/** * Callback to prevent media tags from being auto linkified * * @access protected * @param array Matches from the regular expression * @return string Converted text */ protected function _denyMediaLinkify_CallBack($matches) { $_extra = ''; /* Basic checking */ if (stristr($matches[1], 'href')) { return $matches[0]; } if (strlen($matches[2]) < 12) { return $matches[0]; } if (isset($matches[4]) and stristr($matches[4], '</a>')) { return $matches[0]; } /* Check for XSS */ if (!IPSText::xssCheckUrl($matches[2])) { return $matches[0]; } if (substr($matches[2], -1) == ',') { $matches[2] = rtrim($matches[2], ','); $_extra = ','; } /* Check for ! which is &#xx; at this point */ if (preg_match('/&#\\d+?;$/', $matches[2], $_m)) { $matches[2] = str_replace($_m[0], '', $matches[2]); $_extra = $_m[0]; } /* Is this a media URL? */ if ($this->settings['bbcode_automatic_media']) { $media = $this->cache->getCache('mediatag'); if (is_array($media) and count($media)) { foreach ($media as $type => $r) { if (preg_match("#^" . $r['match'] . "\$#is", $matches[2])) { $matches[2] = preg_replace('#(https|http)://#', '\\1--,,--//', $matches[2]); } } } } return $matches[1] . $matches[2] . $_extra; }
/** * Perform first pass through login handler routine * * @access private * @return mixed Boolean on failure else output/redirect */ private function _doFirstPass() { //----------------------------------------- // Do the same cleaning we do when storing url //----------------------------------------- $url = trim($this->request['openid_url']); $url = rtrim($url, "/"); if (!strpos($url, 'http://') === 0 and !strpos($url, 'https://') === 0) { $url = 'http://' . $url; } if (!IPSText::xssCheckUrl($url)) { $this->auth_errors[] = 'bad_url'; $this->return_code = 'WRONG_AUTH'; return false; } $consumer = $this->_getConsumer(); if (!is_object($consumer)) { return false; } //----------------------------------------- // Store some of the input data.. //----------------------------------------- $id = md5(uniqid(mt_rand(), true)); $this->DB->delete('openid_temp', "fullurl='" . $url . "'"); $this->DB->insert('openid_temp', array('id' => $id, 'referrer' => $this->request['referer'], 'cookiedate' => intval($this->request['rememberMe']), 'privacy' => intval($this->request['anonymous']), 'fullurl' => $url)); //----------------------------------------- // Set the URLs //----------------------------------------- $openid = $url; if ($this->is_admin_auth) { $process_url = $this->settings['base_url'] . 'app=core&module=login&do=login-complete&firstpass=1&myopenid=' . $id; } else { $process_url = $this->settings['base_url'] . 'app=core&module=global§ion=login&do=process&firstpass=1&myopenid=' . $id; } $trust_root = strpos($this->settings['base_url'], '.php') !== false ? substr($this->settings['base_url'], 0, strpos($this->settings['base_url'], '.php') + 4) : $this->settings['base_url']; $policy_url = $this->openid_config['openid_policy']; //----------------------------------------- // Begin OpenID Auth //----------------------------------------- $auth_request = $consumer->begin($openid); if (!$auth_request) { $this->return_code = 'WRONG_OPENID'; $this->auth_errors[] = 'bad_request'; return false; } //----------------------------------------- // Set required, optional, policy attribs //----------------------------------------- $sreg_request = Auth_OpenID_SRegRequest::build(explode(',', $this->openid_config['args_req']), explode(',', $this->openid_config['args_opt']), $policy_url); if ($sreg_request) { $auth_request->addExtension($sreg_request); } //----------------------------------------- // Redirect user //----------------------------------------- $redirect_url = $auth_request->redirectURL($trust_root, $process_url); if ($this->request['module'] == 'ajax') { require_once IPS_KERNEL_PATH . 