X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;ds=sidebyside;f=banana%2Fmisc.inc.php;h=9b568d82a767292992d5f3a8d095c91025814814;hb=940ae667f3ed96e2e3eed46a741421c5ea04440e;hp=e9f7c94c6f6263cb21230044bf7843943c052faf;hpb=c42efe2f093bae5e429288c6a39df6ff9357a88f;p=banana.git

diff --git a/banana/misc.inc.php b/banana/misc.inc.php
index e9f7c94..9b568d8 100644
--- a/banana/misc.inc.php
+++ b/banana/misc.inc.php
@@ -14,12 +14,100 @@
 function _b_($str) { return utf8_decode(dgettext('banana', utf8_encode($str))); }
 
 function to_entities($str) {
-    require_once 'banana/utf8.php';
+    require_once dirname(__FILE__).'/utf8.php';
     return utf8entities(htmlentities($str, ENT_NOQUOTES, 'UTF-8'));
 }
 
 function is_utf8($s) { return iconv('utf-8', 'utf-8', $s) == $s; }
 
+function textFormat_translate($format)
+{
+    switch (strtolower($format)) {
+        case 'plain':       return _b_('Texte brut');
+        case 'richtext':    return _b_('Texte enrichi');
+        case 'html':        return _b_('HTML');
+        default:            return $format;
+    }
+}
+
+/********************************************************************************
+ * HTML STUFF
+ * Taken from php.net
+ */
+
+/**
+ * @return string
+ * @param string
+ * @desc Strip forbidden tags and delegate tag-source check to removeEvilAttributes()
+ */
+function removeEvilTags($source)
+{
+    $allowedTags = '<h1><b><i><a><ul><li><pre><hr><blockquote><img><br><font><p><small><big><sup><sub><code>';
+    $source = strip_tags($source, $allowedTags);
+    return preg_replace('/<(.*?)>/ie', "'<'.removeEvilAttributes('\\1').'>'", $source);
+}
+
+/**
+ * @return string
+ * @param string
+ * @desc Strip forbidden attributes from a tag
+ */
+function removeEvilAttributes($tagSource)
+{
+    $stripAttrib = 'javascript:|onclick|ondblclick|onmousedown|onmouseup|onmouseover|'.
+                   'onmousemove|onmouseout|onkeypress|onkeydown|onkeyup';
+    return stripslashes(preg_replace("/$stripAttrib/i", '', $tagSource));
+}
+
+/** Convert html to plain text
+ */
+function htmlToPlainText($res)
+{
+    $res = trim(html_entity_decode(strip_tags($res, '<br>')));
+    $res = preg_replace("@<br[^>]>@i", "\n", $res);
+    if (!is_utf8($res)) {
+        $res = utf8_encode($res);
+    }   
+    return $res;
+}
+
+/********************************************************************************
+ * RICHTEXT STUFF
+ */
+
+/** Convert richtext to html
+ */
+function richtextToHtml($source)
+{
+    $tags = Array('bold' => 'b',
+                  'italic' => 'i',
+                  'smaller' => 'small',
+                  'bigger' => 'big',
+                  'underline' => 'u',
+                  'subscript' => 'sub',
+                  'superscript' => 'sup',
+                  'excerpt' => 'blockquote',
+                  'paragraph' => 'p',
+                  'nl' => 'br'
+            );
+            
+    // clean unsupported tags
+    $protectedTags = '<signature><lt><comment><'.join('><', array_keys($tags)).'>';
+    $source = strip_tags($source, $protectedTags);
+    
+    // convert richtext tags to html
+    foreach (array_keys($tags) as $tag) {
+        $source = preg_replace('@(</?)'.$tag.'([^>]*>)@i', '\1'.$tags[$tag].'\2', $source);
+    }
+
+    // some special cases
+    $source = preg_replace('@<signature>@i', '<br>-- <br>', $source);
+    $source = preg_replace('@</signature>@i', '', $source);
+    $source = preg_replace('@<lt>@i', '&lt;', $source);
+    $source = preg_replace('@<comment[^>]*>((?:[^<]|<(?!/comment>))*)</comment>@i', '<!-- \1 -->', $source);
+    return removeEvilAttributes($source);
+}
+
 /********************************************************************************
  *  HEADER STUFF
  */
@@ -35,6 +123,15 @@ function headerDecode($value) {
     return preg_replace('/=\?([^?]*)\?([BQ])\?([^?]*)\?=/e', '_headerdecode("\1", "\2", "\3")', $val);
 }
 
