search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
- tackle some usability issues
[phpbb.git] / phpBB / includes / message_parser.php
blobb5090d3950e4e0a6bad71f7247411da0e2039592
1 <?php
2 /**
3 *
4 * @package phpBB3
5 * @version $Id$
6 * @copyright (c) 2005 phpBB Group
7 * @license http://opensource.org/licenses/gpl-license.php GNU Public License
8 *
9 */
10
11 /**
12 * @ignore
13 */
14 if (!defined('IN_PHPBB'))
15 {
16 exit;
17 }
18
19 if (!class_exists('bbcode'))
20 {
21 include($phpbb_root_path . 'includes/bbcode.' . $phpEx);
22 }
23
24 /**
25 * BBCODE FIRSTPASS
26 * BBCODE first pass class (functions for parsing messages for db storage)
27 * @package phpBB3
28 */
29 class bbcode_firstpass extends bbcode
30 {
31 var $message = '';
32 var $warn_msg = array();
33 var $parsed_items = array();
34
35 /**
36 * Parse BBCode
37 */
38 function parse_bbcode()
39 {
40 if (!$this->bbcodes)
41 {
42 $this->bbcode_init();
43 }
44
45 global $user;
46 $this->bbcode_bitfield = 0;
47
48 $size = strlen($this->message);
49 foreach ($this->bbcodes as $bbcode_name => $bbcode_data)
50 {
51 if (isset($bbcode_data['disabled']) && $bbcode_data['disabled'])
52 {
53 foreach ($bbcode_data['regexp'] as $regexp => $replacement)
54 {
55 if (preg_match($regexp, $this->message))
56 {
57 $this->warn_msg[] = $user->lang['UNAUTHORISED_BBCODE'] . '[' . $bbcode_name . ']';
58 continue;
59 }
60 }
61 }
62 else
63 {
64 foreach ($bbcode_data['regexp'] as $regexp => $replacement)
65 {
66 $this->message = preg_replace($regexp, $replacement, $this->message);
67 }
68 }
69
70 // Because we add bbcode_uid to all tags, the message length
71 // will increase whenever a tag is found
72 $new_size = strlen($this->message);
73 if ($size != $new_size)
74 {
75 $this->bbcode_bitfield |= (1 << $bbcode_data['bbcode_id']);
76 $size = $new_size;
77 }
78 }
79 }
80
81 /**
82 * Prepare some bbcodes for better parsing
83 */
84 function prepare_bbcodes()
85 {
86 // Add newline at the end and in front of each quote block to prevent parsing errors (urls, smilies, etc.)
87 if (strpos($this->message, '[quote') !== false)
88 {
89 $in = str_replace("\r\n", "\n", $this->message);
90
91 $this->message = preg_replace(array('#\[quote(=&quot;.*?&quot;)?\]([^\n])#is', '#([^\n])\[\/quote\]#is'), array("[quote\\1]\n\\2", "\\1\n[/quote]"), $this->message);
92 $this->message = preg_replace(array('#\[quote(=&quot;.*?&quot;)?\]([^\n])#is', '#([^\n])\[\/quote\]#is'), array("[quote\\1]\n\\2", "\\1\n[/quote]"), $this->message);
93 }
94
95 // Add other checks which needs to be placed before actually parsing anything (be it bbcodes, smilies, urls...)
96 }
97
98 /**
99 * Init bbcode data for later parsing
100 */
101 function bbcode_init()
102 {
103 static $rowset;
104
105 // This array holds all bbcode data. BBCodes will be processed in this
106 // order, so it is important to keep [code] in first position and
107 // [quote] in second position.
