function tags_to_html($str, $allow_img = 1, $no_char = 0) { if (!$no_char) { $str = htmlspecialchars($str); } $str = nl2br($str); $ostr = ''; $pos = $old_pos = 0; while (($pos = strpos($str, '[', $pos)) !== false) { if (isset($GLOBALS['seps'][$str[$pos + 1]])) { ++$pos; continue; } if (($epos = strpos($str, ']', $pos)) === false) { break; } if (!($epos - $pos - 1)) { $pos = $epos + 1; continue; } $tag = substr($str, $pos + 1, $epos - $pos - 1); if (($pparms = strpos($tag, '=')) !== false) { $parms = substr($tag, $pparms + 1); if (!$pparms) { /*[= exception */ $pos = $epos + 1; continue; } $tag = substr($tag, 0, $pparms); } else { $parms = ''; } $tag = strtolower($tag); switch ($tag) { case 'quote title': $tag = 'quote'; break; case 'list type': $tag = 'list'; break; } if ($tag[0] == '/') { if (isset($end_tag[$pos])) { if ($pos - $old_pos) { $ostr .= substr($str, $old_pos, $pos - $old_pos); } $ostr .= $end_tag[$pos]; $pos = $old_pos = $epos + 1; } else { $pos = $epos + 1; } continue; } $cpos = $epos; $ctag = '[/' . $tag . ']'; $ctag_l = strlen($ctag); $otag = '[' . $tag; $otag_l = strlen($otag); $rf = 1; while (($cpos = strpos($str, '[', $cpos)) !== false) { if (isset($end_tag[$cpos]) || isset($GLOBALS['seps'][$str[$cpos + 1]])) { ++$cpos; continue; } if (($cepos = strpos($str, ']', $cpos)) === false) { break 2; } if (strcasecmp(substr($str, $cpos, $ctag_l), $ctag) == 0) { --$rf; } else { if (strcasecmp(substr($str, $cpos, $otag_l), $otag) == 0) { ++$rf; } else { ++$cpos; continue; } } if (!$rf) { break; } $cpos = $cepos; } if (!$cpos || $rf && $str[$cpos] == '<') { /* left over [ handler */ ++$pos; continue; } if ($cpos !== false) { if ($pos - $old_pos) { $ostr .= substr($str, $old_pos, $pos - $old_pos); } switch ($tag) { case 'notag': $ostr .= '<span name="notag">' . substr($str, $epos + 1, $cpos - 1 - $epos) . '</span>'; $epos = $cepos; break; case 'url': if (!$parms) { $url = substr($str, $epos + 1, $cpos - $epos - 1); } else { $url = $parms; } if (!strncasecmp($url, 'www.', 4)) { $url = 'http://' . $url; } else { if (strpos(strtolower($url), 'javascript:') !== false) { $ostr .= substr($str, $pos, $cepos - $pos + 1); $epos = $cepos; $str[$cpos] = '<'; break; } else { $url = str_replace('://', '://', $url); } } $end_tag[$cpos] = '</a>'; $ostr .= '<a href="' . $url . '" target="_blank">'; break; case 'i': case 'u': case 'b': case 's': case 'sub': case 'sup': $end_tag[$cpos] = '</' . $tag . '>'; $ostr .= '<' . $tag . '>'; break; case 'email': if (!$parms) { $parms = str_replace('@', '@', substr($str, $epos + 1, $cpos - $epos - 1)); $ostr .= '<a href="mailto:' . $parms . '" target="_blank">' . $parms . '</a>'; $epos = $cepos; $str[$cpos] = '<'; } else { $end_tag[$cpos] = '</a>'; $ostr .= '<a href="mailto:' . str_replace('@', '@', $parms) . '" target="_blank">'; } break; case 'color': case 'size': case 'font': if ($tag == 'font') { $tag = 'face'; } $end_tag[$cpos] = '</font>'; $ostr .= '<font ' . $tag . '="' . $parms . '">'; break; case 'code': $param = substr($str, $epos + 1, $cpos - $epos - 1); reverse_nl2br($param); $ostr .