[ Index ] |
PHP Cross Reference of phpBB-3.3.2-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 /** 15 * @ignore 16 */ 17 if (!defined('IN_PHPBB')) 18 { 19 exit; 20 } 21 22 class acp_bbcodes 23 { 24 var $u_action; 25 26 function main($id, $mode) 27 { 28 global $db, $user, $template, $cache, $request, $phpbb_dispatcher, $phpbb_container; 29 global $phpbb_log; 30 31 $user->add_lang('acp/posting'); 32 33 // Set up general vars 34 $action = $request->variable('action', ''); 35 $bbcode_id = $request->variable('bbcode', 0); 36 37 $this->tpl_name = 'acp_bbcodes'; 38 $this->page_title = 'ACP_BBCODES'; 39 $form_key = 'acp_bbcodes'; 40 41 add_form_key($form_key); 42 43 // Set up mode-specific vars 44 switch ($action) 45 { 46 case 'add': 47 $bbcode_match = $bbcode_tpl = $bbcode_helpline = ''; 48 $display_on_posting = 0; 49 break; 50 51 case 'edit': 52 $sql = 'SELECT bbcode_match, bbcode_tpl, display_on_posting, bbcode_helpline 53 FROM ' . BBCODES_TABLE . ' 54 WHERE bbcode_id = ' . $bbcode_id; 55 $result = $db->sql_query($sql); 56 $row = $db->sql_fetchrow($result); 57 $db->sql_freeresult($result); 58 59 if (!$row) 60 { 61 trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); 62 } 63 64 $bbcode_match = $row['bbcode_match']; 65 $bbcode_tpl = htmlspecialchars($row['bbcode_tpl']); 66 $display_on_posting = $row['display_on_posting']; 67 $bbcode_helpline = $row['bbcode_helpline']; 68 break; 69 70 case 'modify': 71 $sql = 'SELECT bbcode_id, bbcode_tag 72 FROM ' . BBCODES_TABLE . ' 73 WHERE bbcode_id = ' . $bbcode_id; 74 $result = $db->sql_query($sql); 75 $row = $db->sql_fetchrow($result); 76 $db->sql_freeresult($result); 77 78 if (!$row) 79 { 80 trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); 81 } 82 83 // No break here 84 85 case 'create': 86 $display_on_posting = $request->variable('display_on_posting', 0); 87 88 $bbcode_match = $request->variable('bbcode_match', ''); 89 $bbcode_tpl = htmlspecialchars_decode($request->variable('bbcode_tpl', '', true)); 90 $bbcode_helpline = $request->variable('bbcode_helpline', '', true); 91 break; 92 } 93 94 // Do major work 95 switch ($action) 96 { 97 case 'edit': 98 case 'add': 99 100 $tpl_ary = array( 101 'S_EDIT_BBCODE' => true, 102 'U_BACK' => $this->u_action, 103 'U_ACTION' => $this->u_action . '&action=' . (($action == 'add') ? 'create' : 'modify') . (($bbcode_id) ? "&bbcode=$bbcode_id" : ''), 104 105 'L_BBCODE_USAGE_EXPLAIN'=> sprintf($user->lang['BBCODE_USAGE_EXPLAIN'], '<a href="#down">', '</a>'), 106 'BBCODE_MATCH' => $bbcode_match, 107 'BBCODE_TPL' => $bbcode_tpl, 108 'BBCODE_HELPLINE' => $bbcode_helpline, 109 'DISPLAY_ON_POSTING' => $display_on_posting, 110 ); 111 112 $bbcode_tokens = array('TEXT', 'SIMPLETEXT', 'INTTEXT', 'IDENTIFIER', 'NUMBER', 'EMAIL', 'URL', 'LOCAL_URL', 'RELATIVE_URL', 'COLOR'); 113 114 /** 115 * Modify custom bbcode template data before we display the add/edit form 116 * 117 * @event core.acp_bbcodes_edit_add 118 * @var string action Type of the action: add|edit 119 * @var array tpl_ary Array with custom bbcode add/edit data 120 * @var int bbcode_id When editing: the bbcode id, 121 * when creating: 0 122 * @var array bbcode_tokens Array of bbcode tokens 123 * @since 3.1.0-a3 124 */ 125 $vars = array('action', 'tpl_ary', 'bbcode_id', 'bbcode_tokens'); 126 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_edit_add', compact($vars))); 127 128 $template->assign_vars($tpl_ary); 129 130 foreach ($bbcode_tokens as $token) 131 { 132 $template->assign_block_vars('token', array( 133 'TOKEN' => '{' . $token . '}', 134 'EXPLAIN' => ($token === 