108 $this->bbcodes = array(
109 'code' => array('bbcode_id' => 8, 'regexp' => array('#\[code(?:=([a-z]+))?\](.+\[/code\])#ise' => "\$this->bbcode_code('\$1', '\$2')")),
110 'quote' => array('bbcode_id' => 0, 'regexp' => array('#\[quote(?:=&quot;(.*?)&quot;)?\](.+)\[/quote\]#ise' => "\$this->bbcode_quote('\$0')")),
111 'attachment' => array('bbcode_id' => 12, 'regexp' => array('#\[attachment=([0-9]+)\](.*?)\[/attachment\]#ise' => "\$this->bbcode_attachment('\$1', '\$2')")),
112 'b' => array('bbcode_id' => 1, 'regexp' => array('#\[b\](.*?)\[/b\]#ise' => "\$this->bbcode_strong('\$1')")),
113 'i' => array('bbcode_id' => 2, 'regexp' => array('#\[i\](.*?)\[/i\]#ise' => "\$this->bbcode_italic('\$1')")),
114 'url' => array('bbcode_id' => 3, 'regexp' => array('#\[url(=(.*))?\](.*)\[/url\]#iUe' => "\$this->validate_url('\$2', '\$3')")),
115 'img' => array('bbcode_id' => 4, 'regexp' => array('#\[img\](https?://)([a-z0-9\-\.,\?!%\*_:;~\\&$@/=\+]+)\[/img\]#ie' => "\$this->bbcode_img('\$1\$2')")),
116 'size' => array('bbcode_id' => 5, 'regexp' => array('#\[size=([\-\+]?[1-2]?[0-9])\](.*?)\[/size\]#ise' => "\$this->bbcode_size('\$1', '\$2')")),
117 'color' => array('bbcode_id' => 6, 'regexp' => array('!\[color=(#[0-9A-Fa-f]{6}|[a-z\-]+)\](.*?)\[/color\]!ise' => "\$this->bbcode_color('\$1', '\$2')")),
118 'u' => array('bbcode_id' => 7, 'regexp' => array('#\[u\](.*?)\[/u\]#ise' => "\$this->bbcode_underline('\$1')")),
119 'list' => array('bbcode_id' => 9, 'regexp' => array('#\[list(=[a-z|0-9|(?:disc|circle|square))]+)?\].*\[/list\]#ise' => "\$this->bbcode_parse_list('\$0')")),
120 'email' => array('bbcode_id' => 10, 'regexp' => array('#\[email=?(.*?)?\](.*?)\[/email\]#ise' => "\$this->validate_email('\$1', '\$2')")),
121 'flash' => array('bbcode_id' => 11, 'regexp' => array('#\[flash=([0-9]+),([0-9]+)\](.*?)\[/flash\]#ie' => "\$this->bbcode_flash('\$1', '\$2', '\$3')"))
122 );
123
124 // Zero the parsed items array
125 $this->parsed_items = array();
126
127 foreach ($this->bbcodes as $tag => $bbcode_data)
128 {
129 $this->parsed_items[$tag] = 0;
130 }
131
132 if (!is_array($rowset))
133 {
134 global $db;
135 $rowset = array();
136
137 $sql = 'SELECT *
138 FROM ' . BBCODES_TABLE;
139 $result = $db->sql_query($sql);
140
141 while ($row = $db->sql_fetchrow($result))
142 {
143 $rowset[] = $row;
144 }
145 $db->sql_freeresult($result);
146 }
147
148 foreach ($rowset as $row)
149 {
150 $this->bbcodes[$row['bbcode_tag']] = array(
151 'bbcode_id' => (int) $row['bbcode_id'],
152 'regexp' => array($row['first_pass_match'] => str_replace('$uid', $this->bbcode_uid, $row['first_pass_replace']))
153 );
154 }
155 }
156
157 /**
158 * Making some pre-checks for bbcodes as well as increasing the number of parsed items
159 */
160 function check_bbcode($bbcode, &$in)
161 {
162 // when using the /e modifier, preg_replace slashes double-quotes but does not
163 // seem to slash anything else
164 $in = str_replace("\r\n", "\n", str_replace('\"', '"', $in));
165
166 // Trimming here to make sure no empty bbcodes are parsed accidently
167 if (trim($in) == '')
168 {
169 return false;
170 }
171
172 $this->parsed_items[$bbcode]++;
173
174 return true;
175 }
176
177 /**
178 * Transform some characters in valid bbcodes
179 */