+function headerEncode($value, $trim = 0) {
+    if ($trim) {
+        if (strlen($value) > $trim) {
+            $value = substr($value, 0, $trim) . "[...]";
+        }
+    }
+    return "=?UTF-8?B?".base64_encode($value)."?=";
+}
+
 function header_translate($hdr) {
     switch ($hdr) {
         case 'from':            return _b_('De');
@@ -176,7 +273,7 @@ function displayshortcuts($first = -1) {
     } else {
         $res .= "[<a href=\"?group=$group&amp;artid=$artid&amp;action=new\">"
             ._b_('Répondre')."</a>] ";
-        if ($banana->post->checkcancel()) {
+        if ($banana->post && $banana->post->checkcancel()) {
             $res .= "[<a href=\"?group=$group&amp;artid=$artid&amp;action=cancel\">"
                 ._b_('Annuler ce message')."</a>] ";
         }
@@ -207,17 +304,38 @@ function wrap($text, $_prefix="")
     return $_prefix.join("\n$_prefix", $result).($_prefix ? '' : $sign);
 }
 
-function formatbody($_text) {
-    $res  = "\n\n" . to_entities(wrap($_text, ""))."\n\n";
+function formatbody($_text, $format='plain')
+{
+    if ($format == 'html') {
+        $res = '<br/>'.removeEvilTags($_text).'<br/>';
+    } else if ($format == 'richtext') {
+        $res = '<br/>'.richtextToHtml($_text).'<br/>';
+        $format = 'html';
+    } else {
+        $res  = "\n\n" . to_entities(wrap($_text, ""))."\n\n";
+    }
     $res  = preg_replace("/(&lt;|&gt;|&quot;)/", " \\1 ", $res);
     $res  = preg_replace('/(["\[])?((https?|ftp|news):\/\/[a-z@0-9.~%$£µ&i#\-+=_\/\?]*)(["\]])?/i', "\\1<a href=\"\\2\">\\2</a>\\4", $res);
     $res  = preg_replace("/ (&lt;|&gt;|&quot;) /", "\\1", $res);
-   
-    $parts = preg_split("/\n-- ?\n/", $res);
+
+    if ($format == 'html') {
+        $res = preg_replace("@(</p>)\n?-- \n?(<p[^>]*>|<br>)@", "\\1<br>-- \\2", $res);
+        $res = preg_replace("@<br>\n?-- \n?(<p[^>]*>)@", "<br>-- <br>\\2", $res);
+        $parts = preg_split("@(:?<p[^>]*>\n?-- \n?</p>|<br[^>]*>\n?-- \n?<br>)@", $res);
+    } else {
+        $parts = preg_split("/\n-- ?\n/", $res);
+    }
 
     if (count($parts) > 1) {
-        $sign = "</pre><hr style='width: 100%; margin: 1em 0em; ' /><pre>" . array_pop($parts);
-        return join("\n-- \n", $parts).$sign;
+        $sign  = array_pop($parts);
+        if ($format == 'html') {
+            $res  = join('<br/>-- <br/>', $parts);
+            $sign = '<hr style="width: 100%; margin: 1em 0em; " />'.$sign;
+        } else {
+            $res  = join('\n-- \n', $parts);
+            $sign = '</pre><hr style="width: 100%; margin: 1em 0em; " /><pre>'.$sign;
+        }
+        return $res.$sign;
     } else {
         return $res;
     }