public static function parseBlock($block, $sanitize = true, $strip_html = true, $strip_slashes = true, $paragraph = true)
{
// check for base64, and decode it if passed
$raise_error = false;
$error_log = '';
if (base64_encode(base64_decode($block, true)) == $block) {
$block = base64_decode($block);
}
if (!is_string($block)) {
return array('status' => false, 'error' => 'A string wasn\'t provided.');
}
if ($sanitize && class_exists('DBHelper')) {
$parsed = DBHelper::staticSanitize($block, $strip_html);
if (!$strip_html) {
# Fix the HTML less than greater than escapes
$find_array = array('<', '>');
$replace_array = array('<', '>');
$parsed = str_replace($find_array, $replace_array, $parsed);
}
} else {
# Do a simple port ...
$parsed = $block;
}
/***
Check paragraphs
***/
// tags
if ($paragraph) {
if (strpos($parsed, '<p>') === false) {
$parsed = '<p>' . $parsed;
}
if (strpos($parsed, '</p>') === false) {
$parsed = $parsed . '</p>';
}
}
$parsed = urldecode($parsed);
// possibly has a bug removing a line beginning with a single quote after a new line.
$parsed = preg_replace('/((([\\\\nr]){2,}(?<=\\\\)(?<!n)[^\'"(])(?![\']))|([\\n\\r]{2,})/', '</p><p>', $parsed);
// new paragraph parsing
//pass fixes
$parsed = stripslashes($parsed);
$parsed = preg_replace('/&(?![A-Za-z0-9#]{1,7};)/', '&', $parsed);
// replace standalone "&" with &
$parsed = preg_replace("/([^=])'([^\\/>](?!(.{2,6}=)))/", '$1'$2', $parsed);
// replace standalone single quotes
// some characters
$parsed = str_replace(' < ', ' < ', $parsed);
$parsed = str_replace(' > ', ' > ', $parsed);
$parsed = str_replace('--', '—', $parsed);
//Fix broken bits pasted from a word processor
$parsed = str_replace('—', '—', $parsed);
$parsed = str_replace('', '', $parsed);
$parsed = str_replace('“', '"', $parsed);
$parsed = str_replace('‹', '-', $parsed);
$parsed = str_replace('”', '"', $parsed);
$parsed = str_replace('’', "'", $parsed);
$parsed = str_replace('‘', "'", $parsed);
$parsed = str_replace('…', '...', $parsed);
$parsed = str_replace('–', '—', $parsed);
/***
Replace special tags. Only iterate over them if any exist.
***/
//img
if (strpos($parsed, '[img:') !== false) {
$pos = strpos($parsed, '[img:');
while ($pos !== false) {
$img_o = '';
$end = strpos($parsed, ']', $pos);
if (substr($parsed, $pos - 3, 3) == '<p>') {
$i_switch = true;
$i_rep = '<p>';
} elseif (substr($parsed, $pos - 4, 4) == "<p>\n") {
$i_switch = true;
$i_rep = "<p>\n";
} else {
$i_switch = false;
//$img_o.="<!-- 4 parse '" . substr($parsed,$pos-4,4) . "'-->";
}
$length = $end - $pos;
$img = substr($parsed, $pos, $length);
//echo "<pre>$img tag from $pos to $end</pre>";
$img_e = explode(',', $img);
if (sizeof($img_e < 2)) {
return array('status' => false, 'error' => 'Fatal Error: Bad Image Syntax');
}
$img_o .= "<div class='img" . strtolower($img_e[1]);
// alignment
$img_o .= "'>\n<img src='" . substr($img_e[0], 5) . "'";
// src
// parse comment
if (sizeof($img_e) > 3) {
$i = 0;
foreach ($img_e as $caption) {
if ($i > 2) {
$img_e[2] .= ",{$caption}";
}
++$i;
}
}
if (!empty($img_e[2])) {
$img_o .= " alt='" . $img_e[2] . "'/>\n<p>" . $img_e[2] . '</p>';
} else {
$img_o .= '/>';
}
$img_o .= "\n</div>";
if ($i_switch) {
$img = $i_rep . $img;
$img_o .= '<p>';
}
$parsed = str_replace($img . ']', $img_o, $parsed);
$pos = strpos($parsed, '[img:');
}
}
//link
if (strpos($parsed, '[link:') !== false) {
$pos = strpos($parsed, '[link:');
while ($pos !== false) {
$end = strpos($parsed, ']', $pos);
$length = $end - $pos;
$link = substr($parsed, $pos, $length);