'LOCAL_URL') ? $user->lang(array('tokens', $token), generate_board_url() . '/') : $user->lang(array('tokens', $token)), 135 )); 136 } 137 138 return; 139 140 break; 141 142 case 'modify': 143 case 'create': 144 145 $sql_ary = $hidden_fields = array(); 146 147 /** 148 * Modify custom bbcode data before the modify/create action 149 * 150 * @event core.acp_bbcodes_modify_create 151 * @var string action Type of the action: modify|create 152 * @var array sql_ary Array with new bbcode data 153 * @var int bbcode_id When editing: the bbcode id, 154 * when creating: 0 155 * @var bool display_on_posting Display bbcode on posting form 156 * @var string bbcode_match The bbcode usage string to match 157 * @var string bbcode_tpl The bbcode HTML replacement string 158 * @var string bbcode_helpline The bbcode help line string 159 * @var array hidden_fields Array of hidden fields for use when 160 * submitting form when $warn_unsafe is true 161 * @since 3.1.0-a3 162 */ 163 $vars = array( 164 'action', 165 'sql_ary', 166 'bbcode_id', 167 'display_on_posting', 168 'bbcode_match', 169 'bbcode_tpl', 170 'bbcode_helpline', 171 'hidden_fields', 172 ); 173 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_modify_create', compact($vars))); 174 175 $acp_utils = $phpbb_container->get('text_formatter.acp_utils'); 176 $bbcode_info = $acp_utils->analyse_bbcode($bbcode_match, $bbcode_tpl); 177 $warn_unsafe = ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_UNSAFE); 178 179 if ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_INVALID_TEMPLATE) 180 { 181 trigger_error($user->lang['BBCODE_INVALID_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING); 182 } 183 if ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_INVALID_DEFINITION) 184 { 185 trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 186 } 187 188 if (!$warn_unsafe && !check_form_key($form_key)) 189 { 190 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 191 } 192 193 if (!$warn_unsafe || confirm_box(true)) 194 { 195 $data = $this->build_regexp($bbcode_match, $bbcode_tpl); 196 197 // Make sure the user didn't pick a "bad" name for the BBCode tag. 198 $hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash='); 199 200 if (($action == 'modify' && strtolower($data['bbcode_tag']) !== strtolower($row['bbcode_tag'])) || ($action == 'create')) 201 { 202 $sql = 'SELECT 1 as test 203 FROM ' . BBCODES_TABLE . " 204 WHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'"; 205 $result = $db->sql_query($sql); 206 $info = $db->sql_fetchrow($result); 207 $db->sql_freeresult($result); 208 209 // Grab the end, interrogate the last closing tag 210 if (isset($info['test']) && $info['test'] === '1' 211 || in_array(strtolower($data['bbcode_tag']), $hard_coded) 212 || (preg_match('#\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded)) 213 ) 214 { 215 trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING); 216 } 217 } 218 219 if (substr($data['bbcode_tag'], -1) === '=') 220 { 221 $test = substr($data['bbcode_tag'], 0, -1); 222 } 223 else 224 { 225 $test = $data['bbcode_tag']; 226 } 227 228 if (strlen($data['bbcode_tag']) > 16) 229 { 230 trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); 231 } 232 233 if (strlen($bbcode_match) > 4000) 234 { 235 trigger_error($user->lang['BBCODE_TAG_DEF_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); 236 } 237 238 if (strlen($bbcode_helpline) > 255) 239 { 240 trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); 241 } 242 243 /** 244 * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. 