'classAjax.php'; $ajax = new classAjax(); $ajax->returnJsonArray(array('url' => $redirect_url)); } // If the redirect URL can't be built, try HTML inline if (!Auth_OpenID::isFailure($redirect_url)) { header("Location: " . $redirect_url); exit; } else { $form_id = 'openid_message'; $form_html = $auth_request->formMarkup($trust_root, $process_url, false, array('id' => $form_id)); // Display an error if the form markup couldn't be generated; if (Auth_OpenID::isFailure($form_html)) { $this->return_code = 'WRONG_AUTH'; $this->auth_errors[] = 'bad_request'; return false; } else { $page_contents = array("<html><head><title>", "OpenID transaction in progress", "</title></head>", "<body onload='document.getElementById(\"" . $form_id . "\").submit()'>", $form_html, "</body></html>"); print implode("\n", $page_contents); exit; } } }
/** * Callback to auto-parse urls * * @access protected * @param array Matches from the regular expression * @return string Converted text */ protected function _autoParseUrls($matches) { $_extra = ''; /* Basic checking */ if (stristr($matches[1], 'href')) { return $matches[0]; } if (strlen($matches[2]) < 12) { return $matches[0]; } if (isset($matches[4]) and stristr($matches[4], '</a>')) { return $matches[0]; } /* Check for XSS */ if (!IPSText::xssCheckUrl($matches[2])) { return $matches[0]; } if (substr($matches[2], -1) == ',') { $matches[2] = rtrim($matches[2], ','); $_extra = ','; } if (substr($matches[2], -15) == '~~~~~_____~~~~~') { $matches[2] = substr($matches[2], 0, -15); $_extra = '~~~~~_____~~~~~'; } /* Check for ! which is &#xx; at this point */ if (preg_match('/&#\\d+?;$/', $matches[2], $_m)) { $matches[2] = str_replace($_m[0], '', $matches[2]); $_extra = $_m[0]; } /* Is this a media URL? */ if ($this->settings['bbcode_automatic_media'] and isset($this->_bbcodes['display']['media']) and ($this->_bbcodes['display']['media']['bbcode_sections'] == 'all' or in_array($this->parsing_section, explode(',', $this->_bbcodes['display']['media']['bbcode_sections'])))) { $media = $this->cache->getCache('mediatag'); /* Already converted? */ if (in_array($matches[2], $this->_mediaUrlConverted)) { return $matches[0]; } if (is_array($media) and count($media)) { foreach ($media as $type => $r) { if (preg_match("#^" . $r['match'] . "\$#is", $matches[2])) { $this->cache->updateCacheWithoutSaving('_tmp_autoparse_media', 1); $_result = $this->parseBbcode($matches[1] . '[media]' . $matches[2] . '[/media]' . $_extra, 'display', 'media'); $this->cache->updateCacheWithoutSaving('_tmp_autoparse_media', 0); return $_result; } } } } /* It's not media - so we'll use [url] - check we're allowed first */ if (!isset($this->_bbcodes['display']['url']) or $this->_bbcodes['display']['url']['bbcode_sections'] != 'all' and !in_array($this->parsing_section, explode(',', $this->_bbcodes['display']['url']['bbcode_sections']))) { // We're not allowed to use [url] here return $matches[0]; } /* Ensure bbcode is stripped for the actual URL */ /* @link http://community.invisionpower.com/tracker/issue-22580-bbcode-breaks-link-add-bold-formatting-to-part-of-link/ */ if (preg_match('#\\[\\w#', $matches[2])) { $wFormatting = $matches[2]; $matches[2] = $this->stripAllTags($matches[2]); return $this->parseBbcode($matches[1] . '[url="' . $matches[2] . '"]' . $wFormatting . '[/url]' . $_extra, 'display', 'url'); } else { /* Is option enforced? */ if (empty($this->_bbcodes['display']['url']['bbcode_optional_option'])) { return $this->parseBbcode($matches[1] . '[url="' . $matches[2] . '"]' . $matches[2] . '[/url]' . $_extra, 'display', 'url'); } else { return $this->parseBbcode($matches[1] . '[url]' . $matches[2] . '[/url]' . $_extra, 'display', 'url'); } } }
