1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 317: 318: 319: 320: 321: 322: 323: 324: 325: 326: 327: 328: 329: 330: 331: 332: 333: 334: 335: 336: 337: 338: 339: 340: 341: 342: 343: 344: 345: 346: 347: 348: 349: 350: 351: 352: 353: 354: 355: 356: 357: 358: 359: 360: 361: 362: 363: 364: 365: 366: 367: 368: 369: 370: 371: 372: 373: 374: 375: 376: 377: 378: 379: 380: 381: 382: 383: 384: 385: 386: 387: 388: 389: 390: 391: 392: 393: 394: 395: 396: 397: 398: 399: 400: 401: 402: 403: 404: 405: 406: 407: 408: 409: 410: 411: 412: 413: 414: 415: 416: 417: 418: 419: 420: 421: 422: 423: 424: 425: 426: 427: 428: 429: 430: 431: 432: 433: 434: 435: 436: 437: 438: 439: 440: 441: 442: 443: 444: 445: 446: 447: 448: 449: 450: 451: 452: 453: 454: 455: 456: 457: 458: 459: 460: 461: 462: 463: 464: 465: 466: 467: 468: 469: 470: 471: 472: 473: 474: 475: 476: 477: 478: 479: 480: 481: 482: 483: 484: 485: 486: 487: 488: 489: 490: 491: 492: 493: 494: 495: 496: 497: 498: 499: 500: 501: 502: 503: 504: 505: 506: 507: 508: 509: 510: 511: 512: 513: 514: 515: 516: 517: 518: 519: 520: 521: 522: 523: 524: 525: 526: 527: 528: 529: 530: 531: 532: 533: 534: 535: 536: 537: 538: 539: 540: 541: 542: 543: 544: 545: 546: 547: 548: 549: 550: 551: 552: 553: 554: 555: 556: 557: 558: 559: 560: 561: 562: 563: 564: 565: 566: 567: 568: 569: 570: 571: 572: 573: 574: 575: 576: 577: 578: 579: 580: 581: 582: 583: 584: 585: 586: 587: 588: 589: 590: 591: 592: 593: 594: 595: 596: 597: 598: 599: 600: 601: 602: 603: 604: 605: 606: 607: 608: 609: 610: 611: 612: 613: 614: 615: 616: 617: 618: 619: 620: 621: 622: 623: 624: 625: 626: 627: 628: 629: 630: 631: 632: 633: 634: 635: 636: 637: 638: 639: 640: 641: 642: 643: 644: 645: 646: 647: 648: 649: 650: 651: 652: 653: 654: 655: 656: 657: 658: 659: 660: 661: 662: 663: 664: 665: 666: 667: 668: 669: 670: 671: 672: 673: 674: 675: 676: 677: 678: 679: 680: 681: 682: 683: 684: 685: 686: 687: 688: 689: 690: 691: 692: 693: 694: 695: 696: 697: 698: 699: 700: 701: 702: 703: 704: 705: 706: 707: 708: 709: 710: 711: 712: 713: 714: 715: 716: 717: 718: 719: 720: 721: 722: 723: 724: 725: 726: 727: 728: 729: 730: 731: 732: 733: 734: 735: 736: 737: 738: 739: 740: 741: 742: 743: 744: 745: 746: 747: 748: 749: 750: 751: 752: 753: 754: 755: 756: 757: 758: 759: 760: 761: 762: 763: 764: 765: 766: 767: 768: 769: 770: 771: 772: 773: 774: 775: 776: 777: 778: 779: 780: 781: 782: 783: 784: 785: 786: 787: 788: 789: 790: 791: 792: 793: 794: 795: 796: 797: 798: 799: 800: 801: 802: 803: 804: 805: 806: 807: 808: 809: 810: 811: 812: 813: 814: 815: 816: 817: 818: 819: 820: 821: 822: 823: 824: 825: 826: 827: 828: 829: 830: 831: 832: 833: 834: 835: 836: 837: 838: 839: 840: 841: 842: 843: 844: 845: 846: 847: 848: 849: 850: 851: 852: 853: 854: 855: 856: 857: 858: 859: 860: 861: 862: 863: 864: 865: 866: 867: 868: 869: 870: 871: 872: 873: 874: 875: 876: 877: 878: 879: 880: 881: 882: 883: 884: 885: 886: 887: 888: 889: 890: 891: 892: 893: 894: 895: 896: 897: 898: 899: 900: 901: 902: 903: 904: 905: 906: 907: 908: 909: 910: 911: 912: 913: 914: 915: 916: 917: 918: 919: 920: 921: 922: 923: 924: 925: 926: 927: 928: 929: 930: 931: 932: 933: 934: 935: 936: 937: 938: 939: 940: 941: 942: 943: 944: 945: 946: 947: 948: 949: 950: 951: 952: 953: 954: 955: 956: 957: 958: 959: 960: 961: 962: 963: 964: 965: 966: 967: 968: 969: 970: 971: 972: 973: 974: 975: 976: 977: 978: 979: 980: 981: 982: 983: 984: 985: 986: 987: 988: 989: 990: 991: 992: 993: 994: 995: 996: 997: 998: 999: 1000: 1001: 1002: 1003: 1004: 1005: 1006: 1007: 1008: 1009: 1010: 1011: 1012: 1013: 1014: 1015: 1016: 1017: 1018: 1019: 1020: 1021: 1022: 1023: 1024: 1025: 1026: 1027: 1028: 1029: 1030: 1031: 1032: 1033: 1034: 1035: 1036: 1037: 1038: 1039: 1040: 1041: 1042: 