| [ Index ] |
PHP Cross Reference of phpBB-3.3.14-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * 4 * This file is part of the phpBB Forum Software package. 5 * 6 * @copyright (c) phpBB Limited <https://www.phpbb.com> 7 * @license GNU General Public License, version 2 (GPL-2.0) 8 * 9 * For full copyright and license information, please see 10 * the docs/CREDITS.txt file. 11 * 12 */ 13 14 /** 15 * @ignore 16 */ 17 if (!defined('IN_PHPBB')) 18 { 19 exit; 20 } 21 22 class acp_bbcodes 23 { 24 var $u_action; 25 26 function main($id, $mode) 27 { 28 global $db, $user, $template, $cache, $request, $phpbb_dispatcher, $phpbb_container; 29 global $phpbb_log; 30 31 $user->add_lang('acp/posting'); 32 33 // Set up general vars 34 $action = $request->variable('action', ''); 35 $bbcode_id = $request->variable('bbcode', 0); 36 37 $this->tpl_name = 'acp_bbcodes'; 38 $this->page_title = 'ACP_BBCODES'; 39 $form_key = 'acp_bbcodes'; 40 41 add_form_key($form_key); 42 43 // Set up mode-specific vars 44 switch ($action) 45 { 46 case 'add': 47 $bbcode_match = $bbcode_tpl = $bbcode_helpline = ''; 48 $display_on_posting = 0; 49 break; 50 51 case 'edit': 52 $sql = 'SELECT bbcode_match, bbcode_tpl, display_on_posting, bbcode_helpline 53 FROM ' . BBCODES_TABLE . ' 54 WHERE bbcode_id = ' . $bbcode_id; 55 $result = $db->sql_query($sql); 56 $row = $db->sql_fetchrow($result); 57 $db->sql_freeresult($result); 58 59 if (!$row) 60 { 61 trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); 62 } 63 64 $bbcode_match = $row['bbcode_match']; 65 $bbcode_tpl = htmlspecialchars($row['bbcode_tpl'], ENT_COMPAT); 66 $display_on_posting = $row['display_on_posting']; 67 $bbcode_helpline = $row['bbcode_helpline']; 68 break; 69 70 case 'modify': 71 $sql = 'SELECT bbcode_id, bbcode_tag 72 FROM ' . BBCODES_TABLE . ' 73 WHERE bbcode_id = ' . $bbcode_id; 74 $result = $db->sql_query($sql); 75 $row = $db->sql_fetchrow($result); 76 $db->sql_freeresult($result); 77 78 if (!$row) 79 { 80 trigger_error($user->lang['BBCODE_NOT_EXIST'] . adm_back_link($this->u_action), E_USER_WARNING); 81 } 82 83 // No break here 84 85 case 'create': 86 $display_on_posting = $request->variable('display_on_posting', 0); 87 88 $bbcode_match = $request->variable('bbcode_match', ''); 89 $bbcode_tpl = html_entity_decode($request->variable('bbcode_tpl', '', true), ENT_COMPAT); 90 $bbcode_helpline = $request->variable('bbcode_helpline', '', true); 91 break; 92 } 93 94 // Do major work 95 switch ($action) 96 { 97 case 'edit': 98 case 'add': 99 100 $tpl_ary = array( 101 'S_EDIT_BBCODE' => true, 102 'U_BACK' => $this->u_action, 103 'U_ACTION' => $this->u_action . '&action=' . (($action == 'add') ? 