1
+ − 1 <?php
+ − 2 /*
+ − 3 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
21
663fcf528726
Updated all version numbers back to Banshee; a few preliminary steps towards full UTF-8 support in page URLs
Dan
diff
changeset
+ − 4 * Version 1.0 (Banshee)
1
+ − 5 * render.php - handles fetching pages and parsing them into HTML
+ − 6 * Copyright (C) 2006-2007 Dan Fuhry
+ − 7 *
+ − 8 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
+ − 9 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
+ − 10 *
+ − 11 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ − 12 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
+ − 13 */
+ − 14
+ − 15 class RenderMan {
+ − 16
+ − 17 function strToPageID($string)
+ − 18 {
+ − 19 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 20 $k = array_keys($paths->nslist);
+ − 21 for($i=0;$i<sizeof($paths->nslist);$i++)
+ − 22 {
+ − 23 $ln = strlen($paths->nslist[$k[$i]]);
+ − 24 if(substr($string, 0, $ln) == $paths->nslist[$k[$i]])
+ − 25 {
+ − 26 $ns = $k[$i];
+ − 27 $pg = substr($string, strlen($paths->nslist[$ns]), strlen($string));
+ − 28 }
+ − 29 }
+ − 30 return Array($pg, $ns);
+ − 31 }
+ − 32
+ − 33 function getPage($page_id, $namespace, $wiki = 1, $smilies = true, $filter_links = true, $redir = true, $render = true)
+ − 34 {
+ − 35 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 36 dc_here('render: page requested<br />ID/namespace: '."$page_id, $namespace<br />Wiki mode: $wiki<br />Smilies: ".(string)$smilies."<br />Allow redirects: ".(string)$redir);
+ − 37
+ − 38 $perms =& $session;
+ − 39
+ − 40 if ( $page_id != $paths->cpage['urlname_nons'] || $namespace != $paths->namespace )
+ − 41 {
+ − 42 unset($perms);
+ − 43 unset($perms); // PHP <5.1.5 Zend bug
+ − 44 $perms = $session->fetch_page_acl($page_id, $namespace);
+ − 45 }
+ − 46
+ − 47 if(!$perms->get_permissions('read'))
+ − 48 return 'Access denied ('.$paths->nslist[$namespace].$page_id.')';
+ − 49
+ − 50 if($wiki == 0 || $render == false)
+ − 51 {
+ − 52 if(!$perms->get_permissions('view_source'))
+ − 53 {
+ − 54 return 'Access denied ('.$paths->nslist[$namespace].$page_id.')';
+ − 55 }
+ − 56 }
+ − 57
+ − 58 $q = $db->sql_query('SELECT page_text,char_tag FROM '.table_prefix.'page_text WHERE page_id=\''.$db->escape($page_id).'\' AND namespace=\''.$db->escape($namespace).'\';');
+ − 59 if ( !$q )
+ − 60 {
+ − 61 $db->_die('Method called was: RenderMan::getPage(\''.$page_id.'\', \''.$namespace.'\');.');
+ − 62 }
+ − 63 if ( $db->numrows() < 1 )
+ − 64 {
+ − 65 return false;
+ − 66 }
+ − 67 $row = $db->fetchrow();
+ − 68 $db->free_result();
+ − 69
+ − 70 $message = $row['page_text'];
+ − 71 $chartag = $row['char_tag'];
+ − 72 unset($row); // Free some memory
+ − 73
+ − 74 if ( preg_match('#^\#redirect \[\[(.+?)\]\]#', $message, $m) && $redir && !isset($_GET['redirect']) || ( isset($_GET['redirect']) && $_GET['redirect'] != 'no' ) )
+ − 75 {
+ − 76 dc_here('render: looks like a redirect page to me...');
+ − 77 $old = $paths->cpage;
+ − 78 $a = RenderMan::strToPageID($m[1]);
+ − 79 $a[0] = str_replace(' ', '_', $a[0]);
+ − 80
+ − 81 $pageid = str_replace(' ', '_', $paths->nslist[$a[1]] . $a[0]);
+ − 82 $paths->page = $pageid;
+ − 83 $paths->cpage = $paths->pages[$pageid];
+ − 84 //die('<pre>'.print_r($paths->cpage,true).'</pre>');
+ − 85
+ − 86 dc_here('render: wreckin\' $template, and reloading the theme vars to match the new page<br />This might get messy!');
+ − 87
+ − 88 unset($template);
+ − 89 unset($GLOBALS['template']);
+ − 90
+ − 91 $GLOBALS['template'] = new template();
+ − 92 global $template;
+ − 93
+ − 94 $template->template(); // Tear down and rebuild the template parser
+ − 95 $template->load_theme($session->theme, $session->style);
+ − 96
+ − 97 $data = '<div><small>(Redirected from <a href="'.makeUrlNS($old['namespace'], $old['urlname_nons'], 'redirect=no', true).'">'.$old['name'].'</a>)</small></div>'.RenderMan::getPage($a[0], $a[1], $wiki, $smilies, $filter_links, false /* Enforces a maximum of one redirect */);
+ − 98
+ − 99 return $data;
+ − 100 }
+ − 101 else if(preg_match('#^\#redirect \[\[(.+?)\]\]#', $message, $m) && isset($_GET['redirect']) && $_GET['redirect'] == 'no')
+ − 102 {
+ − 103 dc_here('render: looks like a redirect page to me...');
+ − 104 dc_here('render: skipping redirect as requested on URI');
+ − 105 preg_match('#^\#redirect \[\[(.+)\]\]#', $message, $m);
+ − 106 $m[1] = str_replace(' ', '_', $m[1]);