// kill embedded javascript
$link = str_replace('javascript:', '', strtolower($link));
$link_e = explode(',', $link);
if (sizeof($link_e) < 2) {
$link_e = array($link, substr($link_e[0], 6));
}
$link_o = "<a href='" . urlencode(substr($link_e[0], 6)) . "'>" . $link_e[1] . '</a>';
$parsed = str_replace($link . ']', $link_o, $parsed);
$pos = strpos($parsed, '[link:');
}
}
//u
if (strpos($parsed, '[u]') !== false) {
$pos = strpos($parsed, '[u]');
while ($pos !== false) {
$end = strpos($parsed, '[/u]', $pos);
if ($end === false) {
$short = trim(substr($parsed, $pos, 25));
$short_rep = trim(str_replace('[u]', '[TagError]', $short));
$parsed = str_replace($short, $short_rep, $parsed);
$raise_error = true;
$error_log .= "<p>Unclosed tag found! Section begins as: '{$short}'. It has been replaced by '{$short_rep}'. It is strongly suggested you correct the problem and resave.</p>";
}
$length = $end - $pos;
$uline = substr($parsed, $pos + 3, $length - 3);
$uline_o = "<span class='ul'>{$uline}</span>";
$parsed = str_replace('[u]' . $uline . '[/u]', $uline_o, $parsed);
$pos = strpos($parsed, '[u]');
}
}
//b
if (strpos($parsed, '[b]') !== false) {
$pos = strpos($parsed, '[b]');
while ($pos !== false) {
$end = strpos($parsed, '[/b]', $pos);
if ($end === false) {
$short = trim(substr($parsed, $pos, 25));
$short_rep = trim(str_replace('[b]', '[TagError]', $short));
$parsed = str_replace($short, $short_rep, $parsed);
$raise_error = true;
$error_log .= "<p>Unclosed tag found! Section begins as: '{$short}'. It has been replaced by '{$short_rep}'. It is strongly suggested you correct the problem and resave.</p>";
}
$length = $end - $pos;
$bold = substr($parsed, $pos + 3, $length - 3);
$bold_o = "<strong>{$bold}</strong>";
$parsed = str_replace('[b]' . $bold . '[/b]', $bold_o, $parsed);
$pos = strpos($parsed, '[b]');
}
}
//i
if (strpos($parsed, '[i]') !== false) {
$pos = strpos($parsed, '[i]');
while ($pos !== false) {
$end = strpos($parsed, '[/i]', $pos);
if ($end === false) {
$short = trim(substr($parsed, $pos, 25));
$short_rep = trim(str_replace('[i]', '[TagError]', $short));
$parsed = str_replace($short, $short_rep, $parsed);
$raise_error = true;
$error_log .= "<p>Unclosed tag found! Section begins as: '{$short}'. It has been replaced by '{$short_rep}'. It is strongly suggested you correct the problem and resave.</p>";
}
$length = $end - $pos;
$em = substr($parsed, $pos + 3, $length - 3);
$em_o = "<em>{$em}</em>";
$parsed = str_replace('[i]' . $em . '[/i]', $em_o, $parsed);
$pos = strpos($parsed, '[i]');
}
}
//Greek Characters
if (strpos($parsed, '[grk]') !== false) {
$pos = strpos($parsed, '[grk]');
while ($pos !== false) {
$end = strpos($parsed, '[/grk]', $pos);
if ($end === false) {
$short = trim(substr($parsed, $pos, 25));
$short_rep = trim(str_replace('[grk]', '[TagError]', $short));
$parsed = str_replace($short, $short_rep, $parsed);
$raise_error = true;
$error_log .= "<p>Unclosed tag found! Section begins as: '{$short}'. It has been replaced by '{$short_rep}'. It is strongly suggested you correct the problem and resave.</p>";
}
$length = $end - $pos;
$grk = substr($parsed, $pos + 5, $length - 5);
$grk_o = "<span class='greek' lang='gr' style='font-family:symbol;'>{$grk}</span>";
$parsed = str_replace('[grk]' . $grk . '[/grk]', $grk_o, $parsed);
$pos = strpos($parsed, '[grk]');
}
}
/*
* Lists
* Lists are made with [list][/list], with - or * preceeded by
* either a space or newline and followed by a space assumed to be
* new list elements.
