| [ Index ] |
|
Code source de XOOPS 2.0.17.1 |
1 <?php 2 // $Id: textsanitizer.php 669 2006-08-25 22:14:09Z skalpa $ 3 // ------------------------------------------------------------------------ // 4 // XOOPS - PHP Content Management System // 5 // Copyright (c) 2000 XOOPS.org // 6 // <http://www.xoops.org/> // 7 // ------------------------------------------------------------------------ // 8 // This program is free software; you can redistribute it and/or modify // 9 // it under the terms of the GNU General Public License as published by // 10 // the Free Software Foundation; either version 2 of the License, or // 11 // (at your option) any later version. // 12 // // 13 // You may not change or alter any portion of this comment or credits // 14 // of supporting developers from this source code or any supporting // 15 // source code which is considered copyrighted (c) material of the // 16 // original comment or credit authors. // 17 // // 18 // This program is distributed in the hope that it will be useful, // 19 // but WITHOUT ANY WARRANTY; without even the implied warranty of // 20 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // 21 // GNU General Public License for more details. // 22 // // 23 // You should have received a copy of the GNU General Public License // 24 // along with this program; if not, write to the Free Software // 25 // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // 26 // ------------------------------------------------------------------------ // 27 // Author: Kazumi Ono (http://www.myweb.ne.jp/, http://jp.xoops.org/) // 28 // Goghs Cheng (http://www.eqiao.com, http://www.devbeez.com/) // 29 // Project: The XOOPS Project (http://www.xoops.org/) // 30 // ------------------------------------------------------------------------- // 31 // This is subset and modified version of module.textsanitizer.php 32 set_magic_quotes_runtime(0); 33 34 class TextSanitizer 35 { 36 37 /* 38 * Constructor of this class 39 * Gets allowed html tags from admin config settings 40 * <br> should not be allowed since nl2br will be used 41 * when storing data 42 */ 43 function TextSanitizer() 44 { 45 46 } 47 48 function &getInstance() 49 { 50 static $instance; 51 if (!isset($instance)) { 52 $instance = new TextSanitizer(); 53 } 54 return $instance; 55 } 56 57 function &makeClickable(&$text) 58 { 59 $patterns = array("/([^]_a-z0-9-=\"'\/])([a-z]+?):\/\/([^, \r\n\"\(\)'<>]+)/i", "/([^]_a-z0-9-=\"'\/])www\.([a-z0-9\-]+)\.([^, \r\n\"\(\)'<>]+)/i", "/([^]_a-z0-9-=\"'\/])([a-z0-9\-_.]+?)@([^, \r\n\"\(\)'<>]+)/i"); 60 $replacements = array("\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>", "\\1<a href=\"http://www.\\2.\\3\" target=\"_blank\">www.\\2.\\3</a>", "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>"); 61 return preg_replace($patterns, $replacements, $text); 62 } 63 64 function &nl2Br($text) 65 { 66 return preg_replace("/(\015\012)|(\015)|(\012)/","<br />",$text); 67 } 68 69 function &addSlashes($text, $force=false) 70 { 71 if ($force) { 72 return addslashes($text); 73 } 74 if (!get_magic_quotes_gpc()) { 75 $text = addslashes($text); 76 } 77 return $text; 78 } 79 80 /* 81 * if magic_quotes_gpc is on, stirip back slashes 82 */ 83 function &stripSlashesGPC($text) 84 { 85 if (get_magic_quotes_gpc()) { 86 $text = stripslashes($text); 87 } 88 return $text; 89 } 90 91 /* 92 * for displaying data in html textbox forms 93 */ 94 function htmlSpecialChars($text) 95 { 96 return preg_replace("/&/i", '&', htmlspecialchars($text, ENT_QUOTES)); 97 } 98 99 function undoHtmlSpecialChars(&$text) 100 { 101 return preg_replace(array("/>/i", "/</i", "/"/i", "/'/i"), array(">", "<", "\"", "'"), $text); 102 } 103 104 /* 105 * Filters textarea form data in DB for display 106 */ 107 function &displayText($text, $html=false) 