$TB = new dcTrackback($core); $tb_excerpt = $post->post_excerpt_xhtml . ' ' . $post->post_content_xhtml; $post_title = $post->post_title; $post_url = $post->getURL(); } } else { $core->error->add(__('This entry does not exist.')); $can_view_page = false; } # Change excerpt if (!empty($_POST['tb_excerpt'])) { $tb_excerpt = $_POST['tb_excerpt']; } # Sanitize excerpt $tb_excerpt = html::clean($tb_excerpt); $tb_excerpt = html::decodeEntities($tb_excerpt); $tb_excerpt = text::cutString(html::escapeHTML($tb_excerpt), 255); $tb_excerpt = preg_replace('/\\s+/ms', ' ', $tb_excerpt); # Send pings if ($post && !$post->isEmpty() && !empty($_POST['tb_urls'])) { $tb_urls = $_POST['tb_urls']; $tb_urls = str_replace("\r", '', $tb_urls); $post_title = html::escapeHTML(trim(html::clean($post_title))); foreach (explode("\n", $tb_urls) as $tb_url) { try { $TB->ping($tb_url, $id, $post_title, $tb_excerpt, $post_url); } catch (Exception $e) { $core->error->add($e->getMessage()); } } if (!$core->error->flag()) {
/** * Read XMP * * Reads XML metadata and assigns values to {@link $xmp}. * * @param string $f Image file path */ protected function readXMP($f) { if (($fp = @fopen($f, 'rb')) === false) { throw new Exception('Unable to open image file'); } $inside = false; $done = false; $xmp = null; while (!feof($fp)) { $buffer = fgets($fp, 4096); $xmp_start = strpos($buffer, '<x:xmpmeta'); if ($xmp_start !== false) { $buffer = substr($buffer, $xmp_start); $inside = true; } if ($inside) { $xmp_end = strpos($buffer, '</x:xmpmeta>'); if ($xmp_end !== false) { $buffer = substr($buffer, $xmp_end, 12); $inside = false; $done = true; } $xmp .= $buffer; } if ($done) { break; } } fclose($fp); if (!$xmp) { return; } foreach ($this->xmp_reg as $code => $patterns) { foreach ($patterns as $p) { if (preg_match($p, $xmp, $m)) { $this->xmp[$code] = $m[1]; break; } } } if (preg_match('%<dc:subject>\\s*<rdf:Bag>(.+?)</rdf:Bag%msu', $xmp, $m) && preg_match_all('%<rdf:li>(.+?)</rdf:li>%msu', $m[1], $m)) { $this->xmp['Keywords'] = implode(',', $m[1]); } foreach ($this->xmp as $k => $v) { $this->xmp[$k] = html::decodeEntities(text::toUTF8($v)); } }
public static function remove_html($str) { return html::decodeEntities(html::clean($str)); }
$movie = $m[1]; if (preg_match('#<meta\\s+name="title"\\s+content="(.+?)"#ms', $content, $m)) { $m_title = $m[1]; } if (preg_match('#<meta\\s+name="video_height"\\s+content="(\\d+?)"#ms', $content, $m)) { $h = $m[1]; } if (preg_match('#<meta\\s+name="video_width"\\s+content="(\\d+?)"#ms', $content, $m)) { $w = $m[1]; } $m_object = '<object type="application/x-shockwave-flash" data="' . $movie . '" width="' . $w . '" height="' . $h . '">' . "\n" . ' <param name="movie" value="' . $movie . '" />' . "\n" . ' <param name="wmode" value="transparent" />' . "\n" . ' <param name="FlashVars" value="autoplay=0&fullscreen=1&show_title=1&show_byline=1" />' . "\n" . '</object>'; } break; case 'youtube': if (preg_match('#<input.+?\\s+name="embed_code".+?\\s+value="(.+?)"#ms', $content, $m)) { $cap = html::decodeEntities($m[1]); $movie = ''; if (preg_match('#param\\s+name="movie"\\s+value="(.+?)"#s', $cap, $M)) { $movie = html::escapeURL($M[1]); } if (preg_match('#<title>Youtube\\s+-\\s+(.+?)</title>#si', $content, $M)) { $m_title = $M[1]; } if ($movie) { $m_object = '<object type="application/x-shockwave-flash" data="' . $movie . '" width="425" height="350">' . "\n" . ' <param name="movie" value="' . $movie . '" />' . "\n" . ' <param name="wmode" value="transparent" />' . "\n" . '</object>'; } } break; case 'jamendo': if (preg_match('#^http://(www.)?jamendo.com/[a-z]{2}/(playlist|album|track)/([0-9]+)#', $media_page, $m)) { $type = $m[2];
