function filter_xss($formatter, $value, $params) { include_once dirname(__FILE__) . '/../../lib/xss.php'; return _xss_filter($value); }
function word_repl($word, $text = '', $attr = '', $nogroup = 0, $islink = 1) { require_once dirname(__FILE__) . '/lib/xss.php'; global $DBInfo; $nonexists = 'nonexists_' . $this->nonexists; $word = $page = trim($word, '[]'); // trim out [[Hello World]] => Hello World $extended = false; if (($word[0] == '"' or $word[0] == 'w') and preg_match('/^(?:wiki\\:)?((")?[^"]+\\2)((\\s+|\\|)?(.*))?$/', $word, $m)) { # ["extended wiki name"] # ["Hello World" Go to Hello] # [wiki:"Hello World" Go to Main] $word = substr($m[1], 1, -1); if (isset($m[5][0])) { $text = $m[5]; } // text arg ignored $extended = true; $page = $word; } else { if (($p = strpos($word, '|')) !== false) { // or MediaWiki/WikiCreole like links $text = substr($word, $p + 1); $word = substr($word, 0, $p); $page = $word; } else { // check for [[Hello attachment:foo.png]] case $tmp = strtok($word, ' |'); $last = strtok(''); if (($p = strpos($last, ' ')) === false && substr($last, 0, 11) == 'attachment:') { $text = $last; $word = $tmp; $page = $word; } } } if (!$extended and empty($DBInfo->mediawiki_style)) { #$page=preg_replace("/\s+/","",$word); # concat words $page = normalize($word); # concat words } if (empty($DBInfo->use_twikilink)) { $islink = 0; } list($page, $page_text, $gpage) = normalize_word($page, $this->group, $this->page->name, $nogroup, $islink); if (isset($text[0])) { if (preg_match("/^(http|ftp|attachment).*\\.(png|gif|jpeg|jpg)\$/i", $text)) { if (substr($text, 0, 11) == 'attachment:') { $fname = substr($text, 11); $ntext = $this->macro_repl('attachment', $fname, 1); if (!file_exists($ntext)) { $word = $this->macro_repl('attachment', $fname); } else { $text = qualifiedUrl($this->url_prefix . '/' . $ntext); $word = "<img style='border:0' alt='{$text}' src='{$text}' /></a>"; } } else { $text = str_replace('&', '&', $text); // trash dummy query string $text = preg_replace('@(\\?|&)\\.(png|gif|jpe?g)$@', '', $text); if (!empty($this->fetch_images) and !preg_match('@^https?://' . $_SERVER['HTTP_HOST'] . '@', $text)) { $text = $this->fetch_action . str_replace(array('&', '?'), array('%26', '%3f'), $text); } $word = "<img style='border:0' alt='{$word}' src='{$text}' /></a>"; } } else { $word = preg_replace($this->baserule, $this->baserepl, $text); $word = str_replace('<', '<', $word); // revert from baserule $word = _xss_filter($word); } } else { $word = $text = $page_text ? $page_text : $word; #echo $text; $word = _html_escape($word); } $url = _urlencode($page); $url_only = strtok($url, '#?'); # for [WikiName#tag] [wiki:WikiName#tag Tag] #$query= substr($url,strlen($url_only)); if ($extended) { $page = rawurldecode($url_only); } else { $page = urldecode($url_only); } $url = $this->link_url($url); #check current page if ($page == $this->page->name) { $attr .= ' class="current"'; } if (!empty($this->forcelink)) { return $this->nonexists_always($word, $url, $page); } //$url=$this->link_url(_rawurlencode($page)); # XXX $idx = 0; // XXX if (isset($this->pagelinks[$page])) { $idx = $this->pagelinks[$page]; switch ($idx) { case 0: #return "<a class='nonexistent' href='$url'>?</a>$word"; return call_user_func(array(&$this, $nonexists), $word, $url, $page); case -1: $title = ''; $tpage = urlencode($page); if ($tpage != $word) { $title = 'title="' . _html_escape($page) . '" '; } return "<a href='{$url}' {$title}{$attr}>{$word}</a>"; case -2: return "<a href='{$url}' {$attr}>{$word}</a>" . "<tt class='sister'><a href='{$url}'>›</a></tt>"; case -3: #$url=$this->link_url(_rawurlencode($gpage)); return $this->link_tag(_rawurlencode($gpage), '', $this->icon['main'], 'class="main"') . "<a href='{$url}' {$attr}>{$word}</a>"; default: return "<a href='{$url}' {$attr}>{$word}</a>" . "<tt class='sister'><a href='#sister{$idx}'>›{$idx}</a></tt>"; } } else { if ($DBInfo->hasPage($page)) { $title = ''; $this->pagelinks[$page] = -1; $tpage = urlencode($page); if ($tpage != $word) { $title = 'title="' . _html_escape($page) . '" '; } return "<a href='{$url}' {$title}{$attr}>{$word}</a>"; } else { if ($gpage and $DBInfo->hasPage($gpage)) { $this->pagelinks[$page] = -3; #$url=$this->link_url(_rawurlencode($gpage)); return $this->link_tag(_rawurlencode($gpage), '', $this->icon['main'], 'class="main"') . "<a href='{$url}' {$attr}>{$word}</a>"; } if (!empty($this->aliases[$page])) { return $this->aliases[$page]; } if (!empty($this->sister_on)) { if (empty($DBInfo->metadb)) { $DBInfo->initMetaDB(); } $sisters = $DBInfo->metadb->getSisterSites($page, $DBInfo->use_sistersites); if ($sisters === true) { $this->pagelinks[$page] = -2; return "<a href='{$url}'>{$word}</a>" . "<tt class='sister'><a href='{$url}'>›</a></tt>"; } if (!empty($sisters)) { if (!empty($this->use_easyalias) and !preg_match('/^\\[wiki:[A-Z][A-Za-z0-9]+:.*$/', $sisters)) { # this is a alias $this->use_easyalias = 0; $tmp = explode("\n", $sisters); $url = $this->link_repl(substr($tmp[0], 0, -1) . ' ' . $word . ']'); $this->use_easyalias = 1; $this->aliases[$page] = $url; return $url; } $this->sisters[] = "<li><tt class='foot'><a id='sister{$this->sister_idx}'></a>" . "<a href='#rsister{$this->sister_idx}'>{$this->sister_idx}›</a></tt> " . "{$sisters} </li>"; $this->pagelinks[$page] = $this->sister_idx++; $idx = $this->pagelinks[$page]; } if ($idx > 0) { return "<a href='{$url}'>{$word}</a>" . "<tt class='sister'>" . "<a id='rsister{$idx}'></a>" . "<a href='#sister{$idx}'>›{$idx}</a></tt>"; } } $this->pagelinks[$page] = 0; #return "<a class='nonexistent' href='$url'>?</a>$word"; return call_user_func(array(&$this, $nonexists), $word, $url, $page); } } }