1043: 1044: 1045: 1046: 1047: 1048: 1049: 1050: 1051: 1052: 1053: 1054: 1055: 1056: 1057: 1058: 1059: 1060: 1061: 1062: 1063: 1064: 1065: 1066: 1067: 1068: 1069: 1070: 1071: 1072: 1073: 1074: 1075: 1076: 1077: 1078: 1079: 1080: 1081: 1082: 1083: 1084: 1085: 1086: 1087: 1088: 1089: 1090: 1091: 1092: 1093: 1094: 1095: 1096: 1097: 1098: 1099: 1100: 1101: 1102: 1103: 1104: 1105: 1106: 1107: 1108: 1109: 1110: 1111: 1112: 1113: 1114: 1115: 1116: 1117: 1118: 1119: 1120: 1121: 1122: 1123: 1124: 1125: 1126: 1127: 1128: 1129: 1130: 1131: 1132: 1133: 1134: 1135: 1136: 1137: 1138: 1139: 1140: 1141: 1142: 1143: 1144: 1145: 1146: 1147: 1148: 1149: 1150: 1151: 1152: 1153: 1154: 1155: 1156: 1157: 1158: 1159: 1160: 1161: 1162: 1163: 1164: 1165: 1166: 1167: 1168: 1169: 1170: 1171: 1172: 1173: 1174: 1175: 1176: 1177: 1178: 1179: 1180: 1181: 1182: 1183: 1184: 1185: 1186: 1187: 1188: 1189: 1190: 1191: 1192: 1193: 1194: 1195: 1196: 1197: 1198: 1199: 1200: 1201: 1202: 1203: 1204: 1205: 1206: 1207: 1208: 1209: 1210: 1211: 1212: 1213: 1214: 1215: 1216: 1217: 1218: 1219: 1220: 1221: 1222: 1223: 1224: 1225: 1226: 1227: 1228: 1229: 1230: 1231: 1232: 1233: 1234: 1235: 1236: 1237: 1238: 1239: 1240: 1241: 1242: 1243: 1244: 1245: 1246: 1247: 1248: 1249: 1250: 1251: 1252: 1253: 1254: 1255: 1256: 1257: 1258: 1259: 1260: 1261: 1262: 1263: 1264: 1265: 1266: 1267: 1268: 1269: 1270: 1271: 1272: 1273: 1274: 1275: 1276: 1277: 1278: 1279: 1280: 1281: 1282: 1283: 1284: 1285: 1286: 1287: 1288: 1289: 1290: 1291: 1292: 1293: 1294: 1295: 1296: 1297: 1298: 1299: 1300: 1301: 1302: 1303: 1304: 1305:
<?php
class icms_core_DataFilter {
public static $displaySmileys = array();
public static $allSmileys = array();
public function __construct() {}
static public function filterDebugInfo($text, $msg) {
echo "<div style='padding: 5px; color: red; font-weight: bold'>$text</div>";
echo "<div><pre>";
print_r($msg);
echo "</pre></div>";
}
static public function _filterImgUrl($matches) {
if (self::checkUrlString($matches[2])) {
return $matches[0];
} else {
return '';
}
}
static public function checkUrlString($text) {
if (preg_match("/[\0-\31]/", $text)) {
return false;
}
return !preg_match("/^(javascript|vbscript|about):/i", $text);
}
static public function nl2Br($text) {
return preg_replace("/(\015\012)|(\015)|(\012)/", "<br />", $text);
}
static public function htmlSpecialChars($text) {
return preg_replace(array("/&/i", "/ /i"), array('&', '&nbsp;'), @htmlspecialchars($text, ENT_QUOTES, _CHARSET));
}
static public function undoHtmlSpecialChars($text) {
return htmlspecialchars_decode($text, ENT_QUOTES);
}
static public function htmlEntities($text) {
return preg_replace(array("/&/i", "/ /i"), array('&', '&nbsp;'), @htmlentities($text, ENT_QUOTES, _CHARSET));
}
public static function addSlashes(string $text, string $param = null) {
return addcslashes($text, $param);
}
public static function stripSlashesGPC($text) {
return $text;
}
static public function cleanArray($arr) {
$rtn = array();
foreach ($arr as $key => $a) {
if (!is_array($a) && (!empty($a) || $a === 0)) {
$rtn[$key] = $a;
} elseif (is_array($a)) {
if (count($a) > 0) {
$a = self::cleanArray($a);
$rtn[$key] = $a;
if (count($a) == 0) {
unset($rtn[$key]);
}
}
}
}
return $rtn;
}
static public function checkVar($data, $type, $options1 = '', $options2 = '') {
$valid_types = array('url', 'email', 'ip', 'str', 'int', 'special', 'html', 'text');
if (!in_array($type, $valid_types)) {
return false;
} else {
switch ($type) {
case 'url':
$valid_options1 = array('scheme', 'path', 'host', 'query');
$valid_options2 = array(0, 1);
if (!isset($options1) || $options1 == '' || !in_array($options1, $valid_options1)) {
$options1 = '';
}
if (!isset($options2) || $options2 == '' || !in_array($options2, $valid_options2)) {