'create' : 'modify') . (($bbcode_id) ? "&bbcode=$bbcode_id" : ''), 104 105 'L_BBCODE_USAGE_EXPLAIN'=> sprintf($user->lang['BBCODE_USAGE_EXPLAIN'], '<a href="#down">', '</a>'), 106 'BBCODE_MATCH' => $bbcode_match, 107 'BBCODE_TPL' => $bbcode_tpl, 108 'BBCODE_HELPLINE' => $bbcode_helpline, 109 'DISPLAY_ON_POSTING' => $display_on_posting, 110 ); 111 112 $bbcode_tokens = array('TEXT', 'SIMPLETEXT', 'INTTEXT', 'IDENTIFIER', 'NUMBER', 'EMAIL', 'URL', 'LOCAL_URL', 'RELATIVE_URL', 'COLOR'); 113 $bbcode_tokens = array_merge($bbcode_tokens, ['ALNUM', 'CHOICE', 'FLOAT', 'HASHMAP', 'INT', 'IP', 'IPPORT', 'IPV4', 'IPV6', 'MAP', 'RANGE', 'REGEXP', 'TIMESTAMP', 'UINT']); 114 115 /** 116 * Modify custom bbcode template data before we display the add/edit form 117 * 118 * @event core.acp_bbcodes_edit_add 119 * @var string action Type of the action: add|edit 120 * @var array tpl_ary Array with custom bbcode add/edit data 121 * @var int bbcode_id When editing: the bbcode id, 122 * when creating: 0 123 * @var array bbcode_tokens Array of bbcode tokens 124 * @since 3.1.0-a3 125 */ 126 $vars = array('action', 'tpl_ary', 'bbcode_id', 'bbcode_tokens'); 127 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_edit_add', compact($vars))); 128 129 $template->assign_vars($tpl_ary); 130 131 foreach ($bbcode_tokens as $token) 132 { 133 $template->assign_block_vars('token', array( 134 'TOKEN' => '{' . $token . '}', 135 'EXPLAIN' => ($token === 'LOCAL_URL') ? $user->lang(array('tokens', $token), generate_board_url() . '/') : $user->lang(array('tokens', $token)), 136 )); 137 } 138 139 return; 140 141 break; 142 143 case 'modify': 144 case 'create': 145 146 $sql_ary = $hidden_fields = array(); 147 148 /** 149 * Modify custom bbcode data before the modify/create action 150 * 151 * @event core.acp_bbcodes_modify_create 152 * @var string action Type of the action: modify|create 153 * @var array sql_ary Array with new bbcode data 154 * @var int bbcode_id When editing: the bbcode id, 155 * when creating: 0 156 * @var bool display_on_posting Display bbcode on posting form 157 * @var string bbcode_match The bbcode usage string to match 158 * @var string bbcode_tpl The bbcode HTML replacement string 159 * @var string bbcode_helpline The bbcode help line string 160 * @var array hidden_fields Array of hidden fields for use when 161 * submitting form when $warn_unsafe is true 162 * @since 3.1.0-a3 163 */ 164 $vars = array( 165 'action', 166 'sql_ary', 167 'bbcode_id', 168 'display_on_posting', 169 'bbcode_match', 170 'bbcode_tpl', 171 'bbcode_helpline', 172 'hidden_fields', 173 ); 174 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_modify_create', compact($vars))); 175 176 $acp_utils = $phpbb_container->get('text_formatter.acp_utils'); 177 $bbcode_info = $acp_utils->analyse_bbcode($bbcode_match, $bbcode_tpl); 178 $warn_unsafe = ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_UNSAFE); 179 180 if ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_INVALID_TEMPLATE) 181 { 182 trigger_error($user->lang['BBCODE_INVALID_TEMPLATE'] . adm_back_link($this->u_action), E_USER_WARNING); 183 } 184 if ($bbcode_info['status'] === $acp_utils::BBCODE_STATUS_INVALID_DEFINITION) 185 { 186 trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 187 } 188 189 if (!$warn_unsafe && !check_form_key($form_key)) 190 { 191 trigger_error($user->lang['FORM_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 192 } 193 194 if (!