+ − 107 $message = preg_replace('#\#redirect \[\[(.+)\]\]#', '<nowiki><div class="mdg-infobox"><table border="0" width="100%" cellspacing="0" cellpadding="0"><tr><td valign="top"><img alt="Cute wet-floor icon" src="'.scriptPath.'/images/redirector.png" /></td><td valign="top" style="padding-left: 10px;"><b>This page is a <i>redirector</i>.</b><br />This means that this page will not show its own content by default. Instead it will display the contents of the page it redirects to.<br /><br />To create a redirect page, make the <i>first characters</i> in the page content <tt>#redirect [[Page_ID]]</tt>. For more information, see the Enano <a href="http://enanocms.org/Help:Wiki_formatting">Wiki formatting guide</a>.<br /><br />This page redirects to <a href="'.makeUrl($m[1]).'">'.$paths->pages[$m[1]]['name'].'</a>.</td></tr></table></div><br /><hr style="margin-left: 1em; width: 200px;" /></nowiki>', $message);
+ − 108 }
+ − 109 $session->disallow_password_grab();
+ − 110 dc_here('render: alright, got the text, formatting...');
+ − 111 return ($render) ? RenderMan::render($message, $wiki, $smilies, $filter_links) : $message;
+ − 112 }
+ − 113
+ − 114 function getTemplate($id, $parms)
+ − 115 {
+ − 116 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 117 dc_here('render: template requested: '.$id);
+ − 118 if(!isset($paths->pages[$paths->nslist['Template'].$id]))
+ − 119 {
+ − 120 return '[['.$paths->nslist['Template'].$id.']]';
+ − 121 }
+ − 122 if(isset($paths->template_cache[$id]))
+ − 123 {
+ − 124 $text = $paths->template_cache[$id];
+ − 125 }
+ − 126 else
+ − 127 {
+ − 128 $text = RenderMan::getPage($id, 'Template', 0, true, true, 0);
+ − 129 $paths->template_cache[$id] = $text;
+ − 130 }
+ − 131
+ − 132 $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '', $text);
+ − 133 $text = preg_replace('/<nodisplay>(.*?)<\/nodisplay>/is', '\\1', $text);
+ − 134
+ − 135 preg_match_all('#\(_([0-9]+)_\)#', $text, $matchlist);
+ − 136
+ − 137 foreach($matchlist[1] as $m)
+ − 138 {
+ − 139 if(isset($parms[((int)$m)+1]))
+ − 140 {
+ − 141 $p = $parms[((int)$m)+1];
+ − 142 }
+ − 143 else
+ − 144 {
+ − 145 $p = '<b>Notice:</b> RenderMan::getTemplate(): Parameter '.$m.' is not set';
+ − 146 }
+ − 147 $text = str_replace('(_'.$m.'_)', $p, $text);
+ − 148 }
+ − 149 $text = RenderMan::include_templates($text);
+ − 150 return $text;
+ − 151 }
+ − 152
+ − 153 function fetch_template_text($id)
+ − 154 {
+ − 155 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 156 dc_here('render: template raw data requested: '.$id);
+ − 157 if(!isset($paths->pages[$paths->nslist['Template'].$id]))
+ − 158 {
+ − 159 return '[['.$paths->nslist['Template'].$id.']]';
+ − 160 }
+ − 161 if(isset($paths->template_cache[$id]))
+ − 162 {
+ − 163 $text = $paths->template_cache[$id];
+ − 164 }
+ − 165 else
+ − 166 {
+ − 167 $text = RenderMan::getPage($id, 'Template', 0, false, false, false, false);
+ − 168 $paths->template_cache[$id] = $text;
+ − 169 }
+ − 170
+ − 171 if ( is_string($text) )
+ − 172 {
+ − 173 $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '', $text);
+ − 174 $text = preg_replace('/<nodisplay>(.*?)<\/nodisplay>/is', '\\1', $text);
+ − 175 }
+ − 176
+ − 177 return $text;
+ − 178 }
+ − 179
+ − 180 function render($text, $wiki = 1, $smilies = true, $filter_links = true)
+ − 181 {
+ − 182 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 183 if($smilies)
+ − 184 {
+ − 185 $text = RenderMan::smilieyize($text);
+ − 186 }
+ − 187 if($wiki == 1)
+ − 188 {
+ − 189 $text = RenderMan::next_gen_wiki_format($text);
+ − 190 }
+ − 191 elseif($wiki == 2)
+ − 192 {
+ − 193 $text = $template->tplWikiFormat($text);
+ − 194 }
+ − 195 return $text;
+ − 196 }
+ − 197
+ − 198 function PlainTextRender($text, $wiki = 1, $smilies = false, $filter_links = true)
+ − 199 {
+ − 200 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 201 if($smilies)
+ − 202 {
+ − 203 $text = RenderMan::smilieyize($text);
+ − 204 }
+ − 205 if($wiki == 1)
+ − 206 {
+ − 207 $text = RenderMan::next_gen_wiki_format($text, true);
+ − 208 }
+ − 209 elseif($wiki == 2)
+ − 210 {
+ − 211 $text = $template->tplWikiFormat($text);
+ − 212 }
+ − 213 return $text;
+ − 214 }
+ − 215
+ − 216 function next_gen_wiki_format($text, $plaintext = false, $filter_links = true, $do_params = false)
+ − 217 {
+ − 218 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 219 $random_id = md5( time() . mt_rand() );
+ − 220
