public static function fromInput(JitFilter $input, array $typeInfo)
{
$options = new Tracker_Options();
$options->info = $typeInfo;
foreach ($typeInfo['params'] as $key => $info) {
$filter = $info['filter'];
if (isset($info['count']) && $info['count'] === '*') {
$rawValue = $input->{$key}->none();
if ($rawValue !== '') {
$values = explode(',', $rawValue);
$filter = TikiFilter::get($filter);
$values = array_map(array($filter, 'filter'), $values);
} else {
$values = '';
}
$options->setParam($key, $values);
} elseif (isset($info['separator'])) {
$input->replaceFilter($key, $filter);
$values = $input->asArray($key, $info['separator']);
$options->setParam($key, $values);
} else {
$options->setParam($key, $input->{$key}->{$filter}());
}
}
return $options;
}
function filter($value)
{
$parserlib = TikiLib::lib('parser');
$noparsed = array();
$parserlib->plugins_remove($value, $noparsed);
$value = TikiFilter::get('xss')->filter($value);
$parserlib->isEditMode = true;
$parserlib->plugins_replace($value, $noparsed, true);
$parserlib->isEditMode = false;
return $value;
}
function action_attach($input)
{
$type = $input->type->text();
$objectFilter = $this->getObjectFilter($type);
if (!$objectFilter) {
throw new Services_Exception(tr('Translation not supported for the specified object type'), 400);
}
$source = $input->source->{$objectFilter}();
$target = $input->target->none();
$target = end(explode(':', $target, 2));
$target = TikiFilter::get($objectFilter)->filter($target);
if (!$source || !$target) {
throw new Services_Exception(tr('No source or target provided'), 400);
}
if (!$this->canAttach($type, $source) || !$this->canAttach($type, $target)) {
throw new Services_Exception(tr('You do not have permission to attach the selected translations'), 403);
}
$succeeded = $this->utilities->insertTranslation($type, $source, $target);
if (!$succeeded) {
throw new Services_Exception(tr('Could not attach the translations.'), 409);
}
return array('FORWARD' => array('action' => 'manage', 'type' => $type, 'source' => $source));
}
private function update_feed($rssId, $url, $actions)
{
global $tikilib;
$filter = new DeclFilter();
$filter->addStaticKeyFilters(array('url' => 'url', 'title' => 'striptags', 'author' => 'striptags', 'description' => 'striptags', 'content' => 'purifier'));
$guidFilter = TikiFilter::get('url');
try {
$content = $tikilib->httprequest($url);
$feed = Zend_Feed_Reader::importString($content);
} catch (Zend_Exception $e) {
$this->modules->update(array('lastUpdated' => $tikilib->now, 'sitetitle' => 'N/A', 'siteurl' => '#'), array('rssId' => $rssId));
return;
}
$siteTitle = TikiFilter::get('striptags')->filter($feed->getTitle());
$siteUrl = TikiFilter::get('url')->filter($feed->getLink());
$this->modules->update(array('lastUpdated' => $tikilib->now, 'sitetitle' => $siteTitle, 'siteurl' => $siteUrl), array('rssId' => $rssId));
foreach ($feed as $entry) {
// TODO: optimize. Atom entries have an 'updated' element which can be used to only update updated entries
$guid = $guidFilter->filter($entry->getId());
$authors = $entry->getAuthors();
$data = $filter->filter(array('title' => $entry->getTitle(), 'url' => $entry->getLink(), 'description' => $entry->getDescription(), 'content' => $entry->getContent(), 'author' => $authors ? implode(', ', $authors->getValues()) : ''));
$data['guid'] = $guid;
if (method_exists($entry, 'getDateCreated') && ($createdDate = $entry->getDateCreated())) {
$data['publication_date'] = $createdDate->get(Zend_Date::TIMESTAMP);
} else {
global $tikilib;
$data['publication_date'] = $tikilib->now;
}
$count = $this->items->fetchCount(array('rssId' => $rssId, 'guid' => $guid));
if (0 == $count) {
$this->insert_item($rssId, $data, $actions);
} else {
$this->update_item($rssId, $data['guid'], $data);