$options2 = 0;
} else {
$options2 = 1;
}
break;
case 'email':
$valid_options1 = array(0, 1);
$valid_options2 = array(0, 1);
if (!isset($options1) || $options1 == '' || !in_array($options1, $valid_options1)) {
$options1 = 0;
} else {
$options1 = 1;
}
if (!isset($options2) || $options2 == '' || !in_array($options2, $valid_options2)) {
$options2 = 0;
} else {
$options2 = 1;
}
break;
case 'ip':
$valid_options1 = array('ipv4', 'ipv6', 'rfc', 'res');
$options2 = '';
if (!isset($options1) || $options1 == '' || !in_array($options1, $valid_options1)) {
$options1 = 'ipv4';
}
break;
case 'str':
$valid_options1 = array('noencode', 'striplow', 'striphigh', 'encodelow', 'encodehigh', 'encodeamp');
$options2 = '';
if (!isset($options1) || $options1 == '' || !in_array($options1, $valid_options1)) {
$options1 = '';
}
break;
case 'special':
$valid_options1 = array('striplow', 'striphigh', 'encodehigh');
$options2 = '';
if (!isset($options1) || $options1 == '' || !in_array($options1, $valid_options1)) {
$options1 = '';
}
break;
case 'int':
if (!is_int($options1) || !is_int($options2)) {
$options1 = '';
$options2 = '';
} else {
$options1 = (int) $options1;
$options2 = (int) $options2;
}
break;
case 'html':
$valid_options1 = array('input', 'output', 'print', 'edit');
$options2 = '';
if (!isset($options1) || $options1 == '' || !in_array($options1, $valid_options1)) {
$options1 = 'input';
}
break;
case 'text':
$valid_options1 = array('input', 'output', 'print');
$options2 = '';
if (!isset($options1) || $options1 == '' || !in_array($options1, $valid_options1)) {
$options1 = 'input';
}
break;
}
}
return self::priv_checkVar($data, $type, $options1, $options2);
}
static public function checkVarArray(array $input, array $filters, $strict = true) {
foreach (array_intersect_key($input, $filters) as $key => $value) {
$options[0] = $options[1] = '';
if (array_key_exists('options', $filters) && isset($filters[$key]['options'][0])) {
$options[0] = $filters[$key]['options'][0];
}
if (array_key_exists('options', $filters) && isset($filters[$key]['options'][1])) {
$options[1] = $filters[$key]['options'][1];
}
if (is_array($filters[$key])) {
$filter = $filters[$key][0];
} else {
$filter = $filters[$key];
}
if (is_array($input[$key])) {
$inner_filter = array_fill_keys(array_keys($input[$key]), $filter);
$output[$key] = self::checkVarArray($input[$key], $inner_filter, true);
} else {
$output[$key] = self::checkVar($input[$key], $filter, $options[0], $options[1]);
}
}
if (!$strict) {
foreach ($diff = array_diff_key($input, $filters) as $key => $value) {
if (is_array($diff[$key])) {
$output[$key] = self::checkVarArray($diff[$key], array($key => 'str'), false);
} else {
$output[$key] = self::checkVar($diff[$key], 'str');
}
}
}
return $output;
}
static public function filterTextareaInput($text) {
icms::$preload->triggerEvent('beforeFilterTextareaInput', array(&$text));
$text = self::htmlSpecialChars(strip_tags($text));
icms::$preload->triggerEvent('afterFilterTextareaInput', array(&$text));
return $text;
}
static public function filterTextareaDisplay($text, $smiley = 1, $icode = 1, $image = 1, $br = 1) {
icms::$preload->triggerEvent('beforeFilterTextareaDisplay', array(&$text, $smiley, $icode, $image, $br));
$text = str_replace('<!-- input filtered -->', '', $text);
$text = str_replace('<!-- filtered with htmlpurifier -->', '', $text);
$text = self::htmlSpecialChars($text);
$text = self::codePreConv($text, $icode);
$text = self::makeClickable($text);
if ($smiley != 0) {
$text = self::smiley($text);
}
if ($icode != 0) {
if ($image != 0) {
$text = self::codeDecode($text);
} else {
$text = self::codeDecode($text, 0);
}
}
if ($br !== 0) {
$text = self::nl2Br($text);
}
