Blame Identity/Webenv/phpBB/3.0.4/includes/acp/acp_bbcodes.php

ef5584
ef5584
/**
ef5584
*
ef5584
* @package acp
ef5584
* @version $Id: acp_bbcodes.php 8743 2008-08-12 16:03:18Z Kellanved $
ef5584
* @copyright (c) 2005 phpBB Group
ef5584
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
ef5584
*
ef5584
*/
ef5584
ef5584
/**
ef5584
* @ignore
ef5584
*/
ef5584
if (!defined('IN_PHPBB'))
ef5584
{
ef5584
	exit;
ef5584
}
ef5584
ef5584
/**
ef5584
* @package acp
ef5584
*/
ef5584
class acp_bbcodes
ef5584
{
ef5584
	var $u_action;
ef5584
ef5584
	function main($id, $mode)
ef5584
	{
ef5584
		global $db, $user, $auth, $template, $cache;
ef5584
		global $config, $phpbb_root_path, $phpbb_admin_path, $phpEx;
ef5584
ef5584
		$user->add_lang('acp/posting');
ef5584
ef5584
		// Set up general vars
ef5584
		$action	= request_var('action', '');
ef5584
		$bbcode_id = request_var('bbcode', 0);
ef5584
ef5584
		$this->tpl_name = 'acp_bbcodes';
ef5584
		$this->page_title = 'ACP_BBCODES';
ef5584
		$form_key = 'acp_bbcodes';
ef5584
ef5584
		add_form_key($form_key);
ef5584
ef5584
		// Set up mode-specific vars
ef5584
		switch ($action)
ef5584
		{
ef5584
			case 'add':
ef5584
				$bbcode_match = $bbcode_tpl = $bbcode_helpline = '';
ef5584
				$display_on_posting = 0;
ef5584
			break;
ef5584
ef5584
			case 'edit':
ef5584
				$sql = 'SELECT bbcode_match, bbcode_tpl, display_on_posting, bbcode_helpline
ef5584
					FROM ' . BBCODES_TABLE . '
ef5584
					WHERE bbcode_id = ' . $bbcode_id;
ef5584
				$result = $db->sql_query($sql);
ef5584
				$row = $db->sql_fetchrow($result);
ef5584
				$db->sql_freeresult($result);
ef5584
ef5584
				if (!$row)
ef5584
				{
ef5584
					trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
				}
ef5584
ef5584
				$bbcode_match = $row['bbcode_match'];
ef5584
				$bbcode_tpl = htmlspecialchars($row['bbcode_tpl']);
ef5584
				$display_on_posting = $row['display_on_posting'];
ef5584
				$bbcode_helpline = $row['bbcode_helpline'];
ef5584
			break;
ef5584
ef5584
			case 'modify':
ef5584
				$sql = 'SELECT bbcode_id, bbcode_tag
ef5584
					FROM ' . BBCODES_TABLE . '
ef5584
					WHERE bbcode_id = ' . $bbcode_id;
ef5584
				$result = $db->sql_query($sql);
ef5584
				$row = $db->sql_fetchrow($result);
ef5584
				$db->sql_freeresult($result);
ef5584
ef5584
				if (!$row)
ef5584
				{
ef5584
					trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
				}
ef5584
ef5584
			// No break here
ef5584
ef5584
			case 'create':
ef5584
				$display_on_posting = request_var('display_on_posting', 0);
ef5584
ef5584
				$bbcode_match = request_var('bbcode_match', '');
ef5584
				$bbcode_tpl = htmlspecialchars_decode(utf8_normalize_nfc(request_var('bbcode_tpl', '', true)));
ef5584
				$bbcode_helpline = utf8_normalize_nfc(request_var('bbcode_helpline', '', true));
ef5584
			break;
ef5584
		}
ef5584
ef5584
		// Do major work
ef5584
		switch ($action)
ef5584
		{
ef5584
			case 'edit':
ef5584
			case 'add':
ef5584
ef5584
				$template->assign_vars(array(
ef5584
					'S_EDIT_BBCODE'		=> true,
ef5584
					'U_BACK'			=> $this->u_action,
ef5584
					'U_ACTION'			=> $this->u_action . '&action=' . (($action == 'add') ? 'create' : 'modify') . (($bbcode_id) ? "&bbcode=$bbcode_id" : ''),
ef5584
ef5584
					'L_BBCODE_USAGE_EXPLAIN'=> sprintf($user->lang['BBCODE_USAGE_EXPLAIN'], '', ''),
ef5584
					'BBCODE_MATCH'			=> $bbcode_match,
ef5584
					'BBCODE_TPL'			=> $bbcode_tpl,
ef5584
					'BBCODE_HELPLINE'		=> $bbcode_helpline,
