4 this allows for remote embedding without exposing the hosting site to remote javascript.
9 function mv_embed_iframe() {
10 if( !function_exists( 'filter_input' ) ){
11 die( 'your version of PHP lacks <b>filter_input()</b> function<br />' );
13 // default to null media in not provided:
14 $stream_name = ( isset( $_GET['sn'] ) )?
$_GET['sn'] : die('no stream name provided');
15 $time = ( isset( $_GET['t'] ) )?
$_GET['t']: '';
16 $width = ( isset( $_GET['width'] ) )?
intval( $_GET['width'] ) : '400';
17 $height = ( isset( $_GET['height'] ) )?
intval( $_GET['height'] ) : '300'; //
19 $roe_url = 'http://metavid.org/wiki/Special:MvExportStream?feed_format=roe&stream_name=' . htmlspecialchars( $stream_name ) .
20 '&t=' . htmlspecialchars( $time );
21 //everything good output page:
23 'roe_url' => $roe_url,
28 function output_page( $params ){
31 <!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
32 <html xmlns
="http://www.w3.org/1999/xhtml">
34 <meta http
-equiv
="Content-Type" content
="text/html; charset=iso-8859-1" />
35 <title
>mv_embed iframe
</title
>
36 <style type
="text/css">
46 <script type
="text/javascript" src
="mv_embed.js"></script
>
49 <video roe
="<?php echo $roe_url ?>" width
="<?php echo htmlspecialchars( $width ) ?>"
50 height
="<?php echo htmlspecialchars( $height ) ?>"></video
>
57 * JS escape function copied from MediaWiki's Xml::escapeJsString()
59 function escapeJsString( $string ) {
60 // See ECMA 262 section 7.8.4 for string literal format
68 # To avoid closing the element or CDATA section
72 # To avoid any complaints about bad entity refs
75 # Work around https://bugzilla.mozilla.org/show_bug.cgi?id=274152
76 # Encode certain Unicode formatting chars so affected
77 # versions of Gecko don't misinterpret our strings;
78 # this is a common problem with Farsi text.
79 "\xe2\x80\x8c" => "\\u200c", // ZERO WIDTH NON-JOINER
80 "\xe2\x80\x8d" => "\\u200d", // ZERO WIDTH JOINER
82 return strtr( $string, $pairs );