180 function bbcode_specialchars($text)
181 {
182 $str_from = array('<', '>', '[', ']', '.', ':');
183 $str_to = array('&lt;', '&gt;', '&#91;', '&#93;', '&#46;', '&#58;');
184
185 return str_replace($str_from, $str_to, $text);
186 }
187
188 /**
189 * Parse size tag
190 */
191 function bbcode_size($stx, $in)
192 {
193 global $user, $config;
194
195 if (!$this->check_bbcode('size', $in))
196 {
197 return '';
198 }
199
200 if ($config['max_' . $this->mode . '_font_size'] && $config['max_' . $this->mode . '_font_size'] < $stx)
201 {
202 $this->warn_msg[] = sprintf($user->lang['MAX_FONT_SIZE_EXCEEDED'], $config['max_' . $this->mode . '_font_size']);
203 }
204
205 return '[size=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/size:' . $this->bbcode_uid . ']';
206 }
207
208 /**
209 * Parse color tag
210 */
211 function bbcode_color($stx, $in)
212 {
213 if (!$this->check_bbcode('color', $in))
214 {
215 return '';
216 }
217
218 return '[color=' . $stx . ':' . $this->bbcode_uid . ']' . $in . '[/color:' . $this->bbcode_uid . ']';
219 }
220
221 /**
222 * Parse u tag
223 */
224 function bbcode_underline($in)
225 {
226 if (!$this->check_bbcode('u', $in))
227 {
228 return '';
229 }
230
231 return '[u:' . $this->bbcode_uid . ']' . $in . '[/u:' . $this->bbcode_uid . ']';
232 }
233
234 /**
235 * Parse b tag
236 */
237 function bbcode_strong($in)
238 {
239 if (!$this->check_bbcode('b', $in))
240 {
241 return '';
242 }
243
244 return '[b:' . $this->bbcode_uid . ']' . $in . '[/b:' . $this->bbcode_uid . ']';
245 }
246
247 /**
248 * Parse i tag
249 */
250 function bbcode_italic($in)
251 {
252 if (!$this->check_bbcode('i', $in))
253 {
254 return '';
255 }
256
257 return '[i:' . $this->bbcode_uid . ']' . $in . '[/i:' . $this->bbcode_uid . ']';
258 }
259
260 /**
261 * Parse img tag
262 */
263 function bbcode_img($in)
264 {
265 global $user, $config, $phpEx;
266
267 if (!$this->check_bbcode('img', $in))
268 {
269 return '';
270 }
271
272 $in = trim($in);
273
274 if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width'])
275 {
276 $stats = @getimagesize($in);
277
278 if ($stats === false)
279 {
280 $this->warn_msg[] = $user->lang['UNABLE_GET_IMAGE_SIZE'];
281 }
282 else
283 {
284 if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $stats[1])
285 {
286 $this->warn_msg[] = sprintf($user->lang['MAX_IMG_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']);
287 }
288
289 if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $stats[0])
290 {
291 $this->warn_msg[] = sprintf($user->lang['MAX_IMG_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']);
292 }
293 }
294 }
295
296 if ($this->path_in_domain($in))
297 {
298 return '[img]' . $in . '[/img]';
299 }
300
301 return '[img:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/img:' . $this->bbcode_uid . ']';
302 }
303
304 /**
305 * Parse flash tag
306 */
307 function bbcode_flash($width, $height, $in)
308 {
309 global $user, $config, $phpEx;
310
311 if (!$this->check_bbcode('flash', $in))
312 {
313 return '';
314 }
315
316 $in = trim($in);
317
318 // Apply the same size checks on flash files as on images
319 if ($config['max_' . $this->mode . '_img_height'] || $config['max_' . $this->mode . '_img_width'])
320 {