+ − 221 // Strip out <nowiki> sections and PHP code
+ − 222
+ − 223 $php = preg_match_all('#<\?php(.*?)\?>#is', $text, $phpsec);
+ − 224
+ − 225 for($i=0;$i<sizeof($phpsec[1]);$i++)
+ − 226 {
+ − 227 $text = str_replace('<?php'.$phpsec[1][$i].'?>', '{PHP:'.$random_id.':'.$i.'}', $text);
+ − 228 }
+ − 229
+ − 230 $nw = preg_match_all('#<nowiki>(.*?)<\/nowiki>#is', $text, $nowiki);
+ − 231
+ − 232 for($i=0;$i<sizeof($nowiki[1]);$i++)
+ − 233 {
+ − 234 $text = str_replace('<nowiki>'.$nowiki[1][$i].'</nowiki>', '{NOWIKI:'.$random_id.':'.$i.'}', $text);
+ − 235 }
+ − 236
+ − 237 $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $text);
+ − 238 if ( $paths->namespace == 'Template' )
+ − 239 {
+ − 240 $text = preg_replace('/<nodisplay>(.*?)<\/nodisplay>/is', '', $text);
+ − 241 }
+ − 242
+ − 243 if ( !$plaintext )
+ − 244 {
+ − 245 // Process images
37
+ − 246 $text = RenderMan::process_image_tags($text, $taglist);
1
+ − 247 }
+ − 248
+ − 249 if($do_params)
+ − 250 {
+ − 251 preg_match_all('#\(_([0-9]+)_\)#', $text, $matchlist);
+ − 252 foreach($matchlist[1] as $m)
+ − 253 {
+ − 254 $text = str_replace('(_'.$m.'_)', $paths->getParam((int)$m), $text);
+ − 255 }
+ − 256 }
+ − 257
63
+ − 258 $template_regex = "/\{\{([^\]]+?)((\n([ ]*?)[A-z0-9]+([ ]*?)=([ ]*?)(.+?))*)\}\}/is";
+ − 259 $i = 0;
+ − 260 while ( preg_match($template_regex, $text) )
+ − 261 {
+ − 262 $i++;
+ − 263 if ( $i == 5 )
+ − 264 break;
+ − 265 $text = RenderMan::include_templates($text);
+ − 266 }
1
+ − 267
+ − 268 $text = process_tables($text);
+ − 269
+ − 270 $wiki =& Text_Wiki::singleton('Mediawiki');
+ − 271 if($plaintext)
+ − 272 {
+ − 273 $wiki->setRenderConf('Plain', 'wikilink', 'view_url', contentPath);
+ − 274 $result = $wiki->transform($text, 'Plain');
+ − 275 }
+ − 276 else
+ − 277 {
+ − 278 $wiki->setRenderConf('Xhtml', 'wikilink', 'view_url', contentPath);
+ − 279 $wiki->setRenderConf('Xhtml', 'Url', 'css_descr', 'external');
+ − 280 $result = $wiki->transform($text, 'Xhtml');
+ − 281 }
+ − 282
37
+ − 283 if ( !$plaintext )
+ − 284 {
+ − 285 $result = RenderMan::process_imgtags_stage2($result, $taglist);
+ − 286 }
+ − 287
1
+ − 288 // Reinsert <nowiki> sections
+ − 289 for($i=0;$i<$nw;$i++)
+ − 290 {
+ − 291 $result = str_replace('{NOWIKI:'.$random_id.':'.$i.'}', $nowiki[1][$i], $result);
+ − 292 }
+ − 293
+ − 294 // Reinsert PHP
+ − 295 for($i=0;$i<$php;$i++)
+ − 296 {
+ − 297 $result = str_replace('{PHP:'.$random_id.':'.$i.'}', '<?php'.$phpsec[1][$i].'?>', $result);
+ − 298 }
+ − 299
+ − 300 return $result;
+ − 301
+ − 302 }
+ − 303
+ − 304 function wikiFormat($message, $filter_links = true, $do_params = false, $plaintext = false) {
+ − 305 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 306
+ − 307 return RenderMan::next_gen_wiki_format($message, $plaintext, $filter_links, $do_params);
+ − 308
+ − 309 $random_id = md5( time() . mt_rand() );
+ − 310
+ − 311 // Strip out <nowiki> sections
+ − 312 $nw = preg_match_all('#<nowiki>(.*?)<\/nowiki>#is', $message, $nowiki);
+ − 313
+ − 314 if(!$plaintext)
+ − 315 {
+ − 316
+ − 317 //return '<pre>'.print_r($nowiki,true).'</pre>';
+ − 318
+ − 319 for($i=0;$i<sizeof($nowiki[1]);$i++)
+ − 320 {
+ − 321 $message = str_replace('<nowiki>'.$nowiki[1][$i].'</nowiki>', '{NOWIKI:'.$random_id.':'.$i.'}', $message);
+ − 322 }
+ − 323
+ − 324 $message = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $message);
+ − 325
+ − 326 //return '<pre>'.htmlspecialchars($message).'</pre>';
+ − 327
35
+ − 328 $message = RenderMan::process_image_tags($message);
1
+ − 329
+ − 330 }
+ − 331
+ − 332 if($do_params)
+ − 333 {
+ − 334 preg_match_all('#\(_([0-9]+)_\)#', $message, $matchlist);
+ − 335 foreach($matchlist[1] as $m)
+ − 336 {
+ − 337 $message = str_replace('(_'.$m.'_)', $paths->getParam((int)$m), $message);
+ − 338 }
+ − 339 }
+ − 340
+ − 341 $message = RenderMan::include_templates($message);
+ − 342
+ − 343 // Reinsert <nowiki> sections
+ − 344 for($i=0;$i<$nw;$i++)
+ − 345 {
+ − 346 $message = str_replace('{NOWIKI:'.$random_id.':'.$i.'}', '<nowiki>'.$nowiki[1][$i].'</nowiki>', $message);
+ − 347 }
+ − 348
+ − 349 $message = process_tables($message);
+ − 350 //if($message2 != $message) return '<pre>'.htmlspecialchars($message2).'</pre>';
+ − 351 //$message = str_replace(array('<table>', '</table>'), array('<nowiki><table>', '</table></nowiki>'), $message);
+ − 352
+ − 353 $wiki =& Text_Wiki::singleton('Mediawiki');
+ − 354 if($plaintext)
+ − 355 {
