]';
898	}
899
900	$this->parsed_items['email']++;
901
902	if ($var1)
903	{
904	$retval = '[email=' . $this->bbcode_specialchars($email) . ':' . $this->bbcode_uid . ']' . $txt . '[/email:' . $this->bbcode_uid . ']';
905	}
906	else
907	{
908	$retval = '[email:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($email) . '[/email:' . $this->bbcode_uid . ']';
909	}
910
911	return $retval;
912	}
913
914	/**
915	* Validate url
916	*
917	* @param string $var1 optional url parameter for url bbcode: [url(=$var1)]$var2[/url]
918	* @param string $var2 url bbcode content: [url(=$var1)]$var2[/url]
919	*/
920	function validate_url($var1, $var2)
921	{
922	global $config;
923
924	$var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1)));
925	$var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2)));
926
927	$url = ($var1) ? $var1 : $var2;
928
929	if ($var1 && !$var2)
930	{
931	$var2 = $var1;
932	}
933
934	if (!$url)
935	{
936	return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]';
937	}
938
939	$valid = false;
940
941	$url = str_replace(' ', '%20', $url);
942
943	// Checking urls
944	if (preg_match('#^' . get_preg_expression('url') . '$#i', $url) \|\|
945	preg_match('#^' . get_preg_expression('www_url') . '$#i', $url) \|\|
946	preg_match('#^' . preg_quote(generate_board_url(), '#') . get_preg_expression('relative_url') . '$#i', $url))
947	{
948	$valid = true;
949	}
950
951	if ($valid)
952	{
953	$this->parsed_items['url']++;
954
955	// if there is no scheme, then add http schema
956	if (!preg_match('#^[a-z][a-z\d+\-.]*:/{2}#i', $url))
957	{
958	$url = 'http://' . $url;
959	}
960
961	// Is this a link to somewhere inside this board? If so then remove the session id from the url
962	if (strpos($url, generate_board_url()) !== false && strpos($url, 'sid=') !== false)
963	{
964	$url = preg_replace('/(&\|\?)sid=[0-9a-f]{32}&/', '\1', $url);
965	$url = preg_replace('/(&\|\?)sid=[0-9a-f]{32}$/', '', $url);
966	$url = append_sid($url);
967	}
968
969	return ($var1) ? '[url=' . $this->bbcode_specialchars($url) . ':' . $this->bbcode_uid . ']' . $var2 . '[/url:' . $this->bbcode_uid . ']' : '[url:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($url) . '[/url:' . $this->bbcode_uid . ']';
970	}
971
972	return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]';
973	}
974
975	/**
976	* Check if url is pointing to this domain/script_path/php-file
977	*
978	* @param string $url the url to check
979	* @return true if the url is pointing to this domain/script_path/php-file, false if not
980	*
981	* @access private
982	*/
983	function path_in_domain($url)
984	{
985	global $config, $phpEx, $user;
986
987	if ($config['force_server_vars'])
988	{
989	$check_path = $config['script_path'];
990	}
991	else
992	{
993	$check_path = ($user->page['root_script_path'] != '/') ? substr($user->page['root_script_path'], 0, -1) : '/';
994	}
995
996	// Is the user trying to link to a php file in this domain and script path?
997	if (strpos($url, ".{$phpEx}") !== false && strpos($url, $check_path) !== false)
998	{
999	$server_name = $user->host;
1000
1001	// Forcing server vars is the only way to specify/override the protocol
1002	if ($config['force_server_vars'] \|\| !$server_name)
1003	{
1004	$server_name = $config['server_name'];
1005	}
1006
1007	// Check again in correct order...
1008	$pos_ext = strpos($url, ".{$phpEx}");
1009	$pos_path = strpos($url, $check_path);
1010	$pos_domain = strpos($url, $server_name);
1011
1012	if ($pos_domain !== false && $pos_path >= $pos_domain && $pos_ext >= $pos_path)
1013	{
1014	// Ok, actually we allow linking to some files (this may be able to be extended in some way later...)