/** * Saves the member's avatar * * @param INT Member's ID to save * @param string Upload field name [Default is "upload_avatar"] * @param string Avatar URL Field [Default is "avatar_url"] * @param string Gallery Avatar Directory Field [Default is "avatar_gallery"] * @param string Gallery Avatar Image Field [Default is "avatar_image"] * @author Brandon Farber, Stolen By Matt 'Haxor' Mecham * <code> * Excepton Codes: * NO_MEMBER_ID: A valid member ID was not passed. * NO_PERMISSION: You do not have permission to change the avatar * UPLOAD_NO_IMAGE: Nothing to upload * UPLOAD_INVALID_FILE_EXT: Incorrect file extension (not an image) * UPLOAD_TOO_LARGE: Upload is larger than allowed * UPLOAD_CANT_BE_MOVED: Upload cannot be moved into the uploads directory * UPLOAD_NOT_IMAGE: Upload is not an image, despite what the file extension says! * NO_AVATAR_TO_SAVE: Nothing to save! * </code> */ public function saveNewAvatar($member_id, $uploadFieldName = 'upload_avatar', $urlFieldName = 'avatar_url', $galleryFieldName = 'avatar_gallery', $avatarGalleryImage = 'avatar_image', $gravatarFieldName = 'gravatar_email') { //----------------------------------------- // INIT //----------------------------------------- $avatar = array(); list($p_width, $p_height) = explode("x", strtolower($this->settings['avatar_dims'])); if (!$member_id) { throw new Exception("NO_MEMBER_ID"); } $member = IPSMember::load($member_id, 'extendedProfile,groups'); if (!$member['member_id']) { throw new Exception("NO_MEMBER_ID"); } //----------------------------------------- // Allowed to upload pics for administrators? //----------------------------------------- if (IPS_AREA != 'public') { if ($member['g_access_cp'] and !$this->registry->getClass('class_permissions')->checkPermission('member_photo_admin', 'members', 'members')) { throw new Exception("NO_PERMISSION"); } } //----------------------------------------- // Upload? //----------------------------------------- if ($_FILES[$uploadFieldName]['name'] != "" and $_FILES[$uploadFieldName]['name'] != "none") { $this->settings['upload_dir'] = str_replace('.', '.', $this->settings['upload_dir']); $real_name = 'av-' . $member_id; require_once IPS_KERNEL_PATH . 'classUpload.php'; $upload = new classUpload(); $upload->out_file_name = $real_name; $upload->out_file_dir = $this->settings['upload_dir']; $upload->max_file_size = $this->settings['avup_size_max'] * 1024 * 8; // Allow xtra for compression $upload->upload_form_field = $uploadFieldName; //----------------------------------------- // Populate allowed extensions //----------------------------------------- if (is_array($this->cache->getCache('attachtypes')) and count($this->cache->getCache('attachtypes'))) { foreach ($this->cache->getCache('attachtypes') as $data) { if ($data['atype_photo']) { if ($data['atype_extension'] == 'swf' and $this->settings['disable_flash']) { continue; } $upload->allowed_file_ext[] = $data['atype_extension']; } } } //----------------------------------------- // Upload... //----------------------------------------- $upload->process(); //----------------------------------------- // Error? //----------------------------------------- if ($upload->error_no) { switch ($upload->error_no) { case 1: // No upload throw new Exception("UPLOAD_NO_IMAGE"); break; case 2: // Invalid file ext throw new Exception("UPLOAD_INVALID_FILE_EXT"); break; case 3: // Too big... throw new Exception("UPLOAD_TOO_LARGE"); break; case 4: // Cannot move uploaded file throw new Exception("UPLOAD_CANT_BE_MOVED"); break; case 5: // Possible XSS attack (image isn't an image) throw new Exception("UPLOAD_NOT_IMAGE"); break; } } $real_name = $upload->parsed_file_name; $im = array(); if (!