+ − 356 $wiki->setRenderConf('Plain', 'wikilink', 'view_url', contentPath);
+ − 357 $result = $wiki->transform($message, 'Plain');
+ − 358 } else {
+ − 359 $wiki->setRenderConf('Xhtml', 'wikilink', 'view_url', contentPath);
+ − 360 $wiki->setRenderConf('Xhtml', 'Url', 'css_descr', 'external');
+ − 361 $result = $wiki->transform($message, 'Xhtml');
+ − 362 }
+ − 363
+ − 364 // HTML fixes
+ − 365 $result = preg_replace('#<tr>([\s]*?)<\/tr>#is', '', $result);
+ − 366 $result = preg_replace('#<p>([\s]*?)<\/p>#is', '', $result);
+ − 367 $result = preg_replace('#<br />([\s]*?)<table#is', '<table', $result);
+ − 368 $result = str_replace("<pre><code>\n", "<pre><code>", $result);
+ − 369 $result = preg_replace("/<p><table([^>]*?)><\/p>/", "<table\\1>", $result);
+ − 370 $result = str_replace("<br />\n</td>", "\n</td>", $result);
+ − 371 $result = str_replace("<p><tr>", "<tr>", $result);
+ − 372 $result = str_replace("<tr><br />", "<tr>", $result);
+ − 373 $result = str_replace("</tr><br />", "</tr>", $result);
+ − 374 $result = str_replace("</table></p>", "</table>", $result);
+ − 375 $result = str_replace("</table><br />", "</table>", $result);
+ − 376 $result = preg_replace('/<\/table>$/', "</table><br /><br />", $result);
+ − 377
+ − 378 $result = str_replace('<nowiki>', '<nowiki>', $result);
+ − 379 $result = str_replace('</nowiki>', '</nowiki>', $result);
+ − 380
+ − 381 return $result;
+ − 382 }
+ − 383
+ − 384 function destroy_javascript($message, $_php = false)
+ − 385 {
+ − 386 $message = preg_replace('#<(script|object|applet|embed|iframe|frame|form|input|select)(.*?)>#is', '<\\1\\2>', $message);
+ − 387 $message = preg_replace('#</(script|object|applet|embed|iframe|frame|form|input|select)(.*?)>#is', '</\\1\\2>', $message);
+ − 388 $message = preg_replace('#(javascript|script|activex|chrome|about|applet):#is', '\\1:', $message);
+ − 389 if ( $_php )
+ − 390 {
+ − 391 // Left in only for compatibility
+ − 392 $message = preg_replace('#<(.*?)>#is', '<\\1>', $message);
+ − 393 $message = preg_replace('#<(.*?)>#is', '<\\1>', $message);
+ − 394 $message = preg_replace('#<(\?|\?php|%)(.*?)(\?|%)>#is', '<\\1\\2\\3>', $message);
+ − 395 // strip <a href="foo" onclick="bar();">-type attacks
+ − 396 $message = preg_replace('#<([a-zA-Z:\-]+) (.*?)on([A-Za-z]*)=(.*?)>#is', '<\\1\\2on\\3=\\4>', $message);
+ − 397 }
+ − 398 return $message;
+ − 399 }
+ − 400
+ − 401 function strip_php($message)
+ − 402 {
+ − 403 return RenderMan::destroy_javascript($message, true);
+ − 404 }
+ − 405
+ − 406 function sanitize_html($text)
+ − 407 {
+ − 408 $text = htmlspecialchars($text);
+ − 409 $allowed_tags = Array('b', 'i', 'u', 'pre', 'code', 'tt', 'br', 'p', 'nowiki', '!--([^.]+)--');
+ − 410 foreach($allowed_tags as $t)
+ − 411 {
+ − 412 $text = preg_replace('#<'.$t.'>(.*?)</'.$t.'>#is', '<'.$t.'>\\1</'.$t.'>', $text);
+ − 413 $text = preg_replace('#<'.$t.' />#is', '<'.$t.' />', $text);
+ − 414 $text = preg_replace('#<'.$t.'>#is', '<'.$t.'>', $text);
+ − 415 }
+ − 416 return $text;
+ − 417 }
+ − 418
+ − 419 /* *
+ − 420 * Replaces template inclusions with the templates
+ − 421 * @param string $message The text to format
+ − 422 * @return string
+ − 423 * /
+ − 424
+ − 425 function old_include_templates($message)
+ − 426 {
+ − 427 $random_id = md5( time() . mt_rand() );
+ − 428 preg_match_all('#\{\{(.+?)\}\}#s', $message, $matchlist);
+ − 429 foreach($matchlist[1] as $m)
+ − 430 {
+ − 431 $mn = $m;
+ − 432 // Strip out wikilinks and re-add them after the explosion (because of the "|")
+ − 433 preg_match_all('#\[\[(.+?)\]\]#i', $m, $linklist);
+ − 434 //echo '<pre>'.print_r($linklist, true).'</pre>';
+ − 435 for($i=0;$i<sizeof($linklist[1]);$i++)
+ − 436 {
+ − 437 $mn = str_replace('[['.$linklist[1][$i].']]', '{WIKILINK:'.$random_id.':'.$i.'}', $mn);
+ − 438 }
+ − 439
+ − 440 $ar = explode('|', $mn);
+ − 441
+ − 442 for($j=0;$j<sizeof($ar);$j++)
+ − 443 {
+ − 444 for($i=0;$i<sizeof($linklist[1]);$i++)
+ − 445 {
+ − 446 $ar[$j] = str_replace('{WIKILINK:'.$random_id.':'.$i.'}', '[['.$linklist[1][$i].']]', $ar[$j]);
+ − 447 }
+ − 448 }
+ − 449
+ − 450 $tp = $ar[0];
+ − 451 unset($ar[0]);
+ − 452 $tp = str_replace(' ', '_', $tp);
+ − 453 $message = str_replace('{{'.$m.'}}', RenderMan::getTemplate($tp, $ar), $message);
+ − 454 }
+ − 455 return $message;
+ − 456 }
+ − 457 */
+ − 458
+ − 459 /**
+ − 460 * Parses a partial template tag in wikitext, and return an array with the parameters.
