Пример #1
0
/**
* Filters the passed text to remove nasty html and turns urls to html links and embeds youtube and vimeo links
* @param  [type] $content [description]
* @return [type]          [description]
*/
function filter($content)
{
    // strip bad stuff
    $content = safe_html($content);
    // convert links to embedable content TODO much more that that is needed
    // taken from http://stackoverflow.com/questions/19050890/find-youtube-link-in-php-string-and-convert-it-into-embed-code
    // and from http://stackoverflow.com/questions/28563706/how-to-convert-vimeo-url-to-embed-without-letting-go-of-the-text-around-it
    /*
    // 1. Youtube
    $content = preg_replace(
    "/\s*[a-zA-Z\/\/:\.]*youtu(be.com\/watch\?v=|.be\/)([a-zA-Z0-9\-_]+)([a-zA-Z0-9\/\*\-\_\?\&\;\%\=\.]*)/i",
    "<div class=\"embed-responsive embed-responsive-16by9\">
    <iframe src=\"//www.youtube.com/embed/$2\" allowfullscreen frameborder=\"0\" class=\"embed-responsive-item\">
    </iframe></div>", $content);
    
    // 2. Vimeo
    $content = preg_replace('#https?://(www\.)?vimeo\.com/(\d+)#',
    '<div class="embed-responsive embed-responsive-16by9">
    <iframe class="videoFrame" src="//player.vimeo.com/video/$2" frameborder="0" webkitallowfullscreen mozallowfullscreen allowfullscreen class="embed-responsive-item">
    </iframe>
    </div>',$content);
    */
    // add links and returns
    return linkUrlsInTrustedHtml($content);
}
Пример #2
0
 /**
  * @since version 0.90
  *
  * @param $rand
  **/
 function showTimeline($rand)
 {
     global $CFG_GLPI, $DB;
     //get ticket actors
     $ticket_users_keys = $this->getTicketActors();
     $user = new User();
     $followup_obj = new TicketFollowup();
     $pics_url = $CFG_GLPI['root_doc'] . "/pics/timeline";
     $timeline = $this->getTimelineItems();
     //include lib for parsing url
     require GLPI_ROOT . "/lib/urllinker/urllinker.php";
     //display timeline
     echo "<div class='timeline_history'>";
     $tmp = array_values($timeline);
     $first_item = array_shift($tmp);
     // show approbation form on top when ticket is solved
     if ($this->fields["status"] == CommonITILObject::SOLVED) {
         echo "<div class='approbation_form' id='approbation_form{$rand}'>";
         $followup_obj->showApprobationForm($this);
         echo "</div>";
     }
     // show title for timeline
     self::showTimelineHeader();
     $timeline_index = 0;
     foreach ($timeline as $item) {
         $item_i = $item['item'];
         // don't display empty followup (ex : solution approbation)
         if ($item['type'] == 'TicketFollowup' && empty($item_i['content'])) {
             continue;
         }
         $date = "";
         if (isset($item_i['date'])) {
             $date = $item_i['date'];
         }
         if (isset($item_i['date_mod'])) {
             $date = $item_i['date_mod'];
         }
         // check if curent item user is assignee or requester
         $user_position = 'left';
         if (isset($ticket_users_keys[$item_i['users_id']]) && $ticket_users_keys[$item_i['users_id']] == CommonItilActor::ASSIGN || $item['type'] == 'Assign') {
             $user_position = 'right';
         }
         //display solution in middle
         if ($timeline_index == 0 && $item['type'] == "Solution" && $this->fields["status"] == CommonITILObject::SOLVED) {
             $user_position .= ' middle';
         }
         echo "<div class='h_item {$user_position}'>";
         echo "<div class='h_info'>";
         echo "<div class='h_date'>" . Html::convDateTime($date) . "</div>";
         if ($item_i['users_id'] !== false) {
             echo "<div class='h_user'>";
             if (isset($item_i['users_id']) && $item_i['users_id'] != 0) {
                 $user->getFromDB($item_i['users_id']);
                 echo "<div class='tooltip_picture_border'>";
                 echo "<img class='user_picture' alt=\"" . __s('Picture') . "\" src='" . User::getThumbnailURLForPicture($user->fields['picture']) . "'>";
                 echo "</div>";
                 echo $user->getLink();
             } else {
                 _e("Requester");
             }
             echo "</div>";