$this->settings['disable_ipbsize'] and $upload->file_extension != '.swf') { $imageDimensions = getimagesize($this->settings['upload_dir'] . '/' . $real_name); if ($imageDimensions[0] > $p_width or $imageDimensions[1] > $p_height) { require_once IPS_KERNEL_PATH . "classImage.php"; require_once IPS_KERNEL_PATH . "classImageGd.php"; $image = new classImageGd(); $image->init(array('image_path' => $this->settings['upload_dir'], 'image_file' => $real_name)); $return = $image->resizeImage($p_width, $p_height); $image->writeImage($this->settings['upload_dir'] . '/' . $real_name); $im['img_width'] = $return['newWidth'] ? $return['newWidth'] : $image->cur_dimensions['width']; $im['img_height'] = $return['newHeight'] ? $return['newHeight'] : $image->cur_dimensions['height']; } else { $im['img_width'] = $imageDimensions[0]; $im['img_height'] = $imageDimensions[1]; } } else { $w = intval($this->request['man_width']) ? intval($this->request['man_width']) : $p_width; $h = intval($this->request['man_height']) ? intval($this->request['man_height']) : $p_height; $im['img_width'] = $w > $p_width ? $p_width : $w; $im['img_height'] = $h > $p_height ? $p_height : $h; } //----------------------------------------- // Set the "real" avatar.. //----------------------------------------- $avatar['avatar_location'] = $real_name; $avatar['avatar_size'] = $im['img_width'] . 'x' . $im['img_height']; $avatar['avatar_type'] = 'upload'; } else { if ($this->request[$urlFieldName] and IPSText::xssCheckUrl($this->request[$urlFieldName]) === true) { $ext = explode(",", $this->settings['avatar_ext']); $checked = 0; $av_ext = preg_replace("/^.*\\.(\\S+)\$/", "\\1", $this->request[$urlFieldName]); foreach ($ext as $v) { if (strtolower($v) == strtolower($av_ext)) { if ($v == 'swf' and $this->settings['disable_flash']) { throw new Exception("INVALID_FILE_EXT"); } $checked = 1; break; } } if ($checked != 1) { throw new Exception("INVALID_FILE_EXT"); } if (!$this->settings['disable_ipbsize']) { if (!($img_size = @getimagesize($this->request[$urlFieldName]))) { $img_size[0] = $p_width; $img_size[1] = $p_height; } $im = IPSLib::scaleImage(array('max_width' => $p_width, 'max_height' => $p_height, 'cur_width' => $img_size[0], 'cur_height' => $img_size[1])); } else { $w = intval($this->request['man_width']) ? intval($this->request['man_width']) : $p_width; $h = intval($this->request['man_height']) ? intval($this->request['man_height']) : $p_height; $im['img_width'] = $w > $p_width ? $p_width : $w; $im['img_height'] = $h > $p_height ? $p_height : $h; } $avatar['avatar_location'] = trim($this->request[$urlFieldName]); $avatar['avatar_size'] = $im['img_width'] . 'x' . $im['img_height']; $avatar['avatar_type'] = 'url'; } else { if (isset($this->request[$galleryFieldName]) and $this->request[$avatarGalleryImage]) { $directory = ''; if ($this->request[$galleryFieldName]) { $directory = preg_replace("/[^\\s\\w_-]/", "", urldecode($this->request[$galleryFieldName])); if ($directory) { $directory .= '/'; } } $filename = preg_replace("/[^\\s\\w\\._\\-\\[\\]\\(\\)]/", "", urldecode($this->request[$avatarGalleryImage])); if (file_exists(DOC_IPS_ROOT_PATH . PUBLIC_DIRECTORY . '/style_avatars/' . $directory . $filename)) { $avatar['avatar_location'] = $directory . $filename; $avatar['avatar_size'] = ''; $avatar['avatar_type'] = 'local'; } } else { if ($this->request[$gravatarFieldName] && $this->request[$gravatarFieldName] && $this->settings['allow_gravatars']) { $avatar['avatar_location'] = strtolower($this->request[$gravatarFieldName]); $avatar['avatar_type'] = 'gravatar'; } } } } //----------------------------------------- // No avatar image? //----------------------------------------- if (!count($avatar)) { throw new Exception("NO_AVATAR_TO_SAVE"); } else { if ($avatar['avatar_type'] != 'upload') { foreach (array('swf', 'jpg', 'jpeg', 'gif', 'png') as $ext) { if (@file_exists($this->settings['upload_dir'] . "/av-" . $member_id . "." . $ext)) { @unlink($this->settings['upload_dir'] . "/av-" . $member_id . "." . $ext); } } } } //----------------------------------------- // Store and redirect //----------------------------------------- IPSMember::save($member_id, array('extendedProfile' => $avatar)); return TRUE; }