/** Receives a pingback and insert it as a comment of given post. @param from_url <b>string</b> Source URL @param to_url <b>string</b> Target URL */ public function receive_pb($from_url, $to_url) { $reg = '!^' . preg_quote($this->core->blog->url) . '(.*)!'; $type = $args = $next = ''; # Are you dumb? if (!preg_match($reg, $to_url, $m)) { throw new Exception(__('Any chance you ping one of my contents? No? Really?'), 0); } # Does the targeted URL look like a registered post type? $url_part = $m[1]; $p_type = ''; $post_types = $this->core->getPostTypes(); foreach ($post_types as $k => $v) { $reg = '!^' . preg_quote(str_replace('%s', '', $v['public_url'])) . '(.*)!'; if (preg_match($reg, $url_part, $n)) { $p_type = $k; $post_url = $n[1]; break; } } if (empty($p_type)) { throw new Exception(__('Sorry but you can not ping this type of content.'), 33); } # Time to see if we've got a winner... $params = array('post_type' => $p_type, 'post_url' => $post_url); $posts = $this->core->blog->getPosts($params); # Missed! if ($posts->isEmpty()) { throw new Exception(__('Oops. Kinda "not found" stuff. Please check the target URL twice.'), 33); } # Nice try. But, sorry, no. if (!$posts->trackbacksActive()) { throw new Exception(__('Sorry, dude. This entry does not accept pingback at the moment.'), 33); } if ($this->pingAlreadyDone($posts->post_id, $from_url)) { throw new Exception(__('Don\'t repeat yourself, please.'), 48); } # OK. We've found our champion. Time to check the remote part. try { $http = self::initHttp($from_url, $from_path); # First round : just to be sure the ping comes from an acceptable resource type. $http->setHeadersOnly(true); $http->get($from_path); $c_type = explode(';', $http->getHeader('content-type')); # Bad luck. Bye, bye... if (!in_array($c_type[0], array('text/html', 'application/xhtml+xml'))) { throw new Exception(__('Your source URL does not look like a supported content type. Sorry. Bye, bye!'), 0); } # Second round : let's go fetch and parse the remote content $http->setHeadersOnly(false); $http->get($from_path); $remote_content = $http->getContent(); $charset = self::getCharsetFromRequest($http->getHeader('content-type')); if (!$charset) { $charset = self::detectCharset($remote_content); } if (strtolower($charset) != 'utf-8') { $remote_content = iconv($charset, 'UTF-8', $remote_content); } # We want a title... if (!preg_match('!<title>([^<].*?)</title>!mis', $remote_content, $m)) { throw new Exception(__('Where\'s your title?'), 0); } $title = trim(html::clean($m[1])); $title = html::decodeEntities($title); $title = html::escapeHTML($title); $title = text::cutString($title, 60); preg_match('!<body[^>]*?>(.*)?</body>!msi', $remote_content, $m); $source = $m[1]; $source = preg_replace('![\\r\\n\\s]+!ms', ' ', $source); $source = preg_replace("/<\\/*(h\\d|p|th|td|li|dt|dd|pre|caption|input|textarea|button)[^>]*>/", "\n\n", $source); $source = strip_tags($source, '<a>'); $source = explode("\n\n", $source); $excerpt = ''; foreach ($source as $line) { if (strpos($line, $to_url) !== false) { if (preg_match("!<a[^>]+?" . $to_url . "[^>]*>([^>]+?)</a>!", $line, $m)) { $excerpt = strip_tags($line); break; } } } if ($excerpt) { $excerpt = '(…) ' . text::cutString(html::escapeHTML($excerpt), 200) . ' (…)'; } else { $excerpt = '(…)'; } $this->addBacklink($posts->post_id, $from_url, '', $title, $excerpt, $comment); } catch (Exception $e) { throw new Exception(__('Sorry, an internal problem has occured.'), 0); } return __('Thanks, mate. It was a pleasure.'); }