$warn_unsafe || confirm_box(true)) 195 { 196 $data = $this->build_regexp($bbcode_match, $bbcode_tpl); 197 198 // Make sure the user didn't pick a "bad" name for the BBCode tag. 199 $hard_coded = array('code', 'quote', 'quote=', 'attachment', 'attachment=', 'b', 'i', 'url', 'url=', 'img', 'size', 'size=', 'color', 'color=', 'u', 'list', 'list=', 'email', 'email=', 'flash', 'flash='); 200 201 if (($action == 'modify' && strtolower($data['bbcode_tag']) !== strtolower($row['bbcode_tag'])) || ($action == 'create')) 202 { 203 $sql = 'SELECT 1 as test 204 FROM ' . BBCODES_TABLE . " 205 WHERE LOWER(bbcode_tag) = '" . $db->sql_escape(strtolower($data['bbcode_tag'])) . "'"; 206 $result = $db->sql_query($sql); 207 $info = $db->sql_fetchrow($result); 208 $db->sql_freeresult($result); 209 210 // Grab the end, interrogate the last closing tag 211 if (isset($info['test']) && $info['test'] === '1' 212 || in_array(strtolower($data['bbcode_tag']), $hard_coded) 213 || (preg_match('#\[/([^[]*)]$#', $bbcode_match, $regs) && in_array(strtolower($regs[1]), $hard_coded)) 214 ) 215 { 216 trigger_error($user->lang['BBCODE_INVALID_TAG_NAME'] . adm_back_link($this->u_action), E_USER_WARNING); 217 } 218 } 219 220 if (substr($data['bbcode_tag'], -1) === '=') 221 { 222 $test = substr($data['bbcode_tag'], 0, -1); 223 } 224 else 225 { 226 $test = $data['bbcode_tag']; 227 } 228 229 if (strlen($data['bbcode_tag']) > 16) 230 { 231 trigger_error($user->lang['BBCODE_TAG_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); 232 } 233 234 if (strlen($bbcode_match) > 4000) 235 { 236 trigger_error($user->lang['BBCODE_TAG_DEF_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); 237 } 238 239 if (strlen($bbcode_helpline) > 3000) 240 { 241 trigger_error($user->lang['BBCODE_HELPLINE_TOO_LONG'] . adm_back_link($this->u_action), E_USER_WARNING); 242 } 243 244 /** 245 * Replace Emojis and other 4bit UTF-8 chars not allowed by MySQL to UCR/NCR. 246 * Using their Numeric Character Reference's Hexadecimal notation. 247 */ 248 $bbcode_helpline = utf8_encode_ucr($bbcode_helpline); 249 250 $sql_ary = array_merge($sql_ary, array( 251 'bbcode_tag' => $data['bbcode_tag'], 252 'bbcode_match' => $bbcode_match, 253 'bbcode_tpl' => $bbcode_tpl, 254 'display_on_posting' => $display_on_posting, 255 'bbcode_helpline' => $bbcode_helpline, 256 'first_pass_match' => $data['first_pass_match'], 257 'first_pass_replace' => $data['first_pass_replace'], 258 'second_pass_match' => $data['second_pass_match'], 259 'second_pass_replace' => $data['second_pass_replace'] 260 )); 261 262 if ($action == 'create') 263 { 264 $sql = 'SELECT MAX(bbcode_id) as max_bbcode_id 265 FROM ' . BBCODES_TABLE; 266 $result = $db->sql_query($sql); 267 $row = $db->sql_fetchrow($result); 268 $db->sql_freeresult($result); 269 270 if ($row) 271 { 272 $bbcode_id = (int) $row['max_bbcode_id'] + 1; 273 274 // Make sure it is greater than the core bbcode ids... 275 if ($bbcode_id <= NUM_CORE_BBCODES) 276 { 277 $bbcode_id = NUM_CORE_BBCODES + 1; 278 } 279 } 280 else 281 { 282 $bbcode_id = NUM_CORE_BBCODES + 1; 283 } 284 285 if ($bbcode_id > BBCODE_LIMIT) 286 { 287 