}
}
}
} else {
if ($blog_data['always_owner'] == 'y') {
$author = $blog_data['user'];
} else {
$author = $user;
}
$postId = $bloglib->blog_post($_REQUEST["blogId"], $edit_data, $_REQUEST['excerpt'], $author, $title, isset($_REQUEST['contributions']) ? $_REQUEST['contributions'] : '', $blogpriv, $publishDate, $is_wysiwyg);
$smarty->assign('postId', $postId);
}
if ($prefs['geo_locate_blogpost'] == 'y' && !empty($_REQUEST['geolocation'])) {
TikiLib::lib('geo')->set_coordinates('blog post', $postId, $_REQUEST['geolocation']);
}
// TAG Stuff
$cat_type = 'blog post';
$cat_objid = $postId;
$cat_desc = TikiFilter::get('purifier')->filter(substr($edit_data, 0, 200));
$cat_name = $title;
$cat_href = "tiki-view_blog_post.php?postId=" . urlencode($postId);
$cat_lang = $_REQUEST['lang'];
include_once "freetag_apply.php";
include_once "categorize.php";
require_once 'tiki-sefurl.php';
$smarty->loadPlugin('smarty_modifier_sefurl');
$url = smarty_modifier_sefurl($postId, 'blogpost');
header("location: {$url}");
exit;
}
if ($contribution_needed) {
$smarty->assign('title', $_REQUEST["title"]);
$smarty->assign('parsed_data', $tikilib->parse_data($_REQUEST['data'], array('is_html' => $is_wysiwyg)));
$smarty->assign('data', $_REQUEST['data']);
/**
* @param $siteId
* @param $name
* @param $description
* @param $url
* @param $country
* @param $isValid
* @return mixed
*/
function dir_replace_site($siteId, $name, $description, $url, $country, $isValid)
{
global $prefs;
$name = TikiFilter::get('striptags')->filter($name);
$description = TikiFilter::get('striptags')->filter($description);
$url = TikiFilter::get('url')->filter($url);
$country = TikiFilter::get('word')->filter($country);
if ($siteId) {
$query = "update `tiki_directory_sites` set `name`=?, `description`=?, `url`=?, `country`=?, `isValid`=?, `lastModif`=? where `siteId`=?";
$this->query($query, array($name, $description, $url, $country, $isValid, (int) $this->now, (int) $siteId));
} else {
$query = "insert into `tiki_directory_sites`(`name`,`description`,`url`,`country`,`isValid`,`hits`,`created`,`lastModif`) values(?,?,?,?,?,?,?,?)";
$this->query($query, array($name, $description, $url, $country, $isValid, 0, (int) $this->now, (int) $this->now));
$siteId = $this->getOne("select max(siteId) from `tiki_directory_sites` where `created`=? and `name`=?", array((int) $this->now, $name));
if ($prefs['cachepages'] == 'y') {
$this->cache_url($url);
}
}
require_once 'lib/search/refresh-functions.php';
refresh_index('directory_sites', $siteId);
return $siteId;
}
function smarty_function_object_link_external($smarty, $link_orig, $title = null, $type = null)
{
$cachelib = TikiLib::lib('cache');
$tikilib = TikiLib::lib('tiki');
if (substr($link_orig, 0, 4) === 'www.') {
$link = 'http://' . $link_orig;
} else {
$link = $link_orig;
}
if (!$title) {
if (!($title = $cachelib->getCached($link, 'object_link_ext_title'))) {
$body = $tikilib->httprequest($link);
if (preg_match('|<title>(.+)</title>|', $body, $parts)) {
$title = TikiFilter::get('text')->filter($parts[1]);
} else {
$title = $link_orig;
}
$cachelib->cacheItem($link, $title, 'object_link_ext_title');
}
}
$smarty->loadPlugin('smarty_modifier_escape');
$escapedHref = smarty_modifier_escape($link);
$escapedLink = smarty_modifier_escape($link_orig);
$escapedTitle = smarty_modifier_escape($title);
if ($type == 'external_extended' && "{$link_orig}" != "{$title}") {
$data = '<a rel="external" href="' . $escapedHref . '">' . $escapedLink . '</a>' . "<div class='link_extend_title'><em>" . $escapedTitle . "</em></div>";
} else {
$data = '<a rel="external" href="' . $escapedHref . '">' . $escapedTitle . '</a>';
}
return $data;
}
/*
* This is included in the html generated for each wiki page. It is included for each plugin used on a wiki page.