$text = self::codeConv($text, $icode, $image);
icms::$preload->triggerEvent('afterFilterTextareaDisplay', array(&$text, $smiley, $icode, $image, $br));
return $text;
}
static public function filterHTMLinput($html, $smiley = 1, $icode = 1, $image = 1, $br = 0) {
icms::$preload->triggerEvent('beforeFilterHTMLinput', array(&$html, 1, 1, 1, $br));
$html = str_replace('<!-- input filtered -->', '', $html);
$html = self::codePreConv($html, 1);
$html = self::smiley($html);
$html = self::codeDecode($html);
$html = self::codeConv($html, 1, 1);
$html = icms_core_HTMLFilter::filterHTML($html);
$purified = strpos($html, '<!-- filtered with htmlpurifier -->');
if ($purified === false && $br == 1) {
$html = self::nl2Br($html);
}
$html .= '<!-- input filtered -->';
icms::$preload->triggerEvent('afterFilterHTMLinput', array(&$html, 1, 1, 1, $br));
return $html;
}
static public function filterHTMLdisplay($html, $icode = 1, $br = 0) {
global $icmsConfig;
icms::$preload->triggerEvent('beforeFilterHTMLdisplay', array(&$html, 1, $br));
$ifiltered = strpos($html, '<!-- input filtered -->');
if ($ifiltered === false) {
$html = self::codePreConv($html, 1);
$html = self::smiley($html);
$html = self::codeDecode($html);
$html = self::codeConv($html, 1, 1);
$html = icms_core_HTMLFilter::filterHTML($html);
$purified = strpos($html, '<!-- filtered with htmlpurifier -->');
if ($purified === false || $br == 1) {
$html = self::nl2Br($html);
}
}
if ($icmsConfig['debug_mode'] !== 0) {
$purified = strpos($html, '<!-- filtered with htmlpurifier -->');
if ($ifiltered === false) {
if ($purified === false) {
icms::$logger->addFilter(self::icms_substr($html, 0, 400), 3);
} else {
$html = str_replace('<!-- filtered with htmlpurifier -->', '', $html);
icms::$logger->addFilter(self::icms_substr($html, 0, 400), 4);
}
} else {
$html = str_replace('<!-- input filtered -->', '', $html);
if ($purified === false) {
icms::$logger->addFilter(self::icms_substr($html, 0, 400), 1);
} else {
$html = str_replace('<!-- filtered with htmlpurifier -->', '', $html);
icms::$logger->addFilter(self::icms_substr($html, 0, 400), 2);
}
}
} else {
$html = str_replace('<!-- input filtered -->', '', $html);
$html = str_replace('<!-- filtered with htmlpurifier -->', '', $html);
}
$html = self::makeClickable($html);
$html = self::censorString($html);
icms::$preload->triggerEvent('afterFilterHTMLdisplay', array(&$html, 1, $br));
return $html;
}
static public function codeDecode(&$text, $allowimage = 1) {
$patterns = array();
$replacements = array();
$patterns[] = "/\[siteurl=(['\"]?)([^\"'<>]*)\\1](.*)\[\/siteurl\]/sU";
$replacements[] = '<a href="' . ICMS_URL . '/\\2">\\3</a>';
$patterns[] = "/\[url=(['\"]?)(http[s]?:\/\/[^\"'<>]*)\\1](.*)\[\/url\]/sU";
$replacements[] = '<a href="\\2" rel="external">\\3</a>';
$patterns[] = "/\[url=(['\"]?)(ftp?:\/\/[^\"'<>]*)\\1](.*)\[\/url\]/sU";
$replacements[] = '<a href="\\2" rel="external">\\3</a>';
$patterns[] = "/\[url=(['\"]?)([^\"'<>]*)\\1](.*)\[\/url\]/sU";
$replacements[] = '<a href="http://\\2" rel="external">\\3</a>';
$patterns[] = "/\[color=(['\"]?)([a-zA-Z0-9]*)\\1](.*)\[\/color\]/sU";
$replacements[] = '<span style="color: #\\2;">\\3</span>';
$patterns[] = "/\[size=(['\"]?)([a-z0-9-]*)\\1](.*)\[\/size\]/sU";
$replacements[] = '<span style="font-size: \\2;">\\3</span>';
$patterns[] = "/\[font=(['\"]?)([^;<>\*\(\)\"']*)\\1](.*)\[\/font\]/sU";
$replacements[] = '<span style="font-family: \\2;">\\3</span>';
$patterns[] = "/\[email]([^;<>\*\(\)\"']*)\[\/email\]/sU";
$replacements[] = '<a href="mailto:\\1">\\1</a>';
$patterns[] = "/\[b](.*)\[\/b\]/sU";
$replacements[] = '<strong>\\1</strong>';
$patterns[] = "/\[i](.*)\[\/i\]/sU";
$replacements[] = '<em>\\1</em>';
$patterns[] = "/\[u](.*)\[\/u\]/sU";