             // h_user
         }
         echo "</div>";
         //h_date
         echo "<div class='h_content " . $item['type'] . (isset($item_i['status']) ? " " . $item_i['status'] : "") . "'";
         if (!in_array($item['type'], array('Document_Item', 'Assign')) && $item_i['can_edit']) {
             echo " ondblclick='javascript:viewEditSubitem" . $this->fields['id'] . "{$rand}(event, \"" . $item['type'] . "\", " . $item_i['id'] . ", this)'";
         }
         echo ">";
         if (isset($item_i['requesttypes_id']) && file_exists("{$pics_url}/" . $item_i['requesttypes_id'] . ".png")) {
             echo "<img src='{$pics_url}/" . $item_i['requesttypes_id'] . ".png' title='' class='h_requesttype' />";
         }
         if (isset($item_i['content'])) {
             $content = $item_i['content'];
             $content = linkUrlsInTrustedHtml($content);
             //$content = nl2br($content);
             $long_text = "";
             if (substr_count($content, "<br") > 30 || strlen($content) > 2000) {
                 $long_text = "long_text";
             }
             echo "<div class='item_content {$long_text}'>";
             echo "<p>{$content}</p>";
             if (!empty($long_text)) {
                 echo "<p class='read_more'>";
                 echo "<a class='read_more_button'>.....</a>";
                 echo "</p>";
             }
             echo "</div>";
         }
         echo "<div class='b_right'>";
         if (isset($item_i['solutiontypes_id']) && !empty($item_i['solutiontypes_id'])) {
             echo Dropdown::getDropdownName("glpi_solutiontypes", $item_i['solutiontypes_id']) . "<br>";
         }
         if (isset($item_i['taskcategories_id']) && !empty($item_i['taskcategories_id'])) {
             echo Dropdown::getDropdownName("glpi_taskcategories", $item_i['taskcategories_id']) . "<br>";
         }
         if (isset($item_i['actiontime']) && !empty($item_i['actiontime'])) {
             echo "<span class='actiontime'>";
             echo Html::timestampToString($item_i['actiontime'], false);
             echo "</span>";
         }
         if (isset($item_i['state'])) {
             echo "<span class='state state_" . $item_i['state'] . "'>";
             echo Planning::getState($item_i['state']);
             echo "</span>";
         }
         if (isset($item_i['begin'])) {
             echo "<span class='planification'>";
             echo Html::convDateTime($item_i["begin"]);
             echo " &rArr; ";
             echo Html::convDateTime($item_i["end"]);
             echo "</span>";
         }
         if (isset($item_i['users_id_tech'])) {
             echo "<div class='users_id_tech'>";
             $user->getFromDB($item_i['users_id_tech']);
             echo "<div class='tooltip_picture_border'>";
             echo "<img class='user_picture' alt=\"" . __s('Picture') . "\" src='" . User::getThumbnailURLForPicture($user->fields['picture']) . "'>";
             echo "</div>";
             echo $user->getLink();
             echo "</div>";
         }
         // show "is_private" icon
         if (isset($item_i['is_private']) && $item_i['is_private']) {
             echo "<div class='private'>" . __('Private') . "</div>";
         }
         echo "</div>";
         // b_right
         if ($item['type'] == 'Document_Item') {
             $filename = $item_i['filename'];
             $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
             echo "<img src='";
             if (empty($filename)) {
                 $filename = $item_i['name'];
             }
             if (file_exists(GLPI_ROOT . "/pics/icones/{$ext}-dist.png")) {
                 echo $CFG_GLPI['root_doc'] . "/pics/icones/{$ext}-dist.png";
             } else {
                 echo "{$pics_url}/file.png";
             }
             echo "' title='file' />&nbsp;";
             echo "<a href='" . $CFG_GLPI['root_doc'] . "/front/document.send.php?docid=" . $item_i['id'] . "&tickets_id=" . $this->getID() . "' target='_blank'>{$filename}";
             if (in_array($ext, array('jpg', 'jpeg', 'png', 'bmp'))) {
                 echo "<div class='timeline_img_preview'>";