321 if ($config['max_' . $this->mode . '_img_height'] && $config['max_' . $this->mode . '_img_height'] < $height)
322 {
323 $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_HEIGHT_EXCEEDED'], $config['max_' . $this->mode . '_img_height']);
324 }
325
326 if ($config['max_' . $this->mode . '_img_width'] && $config['max_' . $this->mode . '_img_width'] < $width)
327 {
328 $this->warn_msg[] = sprintf($user->lang['MAX_FLASH_WIDTH_EXCEEDED'], $config['max_' . $this->mode . '_img_width']);
329 }
330 }
331
332 if ($this->path_in_domain($in))
333 {
334 return '[flash=' . $width . ',' . $height . ']' . $in . '[/flash]';
335 }
336
337 return '[flash=' . $width . ',' . $height . ':' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($in) . '[/flash:' . $this->bbcode_uid . ']';
338 }
339
340 /**
341 * Parse inline attachments [ia]
342 */
343 function bbcode_attachment($stx, $in)
344 {
345 if (!$this->check_bbcode('attachment', $in))
346 {
347 return '';
348 }
349
350 return '[attachment=' . $stx . ':' . $this->bbcode_uid . ']<!-- ia' . $stx . ' -->' . trim($in) . '<!-- ia' . $stx . ' -->[/attachment:' . $this->bbcode_uid . ']';
351 }
352
353 /**
354 * Parse code tag
355 * Expects the argument to start right after the opening [code] tag and to end with [/code]
356 */
357 function bbcode_code($stx, $in)
358 {
359 if (!$this->check_bbcode('code', $in))
360 {
361 return '';
362 }
363
364 // We remove the hardcoded elements from the code block here because it is not used in code blocks
365 // Having it here saves us one preg_replace per message containing [code] blocks
366 // Additionally, magic url parsing should go after parsing bbcodes, but for safety those are stripped out too...
367 $htm_match = array(
368 '#<!\-\- e \-\-><a href="mailto:(.*?)">.*?</a><!\-\- e \-\->#',
369 '#<!\-\- m \-\-><a href="(.*?)" target="_blank">.*?</a><!\-\- m \-\->#',
370 '#<!\-\- w \-\-><a href="http:\/\/(.*?)" target="_blank">.*?</a><!\-\- w \-\->#',
371 '#<!\-\- l \-\-><a href="(.*?)">.*?</a><!\-\- l \-\->#',
372 '#<!\-\- s(.*?) \-\-><img src="\{SMILIES_PATH\}\/.*? \/><!\-\- s\1 \-\->#',
373 '#&\#([0-9]+);#',
374 );
375 $htm_replace = array('\1', '\1', '\1', '\1', '\1', '&amp;#\1;');
376
377 $out = '';
378
379 do
380 {
381 $pos = stripos($in, '[/code]') + 7;
382 $code = substr($in, 0, $pos);
383 $in = substr($in, $pos);
384
385 // $code contains everything that was between code tags (including the ending tag) but we're trying to grab as much extra text as possible, as long as it does not contain open [code] tags
386 while ($in)
387 {
388 $pos = stripos($in, '[/code]') + 7;
389 $buffer = substr($in, 0, $pos);
390
391 if (preg_match('#\[code(?:=([a-z]+))?\]#i', $buffer))
392 {
393 break;
394 }
395 else
396 {
397 $in = substr($in, $pos);
398 $code .= $buffer;
399 }
400 }
401
402 $code = substr($code, 0, -7);
403 // $code = preg_replace('#^[\r\n]*(.*?)[\n\r\s\t]*$#s', '$1', $code);
404 $code = preg_replace($htm_match, $htm_replace, $code);
405
406 switch (strtolower($stx))
407 {
408 case 'php':
409 $code = trim($code);
410
411 $remove_tags = false;
412 $code = str_replace(array('&lt;', '&gt;'), array('<', '>'), $code);
413
414 if (!preg_match('/^\<\?.*?\?\>/is', $code))
415 {
416 $remove_tags = true;
417 $code = "<?php $code ?>";
418 }
419