* The include is of the form <script type="text/javascript" src="tiki-jsplugin.php?plugin=googledoc"></script>
* If no plugin name is given, a list of all the plugins is used instead
* The java script generated defines tiki_plugins["pluginname"] with meta data for the parameters of the plugin.
* This is then used to allow a nice way for the editor of the page to use a form to edit the plug-in when they
* click the little edit icon next to the plug-ins generated html.
*
* Cached by language to allow translations (tiki 5)
*/
header('content-type: application/x-javascript');
header('Expires: ' . gmdate('D, d M Y H:i:s', time() + 3600 * 24 * 365 * 10) . ' GMT');
require_once 'tiki-filter-base.php';
$filter = TikiFilter::get('xss');
$_REQUEST['plugin'] = isset($_GET['plugin']) ? $_GET['plugin'] = $filter->filter($_GET['plugin']) : '';
$filter = TikiFilter::get('alpha');
$_REQUEST['language'] = isset($_GET['language']) ? $_GET['language'] = $filter->filter($_GET['language']) : '';
$all = empty($_REQUEST['plugin']);
$files = array();
if ($all) {
$cache = "temp/cache/wikiplugin_ALL_" . $_REQUEST['language'];
if (file_exists($cache)) {
readfile($cache);
exit;
}
include 'tiki-setup.php';
$parserlib = TikiLib::lib('parser');
$plugins = $parserlib->plugin_get_list();
} else {
$plugin = basename($_REQUEST['plugin']);
$cache = 'temp/cache/wikiplugin_' . $plugin . '_' . $_REQUEST['language'];
function __construct($filter)
{
$this->filter = TikiFilter::get($filter);
}
function add_article_type_attribute($artType, $attributeName)
{
$relationlib = TikiLib::lib('relation');
$attributelib = TikiLib::lib('attribute');
$fullAttributeName = TikiFilter::get('attribute_type')->filter(trim('tiki.article.' . $attributeName));
$relationId = $relationlib->add_relation('tiki.article.attribute', 'articletype', $artType, 'attribute', $fullAttributeName);
if (!$relationId) {
return 0;
} else {
$attributelib->set_attribute('relation', $relationId, 'tiki.relation.target', $attributeName);
return $relationId;
}
}
/**
* @param $name
* @return mixed
*/
private function get_valid($name)
{
$filter = TikiFilter::get('attribute_type');
return $filter->filter($name);
}
function parseOptions($raw, $typeInfo)
{
$out = array();
foreach ($typeInfo['params'] as $key => $info) {
if (isset($info['count']) && $info['count'] === '*') {
// There is a possibility that * does not mean all of the remaining, to apply reasonable heuristic
$filter = TikiFilter::get($info['filter']);
$outarray = array();
foreach ($raw as $r) {
$filtered = $filter->filter($r);
if (strcmp($filtered, $r) == 0) {
$outarray[] = array_shift($raw);
} else {
break;
}
}
$out[$key] = implode(',', $outarray);
} else {
$out[$key] = array_shift($raw);
}
}
return $out;
}
function getFilter($key)
{
return TikiFilter::get($this->rules[$key]);
}
private function _getTextareaValue($info, $data)
{
$name = $info['preference'];
if (isset($info['filter']) && ($filter = TikiFilter::get($info['filter']))) {
$value = $filter->filter($data[$name]);
} else {
$value = $data[$name];
}
$value = str_replace("\r", "", $value);
if (isset($info['unserialize'])) {
$fnc = $info['unserialize'];
return $fnc($value);
} else {
return $value;
}
}
private function plugin_apply_filters($name, &$data, &$args, $parseOptions)
{
global $tikilib;
$info = $this->plugin_info($name);
$default = TikiFilter::get(isset($info['defaultfilter']) ? $info['defaultfilter'] : 'xss');
// Apply filters on the body
$filter = isset($info['filter']) ? TikiFilter::get($info['filter']) : $default;
//$data = TikiLib::htmldecode($data); // jb 9.0 commented out in fix for html entitles
$data = $filter->filter($data);
if (isset($parseOptions) && (!empty($parseOptions['is_html']) && !$parseOptions['is_html'])) {
$noparsed = array('data' => array(), 'key' => array());
$this->strip_unparsed_block($data, $noparsed);