                 echo "<img src='" . $CFG_GLPI['root_doc'] . "/front/document.send.php?docid=" . $item_i['id'] . "&tickets_id=" . $this->getID() . "'/>";
                 echo "</div>";
             }
             echo "</a>";
             if (!empty($item_i['mime'])) {
                 echo "&nbsp;(" . $item_i['mime'] . ")";
             }
             echo "<a href='" . $CFG_GLPI['root_doc'] . "/front/document.form.php?id=" . $item_i['id'] . "' class='edit_document' title='" . _sx("button", "Update") . "'>";
             echo "<img src='{$pics_url}/edit.png' /></a>";
             echo "<a href='" . $CFG_GLPI['root_doc'] . "/front/ticket.form.php?delete_document&documents_id=" . $item_i['id'] . "&tickets_id=" . $this->getID() . "' class='delete_document' title='" . _sx("button", "Delete permanently") . "'>";
             echo "<img src='{$pics_url}/delete.png' /></a>";
         }
         echo "</div>";
         //end h_content
         echo "</div>";
         //end  h_info
         $timeline_index++;
     }
     // end foreach timeline
     echo "<div class='break'></div>";
     // recall ticket content (not needed in classic and splitted layout)
     if (!CommonGLPI::isLayoutWithMain()) {
         echo "<div class='h_item middle'>";
         echo "<div class='h_info'>";
         echo "<div class='h_date'>" . Html::convDateTime($this->fields['date']) . "</div>";
         echo "<div class='h_user'>";
         if (isset($item_i['users_id_recipient']) && $item_i['users_id_recipient'] != 0) {
             $user->getFromDB($this->fields['users_id_recipient']);
             echo "<div class='tooltip_picture_border'>";
             $picture = "";
             if (isset($user->fields['picture'])) {
                 $picture = $user->fields['picture'];
             }
             echo "<img class='user_picture' alt=\"" . __s('Picture') . "\" src='" . User::getThumbnailURLForPicture($picture) . "'>";
             echo "</div>";
             echo $user->getLink();
         } else {
             _e("Requester");
         }
         echo "</div>";
         // h_user
         echo "</div>";
         //h_info
         echo "<div class='h_content TicketContent'>";
         echo "<div class='b_right'>" . __("Ticket recall") . "</div>";
         echo "<div class='ticket_title'>";
         echo html_entity_decode($this->fields['name']);
         echo "</div>";
         echo "<div class='ticket_description'>";
         echo Toolbox::unclean_cross_side_scripting_deep(Html::entity_decode_deep($this->fields['content']));
         echo "</div>";
         echo "</div>";
         // h_content TicketContent
         echo "</div>";
         // h_item middle
         echo "<div class='break'></div>";
     }
     // end timeline
     echo "</div>";
     // h_item $user_position
     echo "<script type='text/javascript'>read_more();</script>";
 }
 /**
  * @param string $text
  * @return string
  */
 protected function linkify($text)
 {
     return linkUrlsInTrustedHtml($text);
 }
Here's the answer: http://www.google.com/search?rls=en&q=42&ie=utf-8&oe=utf-8&hl=en. What was the question?
A quick look at 'http://en.wikipedia.org/wiki/URI_scheme#Generic_syntax' is helpful.
There is no place like 127.0.0.1! Except maybe http://news.bbc.co.uk/1/hi/england/surrey/8168892.stm?
Ports: 192.168.0.1:8080, https://example.net:1234/.
Beware of Greeks bringing internationalized top-level domains (xn--hxajbheg2az3al.xn--jxalpdlp).
10.000.000.000 is not an IP-address. Nor is this.a.domain.

<script>alert('Remember kids: Say no to XSS-attacks! Always HTML escape untrusted input!');</script>

https://mail.google.com/mail/u/0/#starred?compose=141d598cd6e13025
https://www.google.com/search?q=bla%20bla%20bla
https://www.google.com/search?q=bla+bla+bla

We need to support IDNs and IRIs and röck döts:
møøse.kwi.dk/阿驼鹿一旦咬了我的妹妹/من-اليمين-إلى-اليسار-لغات-تخلط-لي.
EOD;
print nl2br(htmlEscapeAndLinkUrls($text));
?>
</p>
<!-- HTML input -->
<?php 
$html = <<<EOD
<p>Send me an <a href="*****@*****.**">e-mail</a> at bob@example.com.</p>
<p>This is already a link: <a href="http://google.com">http://google.com</a></p>
<p title='10>20'>Tricky markup...</p>
EOD;
print linkUrlsInTrustedHtml($html);
?>
</body>
</html>