420 $conf = array('highlight.bg', 'highlight.comment', 'highlight.default', 'highlight.html', 'highlight.keyword', 'highlight.string');
421 foreach ($conf as $ini_var)
422 {
423 ini_set($ini_var, str_replace('highlight.', 'syntax', $ini_var));
424 }
425
426 // Because highlight_string is specialcharing the text (but we already did this before), we have to reverse this in order to get correct results
427 $code = html_entity_decode($code);
428 $code = highlight_string($code, true);
429
430 $str_from = array('<span style="color: ', '<font color="syntax', '</font>', '<code>', '</code>','[', ']', '.', ':');
431 $str_to = array('<span class="', '<span class="syntax', '</span>', '', '', '&#91;', '&#93;', '&#46;', '&#58;');
432
433 if ($remove_tags)
434 {
435 $str_from[] = '<span class="syntaxdefault">&lt;?php </span>';
436 $str_to[] = '';
437 $str_from[] = '<span class="syntaxdefault">&lt;?php ';
438 $str_to[] = '<span class="syntaxdefault">';
439 }
440
441 $code = str_replace($str_from, $str_to, $code);
442 $code = preg_replace('#^(<span class="[a-z_]+">)\n?(.*?)\n?(</span>)$#is', '$1$2$3', $code);
443
444 if ($remove_tags)
445 {
446 $code = preg_replace('#(<span class="[a-z]+">)?\?&gt;</span>#', '', $code);
447 }
448
449 $code = preg_replace('#^<span class="[a-z]+"><span class="([a-z]+)">(.*)</span></span>#s', '<span class="$1">$2</span>', $code);
450 $code = preg_replace('#(?:[\n\r\s\t]|&nbsp;)*</span>$#', '</span>', $code);
451
452 $out .= "[code=$stx:" . $this->bbcode_uid . ']' . $code . '[/code:' . $this->bbcode_uid . ']';
453 break;
454
455 default:
456 $out .= '[code:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($code) . '[/code:' . $this->bbcode_uid . ']';
457 break;
458 }
459
460 if (preg_match('#(.*?)\[code(?:=([a-z]+))?\](.+)#is', $in, $m))
461 {
462 $out .= $m[1];
463 $stx = $m[2];
464 $in = $m[3];
465 }
466 }
467 while ($in);
468
469 return $out;
470 }
471
472 /**
473 * Parse list bbcode
474 * Expects the argument to start with a tag
475 */
476 function bbcode_parse_list($in)
477 {
478 if (!$this->check_bbcode('list', $in))
479 {
480 return '';
481 }
482
483 $out = '[';
484
485 // Grab item_start with no item_end
486 $in = preg_replace('#\[\*\](.*?)(\[\/list\]|\[list(=?(?:[0-9]|[a-z]|))\]|\[\*\])#is', '[*:' . $this->bbcode_uid . ']\1[/*:m:' . $this->bbcode_uid . ']\2', $in);
487
488 // Grab them again as backreference
489 $in = preg_replace('#\[\*\](.*?)(\[\/list\]|\[list(=?(?:[0-9]|[a-z]|))\]|\[\*\])(^\[\/*\])#is', '[*:' . $this->bbcode_uid . ']\1[/*:m:' . $this->bbcode_uid . ']\2', $in);
490
491 // Grab end tag following start tag
492 $in = preg_replace('#\[\/\*:m:' . $this->bbcode_uid . '\](\n|)\[\*\]#is', '[/*:m:' . $this->bbcode_uid . '][*:' . $this->bbcode_uid . ']', $in);
493
494 // Replace end tag
495 $in = preg_replace('#\[\/\*\]#i', '[/*:' . $this->bbcode_uid . ']', $in);
496
497 // $tok holds characters to stop at. Since the string starts with a '[' we'll get everything up to the first ']' which should be the opening [list] tag
498 $tok = ']';
499 $out = '[';
500
501 $in = substr($in, 1);
502 $list_end_tags = array();
503
504 do
505 {
506 $pos = strlen($in);
507 for ($i = 0; $i < strlen($tok); ++$i)
508 {
509 $tmp_pos = strpos($in, $tok{$i});
510