$data = str_replace(array('<', '>'), array('<', '>'), $data);
foreach ($noparsed['data'] as &$instance) {
$instance = '~np~' . $instance . '~/np~';
}
unset($instance);
$data = str_replace($noparsed['key'], $noparsed['data'], $data);
}
// Make sure all arguments are declared
$params = $info['params'];
if (!isset($info['extraparams']) && is_array($params)) {
$args = array_intersect_key($args, $params);
}
// Apply filters on values individually
if (!empty($args)) {
foreach ($args as $argKey => &$argValue) {
if (!isset($params[$argKey])) {
continue;
// extra params
}
$paramInfo = $params[$argKey];
$filter = isset($paramInfo['filter']) ? TikiFilter::get($paramInfo['filter']) : $default;
$argValue = TikiLib::htmldecode($argValue);
if (isset($paramInfo['separator'])) {
$vals = array();
$vals = $tikilib->array_apply_filter($tikilib->multi_explode($paramInfo['separator'], $argValue), $filter);
$argValue = array_values($vals);
} else {
$argValue = $filter->filter($argValue);
}
}
}
}
$msg = '';
if (isset($_REQUEST['save']) && $prefs['feature_contribution'] === 'y' && $prefs['feature_contribution_mandatory'] === 'y' && (empty($_REQUEST['contributions']) || count($_REQUEST['contributions']) <= 0)) {
$contribution_needed = true;
$smarty->assign('contribution_needed', 'y');
} else {
$contribution_needed = false;
}
if (isset($_REQUEST['save']) && $prefs['feature_categories'] === 'y' && $prefs['feature_wiki_mandatory_category'] >= 0 && (empty($_REQUEST['cat_categories']) || count($_REQUEST['cat_categories']) <= 0)) {
$category_needed = true;
$smarty->assign('category_needed', 'y');
} else {
$category_needed = false;
}
if (isset($_REQUEST["save"]) && !$category_needed && !$contribution_needed) {
if (strtolower($pagename) !== 'sandbox' || $tiki_p_admin === 'y') {
$description = TikiFilter::get('striptags')->filter($description);
if ($tikilib->page_exists($pagename)) {
if ($prefs['feature_multilingual'] === 'y') {
$info = $tikilib->get_page_info($pagename);
if ($info['lang'] !== $pageLang) {
include_once "lib/multilingual/multilinguallib.php";
if ($multilinguallib->updateObjectLang('wiki page', $info['page_id'], $pageLang, true)) {
$pageLang = $info['lang'];
$smarty->assign('msg', tra("The language can't be changed as its set of translations has already this language"));
$smarty->display("error.tpl");
die;
}
}
}
$tikilib->update_page($pagename, $part["body"], tra('page imported'), $author, $authorid, $description, 0, $pageLang, false, $hash);
} else {
public function replaceReferences(&$data, $suppliedUserData = false)
{
if ($suppliedUserData === false) {
$suppliedUserData = $this->getRequiredInput();
}
if (is_array($data)) {
foreach ($data as &$sub) {
$this->replaceReferences($sub, $suppliedUserData);
}
$toReplace = array();
foreach (array_keys($data) as $key) {
$newKey = $key;
$this->replaceReferences($newKey, $suppliedUserData);
if ($newKey != $key) {
$toReplace[$key] = $newKey;
}
}
foreach ($toReplace as $old => $new) {
$data[$new] = $data[$old];
unset($data[$old]);
}
} else {
if (preg_match(self::SHORT_PATTERN, $data, $parts)) {
$object = $this->convertReference($parts);
$data = self::getObjectReference($object);
return;
}
$needles = array();
$replacements = array();
if (preg_match_all(self::LONG_PATTERN, $data, $parts, PREG_SET_ORDER)) {
foreach ($parts as $row) {
$object = $this->convertReference($row);
$needles[] = $row[0];
$replacements[] = self::getObjectReference($object);
}
}
if (preg_match_all(self::INFO_REQUEST, $data, $parts, PREG_SET_ORDER)) {
foreach ($parts as $row) {
list($full, $label, $junk, $filter, $default) = $row;
if (!array_key_exists($label, $suppliedUserData)) {
$value = $default;
} else {
$value = $suppliedUserData[$label];
}
if ($filter) {
$value = TikiFilter::get($filter)->filter($value);
} else {
$value = TikiFilter::get('xss')->filter($value);
}
if (empty($value)) {