= '<div class="pre"><pre>' . $param . '</pre></div>'; $epos = $cepos; $str[$cpos] = '<'; break; case 'pre': $param = substr($str, $epos + 1, $cpos - $epos - 1); reverse_nl2br($param); $ostr .= '<pre>' . $param . '</pre>'; $epos = $cepos; $str[$cpos] = '<'; break; case 'php': $param = substr($str, $epos + 1, $cpos - $epos - 1); reverse_nl2br($param); reverse_fmt($param); $param = trim($param); if (strncmp($param, '<?php', 5)) { if (strncmp($param, '<?', 2)) { $param = "<?php\n" . $param; } else { $param = "<?php\n" . substr($param, 3); } } if (substr($param, -2) != '?>') { $param .= "\n?>"; } $ostr .= '<span name="php">' . trim(@highlight_string($param, true)) . '</span>'; $epos = $cepos; $str[$cpos] = '<'; break; case 'img': if (!$allow_img) { $ostr .= substr($str, $pos, $cepos - $pos + 1); } else { if (!$parms) { $parms = substr($str, $epos + 1, $cpos - $epos - 1); if (strpos(strtolower($parms), 'javascript:') === false) { $ostr .= '<img src="' . $parms . '" border=0 alt="' . $parms . '">'; } else { $ostr .= substr($str, $pos, $cepos - $pos + 1); } } else { if (strpos(strtolower($parms), 'javascript:') === false) { $ostr .= '<img src="' . $parms . '" border=0 alt="' . substr($str, $epos + 1, $cpos - $epos - 1) . '">'; } else { $ostr .= substr($str, $pos, $cepos - $pos + 1); } } } $epos = $cepos; $str[$cpos] = '<'; break; case 'quote': if (!$parms) { $parms = 'Quote:'; } $ostr .= '<table border="0" align="center" width="90%" cellpadding="3" cellspacing="1"><tr><td class="SmallText"><b>' . $parms . '</b></td></tr><tr><td class="quote"><br>'; $end_tag[$cpos] = '<br></td></tr></table>'; break; case 'align': $end_tag[$cpos] = '</div>'; $ostr .= '<div align="' . $parms . '">'; break; case 'list': $tmp = substr($str, $epos, $cpos - $epos); $tmp_l = strlen($tmp); $tmp2 = str_replace(array('[*]', '<br />'), array('<li>', ''), $tmp); $tmp2_l = strlen($tmp2); $str = str_replace($tmp, $tmp2, $str); $diff = $tmp2_l - $tmp_l; $cpos += $diff; if (isset($end_tag)) { foreach ($end_tag as $key => $val) { if ($key < $epos) { continue; } $end_tag[$key + $diff] = $val; } } switch (strtolower($parms)) { case '1': case 'a': $end_tag[$cpos] = '</ol>'; $ostr .= '<ol type="' . $parms . '">'; break; case 'square': case 'circle': case 'disc': $end_tag[$cpos] = '</ul>'; $ostr .= '<ul type="' . $parms . '">'; break; default: $end_tag[$cpos] = '</ul>'; $ostr .= '<ul>'; } break; case 'spoiler': $rnd = get_random_value(64); $end_tag[$cpos] = '</div></div>'; $ostr .= '<div class="dashed" style="padding: 3px;" align="center" width="100%"><a href="javascript://" OnClick="javascript: layerVis(\'' . $rnd . '\', 1);">Mostra lo spoiler</a><div align="left" id="' . $rnd . '" style="visibility: hidden;">'; break; } $str[$pos] = '<'; $pos = $old_pos = $epos + 1; } else { $pos = $epos + 1; } } $ostr .= substr($str, $old_pos, strlen($str) - $old_pos); /* url paser */ $pos = 0; $ppos = 0; while (($pos = @strpos($ostr, '://', $pos)) !