Пример #1
0
/**
 * Callback function for replacing [a@link@target] links in bb code.
 *
 * @param array $found Array of preg matches
 *
 * @return string Replaced string
 */
function PMA_replaceBBLink($found)
{
    /* Check for valid link */
    if (!PMA_checkLink($found[1])) {
        return $found[0];
    }
    /* a-z and _ allowed in target */
    if (!empty($found[3]) && preg_match('/[^a-z_]+/i', $found[3])) {
        return $found[0];
    }
    /* Construct target */
    $target = '';
    if (!empty($found[3])) {
        $target = ' target="' . $found[3] . '"';
        if ($found[3] == '_blank') {
            $target .= ' rel="noopener noreferrer"';
        }
    }
    /* Construct url */
    if (substr($found[1], 0, 4) == 'http') {
        $url = PMA_linkURL($found[1]);
    } else {
        $url = $found[1];
    }
    return '<a href="' . $url . '"' . $target . '>';
}
Пример #2
0
 /**
  * Does the actual work of each specific transformations plugin.
  *
  * @param string $buffer  text to be transformed
  * @param array  $options transformation options
  * @param string $meta    meta information
  *
  * @return string
  */
 public function applyTransformation($buffer, $options = array(), $meta = '')
 {
     $url = (isset($options[0]) ? $options[0] : '') . (isset($options[2]) && $options[2] ? '' : $buffer);
     /* Do not allow javascript links */
     if (!PMA_checkLink($url, true, true)) {
         return htmlspecialchars($url);
     }
     return '<a href="' . htmlspecialchars($url) . '" title="' . htmlspecialchars(isset($options[1]) ? $options[1] : '') . '" target="_blank" rel="noopener noreferrer">' . htmlspecialchars(isset($options[1]) ? $options[1] : $buffer) . '</a>';
 }
Пример #3
0
 /**
  * Does the actual work of each specific transformations plugin.
  *
  * @param string $buffer  text to be transformed
  * @param array  $options transformation options
  * @param string $meta    meta information
  *
  * @return string
  */
 public function applyTransformation($buffer, $options = array(), $meta = '')
 {
     $url = (isset($options[0]) ? $options[0] : '') . $buffer;
     /* Do not allow javascript links */
     if (!PMA_checkLink($url, true, true)) {
         return htmlspecialchars($url);
     }
     return '<a href="' . htmlspecialchars($url) . '" rel="noopener noreferrer" target="_blank"><img src="' . htmlspecialchars($url) . '" border="0" width="' . (isset($options[1]) ? intval($options[1]) : 100) . '" height="' . (isset($options[2]) ? intval($options[2]) : 50) . '" />' . htmlspecialchars($buffer) . '</a>';
 }
Пример #4
0
 /**
  * Create the code for displaying the phpMyAdmin
  * logo based on configuration settings
  *
  * @return string HTML code for the logo
  */
 private function _logo()
 {
     // display Logo, depending on $GLOBALS['cfg']['NavigationDisplayLogo']
     if (!$GLOBALS['cfg']['NavigationDisplayLogo']) {
         return Template::get('navigation/logo')->render(array('displayLogo' => false));
     }
     $logo = 'phpMyAdmin';
     if (@file_exists($GLOBALS['pmaThemeImage'] . 'logo_left.png')) {
         $logo = '<img src="' . $GLOBALS['pmaThemeImage'] . 'logo_left.png" ' . 'alt="' . $logo . '" id="imgpmalogo" />';
     } elseif (@file_exists($GLOBALS['pmaThemeImage'] . 'pma_logo2.png')) {
         $logo = '<img src="' . $GLOBALS['pmaThemeImage'] . 'pma_logo2.png" ' . 'alt="' . $logo . '" id="imgpmalogo" />';
     }
     if (!$GLOBALS['cfg']['NavigationLogoLink']) {
         return Template::get('navigation/logo')->render(array('displayLogo' => true, 'useLogoLink' => false, 'logo' => $logo));
     }
     $useLogoLink = true;
     $linkAttriks = null;
     $logoLink = trim(htmlspecialchars($GLOBALS['cfg']['NavigationLogoLink']));
     // prevent XSS, see PMASA-2013-9
     // if link has protocol, allow only http and https
     if (!PMA_checkLink($logoLink, true)) {
         $logoLink = 'index.php';
     }
     switch ($GLOBALS['cfg']['NavigationLogoLinkWindow']) {
         case 'new':
             $linkAttriks = 'target="_blank" rel="noopener noreferrer"';
             break;
         case 'main':
             // do not add our parameters for an external link
             $host = parse_url($GLOBALS['cfg']['NavigationLogoLink'], PHP_URL_HOST);
             if (empty($host)) {
                 $logoLink .= PMA_URL_getCommon();
             } else {
                 $linkAttriks = 'target="_blank" rel="noopener noreferrer"';
             }
     }
     return Template::get('navigation/logo')->render(array('displayLogo' => true, 'useLogoLink' => $useLogoLink, 'logoLink' => $logoLink, 'linkAttribs' => $linkAttriks, 'logo' => $logo));
 }
Пример #5
0
/**
 * Callback function for replacing [a@link@target] links in bb code.
 *
 * @param array $found Array of preg matches
 *
 * @return string Replaced string
 */
function PMA_replaceBBLink($found)
{
    /* Check for valid link */
    if (!PMA_checkLink($found[1])) {
        return $found[0];
    }
    /* a-z and _ allowed in target */
    if (!empty($found[3]) && preg_match('/[^a-z_]+/i', $found[3])) {
        return $found[0];
    }
    /* Construct target */
    $target = '';
    if (!empty($found[3])) {
        $target = ' target="' . $found[3] . '"';
    }
    /* Construct url */
    if ($GLOBALS['PMA_String']->substr($found[1], 0, 4) == 'http') {
        $url = PMA_linkURL($found[1]);
    } else {
        $url = $found[1];
    }
    return '<a href="' . $url . '"' . $target . '>';
}