private function prepareDC12line(&$line) { $settings = array('dc_theme', 'dc_nb_post_per_page', 'dc_allow_comments', 'dc_allow_trackbacks', 'dc_comment_pub', 'dc_comments_ttl', 'dc_wiki_comments', 'dc_use_smilies', 'dc_date_format', 'dc_time_format', 'dc_url_scan'); switch ($line->__name) { case 'categorie': $line->substitute('cat_libelle', 'cat_title'); $line->substitute('cat_libelle_url', 'cat_url'); $line->__name = 'category'; $line->blog_id = 'default'; break; case 'link': $line->substitute('href', 'link_href'); $line->substitute('label', 'link_title'); $line->substitute('title', 'link_desc'); $line->substitute('lang', 'link_lang'); $line->substitute('rel', 'link_xfn'); $line->substitute('position', 'link_position'); $line->blog_id = 'default'; break; case 'post': $line->substitute('post_titre', 'post_title'); $line->post_title = html::decodeEntities($line->post_title); $line->post_url = date('Y/m/d/', strtotime($line->post_dt)) . $line->post_id . '-' . $line->post_titre_url; $line->post_url = substr($line->post_url, 0, 255); $line->post_format = $line->post_content_wiki == '' ? 'xhtml' : 'wiki'; $line->post_content_xhtml = $line->post_content; $line->post_excerpt_xhtml = $line->post_chapo; if ($line->post_format == 'wiki') { $line->post_content = $line->post_content_wiki; $line->post_excerpt = $line->post_chapo_wiki; } else { $line->post_content = $line->post_content; $line->post_excerpt = $line->post_chapo; } $line->post_status = (int) $line->post_pub; $line->post_type = 'post'; $line->blog_id = 'default'; $line->drop('post_titre_url', 'post_content_wiki', 'post_chapo', 'post_chapo_wiki', 'post_pub'); break; case 'comment': $line->substitute('comment_auteur', 'comment_author'); if ($line->comment_site != '' && !preg_match('!^http://.*$!', $line->comment_site, $m)) { $line->comment_site = 'http://' . $line->comment_site; } $line->comment_status = (int) $line->comment_pub; $line->drop('comment_pub'); break; } # --BEHAVIOR-- importPrepareDC12 $this->core->callBehavior('importPrepareDC12', $line, $this, $this->core); }
protected function importPost($rs, $db) { $cur = $this->con->openCursor($this->prefix . 'post'); $cur->blog_id = $this->blog_id; $cur->user_id = $rs->user_id; $cur->cat_id = (int) $this->vars['cat_ids'][$rs->cat_id]; $cur->post_dt = $rs->post_dt; $cur->post_creadt = $rs->post_creadt; $cur->post_upddt = $rs->post_upddt; $cur->post_title = html::decodeEntities($this->cleanStr($rs->post_titre)); $cur->post_url = date('Y/m/d/', strtotime($cur->post_dt)) . $rs->post_id . '-' . $rs->post_titre_url; $cur->post_url = substr($cur->post_url, 0, 255); $cur->post_format = $rs->post_content_wiki == '' ? 'xhtml' : 'wiki'; $cur->post_content_xhtml = $this->cleanStr($rs->post_content); $cur->post_excerpt_xhtml = $this->cleanStr($rs->post_chapo); if ($cur->post_format == 'wiki') { $cur->post_content = $this->cleanStr($rs->post_content_wiki); $cur->post_excerpt = $this->cleanStr($rs->post_chapo_wiki); } else { $cur->post_content = $this->cleanStr($rs->post_content); $cur->post_excerpt = $this->cleanStr($rs->post_chapo); } $cur->post_notes = $this->cleanStr($rs->post_notes); $cur->post_status = (int) $rs->post_pub; $cur->post_selected = (int) $rs->post_selected; $cur->post_open_comment = (int) $rs->post_open_comment; $cur->post_open_tb = (int) $rs->post_open_tb; $cur->post_lang = $rs->post_lang; $cur->post_words = implode(' ', text::splitWords($cur->post_title . ' ' . $cur->post_excerpt_xhtml . ' ' . $cur->post_content_xhtml)); $cur->post_id = $this->con->select('SELECT MAX(post_id) FROM ' . $this->prefix . 'post')->f(0) + 1; $cur->insert(); $this->importComments($rs->post_id, $cur->post_id, $db); $this->importPings($rs->post_id, $cur->post_id, $db); # Load meta if we have some in DC1 if (isset($this->has_table[$this->vars['db_prefix'] . 'post_meta'])) { $this->importMeta($rs->post_id, $cur->post_id, $db); } }
/** Returns trackback site title if comment is a trackback. @param rs Invisible parameter @return <b>string</b> */ public static function getTrackbackTitle(&$rs) { if ($rs->comment_trackback == 1 && preg_match('|<p><strong>(.*?)</strong></p>|msU', $rs->comment_content, $match)) { return html::decodeEntities($match[1]); } }
