public function strip($str) { if (count($this->_replacements) > 0) { $str = JCommentsText::br2nl($str); $str = preg_replace($this->_replacements['code'], '\\1\\3', $str); $str = JCommentsText::nl2br($str); } return $str; }
public static function prepareValues(&$values) { foreach ($values as $k => $v) { if ($k == 'comment') { // strip all HTML except [code] $m = array(); preg_match_all('#(\\[code\\=?([a-z0-9]*?)\\].*\\[\\/code\\])#isU' . JCOMMENTS_PCRE_UTF8, trim($v), $m); $tmp = array(); $key = ''; foreach ($m[1] as $code) { $key = '{' . md5($code . $key) . '}'; $tmp[$key] = $code; $v = preg_replace('#' . preg_quote($code, '#') . "#isU" . JCOMMENTS_PCRE_UTF8, $key, $v); } $v = trim(strip_tags($v)); // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $v = stripslashes($v); } $v = JCommentsText::nl2br($v); foreach ($tmp as $key => $code) { if (get_magic_quotes_gpc() == 1) { $code = str_replace('\\"', '"', $code); $code = str_replace("\\'", "'", $code); } $v = preg_replace('#' . preg_quote($key, '#') . "#isU" . JCOMMENTS_PCRE_UTF8, $code, $v); } unset($tmp, $m); $values[$k] = $v; } else { $values[$k] = trim(strip_tags($v)); // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $values[$k] = stripslashes($values[$k]); } } } // for Joomla 1.5 change encoding is not needed if (JCOMMENTS_JVERSION == '1.0') { return self::convertEncoding($values); } else { return $values; } }
public static function prepareValues(&$values) { foreach ($values as $k => $v) { if ($k == 'comment') { // strip all HTML except [code] $m = array(); preg_match_all('#(\\[code\\=?([a-z0-9]*?)\\].*\\[\\/code\\])#isUu', trim($v), $m); $tmp = array(); $key = ''; foreach ($m[1] as $code) { $key = '{' . md5($code . $key) . '}'; $tmp[$key] = $code; $v = preg_replace('#' . preg_quote($code, '#') . '#isUu', $key, $v); } $v = trim(strip_tags($v)); // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $v = stripslashes($v); } $v = JCommentsText::nl2br($v); foreach ($tmp as $key => $code) { if (get_magic_quotes_gpc() == 1) { $code = str_replace('\\"', '"', $code); $code = str_replace('\'', "'", $code); } $v = preg_replace('#' . preg_quote($key, '#') . '#isUu', $code, $v); } unset($tmp, $m); $values[$k] = $v; } else { $values[$k] = trim(strip_tags($v)); // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $values[$k] = stripslashes($values[$k]); } } } return $values; }
public function save($data) { $table = $this->getTable(); $pkName = $table->getKeyName(); $pk = !empty($data[$pkName]) ? $data[$pkName] : (int) $this->getState($this->getName() . '.id'); try { if ($pk > 0) { $table->load($pk); } $prevPublished = $table->published; if (!$table->bind($data)) { $this->setError($table->getError()); return false; } if ($table->userid == 0) { $table->name = preg_replace('/[\'"\\>\\<\\(\\)\\[\\]]?+/i', '', $table->name); $table->username = $table->name; } else { $user = JFactory::getUser($table->userid); $table->name = $user->name; $table->username = $user->username; $table->email = $user->email; } if (get_magic_quotes_gpc() == 1) { $table->title = stripslashes($table->title); $table->comment = stripslashes($table->comment); } $table->comment = JCommentsText::nl2br($table->comment); $table->comment = JCommentsFactory::getBBCode()->filter($table->comment); if (!$table->check()) { $this->setError($table->getError()); return false; } if (!$table->store()) { $this->setError($table->getError()); return false; } if ($table->published && $prevPublished != $table->published) { JCommentsNotificationHelper::push(array('comment' => $table), 'comment-new'); } $this->cleanCache('com_jcomments'); } catch (Exception $e) { $this->setError($e->getMessage()); return false; } if (isset($table->{$pkName})) { $this->setState($this->getName() . '.id', $table->{$pkName}); } return true; }
protected function clearComment($value) { // change \n to <br /> $matches = array(); preg_match_all('#(\\[code\\=?([a-z0-9]*?)\\].*\\[\\/code\\])#isUu', trim($value), $matches); $map = array(); $key = ''; foreach ($matches[1] as $code) { $key = '{' . md5($code . $key) . '}'; $map[$key] = $code; $value = preg_replace('#' . preg_quote($code, '#') . '#isUu', $key, $value); } $value = JCommentsText::nl2br($value); foreach ($map as $key => $code) { $value = preg_replace('#' . preg_quote($key, '#') . '#isUu', $code, $value); } // strip bbcodes $patterns = array('/\\[font=(.*?)\\](.*?)\\[\\/font\\]/i', '/\\[size=(.*?)\\](.*?)\\[\\/size\\]/i', '/\\[color=(.*?)\\](.*?)\\[\\/color\\]/i', '/\\[b\\](null|)\\[\\/b\\]/i', '/\\[i\\](null|)\\[\\/i\\]/i', '/\\[u\\](null|)\\[\\/u\\]/i', '/\\[s\\](null|)\\[\\/s\\]/i', '/\\[url=null\\]null\\[\\/url\\]/i', '/\\[img\\](null|)\\[\\/img\\]/i', '/\\[url=(.*?)\\](.*?)\\[\\/url\\]/i', '/\\[email](.*?)\\[\\/email\\]/i', '/\\[quote=\\"?([^\\:\\]]+)(\\:[0-9]+)?\\"?\\]/ism', '/\\[link=\\"?([^\\]]+)\\"?\\]/ism', '/\\[\\/link\\]/ism', '/\\[youtube ([^\\s]+) youtube\\]/ism'); $replacements = array('\\2', '\\2', '\\2', '', '', '', '', '', '', '\\2 ([url]\\1[/url])', '\\1', '[quote name="\\1"]', '[url=\\1]', '[/url]', '[youtube]\\1[/youtube]'); $value = preg_replace($patterns, $replacements, $value); return $value; }