63
+ − 461 * @param string The portion of the template tag that contains the parameters.
+ − 462 * @example
1
+ − 463 * <code>
63
+ − 464 foo = lorem ipsum
+ − 465 bar = dolor sit amet
1
+ − 466 * </code>
+ − 467 * @return array Example:
+ − 468 * [foo] => lorem ipsum
+ − 469 * [bar] => dolor sit amet
+ − 470 */
+ − 471
+ − 472 function parse_template_vars($input)
+ − 473 {
+ − 474 $input = explode("\n", trim( $input ));
+ − 475 $parms = Array();
+ − 476 $current_line = '';
+ − 477 $current_parm = '';
+ − 478 foreach ( $input as $num => $line )
+ − 479 {
+ − 480 if ( preg_match('/^([ ]*?)([A-z0-9_]+?)([ ]*?)=([ ]*?)(.+?)$/i', $line, $matches) )
+ − 481 {
+ − 482 $parm =& $matches[2];
+ − 483 $text =& $matches[5];
+ − 484 if ( $parm == $current_parm )
+ − 485 {
+ − 486 $current_line .= $text;
+ − 487 }
+ − 488 else
+ − 489 {
+ − 490 // New parameter
+ − 491 if ( $current_parm != '' )
+ − 492 $parms[$current_parm] = $current_line;
+ − 493 $current_line = $text;
+ − 494 $current_parm = $parm;
+ − 495 }
+ − 496 }
+ − 497 else if ( $num == 0 )
+ − 498 {
+ − 499 // Syntax error
+ − 500 return false;
+ − 501 }
+ − 502 else
+ − 503 {
+ − 504 $current_line .= "\n$line";
+ − 505 }
+ − 506 }
+ − 507 if ( !empty($current_parm) && !empty($current_line) )
+ − 508 {
+ − 509 $parms[$current_parm] = $current_line;
+ − 510 }
+ − 511 return $parms;
+ − 512 }
+ − 513
+ − 514 /**
+ − 515 * Processes all template tags within a block of wikitext.
+ − 516 * @param string The text to process
+ − 517 * @return string Formatted text
+ − 518 * @example
+ − 519 * <code>
+ − 520 $text = '{{Template
+ − 521 parm1 = Foo
+ − 522 parm2 = Bar
+ − 523 }}';
+ − 524 $text = include_templates($text);
+ − 525 * </code>
+ − 526 */
+ − 527
+ − 528 function include_templates($text)
+ − 529 {
+ − 530 global $db, $session, $paths, $template, $plugins; // Common objects
63
+ − 531 $template_regex = "/\{\{([^\]]+?)((\n([ ]*?)[A-z0-9]+([ ]*?)=([ ]*?)(.+?))*)\}\}/is";
1
+ − 532 if ( $count = preg_match_all($template_regex, $text, $matches) )
+ − 533 {
+ − 534 for ( $i = 0; $i < $count; $i++ )
+ − 535 {
63
+ − 536 $matches[1][$i] = sanitize_page_id($matches[1][$i]);
1
+ − 537 $parmsection = trim($matches[2][$i]);
+ − 538 if ( !empty($parmsection) )
+ − 539 {
+ − 540 $parms = RenderMan::parse_template_vars($parmsection);
+ − 541 foreach ( $parms as $j => $parm )
+ − 542 {
+ − 543 $parms[$j] = $parm;
+ − 544 }
+ − 545 }
+ − 546 else
+ − 547 {
+ − 548 $parms = Array();
+ − 549 }
+ − 550 if ( $tpl_code = RenderMan::fetch_template_text($matches[1][$i]) )
+ − 551 {
+ − 552 $parser = $template->makeParserText($tpl_code);
+ − 553 $parser->assign_vars($parms);
+ − 554 $text = str_replace($matches[0][$i], $parser->run(), $text);
+ − 555 }
+ − 556 }
+ − 557 }
+ − 558 return $text;
+ − 559 }
+ − 560
+ − 561 /**
+ − 562 * Preprocesses an HTML text string prior to being sent to MySQL.
+ − 563 * @param string $text
+ − 564 * @param bool $strip_all_php - if true, strips all PHP regardless of user permissions. Else, strips PHP only if user level < USER_LEVEL_ADMIN.
+ − 565 */
+ − 566 function preprocess_text($text, $strip_all_php = true, $sqlescape = true)
+ − 567 {
+ − 568 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 569 $random_id = md5( time() . mt_rand() );
+ − 570
+ − 571 $can_do_php = ( $session->get_permissions('php_in_pages') && !$strip_all_php );
+ − 572
+ − 573 if ( !$can_do_php )
+ − 574 {
24
+ − 575 $text = sanitize_html($text, true);
1
+ − 576 // If we can't do PHP, we can't do Javascript either.
