public function execute(HTTPRequestCustom $request)
{
if ($this->check_authorizations()) {
$pseudo = TextHelper::strprotect(utf8_decode($request->get_string('pseudo', '')));
$contents = TextHelper::htmlentities($request->get_string('contents', ''), ENT_COMPAT, 'UTF-8');
$contents = TextHelper::htmlspecialchars_decode(TextHelper::html_entity_decode($contents, ENT_COMPAT, 'windows-1252'));
if ($pseudo && $contents) {
//Mod anti-flood, autorisé aux membres qui bénificie de l'autorisation de flooder.
$check_time = AppContext::get_current_user()->get_id() !== -1 && ContentManagementConfig::load()->is_anti_flood_enabled() ? PersistenceContext::get_querier()->get_column_value(PREFIX . "shoutbox", 'MAX(timestamp)', 'WHERE user_id = :id', array('id' => AppContext::get_current_user()->get_id())) : '';
if (!empty($check_time) && !AppContext::get_current_user()->check_max_value(AUTH_FLOOD)) {
if ($check_time >= time() - ContentManagementConfig::load()->get_anti_flood_duration()) {
$code = -1;
}
}
//Vérifie que le message ne contient pas du flood de lien.
$config_shoutbox = ShoutboxConfig::load();
$contents = FormatingHelper::strparse($contents, $config_shoutbox->get_forbidden_formatting_tags());
if (!TextHelper::check_nbr_links($contents, $config_shoutbox->get_max_links_number_per_message(), true)) {
//Nombre de liens max dans le message.
$code = -2;
}
$shoutbox_message = new ShoutboxMessage();
$shoutbox_message->init_default_properties();
$shoutbox_message->set_login($pseudo);
$shoutbox_message->set_user_id(AppContext::get_current_user()->get_id());
$shoutbox_message->set_contents($contents);
$shoutbox_message->set_creation_date(new Date());
$code = ShoutboxService::add($shoutbox_message);
} else {
$code = -3;
}
} else {
$code = -4;
}
return new JSONResponse(array('code' => $code));
}
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
###################################################*/
define('PATH_TO_ROOT', '../../..');
include_once PATH_TO_ROOT . '/kernel/begin.php';
AppContext::get_session()->no_session_location();
//Permet de ne pas mettre jour la page dans la session.
include_once PATH_TO_ROOT . '/kernel/header_no_display.php';
$page_path_to_root = retrieve(REQUEST, 'path_to_root', '');
$page_path = retrieve(REQUEST, 'page_path', '');
//Quel éditeur utiliser ? Si ce n'est pas précisé on prend celui par défaut de l'utilisateur
$editor = retrieve(REQUEST, 'editor', ContentFormattingConfig::load()->get_default_editor());
$contents = TextHelper::htmlentities(retrieve(POST, 'contents', ''), ENT_COMPAT, 'UTF-8');
$contents = TextHelper::htmlspecialchars_decode(stripslashes(TextHelper::html_entity_decode($contents)));
$ftags = retrieve(POST, 'ftags', TSTRING_UNCHANGE);
$forbidden_tags = explode(',', $ftags);
$formatting_factory = AppContext::get_content_formatting_service()->create_factory($editor);
//On prend le bon parseur avec la bonne configuration
$parser = $formatting_factory->get_parser();
$parser->set_content($contents);
$parser->set_path_to_root($page_path_to_root);
$parser->set_page_path($page_path);
if (!empty($forbidden_tags)) {
$parser->set_forbidden_tags($forbidden_tags);
}
$parser->parse();
//On parse la deuxième couche (code, math etc) pour afficher
$second_parser = $formatting_factory->get_second_parser();
$second_parser->set_content($parser->get_content());
public function html($string)
{
return TextHelper::htmlspecialchars_decode($string);
}
/**
* @desc Highlights a content in a supported language using the appropriate syntax highlighter.
* The highlighted languages are numerous: actionscript, asm, asp, bash, c, cpp, csharp, css, d, delphi, fortran, html,
* java, javascript, latex, lua, matlab, mysql, pascal, perl, php, python, rails, ruby, sql, text, vb, xml,
* PHPBoost templates and PHPBoost BBCode.
* @param string $contents Content to highlight
* @param string $language Language name
* @param bool $line_number Indicate whether or not the line number must be added to the code.
* @param bool $inline_code Indicate if the code is multi line.
*/
private static function highlight_code($contents, $language, $line_number, $inline_code)
{
$contents = TextHelper::htmlspecialchars_decode($contents);
//BBCode PHPBoost
if (strtolower($language) == 'bbcode') {
$bbcode_highlighter = new BBCodeHighlighter();
$bbcode_highlighter->set_content($contents);
$bbcode_highlighter->parse($inline_code);
$contents = $bbcode_highlighter->get_content();
} elseif (strtolower($language) == 'tpl' || strtolower($language) == 'template') {
require_once PATH_TO_ROOT . '/kernel/lib/php/geshi/geshi.php';
$template_highlighter = new TemplateHighlighter();
$template_highlighter->set_content($contents);
$template_highlighter->parse($line_number ? GESHI_NORMAL_LINE_NUMBERS : GESHI_NO_LINE_NUMBERS, $inline_code);
$contents = $template_highlighter->get_content();
} elseif (strtolower($language) == 'plain') {
$plain_code_highlighter = new PlainCodeHighlighter();
$plain_code_highlighter->set_content($contents);
$plain_code_highlighter->parse();
$contents = $plain_code_highlighter->get_content();
} elseif ($language != '') {
require_once PATH_TO_ROOT . '/kernel/lib/php/geshi/geshi.php';
$Geshi = new GeSHi($contents, $language);
if ($line_number) {
$Geshi->enable_line_numbers(GESHI_NORMAL_LINE_NUMBERS);
}
//No container if we are in an inline tag
if ($inline_code) {
$Geshi->set_header_type(GESHI_HEADER_NONE);
}
$contents = '<pre style="display:inline;">' . $Geshi->parse_code() . '</pre>';
} else {
$highlight = highlight_string($contents, true);
$font_replace = str_replace(array('<font ', '</font>'), array('<span ', '</span>'), $highlight);
$contents = preg_replace('`color="(.*?)"`', 'style="color:$1"', $font_replace);
}
return $contents;
}