*/
$exp = explode('[list]', $parsed);
foreach ($exp as $k => $list) {
if ($k > 0) {
// always skip the first element
if (strpos($list, '[/list]') === false) {
$raise_error = true;
$short = trim(substr($parsed, $pos, 25));
$list = '[TagError]' . $list;
$error_log .= "<p>Unclosed list found! Section begins as '{$short}'. It is strongly suggested you correct the problem and resave.</p>";
}
$list_e = explode('[/list]', $list, 2);
// only work with the content in the list
$e = array_filter(preg_split('/([\\n\\r](-|\\*)|( (-|\\*) ))[ ]*/', $list_e[0]));
// split at list item criteria
$list_e[0] = implode("</li>\n<li>", $e) . '</li></ul>';
// join as list elements, append list closure
$list = '<ul><li>' . implode("\n", $list_e);
// join the list halves
}
$exp[$k] = $list;
}
$parsed = implode("\n", $exp);
if (strpos(substr($parsed, -8), '</p>') === false && $paragraph) {
$parsed .= '</p>';
}
// database clean
if (!$strip) {
$parsed = addslashes($parsed);
}
return array('status' => true, 'html' => $parsed, 'error_log' => $error_log, 'new_edit' => self::deparseBlock($parsed));
}
$login_output .= "<h1>Logging out ...</h1>" . $deferredScriptBlock;
}
try {
$logged_in = $user->validateUser($_COOKIE[$cookielink]);
if (!$user->has2FA() && $require_two_factor === true && !isset($_REQUEST['2fa']) && $logged_in && $_REQUEST['q'] != 'logout') {
# If require two factor is on, always force it post login
header("Refresh: 0; url=" . $self_url . "?2fa=t");
$deferredJS .= "\nwindow.location.href=\"" . $self_url . "?2fa=t\";";
ob_end_flush();
}
# This should only show when there isn't two factor enabled ...
$twofactor = $user->has2FA() ? "Remove two-factor authentication" : "Add two-factor authentication";
$phone_verify_template = "<form id='verify_phone' onsubmit='event.preventDefault();'>\n <input type='tel' id='phone' name='phone' value='" . $user->getPhone() . "' readonly='readonly'/>\n <input type='hidden' id='username' name='username' value='" . $user->getUsername() . "'/>\n <button id='verify_phone_button' class='btn btn-primary'>Verify Phone Now</button>\n <p>\n <small>\n <a href='#' id='verify_later'>\n Verify Later\n </a>\n </small>\n </p>\n</form>";
try {
$needPhone = !$user->canSMS();
$deferredJS .= "console.log('Needs phone? '," . strbool($needPhone) . "," . DBHelper::staticSanitize($user->getPhone()) . ");\n";
$altPhone = "<p>Congratulations! Your phone number is verified.</p>";
} catch (Exception $e) {
$needPhone = false;
$deferredJS .= "console.warn('An exception was thrown checking for SMS-ability:','" . $e->getMessage() . "');\n";
$altPhone = "<p>You don't have a phone number registered with us. Please go to account settings and add a phone number.</p>";
}
$verifyphone_link = $needPhone ? "<li><a href='?q=verify'>Verify Phone</a></li>" : null;
$phone_verify_form = $needPhone ? $phone_verify_template : $altPhone;
} catch (Exception $e) {
# There have been no cookies set.
$logged_in = false;
$twofactor = "Please log in.";
}
if ($logged_in) {
$xml->setXml($_COOKIE[$cookieperson]);
function loopSanitizeArray($array)
{
if (is_array($array)) {
$new_array = array();
foreach ($array as $k => $v) {
$ck = DBHelper::staticSanitize($k);
if (is_array($v)) {
$cv = loopSanitizeArray($v);
} else {
$cv = DBHelper::staticSanitize($v);
}
$new_array[$ck] = $cv;
}
} else {
$new_array = $array;
}
return $new_array;
}
continue;
}
if(!$announcedStartSpot) {
#echo "<!-- Starting list from item $i after skipping $skip (total: $count) -->";
$announcedStartSpot = true;
}
if ($i >= $max + $skip) {
break;
}
$authorData = json_decode($project['author_data'], true);
$icon = boolstr($project['public']) ? '<iron-icon icon="social:public"></iron-icon>' : '<iron-icon icon="icons:lock"></iron-icon>';
$shortProjectTitle = htmlspecialchars_decode(html_entity_decode($project['project_title']));
$tooltipTitle = "Project #".substr($project['project_id'], 0, 8)."...";
if ( strlen($shortProjectTitle) > 43 ) {
$shortProjectTitle = substr($shortProjectTitle, 0, 40) . "...";
$tooltipTitle = DBHelper::staticSanitize($project['project_title']);
}
$affilEncode = htmlspecialchars($authorData["affiliation"]);
$affiliationIcon = "<iron-icon icon='social:school' data-toggle='tooltip' title='".$affilEncode."'></iron-icon>";
$orderData = $project[$orderColumn];
$projectCreatedOn = floatval($authorData["entry_date"]);
if($orderKey == "date") {
if(empty($orderData)) {
# No data for the project -- sort by project creation
$orderData = $projectCreatedOn;
} else {
$orderData = floatval($orderData);
}
$arrayKey = $orderData;
} else {
# If we were searching by author_data, we were looking