== false) { if ($pos < $ppos) { break; } // check if it's inside any tag; $i = $pos; while (--$i && $i > $ppos) { if ($ostr[$i] == '>' || $ostr[$i] == '<') { break; } } if ($ostr[$i] == '<') { $pos += 3; continue; } // check if it's inside the a tag if (($ts = strpos($ostr, '<a ', $pos)) === false) { $ts = strlen($ostr); } if (($te = strpos($ostr, '</a>', $pos)) == false) { $te = strlen($ostr); } if ($te < $ts) { $ppos = $pos += 3; continue; } // check if it's inside the pre tag if (($ts = strpos($ostr, '<pre>', $pos)) === false) { $ts = strlen($ostr); } if (($te = strpos($ostr, '</pre>', $pos)) == false) { $te = strlen($ostr); } if ($te < $ts) { $ppos = $pos += 3; continue; } // check if it's inside the span tag if (($ts = strpos($ostr, '<span>', $pos)) === false) { $ts = strlen($ostr); } if (($te = strpos($ostr, '</span>', $pos)) == false) { $te = strlen($ostr); } if ($te < $ts) { $ppos = $pos += 3; continue; } $us = $pos; $l = strlen($ostr); while (1) { --$us; if ($ppos > $us || $us >= $l || isset($GLOBALS['seps'][$ostr[$us]])) { break; } } unset($GLOBALS['seps']['=']); $ue = $pos; while (1) { ++$ue; if ($ue >= $l || isset($GLOBALS['seps'][$ostr[$ue]])) { break; } if ($ostr[$ue] == '&') { if ($ostr[$ue + 4] == ';') { $ue += 4; continue; } if ($ostr[$ue + 3] == ';' || $ostr[$ue + 5] == ';') { break; } } if ($ue >= $l || isset($GLOBALS['seps'][$ostr[$ue]])) { break; } } $GLOBALS['seps']['='] = '='; $url = substr($ostr, $us + 1, $ue - $us - 1); if (!strncasecmp($url, 'javascript', strlen('javascript'))) { $pos = $ue; continue; } $html_url = '<a href="' . $url . '" target="_blank">' . $url . '</a>'; $html_url_l = strlen($html_url); $ostr = fud_substr_replace($ostr, $html_url, $us + 1, $ue - $us - 1); $ppos = $pos; $pos = $us + $html_url_l; } /* email parser */ $pos = 0; $ppos = 0; while (($pos = @strpos($ostr, '@', $pos)) !== false) { if ($pos < $ppos) { break; } // check if it's inside any tag; $i = $pos; while (--$i && $i > $ppos) { if ($ostr[$i] == '>' || $ostr[$i] == '<') { break; } } if ($ostr[$i] == '<') { ++$pos; continue; } // check if it's inside the a tag if (($ts = strpos($ostr, '<a ', $pos)) === false) { $ts = strlen($ostr); } if (($te = strpos($ostr, '</a>', $pos)) == false) { $te = strlen($ostr); } if ($te < $ts) { $ppos = $pos += 1; continue; } // check if it's inside the pre tag if (($ts = strpos($ostr, '<div class="pre"><pre>', $pos)) === false) { $ts = strlen($ostr); } if (($te = strpos($ostr, '</pre></div>', $pos)) == false) { $te = strlen($ostr); } if ($te < $ts) { $ppos = $pos += 1; continue; } for ($es = $pos - 1; $es > $ppos - 1; $es--) { if (ord($ostr[$es]) >= ord('A') && ord($ostr[$es]) <= ord('z') || ord($ostr[$es]) >= ord(0) && ord($ostr[$es]) <= ord(9) || ($ostr[$es] == '.' || $ostr[$es] == '-' || $ostr[$es] == '\'')) { continue; } ++$es; break; } if ($es == $pos) { $ppos = $pos += 1; continue; } if ($es < 0) { $es = 0; } for ($ee = $pos + 1; @isset($ostr[$ee]); $ee++) { if (ord($ostr[$ee]) >= ord('A') && ord($ostr[$ee]) <= ord('z') || ord($ostr[$ee]) >= ord(0) && ord($ostr[$ee]) <= ord(9) || ($ostr[$ee] == '.' || $ostr[$ee] == '-')) { continue; } break; } if ($ee == $pos + 1) { $ppos = $pos += 1; continue; } $email = str_replace('@', '@', substr($ostr, $es, $ee - $es)); $email_url = '<a href="mailto:' . $email . '" target="_blank">' . $email . '</a>'; $email_url_l = strlen($email_url); $ostr = fud_substr_replace($ostr, $email_url, $es, $ee - $es); $ppos = $es + $email_url_l; $pos = $ppos; } return $ostr; }