1015	if (strpos($url, '/' . $check_path . '/download/file.' . $phpEx) !== 0)
1016	{
1017	return false;
1018	}
1019
1020	return true;
1021	}
1022	}
1023
1024	return false;
1025	}
1026	}
1027
1028	/**
1029	* Main message parser for posting, pm, etc. takes raw message
1030	* and parses it for attachments, bbcode and smilies
1031	* @package phpBB3
1032	*/
1033	class parse_message extends bbcode_firstpass
1034	{
1035	var $attachment_data = array();
1036	var $filename_data = array();
1037
1038	// Helps ironing out user error
1039	var $message_status = '';
1040
1041	var $allow_img_bbcode = true;
1042	var $allow_flash_bbcode = true;
1043	var $allow_quote_bbcode = true;
1044	var $allow_url_bbcode = true;
1045
1046	var $mode;
1047
1048	/**
1049	* Init - give message here or manually
1050	*/
1051	function parse_message($message = '')
1052	{
1053	// Init BBCode UID
1054	$this->bbcode_uid = substr(base_convert(unique_id(), 16, 36), 0, BBCODE_UID_LEN);
1055	$this->message = $message;
1056	}
1057
1058	/**
1059	* Parse Message
1060	*/
1061	function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $allow_url_bbcode = true, $update_this_message = true, $mode = 'post')
1062	{
1063	global $config, $db, $user;
1064
1065	$this->mode = $mode;
1066
1067	foreach (array('chars', 'smilies', 'urls', 'font_size', 'img_height', 'img_width') as $key)
1068	{
1069	if (!isset($config['max_' . $mode . '_' . $key]))
1070	{
1071	$config['max_' . $mode . '_' . $key] = 0;
1072	}
1073	}
1074
1075	$this->allow_img_bbcode = $allow_img_bbcode;
1076	$this->allow_flash_bbcode = $allow_flash_bbcode;
1077	$this->allow_quote_bbcode = $allow_quote_bbcode;
1078	$this->allow_url_bbcode = $allow_url_bbcode;
1079
1080	// If false, then $this->message won't be altered, the text will be returned instead.
1081	if (!$update_this_message)
1082	{
1083	$tmp_message = $this->message;
1084	$return_message = &$this->message;
1085	}
1086
1087	if ($this->message_status == 'display')
1088	{
1089	$this->decode_message();
1090	}
1091
1092	// Do some general 'cleanup' first before processing message,
1093	// e.g. remove excessive newlines(?), smilies(?)
1094	$match = array('#(script\|about\|applet\|activex\|chrome):#i');
1095	$replace = array("\\1:");
1096	$this->message = preg_replace($match, $replace, trim($this->message));
1097
1098	// Store message length...
1099	$message_length = ($mode == 'post') ? utf8_strlen($this->message) : utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message));
1100
1101	// Maximum message length check. 0 disables this check completely.
1102	if ((int) $config['max_' . $mode . '_chars'] > 0 && $message_length > (int) $config['max_' . $mode . '_chars'])
1103	{
1104	$this->warn_msg[] = sprintf($user->lang['TOO_MANY_CHARS_' . strtoupper($mode)], $message_length, (int) $config['max_' . $mode . '_chars']);
1105	return (!$update_this_message) ? $return_message : $this->warn_msg;
1106	}
1107
1108	// Minimum message length check for post only
1109	if ($mode === 'post')
1110	{
1111	if (!$message_length \|\| $message_length < (int) $config['min_post_chars'])
1112	{
1113	$this->warn_msg[] = (!$message_length) ? $user->lang['TOO_FEW_CHARS'] : sprintf($user->lang['TOO_FEW_CHARS_LIMIT'], $message_length, (int) $config['min_post_chars']);
1114	return (!$update_this_message) ? $return_message : $this->warn_msg;
1115	}
1116	}
1117
1118	// Prepare BBcode (just prepares some tags for better parsing)
1119	if ($allow_bbcode && strpos($this->message, '[') !== false)
1120	{
1121	$this->bbcode_init();
1122	$disallow = array('img', 'flash', 'quote', 'url');
1123	foreach ($disallow as $bool)
1124	{
1125	if (!${'allow_' . $bool . '_bbcode'})
1126	{
1127	$this->bbcodes[$bool]['disabled'] = true;
1128	}
1129	}
1130
1131	$this->prepare_bbcodes();
1132	}
1133
1134	// Parse smilies
1135	if ($allow_smilies)
1136	{
1137	$this->smilies($config['max_' . $mode . '_smilies']);
1138	}
1139
1140	$num_urls = 0;
1141
1142	// Parse BBCode
1143	if ($allow_bbcode && strpos($this->message, '[') !== false)
1144	{
1145	$this->parse_bbcode();
1146	$num_urls += $this->parsed_items['url'];
1147	}
1148
1149	// Parse URL's
1150	if ($allow_magic_url)
1151	{
1152	$this->magic_url(generate_board_url());
1153
1154	if ($config['max_' . $mode . '_urls'])
1155	{
1156	$num_urls += preg_match_all('#\<!-- ([lmwe]) --\>.*?\<!-- \1 --\>#', $this->message, $matches);
1157	}
1158	}
1159
1160	// Check for "empty" message. We do not check here for maximum length, because bbcode, smilies, etc. can add to the length.