$value = $default;
}
$needles[] = $full;
$replacements[] = $value;
}
}
if (count($needles)) {
$data = str_replace($needles, $replacements, $data);
}
$needles = array();
$replacements = array();
// Replace date formats D(...) to unix timestamps
if (preg_match_all("/D\\(([^\\)]+)\\)/", $data, $parts, PREG_SET_ORDER)) {
foreach ($parts as $row) {
list($full, $date) = $row;
if (false !== ($conv = strtotime($date))) {
$needles[] = $full;
$replacements = $conv;
}
}
}
if (count($needles)) {
$data = str_replace($needles, $replacements, $data);
}
}
}
private function applyFilters()
{
global $tikilib;
$default = TikiFilter::get(isset($this->info['defaultfilter']) ? $this->info['defaultfilter'] : 'xss');
// Apply filters on the body
$filter = isset($this->info['filter']) ? TikiFilter::get($this->info['filter']) : $default;
$this->body = $filter->filter($this->body);
if (!$this->parser->getOption('is_html')) {
$noparsed = array('data' => array(), 'key' => array());
//$this->striUnparsedBlock($this->body, $noparsed);
$body = str_replace(array('<', '>'), array('<', '>'), $this->body);
foreach ($noparsed['data'] as &$instance) {
$instance = '~np~' . $instance . '~/np~';
}
unset($instance);
$this->body = str_replace($noparsed['key'], $noparsed['data'], $body);
}
// Make sure all arguments are declared
$params =& $this->info['params'];
if (!isset($this->info['extraparams']) && is_array($params)) {
$this->args = array_intersect_key($this->args, $params);
}
// Apply filters on values individually
if (!empty($this->args)) {
foreach ($this->args as $argKey => &$argValue) {
$paramInfo = $params[$argKey];
$filter = isset($paramInfo['filter']) ? TikiFilter::get($paramInfo['filter']) : $default;
$argValue = TikiLib::htmldecode($argValue);
if (isset($paramInfo['separator'])) {
$vals = $tikilib->array_apply_filter($tikilib->multi_explode($paramInfo['separator'], $argValue), $filter);
$argValue = array_values($vals);
} else {
$argValue = $filter->filter($argValue);
}
}
}
}
}
}
$newPermissions = get_assign_permissions();
$permissionApplier->apply($newPermissions);
if (isset($_REQUEST['group'])) {
$smarty->assign('groupName', $_REQUEST['group']);
}
}
if (isset($_REQUEST['remove'])) {
$access->check_authenticity(tra('Are you sure you want to remove the direct permissions from this object?'));
$newPermissions = new Perms_Reflection_PermissionSet();
$permissionApplier->apply($newPermissions);
}
if (isset($_REQUEST['copy'])) {
$newPermissions = get_assign_permissions();
$filter = TikiFilter::get('text');
$to_copy = array('perms' => $newPermissions->getPermissionArray(), 'object' => $filter->filter($_REQUEST['objectId']), 'type' => $filter->filter($_REQUEST['objectType']));
$_SESSION['perms_clipboard'] = $to_copy;
}
if (!empty($_SESSION['perms_clipboard'])) {
$perms_clipboard = $_SESSION['perms_clipboard'];
$smarty->assign('perms_clipboard_source', $perms_clipboard['type'] . (empty($perms_clipboard['object']) ? '' : ' : ') . $perms_clipboard['object']);
if (isset($_REQUEST['paste'])) {
$access->check_authenticity(tra('Are you sure you want paste the copied permissions onto this object?'));
unset($_SESSION['perms_clipboard']);
$set = new Perms_Reflection_PermissionSet();
if (isset($perms_clipboard['perms'])) {
foreach ($perms_clipboard['perms'] as $group => $gperms) {
foreach ($gperms as $perm) {
$set->add($group, $perm);
}
/**
* @param $relation
* @param $cond
* @param $vars
*/
private function apply_relation_condition($relation, &$cond, &$vars)
{
$relation = TikiFilter::get('attribute_type')->filter($relation);
if ($relation) {
if (substr($relation, -1) == '.') {
$relation .= '%';
}
$cond[] = 'relation LIKE ?';
$vars[] = $relation;
}
}
/**
* @param $name
* @param $params
* @return string
*/
function serializeParameters($name, $params)
{
$info = $this->get_module_info($name);
$expanded = array();