$replacements[] = '<u>\\1</u>';
$patterns[] = "/\[d](.*)\[\/d\]/sU";
$replacements[] = '<del>\\1</del>';
$patterns[] = "/\[center](.*)\[\/center\]/sU";
$replacements[] = '<div align="center">\\1</div>';
$patterns[] = "/\[left](.*)\[\/left\]/sU";
$replacements[] = '<div align="left">\\1</div>';
$patterns[] = "/\[right](.*)\[\/right\]/sU";
$replacements[] = '<div align="right">\\1</div>';
$patterns[] = "/\[img align=center](.*)\[\/img\]/sU";
if ($allowimage != 1) {
$replacements[] = '<div style="margin: 0 auto; text-align: center;"><a href="\\1" rel="external">\\1</a></div>';
} else {
$replacements[] = '<div style="margin: 0 auto; text-align: center;"><img src="\\1" alt="" /></div>';
}
$patterns[] = "/\[img align=(['\"]?)(left|right)\\1]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
$patterns[] = "/\[img]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
$patterns[] = "/\[img align=(['\"]?)(left|right)\\1 id=(['\"]?)([0-9]*)\\3]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
$patterns[] = "/\[img id=(['\"]?)([0-9]*)\\1]([^\"\(\)\?\&'<>]*)\[\/img\]/sU";
if ($allowimage != 1) {
$replacements[] = '<a href="\\3" rel="external">\\3</a>';
$replacements[] = '<a href="\\1" rel="external">\\1</a>';
$replacements[] = '<a href="' . ICMS_URL . '/image.php?id=\\4" rel="external">\\5</a>';
$replacements[] = '<a href="' . ICMS_URL . '/image.php?id=\\2" rel="external">\\3</a>';
} else {
$replacements[] = '<img src="\\3" align="\\2" alt="" />';
$replacements[] = '<img src="\\1" alt="" />';
$replacements[] = '<img src="' . ICMS_URL . '/image.php?id=\\4" align="\\2" alt="\\5" />';
$replacements[] = '<img src="' . ICMS_URL . '/image.php?id=\\2" alt="\\3" />';
}
$patterns[] = "/\[quote]/sU";
$replacements[] = _QUOTEC . '<div class="icmsQuote"><blockquote><p>';
$patterns[] = "/\[\/quote]/sU";
$replacements[] = '</p></blockquote></div>';
$text = str_replace("\x00", "", $text);
$c = "[\x01-\x1f]*";
$patterns[] = "/j{$c}a{$c}v{$c}a{$c}s{$c}c{$c}r{$c}i{$c}p{$c}t{$c}:/si";
$replacements[] = "(script removed)";
$patterns[] = "/a{$c}b{$c}o{$c}u{$c}t{$c}:/si";
$replacements[] = "about :";
$text = preg_replace($patterns, $replacements, $text);
$text = self::codeDecode_extended($text);
return $text;
}
static public function makeClickable($text) {
global $icmsConfigPersona;
$text = ' ' . $text;
$patterns = array("/(^|[^]_a-z0-9-=\"'\/])([a-z]+?):\/\/([^, \r\n\"\(\)'<>]+)/i", "/(^|[^]_a-z0-9-=\"'\/])www\.([a-z0-9\-]+)\.([^, \r\n\"\(\)'<>]+)/i", "/(^|[^]_a-z0-9-=\"'\/])ftp\.([a-z0-9\-]+)\.([^,\r\n\"\(\)'<>]+)/i"
);
$replacements = array("\\1<a href=\"\\2://\\3\" rel=\"external\">\\2://\\3</a>", "\\1<a href=\"http://www.\\2.\\3\" rel=\"external\">www.\\2.\\3</a>", "\\1<a href=\"ftp://ftp.\\2.\\3\" rel=\"external\">ftp.\\2.\\3</a>"
);
$text = preg_replace($patterns, $replacements, $text);
if ($icmsConfigPersona['shorten_url'] == 1) {
$links = explode('<a', $text);
$countlinks = count($links);
for ($i = 0; $i < $countlinks; $i++ ) {
$link = $links[$i];
$link = (preg_match('#(.*)(href=")#is', $link)) ? '<a' . $link : $link;
$begin = strpos($link, '>') + 1;
$end = strpos($link, '<', $begin);
$length = $end - $begin;
$urlname = substr($link, $begin, $length);
$maxlength = (int) ($icmsConfigPersona['max_url_long']);
$cutlength = (int) ($icmsConfigPersona['pre_chars_left']);
$endlength = -(int) ($icmsConfigPersona['last_chars_left']);
$middleurl = " ... ";
$chunked = (strlen($urlname) > $maxlength && preg_match('#^(https://|http://|ftp://|www\.)#is', $urlname)) ? substr_replace($urlname, $middleurl, $cutlength, $endlength) : $urlname;
$text = str_replace('>' . $urlname . '<', '>' . $chunked . '<', $text);
}
}
$text = substr($text, 1);
return $text;
}
static public function smiley($message) {