1161	// The maximum length check happened before any parsings.
1162	if ($mode === 'post' && utf8_clean_string($this->message) === '')
1163	{
1164	$this->warn_msg[] = $user->lang['TOO_FEW_CHARS'];
1165	return (!$update_this_message) ? $return_message : $this->warn_msg;
1166	}
1167
1168	// Check number of links
1169	if ($config['max_' . $mode . '_urls'] && $num_urls > $config['max_' . $mode . '_urls'])
1170	{
1171	$this->warn_msg[] = sprintf($user->lang['TOO_MANY_URLS'], $config['max_' . $mode . '_urls']);
1172	return (!$update_this_message) ? $return_message : $this->warn_msg;
1173	}
1174
1175	if (!$update_this_message)
1176	{
1177	unset($this->message);
1178	$this->message = $tmp_message;
1179	return $return_message;
1180	}
1181
1182	$this->message_status = 'parsed';
1183	return false;
1184	}
1185
1186	/**
1187	* Formatting text for display
1188	*/
1189	function format_display($allow_bbcode, $allow_magic_url, $allow_smilies, $update_this_message = true)
1190	{
1191	// If false, then the parsed message get returned but internal message not processed.
1192	if (!$update_this_message)
1193	{
1194	$tmp_message = $this->message;
1195	$return_message = &$this->message;
1196	}
1197
1198	if ($this->message_status == 'plain')
1199	{
1200	// Force updating message - of course.
1201	$this->parse($allow_bbcode, $allow_magic_url, $allow_smilies, $this->allow_img_bbcode, $this->allow_flash_bbcode, $this->allow_quote_bbcode, $this->allow_url_bbcode, true);
1202	}
1203
1204	// Replace naughty words such as farty pants
1205	$this->message = censor_text($this->message);
1206
1207	// Parse BBcode
1208	if ($allow_bbcode)
1209	{
1210	$this->bbcode_cache_init();
1211
1212	// We are giving those parameters to be able to use the bbcode class on its own
1213	$this->bbcode_second_pass($this->message, $this->bbcode_uid);
1214	}
1215
1216	$this->message = bbcode_nl2br($this->message);
1217	$this->message = smiley_text($this->message, !$allow_smilies);
1218
1219	if (!$update_this_message)
1220	{
1221	unset($this->message);
1222	$this->message = $tmp_message;
1223	return $return_message;
1224	}
1225
1226	$this->message_status = 'display';
1227	return false;
1228	}
1229
1230	/**
1231	* Decode message to be placed back into form box
1232	*/
1233	function decode_message($custom_bbcode_uid = '', $update_this_message = true)
1234	{
1235	// If false, then the parsed message get returned but internal message not processed.