+ − 577 $text = RenderMan::destroy_javascript($text);
+ − 578 }
+ − 579
+ − 580 // Strip out <nowiki> sections and PHP code
+ − 581
+ − 582 $php = preg_match_all('#(<|<)\?php(.*?)\?(>|>)#is', $text, $phpsec);
+ − 583
+ − 584 //die('<pre>'.htmlspecialchars(print_r($phpsec, true))."\n".htmlspecialchars(print_r($text, true)).'</pre>');
+ − 585
+ − 586 for($i=0;$i<sizeof($phpsec[1]);$i++)
+ − 587 {
+ − 588 $text = str_replace($phpsec[0][$i], '{PHP:'.$random_id.':'.$i.'}', $text);
+ − 589 }
+ − 590
+ − 591 $nw = preg_match_all('#<nowiki>(.*?)<\/nowiki>#is', $text, $nowiki);
+ − 592
+ − 593 for($i=0;$i<sizeof($nowiki[1]);$i++)
+ − 594 {
+ − 595 $text = str_replace('<nowiki>'.$nowiki[1][$i].'</nowiki>', '{NOWIKI:'.$random_id.':'.$i.'}', $text);
+ − 596 }
+ − 597
+ − 598 $text = str_replace('~~~~~', date('G:i, j F Y (T)'), $text);
+ − 599 $text = str_replace('~~~~', "[[User:$session->username|$session->username]] ".date('G:i, j F Y (T)'), $text);
+ − 600 $text = str_replace('~~~', "[[User:$session->username|$session->username]] ", $text);
+ − 601
+ − 602 // Reinsert <nowiki> sections
+ − 603 for($i=0;$i<$nw;$i++)
+ − 604 {
+ − 605 $text = str_replace('{NOWIKI:'.$random_id.':'.$i.'}', '<nowiki>'.$nowiki[1][$i].'</nowiki>', $text);
+ − 606 }
+ − 607 // Reinsert PHP
+ − 608 for($i=0;$i<$php;$i++)
+ − 609 {
+ − 610 $phsec = ''.$phpsec[1][$i].'?php'.$phpsec[2][$i].'?'.$phpsec[3][$i].'';
+ − 611 if ( $strip_all_php )
+ − 612 $phsec = htmlspecialchars($phsec);
+ − 613 $text = str_replace('{PHP:'.$random_id.':'.$i.'}', $phsec, $text);
+ − 614 }
+ − 615
+ − 616 $text = ( $sqlescape ) ? $db->escape($text) : $text;
+ − 617
+ − 618 return $text;
+ − 619 }
+ − 620
+ − 621 function smilieyize($text, $complete_urls = false)
+ − 622 {
+ − 623
+ − 624 $random_id = md5( time() . mt_rand() );
+ − 625
+ − 626 // Smileys array - eventually this will be fetched from the database by
+ − 627 // RenderMan::initSmileys during initialization, but it will all be hardcoded for beta 2
+ − 628
+ − 629 $smileys = Array(
+ − 630 'O:-)' => 'face-angel.png',
+ − 631 'O:)' => 'face-angel.png',
+ − 632 'O=)' => 'face-angel.png',
+ − 633 ':-)' => 'face-smile.png',
+ − 634 ':)' => 'face-smile.png',
+ − 635 '=)' => 'face-smile-big.png',
+ − 636 ':-(' => 'face-sad.png',
+ − 637 ':(' => 'face-sad.png',
+ − 638 ';(' => 'face-sad.png',
+ − 639 ':-O' => 'face-surprise.png',
+ − 640 ';-)' => 'face-wink.png',
+ − 641 ';)' => 'face-wink.png',
+ − 642 '8-)' => 'face-glasses.png',
+ − 643 '8)' => 'face-glasses.png',
+ − 644 ':-D' => 'face-grin.png',
+ − 645 ':D' => 'face-grin.png',
+ − 646 '=D' => 'face-grin.png',
+ − 647 ':-*' => 'face-kiss.png',
+ − 648 ':*' => 'face-kiss.png',
+ − 649 '=*' => 'face-kiss.png',
+ − 650 ':\'(' => 'face-crying.png',
+ − 651 ':-|' => 'face-plain.png',
+ − 652 ':-\\' => 'face-plain.png',
+ − 653 ':-/' => 'face-plain.png',
+ − 654 ':joke:' => 'face-plain.png',
+ − 655 ']:->' => 'face-devil-grin.png',
+ − 656 ':kiss:' => 'face-kiss.png',
+ − 657 ':-P' => 'face-tongue-out.png',
+ − 658 ':P' => 'face-tongue-out.png',
+ − 659 ':-p' => 'face-tongue-out.png',
+ − 660 ':p' => 'face-tongue-out.png',
+ − 661 ':-X' => 'face-sick.png',
+ − 662 ':X' => 'face-sick.png',
+ − 663 ':sick:' => 'face-sick.png',
+ − 664 ':-]' => 'face-oops.png',
+ − 665 ':]' => 'face-oops.png',
+ − 666 ':oops:' => 'face-oops.png',
+ − 667 ':-[' => 'face-embarassed.png',
+ − 668 ':[' => 'face-embarassed.png'
+ − 669 );
+ − 670 /*
+ − 671 $keys = array_keys($smileys);
+ − 672 foreach($keys as $k)
+ − 673 {
+ − 674 $regex1 = '#([\W]+)'.preg_quote($k).'([\s\n\r\.]+)#s';
+ − 675 $regex2 = '\\1<img alt="'.$k.'" title="'.$k.'" src="'.scriptPath.'/images/smilies/'.$smileys[$k].'" style="border: 0;" />\\2';