/** * Build the actual output to show * * @access protected * @param array $content Image URL to link to * @param string $option [Optional] Dimension options (width,height) * @return string Content to replace bbcode with */ protected function _buildOutput($content, $option = '') { //----------------------------------------- // Too many media files? //----------------------------------------- $existing = $this->cache->getCache('_tmp_bbcode_media', false); $existing = intval($existing) + 1; if ($this->settings['max_media_files']) { if ($existing > $this->settings['max_media_files']) { $this->error = 'too_many_media'; $classToLoad = IPSLib::loadLibrary('', 'bbcode_plugin_url'); $_urlBbcode = new $classToLoad($this->registry); return $_urlBbcode->run('[url]' . $content . '[/url]'); } } $this->cache->updateCacheWithoutSaving('_tmp_bbcode_media', $existing); //----------------------------------------- // XSS check //----------------------------------------- $content = preg_replace('#(https|http|ftp)&\\#(058|58);//#', '\\1://', $content); if (!IPSText::xssCheckUrl($content)) { return $content; } //----------------------------------------- // Loop through media tags and extract //----------------------------------------- $media = $this->cache->getCache('mediatag'); $original = $content; if (is_array($media) and count($media)) { foreach ($media as $type => $r) { if (preg_match("#^" . $r['match'] . "\$#is", $content)) { $content = preg_replace("#^" . $r['match'] . "\$#is", $r['replace'], $content); if ($option) { list($width, $height) = explode(',', str_replace(array('"', "'", ''', '"'), '', $option)); if ($width and $height) { if ($width > $this->settings['max_w_flash']) { $this->error = 'flash_too_big'; return $original; } if ($height > $this->settings['max_h_flash']) { $this->error = 'flash_too_big'; return $original; } $content = str_replace('{width}', "width='{$width}'", $content); $content = str_replace('{height}', "height='{$height}'", $content); } } else { $content = str_replace('{width}', "", $content); $content = str_replace('{height}', "", $content); } $content = str_replace('{base_url}', $this->settings['board_url'] . '/index.php?', $content); $content = str_replace('{board_url}', $this->settings['board_url'], $content); $content = str_replace('{image_url}', $this->settings['img_url'], $content); preg_match('/\\{text\\.(.+?)\\}/i', $content, $matches); if (is_array($matches) and count($matches)) { $content = str_replace($matches[0], $this->lang->words[$matches[1]], $content); } } } } return $content; }
/** * Build the actual output to show * * @access protected * @param array $content Display text * @param string $option URL to link to * @return string Content to replace bbcode with */ protected function _buildOutput($content, $option) { // This is problematic if url contains a ' or " // $option = str_replace( array( '"', "'", ''', '"' ), '', $option ); //----------------------------------------- // Remove " and ' from beginning + end //----------------------------------------- if (substr($option, 0, 5) == ''') { $option = substr($option, 5); } else { if (substr($option, 0, 6) == '"') { $option = substr($option, 6); } else { if (substr($option, 0, 1) == "'") { $option = substr($option, 1); } else { if (substr($option, 0, 1) == '"') { $option = substr($option, 1); } } } } if (substr($option, -5) == ''') { $option = substr($option, 0, -5); } else { if (substr($option, -6) == '"') { $option = substr($option, 0, -6); } else { if (substr($option, -1) == "'") { $option = substr($option, 0, -1); } else { if (substr($option, -1) == '"') { $option = substr($option, 0, -1); } } } } //----------------------------------------- // Some security checking //----------------------------------------- if (IPSText::xssCheckUrl($option) !