1236	if (!$update_this_message)
1237	{
1238	$tmp_message = $this->message;
1239	$return_message = &$this->message;
1240	}
1241
1242	($custom_bbcode_uid) ? decode_message($this->message, $custom_bbcode_uid) : decode_message($this->message, $this->bbcode_uid);
1243
1244	if (!$update_this_message)
1245	{
1246	unset($this->message);
1247	$this->message = $tmp_message;
1248	return $return_message;
1249	}
1250
1251	$this->message_status = 'plain';
1252	return false;
1253	}
1254
1255	/**
1256	* Replace magic urls of form http://xxx.xxx., www.xxx. and xxx@xxx.xxx.
1257	* Cuts down displayed size of link if over 50 chars, turns absolute links
1258	* into relative versions when the server/script path matches the link
1259	*/
1260	function magic_url($server_url)
1261	{
1262	// We use the global make_clickable function
1263	$this->message = make_clickable($this->message, $server_url);
1264	}
1265
1266	/**
1267	* Parse Smilies
1268	*/
1269	function smilies($max_smilies = 0)
1270	{
1271	global $db, $user;
1272	static $match;
1273	static $replace;
1274
1275	// See if the static arrays have already been filled on an earlier invocation
1276	if (!is_array($match))
1277	{
1278	$match = $replace = array();
1279
1280	// NOTE: obtain_* function? chaching the table contents?
1281
1282	// For now setting the ttl to 10 minutes
1283	switch ($db->sql_layer)
1284	{
1285	case 'mssql':
1286	case 'mssql_odbc':
1287	$sql = 'SELECT *
1288	FROM ' . SMILIES_TABLE . '
1289	ORDER BY LEN(code) DESC';
1290	break;
1291
1292	case 'firebird':
1293	$sql = 'SELECT *
1294	FROM ' . SMILIES_TABLE . '
1295	ORDER BY CHAR_LENGTH(code) DESC';
1296	break;
1297
1298	// LENGTH supported by MySQL, IBM DB2, Oracle and Access for sure...
1299	default:
1300	$sql = 'SELECT *
1301	FROM ' . SMILIES_TABLE . '
1302	ORDER BY LENGTH(code) DESC';
1303	break;
1304	}
1305	$result = $db->sql_query($sql, 600);
1306
1307	while ($row = $db->sql_fetchrow($result))
1308	{
1309	if (empty($row['code']))
1310	{
1311	continue;
1312	}
1313
1314	// (assertion)
1315	$match[] = preg_quote($row['code'], '#');
1316	$replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILIES_PATH}/' . $row['smiley_url'] . '" alt="' . $row['code'] . '" title="' . $row['emotion'] . '" /><!-- s' . $row['code'] . ' -->';
1317	}
1318	$db->sql_freeresult($result);
1319	}
1320
1321	if (sizeof($match))
1322	{
1323	if ($max_smilies)
1324	{
1325	$num_matches = preg_match_all('#(?<=^\|[\n .])(?:' . implode('\|', $match) . ')(?![^<>]*>)#', $this->message, $matches);
1326	unset($matches);
1327
1328	if ($num_matches !== false && $num_matches > $max_smilies)
1329	{
1330	$this->warn_msg[] = sprintf($user->lang['TOO_MANY_SMILIES'], $max_smilies);
1331	return;
1332	}
1333	}
1334
1335	// Make sure the delimiter # is added in front and at the end of every element within $match
1336	$this->message = trim(preg_replace(explode(chr(0), '#(?<=^\|[\n .])' . implode('(?![^<>]>)#' . chr(0) . '#(?<=^\|[\n .])', $match) . '(?![^<>]>)#'), $replace, $this->message));
1337	}
1338	}
1339
1340	/**
1341	* Parse Attachments
1342	*/
1343	function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
1344	{
1345	global $config, $auth, $user, $phpbb_root_path, $phpEx, $db;
1346
1347	$error = array();
1348
1349	$num_attachments = sizeof($this->attachment_data);
1350	$this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
1351	$upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false;
1352
1353	$add_file = (isset($_POST['add_file'])) ? true : false;