foreach ($info['params'] as $name => $def) {
if (isset($def['filter'])) {
$filter = TikiFilter::get($def['filter']);
} else {
$filter = null;
}
if (isset($params[$name]) && $params[$name] !== '') {
if (isset($def['separator']) && strpos($params[$name], $def['separator']) !== false) {
$parts = explode($def['separator'], $params[$name]);
if ($filter) {
foreach ($parts as &$single) {
$single = $filter->filter($single);
$single = trim($single);
}
}
} else {
$parts = $params[$name];
if ($filter) {
$parts = $filter->filter($parts);
}
}
$expanded[$name] = $parts;
}
}
if (empty($expanded)) {
return '';
// http_build_query return NULL or '' depending on system
}
return http_build_query($expanded, '', '&');
}
function add_article_type_attribute($artType, $attributeName)
{
global $relationlib, $attributelib;
if (!is_object($relationlib)) {
include_once 'lib/attributes/relationlib.php';
}
if (!is_object($attributelib)) {
include_once 'lib/attributes/attributelib.php';
}
$fullAttributeName = TikiFilter::get('attribute_type')->filter(trim('tiki.article.' . $attributeName));
$relationId = $relationlib->add_relation('tiki.article.attribute', 'articletype', $artType, 'attribute', $fullAttributeName);
if (!$relationId) {
return 0;
} else {
$attributelib->set_attribute('relation', $relationId, 'tiki.relation.target', $attributeName);
return $relationId;
}
}
/**
* Updates a blog post
*
* @param int $postId
* @param int $blogId
* @param string $data
* @param string $excerpt
* @param string $user
* @param string $title
* @param string $contributions
* @param string $priv
* @param bool $is_wysiwyg
* @access public
* @return void
*/
function update_post($postId, $blogId, $data, $excerpt, $user, $title = '', $contributions = '', $priv = 'n', $created = 0, $is_wysiwyg = FALSE)
{
global $prefs;
$tikilib = TikiLib::lib('tiki');
if ($is_wysiwyg) {
$data = TikiFilter::get('purifier')->filter($data);
$excerpt = TikiFilter::get('purifier')->filter($excerpt);
}
$wysiwyg = $is_wysiwyg == TRUE ? 'y' : 'n';
if ($prefs['feature_blog_edit_publish_date'] == 'y') {
if (!$created) {
$created = $tikilib->now;
}
$query = "update `tiki_blog_posts` set `blogId`=?,`data`=?,`excerpt`=?,`created`=?,`user`=?,`title`=?, `priv`=?, `wysiwyg`=? where `postId`=?";
$result = $this->query($query, array($blogId, $data, $excerpt, $created, $user, $title, $priv, $wysiwyg, $postId));
} else {
$query = "update `tiki_blog_posts` set `blogId`=?,`data`=?,`excerpt`=?,`user`=?,`title`=?, `priv`=?, `wysiwyg`=? where `postId`=?";
$result = $this->query($query, array($blogId, $data, $excerpt, $user, $title, $priv, $wysiwyg, $postId));
}
if ($prefs['feature_actionlog'] == 'y') {
$logslib = TikiLib::lib('logs');
$logslib->add_action('Updated', $blogId, 'blog', "blogId={$blogId}&postId={$postId}#postId{$postId}", '', '', '', '', $contributions);
}
require_once 'lib/search/refresh-functions.php';
refresh_index('blog_posts', $postId);
$tikilib->object_post_save(array('type' => 'blog post', 'object' => $postId), array('content' => $data));
}
/**
* @param $relation
* @param $cond
* @param $vars
*/
private function apply_relation_condition($relation, $cond)
{
$relation = TikiFilter::get('attribute_type')->filter($relation);
if ($relation) {
if (substr($relation, -1) == '.') {
$relation .= '%';
}
$cond['relation'] = $this->table->like($relation);
}
return $cond;
}
function replaceFilter($key, $filter)
{
$filter = TikiFilter::get($filter);
$this->filters[$key] = $filter;
if (isset($this->stored[$key]) && $this->stored[$key] instanceof self) {
$this->stored[$key]->setDefaultFilter($filter);
}
}
function filter($filter)
{
$filter = TikiFilter::get($filter);
return $filter->filter($this->value);
}
function getFilter($key)
{
$pattern = $this->getMatchingPattern($key);
return TikiFilter::get($this->rules[$pattern]);
}
/**
* Triggered errors become exceptions...
