lib/Post_Default.php

   1 <?php
   2 /**
   3  * Old & buggy PCRE-based message parser
   4  *
   5  * @author Ant P <p@cpi.merseine.nu>
   6  * @license file://../COPYING
   7  * @version 2.15
   8  * @deprecated because it sucks
   9  */
  10 require_once 'lib/iface.Message3.php';
  11
  12 class Post_Default implements Message3
  13 {
  14     const CHARSET = 'UTF-8'; // Don't change unless you know what you're doing
  15     const URL_DISPLAY_LENGTH = 80;
  16
  17     private $temp_text;
  18     private $output = null;
  19
  20     public static $allowed_html = array(
  21         /* These are the order the HTML 5 spec defines them.
  22            Yes I know HTML 5 is still a draft. Stop fucking whining. */
  23         'blockquote',
  24         'p',
  25         'pre',
  26         'ol', 'ul', 'li', 'dl', 'dt', 'dd',
  27         'em', 'strong', 'small', 'abbr', 'dfn', 'code', 'var', 'samp', 'kbd', 'sup', 'sub', 'q', 'cite',
  28         'ins', 'del'
  29     );
  30
  31     function __construct($input, $formatting = null)
  32     {
  33         // &-Encode everything by default
  34         $temp = htmlspecialchars($input);
  35
  36         // Not allowed full HTML
  37         foreach ( self::$allowed_html as $tag ) {
  38             $preg1[] = '#&lt;('.$tag.')&gt;(.+)&lt;/('.$tag.')&gt;#Usie';
  39         }
  40         $temp = preg_replace($preg1, "'<'.strtolower('$1').'>$2</'.strtolower('$3').'>'", $temp);
  41
  42         // Auto-link URLs
  43         $temp = preg_replace('#(?<=\b)(https?|ftp|irc|ut2004)://(([0-9a-zA-Z\-_.+?/%=;,~:]|&amp;)+(\#[a-zA-Z][0-9a-zA-Z_]*)?)#ie',
  44                             "self::makeurl('$1://$2')", $temp);
  45         $temp = preg_replace('#(?<=\b)(xmpp|aim):(([0-9a-zA-Z\-_.+?/%=;,~:]|&amp;)+\@[0-9a-zA-Z_.]+)#ie',
  46                             "self::makeurl('$1:$2')", $temp);
  47
  48         // Add <br/>s if the no-autobr option isn't given
  49         if ( ! ($formatting & self::HTML_RAW) ) {
  50             $temp = nl2br($temp);
  51
  52             // Trim <br/>s after block elements and other places they shouldn't be
  53             $temp = preg_replace('#<(/?(table|tr|[uod]l)|/(t[dh]|d[dt]|li|p|h[1-6]))>(\s*<br />)+#si',
  54                                 '<$1>', $temp);
  55             // Trim <br/>s within <pre>
  56             $temp = preg_replace('#<pre>(.*)</pre>#Usie',
  57                                 "'<pre>'.str_replace('<br />', '', '$1').'</pre>'", $temp);
  58         }
  59
  60         if ( strpos($this->output, '<script') !== false ) {
  61             throw new Exception('No scripts allowed.');
  62         }
  63
  64         $this->output = str_replace("\r\n", "\n", $temp);
  65     }
  66
  67     private static function makeurl($uri)
  68     {
  69         $uri = html_entity_decode($uri);
  70
  71         return '<a href="'.htmlspecialchars($uri).'" rel="external nofollow">'.( strlen($uri) > self::URL_DISPLAY_LENGTH ?
  72                     htmlspecialchars(substr($uri, 0, self::URL_DISPLAY_LENGTH)).'...' : htmlspecialchars($uri) ).'</a>';
  73     }
  74
  75     function validate()
  76     {
  77         // Check for malformed XML, doesn't really do much else
  78         $parser = xml_parser_create(self::CHARSET);
  79
  80         if ( !xml_parse($parser, '<div>'.$this->output.'</div>', true) ) {
  81             throw new InvalidInputException(xml_error_string(xml_get_error_code($parser)), xml_get_current_line_number($parser));
  82         }
  83     }
  84
  85     function getOutput()
  86     {
  87         return $this->output;
  88     }
  89
  90     function __toString()
  91     {
  92         return $this->output;
  93     }
  94 }
  95 ?>