/** * Get a word-filtered version of the specified text. * * @param string Text to filter * @return string Filtered version of the input text */ function wordfilter_text($text) { if (!addon_installed('wordfilter')) { return $text; } require_code('word_filter'); return check_word_filter($text, NULL, true); }
/** * Filter to alter form field values based on fields.xml. Usually a no-op. * * @param string The name of the parameter * @param ?string The current value of the parameter (NULL: none) * @return string The filtered value of the parameter */ function filter_form_field_default($name, $val) { $restrictions = load_field_restrictions(); foreach ($restrictions as $_r => $_restrictions) { $_r_exp = explode(',', $_r); foreach ($_r_exp as $__r) { if (trim($__r) == '' || simulated_wildcard_match($name, trim($__r), true)) { foreach ($_restrictions as $bits) { list($restriction, $attributes) = $bits; if (array_key_exists('error', $attributes) && substr($attributes['error'], 0, 1) == '!') { $attributes['error'] = do_lang(substr($attributes['error'], 1)); } switch (strtolower($restriction)) { case 'minlength': if (strlen($val) < intval($attributes['embed'])) { warn_exit(array_key_exists('error', $attributes) ? make_string_tempcode($attributes['error']) : do_lang_tempcode('FXML_FIELD_TOO_SHORT', escape_html($name), strval(intval($attributes['embed'])))); } break; case 'maxlength': if (strlen($val) > intval($attributes['embed'])) { warn_exit(array_key_exists('error', $attributes) ? make_string_tempcode($attributes['error']) : do_lang_tempcode('FXML_FIELD_TOO_LONG', escape_html($name), strval(intval($attributes['embed'])))); } break; case 'shun': if (simulated_wildcard_match(strtolower($val), strtolower($attributes['embed']), true)) { warn_exit(array_key_exists('error', $attributes) ? make_string_tempcode($attributes['error']) : do_lang_tempcode('FXML_FIELD_SHUNNED', escape_html($name))); } break; case 'pattern': if (preg_match('#' . str_replace('#', '\\#', $attributes['embed']) . '#', $val) == 0) { warn_exit(array_key_exists('error', $attributes) ? make_string_tempcode($attributes['error']) : do_lang_tempcode('FXML_FIELD_PATTERN_FAIL', escape_html($name), escape_html($attributes['embed']))); } break; case 'possibilityset': $values = explode(',', $attributes['embed']); $found = false; foreach ($values as $value) { if ($val == trim($value) || $val == $value || simulated_wildcard_match($val, $value, true)) { $found = true; } } $secretive = array_key_exists('secretive', $attributes) && $attributes['secretive'] == '1'; if (!$found) { warn_exit(array_key_exists('error', $attributes) ? make_string_tempcode($attributes['error']) : do_lang_tempcode($secretive ? 'FXML_FIELD_NOT_IN_SET_SECRETIVE' : 'FXML_FIELD_NOT_IN_SET', escape_html($name), escape_html($attributes['embed']))); } break; case 'disallowedsubstring': if (simulated_wildcard_match(strtolower($val), strtolower($attributes['embed']))) { warn_exit(array_key_exists('error', $attributes) ? make_string_tempcode($attributes['error']) : do_lang_tempcode('FXML_FIELD_SHUNNED_SUBSTRING', escape_html($name), escape_html($attributes['embed']))); } break; case 'disallowedword': if (addon_installed('wordfilter')) { global $WORDS_TO_FILTER; $temp_remember = $WORDS_TO_FILTER; $WORDS_TO_FILTER = array($attributes['embed'] => array('word' => $attributes['embed'], 'w_replacement' => '', 'w_substr' => 0)); require_code('word_filter'); check_word_filter($val, $name, false, true, false); $WORDS_TO_FILTER = $temp_remember; } else { if (strpos($val, $attributes['embed']) !== false) { warn_exit_wordfilter($name, do_lang_tempcode('WORD_FILTER_YOU', escape_html($attributes['embed']))); } // In soviet Russia, words filter you } break; case 'replace': if (!array_key_exists('from', $attributes)) { $val = $attributes['embed']; } else { $val = str_replace($attributes['from'], $attributes['embed'], $val); } break; case 'removeshout': $val = preg_replace_callback('#[^a-z]*[A-Z]{4}[^a-z]*#', 'deshout_callback', $val); break; case 'sentencecase': if (strlen($val) != 0) { $val = strtolower($val); $val[0] = strtoupper($val); // assumes no leading whitespace $val = preg_replace_callback('#[\\.\\!\\?]\\s+[a-z]#m', 'make_sentence_case_callback', $val); } break; case 'titlecase': $val = ucwords(strtolower($val)); break; case 'prepend': if (substr($val, 0, strlen($attributes['embed'])) != $attributes['embed']) { $val = $attributes['embed'] . $val; } break; case 'append': if (substr($val, -strlen($attributes['embed'])) != $attributes['embed']) { $val .= $attributes['embed']; } break; } } } } } return $val; }
/** * Get the value of the specified POST key, if it is found, or the default otherwise. * * @param ID_TEXT The name of the parameter to get * @param ?mixed The default value to give the parameter if the parameter value is not defined (NULL: allow missing parameter) (false: give error on missing parameter) * @param boolean Whether we are cleaning for HTML rather than Comcode/plain-text * @param boolean Whether to convert WYSIWYG contents to Comcode automatically * @return ?string The parameter value (NULL: missing) */ function post_param($name, $default = false, $html = false, $conv_from_wysiwyg = true) { $ret = __param($_POST, $name, $default, false, true); if ($ret === NULL) { return NULL; } if (trim($ret) == '' && $default !== '' && array_key_exists('require__' . $name, $_POST) && $_POST['require__' . $name] != '0') { require_code('failure'); improperly_filled_in_post($name); } if ($ret != '' && addon_installed('wordfilter')) { if ($name != 'password') { require_code('word_filter'); if ($ret !== $default) { $ret = check_word_filter($ret, $name); } } } if ($ret !== NULL) { $ret = unixify_line_format($ret, NULL, $html); } if (isset($_POST[$name . '__is_wysiwyg']) && $_POST[$name . '__is_wysiwyg'] == '1' && $conv_from_wysiwyg) { if (trim($ret) == '') { $ret = ''; } else { require_code('comcode_from_html'); $ret = trim(semihtml_to_comcode($ret)); } } else { if (substr($ret, 0, 10) == '[semihtml]' && substr(trim($ret), -11) == '[/semihtml]') { $_ret = trim($ret); $_ret = substr($_ret, 10, strlen($_ret) - 11 - 10); if (strpos($_ret, '[semihtml') === false) { require_code('comcode_from_html'); $ret = trim(semihtml_to_comcode($_ret)); } } } require_code('input_filter'); if ($GLOBALS['BOOTSTRAPPING'] == 0 && $GLOBALS['MICRO_AJAX_BOOTUP'] == 0) { check_posted_field($name, $ret); } if ($ret === $default) { return $ret; } if (strpos($ret, ':') !== false && function_exists('ocp_url_decode_post_process')) { $ret = ocp_url_decode_post_process($ret); } check_input_field_string($name, $ret, true); return $ret; }