511 if ($tmp_pos !== false && $tmp_pos < $pos)
512 {
513 $pos = $tmp_pos;
514 }
515 }
516
517 $buffer = substr($in, 0, $pos);
518 $tok = $in{$pos};
519
520 $in = substr($in, $pos + 1);
521
522 if ($tok == ']')
523 {
524 // if $tok is ']' the buffer holds a tag
525 if ($buffer == '/list' && sizeof($list_end_tags))
526 {
527 $out .= array_pop($list_end_tags) . ']';
528 $tok = '[';
529 }
530 else if (preg_match('#list(=?(?:[0-9]|[a-z]|))#i', $buffer, $m))
531 {
532 // sub-list, add a closing tag
533 if (!$m[1] || preg_match('/^(disc|square|circle)$/i', $m[1]))
534 {
535 array_push($list_end_tags, '/list:u:' . $this->bbcode_uid);
536 }
537 else
538 {
539 array_push($list_end_tags, '/list:o:' . $this->bbcode_uid);
540 }
541 $out .= $buffer . ':' . $this->bbcode_uid . ']';
542 $tok = '[';
543 }
544 else
545 {
546 $out .= $buffer . $tok;
547 $tok = '[]';
548 }
549 }
550 else
551 {
552 // Not within a tag, just add buffer to the return string
553 $out .= $buffer . $tok;
554 $tok = ($tok == '[') ? ']' : '[]';
555 }
556 }
557 while ($in);
558
559 if (sizeof($list_end_tags))
560 {
561 $out .= '[' . implode('][', $list_end_tags) . ']';
562 }
563
564 return $out;
565 }
566
567 /**
568 * Parse quote bbcode
569 * Expects the argument to start with a tag
570 */
571 function bbcode_quote($in)
572 {
573 global $config, $user;
574
575 $in = str_replace("\r\n", "\n", str_replace('\"', '"', trim($in)));
576
577 if (!$in)
578 {
579 return '';
580 }
581
582 $tok = ']';
583 $out = '[';
584
585 $in = substr($in, 1);
586 $close_tags = $error_ary = array();
587 $buffer = '';
588
589 do
590 {
591 $pos = strlen($in);
592 for ($i = 0; $i < strlen($tok); ++$i)
593 {
594 $tmp_pos = strpos($in, $tok{$i});
595 if ($tmp_pos !== false && $tmp_pos < $pos)
596 {
597 $pos = $tmp_pos;
598 }
599 }
600
601 $buffer .= substr($in, 0, $pos);
602 $tok = $in{$pos};
603 $in = substr($in, $pos + 1);
604
605 if ($tok == ']')
606 {
607 if ($buffer == '/quote' && sizeof($close_tags))
608 {
609 // we have found a closing tag
610 // Add space at the end of the closing tag to allow following urls/smilies to be parsed correctly
611 $out .= array_pop($close_tags) . '] ';
612 $tok = '[';
613 $buffer = '';
614 }
615 else if (preg_match('#^quote(?:=&quot;(.*?)&quot;)?$#is', $buffer, $m))
616 {
617 $this->parsed_items['quote']++;
618
619 // the buffer holds a valid opening tag
620 if ($config['max_quote_depth'] && sizeof($close_tags) >= $config['max_quote_depth'])
621 {
622 // there are too many nested quotes
623 $error_ary['quote_depth'] = sprintf($user->lang['QUOTE_DEPTH_EXCEEDED'], $config['max_quote_depth']);
624
625 $out .= $buffer . $tok;
626 $tok = '[]';
627 $buffer = '';
628
629 continue;
630 }
631
632 array_push($close_tags, '/quote:' . $this->bbcode_uid);
633
634 if (isset($m[1]) && $m[1])
635 {
636 $username = preg_replace('#\[(?!b|i|u|color|url|email|/b|/i|/u|/color|/url|/email)#iU', '&#91;$1', $m[1]);
637 $end_tags = array();
638 $error = false;
639
640 preg_match_all('#\[((?:/)?(?:[a-z]+))#i', $username, $tags);
641 foreach ($tags[1] as $tag)
642 {
643 if ($tag{0} != '/')
644 {
645 $end_tags[] = '/' . $tag;
646 }
647 else
648 {
649 $end_tag = array_pop($end_tags);
650 if ($end_tag != $tag)
651 {
652 $error = true;
653 }
654 else
655 {