245 * Using their Numeric Character Reference's Hexadecimal notation. 246 */ 247 $bbcode_helpline = utf8_encode_ucr($bbcode_helpline); 248 249 $sql_ary = array_merge($sql_ary, array( 250 'bbcode_tag' => $data['bbcode_tag'], 251 'bbcode_match' => $bbcode_match, 252 'bbcode_tpl' => $bbcode_tpl, 253 'display_on_posting' => $display_on_posting, 254 'bbcode_helpline' => $bbcode_helpline, 255 'first_pass_match' => $data['first_pass_match'], 256 'first_pass_replace' => $data['first_pass_replace'], 257 'second_pass_match' => $data['second_pass_match'], 258 'second_pass_replace' => $data['second_pass_replace'] 259 )); 260 261 if ($action == 'create') 262 { 263 $sql = 'SELECT MAX(bbcode_id) as max_bbcode_id 264 FROM ' . BBCODES_TABLE; 265 $result = $db->sql_query($sql); 266 $row = $db->sql_fetchrow($result); 267 $db->sql_freeresult($result); 268 269 if ($row) 270 { 271 $bbcode_id = (int) $row['max_bbcode_id'] + 1; 272 273 // Make sure it is greater than the core bbcode ids... 274 if ($bbcode_id <= NUM_CORE_BBCODES) 275 { 276 $bbcode_id = NUM_CORE_BBCODES + 1; 277 } 278 } 279 else 280 { 281 $bbcode_id = NUM_CORE_BBCODES + 1; 282 } 283 284 if ($bbcode_id > BBCODE_LIMIT) 285 { 286 trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING); 287 } 288 289 $sql_ary['bbcode_id'] = (int) $bbcode_id; 290 291 $db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary)); 292 $cache->destroy('sql', BBCODES_TABLE); 293 $phpbb_container->get('text_formatter.cache')->invalidate(); 294 295 $lang = 'BBCODE_ADDED'; 296 $log_action = 'LOG_BBCODE_ADD'; 297 } 298 else 299 { 300 $sql = 'UPDATE ' . BBCODES_TABLE . ' 301 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' 302 WHERE bbcode_id = ' . $bbcode_id; 303 $db->sql_query($sql); 304 $cache->destroy('sql', BBCODES_TABLE); 305 $phpbb_container->get('text_formatter.cache')->invalidate(); 306 307 $lang = 'BBCODE_EDITED'; 308 $log_action = 'LOG_BBCODE_EDIT'; 309 } 310 311 $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log_action, false, array($data['bbcode_tag'])); 312 313 /** 314 * Event after a BBCode has been added or updated 315 * 316 * @event core.acp_bbcodes_modify_create_after 317 * @var string action Type of the action: modify|create 318 * @var int bbcode_id The id of the added or updated bbcode 319 * @var array sql_ary Array with bbcode data (read only) 320 * @since 3.2.4-RC1 321 */ 322 $vars = array( 323 'action', 324 'bbcode_id', 325 'sql_ary', 326 ); 327 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_modify_create_after', compact($vars))); 328 329 trigger_error($user->lang[$lang] . adm_back_link($this->u_action)); 330 } 331 else 332 { 333 confirm_box(false, $user->lang['BBCODE_DANGER'], build_hidden_fields(array_merge($hidden_fields, array( 334 'action' => $action, 335 'bbcode' => $bbcode_id, 336 'bbcode_match' => $bbcode_match, 337 'bbcode_tpl' => htmlspecialchars($bbcode_tpl), 338 'bbcode_helpline' => $bbcode_helpline, 339 'display_on_posting' => $display_on_posting, 340 ))) 341 , 'confirm_bbcode.html'); 342 } 343 344 break; 345 346 case 'delete': 347 348 $sql = 'SELECT bbcode_tag 349 FROM ' . BBCODES_TABLE . " 350 WHERE bbcode_id = $bbcode_id"; 351 $result = $db->sql_query($sql); 352 $row = $db->sql_fetchrow($result); 353 $db->sql_freeresult($result); 354 355 if ($row) 356 { 357 if (confirm_box(true)) 358 { 359 $bbcode_tag = $row['bbcode_tag']; 360 361 $db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = $bbcode_id"); 362 $cache->destroy('sql', BBCODES_TABLE); 363 $phpbb_container->get('text_formatter.cache')->invalidate(); 364 $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_BBCODE_DELETE', false, array($bbcode_tag)); 