public static function save() { JCommentsSecurity::checkToken(); $task = JCommentsInput::getVar('task'); $id = (int) JCommentsInput::getVar('id', 0); $bbcode = JCommentsFactory::getBBCode(); $db = JCommentsFactory::getDBO(); $row = new JCommentsTableComment($db); if ($row->load($id)) { $prevPublished = $row->published; $row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage'))); $row->email = trim(strip_tags(JCommentsInput::getVar('email'))); $row->title = trim(strip_tags(JCommentsInput::getVar('title'))); $row->comment = trim(strip_tags(JCommentsInput::getVar('comment'))); $row->published = (int) JCommentsInput::getVar('published'); if ($row->userid == 0) { $row->name = strip_tags(JCommentsInput::getVar('name')); $row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name); if ($row->username != $row->name) { $row->username = $row->name; } $row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username); } else { if ($row->name == '' || $row->username == '' || $row->email == '') { $user = JCommentsFactory::getUser($row->userid); $row->name = $row->name == '' ? $user->name : $row->name; $row->username = $row->username == '' ? $user->username : $row->username; $row->email = $row->email == '' ? $user->email : $row->email; } } // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $row->title = stripslashes($row->title); $row->comment = stripslashes($row->comment); } $row->comment = JCommentsText::nl2br($row->comment); $row->comment = $bbcode->filter($row->comment); $row->store(); $row->checkin(); // send notification to comment subscribers if ($row->published && $prevPublished != $row->published) { // TODO: add separate message for just published comments include_once JCOMMENTS_BASE . '/jcomments.php'; $language = JCommentsFactory::getLanguage(); $language->load('com_jcomments', JOOMLATUNE_JPATH_SITE, $row->lang); JComments::sendToSubscribers($row, true); } $cache = JCommentsFactory::getCache('com_jcomments'); $cache->clean(); $cache = JCommentsFactory::getCache($row->object_group); $cache->clean(); } switch ($task) { case 'comments.apply': JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments.edit&hidemainmenu=1&cid[]=' . $row->id); break; case 'comments.save': default: JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments'); break; } }
function save() { $task = JCommentsInput::getVar('task'); $id = (int) JCommentsInput::getVar('id', 0); $bbcode =& JCommentsFactory::getBBCode(); $db =& JCommentsFactory::getDBO(); $row = new JCommentsDB($db); if ($row->load($id)) { $row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage'))); $row->email = trim(strip_tags(JCommentsInput::getVar('email'))); $row->title = trim(strip_tags(JCommentsInput::getVar('title'))); $row->comment = JCommentsInput::getVar('comment'); $row->published = (int) JCommentsInput::getVar('published'); if ($row->userid == 0) { $row->name = strip_tags(JCommentsInput::getVar('name')); $row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name); if ($row->username != $row->name) { $row->username = $row->name; } $row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username); } else { if ($row->name == '' || $row->username == '' || $row->email == '') { $user = JCommentsFactory::getUser($row->userid); $row->name = $row->name == '' ? $user->name : $row->name; $row->username = $row->username == '' ? $user->username : $row->username; $row->email = $row->email == '' ? $user->email : $row->email; } } // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $row->title = stripslashes($row->title); $row->comment = stripslashes($row->comment); } $row->comment = JCommentsText::nl2br($row->comment); $row->comment = $bbcode->filter($row->comment); $row->store(); $row->checkin(); JCommentsCache::cleanCache('com_jcomments'); JCommentsCache::cleanCache($row->object_group); } switch ($task) { case 'apply': JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=edit&hidemainmenu=1&cid[]=' . $row->id); break; case 'save': default: JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments'); break; } }
function strip($str) { if (count($this->_smiles) == 0) { return $str; } $str = JCommentsText::br2nl($str); $str = preg_replace($this->_smiles['code'], '\\1\\3', $str); $str = JCommentsText::nl2br($str); return $str; }