ef5584
					'DISPLAY_ON_POSTING'	=> $display_on_posting)
ef5584
				);
ef5584
ef5584
				foreach ($user->lang['tokens'] as $token => $token_explain)
ef5584
				{
ef5584
					$template->assign_block_vars('token', array(
ef5584
						'TOKEN'		=> '{' . $token . '}',
ef5584
						'EXPLAIN'	=> $token_explain)
ef5584
					);
ef5584
				}
ef5584
ef5584
				return;
ef5584
ef5584
			break;
ef5584
ef5584
			case 'modify':
ef5584
			case 'create':
ef5584
ef5584
				$data = $this->build_regexp($bbcode_match, $bbcode_tpl);
ef5584
ef5584
				// Make sure the user didn't pick a "bad" name for the BBCode tag.
ef5584
				$hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash=');
ef5584
ef5584
				if (($action == 'modify' && strtolower($data['bbcode_tag']) !== strtolower($row['bbcode_tag'])) || ($action == 'create'))
ef5584
				{
ef5584
					$sql = 'SELECT 1 as test
ef5584
						FROM ' . BBCODES_TABLE . "
ef5584
						WHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'";
ef5584
					$result = $db->sql_query($sql);
ef5584
					$info = $db->sql_fetchrow($result);
ef5584
					$db->sql_freeresult($result);
ef5584
ef5584
					// Grab the end, interrogate the last closing tag
ef5584
					if ($info['test'] === '1' || in_array(strtolower($data['bbcode_tag']), $hard_coded) || (preg_match('#\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded)))
ef5584
					{
ef5584
						trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
					}
ef5584
				}
ef5584
ef5584
				if (substr($data['bbcode_tag'], -1) === '=')
ef5584
				{
ef5584
					$test = substr($data['bbcode_tag'], 0, -1);
ef5584
				}
ef5584
				else
ef5584
				{
ef5584
					$test = $data['bbcode_tag'];
ef5584
				}
ef5584
ef5584
				if (!preg_match('%\\[' . $test . '[^]]*].*?\\[/' . $test . ']%s', $bbcode_match))
ef5584
				{
ef5584
					trigger_error($user->lang['BBCODE_OPEN_ENDED_TAG'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
				}
ef5584
ef5584
				if (strlen($data['bbcode_tag']) > 16)
ef5584
				{
ef5584
					trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
				}
ef5584
ef5584
				if (strlen($bbcode_match) > 4000)
ef5584
				{
ef5584
					trigger_error($user->lang['BBCODE_TAG_DEF_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
				}
ef5584
				
ef5584
				
ef5584
				if (strlen($bbcode_helpline) > 255)
ef5584
				{
ef5584
					trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
				}
ef5584
ef5584
				$sql_ary = array(
ef5584
					'bbcode_tag'				=> $data['bbcode_tag'],
ef5584
					'bbcode_match'				=> $bbcode_match,
ef5584
					'bbcode_tpl'				=> $bbcode_tpl,
ef5584
					'display_on_posting'		=> $display_on_posting,
ef5584
					'bbcode_helpline'			=> $bbcode_helpline,
ef5584
					'first_pass_match'			=> $data['first_pass_match'],
ef5584
					'first_pass_replace'		=> $data['first_pass_replace'],
ef5584
					'second_pass_match'			=> $data['second_pass_match'],
ef5584
					'second_pass_replace'		=> $data['second_pass_replace']
ef5584
				);
ef5584
ef5584
				if ($action == 'create')
ef5584
				{
ef5584
					$sql = 'SELECT MAX(bbcode_id) as max_bbcode_id
ef5584
						FROM ' . BBCODES_TABLE;
ef5584
					$result = $db->sql_query($sql);
ef5584
					$row = $db->sql_fetchrow($result);
ef5584
					$db->sql_freeresult($result);
ef5584
ef5584
					if ($row)
ef5584
					{
ef5584
						$bbcode_id = $row['max_bbcode_id'] + 1;
ef5584
ef5584
						// Make sure it is greater than the core bbcode ids...
ef5584
						if ($bbcode_id <= NUM_CORE_BBCODES)
ef5584
						{
ef5584
							$bbcode_id = NUM_CORE_BBCODES + 1;
ef5584
						}
ef5584
					}
ef5584
					else
ef5584
					{
ef5584
						$bbcode_id = NUM_CORE_BBCODES + 1;
ef5584
					}
ef5584
ef5584
					if ($bbcode_id > 1511)
ef5584
					{
ef5584
						trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
					}
ef5584
ef5584
					$sql_ary['bbcode_id'] = (int) $bbcode_id;
ef5584
ef5584
					$db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary));
ef5584
					$cache->destroy('sql', BBCODES_TABLE);
ef5584
ef5584
					$lang = 'BBCODE_ADDED';
ef5584
					$log_action = 'LOG_BBCODE_ADD';
ef5584
				}
ef5584
				else
ef5584
				{
ef5584
					$sql = 'UPDATE ' . BBCODES_TABLE . '
ef5584
						SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
ef5584
						WHERE bbcode_id = ' . $bbcode_id;
ef5584
					$db->sql_query($sql);
ef5584
					$cache->destroy('sql', BBCODES_TABLE);
ef5584
ef5584
					$lang = 'BBCODE_EDITED';
ef5584
					$log_action = 'LOG_BBCODE_EDIT';
ef5584
				}
ef5584
ef5584
				add_log('admin', $log_action, $data['bbcode_tag']);
ef5584
ef5584
				trigger_error($user->lang[$lang] . adm_back_link($this->u_action));
ef5584
ef5584
			break;
ef5584
ef5584
			case 'delete':
ef5584
ef5584
				$sql = 'SELECT bbcode_tag
ef5584
					FROM ' . BBCODES_TABLE . "
ef5584
					WHERE bbcode_id = $bbcode_id";
ef5584
				$result = $db->sql_query($sql);
ef5584
				$row = $db->sql_fetchrow($result);
ef5584
				$db->sql_freeresult($result);
ef5584
ef5584
				if ($row)
ef5584
				{
ef5584
					if (confirm_box(true))
ef5584
					{
ef5584
						$db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = $bbcode_id");
ef5584
						$cache->destroy('sql', BBCODES_TABLE);
ef5584
						add_log('admin', 'LOG_BBCODE_DELETE', $row['bbcode_tag']);
ef5584
					}
ef5584
					else
ef5584
					{
ef5584
						confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array(
ef5584
							'bbcode'	=> $bbcode_id,
ef5584
							'i'			=> $id,
ef5584
							'mode'		=> $mode,
ef5584
							'action'	=> $action))
ef5584
						);
ef5584
					}
ef5584
				}
ef5584
ef5584
			break;
ef5584
		}
ef5584
ef5584
		$template->assign_vars(array(
ef5584
			'U_ACTION'		=> $this->u_action . '&action=add')
ef5584
		);
ef5584
ef5584
		$sql = 'SELECT *
ef5584
			FROM ' . BBCODES_TABLE . '
ef5584
			ORDER BY bbcode_tag';
ef5584
		$result = $db->sql_query($sql);
ef5584
ef5584
		while ($row = $db->sql_fetchrow($result))
ef5584
		{
ef5584
			$template->assign_block_vars('bbcodes', array(
ef5584
				'BBCODE_TAG'		=> $row['bbcode_tag'],
ef5584
				'U_EDIT'			=> $this->u_action . '&action=edit&bbcode=' . $row['bbcode_id'],
ef5584
				'U_DELETE'			=> $this->u_action . '&action=delete&bbcode=' . $row['bbcode_id'])
ef5584
			);
ef5584
		}
ef5584
		$db->sql_freeresult($result);
ef5584
	}
ef5584
ef5584
	/*
ef5584
	* Build regular expression for custom bbcode
ef5584
	*/
ef5584
	function build_regexp(&$bbcode_match, &$bbcode_tpl)
ef5584
	{
ef5584
		$bbcode_match = trim($bbcode_match);
ef5584
		$bbcode_tpl = trim($bbcode_tpl);
ef5584
ef5584
		$fp_match = preg_quote($bbcode_match, '!');
ef5584
		$fp_replace = preg_replace('#^\[(.*?)\]#', '[$1:$uid]', $bbcode_match);
ef5584
		$fp_replace = preg_replace('#\[/(.*?)\]$#', '[/$1:$uid]', $fp_replace);
ef5584
ef5584
		$sp_match = preg_quote($bbcode_match, '!');
ef5584
		$sp_match = preg_replace('#^\\\\\[(.*?)\\\\\]#', '\[$1:$uid\]', $sp_match);
ef5584
		$sp_match = preg_replace('#\\\\\[/(.*?)\\\\\]$#', '\[/$1:$uid\]', $sp_match);
ef5584
		$sp_replace = $bbcode_tpl;
ef5584
ef5584
		// @todo Make sure to change this too if something changed in message parsing
ef5584
		$tokens = array(
ef5584
			'URL'	 => array(
ef5584
				'!(?:(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))!ie'	=>	"\$this->bbcode_specialchars(('\$1') ? '\$1' : 'http://\$2')"
ef5584
			),
ef5584
			'LOCAL_URL'	 => array(
ef5584
				'!(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')!e'	=>	"\$this->bbcode_specialchars('$1')"
ef5584
			),
ef5584
			'EMAIL' => array(
ef5584
				'!(' . get_preg_expression('email') . ')!ie'	=>	"\$this->bbcode_specialchars('$1')"
ef5584
			),
ef5584
			'TEXT' => array(
ef5584
				'!(.*?)!es'	 =>	"str_replace(array(\"\\r\\n\", '\\\"', '\\'', '(', ')'), array(\"\\n\", '\"', ''', '(', ')'), trim('\$1'))"
ef5584
			),
ef5584
			'SIMPLETEXT' => array(
ef5584
				'!([a-zA-Z0-9-+.,_ ]+)!'	 =>	"$1"
ef5584
			),
ef5584
			'IDENTIFIER' => array(
ef5584
				'!([a-zA-Z0-9-_]+)!'	 =>	"$1"
ef5584
			),
ef5584
			'COLOR' => array(
ef5584
				'!([a-z]+|#[0-9abcdef]+)!i'	=>	'$1'
ef5584
			),
ef5584
			'NUMBER' => array(
ef5584
				'!([0-9]+)!'	=>	'$1'
ef5584
			)
ef5584
		);
ef5584
ef5584
		$sp_tokens = array(
ef5584
			'URL'	 => '(?i)((?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('url')) . ')|(?:' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('www_url')) . '))(?-i)',
ef5584
			'LOCAL_URL'	 => '(?i)(' . str_replace(array('!', '\#'), array('\!', '#'), get_preg_expression('relative_url')) . ')(?-i)',
ef5584
			'EMAIL' => '(' . get_preg_expression('email') . ')',
ef5584
			'TEXT' => '(.*?)',
ef5584
			'SIMPLETEXT' => '([a-zA-Z0-9-+.,_ ]+)',
ef5584
			'IDENTIFIER' => '([a-zA-Z0-9-_]+)',
ef5584
			'COLOR' => '([a-zA-Z]+|#[0-9abcdefABCDEF]+)',
ef5584
			'NUMBER' => '([0-9]+)',
ef5584
		);
ef5584
ef5584
		$pad = 0;
ef5584
		$modifiers = 'i';
ef5584
ef5584
		if (preg_match_all('/\{(' . implode('|', array_keys($tokens)) . ')[0-9]*\}/i', $bbcode_match, $m))
ef5584
		{
ef5584
			foreach ($m[0] as $n => $token)
ef5584
			{
ef5584
				$token_type = $m[1][$n];
ef5584
ef5584
				reset($tokens[strtoupper($token_type)]);
ef5584
				list($match, $replace) = each($tokens[strtoupper($token_type)]);
ef5584
ef5584
				// Pad backreference numbers from tokens
ef5584
				if (preg_match_all('/(?
ef5584
				{
ef5584
					$repad = $pad + sizeof(array_unique($repad[0]));
ef5584
					$replace = preg_replace('/(?
ef5584
					$pad = $repad;
ef5584
				}
ef5584
ef5584
				// Obtain pattern modifiers to use and alter the regex accordingly
ef5584
				$regex = preg_replace('/!(.*)!([a-z]*)/', '$1', $match);
ef5584
				$regex_modifiers = preg_replace('/!(.*)!([a-z]*)/', '$2', $match);
ef5584
ef5584
				for ($i = 0, $size = strlen($regex_modifiers); $i < $size; ++$i)
ef5584
				{
ef5584
					if (strpos($modifiers, $regex_modifiers[$i]) === false)
ef5584
					{
ef5584
						$modifiers .= $regex_modifiers[$i];
ef5584
ef5584
						if ($regex_modifiers[$i] == 'e')
ef5584
						{
ef5584
							$fp_replace = "'" . str_replace("'", "\\'", $fp_replace) . "'";
ef5584
						}
ef5584
					}
ef5584
ef5584
					if ($regex_modifiers[$i] == 'e')
ef5584
					{
ef5584
						$replace = "'.$replace.'";
ef5584
					}
ef5584
				}
ef5584
ef5584
				$fp_match = str_replace(preg_quote($token, '!'), $regex, $fp_match);
ef5584
				$fp_replace = str_replace($token, $replace, $fp_replace);
ef5584
ef5584
				$sp_match = str_replace(preg_quote($token, '!'), $sp_tokens[$token_type], $sp_match);
ef5584
				$sp_replace = str_replace($token, '${' . ($n + 1) . '}', $sp_replace);
ef5584
			}
ef5584
ef5584
			$fp_match = '!' . $fp_match . '!' . $modifiers;
ef5584
			$sp_match = '!' . $sp_match . '!s';
ef5584
ef5584
			if (strpos($fp_match, 'e') !== false)
ef5584
			{
ef5584
				$fp_replace = str_replace("'.'", '', $fp_replace);
ef5584
				$fp_replace = str_replace(".''.", '.', $fp_replace);
ef5584
			}
ef5584
		}
ef5584
		else
ef5584
		{
ef5584
			// No replacement is present, no need for a second-pass pattern replacement
ef5584
			// A simple str_replace will suffice
ef5584
			$fp_match = '!' . $fp_match . '!' . $modifiers;
ef5584
			$sp_match = $fp_replace;
ef5584
			$sp_replace = '';
ef5584
		}
ef5584
ef5584
		// Lowercase tags
ef5584
		$bbcode_tag = preg_replace('/.*?\[([a-z0-9_-]+=?).*/i', '$1', $bbcode_match);
ef5584
		$bbcode_search = preg_replace('/.*?\[([a-z0-9_-]+)=?.*/i', '$1', $bbcode_match);
ef5584
ef5584
		if (!preg_match('/^[a-zA-Z0-9_-]+=?$/', $bbcode_tag))
ef5584
		{
ef5584
			global $user;
ef5584
			trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING);
ef5584
		}
ef5584
ef5584
		$fp_match = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $fp_match);
ef5584
		$fp_replace = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $fp_replace);
ef5584
		$sp_match = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $sp_match);
ef5584
		$sp_replace = preg_replace('#\[/?' . $bbcode_search . '#ie', "strtolower('\$0')", $sp_replace);
ef5584
ef5584
		return array(
ef5584
			'bbcode_tag'				=> $bbcode_tag,
ef5584
			'first_pass_match'			=> $fp_match,
ef5584
			'first_pass_replace'		=> $fp_replace,
ef5584
			'second_pass_match'			=> $sp_match,
ef5584
			'second_pass_replace'		=> $sp_replace
ef5584
		);
ef5584
	}
ef5584
}
ef5584
ef5584
?>