== TRUE) { return $content; } /* Check for mangled or embedded URLs */ if (stristr($option, '[attachment') or stristr($option, '[quote') or stristr($option, '[url') or stristr($option, '[/url') or stristr($content, '[url') or stristr($content, '[/url')) { return $content; } //----------------------------------------- // Fix quotes in urls //----------------------------------------- $option = str_replace(array(''', "'"), '%27', $option); $option = str_replace(array('"', '"'), '%22', $option); foreach ($this->cache->getCache('bbcode') as $bbcode) { $_tags = $this->_retrieveTags(); foreach ($_tags as $tag) { if (strpos($option, '[' . $tag) !== false) { return $content; } } } //----------------------------------------- // URL filtering? //----------------------------------------- if ($this->settings['ipb_use_url_filter']) { $list_type = $this->settings['ipb_url_filter_option'] == "black" ? "blacklist" : "whitelist"; if ($this->settings['ipb_url_' . $list_type]) { $list_values = array(); $list_values = explode("\n", str_replace("\r", "", $this->settings['ipb_url_' . $list_type])); if ($list_type == "whitelist") { $list_values[] = "http://{$_SERVER['HTTP_HOST']}/*"; } if (count($list_values)) { $good_url = 0; foreach ($list_values as $my_url) { if (!trim($my_url)) { continue; } $my_url = preg_quote($my_url, '/'); $my_url = str_replace('\\*', "(.*?)", $my_url); if ($list_type == "blacklist") { if (preg_match('/' . $my_url . '/i', $option)) { $this->warning = 'domain_not_allowed'; return $content; } } else { if (preg_match('/' . $my_url . '/i', $option)) { $good_url = 1; } } } if (!$good_url and $list_type == "whitelist") { $this->warning = 'domain_not_allowed'; return $content; } } } } //----------------------------------------- // Let's remove any nested links.. //----------------------------------------- $content = preg_replace('/<a href=\'(.+?)\'(.*?)>(.+?)<\\/a>/is', "\\3", $content); //----------------------------------------- // Need to "truncate" the "content" to ~35 // EDIT: but only if it's the same as content //----------------------------------------- /* Changes here @link http://community.invisionpower.com/tracker/issue-36082-long-links-on-mobile-extend-width/ */ if (empty($this->settings['__noTruncateUrl']) and IPSText::mbstrlen($content) > 38 and (substr($content, 0, 7) == 'http://' or substr($content, 0, 8) == 'https://')) { $content = htmlspecialchars(IPSText::mbsubstr(html_entity_decode(urldecode($content)), 0, 20)) . '...' . htmlspecialchars(IPSText::mbsubstr(html_entity_decode(urldecode($content)), -15)); } //----------------------------------------- // Adding rel='nofollow'? //----------------------------------------- $rels = array(); $rel = ''; $_title = ''; /* Fetch actual host for better matching */ $data = @parse_url($option); if ($this->settings['posts_add_nofollow']) { if (!stristr($data['host'], $_SERVER['HTTP_HOST'])) { $rels[] = "nofollow"; } } if ($this->settings['links_external']) { if (!stristr($data['host'], $_SERVER['HTTP_HOST'])) { /* Look a little closer */ $rels[] = "external"; $_title = $this->lang->words['bbc_external_link']; } } if (count($rels)) { $rel = " rel='" . implode(' ', $rels) . "'"; } return "<a href='{$option}' class='bbc_url' title='{$_title}'{$rel}>{$content}</a>"; }