* @expectedException Exception
*/
function testUnknown()
{
$this->assertTrue(TikiFilter::get('does_not_exist') instanceof TikiFilter_PreventXss);
}
$is_html = false;
}
}
} else {
if (isset($info['is_html']) and $info['is_html']) {
$is_html = true;
}
}
}
if ($prefs['feature_wikilingo'] == 'n' || $prefs['feature_wikilingo'] == 'y' && isset($_REQUEST['prevent_wikilingo'])) {
if (isset($jitRequest['edit'])) {
// Restore the property for the rest of the script
if ($is_html) {
$data = $jitRequest->edit->none();
$parserlib = TikiLib::lib('parser');
$noparsed = array();
$parserlib->plugins_remove($data, $noparsed);
$data = TikiFilter::get('xss')->filter($data);
$parserlib->isEditMode = true;
$parserlib->plugins_replace($data, $noparsed, true);
$parserlib->isEditMode = false;
$_REQUEST['edit'] = $data;
} else {
$_REQUEST['edit'] = $jitRequest->edit->wikicontent();
}
//html is stored encoded in wysiwyg
if (isset($jitRequest['wysiwyg']) && $jitRequest['wysiwyg'] == 'y') {
$_REQUEST['edit'] = html_entity_decode($_REQUEST['edit'], ENT_QUOTES, 'UTF-8');
}
}
}
} else {
$expireDate = $tikilib->now;
}
if (isset($_REQUEST['allowhtml']) && $_REQUEST['allowhtml'] == 'on' || $_SESSION['wysiwyg'] == 'y') {
$body = $_REQUEST['body'];
$parserlib = TikiLib::lib('parser');
$noparsed = array();
$parserlib->plugins_remove($body, $noparsed);
$body = TikiFilter::get('xss')->filter($body);
$parserlib->isEditMode = true;
$parserlib->plugins_replace($body, $noparsed, true);
$parserlib->isEditMode = false;
$heading = $_REQUEST['heading'];
$noparsed = array();
$parserlib->plugins_remove($heading, $noparsed);
$heading = TikiFilter::get('xss')->filter($heading);
$parserlib->isEditMode = true;
$parserlib->plugins_replace($heading, $noparsed, true);
$parserlib->isEditMode = false;
//html is stored encoded in wysiwyg
if (isset($jitRequest['wysiwyg']) && $jitRequest['wysiwyg'] == 'y') {
$body = html_entity_decode($body, ENT_QUOTES, 'UTF-8');
$heading = html_entity_decode($heading, ENT_QUOTES, 'UTF-8');
}
} else {
$body = strip_tags($_REQUEST['body'], '<a><pre><p><img><hr><b><i>');
$heading = strip_tags($_REQUEST['heading'], '<a><pre><p><img><hr><b><i>');
}
if (isset($_REQUEST['useImage']) && $_REQUEST['useImage'] == 'on') {
$useImage = 'y';
} else {
