projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
#562: Cipher emails to prevent massive mail dumping by bots
[platal.git] / classes / platalpage.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2006 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 require_once 'smarty/libs/Smarty.class.php';
23
24 class PlatalPage extends Smarty
25 {
26 var $_page_type;
27 var $_tpl;
28 var $_errors;
29 var $_failure;
30
31 // defaults
32 var $caching = false;
33 var $config_overwrite = false;
34 var $use_sub_dirs = false;
35
36 // {{{ function PlatalPage()
37
38 function PlatalPage($tpl, $type = SKINNED)
39 {
40 global $globals;
41
42 $this->Smarty();
43
44 $this->template_dir = $globals->spoolroot."/templates/";
45 $this->compile_dir = $globals->spoolroot."/spool/templates_c/";
46 array_unshift($this->plugins_dir, $globals->spoolroot."/plugins/");
47 $this->config_dir = $globals->spoolroot."/configs/";
48
49 $this->compile_check = !empty($globals->debug);
50
51 $this->_page_type = $type;
52 $this->_tpl = $tpl;
53 $this->_errors = array();
54 $this->_failure = false;
55
56 $this->register_prefilter('at_to_globals');
57 $this->register_prefilter('trimwhitespace');
58 $this->addJsLink('xorg.js');
59 }
60
61 // }}}
62 // {{{ function changeTpl()
63
64 function changeTpl($tpl, $type = SKINNED)
65 {
66 $this->_tpl = $tpl;
67 $this->_page_type = $type;
68 $this->assign('xorg_tpl', $tpl);
69 }
70
71 // }}}
72 // {{{ function _run()
73
74 function _run($skin)
75 {
76 global $globals, $TIME_BEGIN;
77
78 session_write_close();
79
80 $this->assign('xorg_errors', $this->_errors);
81 $this->assign('xorg_failure', $this->_failure);
82 $this->assign('globals', $globals);
83
84 switch ($this->_page_type) {
85 case NO_SKIN:
86 error_reporting(0);
87 $this->display($this->_tpl);
88 exit;
89
90 case SIMPLE:
91 $this->assign('simple', true);
92
93 case SKINNED:
94 $this->register_modifier('escape_html', 'escape_html');
95 $this->default_modifiers = Array('@escape_html');
96 }
97 $this->register_outputfilter('hide_emails');
98 $this->addJsLink('wiki.js');
99
100 if (!$globals->debug) {
101 error_reporting(0);
102 $this->display($skin);
103 exit;
104 }
105
106 if ($globals->debug & 1) {
107 $this->assign('db_trace', XDB::trace_format($this, 'database-debug.tpl'));
108 }
109
110 $this->assign('validate', true);
111 error_reporting(0);
112 $result = $this->fetch($skin);
113 $ttime = sprintf('Temps total: %.02fs<br />', microtime_float() - $TIME_BEGIN);
114 $replc = "<span class='erreur'>VALIDATION HTML INACTIVE</span><br />";
115
116 if ($globals->debug & 2) {
117
118 $fd = fopen($this->compile_dir."/valid.html","w");
119 fwrite($fd, $result);
120 fclose($fd);
121
122 exec($globals->spoolroot."/bin/devel/xhtml.validate.pl ".$this->compile_dir."/valid.html", $val);
123 foreach ($val as $h) {
124 if (preg_match("/^X-W3C-Validator-Errors: (\d+)$/", $h, $m)) {
125 $replc = '<span style="color: #080;">HTML OK</span><br />';
126 if ($m[1]) {
127 $replc = "<span class='erreur'><a href='http://validator.w3.org/check?uri={$globals->baseurl}"
128 ."/valid.html&amp;ss=1#result'>{$m[1]} ERREUR(S) !!!</a></span><br />";
129 }
130 break;
131 }
132 }
133 }
134
135 echo str_replace("@HOOK@", $ttime.$replc, $result);
136 exit;
137 }
138
139 // }}}
140 // {{{ function nb_errs()
141
142 function nb_errs()
143 {
144 return count($this->_errors);
145 }
146
147 // }}}
148 // {{{ function trig()
149
150 function trig($msg)
151 {
152 $this->_errors[] = $msg;
153 }
154
155 // }}}
156 // {{{ function kill()
157
158 function kill($msg)
159 {
160 global $platal;
161
162 $this->assign('platal', $platal);
163 $this->trig($msg);
164 $this->_failure = true;
165 $this->run();
166 }
167
168 // }}}
169 // {{{ function addJsLink
170
171 function addJsLink($path)
172 {
173 $this->append('xorg_js', $path);
174 }
175
176 // }}}
177 // {{{ function addCssLink
178
179 function addCssLink($path)
180 {
181 $this->append('xorg_css', $path);
182 }
183
184 // }}}
185 // {{{ function setRssLink
186
187 function setRssLink($title, $path)
188 {
189 $this->assign('xorg_rss', array('title' => $title, 'href' => $path));
190 }
191
192 // }}}
193 }
194
195 // {{{ function escape_html ()
196
197 /**
198 * default smarty plugin, used to auto-escape dangerous html.