+ − 676 $text = preg_replace($regex1, $regex2, $text);
+ − 677 }
+ − 678 */
+ − 679
+ − 680 // Strip out <nowiki> sections
+ − 681 //return '<pre>'.htmlspecialchars($text).'</pre>';
+ − 682 $nw = preg_match_all('#<nowiki>(.*?)<\/nowiki>#is', $text, $nowiki);
+ − 683
+ − 684 for($i=0;$i<sizeof($nowiki[1]);$i++)
+ − 685 {
+ − 686 $text = str_replace('<nowiki>'.$nowiki[1][$i].'</nowiki>', '{NOWIKI:'.$random_id.':'.$i.'}', $text);
+ − 687 }
+ − 688
+ − 689 $keys = array_keys($smileys);
+ − 690 foreach($keys as $k)
+ − 691 {
+ − 692 $t = str_hex($k);
+ − 693 $t = explode(' ', $t);
+ − 694 $s = '';
+ − 695 foreach($t as $b)
+ − 696 {
+ − 697 $s.='&#x'.$b.';';
+ − 698 }
+ − 699 $pfx = ( $complete_urls ) ? 'http' . ( isset($_SERVER['HTTPS']) ? 's' : '' ) . '://'.$_SERVER['HTTP_HOST'] : '';
+ − 700 $text = str_replace(' '.$k, ' <nowiki><img title="'.$s.'" alt="'.$s.'" src="'.$pfx.scriptPath.'/images/smilies/'.$smileys[$k].'" style="border: 0;" /></nowiki>', $text);
+ − 701 }
+ − 702 //*/
+ − 703
+ − 704 // Reinsert <nowiki> sections
+ − 705 for($i=0;$i<$nw;$i++)
+ − 706 {
+ − 707 $text = str_replace('{NOWIKI:'.$random_id.':'.$i.'}', '<nowiki>'.$nowiki[1][$i].'</nowiki>', $text);
+ − 708 }
+ − 709
+ − 710 return $text;
+ − 711 }
+ − 712
+ − 713 /*
+ − 714 * **** DEPRECATED ****
+ − 715 * Replaces some critical characters in a string with MySQL-safe equivalents
+ − 716 * @param $text string the text to escape
+ − 717 * @return array key 0 is the escaped text, key 1 is the character tag
+ − 718 * /
+ − 719
+ − 720 function escape_page_text($text)
+ − 721 {
+ − 722 $char_tag = md5(microtime() . mt_rand());
+ − 723 $text = str_replace("'", "{APOS:$char_tag}", $text);
+ − 724 $text = str_replace('"', "{QUOT:$char_tag}", $text);
+ − 725 $text = str_replace("\\", "{SLASH:$char_tag}", $text);
+ − 726 return Array($text, $char_tag);
+ − 727 }
+ − 728 */
+ − 729
+ − 730 /* **** DEPRECATED ****
+ − 731 * Reverses the result of RenderMan::escape_page_text().
+ − 732 * @param $text string the text to unescape
+ − 733 * @param $char_tag string the character tag
+ − 734 * @return string
+ − 735 * /
+ − 736
+ − 737 function unescape_page_text($text, $char_tag)
+ − 738 {
+ − 739 $text = str_replace("{APOS:$char_tag}", "'", $text);
+ − 740 $text = str_replace("{QUOT:$char_tag}", '"', $text);
+ − 741 $text = str_replace("{SLASH:$char_tag}", "\\", $text);
+ − 742 return $text;
+ − 743 }
+ − 744 */
+ − 745
+ − 746 /**
+ − 747 * Generates a summary of the differences between two texts, and formats it as XHTML.
+ − 748 * @param $str1 string the first block of text
+ − 749 * @param $str2 string the second block of text
+ − 750 * @return string
+ − 751 */
+ − 752 function diff($str1, $str2)
+ − 753 {
+ − 754 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 755 $str1 = explode("\n", $str1);
+ − 756 $str2 = explode("\n", $str2);
+ − 757 $diff = new Diff($str1, $str2);
+ − 758 $renderer = new TableDiffFormatter();
+ − 759 return '<table class="diff">'.$renderer->format($diff).'</table>';
+ − 760 }
+ − 761
35
+ − 762 /**
+ − 763 * Changes wikitext image tags to HTML.
+ − 764 * @param string The wikitext to process
37
+ − 765 * @param array Will be overwritten with the list of HTML tags (the system uses tokens for TextWiki compatibility)
35
+ − 766 * @return string
+ − 767 */
+ − 768
37
+ − 769 function process_image_tags($text, &$taglist)
35
+ − 770 {
+ − 771 global $db, $session, $paths, $template, $plugins; // Common objects
+ − 772
37
+ − 773 $s_delim = "\xFF";
+ − 774 $f_delim = "\xFF";
+ − 775 $taglist = array();
+ − 776
35
+ − 777 // Wicked huh?
