public function execute(HTTPRequestCustom $request) { if ($this->check_authorizations()) { $pseudo = TextHelper::strprotect(utf8_decode($request->get_string('pseudo', ''))); $contents = TextHelper::htmlentities($request->get_string('contents', ''), ENT_COMPAT, 'UTF-8'); $contents = TextHelper::htmlspecialchars_decode(TextHelper::html_entity_decode($contents, ENT_COMPAT, 'windows-1252')); if ($pseudo && $contents) { //Mod anti-flood, autorisé aux membres qui bénificie de l'autorisation de flooder. $check_time = AppContext::get_current_user()->get_id() !== -1 && ContentManagementConfig::load()->is_anti_flood_enabled() ? PersistenceContext::get_querier()->get_column_value(PREFIX . "shoutbox", 'MAX(timestamp)', 'WHERE user_id = :id', array('id' => AppContext::get_current_user()->get_id())) : ''; if (!empty($check_time) && !AppContext::get_current_user()->check_max_value(AUTH_FLOOD)) { if ($check_time >= time() - ContentManagementConfig::load()->get_anti_flood_duration()) { $code = -1; } } //Vérifie que le message ne contient pas du flood de lien. $config_shoutbox = ShoutboxConfig::load(); $contents = FormatingHelper::strparse($contents, $config_shoutbox->get_forbidden_formatting_tags()); if (!TextHelper::check_nbr_links($contents, $config_shoutbox->get_max_links_number_per_message(), true)) { //Nombre de liens max dans le message. $code = -2; } $shoutbox_message = new ShoutboxMessage(); $shoutbox_message->init_default_properties(); $shoutbox_message->set_login($pseudo); $shoutbox_message->set_user_id(AppContext::get_current_user()->get_id()); $shoutbox_message->set_contents($contents); $shoutbox_message->set_creation_date(new Date()); $code = ShoutboxService::add($shoutbox_message); } else { $code = -3; } } else { $code = -4; } return new JSONResponse(array('code' => $code)); }
* You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * ###################################################*/ define('PATH_TO_ROOT', '../../..'); include_once PATH_TO_ROOT . '/kernel/begin.php'; AppContext::get_session()->no_session_location(); //Permet de ne pas mettre jour la page dans la session. include_once PATH_TO_ROOT . '/kernel/header_no_display.php'; $page_path_to_root = retrieve(REQUEST, 'path_to_root', ''); $page_path = retrieve(REQUEST, 'page_path', ''); //Quel éditeur utiliser ? Si ce n'est pas précisé on prend celui par défaut de l'utilisateur $editor = retrieve(REQUEST, 'editor', ContentFormattingConfig::load()->get_default_editor()); $contents = TextHelper::htmlentities(retrieve(POST, 'contents', ''), ENT_COMPAT, 'UTF-8'); $contents = TextHelper::htmlspecialchars_decode(stripslashes(TextHelper::html_entity_decode($contents))); $ftags = retrieve(POST, 'ftags', TSTRING_UNCHANGE); $forbidden_tags = explode(',', $ftags); $formatting_factory = AppContext::get_content_formatting_service()->create_factory($editor); //On prend le bon parseur avec la bonne configuration $parser = $formatting_factory->get_parser(); $parser->set_content($contents); $parser->set_path_to_root($page_path_to_root); $parser->set_page_path($page_path); if (!empty($forbidden_tags)) { $parser->set_forbidden_tags($forbidden_tags); } $parser->parse(); //On parse la deuxième couche (code, math etc) pour afficher $second_parser = $formatting_factory->get_second_parser(); $second_parser->set_content($parser->get_content());
public function html($string) { return TextHelper::htmlspecialchars_decode($string); }
/** * @desc Highlights a content in a supported language using the appropriate syntax highlighter. * The highlighted languages are numerous: actionscript, asm, asp, bash, c, cpp, csharp, css, d, delphi, fortran, html, * java, javascript, latex, lua, matlab, mysql, pascal, perl, php, python, rails, ruby, sql, text, vb, xml, * PHPBoost templates and PHPBoost BBCode. * @param string $contents Content to highlight * @param string $language Language name * @param bool $line_number Indicate whether or not the line number must be added to the code. * @param bool $inline_code Indicate if the code is multi line. */ private static function highlight_code($contents, $language, $line_number, $inline_code) { $contents = TextHelper::htmlspecialchars_decode($contents); //BBCode PHPBoost if (strtolower($language) == 'bbcode') { $bbcode_highlighter = new BBCodeHighlighter(); $bbcode_highlighter->set_content($contents); $bbcode_highlighter->parse($inline_code); $contents = $bbcode_highlighter->get_content(); } elseif (strtolower($language) == 'tpl' || strtolower($language) == 'template') { require_once PATH_TO_ROOT . '/kernel/lib/php/geshi/geshi.php'; $template_highlighter = new TemplateHighlighter(); $template_highlighter->set_content($contents); $template_highlighter->parse($line_number ? GESHI_NORMAL_LINE_NUMBERS : GESHI_NO_LINE_NUMBERS, $inline_code); $contents = $template_highlighter->get_content(); } elseif (strtolower($language) == 'plain') { $plain_code_highlighter = new PlainCodeHighlighter(); $plain_code_highlighter->set_content($contents); $plain_code_highlighter->parse(); $contents = $plain_code_highlighter->get_content(); } elseif ($language != '') { require_once PATH_TO_ROOT . '/kernel/lib/php/geshi/geshi.php'; $Geshi = new GeSHi($contents, $language); if ($line_number) { $Geshi->enable_line_numbers(GESHI_NORMAL_LINE_NUMBERS); } //No container if we are in an inline tag if ($inline_code) { $Geshi->set_header_type(GESHI_HEADER_NONE); } $contents = '<pre style="display:inline;">' . $Geshi->parse_code() . '</pre>'; } else { $highlight = highlight_string($contents, true); $font_replace = str_replace(array('<font ', '</font>'), array('<span ', '</span>'), $highlight); $contents = preg_replace('`color="(.*?)"`', 'style="color:$1"', $font_replace); } return $contents; }