1 <?php

     2 

     3 /**

     4 * 

     5 * Includes the contents of another PHP script into the source text.

     6 * 

     7 * @category Text

     8 * 

     9 * @package Text_Wiki

    10 * 

    11 * @author Paul M. Jones <pmjones@php.net>

    12 * 

    13 * @license LGPL

    14 * 

    15 * @version $Id: Include.php,v 1.3 2005/02/23 17:38:29 pmjones Exp $

    16 * 

    17 */

    18 

    19 /**

    20 * 

    21 * This class implements a Text_Wiki_Parse to include the results of a

    22 * script directly into the source at parse-time; thus, the output of the

    23 * script will be parsed by Text_Wiki.  This differs from the 'embed'

    24 * rule, which incorporates the results at render-time, meaning that the

    25 * 'embed' content is not parsed by Text_Wiki.

    26 *

    27 * DANGER!

    28 * 

    29 * This rule is inherently not secure; it allows cross-site scripting to

    30 * occur if the embedded output has <script> or other similar tags.  Be

    31 * careful.

    32 *

    33 * @category Text

    34 * 

    35 * @package Text_Wiki

    36 * 

    37 * @author Paul M. Jones <pmjones@php.net>

    38 * 

    39 */

    40 

    41 class Text_Wiki_Parse_Include extends Text_Wiki_Parse {

    42     

    43     var $conf = array(

    44         'base' => '/path/to/scripts/'

    45     );

    46     

    47     var $file = null;

    48     

    49     var $output = null;

    50     

    51     var $vars = null;

    52 

    53     /**

    54     * 

    55     * The regular expression used to find source text matching this

    56     * rule.

    57     * 

    58     * @access public

    59     * 

    60     * @var string

    61     * 

    62     */

    63     

    64     var $regex = '/(\[\[include )(.+?)( .+?)?(\]\])/i';

    65     

    66     

    67     /**

    68     * 

    69     * Includes the results of the script directly into the source; the output

    70     * will subsequently be parsed by the remaining Text_Wiki rules.

    71     * 

    72     * @access public

    73     *

    74     * @param array &$matches The array of matches from parse().

    75     *

    76     * @return The results of the included script.

    77     *

    78     */

    79     

    80     function process(&$matches)

    81     {

    82         // save the file location

    83         $this->file = $this->getConf('base', './') . $matches[2];

    84 

    85         // extract attribs as variables in the local space

    86         $this->vars = $this->getAttrs($matches[3]);

    87         unset($this->vars['this']);

    88         extract($this->vars);

    89 

    90         // run the script

    91         ob_start();

    92         include($this->file);

    93         $this->output = ob_get_contents();

    94         ob_end_clean();

    95     

    96         // done, place the script output directly in the source

    97         return $this->output;

    98     }

    99 }

   100 ?>