1354	$delete_file = (isset($_POST['delete_file'])) ? true : false;
1355
1356	// First of all adjust comments if changed
1357	$actual_comment_list = utf8_normalize_nfc(request_var('comment_list', array(''), true));
1358
1359	foreach ($actual_comment_list as $comment_key => $comment)
1360	{
1361	if (!isset($this->attachment_data[$comment_key]))
1362	{
1363	continue;
1364	}
1365
1366	if ($this->attachment_data[$comment_key]['attach_comment'] != $actual_comment_list[$comment_key])
1367	{
1368	$this->attachment_data[$comment_key]['attach_comment'] = $actual_comment_list[$comment_key];
1369	}
1370	}
1371
1372	$cfg = array();
1373	$cfg['max_attachments'] = ($is_message) ? $config['max_attachments_pm'] : $config['max_attachments'];
1374	$forum_id = ($is_message) ? 0 : $forum_id;
1375
1376	if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file)
1377	{
1378	if ($num_attachments < $cfg['max_attachments'] \|\| $auth->acl_get('a_') \|\| $auth->acl_get('m_', $forum_id))
1379	{
1380	$filedata = upload_attachment($form_name, $forum_id, false, '', $is_message);
1381	$error = $filedata['error'];
1382
1383	if ($filedata['post_attach'] && !sizeof($error))
1384	{
1385	$sql_ary = array(
1386	'physical_filename' => $filedata['physical_filename'],
1387	'attach_comment' => $this->filename_data['filecomment'],
1388	'real_filename' => $filedata['real_filename'],
1389	'extension' => $filedata['extension'],
1390	'mimetype' => $filedata['mimetype'],
1391	'filesize' => $filedata['filesize'],
1392	'filetime' => $filedata['filetime'],
1393	'thumbnail' => $filedata['thumbnail'],
1394	'is_orphan' => 1,
1395	'in_message' => ($is_message) ? 1 : 0,
1396	'poster_id' => $user->data['user_id'],
1397	);
1398
1399	$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
1400
1401	$new_entry = array(
1402	'attach_id' => $db->sql_nextid(),
1403	'is_orphan' => 1,
1404	'real_filename' => $filedata['real_filename'],
1405	'attach_comment'=> $this->filename_data['filecomment'],
1406	);
1407
1408	$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
1409	$this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message);
1410
1411	$this->filename_data['filecomment'] = '';
1412
1413	// This Variable is set to false here, because Attachments are entered into the
1414	// Database in two modes, one if the id_list is 0 and the second one if post_attach is true
1415	// Since post_attach is automatically switched to true if an Attachment got added to the filesystem,
1416	// but we are assigning an id of 0 here, we have to reset the post_attach variable to false.
1417	//
1418	// This is very relevant, because it could happen that the post got not submitted, but we do not
1419	// know this circumstance here. We could be at the posting page or we could be redirected to the entered
1420	// post. :)
1421	$filedata['post_attach'] = false;
1422	}
1423	}
1424	else
1425	{
1426	$error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']);
1427	}
1428	}
1429
1430	if ($preview \|\| $refresh \|\| sizeof($error))
1431	{
1432	// Perform actions on temporary attachments
1433	if ($delete_file)
1434	{
1435	include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1436
1437	$index = array_keys(request_var('delete_file', array(0 => 0)));
1438	$index = (!empty($index)) ? $index[0] : false;
1439
1440	if ($index !== false && !empty($this->attachment_data[$index]))
1441	{
1442	// delete selected attachment
1443	if ($this->attachment_data[$index]['is_orphan'])
1444	{
1445	$sql = 'SELECT attach_id, physical_filename, thumbnail