private function miniTidyFixAttr($m) { # Escape entities in attributes value return $m[1] . html::escapeHTML(html::decodeEntities($m[2])) . $m[3]; }
/** Receives a trackback and insert it as a comment of given post. @param post_id <b>integer</b> Post ID */ public function receive($post_id) { header('Content-Type: text/xml; charset=UTF-8'); if (empty($_POST)) { http::head(405, 'Method Not Allowed'); echo '<?xml version="1.0" encoding="utf-8"?>' . "\n" . "<response>\n" . " <error>1</error>\n" . " <message>POST request needed</message>\n" . "</response>"; return; } $post_id = (int) $post_id; $title = !empty($_POST['title']) ? $_POST['title'] : ''; $excerpt = !empty($_POST['excerpt']) ? $_POST['excerpt'] : ''; $url = !empty($_POST['url']) ? $_POST['url'] : ''; $blog_name = !empty($_POST['blog_name']) ? $_POST['blog_name'] : ''; $charset = ''; $comment = ''; $err = false; $msg = ''; if ($this->core->blog === null) { $err = true; $msg = 'No blog.'; } elseif ($url == '') { $err = true; $msg = 'URL parameter is required.'; } elseif ($blog_name == '') { $err = true; $msg = 'Blog name is required.'; } if (!$err) { $post = $this->core->blog->getPosts(array('post_id' => $post_id, 'post_type' => '')); if ($post->isEmpty()) { $err = true; $msg = 'No such post.'; } elseif (!$post->trackbacksActive()) { $err = true; $msg = 'Trackbacks are not allowed for this post or weblog.'; } } if (!$err) { $charset = self::getCharsetFromRequest(); if (!$charset) { $charset = mb_detect_encoding($title . ' ' . $excerpt . ' ' . $blog_name, 'UTF-8,ISO-8859-1,ISO-8859-2,ISO-8859-3,' . 'ISO-8859-4,ISO-8859-5,ISO-8859-6,ISO-8859-7,ISO-8859-8,' . 'ISO-8859-9,ISO-8859-10,ISO-8859-13,ISO-8859-14,ISO-8859-15'); } if (strtolower($charset) != 'utf-8') { $title = iconv($charset, 'UTF-8', $title); $excerpt = iconv($charset, 'UTF-8', $excerpt); $blog_name = iconv($charset, 'UTF-8', $blog_name); } $title = trim(html::clean($title)); $title = html::decodeEntities($title); $title = html::escapeHTML($title); $title = text::cutString($title, 60); $excerpt = trim(html::clean($excerpt)); $excerpt = html::decodeEntities($excerpt); $excerpt = preg_replace('/\\s+/ms', ' ', $excerpt); $excerpt = text::cutString($excerpt, 252); $excerpt = html::escapeHTML($excerpt) . '...'; $blog_name = trim(html::clean($blog_name)); $blog_name = html::decodeEntities($blog_name); $blog_name = html::escapeHTML($blog_name); $blog_name = text::cutString($blog_name, 60); $url = trim(html::clean($url)); if (!$blog_name) { $blog_name = 'Anonymous blog'; } $comment = "<!-- TB -->\n" . '<p><strong>' . ($title ? $title : $blog_name) . "</strong></p>\n" . '<p>' . $excerpt . '</p>'; $cur = $this->core->con->openCursor($this->core->prefix . 'comment'); $cur->comment_author = (string) $blog_name; $cur->comment_site = (string) $url; $cur->comment_content = (string) $comment; $cur->post_id = $post_id; $cur->comment_trackback = 1; $cur->comment_status = $this->core->blog->settings->trackbacks_pub ? 1 : -1; $cur->comment_ip = http::realIP(); try { # --BEHAVIOR-- publicBeforeTrackbackCreate $this->core->callBehavior('publicBeforeTrackbackCreate', $cur); if ($cur->post_id) { $comment_id = $this->core->blog->addComment($cur); # --BEHAVIOR-- publicAfterTrackbackCreate $this->core->callBehavior('publicAfterTrackbackCreate', $cur, $comment_id); } } catch (Exception $e) { $err = 1; $msg = 'Something went wrong : ' . $e->getMessage(); } } $debug_trace = " <debug>\n" . ' <title>' . $title . "</title>\n" . ' <excerpt>' . $excerpt . "</excerpt>\n" . ' <url>' . $url . "</url>\n" . ' <blog_name>' . $blog_name . "</blog_name>\n" . ' <charset>' . $charset . "</charset>\n" . ' <comment>' . $comment . "</comment>\n" . " </debug>\n"; $resp = '<?xml version="1.0" encoding="utf-8"?>' . "\n" . "<response>\n" . ' <error>' . (int) $err . "</error>\n"; if ($msg) { $resp .= ' <message>' . $msg . "</message>\n"; } if (!empty($_POST['__debug'])) { $resp .= $debug_trace; } echo $resp . "</response>"; }