/** * Build the actual output to show * * @access private * @param array $content Display text * @param string $option URL to link to * @return string Content to replace bbcode with */ private function _buildOutput($content, $option) { // This is problematic if url contains a ' or " // $option = str_replace( array( '"', "'", ''', '"' ), '', $option ); //----------------------------------------- // Remove " and ' from beginning + end //----------------------------------------- if (substr($option, 0, 5) == ''') { $option = substr($option, 5); } else { if (substr($option, 0, 6) == '"') { $option = substr($option, 6); } else { if (substr($option, 0, 1) == "'") { $option = substr($option, 1); } else { if (substr($option, 0, 1) == '"') { $option = substr($option, 1); } } } } if (substr($option, -5) == ''') { $option = substr($option, 0, -5); } else { if (substr($option, -6) == '"') { $option = substr($option, 0, -6); } else { if (substr($option, -1) == "'") { $option = substr($option, 0, -1); } else { if (substr($option, -1) == '"') { $option = substr($option, 0, -1); } } } } //----------------------------------------- // Some security checking //----------------------------------------- if (IPSText::xssCheckUrl($option) !== TRUE) { return $content; } //----------------------------------------- // Fix quotes in urls //----------------------------------------- $option = str_replace(array(''', "'"), '%27', $option); $option = str_replace(array('"', '"'), '%22', $option); foreach ($this->cache->getCache('bbcode') as $bbcode) { $_tags = $this->_retrieveTags(); foreach ($_tags as $tag) { if (strpos($option, '[' . $tag) !== false) { return $content; } } } //----------------------------------------- // URL filtering? //----------------------------------------- if ($this->settings['ipb_use_url_filter']) { $list_type = $this->settings['ipb_url_filter_option'] == "black" ? "blacklist" : "whitelist"; if ($this->settings['ipb_url_' . $list_type]) { $list_values = array(); $list_values = explode("\n", str_replace("\r", "", $this->settings['ipb_url_' . $list_type])); if ($list_type == "whitelist") { $list_values[] = "http://{$_SERVER['HTTP_HOST']}/*"; } if (count($list_values)) { $good_url = 0; foreach ($list_values as $my_url) { if (!trim($my_url)) { continue; } $my_url = preg_quote($my_url, '/'); $my_url = str_replace("\\*", "(.*?)", $my_url); if ($list_type == "blacklist") { if (preg_match('/' . $my_url . '/i', $option)) { $this->error = 'domain_not_allowed'; return $content; } } else { if (preg_match('/' . $my_url . '/i', $option)) { $good_url = 1; } } } if (!$good_url and $list_type == "whitelist") { $this->error = 'domain_not_allowed'; return $content; } } } } //----------------------------------------- // Let's remove any nested links.. //----------------------------------------- $content = preg_replace("/<a href='(.+?)'(.*?)>(.+?)<\\/a>/is", "\\3", $content); //----------------------------------------- // Need to "truncate" the "content" to ~35 // EDIT: but only if it's the same as content //----------------------------------------- if (empty($this->settings['__noTruncateUrl']) and $content == $option and IPSText::mbstrlen($content) > 38) { $content = htmlspecialchars(substr(html_entity_decode($content), 0, 20)) . '...' . htmlspecialchars(substr(html_entity_decode($content), -15)); } //----------------------------------------- // Adding rel='nofollow'? //----------------------------------------- $rels = array(); $rel = ''; if ($this->settings['posts_add_nofollow']) { $rels[] = "nofollow"; } if ($this->settings['links_external']) { $rels[] = "external"; } if (count($rels)) { $rel = " rel='" . implode(' ', $rels) . "'"; } return "<a href='{$option}' class='bbc_url' title='{$this->lang->words['bbc_external_link']}'{$rel}>{$content}</a>"; }