trigger_error($user->lang['TOO_MANY_BBCODES'] . adm_back_link($this->u_action), E_USER_WARNING); 288 } 289 290 $sql_ary['bbcode_id'] = (int) $bbcode_id; 291 292 $db->sql_query('INSERT INTO ' . BBCODES_TABLE . $db->sql_build_array('INSERT', $sql_ary)); 293 $cache->destroy('sql', BBCODES_TABLE); 294 $phpbb_container->get('text_formatter.cache')->invalidate(); 295 296 $lang = 'BBCODE_ADDED'; 297 $log_action = 'LOG_BBCODE_ADD'; 298 } 299 else 300 { 301 $sql = 'UPDATE ' . BBCODES_TABLE . ' 302 SET ' . $db->sql_build_array('UPDATE', $sql_ary) . ' 303 WHERE bbcode_id = ' . $bbcode_id; 304 $db->sql_query($sql); 305 $cache->destroy('sql', BBCODES_TABLE); 306 $phpbb_container->get('text_formatter.cache')->invalidate(); 307 308 $lang = 'BBCODE_EDITED'; 309 $log_action = 'LOG_BBCODE_EDIT'; 310 } 311 312 $phpbb_log->add('admin', $user->data['user_id'], $user->ip, $log_action, false, array($data['bbcode_tag'])); 313 314 /** 315 * Event after a BBCode has been added or updated 316 * 317 * @event core.acp_bbcodes_modify_create_after 318 * @var string action Type of the action: modify|create 319 * @var int bbcode_id The id of the added or updated bbcode 320 * @var array sql_ary Array with bbcode data (read only) 321 * @since 3.2.4-RC1 322 */ 323 $vars = array( 324 'action', 325 'bbcode_id', 326 'sql_ary', 327 ); 328 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_modify_create_after', compact($vars))); 329 330 trigger_error($user->lang[$lang] . adm_back_link($this->u_action)); 331 } 332 else 333 { 334 confirm_box(false, $user->lang['BBCODE_DANGER'], build_hidden_fields(array_merge($hidden_fields, array( 335 'action' => $action, 336 'bbcode' => $bbcode_id, 337 'bbcode_match' => $bbcode_match, 338 'bbcode_tpl' => htmlspecialchars($bbcode_tpl, ENT_COMPAT), 339 'bbcode_helpline' => $bbcode_helpline, 340 'display_on_posting' => $display_on_posting, 341 ))) 342 , 'confirm_bbcode.html'); 343 } 344 345 break; 346 347 case 'delete': 348 349 $sql = 'SELECT bbcode_tag 350 FROM ' . BBCODES_TABLE . " 351 WHERE bbcode_id = $bbcode_id"; 352 $result = $db->sql_query($sql); 353 $row = $db->sql_fetchrow($result); 354 $db->sql_freeresult($result); 355 356 if ($row) 357 { 358 if (confirm_box(true)) 359 { 360 $bbcode_tag = $row['bbcode_tag']; 361 362 $db->sql_query('DELETE FROM ' . BBCODES_TABLE . " WHERE bbcode_id = $bbcode_id"); 363 $cache->destroy('sql', BBCODES_TABLE); 364 $phpbb_container->get('text_formatter.cache')->invalidate(); 365 $phpbb_log->add('admin', $user->data['user_id'], $user->ip, 'LOG_BBCODE_DELETE', false, array($bbcode_tag)); 366 367 /** 368 * Event after a BBCode has been deleted 369 * 370 * @event core.acp_bbcodes_delete_after 371 * @var string action Type of the action: delete 372 * @var int bbcode_id The id of the deleted bbcode 373 * @var string bbcode_tag The tag of the deleted bbcode 374 * @since 3.2.4-RC1 375 */ 376 $vars = array( 377 'action', 378 'bbcode_id', 379 'bbcode_tag', 380 ); 381 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_delete_after', compact($vars))); 382 383 if ($request->is_ajax()) 384 { 385 $json_response = new \phpbb\json_response; 386 $json_response->send(array( 387 'MESSAGE_TITLE' => $user->lang['INFORMATION'], 388 'MESSAGE_TEXT' => $user->lang['BBCODE_DELETED'], 389 'REFRESH_DATA' => array( 390 'time' => 3 391 ) 392 )); 393 } 394 } 395 else 396 { 397 confirm_box(false, $user->lang['CONFIRM_OPERATION'], build_hidden_fields(array( 398 'bbcode' => $bbcode_id, 399 'i' => $id, 400 'mode' => $mode, 401 'action' => $action)) 402 ); 403 } 404 } 405 406 break; 407 } 408 409 $u_action = $this->u_action; 410 411 $template_data = array( 412 'U_ACTION' => $this->u_action . '&action=add', 413 ); 414 415 $sql_ary = array( 416 'SELECT' => 'b.*', 417 'FROM' => array(BBCODES_TABLE => 'b'), 418 'ORDER_BY' => 'b.bbcode_tag', 419 ); 420 421 /** 422 * Modify custom bbcode template data before we display the form 423 * 424 * @event core.acp_bbcodes_display_form 425 * @var string action Type of the action: modify|create 426 * @var array sql_ary The SQL array to get custom bbcode data 427 * @var array template_data Array with form template data 428 * @var string u_action The u_action link 429 * @since 3.1.0-a3 430 */ 431 $vars = array('action', 'sql_ary', 'template_data', 'u_action'); 432 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_display_form', compact($vars))); 433 434 $result = $db->sql_query($db->sql_build_query('SELECT', $sql_ary)); 435 436 $template->assign_vars($template_data); 437 438 while ($row = $db->sql_fetchrow($result)) 439 { 440 $bbcodes_array = array( 441 'BBCODE_TAG' => $row['bbcode_tag'], 442 'U_EDIT' => $u_action . '&action=edit&bbcode=' . $row['bbcode_id'], 443 'U_DELETE' => $u_action . '&action=delete&bbcode=' . $row['bbcode_id'], 444 ); 445 446 /** 447 * Modify display of custom bbcodes in the form 448 * 449 * @event core.acp_bbcodes_display_bbcodes 450 * @var array row Array with current bbcode data 451 * @var array bbcodes_array Array of bbcodes template data 452 * @var string u_action The u_action link 453 * @since 3.1.0-a3 454 */ 455 $vars = array('bbcodes_array', 'row', 'u_action'); 456 extract($phpbb_dispatcher->trigger_event('core.acp_bbcodes_display_bbcodes', compact($vars))); 457 458 $template->assign_block_vars('bbcodes', $bbcodes_array); 459 460 } 461 $db->sql_freeresult($result); 462 } 463 464 /* 465 * Build regular expression for custom bbcode 466 */ 467 function build_regexp(&$bbcode_match, &$bbcode_tpl) 468 { 469 $bbcode_match = trim($bbcode_match); 470 $bbcode_tag = preg_replace('/.*?\[([a-z0-9_-]+).*/i', '$1', $bbcode_match); 471 472 if (!preg_match('/^[a-zA-Z0-9_-]+$/', $bbcode_tag)) 473 { 474 global $user; 475 trigger_error($user->lang['BBCODE_INVALID'] . adm_back_link($this->u_action), E_USER_WARNING); 476 } 477 478 return array( 479 'bbcode_tag' => $bbcode_tag, 480 'first_pass_match' => '/(?!)/', 481 'first_pass_replace' => '', 482 // Use a non-matching, valid regexp to effectively disable this BBCode 483 'second_pass_match' => '/(?!)/', 484 'second_pass_replace' => '' 485 ); 486 } 487 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Nov 25 19:05:08 2024 | Cross-referenced by PHPXref 0.7.1 |