return self::priv_smiley($message);
}
static public function getSmileys($all = false) {
return self::priv_getSmileys($all);
}
static public function censorString(&$text) {
$icmsConfigCensor = icms::$config->getConfigsByCat(ICMS_CONF_CENSOR);
if ($icmsConfigCensor['censor_enable'] == true) {
$replacement = $icmsConfigCensor['censor_replace'];
if (!empty($icmsConfigCensor['censor_words'])) {
foreach ($icmsConfigCensor['censor_words'] as $bad) {
if (!empty($bad)) {
$bad = quotemeta($bad);
$patterns[] = "/(\s)" . $bad . "/siU";
$replacements[] = "\\1" . $replacement;
$patterns[] = "/^" . $bad . "/siU";
$replacements[] = $replacement;
$patterns[] = "/(\n)" . $bad . "/siU";
$replacements[] = "\\1" . $replacement;
$patterns[] = "/]" . $bad . "/siU";
$replacements[] = "]" . $replacement;
$text = preg_replace($patterns, $replacements, $text);
}
}
}
}
return $text;
}
static public function codePreConv($text, $imcode = 1) {
if ($imcode != 0) {
$patterns = "/\[code](.*)\[\/code\]/sU";
$text = preg_replace_callback($patterns, function ($match) {
return '[code]' . base64_encode($match[1]) . '[/code]';
}, $text);
}
return $text;
}
static public function codeConv($text, $imcode = 1, $image = 1) {
if ($imcode != 0) {
$patterns = "/\[code](.*)\[\/code\]/sU";
$text = preg_replace_callback($patterns, function ($matches) use ($image) {
$code = icms_core_DataFilter::codeSanitizer($matches[1], ($image != 0) ? 1 : 0);
return '<div class="icmsCode">' . $code . '</div>';
}, $text);
}
return $text;
}
static public function codeSanitizer($str, $image = 1) {
$str = self::htmlSpecialChars(str_replace('\"', '"', base64_decode($str)));
$str = self::codeDecode($str, $image);
return $str;
}
static public function codeDecode_extended($text, $allowimage = 1) {
global $icmsConfigPlugins;
if (!empty($icmsConfigPlugins['sanitizer_plugins'])) {
foreach ($icmsConfigPlugins['sanitizer_plugins'] as $item) {
$text = self::executeExtension($item, $text);
}
}
return $text;
}
static public function loadExtension($name) {
if (empty($name) || !include_once ICMS_PLUGINS_PATH . "/textsanitizer/{$name}/{$name}.php") {
return false;
}
}
static public function executeExtension($name, $text) {
self::loadExtension($name);
$func = "textsanitizer_{$name}";
if (!function_exists($func)) {
return $text;
}
$args = array_slice(func_get_args(), 1);
return call_user_func_array($func, $args);
}
static public function textsanitizer_syntaxhighlight(&$text) {
global $icmsConfigPlugins;
if ($icmsConfigPlugins['code_sanitizer'] == 'php') {
$text = self::undoHtmlSpecialChars($text);
$text = self::textsanitizer_php_highlight($text);
} elseif ($icmsConfigPlugins['code_sanitizer'] == 'geshi') {
$text = self::undoHtmlSpecialChars($text);
$text = '<code>' . self::textsanitizer_geshi_highlight($text) . '</code>';
} else {
$text = '<pre><code>' . $text . '</code></pre>';
}
return $text;
}
static public function textsanitizer_php_highlight($text) {
$text = trim($text);
$addedtag_open = 0;
if (!strpos($text, '<?php') and (substr($text, 0, 5) != '<?php')) {
$text = "<?php\n" . $text;
$addedtag_open = 1;
}
$addedtag_close = 0;
if (!strpos($text, '?>')) {
$text .= '?>';
$addedtag_close = 1;
}
$oldlevel = error_reporting(0);
$buffer = highlight_string($text, true);
error_reporting($oldlevel);
$pos_open = $pos_close = 0;
if ($addedtag_open) {
$pos_open = strpos($buffer, '<?php');
}
if ($addedtag_close) {
$pos_close = strrpos($buffer, '?>');
}
$str_open = ($addedtag_open) ? substr($buffer, 0, $pos_open) : '';
$str_close = ($pos_close) ? substr($buffer, $pos_close + 5) : '';
$length_open = ($addedtag_open) ? $pos_open + 8 : 0;
$length_text = ($pos_close) ? $pos_close - $length_open : 0;