+ − 778 $regex = '/\[\[:' . $paths->nslist['File'] . '([\w\s0-9_\(\)!@%\^\+\|\.-]+?)((\|thumb)|(\|([0-9]+)x([0-9]+)))?(\|left|\|right)?(\|(.+))?\]\]/i';
+ − 779
+ − 780 preg_match_all($regex, $text, $matches);
+ − 781
+ − 782 foreach ( $matches[0] as $i => $match )
+ − 783 {
+ − 784
+ − 785 $full_tag =& $matches[0][$i];
+ − 786 $filename =& $matches[1][$i];
+ − 787 $scale_type =& $matches[2][$i];
+ − 788 $width =& $matches[5][$i];
+ − 789 $height =& $matches[6][$i];
+ − 790 $clear =& $matches[7][$i];
+ − 791 $caption =& $matches[8][$i];
+ − 792
+ − 793 if ( !isPage( $paths->nslist['File'] . $filename ) )
+ − 794 {
+ − 795 continue;
+ − 796 }
+ − 797
+ − 798 if ( $scale_type == '|thumb' )
+ − 799 {
+ − 800 $r_width = 225;
+ − 801 $r_height = 225;
+ − 802
+ − 803 $url = makeUrlNS('Special', 'DownloadFile/' . $filename, 'preview&width=' . $r_width . '&height=' . $r_height, true);
+ − 804 }
+ − 805 else if ( !empty($width) && !empty($height) )
+ − 806 {
+ − 807 $r_width = $width;
+ − 808 $r_height = $height;
+ − 809
+ − 810 $url = makeUrlNS('Special', 'DownloadFile/' . $filename, 'preview&width=' . $r_width . '&height=' . $r_height, true);
+ − 811 }
+ − 812 else
+ − 813 {
+ − 814 $url = makeUrlNS('Special', 'DownloadFile/' . $filename);
+ − 815 }
+ − 816
+ − 817 $img_tag = '<img src="' . $url . '" ';
+ − 818
65
+ − 819 // if ( isset($r_width) && isset($r_height) && $scale_type != '|thumb' )
+ − 820 // {
+ − 821 // $img_tag .= 'width="' . $r_width . '" height="' . $r_height . '" ';
+ − 822 // }
35
+ − 823
+ − 824 $img_tag .= 'style="border-width: 0px; background-color: white;" ';
+ − 825
+ − 826 $img_tag .= '/>';
+ − 827
+ − 828 $complete_tag = '';
+ − 829
+ − 830 if ( !empty($scale_type) )
+ − 831 {
+ − 832 $complete_tag .= '<div class="thumbnail" ';
+ − 833 $clear_text = '';
+ − 834 if ( !empty($clear) )
+ − 835 {
+ − 836 $side = ( $clear == '|left' ) ? 'left' : 'right';
+ − 837 $opposite = ( $clear == '|left' ) ? 'right' : 'left';
37
+ − 838 $clear_text .= "float: $side; margin-$opposite: 20px;";
35
+ − 839 $complete_tag .= 'style="' . $clear_text . '" ';
+ − 840 }
+ − 841 $complete_tag .= '>';
+ − 842
+ − 843 $complete_tag .= '<a href="' . makeUrlNS('File', $filename) . '" style="display: block;">';
+ − 844 $complete_tag .= $img_tag;
+ − 845 $complete_tag .= '</a>';
+ − 846
+ − 847 $mag_button = '<a href="' . makeUrlNS('File', $filename) . '" style="display: block; float: right; clear: right; margin: 0 0 10px 10px;"><img alt="[ + ]" src="' . scriptPath . '/images/thumbnail.png" style="border-width: 0px;" /></a>';
+ − 848
+ − 849 if ( !empty($caption) )
+ − 850 {
+ − 851 $cap = substr($caption, 1);
+ − 852 $complete_tag .= $mag_button . $cap;
+ − 853 }
+ − 854
+ − 855 $complete_tag .= '</div>';
+ − 856 }
+ − 857 else
+ − 858 {
+ − 859 $complete_tag .= '<a href="' . makeUrlNS('File', $filename) . '" style="display: block;">';
+ − 860 $complete_tag .= $img_tag;
+ − 861 $complete_tag .= '</a>';
+ − 862 }
+ − 863
37
+ − 864 $complete_tag .= "\n\n";
+ − 865 $taglist[$i] = $complete_tag;
35
+ − 866
37
+ − 867 $pos = strpos($text, $full_tag);
35
+ − 868
+ − 869 while(true)
+ − 870 {
+ − 871 $check1 = substr($text, $pos, 3);
+ − 872 $check2 = substr($text, $pos, 1);
+ − 873 if ( $check1 == '<p>' || $pos == 0 || $check2 == "\n" )
+ − 874 {
+ − 875 // die('found at pos '.$pos);
+ − 876 break;
+ − 877 }
+ − 878 $pos--;
+ − 879 }
+ − 880
37
+ − 881 $repl = "{$s_delim}e_img_{$i}{$f_delim}";
+ − 882 $text = substr($text, 0, $pos) . $repl . substr($text, $pos);
35
+ − 883
+ − 884 $text = str_replace($full_tag, '', $text);
+ − 885
+ − 886 unset($full_tag, $filename, $scale_type, $width, $height, $clear, $caption, $r_width, $r_height);
+ − 887
+ − 888 }
+ − 889
+ − 890 return $text;
+ − 891 }
+ − 892
37
+ − 893 /**
+ − 894 * Finalizes processing of image tags.
+ − 895 * @param string The preprocessed text
+ − 896 * @param array The list of image tags created by RenderMan::process_image_tags()
+ − 897 */
+ − 898
+ − 899 function process_imgtags_stage2($text, $taglist)
+ − 900 {
+ − 901 $s_delim = "\xFF";
+ − 902 $f_delim = "\xFF";
+ − 903 foreach ( $taglist as $i => $tag )
+ − 904 {
+ − 905 $repl = "{$s_delim}e_img_{$i}{$f_delim}";
+ − 906 $text = str_replace($repl, $tag, $text);
+ − 907 }
+ − 908 return $text;
+ − 909 }
+ − 910
1
+ − 911 }
+ − 912
+ − 913 ?>