static function basic()
 {
     if (!self::$g) {
         self::$g = new CleanHTML();
     }
     return self::$g;
 }
function parse_value($sv, $name, $info)
{
    global $Conf, $Me, $Now, $Opt;
    if (!isset($sv->req[$name])) {
        $xname = str_replace(".", "_", $name);
        if (isset($sv->req[$xname])) {
            $sv->req[$name] = $sv->req[$xname];
        } else {
            if ($info->type === "checkbox" || $info->type === "cdate") {
                return 0;
            } else {
                return null;
            }
        }
    }
    $v = trim($sv->req[$name]);
    if ($info->placeholder && $info->placeholder === $v || $info->invalid_value && $info->invalid_value === $v) {
        $v = "";
    }
    if ($info->type === "checkbox") {
        return $v != "" ? 1 : 0;
    } else {
        if ($info->type === "cdate" && $v == "1") {
            return 1;
        } else {
            if ($info->type === "date" || $info->type === "cdate" || $info->type === "ndate") {
                if ($v == "" || !strcasecmp($v, "N/A") || !strcasecmp($v, "same as PC") || $v == "0" || $info->type !== "ndate" && !strcasecmp($v, "none")) {
                    return -1;
                } else {
                    if (!strcasecmp($v, "none")) {
                        return 0;
                    } else {
                        if (($v = $Conf->parse_time($v)) !== false) {
                            return $v;
                        } else {
                            $err = unparse_setting_error($info, "Invalid date.");
                        }
                    }
                }
            } else {
                if ($info->type === "grace") {
                    if (($v = parseGrace($v)) !== null) {
                        return intval($v);
                    } else {
                        $err = unparse_setting_error($info, "Invalid grace period.");
                    }
                } else {
                    if ($info->type === "int" || $info->type === "zint") {
                        if (preg_match("/\\A[-+]?[0-9]+\\z/", $v)) {
                            return intval($v);
                        } else {
                            $err = unparse_setting_error($info, "Should be a number.");
                        }
                    } else {
                        if ($info->type === "string") {
                            // Avoid storing the default message in the database
                            if (substr($name, 0, 9) == "mailbody_") {
                                $t = expandMailTemplate(substr($name, 9), true);
                                $v = cleannl($v);
                                if ($t["body"] == $v) {
                                    return "";
                                }
                            }
                            return $v;
                        } else {
                            if ($info->type === "simplestring") {
                                return simplify_whitespace($v);
                            } else {
                                if ($info->type === "tag" || $info->type === "tagbase") {
                                    $tagger = new Tagger($Me);
                                    $v = trim($v);
                                    if ($v === "" && $info->optional) {
                                        return $v;
                                    }
                                    $v = $tagger->check($v, $info->type === "tagbase" ? Tagger::NOVALUE : 0);
                                    if ($v) {
                                        return $v;
                                    }
                                    $err = unparse_setting_error($info, $tagger->error_html);
                                } else {
                                    if ($info->type === "emailheader") {
                                        $v = MimeText::encode_email_header("", $v);
                                        if ($v !== false) {
                                            return $v == "" ? "" : MimeText::decode_header($v);
                                        }
                                        $err = unparse_setting_error($info, "Invalid email header.");
                                    } else {
                                        if ($info->type === "emailstring") {
                                            $v = trim($v);
                                            if ($v === "" && $info->optional) {
                                                return "";
                                            } else {
                                                if (validate_email($v) || $v === $v_active) {
                                                    return $v;
                                                } else {
                                                    $err = unparse_setting_error($info, "Invalid email.");
                                                }
                                            }
                                        } else {
                                            if ($info->type === "urlstring") {
                                                $v = trim($v);
                                                if ($v === "" && $info->optional || preg_match(',\\A(?:https?|ftp)://\\S+\\z,', $v)) {
                                                    return $v;
                                                } else {
                                                    $err = unparse_setting_error($info, "Invalid URL.");
                                                }