$str_internal = ($length_text) ? substr($buffer, $length_open, $length_text) : substr($buffer, $length_open);
$buffer = $str_open . $str_internal . $str_close;
return $buffer;
}
static public function textsanitizer_geshi_highlight($text) {
global $icmsConfigPlugins;
if (!@include_once ICMS_LIBRARIES_PATH . '/geshi/geshi.php') return false;
$language = str_replace('.php', '', $icmsConfigPlugins['geshi_default']);
$geshi = new GeSHi($text, $language);
$geshi->set_header_type(GESHI_HEADER_NONE);
$geshi->set_encoding(_CHARSET);
$geshi->set_link_target('_blank');
$code = $geshi->parse_code();
return $code;
}
static public function icms_trim($text) {
if (function_exists('xoops_language_trim')) {
return xoops_language_trim($text);
}
return trim($text);
}
static public function utf8_strrev($str, $reverse = false) {
preg_match_all('/./us', $str, $ar);
if ($reverse) {
return join('', array_reverse($ar[0]));
} else {
$temp = array();
foreach ($ar[0] as $value) {
if (is_numeric($value) && !empty($temp[0]) && is_numeric($temp[0])) {
foreach ($temp as $key => $value2) {
if (is_numeric($value2)) {
$pos = ($key + 1);
} else {
break;
}
$temp2 = array_splice($temp, $pos);
$temp = array_merge($temp, array($value), $temp2);
}
} else {
array_unshift($temp, $value);
}
}
return implode('', $temp);
}
}
static public function icms_substr($str, $start, $length, $trimmarker = '...') {
global $icmsConfigMultilang;
if ($icmsConfigMultilang['ml_enable']) {
$tags = explode(',', $icmsConfigMultilang['ml_tags']);
$strs = array();
$hasML = false;
foreach ($tags as $tag) {
if (preg_match("/\[" . $tag . "](.*)\[\/" . $tag . "\]/sU", $str, $matches)) {
if (count($matches) > 0) {
$hasML = true;
$strs[] = $matches[1];
}
}
}
} else {
$hasML = false;
}
if (!$hasML) {
$strs = array($str);
}
for ($i = 0; $i <= count($strs) - 1; $i++ ) {
if (!XOOPS_USE_MULTIBYTES) {
$strs[$i] = (strlen($strs[$i]) - $start <= $length) ? substr($strs[$i], $start, $length) : substr($strs[$i], $start, $length - strlen($trimmarker)) . $trimmarker;
}
if (function_exists('mb_internal_encoding') && @mb_internal_encoding(_CHARSET)) {
$str2 = mb_strcut($strs[$i], $start, $length - strlen($trimmarker));
$strs[$i] = $str2 . (mb_strlen($strs[$i]) != mb_strlen($str2) ? $trimmarker : '');
}
$DEP_CHAR = 127;
$pos_st = 0;
$action = false;
for ($pos_i = 0; $pos_i < strlen($strs[$i]); $pos_i++ ) {
if (ord(substr($strs[$i], $pos_i, 1)) > 127) {
$pos_i++ ;
}
if ($pos_i <= $start) {
$pos_st = $pos_i;
}
if ($pos_i >= $pos_st + $length) {
$action = true;
break;
}
}
$strs[$i] = ($action) ? substr($strs[$i], $pos_st, $pos_i - $pos_st - strlen($trimmarker)) . $trimmarker : $strs[$i];
$strs[$i] = ($hasML) ? '[' . $tags[$i] . ']' . $strs[$i] . '[/' . $tags[$i] . ']' : $strs[$i];
}
$str = implode('', $strs);
return $str;
}
static private function priv_checkVar($data, $type, $options1, $options2) {
switch ($type) {
case "url":
$data = filter_var($data, FILTER_SANITIZE_URL);
switch ($options1) {
case "scheme":
$valid = filter_var($data, FILTER_VALIDATE_URL);
break;
case "host":
$valid = filter_var($data, FILTER_VALIDATE_URL);
break;
case "path":
$valid = filter_var($data, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED);
break;
case "query":
$valid = filter_var($data, FILTER_VALIDATE_URL, FILTER_FLAG_QUERY_REQUIRED);
break;
default:
$valid = filter_var($data, FILTER_VALIDATE_URL);
break;
}
if ($valid) {
if (isset($options2) && $options2 == 1) {
return filter_var($data, FILTER_SANITIZE_ENCODED);
}
return $data;
}
return false;
break;
case "email":
global $icmsConfigUser;
$data = filter_var($data, FILTER_SANITIZE_EMAIL);
if (filter_var($data, FILTER_VALIDATE_EMAIL)) {
if ($options2 == 1 && is_array($icmsConfigUser['bad_emails'])) {
foreach ($icmsConfigUser['bad_emails'] as $be) {