365 366 /** 367 * Event after a BBCode has been deleted 368 * 369 * @event core.acp_bbcodes_delete_after 370 * @var string action Type of the action: delete 371 * @var int bbcode_id The id of the deleted bbcode 372 * @var string bbcode_tag The tag of the deleted bbcode 373 * @since 3.2.4-RC1 374 */ 375 $vars = array( 376 'action', 377 'bbcode_id', 378 'bbcode_tag', 379 ); 380 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_delete_after', compact($vars))); 381 382 if ($request->is_ajax()) 383 { 384 $json_response = new \phpbb\json_response; 385 $json_response->send(array( 386 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 387 'MESSAGE_TEXT' => $user->lang['BBCODE_DELETED'], 388 'REFRESH_DATA' => array( 389 'time' => 3 390 ) 391 )); 392 } 393 } 394 else 395 { 396 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 397 'bbcode' => $bbcode_id, 398 'i' => $id, 399 'mode' => $mode, 400 'action' => $action)) 401 ); 402 } 403 } 404 405 break; 406 } 407 408 $u_action = $this->u_action; 409 410 $template_data = array( 411 'U_ACTION' => $this->u_action . '&action=add', 412 ); 413 414 $sql_ary = array( 415 'SELECT' => 'b.*', 416 'FROM' => array(BBCODES_TABLE => 'b'), 417 'ORDER_BY' => 'b.bbcode_tag', 418 ); 419 420 /** 421 * Modify custom bbcode template data before we display the form 422 * 423 * @event core.acp_bbcodes_display_form 424 * @var string action Type of the action: modify|create 425 * @var array sql_ary The SQL array to get custom bbcode data 426 * @var array template_data Array with form template data 427 * @var string u_action The u_action link 428 * @since 3.1.0-a3 429 */ 430 $vars = array('action', 'sql_ary', 'template_data', 'u_action'); 431 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_display_form', compact($vars))); 432 433 $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary)); 434 435 $template->assign_vars($template_data); 436 437 while ($row = $db->sql_fetchrow($result)) 438 { 439 $bbcodes_array = array( 440 'BBCODE_TAG' => $row['bbcode_tag'], 441 'U_EDIT' => $u_action . '&action=edit&bbcode=' . $row['bbcode_id'], 442 'U_DELETE' => $u_action . '&action=delete&bbcode=' . $row['bbcode_id'], 443 ); 444 445 /** 446 * Modify display of custom bbcodes in the form 447 * 448 * @event core.acp_bbcodes_display_bbcodes 449 * @var array row Array with current bbcode data 450 * @var array bbcodes_array Array of bbcodes template data 451 * @var string u_action The u_action link 452 * @since 3.1.0-a3 453 */ 454 $vars = array('bbcodes_array', 'row', 'u_action'); 455 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_display_bbcodes', compact($vars))); 456 457 $template->assign_block_vars('bbcodes', $bbcodes_array); 458 459 } 460 $db->sql_freeresult($result); 461 } 462 463 /* 464 * Build regular expression for custom bbcode 465 */ 466 function build_regexp(&$bbcode_match, &$bbcode_tpl) 467 { 468 $bbcode_match = trim($bbcode_match); 469 $bbcode_tag = preg_replace('/.*?\[([a-z0-9_-]+).*/i', '$1', $bbcode_match); 470 471 if (!preg_match('/^[a-zA-Z0-9_-]+$/', $bbcode_tag)) 472 { 473 global $user; 474 trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 475 } 476 477 return array( 478 'bbcode_tag' => $bbcode_tag, 479 'first_pass_match' => '/(?!)/', 480 'first_pass_replace' => '', 481 // Use a non-matching, valid regexp to effectively disable this BBCode 482 'second_pass_match' => '/(?!)/', 483 'second_pass_replace' => '' 484 ); 485 } 486 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Nov 11 20:28:18 2020 | Cross-referenced by PHPXref 0.7.1 |