public function SysIf($attr, $content) { $if = array(); $is_ping = null; $operator = isset($attr['operator']) ? $this->getOperator($attr['operator']) : '&&'; if (isset($attr['categories'])) { $sign = (bool) $attr['categories'] ? '!' : '='; $if[] = '$_ctx->categories ' . $sign . '== null'; } if (isset($attr['posts'])) { $sign = (bool) $attr['posts'] ? '!' : '='; $if[] = '$_ctx->posts ' . $sign . '== null'; } if (isset($attr['blog_lang'])) { $if[] = "\$core->blog->settings->lang == '" . addslashes($attr['blog_lang']) . "'"; } if (isset($attr['current_tpl'])) { $sign = '='; if (substr($attr['current_tpl'], 0, 1) == '!') { $sign = '!'; $attr['current_tpl'] = substr($attr['current_tpl'], 1); } $if[] = "\$_ctx->current_tpl " . $sign . "= '" . addslashes($attr['current_tpl']) . "'"; } if (isset($attr['current_mode'])) { $sign = '='; if (substr($attr['current_mode'], 0, 1) == '!') { $sign = '!'; $attr['current_mode'] = substr($attr['current_mode'], 1); } $if[] = "\$core->url->type " . $sign . "= '" . addslashes($attr['current_mode']) . "'"; } if (isset($attr['has_tpl'])) { $sign = ''; if (substr($attr['has_tpl'], 0, 1) == '!') { $sign = '!'; $attr['has_tpl'] = substr($attr['has_tpl'], 1); } $if[] = $sign . "\$core->tpl->getFilePath('" . addslashes($attr['has_tpl']) . "') !== false"; } if (isset($attr['has_tag'])) { $sign = ''; if (substr($attr['has_tag'], 0, 1) == '!') { $sign = '!'; $attr['has_tag'] = substr($attr['has_tag'], 1); } $if[] = $sign . "(\$core->tpl->tagExists('" . addslashes($attr['has_tag']) . "') )"; } if (isset($attr['comments_active'])) { $sign = (bool) $attr['comments_active'] ? '' : '!'; $if[] = $sign . '$core->blog->settings->allow_comments'; } if (isset($attr['pings_active'])) { $sign = (bool) $attr['pings_active'] ? '' : '!'; $if[] = $sign . '$core->blog->settings->allow_trackbacks'; } if (isset($attr['wiki_comments'])) { $sign = (bool) $attr['wiki_comments'] ? '' : '!'; $if[] = $sign . '$core->blog->settings->wiki_comments'; } if (isset($attr['search_count']) && preg_match('/^((=|!|>|<)=|(>|<))\\s*[0-9]+$/', trim($attr['search_count']))) { $if[] = '(isset($_search_count) && $_search_count ' . html::decodeEntities($attr['search_count']) . ')'; } if (!empty($if)) { return '<?php if(' . implode(' ' . $operator . ' ', $if) . ') : ?>' . $content . '<?php endif; ?>'; } else { return $content; } }
if ($next_rs !== null) { $next_link = sprintf($post_link, $next_rs->post_id, html::escapeHTML($next_rs->post_title), __('Next entry') . ' »'); $next_headlink = sprintf($post_headlink, 'next', html::escapeHTML($next_rs->post_title), $next_rs->post_id); } if ($prev_rs !== null) { $prev_link = sprintf($post_link, $prev_rs->post_id, html::escapeHTML($prev_rs->post_title), '« ' . __('Previous entry')); $prev_headlink = sprintf($post_headlink, 'previous', html::escapeHTML($prev_rs->post_title), $prev_rs->post_id); } try { $core->media = new dcMedia($core); } catch (Exception $e) { $core->error->add($e->getMessage()); } # Sanitize trackbacks excerpt $tb_excerpt = empty($_POST['tb_excerpt']) ? $post_excerpt_xhtml . ' ' . $post_content_xhtml : $_POST['tb_excerpt']; $tb_excerpt = html::decodeEntities(html::clean($tb_excerpt)); $tb_excerpt = text::cutString(html::escapeHTML($tb_excerpt), 255); $tb_excerpt = preg_replace('/\\s+/ms', ' ', $tb_excerpt); } } if (isset($_REQUEST['section']) && $_REQUEST['section'] == 'trackbacks') { $anchor = 'trackbacks'; } else { $anchor = 'comments'; } $comments_actions_page = new dcCommentsActionsPage($core, $core->adminurl->get('admin.post'), array('id' => $post_id, '_ANCHOR' => $anchor, 'section' => $anchor)); if ($comments_actions_page->process()) { return; } # Ping blogs if (!empty($_POST['ping'])) {