if ((!empty($be) && preg_match('/' . $be . '/i', $data))) return false;
}
$icmsStopSpammers = new icms_core_StopSpammer();
if ($icmsStopSpammers->badEmail($data)) return false;
}
} else {
return false;
}
if ($options1 == 1) {
$data = str_replace('@', ' at ', $data);
$data = str_replace('.', ' dot ', $data);
}
return $data;
break;
case "ip":
switch ($options1) {
case "ipv4":
return filter_var($data, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4);
break;
case "ipv6":
return filter_var($data, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6);
break;
case "rfc":
return filter_var($data, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE);
break;
case "res":
return filter_var($data, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE);
break;
default:
return filter_var($data, FILTER_VALIDATE_IP);
break;
}
break;
case 'str':
switch ($options1) {
case "noencode":
return htmlspecialchars(strip_tags($data), ENT_NOQUOTES);
break;
case "striplow":
return filter_var(strip_tags($data), FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_LOW);
break;
case "striphigh":
return filter_var(strip_tags($data), FILTER_UNSAFE_RAW, FILTER_FLAG_STRIP_HIGH);
break;
case "encodelow":
return filter_var(strip_tags($data), FILTER_UNSAFE_RAW, FILTER_FLAG_ENCODE_LOW);
break;
case "encodehigh":
return filter_var(strip_tags($data), FILTER_UNSAFE_RAW, FILTER_FLAG_ENCODE_HIGH);
break;
case "encodeamp":
return filter_var(strip_tags($data), FILTER_UNSAFE_RAW, FILTER_FLAG_ENCODE_AMP);
break;
default:
return htmlspecialchars(strip_tags($data), ENT_NOQUOTES);
break;
}
break;
case "int":
if ((isset($options1) && is_int($options1)) && (isset($options2) && is_int($options2))) {
$option = array('options' => array('min_range' => $options1, 'max_range' => $options2));
return filter_var($data, FILTER_VALIDATE_INT, $option);
} else {
return filter_var($data, FILTER_VALIDATE_INT);
}
break;
case "special":
switch ($options1) {
case "striplow":
return filter_var($data, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_STRIP_LOW);
break;
case "striphigh":
return filter_var($data, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_STRIP_HIGH);
break;
case "encodehigh":
return filter_var($data, FILTER_SANITIZE_SPECIAL_CHARS, FILTER_FLAG_ENCODE_HIGH);
break;
default:
return filter_var($data, FILTER_SANITIZE_SPECIAL_CHARS);
break;
}
break;
case "html":
switch ($options1) {
case 'input':
default:
return self::filterHTMLinput($data);
break;
case 'output':
return self::filterHTMLdisplay($data);
break;
case 'edit':
$filtered = strpos($data, '<!-- input filtered -->');
if ($filtered !== false) {
$data = str_replace('<!-- input filtered -->', '', $data);
$data = str_replace('<!-- filtered with htmlpurifier -->', '', $data);
}
return htmlspecialchars($data, ENT_QUOTES, _CHARSET, false);
break;
case 'print':
break;
}
break;
case "text":
switch ($options1) {
case 'input':
default:
return self::filterTextareaInput($data);
break;
case 'output':
return self::filterTextareaDisplay($data);
break;
case 'print':
break;
}
break;
}
}
static private function priv_smiley($message) {
$smileys = self::priv_getSmileys(true);
foreach ($smileys as $smile) {
$message = str_replace($smile['code'], '<img src="' . ICMS_UPLOAD_URL . '/' . htmlspecialchars($smile['smile_url']) . '" alt="" />', $message);
}
return $message;
}
static private function priv_getSmileys($all = false) {
if (count(self::$allSmileys) == 0) {
if ($result = icms::$xoopsDB->query("SELECT * FROM " . icms::$xoopsDB->prefix('smiles'))) {
while ($smiley = icms::$xoopsDB->fetchArray($result)) {
if ($smiley['display']) {
array_push(self::$displaySmileys, $smiley);
}
array_push(self::$allSmileys, $smiley);
}
}
}
return $all ? self::$allSmileys : self::$displaySmileys;
}
}