/** * Render shaare contents through Markdown parser. * 1. Remove HTML generated by Shaarli core. * 2. Generate markdown descriptions. * 3. Wrap description in 'markdown' CSS class. * * @param string $description input description text. * * @return string HTML processed $description. */ function process_markdown($description) { $parsedown = new Parsedown(); $processedDescription = $description; $processedDescription = reverse_text2clickable($processedDescription); $processedDescription = reverse_nl2br($processedDescription); $processedDescription = reverse_space2nbsp($processedDescription); $processedDescription = reset_quote_tags($processedDescription); $processedDescription = $parsedown->setMarkupEscaped(false)->setBreaksEnabled(true)->text($processedDescription); $processedDescription = '<div class="markdown">' . $processedDescription . '</div>'; return $processedDescription; }
function export_msg_data($m, &$msg_subject, &$msg_body, &$msg_icon, &$msg_smiley_disabled, &$msg_show_sig, &$msg_track, &$msg_to_list, $repl = 0) { $msg_subject = $m->subject; $msg_body = read_pmsg_body($m->foff, $m->length); $msg_icon = $m->icon; $msg_smiley_disabled = $m->pmsg_opt & 2 ? '2' : ''; $msg_show_sig = $m->pmsg_opt & 1 ? '1' : ''; $msg_track = $m->pmsg_opt & 4 ? '4' : ''; $msg_to_list = $m->to_list; reverse_fmt($msg_subject); /* we do not revert replacment for forward/quote */ if ($repl) { $msg_subject = apply_reverse_replace($msg_subject); $msg_body = apply_reverse_replace($msg_body); } if (!$msg_smiley_disabled) { $msg_body = post_to_smiley($msg_body); } if ($GLOBALS['FUD_OPT_1'] & 4096) { $msg_body = html_to_tags($msg_body); } else { if ($GLOBALS['FUD_OPT_1'] & 2048) { reverse_fmt($msg_body); reverse_nl2br($msg_body); } } }
/** * Render shaare contents through Markdown parser. * 1. Remove HTML generated by Shaarli core. * 2. Reverse the escape function. * 3. Generate markdown descriptions. * 4. Sanitize sensible HTML tags for security. * 5. Wrap description in 'markdown' CSS class. * * @param string $description input description text. * * @return string HTML processed $description. */ function process_markdown($description) { $parsedown = new Parsedown(); $processedDescription = $description; $processedDescription = reverse_text2clickable($processedDescription); $processedDescription = reverse_nl2br($processedDescription); $processedDescription = reverse_space2nbsp($processedDescription); $processedDescription = unescape($processedDescription); $processedDescription = $parsedown->setMarkupEscaped(false)->setBreaksEnabled(true)->text($processedDescription); $processedDescription = sanitize_html($processedDescription); if (!empty($processedDescription)) { $processedDescription = '<div class="markdown">' . $processedDescription . '</div>'; } return $processedDescription; }