/** * Format a [url] tag by producing an <a>...</a> element. * The URL only allows http, https, mailto, and ftp protocols for safety. * * @param KunenaBbcode $bbcode * @param $action * @param $name * @param $default * @param $params * @param $content * @return bool|string */ function DoURL($bbcode, $action, $name, $default, $params, $content) { // We can't check this with BBCODE_CHECK because we may have no URL before the content // has been processed. if ($action == BBCODE_CHECK) { $bbcode->autolink_disable++; return true; } $bbcode->autolink_disable--; $url = is_string($default) ? $default : $bbcode->UnHTMLEncode(strip_tags($content)); $url = preg_replace('# #u', '%20', $url); if (!preg_match('#^(/|https?:|ftp:)#ui', $url)) { // Add scheme to raw domain URLs. $url = "http://{$url}"; } if ($bbcode->IsValidURL($url, false, true)) { if ($bbcode->debug) { echo "ISVALIDURL<br />"; } if ($bbcode->url_targetable !== false && isset($params['target'])) { $target = " target=\"" . htmlspecialchars($params['target']) . "\""; } elseif ($bbcode->url_target !== false) { $target = " target=\"" . htmlspecialchars($bbcode->url_target) . "\""; } else { $target = ''; } return '<a href="' . htmlspecialchars($url) . '" class="bbcode_url" rel="nofollow"' . $target . '>' . $content . '</a>'; } return htmlspecialchars($params['_tag']) . $content . htmlspecialchars($params['_endtag']); }
/** * Format a [url] tag by producing an <a>...</a> element. * The URL only allows http, https, mailto, and ftp protocols for safety. * * @param KunenaBbcode $bbcode * @param $action * @param $name * @param $default * @param $params * @param $content * @return bool|string */ public function DoURL($bbcode, $action, $name, $default, $params, $content) { // We can't check this with BBCODE_CHECK because we may have no URL before the content // has been processed. if ($action == BBCODE_CHECK) { $bbcode->autolink_disable++; return true; } $bbcode->autolink_disable--; $url = $default ? $default : strip_tags($bbcode->UnHTMLEncode($content)); $url = preg_replace('# #u', '%20', $url); if (!preg_match('#^(/|https?:|ftp:)#ui', $url)) { // Add scheme to raw domain URLs. $url = "http://{$url}"; } if (!$bbcode->IsValidURL($url, false, true)) { return htmlspecialchars($params['_tag'], ENT_COMPAT, 'UTF-8') . $content . htmlspecialchars($params['_endtag'], ENT_COMPAT, 'UTF-8'); } if ($bbcode->url_targetable !== false && isset($params['target'])) { $target = $params['target']; } elseif ($bbcode->url_target !== false) { $target = $bbcode->url_target; } else { $target = ''; } $layout = KunenaLayout::factory('BBCode/URL'); if ($layout->getPath()) { return (string) $layout->set('content', $content)->set('url', $url)->set('target', $target); } // TODO: Remove in Kunena 4.0 $target = ' target="' . htmlspecialchars($target, ENT_COMPAT, 'UTF-8') . '"'; return '<a href="' . htmlspecialchars($url, ENT_COMPAT, 'UTF-8') . '" class="bbcode_url" rel="nofollow"' . $target . '>' . $content . '</a>'; }