1446	FROM ' . ATTACHMENTS_TABLE . '
1447	WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id'] . '
1448	AND is_orphan = 1
1449	AND poster_id = ' . $user->data['user_id'];
1450	$result = $db->sql_query($sql);
1451	$row = $db->sql_fetchrow($result);
1452	$db->sql_freeresult($result);
1453
1454	if ($row)
1455	{
1456	phpbb_unlink($row['physical_filename'], 'file');
1457
1458	if ($row['thumbnail'])
1459	{
1460	phpbb_unlink($row['physical_filename'], 'thumbnail');
1461	}
1462
1463	$db->sql_query('DELETE FROM ' . ATTACHMENTS_TABLE . ' WHERE attach_id = ' . (int) $this->attachment_data[$index]['attach_id']);
1464	}
1465	}
1466	else
1467	{
1468	delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id'])));
1469	}
1470
1471	unset($this->attachment_data[$index]);
1472	$this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message);
1473
1474	// Reindex Array
1475	$this->attachment_data = array_values($this->attachment_data);
1476	}
1477	}
1478	else if (($add_file \|\| $preview) && $upload_file)
1479	{
1480	if ($num_attachments < $cfg['max_attachments'] \|\| $auth->acl_gets('m_', 'a_', $forum_id))
1481	{
1482	$filedata = upload_attachment($form_name, $forum_id, false, '', $is_message);
1483	$error = array_merge($error, $filedata['error']);
1484
1485	if (!sizeof($error))
1486	{
1487	$sql_ary = array(
1488	'physical_filename' => $filedata['physical_filename'],
1489	'attach_comment' => $this->filename_data['filecomment'],
1490	'real_filename' => $filedata['real_filename'],
1491	'extension' => $filedata['extension'],
1492	'mimetype' => $filedata['mimetype'],
1493	'filesize' => $filedata['filesize'],
1494	'filetime' => $filedata['filetime'],
1495	'thumbnail' => $filedata['thumbnail'],
1496	'is_orphan' => 1,
1497	'in_message' => ($is_message) ? 1 : 0,
1498	'poster_id' => $user->data['user_id'],
1499	);
1500
1501	$db->sql_query('INSERT INTO ' . ATTACHMENTS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary));
1502
1503	$new_entry = array(
1504	'attach_id' => $db->sql_nextid(),
1505	'is_orphan' => 1,
1506	'real_filename' => $filedata['real_filename'],
1507	'attach_comment'=> $this->filename_data['filecomment'],
1508	);
1509
1510	$this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
1511	$this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message);
1512	$this->filename_data['filecomment'] = '';
1513	}
1514	}
1515	else
1516	{
1517	$error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']);
1518	}
1519	}
1520	}
1521
1522	foreach ($error as $error_msg)
1523	{
1524	$this->warn_msg[] = $error_msg;
1525	}
1526	}
1527
1528	/**
1529	* Get Attachment Data
1530	*/
1531	function get_submitted_attachment_data($check_user_id = false)
1532	{
1533	global $user, $db, $phpbb_root_path, $phpEx, $config;
1534
1535	$this->filename_data['filecomment'] = utf8_normalize_nfc(request_var('filecomment', '', true));
1536	$attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
1537	$this->attachment_data = array();
1538
1539	$check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;
1540
1541	if (!sizeof($attachment_data))
1542	{
1543	return;
1544	}
1545
1546	$not_orphan = $orphan = array();
1547
1548	foreach ($attachment_data as $pos => $var_ary)
1549	{
1550	if ($var_ary['is_orphan'])
1551	{
1552	$orphan[(int) $var_ary['attach_id']] = $pos;
1553	}
1554	else
1555	{
1556	$not_orphan[(int) $var_ary['attach_id']] = $pos;
1557	}
1558	}
1559
1560	// Regenerate already posted attachments
1561	if (sizeof($not_orphan))
1562	{
1563	// Get the attachment data, based on the poster id...