199 *
200 * < --> &lt;
201 * > --> &gt;
202 * " --> &quot;
203 * & not followed by some entity --> &amp;
204 */
205 function escape_html($string)
206 {
207 if (is_string($string)) {
208 $transtbl = Array('<' => '&lt;', '>' => '&gt;', '"' => '&quot;', '\'' => '&#39;');
209 return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,4};)/", "&amp;" , strtr($string, $transtbl));
210 } else {
211 return $string;
212 }
213 }
214
215 // }}}
216 // {{{ function at_to_globals()
217
218 /**
219 * helper
220 */
221
222 function _to_globals($s) {
223 global $globals;
224 $t = explode('.',$s);
225 if (count($t) == 1) {
226 return var_export($globals->$t[0],true);
227 } else {
228 return var_export($globals->$t[0]->$t[1],true);
229 }
230 }
231
232 /**
233 * compilation plugin used to import $globals confing through #globals.foo.bar# directives
234 */
235
236 function at_to_globals($tpl_source, &$smarty)
237 {
238 return preg_replace('/#globals\.([a-zA-Z0-9_.]+?)#/e', '_to_globals(\'\\1\')', $tpl_source);
239 }
240
241 // }}}
242 // {{{ function trimwhitespace
243
244 function trimwhitespace($source, &$smarty)
245 {
246 $tags = array('script', 'pre', 'textarea');
247
248 foreach ($tags as $tag) {
249 preg_match_all("!<{$tag}[^>]+>.*?</{$tag}>!is", $source, ${$tag});
250 $source = preg_replace("!<{$tag}[^>]+>.*?</{$tag}>!is", "&&&{$tag}&&&", $source);
251 }
252
253 // remove all leading spaces, tabs and carriage returns NOT
254 // preceeded by a php close tag.
255 $source = preg_replace('/((?<!\?>)\n)[\s]+/m', '\1', $source);
256
257 foreach ($tags as $tag) {
258 $source = preg_replace("!&&&{$tag}&&&!e", 'array_shift(${$tag}[0])', $source);
259 }
260
261 return $source;
262 }
263
264 // }}}
265 // {{{ function hide_emails
266
267 function _hide_email($source)
268 {
269 return '<script type="text/javascript">Nix.decode("' . addslashes(str_rot13($source)) . '");</script>';
270 }
271
272 function hide_emails($source, &$smarty)
273 {
274 //prevent email replacement in <script> and <textarea>
275 $tags = array('script', 'textarea');
276
277 foreach ($tags as $tag) {
278 preg_match_all("!<{$tag}[^>]+>.*?</{$tag}>!is", $source, ${$tag});
279 $source = preg_replace("!<{$tag}[^>]+>.*?</{$tag}>!is", "&&&{$tag}&&&", $source);
280 }
281
282 //catch all emails in <a href="mailto:...">
283 preg_match_all("!<a[^>]+href=[\"']mailto:[^>]+>.*?</a>!is", $source, $ahref);
284 $source = preg_replace("!<a[^>]+href=[\"']mailto:[^>]+>.*?</a>!is", '&&&ahref&&&', $source);
285
286 //prevant replacement in tag attributes
287 preg_match_all("!<[^>]+[-a-z0-9_.]+@[-a-z0-9_.]+[^>]+>!is", $source, $misc);
288 $source = preg_replace("!<[^>]+[-a-z0-9_.]+@[-a-z0-9_.]+[^>]+>!is", '&&&misc&&&', $source);
289
290 //catch !
291 // $source = preg_replace('!([-a-z0-9_.]+@[-a-z0-9_.]+)!ie', '_hide_email("\1")', $source);
292 $source = preg_replace('!&&&ahref&&&!e', '_hide_email(array_shift($ahref[0]))', $source);
293 $source = preg_replace('!&&&misc&&&!e', '_hide_email(array_shift($misc[0]))', $source);
294
295 // restore data
296 foreach ($tags as $tag) {
297 $source = preg_replace("!&&&{$tag}&&&!e", 'array_shift(${$tag}[0])', $source);
298 }
299
300 return $source;
301 }
302
303 // }}}
304
305 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker:
306 ?>
plat/al