X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;ds=sidebyside;f=banana%2Fmisc.inc.php;h=15997aa59bfb0b4c82837b74b1c1bf3bf2fba927;hb=39816f8b637dbd80dc1a64f1a04adb4f3cf24a9f;hp=3258ef1b5bf61323af8da9ffa188632d8a0928f0;hpb=78cd27b3ec8300e0a8ed7e6b909e3ea99fa75911;p=banana.git diff --git a/banana/misc.inc.php b/banana/misc.inc.php index 3258ef1..15997aa 100644 --- a/banana/misc.inc.php +++ b/banana/misc.inc.php @@ -14,12 +14,51 @@ function _b_($str) { return utf8_decode(dgettext('banana', utf8_encode($str))); } function to_entities($str) { - require_once 'banana/utf8.php'; + require_once dirname(__FILE__).'/utf8.php'; return utf8entities(htmlentities($str, ENT_NOQUOTES, 'UTF-8')); } function is_utf8($s) { return iconv('utf-8', 'utf-8', $s) == $s; } +function textFormat_translate($format) +{ + switch (strtolower($format)) { + case 'plain': return _b_('Texte brut'); + case 'richtext': return _b_('Texte enrichi'); + case 'html': return _b_('HTML'); + default: return $format; + } +} + +/******************************************************************************** + * HTML STUFF + * Taken from php.net + */ + + /** + * @return string + * @param string + * @desc Strip forbidden tags and delegate tag-source check to removeEvilAttributes() + */ +function removeEvilTags($source) +{ + $allowedTags = '
'; + $source = strip_tags($source, $allowedTags); + return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source); +} + +/** + * @return string + * @param string + * @desc Strip forbidden attributes from a tag + */ +function removeEvilAttributes($tagSource) +{ + $stripAttrib = 'javascript:|onclick|ondblclick|onmousedown|onmouseup|onmouseover|'. + 'onmousemove|onmouseout|onkeypress|onkeydown|onkeyup'; + return stripslashes(preg_replace("/$stripAttrib/i", '', $tagSource)); +} + /******************************************************************************** * HEADER STUFF */ @@ -216,17 +255,35 @@ function wrap($text, $_prefix="") return $_prefix.join("\n$_prefix", $result).($_prefix ? '' : $sign); } -function formatbody($_text) { - $res = "\n\n" . to_entities(wrap($_text, ""))."\n\n"; +function formatbody($_text, $format='plain') +{ + if ($format == 'html') { + $res = '
)\n?-- \n?(
'.removeEvilTags(html_entity_decode(to_entities($_text))).'
'; + } else { + $res = "\n\n" . to_entities(wrap($_text, ""))."\n\n"; + } $res = preg_replace("/(<|>|")/", " \\1 ", $res); $res = preg_replace('/(["\[])?((https?|ftp|news):\/\/[a-z@0-9.~%$£µ&i#\-+=_\/\?]*)(["\]])?/i', "\\1\\2\\4", $res); $res = preg_replace("/ (<|>|") /", "\\1", $res); - - $parts = preg_split("/\n-- ?\n/", $res); + + if ($format == 'html') { + $res = preg_replace("@(]*>|
)@", "\\1
-- \\2", $res); + $res = preg_replace("@
\n?-- \n?(]*>)@", "
--
\\2", $res); + $parts = preg_split("@(:?]*>\n?-- \n?
|
]*>\n?-- \n?
)@", $res); + } else { + $parts = preg_split("/\n-- ?\n/", $res); + } if (count($parts) > 1) { - $sign = "
" . array_pop($parts); - return join("\n-- \n", $parts).$sign; + $sign = array_pop($parts); + if ($format == 'html') { + $res = join('
--
', $parts); + $sign = '
'.$sign; + } else { + $res = join('\n-- \n', $parts); + $sign = '
'.$sign; + } + return $res.$sign; } else { return $res; }