1564	$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
1565	FROM ' . ATTACHMENTS_TABLE . '
1566	WHERE ' . $db->sql_in_set('attach_id', array_keys($not_orphan)) . '
1567	AND poster_id = ' . $check_user_id;
1568	$result = $db->sql_query($sql);
1569
1570	while ($row = $db->sql_fetchrow($result))
1571	{
1572	$pos = $not_orphan[$row['attach_id']];
1573	$this->attachment_data[$pos] = $row;
1574	set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
1575
1576	unset($not_orphan[$row['attach_id']]);
1577	}
1578	$db->sql_freeresult($result);
1579	}
1580
1581	if (sizeof($not_orphan))
1582	{
1583	trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
1584	}
1585
1586	// Regenerate newly uploaded attachments
1587	if (sizeof($orphan))
1588	{
1589	$sql = 'SELECT attach_id, is_orphan, real_filename, attach_comment
1590	FROM ' . ATTACHMENTS_TABLE . '
1591	WHERE ' . $db->sql_in_set('attach_id', array_keys($orphan)) . '
1592	AND poster_id = ' . $user->data['user_id'] . '
1593	AND is_orphan = 1';
1594	$result = $db->sql_query($sql);
1595
1596	while ($row = $db->sql_fetchrow($result))
1597	{
1598	$pos = $orphan[$row['attach_id']];
1599	$this->attachment_data[$pos] = $row;
1600	set_var($this->attachment_data[$pos]['attach_comment'], $_POST['attachment_data'][$pos]['attach_comment'], 'string', true);
1601
1602	unset($orphan[$row['attach_id']]);
1603	}
1604	$db->sql_freeresult($result);
1605	}
1606
1607	if (sizeof($orphan))
1608	{
1609	trigger_error('NO_ACCESS_ATTACHMENT', E_USER_ERROR);
1610	}
1611
1612	ksort($this->attachment_data);
1613	}
1614
1615	/**
1616	* Parse Poll
1617	*/
1618	function parse_poll(&$poll)
1619	{
1620	global $auth, $user, $config;
1621
1622	$poll_max_options = $poll['poll_max_options'];
1623
1624	// Parse Poll Option text ;)
1625	$tmp_message = $this->message;
1626	$this->message = $poll['poll_option_text'];
1627	$bbcode_bitfield = $this->bbcode_bitfield;
1628
1629	$poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false, 'poll');
1630
1631	$bbcode_bitfield = base64_encode(base64_decode($bbcode_bitfield) \| base64_decode($this->bbcode_bitfield));
1632	$this->message = $tmp_message;
1633
1634	// Parse Poll Title
1635	$tmp_message = $this->message;
1636	$this->message = $poll['poll_title'];
1637	$this->bbcode_bitfield = $bbcode_bitfield;
1638
1639	$poll['poll_options'] = explode("\n", trim($poll['poll_option_text']));
1640	$poll['poll_options_size'] = sizeof($poll['poll_options']);
1641
1642	if (!$poll['poll_title'] && $poll['poll_options_size'])
1643	{
1644	$this->warn_msg[] = $user->lang['NO_POLL_TITLE'];
1645	}
1646	else
1647	{
1648	if (utf8_strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#ius', ' ', $this->message)) > 100)
1649	{
1650	$this->warn_msg[] = $user->lang['POLL_TITLE_TOO_LONG'];
1651	}
1652	$poll['poll_title'] = $this->parse($poll['enable_bbcode'], ($config['allow_post_links']) ? $poll['enable_urls'] : false, $poll['enable_smilies'], $poll['img_status'], false, false, $config['allow_post_links'], false, 'poll');
1653	if (strlen($poll['poll_title']) > 255)
1654	{
1655	$this->warn_msg[] = $user->lang['POLL_TITLE_COMP_TOO_LONG'];
1656	}
1657	}
1658
1659	$this->bbcode_bitfield = base64_encode(base64_decode($bbcode_bitfield) \| base64_decode($this->bbcode_bitfield));
1660	$this->message = $tmp_message;
1661	unset($tmp_message);
1662
1663	if (sizeof($poll['poll_options']) == 1)
1664	{
1665	$this->warn_msg[] = $user->lang['TOO_FEW_POLL_OPTIONS'];
1666	}
1667	else if ($poll['poll_options_size'] > (int) $config['max_poll_options'])
1668	{
1669	$this->warn_msg[] = $user->lang['TOO_MANY_POLL_OPTIONS'];
1670	}
1671	else if ($poll_max_options > $poll['poll_options_size'])
1672	{
1673	$this->warn_msg[] = $user->lang['TOO_MANY_USER_OPTIONS'];
1674	}
1675
1676	$poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > $config['max_poll_options']) ? $config['max_poll_options'] : $poll['poll_max_options']);
1677	}
1678	}
1679
1680	?>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/forum/includes/message_parser.php

Download in other formats: