function purify($dirty_html)
{
if (is_array($dirty_html)) {
foreach ($dirty_html as $key => $val) {
$dirty_html[$key] = purify($val);
}
return $dirty_html;
}
if (trim($dirty_html) === '') {
return $dirty_html;
}
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML.Doctype', 'XHTML 1.0 Strict');
$config->set('AutoFormat.Linkify', true);
$config->set('CSS.Trusted', true);
$config->set('CSS.AllowTricky', true);
$config->set('Filter.YouTube', true);
$config->set('HTML.SafeObject', true);
$config->set('Output.FlashCompat', true);
$config->set('Output.Newline', '<br />');
$def = $config->getHTMLDefinition(true);
$def->addElement('spoiler', 'Block', 'Flow', 'Common', array());
return HTMLPurifier($dirty_html, $config);
}
/** Update a wiki page
@param array $hash- lock_it,contributions, contributors
@param int $saveLastModif - modification time - pass null for now, unless importing a Wiki page
**/
function update_page($pageName, $edit_data, $edit_comment, $edit_user, $edit_ip, $edit_description = null, $edit_minor = 0, $lang = '', $is_html = null, $hash = null, $saveLastModif = null, $wysiwyg = '', $wiki_authors_style = '')
{
global $prefs;
$histlib = TikiLib::lib('hist');
if (!$edit_user) {
$edit_user = '******';
}
$this->invalidate_cache($pageName);
// Collect pages before modifying edit_data (see update of links below)
$pages = $this->get_pages($edit_data, true);
$this->check_alias($edit_data, $pageName);
if (!$this->page_exists($pageName)) {
return false;
}
// Get this page information
$info = $this->get_page_info($pageName);
if ($edit_description === null) {
$edit_description = $info['description'];
}
// Use largest version +1 in history table rather than tiki_page because versions used to be bugged
// tiki_history is also bugged as not all changes get stored in the history, like minor changes
// and changes that do not modify the body of the page. Both numbers are wrong, but the largest of
// them both is right.
$old_version = max($info["version"], $histlib->get_page_latest_version($pageName));
$user = $info["user"] ? $info["user"] : '******';
$data = $info["data"];
$willDoHistory = $prefs['feature_wiki_history_full'] == 'y' || $data != $edit_data || $info['description'] != $edit_description || $info["comment"] != $edit_comment;
$version = $old_version + ($willDoHistory ? 1 : 0);
if ($is_html === null) {
$html = $info['is_html'];
} else {
$html = $is_html ? 1 : 0;
}
if ($wysiwyg == '') {
$wysiwyg = $info['wysiwyg'];
}
if ($wysiwyg == 'y' && $html != 1 && $prefs['wysiwyg_htmltowiki'] != 'y') {
// correct for html only wysiwyg
$html = 1;
}
$parserlib = TikiLib::lib('parser');
$edit_data = $parserlib->process_save_plugins($edit_data, array('type' => 'wiki page', 'itemId' => $pageName, 'user' => $user));
if ($html == 1 && $prefs['feature_purifier'] != 'n') {
$parserlib->isHtmlPurifying = true;
$parserlib->isEditMode = true;
$noparsed = array();
$parserlib->plugins_remove($edit_data, $noparsed);
require_once 'lib/htmlpurifier_tiki/HTMLPurifier.tiki.php';
$edit_data = HTMLPurifier($edit_data);
$parserlib->plugins_replace($edit_data, $noparsed, true);
$parserlib->isHtmlPurifying = false;
$parserlib->isEditMode = false;
}
if (is_null($saveLastModif)) {
$saveLastModif = $this->now;
}
$queryData = array('description' => $edit_description, 'data' => $edit_data, 'comment' => $edit_comment, 'lastModif' => (int) $saveLastModif, 'version' => $version, 'version_minor' => $edit_minor, 'user' => $edit_user, 'ip' => $edit_ip, 'page_size' => strlen($edit_data), 'is_html' => $html, 'wysiwyg' => $wysiwyg, 'wiki_authors_style' => $wiki_authors_style, 'lang' => $lang);
if ($hash !== null) {
if (!empty($hash['lock_it']) && ($hash['lock_it'] == 'y' || $hash['lock_it'] == 'on')) {
$queryData['flag'] = 'L';
$queryData['lockedby'] = $user;
} else {
if (empty($hash['lock_it']) || $hash['lock_it'] == 'n') {
$queryData['flag'] = '';
$queryData['lockedby'] = '';
}
}
}
if ($prefs['wiki_comments_allow_per_page'] != 'n') {
if (!empty($hash['comments_enabled']) && $hash['comments_enabled'] == 'y') {
$queryData['comments_enabled'] = 'y';
} else {
if (empty($hash['comments_enabled']) || $hash['comments_enabled'] == 'n') {
$queryData['comments_enabled'] = 'n';
}
}
}
if (empty($hash['contributions'])) {
$hash['contributions'] = '';
}
if (empty($hash['contributors'])) {
$hash2 = '';
} else {
foreach ($hash['contributors'] as $c) {
$hash3['contributor'] = $c;
$hash2[] = $hash3;
}
}
$this->table('tiki_pages')->update($queryData, array('pageName' => $pageName));
// Synchronize object comment
if ($prefs['feature_wiki_description'] == 'y') {
$query = 'update `tiki_objects` set `description`=? where `itemId`=? and `type`=?';
$this->query($query, array($edit_description, $pageName, 'wiki page'));
}
//update status, page storage was updated in tiki 9 to be non html encoded
$wikilib = TikiLib::lib('wiki');
$converter = new convertToTiki9();
$converter->saveObjectStatus($this->getOne("SELECT page_id FROM tiki_pages WHERE pageName = ?", array($pageName)), 'tiki_pages');
// Parse edit_data updating the list of links from this page
$this->clear_links($pageName);
// Pages collected above
foreach ($pages as $page => $types) {
$this->replace_link($pageName, $page, $types);
}
if (strtolower($pageName) != 'sandbox' && !$edit_minor) {
$maxversions = $prefs['maxVersions'];
if ($maxversions && ($nb = $histlib->get_nb_history($pageName)) > $maxversions) {
// Select only versions older than keep_versions days
$keep = $prefs['keep_versions'];
$oktodel = $saveLastModif - $keep * 24 * 3600 + 1;
$history = $this->table('tiki_history');
$result = $history->fetchColumn('version', array('pageName' => $pageName, 'lastModif' => $history->lesserThan($oktodel)), $nb - $maxversions, 0, array('lastModif' => 'ASC'));
foreach ($result as $toRemove) {
$histlib->remove_version($pageName, $toRemove);
}
}
}
// This if no longer checks for minor-ness of the change; sendWikiEmailNotification does that.
if ($willDoHistory) {
$this->replicate_page_to_history($pageName);
if (strtolower($pageName) != 'sandbox') {
if ($prefs['feature_contribution'] == 'y') {
// transfer page contributions to the history
$contributionlib = TikiLib::lib('contribution');
$history = $this->table('tiki_history');
$historyId = $history->fetchOne($history->max('historyId'), array('pageName' => $pageName, 'version' => (int) $old_version));
$contributionlib->change_assigned_contributions($pageName, 'wiki page', $historyId, 'history', '', $pageName . '/' . $old_version, "tiki-pagehistory.php?page={$pageName}&preview={$old_version}");
}
}
include_once 'lib/diff/difflib.php';
if (strtolower($pageName) != 'sandbox') {
$logslib = TikiLib::lib('logs');
$bytes = diff2($data, $edit_data, 'bytes');
$logslib->add_action('Updated', $pageName, 'wiki page', $bytes, $edit_user, $edit_ip, '', $this->now, $hash['contributions'], $hash2);
if ($prefs['feature_contribution'] == 'y') {
$contributionlib = TikiLib::lib('contribution');
$contributionlib->assign_contributions($hash['contributions'], $pageName, 'wiki page', $edit_description, $pageName, "tiki-index.php?page=" . urlencode($pageName));
}
}
if ($prefs['feature_multilingual'] == 'y' && $lang) {
// Need to update the translated objects table when an object's language changes.
$this->table('tiki_translated_objects')->update(array('lang' => $lang), array('type' => 'wiki page', 'objId' => $info['page_id']));
}
if ($prefs['wiki_watch_minor'] != 'n' || !$edit_minor) {
// Deal with mail notifications.
include_once 'lib/notifications/notificationemaillib.php';
$histlib = TikiLib::lib('hist');
$old = $histlib->get_version($pageName, $old_version);
$foo = parse_url($_SERVER["REQUEST_URI"]);
$machine = self::httpPrefix(true) . dirname($foo["path"]);
$diff = diff2($old["data"], $edit_data, "unidiff");
sendWikiEmailNotification('wiki_page_changed', $pageName, $edit_user, $edit_comment, $old_version, $edit_data, $machine, $diff, $edit_minor, $hash['contributions'], 0, 0, $lang);
}
}
$tx = $this->begin();
TikiLib::events()->trigger('tiki.wiki.update', array('type' => 'wiki page', 'object' => $pageName, 'namespace' => $wikilib->get_namespace($pageName), 'reply_action' => 'comment', 'user' => $GLOBALS['user'], 'page_id' => $info['page_id'], 'version' => $version, 'data' => $edit_data, 'old_data' => $info['data']));
$tx->commit();
}
if ($_REQUEST['msgid'] > 1) {
$smarty->assign('prev', $_REQUEST['msgid'] - 1);
} else {
$smarty->assign('prev', '');
}
$attachments = array();
// if ($message->isMultipart()) {
// TODO deal with attachments here??
// }
$bodies = $webmaillib->get_mail_content($user, $current['accountId'], $_REQUEST['msgid'], true);
for ($i = 0, $count_bodies = count($bodies); $i < $count_bodies; $i++) {
if ($bodies[$i]['contentType'] == 'text/html') {
$bod = $bodies[$i]['body'];
// Clean the string using HTML Purifier
require_once 'lib/htmlpurifier_tiki/HTMLPurifier.tiki.php';
$bod = HTMLPurifier($bod);
if (preg_match_all('/<[\\/]?body[^>]*>/i', $bod, $m, PREG_OFFSET_CAPTURE) && count($m) > 0 && count($m[0]) > 1) {
// gets positions of the start and end body tags then substr the bit inbetween
$bod = substr($bod, $m[0][0][1] + strlen($m[0][0][0]), $m[0][1][1]);
}
$bod = strip_tags($bod, '<a><b><i><strong><em><p><blockquote><table><tbody><tr><td><th>' . '<ul><li><img><hr><ol><br><h1><h2><h3><h4><h5><h6><div><span>' . '<font><form><input><textarea><checkbox><select><style>');
// try to close malformed html not fixed by the purifier - because people email Really Bad Things and this messes up *lite.css layout
$bod = closetags($bod);
$bodies[$i]['body'] = $bod;
} else {
if ($bodies[$i]['contentType'] == 'text/plain') {
// reply text
$smarty->assign('plainbody', format_email_reply($bodies[$i]['body'], $aux['from'], $aux['date']));
$bodies[$i]['body'] = nl2br($bodies[$i]['body']);
}
}
/**
* Clean cross site scripting exploits from string.
* HTMLPurifier may be used if installed, otherwise defaults to built in method.
* Note - This function should only be used to deal with data upon submission.
* It's not something that should be used for general runtime processing
* since it requires a fair amount of processing overhead.
*
* @param string data to clean
* @param string xss_clean method to use ('htmlpurifier' or defaults to built-in method)
* @return string
*/
public function xss_clean($data, $tool = NULL)
{
if ($tool === NULL) {
// Use the default tool
$tool = Kohana::config('core.global_xss_filtering');
}
if (is_array($data)) {
foreach ($data as $key => $val) {
$data[$key] = $this->xss_clean($val, $tool);
}
return $data;
}
// Do not clean empty strings
if (trim($data) === '') {
return $data;
}
if ($tool === TRUE) {
// NOTE: This is necessary because switch is NOT type-sensative!
$tool = 'default';
}
switch ($tool) {
case 'htmlpurifier':
/**
* @todo License should go here, http://htmlpurifier.org/
*/
if (!class_exists('HTMLPurifier_Config', FALSE)) {
// Load HTMLPurifier
require Kohana::find_file('vendor', 'htmlpurifier/HTMLPurifier.auto', TRUE);
require 'HTMLPurifier.func.php';
}
// Set configuration
$config = HTMLPurifier_Config::createDefault();
$config->set('HTML', 'TidyLevel', 'none');
// Only XSS cleaning now
// Run HTMLPurifier
$data = HTMLPurifier($data, $config);
break;
default:
// http://svn.bitflux.ch/repos/public/popoon/trunk/classes/externalinput.php
// +----------------------------------------------------------------------+
// | Copyright (c) 2001-2006 Bitflux GmbH |
// +----------------------------------------------------------------------+
// | Licensed under the Apache License, Version 2.0 (the "License"); |
// | you may not use this file except in compliance with the License. |
// | You may obtain a copy of the License at |
// | http://www.apache.org/licenses/LICENSE-2.0 |
// | Unless required by applicable law or agreed to in writing, software |
// | distributed under the License is distributed on an "AS IS" BASIS, |
// | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or |
// | implied. See the License for the specific language governing |
// | permissions and limitations under the License. |
// +----------------------------------------------------------------------+
// | Author: Christian Stocker <*****@*****.**> |
// +----------------------------------------------------------------------+
//
// Kohana Modifications:
// * Changed double quotes to single quotes, changed indenting and spacing
// * Removed magic_quotes stuff
// * Increased regex readability:
// * Used delimeters that aren't found in the pattern
// * Removed all unneeded escapes
// * Deleted U modifiers and swapped greediness where needed
// * Increased regex speed:
// * Made capturing parentheses non-capturing where possible
// * Removed parentheses where possible
// * Split up alternation alternatives
// * Made some quantifiers possessive
// Fix &entity\n;
$data = str_replace(array('&', '<', '>'), array('&amp;', '&lt;', '&gt;'), $data);
$data = preg_replace('/(&#*\\w+)[\\x00-\\x20]+;/u', '$1;', $data);
$data = preg_replace('/(&#x*[0-9A-F]+);*/iu', '$1;', $data);
$data = html_entity_decode($data, ENT_COMPAT, 'UTF-8');
// Remove any attribute starting with "on" or xmlns
$data = preg_replace('#(<[^>]+?[\\x00-\\x20"\'])(?:on|xmlns)[^>]*+>#iu', '$1>', $data);
// Remove javascript: and vbscript: protocols
$data = preg_replace('#([a-z]*)[\\x00-\\x20]*=[\\x00-\\x20]*([`\'"]*)[\\x00-\\x20]*j[\\x00-\\x20]*a[\\x00-\\x20]*v[\\x00-\\x20]*a[\\x00-\\x20]*s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:#iu', '$1=$2nojavascript...', $data);
$data = preg_replace('#([a-z]*)[\\x00-\\x20]*=([\'"]*)[\\x00-\\x20]*v[\\x00-\\x20]*b[\\x00-\\x20]*s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:#iu', '$1=$2novbscript...', $data);
$data = preg_replace('#([a-z]*)[\\x00-\\x20]*=([\'"]*)[\\x00-\\x20]*-moz-binding[\\x00-\\x20]*:#u', '$1=$2nomozbinding...', $data);
// Only works in IE: <span style="width: expression(alert('Ping!'));"></span>
$data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?expression[\\x00-\\x20]*\\([^>]*+>#i', '$1>', $data);
$data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?behaviour[\\x00-\\x20]*\\([^>]*+>#i', '$1>', $data);
$data = preg_replace('#(<[^>]+?)style[\\x00-\\x20]*=[\\x00-\\x20]*[`\'"]*.*?s[\\x00-\\x20]*c[\\x00-\\x20]*r[\\x00-\\x20]*i[\\x00-\\x20]*p[\\x00-\\x20]*t[\\x00-\\x20]*:*[^>]*+>#iu', '$1>', $data);
// Remove namespaced elements (we do not need them)
$data = preg_replace('#</*\\w+:\\w[^>]*+>#i', '', $data);
do {
// Remove really unwanted tags
$old_data = $data;
$data = preg_replace('#</*(?:applet|b(?:ase|gsound|link)|embed|frame(?:set)?|i(?:frame|layer)|l(?:ayer|ink)|meta|object|s(?:cript|tyle)|title|xml)[^>]*+>#i', '', $data);
} while ($old_data !== $data);
break;
}
return $data;
}
function filter($data)
{
require_once 'lib/htmlpurifier_tiki/HTMLPurifier.tiki.php';
return HTMLPurifier($data);
}
function process_inbound_mail($forumId)
{
global $prefs;
require_once "lib/webmail/net_pop3.php";
require_once "lib/mail/mimelib.php";
$info = $this->get_forum($forumId);
// for any reason my sybase test machine adds a space to
// the inbound_pop_server field in the table.
$info["inbound_pop_server"] = trim($info["inbound_pop_server"]);
if (!$info["inbound_pop_server"] || empty($info["inbound_pop_server"])) {
return;
}
$pop3 = new Net_POP3();
$pop3->connect($info["inbound_pop_server"]);
$pop3->login($info["inbound_pop_user"], $info["inbound_pop_password"]);
if (!$pop3) {
return;
}
$mailSum = $pop3->numMsg();
//we don't want the operation to time out... this would result in the same messages being imported over and over...
//(messages are only removed from the pop server on a gracefull connection termination... ie .not php or webserver a timeout)
//$maximport should be in a admin config screen, but I don't know how to do that yet.
$maxImport = 10;
if ($mailSum > $maxImport) {
$mailSum = $maxImport;
}
for ($i = 1; $i <= $mailSum; $i++) {
//echo 'loop ' . $i;
$aux = $pop3->getParsedHeaders($i);
// If the mail came from Tiki, we don't need to add it again
if (isset($aux['X-Tiki']) && $aux['X-Tiki'] == 'yes') {
$pop3->deleteMsg($i);
continue;
}
// If the connection is done, or the mail has an error, or whatever,
// we try to delete the current mail (because something is wrong with it)
// and continue on. --rlpowell
if ($aux == FALSE) {
$pop3->deleteMsg($i);
continue;
}
//echo '<pre>';
//print_r ($aux);
//echo '</pre>';
if (!isset($aux['From'])) {
if (isset($aux['Return-path'])) {
$aux['From'] = $aux['Return-path'];
} else {
$aux['From'] = "";
$aux['Return-path'] = "";
}
}
//try to get the date from the email:
$postDate = strtotime($aux['Date']);
if ($postDate == false) {
$postDate = $this->now;
}
//save the original email address, if we don't get a user match, then we
//can at least give some info about the poster.
$original_email = $aux["From"];
//fix mailman addresses, or there is no chance to get a match
$aux["From"] = str_replace(' at ', '@', $original_email);
preg_match('/<?([-!#$%&\'*+\\.\\/0-9=?A-Z^_`a-z{|}~]+@[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\\.[-!#$%&\'*+\\.\\/0-9=?A-Z^_`a-z{|}~]+)>?/', $aux["From"], $mail);
// should we throw out emails w/ invalid (possibly obfusicated) email addressses?
//this should be an admin option, but I don't know how to put it there yet.
$throwOutInvalidEmails = false;
if (!array_key_exists(1, $mail)) {
if ($throwOutInvalidEmails) {
continue;
}
}
$email = $mail[1];
$full = $pop3->getMsg($i);
$mimelib = new mime();
$output = $mimelib->decode($full);
$body = '';
if ($output['type'] == 'multipart/report') {
// mimelib doesn't seem to parse error reports properly
$pop3->deleteMsg($i);
// and we almost certainly don't want them in the forum
continue;
// so do what exactly? log them somewhere? TODO
}
require_once 'lib/htmlpurifier_tiki/HTMLPurifier.tiki.php';
if ($prefs['feature_forum_parse'] === 'y' && $prefs['forum_inbound_mail_parse_html'] === 'y') {
$body = $mimelib->getPartBody($output, 'html');
if ($body) {
// on some systems HTMLPurifier fails with smart quotes in the html
$body = $mimelib->cleanQuotes($body);
// some emails have invalid font and span tags that create incorrect purifying of lists
$body = preg_replace_callback('/\\<(ul|ol).*\\>(.*)\\<\\/(ul|ol)\\>/Umis', array($this, 'process_inbound_mail_cleanlists'), $body);
// Clean the string using HTML Purifier next
$body = HTMLPurifier($body);
// html emails require some speciaal handling
$body = preg_replace('/--(.*)--/', '~np~--$1--~/np~', $body);
// disable strikethough syntax
$body = preg_replace('/\\{(.*)\\}/', '~np~{$1}~/np~', $body);
// disable plugin type things
// special handling for MS links which contain underline tags in the label which wiki doesn't like
$body = preg_replace('/(\\<a .*\\>)\\<font .*\\>\\<u\\>(.*)\\<\\/u\\>\\<\\/font\\>\\<\\/a\\>/Umis', '$1$2</a>', $body);
$body = str_replace("<br /><br />", "<br /><br /><br />", $body);
// double linebreaks seem to work better as three?
$body = TikiLib::lib('edit')->parseToWiki($body);
$body = str_replace("\n\n", "\n", $body);
// for some reason emails seem to get line feeds quadrupled
$body = preg_replace('/\\[\\[(.*?)\\]\\]/', '[~np~~/np~[$1]]', $body);
// links surrounded by [square brackets] need help
}
}
if (!$body) {
$body = $mimelib->getPartBody($output, 'text');
if (empty($body)) {
// no text part so look for html
$body = $mimelib->getPartBody($output, 'html');
$body = HTMLPurifier($body);
$body = $this->htmldecode(strip_tags($body));
$body = str_replace("\n\n", "\n", $body);
// and again
$body = str_replace("\n\n", "\n", $body);
}
if ($prefs['feature_forum_parse'] === 'y') {
$body = preg_replace('/--(.*)--/', '~np~--$1--~/np~', $body);
// disable strikethough if...
$body = preg_replace('/\\{(.*)\\}/', '~np~\\{$1\\}~/np~', $body);
// disable plugin type things
}
$body = $mimelib->cleanQuotes($body);
}
if (!empty($info['outbound_mails_reply_link']) && $info['outbound_mails_reply_link'] === 'y') {
$body = preg_replace('/^.*?Reply Link\\: \\<[^\\>]*\\>.*\\r?\\n/m', '', $body);
// remove previous reply links to reduce clutter and confusion
// remove "empty" lines at the end
$lines = preg_split("/(\r\n|\n|\r)/", $body);
$body = '';
$len = count($lines) - 1;
$found = false;
for ($line = $len; $line >= 0; $line--) {
if ($found || !preg_match('/^\\s*\\>*\\s*[\\-]*\\s*$/', $lines[$line])) {
$body = "{$lines[$line]}\r\n{$body}";
$found = true;
}
}
}
// Remove 're:' and [forum]. -rlpowell
$title = trim(preg_replace("/[rR][eE]:/", "", preg_replace("/\\[[-A-Za-z _:]*\\]/", "", $output['header']['subject'])));
$title = $mimelib->cleanQuotes($title);
// trim off < and > from message-id
$message_id = substr($output['header']["message-id"], 1, strlen($output['header']["message-id"]) - 2);
if (isset($output['header']["in-reply-to"])) {
$in_reply_to = substr($output['header']["in-reply-to"], 1, strlen($output['header']["in-reply-to"]) - 2);
} else {
$in_reply_to = '';
}
// Determine user from email
$userName = $this->table('users_users')->fetchOne('login', array('email' => $email));
//use anonomus name feature if we don't have a real name
if (!$userName) {
$anonName = $original_email;
}
//Todo: check permissions
// Determine if the thread already exists first by looking for a mail this is a reply to.
if (!empty($in_reply_to)) {
$parentId = $this->table('tiki_comments')->fetchOne('threadId', array('object' => $forumId, 'objectType' => 'forum', 'message_id' => $in_reply_to));
} else {
$parentId = 0;
}
// if not, check if there's a topic with exactly this title
if (!$parentId) {
$parentId = $this->table('tiki_comments')->fetchOne('threadId', array('object' => $forumId, 'objectType' => 'forum', 'parentId' => 0, 'title' => $title));
}
if (!$parentId) {
// create a thread to discuss a wiki page if the feature is on AND the page exists
if ($prefs['feature_wiki_discuss'] === 'y' && TikiLib::lib('tiki')->page_exists($title)) {
// No thread already; create it.
$temp_msid = '';
$parentId = $this->post_new_comment('forum:' . $forumId, 0, $userName, $title, sprintf(tra("Use this thread to discuss the %s page."), "(({$title}))"), $temp_msid, $in_reply_to);
$this->register_forum_post($forumId, 0);
// First post is in reply to this one
$in_reply_to = $temp_msid;
} else {
$parentId = 0;
}
}
// post
$threadid = $this->post_new_comment('forum:' . $forumId, $parentId, $userName, $title, $body, $message_id, $in_reply_to, 'n', '', '', '', $anonName, $postDate);
$this->register_forum_post($forumId, $parentId);
// Process attachments
if (array_key_exists('parts', $output) && count($output['parts']) > 1) {
$forum_info = $this->get_forum($forumId);
if ($forum_info['att'] != 'att_no') {
$errors = array();
foreach ($output['parts'] as $part) {
if (array_key_exists('disposition', $part)) {
if ($part['disposition'] == 'attachment') {
if (!empty($part['d_parameters']['filename'])) {
$part_name = $part['d_parameters']['filename'];
} else {
if (preg_match('/filename=([^;]*)/', $part['d_parameters']['atend'], $mm)) {
// not sure what this is but it seems to have the filename in it
$part_name = $mm[1];
} else {
$part_name = "Unnamed File";
}
}
$this->add_thread_attachment($forum_info, $threadid, $errors, $part_name, $part['type'], strlen($part['body']), 1, '', '', $part['body']);
} elseif ($part['disposition'] == 'inline') {
if (!empty($part['parts'])) {
foreach ($part['parts'] as $p) {
$this->add_thread_attachment($forum_info, $threadid, $errors, '-', $p['type'], strlen($p['body']), 1, '', '', $p['body']);
}
} else {
if (!empty($part['body'])) {
$this->add_thread_attachment($forum_info, $threadid, $errors, '-', $part['type'], strlen($part['body']), 1, '', '', $part['body']);
}
}
}
}
}
}
}
// Deal with mail notifications.
if (array_key_exists('outbound_mails_reply_link', $info) && $info['outbound_mails_for_inbound_mails'] == 'y') {
include_once 'lib/notifications/notificationemaillib.php';
sendForumEmailNotification('forum_post_thread', $threadid, $info, $title, $body, $userName, $title, $message_id, $in_reply_to, $threadid, $parentId);
}
$pop3->deleteMsg($i);
}
$pop3->disconnect();
}
/**
*
*/
function HTMLpurify($dirty_html, $set = 'default')
{
if (is_array($dirty_html)) {
foreach ($dirty_html as $key => $val) {
$dirty_html[$key] = purify($val);
}
return $dirty_html;
}
if (trim($dirty_html) === '') {
return $dirty_html;
}
require_once FCPATH . "assets/htmlpurifier/library/HTMLPurifier.auto.php";
require_once FCPATH . "assets/htmlpurifier/library/HTMLPurifier.func.php";
$config = HTMLPurifier_Config::createDefault();
if (!file_exists('content/cache/HTMLPurifier')) {
mkdir('content/cache/HTMLPurifier');
}
$config->set('HTML.Doctype', 'XHTML 1.0 Strict');
$config->set('Cache.SerializerPath', FCPATH . 'content/cache/HTMLPurifier');
switch ($set) {
case 'default':
break;
case 'unallowed':
$config->set('HTML.AllowedElements', '');
break;
}
return HTMLPurifier($dirty_html, $config);
}