                                            } else {
                                                if ($info->type === "htmlstring") {
                                                    if (($v = CleanHTML::basic_clean($v, $err)) === false) {
                                                        $err = unparse_setting_error($info, $err);
                                                    } else {
                                                        if ($info->message_default && $v === $Conf->message_default_html($info->message_default)) {
                                                            return "";
                                                        } else {
                                                            return $v;
                                                        }
                                                    }
                                                } else {
                                                    if ($info->type === "radio") {
                                                        foreach ($info->values as $allowedv) {
                                                            if ((string) $allowedv === $v) {
                                                                return $allowedv;
                                                            }
                                                        }
                                                        $err = unparse_setting_error($info, "Parse error (unexpected value).");
                                                    } else {
                                                        return $v;
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
    $sv->set_error($name, $err);
    return null;
}
 function option_request_to_json($sv, &$new_opts, $id, $current_opts)
 {
     global $Conf;
     $name = simplify_whitespace(defval($sv->req, "optn{$id}", ""));
     if (!isset($sv->req["optn{$id}"]) && $id[0] !== "n") {
         if (get($current_opts, $id)) {
             $new_opts[$id] = $current_opts[$id];
         }
         return;
     } else {
         if ($name === "" || $sv->req["optfp{$id}"] === "delete" || $id[0] === "n" && ($name === "New option" || $name === "(Enter new option)")) {
             return;
         }
     }
     $oarg = ["name" => $name, "id" => (int) $id, "final" => false];
     if ($id[0] === "n") {
         $nextid = max($Conf->setting("next_optionid", 1), 1);
         foreach ($new_opts as $haveid => $o) {
             $nextid = max($nextid, $haveid + 1);
         }
         foreach ($current_opts as $haveid => $o) {
             $nextid = max($nextid, $haveid + 1);
         }
         $oarg["id"] = $nextid;
     }
     if (get($sv->req, "optd{$id}") && trim($sv->req["optd{$id}"]) != "") {
         $t = CleanHTML::basic_clean($sv->req["optd{$id}"], $err);
         if ($t !== false) {
             $oarg["description"] = $t;
         } else {
             $sv->set_error("optd{$id}", $err);
         }
     }
     if ($optvt = get($sv->req, "optvt{$id}")) {
         if (($pos = strpos($optvt, ":")) !== false) {
             $oarg["type"] = substr($optvt, 0, $pos);
             if (preg_match('/:final/', $optvt)) {
                 $oarg["final"] = true;
             }
             if (preg_match('/:ds_(\\d+)/', $optvt, $m)) {
                 $oarg["display_space"] = (int) $m[1];
             }
         } else {
             $oarg["type"] = $optvt;
         }
     } else {
         $oarg["type"] = "checkbox";
     }
     if (PaperOption::type_has_selector($oarg["type"])) {
         $oarg["selector"] = array();
         $seltext = trim(cleannl(defval($sv->req, "optv{$id}", "")));
         if ($seltext != "") {
             foreach (explode("\n", $seltext) as $t) {
                 $oarg["selector"][] = $t;
             }
         } else {
             $sv->set_error("optv{$id}", "Enter selectors one per line.");
         }
     }
     $oarg["visibility"] = defval($sv->req, "optp{$id}", "rev");
     if ($oarg["final"]) {
         $oarg["visibility"] = "rev";
     }
     $oarg["position"] = (int) defval($sv->req, "optfp{$id}", 1);
     $oarg["display"] = defval($sv->req, "optdt{$id}");
     if ($oarg["type"] === "pdf" && $oarg["final"]) {
         $oarg["display"] = "submission";
     }
     $new_opts[$oarg["id"]] = $o = PaperOption::make($oarg);
     $o->req_id = $id;
     $o->is_new = $id[0] === "n";
 }
        $errid = isset($update["errid"]) && ctype_alnum("" . $update["errid"]) ? $update["errid"] : false;
        if ($errid && $Conf->setting("ignoreupdate_{$errid}", 0) > time()) {
            $ok = false;
        }
        if ($ok) {
            $m = "<div class='xmerror'";
            if ($errid) {
                $m .= " id='softwareupdate_{$errid}'";
            }
            $m .= " style='font-size:smaller'><div class='dod'><strong>WARNING: Upgrade your HotCRP installation.</strong>";
            if (isset($update["vulnid"]) && is_numeric($update["vulnid"])) {
                $m .= " (HotCRP-Vulnerability-" . $update["vulnid"] . ")";
            }
            $m .= "</div>";
            if (isset($update["message"]) && is_string($update["message"])) {
                $m .= "<div class='bigid'>" . CleanHTML::clean($update["message"], $error) . "</div>";
            }
            if (isset($update["to"]) && is_string($update["to"])) {
                $m .= "<div class='bigid'>First unaffected commit: " . htmlspecialchars($update["to"]);
                if ($errid) {
                    $m .= " <span class='barsep'>·</span> " . "<a href='#' onclick='return check_version.ignore(\"{$errid}\")'>Ignore for two days</a>";
