Commit | Line | Data |
---|---|---|
6855525e JL |
1 | <?php |
2 | ||
3 | /** | |
4 | * | |
5 | * Embeds the results of a PHP script at render-time. | |
6 | * | |
7 | * @category Text | |
8 | * | |
9 | * @package Text_Wiki | |
10 | * | |
11 | * @author Paul M. Jones <pmjones@php.net> | |
12 | * | |
13 | * @license LGPL | |
14 | * | |
15 | * @version $Id: Embed.php,v 1.3 2005/02/23 17:38:29 pmjones Exp $ | |
16 | * | |
17 | */ | |
18 | ||
19 | /** | |
20 | * | |
21 | * Embeds the results of a PHP script at render-time. | |
22 | * | |
23 | * This class implements a Text_Wiki_Parse to embed the contents of a URL | |
24 | * inside the page at render-time. Typically used to get script output. | |
25 | * This differs from the 'include' rule, which incorporates results at | |
26 | * parse-time; 'embed' output does not get parsed by Text_Wiki, while | |
27 | * 'include' ouput does. | |
28 | * | |
29 | * This rule is inherently not secure; it allows cross-site scripting to | |
30 | * occur if the embedded output has <script> or other similar tags. Be | |
31 | * careful. | |
32 | * | |
33 | * @category Text | |
34 | * | |
35 | * @package Text_Wiki | |
36 | * | |
37 | * @author Paul M. Jones <pmjones@php.net> | |
38 | * | |
39 | */ | |
40 | ||
41 | class Text_Wiki_Parse_Embed extends Text_Wiki_Parse { | |
42 | ||
43 | var $conf = array( | |
44 | 'base' => '/path/to/scripts/' | |
45 | ); | |
46 | ||
47 | var $file = null; | |
48 | ||
49 | var $output = null; | |
50 | ||
51 | var $vars = null; | |
52 | ||
53 | ||
54 | /** | |
55 | * | |
56 | * The regular expression used to find source text matching this | |
57 | * rule. | |
58 | * | |
59 | * @access public | |
60 | * | |
61 | * @var string | |
62 | * | |
63 | */ | |
64 | ||
65 | var $regex = '/(\[\[embed )(.+?)( .+?)?(\]\])/i'; | |
66 | ||
67 | ||
68 | /** | |
69 | * | |
70 | * Generates a token entry for the matched text. Token options are: | |
71 | * | |
72 | * 'text' => The full matched text, not including the <code></code> tags. | |
73 | * | |
74 | * @access public | |
75 | * | |
76 | * @param array &$matches The array of matches from parse(). | |
77 | * | |
78 | * @return A delimited token number to be used as a placeholder in | |
79 | * the source text. | |
80 | * | |
81 | */ | |
82 | ||
83 | function process(&$matches) | |
84 | { | |
85 | // save the file location | |
86 | $this->file = $this->getConf('base', './') . $matches[2]; | |
87 | ||
88 | // extract attribs as variables in the local space | |
89 | $this->vars = $this->getAttrs($matches[3]); | |
90 | unset($this->vars['this']); | |
91 | extract($this->vars); | |
92 | ||
93 | // run the script | |
94 | ob_start(); | |
95 | include($this->file); | |
96 | $this->output = ob_get_contents(); | |
97 | ob_end_clean(); | |
98 | ||
99 | // done, place the script output directly in the source | |
100 | return $this->wiki->addToken( | |
101 | $this->rule, | |
102 | array('text' => $this->output) | |
103 | ); | |
104 | } | |
105 | } | |
106 | ?> |