108 { 109 if (! $html) { 110 // html not allowed 111 $text =& $this->htmlSpecialChars($text); 112 } 113 $text =& $this->makeClickable($text); 114 $text =& $this->nl2Br($text); 115 return $text; 116 } 117 118 /* 119 * Filters textarea form data submitted for preview 120 */ 121 function &previewText($text, $html=false) 122 { 123 $text =& $this->stripSlashesGPC($text); 124 return $this->displayText($text, $html); 125 } 126 127 ##################### Deprecated Methods ###################### 128 129 function sanitizeForDisplay($text, $allowhtml = 0, $smiley = 1, $bbcode = 1) 130 { 131 if ( $allowhtml == 0 ) { 132 $text = $this->htmlSpecialChars($text); 133 } else { 134 //$config =& $GLOBALS['xoopsConfig']; 135 //$allowed = $config['allowed_html']; 136 //$text = strip_tags($text, $allowed); 137 $text = $this->makeClickable($text); 138 } 139 if ( $smiley == 1 ) { 140 $text = $this->smiley($text); 141 } 142 if ( $bbcode == 1 ) { 143 $text = $this->xoopsCodeDecode($text); 144 } 145 $text = $this->nl2Br($text); 146 return $text; 147 } 148 149 function sanitizeForPreview($text, $allowhtml = 0, $smiley = 1, $bbcode = 1) 150 { 151 $text = $this->oopsStripSlashesGPC($text); 152 if ( $allowhtml == 0 ) { 153 $text = $this->htmlSpecialChars($text); 154 } else { 155 //$config =& $GLOBALS['xoopsConfig']; 156 //$allowed = $config['allowed_html']; 157 //$text = strip_tags($text, $allowed); 158 $text = $this->makeClickable($text); 159 } 160 if ( $smiley == 1 ) { 161 $text = $this->smiley($text); 162 } 163 if ( $bbcode == 1 ) { 164 $text = $this->xoopsCodeDecode($text); 165 } 166 $text = $this->nl2Br($text); 167 return $text; 168 } 169 170 function makeTboxData4Save($text) 171 { 172 //$text = $this->undoHtmlSpecialChars($text); 173 return $this->addSlashes($text); 174 } 175 176 function makeTboxData4Show($text, $smiley=0) 177 { 178 $text = $this->htmlSpecialChars($text); 179 return $text; 180 } 181 182 function makeTboxData4Edit($text) 183 { 184 return $this->htmlSpecialChars($text); 185 } 186 187 function makeTboxData4Preview($text, $smiley=0) 188 { 189 $text = $this->stripSlashesGPC($text); 190 $text = $this->htmlSpecialChars($text); 191 return $text; 192 } 193 194 function makeTboxData4PreviewInForm($text) 195 { 196 $text = $this->stripSlashesGPC($text); 197 return $this->htmlSpecialChars($text); 198 } 199 200 function makeTareaData4Save($text) 201 { 202 return $this->addSlashes($text); 203 } 204 205 function &makeTareaData4Show(&$text, $html=1, $smiley=1, $xcode=1) 206 { 207 return $this->displayTarea($text, $html, $smiley, $xcode); 208 } 209 210 function makeTareaData4Edit($text) 211 { 212 return htmlSpecialChars($text, ENT_QUOTES); 213 } 214 215 function &makeTareaData4Preview(&$text, $html=1, $smiley=1, $xcode=1) 216 { 217 return $this->previewTarea($text, $html, $smiley, $xcode); 218 } 219 220 function makeTareaData4PreviewInForm($text) 221 { 222 //if magic_quotes_gpc is on, do stipslashes 223 $text = $this->stripSlashesGPC($text); 224 return htmlSpecialChars($text, ENT_QUOTES); 225 } 226 227 function makeTareaData4InsideQuotes($text) 228 { 229 return $this->htmlSpecialChars($text); 230 } 231 232 function &oopsStripSlashesGPC($text) 233 { 234 return $this->stripSlashesGPC($text); 235 } 236 237 function &oopsStripSlashesRT($text) 238 { 239 if (get_magic_quotes_runtime()) { 240 $text =& stripslashes($text); 241 } 242 return $text; 243 } 244 245 function &oopsAddSlashes($text) 246 { 247 return $this->addSlashes($text); 248 } 249 250 function &oopsHtmlSpecialChars($text) 251 { 252 return $this->htmlSpecialChars($text); 253 } 254 255 function &oopsNl2Br($text) 256 { 257 return $this->nl2br($text); 258 } 259 } 260 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Nov 25 11:44:32 2007 | par Balluche grâce à PHPXref 0.7 |
|
|