                }
                $m .= "</div>";
            }
            $messages[] = $m . "</div>\n";
            $_SESSION["updatecheck"] = 0;
        }
    }
}
if (!count($messages)) {
    echo "{\"ok\":true}\n";
Esempio n. 5
0
 public function toHTML()
 {
     $text = $this->text;
     // block
     $text = $this->parseBox($text);
     $text = $this->parseCode($text);
     $text = $this->parseList($text);
     $text = $this->parseNotice($text);
     $text = $this->parseQuote($text);
     $text = $this->parseHeading($text);
     $text = $this->clearSpacesBetweenTags($text);
     // inline
     $text = $this->parseBold($text);
     $text = $this->parseCentre($text);
     $text = $this->parseColour($text);
     $text = $this->parseEmail($text);
     $text = $this->parseImage($text);
     $text = $this->parseItalic($text);
     $text = $this->parseSize($text);
     $text = $this->parseSmilies($text);
     $text = $this->parseSpoiler($text);
     $text = $this->parseStrike($text);
     $text = $this->parseUnderline($text);
     $text = $this->parseUrl($text);
     $text = $this->parseYoutube($text);
     $text = $this->parseProfile($text);
     $text = preg_replace('/\\n/', "\n<br />", $text);
     $text = CleanHTML::purify($text);
     return "<div class='bbcode'>{$text}</div>";
 }
Esempio n. 6
0
 public function toHTML($ignoreLineHeight = false)
 {
     $text = $this->text;
     // block
     $text = $this->parseBox($text);
     $text = $this->parseCode($text);
     $text = $this->parseList($text);
     $text = $this->parseNotice($text);
     $text = $this->parseQuote($text);
     $text = $this->parseHeading($text);
     $text = $this->clearSpacesBetweenTags($text);
     // inline
     $text = $this->parseAudio($text);
     $text = $this->parseBold($text);
     $text = $this->parseCentre($text);
     $text = $this->parseColour($text);
     $text = $this->parseEmail($text);
     $text = $this->parseImage($text);
     $text = $this->parseItalic($text);
     $text = $this->parseSize($text);
     $text = $this->parseSmilies($text);
     $text = $this->parseSpoiler($text);
     $text = $this->parseStrike($text);
     $text = $this->parseUnderline($text);
     $text = $this->parseUrl($text);
     $text = $this->parseYoutube($text);
     $text = $this->parseProfile($text);
     $text = str_replace("\n", '<br />', $text);
     $text = CleanHTML::purify($text);
     $className = 'bbcode';
     if ($ignoreLineHeight) {
         $className .= ' bbcode--normal-line-height';
     }
     return "<div class='{$className}'>{$text}</div>";
 }
 public function parse($sv, $si)
 {
     global $Conf;
     $this->nrfj = (object) array();
     $option_error = "Review fields with options must have at least two choices, numbered sequentially from 1 (higher numbers are better) or lettered with consecutive uppercase letters (lower letters are better). Example: <pre>1. Low quality\n    2. Medium quality\n    3. High quality</pre>";
     $rf = ReviewForm::get();
     foreach ($rf->fmap as $fid => $f) {
         $fj = (object) array();
         $sn = simplify_whitespace(defval($sv->req, "shortName_{$fid}", ""));
         if ($sn == "<None>" || $sn == "<New field>" || $sn == "Field name") {
             $sn = "";
         }
         $pos = cvtint(get($sv->req, "order_{$fid}"));
         if ($pos > 0 && $sn == "" && trim(defval($sv->req, "description_{$fid}", "")) == "" && trim(defval($sv->req, "options_{$fid}", "")) == "") {
             $pos = -1;
         }
         if ($sn != "") {
             $fj->name = $sn;
         } else {
             if ($pos > 0) {
                 $sv->set_error("shortName_{$fid}", "Missing review field name.");
             }
         }
         $fj->visibility = get($sv->req, "authorView_{$fid}");
         $x = CleanHTML::basic_clean(defval($sv->req, "description_{$fid}", ""), $err);
         if ($x === false) {
             if (get($f, "description")) {
                 $fj->description = $f->description;
             }
             if ($pos > 0) {
                 $sv->set_error("description_{$fid}", htmlspecialchars($sn) . " description: " . $err);
             }
         } else {
             if (($x = trim($x)) != "") {
                 $fj->description = $x;
             }
         }
         if ($pos > 0) {
             $fj->position = $pos;
         }
         if ($f->has_options) {
             $fj->options = array_values($f->options);
             // default
             if (!$this->check_options($sv, $fid, $fj) && $pos > 0) {
                 $sv->set_error("options_{$fid}", "Invalid options.");
                 if ($option_error) {
                     $sv->set_error(null, $option_error);
                 }
                 $option_error = false;
             }
             $prefixes = array("sv", "svr", "sv-blpu", "sv-publ", "sv-viridis", "sv-viridisr");
             $class_prefix = defval($sv->req, "option_class_prefix_{$fid}", "sv");
             $prefix_index = array_search($class_prefix, $prefixes) ?: 0;
             if (get($sv->req, "option_class_prefix_flipped_{$fid}")) {
                 $prefix_index ^= 1;
             }
             $fj->option_class_prefix = $prefixes[$prefix_index];
         }
         $fj->round_mask = 0;
         if ($rlist = get($sv->req, "round_list_{$fid}")) {
             foreach (explode(" ", trim($rlist)) as $round_name) {
                 $fj->round_mask |= 1 << $Conf->round_number($round_name, false);
             }
         }
         $xf = clone $f;
         $xf->assign($fj);
         $this->nrfj->{$fid} = $xf->unparse_json();
     }
     $sv->need_lock["PaperReview"] = true;
     return true;
 }