656 $error = false;
657 }
658 }
659 }
660
661 if ($error)
662 {
663 $username = str_replace('[', '&#91;', str_replace(']', '&#93;', $m[1]));
664 }
665
666 $out .= 'quote=&quot;' . $username . '&quot;:' . $this->bbcode_uid . ']';
667 }
668 else
669 {
670 $out .= 'quote:' . $this->bbcode_uid . ']';
671 }
672
673 $tok = '[';
674 $buffer = '';
675 }
676 else if (preg_match('#^quote=&quot;(.*?)#is', $buffer, $m))
677 {
678 // the buffer holds an invalid opening tag
679 $buffer .= ']';
680 }
681 else
682 {
683 $out .= $buffer . $tok;
684 $tok = '[]';
685 $buffer = '';
686 }
687 }
688 else
689 {
690 $out .= $buffer . $tok;
691 $tok = ($tok == '[') ? ']' : '[]';
692 $buffer = '';
693 }
694 }
695 while ($in);
696
697 if (sizeof($close_tags))
698 {
699 $out .= '[' . implode('][', $close_tags) . ']';
700 }
701
702 foreach ($error_ary as $error_msg)
703 {
704 $this->warn_msg[] = $error_msg;
705 }
706
707 return $out;
708 }
709
710 /**
711 * Validate email
712 */
713 function validate_email($var1, $var2)
714 {
715 $var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1)));
716 $var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2)));
717
718 $txt = $var2;
719 $email = ($var1) ? $var1 : $var2;
720
721 $validated = true;
722
723 if (!preg_match('/^' . get_preg_expression('email') . '$/i', $email))
724 {
725 $validated = false;
726 }
727
728 if (!$validated)
729 {
730 return '[email' . (($var1) ? "=$var1" : '') . ']' . $var2 . '[/email]';
731 }
732
733 $this->parsed_items['email']++;
734
735 if ($var1)
736 {
737 $retval = '[email=' . $this->bbcode_specialchars($email) . ':' . $this->bbcode_uid . ']' . $txt . '[/email:' . $this->bbcode_uid . ']';
738 }
739 else
740 {
741 $retval = '[email:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($email) . '[/email:' . $this->bbcode_uid . ']';
742 }
743
744 return $retval;
745 }
746
747 /**
748 * Validate url
749 */
750 function validate_url($var1, $var2)
751 {
752 global $config;
753
754 $var1 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var1)));
755 $var2 = str_replace("\r\n", "\n", str_replace('\"', '"', trim($var2)));
756
757 $url = ($var1) ? $var1 : $var2;
758 $valid = false;
759
760 if (!$url || ($var1 && !$var2))
761 {
762 return '';
763 }
764
765 // Checking urls
766 if (preg_match('#' . preg_quote(generate_board_url(), '#') . '/([^ \t\n\r<"\']+)#i', $url) ||
767 preg_match('#([\w]+?://.*?[^ \t\n\r<"\']*)#i', $url) ||
768 preg_match('#(www\.[\w\-]+\.[\w\-.\~]+(?:/[^ \t\n\r<"\']*)?)#i', $url))
769 {
770 $valid = true;
771 }
772
773 if ($valid)
774 {
775 $this->parsed_items['url']++;
776
777 if (!preg_match('#^[\w]+?://.*?#i', $url))
778 {
779 $url = 'http://' . $url;
780 }
781
782 // We take our test url and stick on the first bit of text we get to check if we are really at the domain. If so, lets go!
783 if (strpos($url, generate_board_url()) !== false && strpos($url, 'sid=') !== false)
784 {
785 $url = preg_replace('/(&amp;|\?)sid=[0-9a-f]{32}/', '\1', $url);
786 }
787
788 return ($var1) ? '[url=' . $this->bbcode_specialchars($url) . ':' . $this->bbcode_uid . ']' . $var2 . '[/url:' . $this->bbcode_uid . ']' : '[url:' . $this->bbcode_uid . ']' . $this->bbcode_specialchars($url) . '[/url:' . $this->bbcode_uid . ']';
789 }
790
791 return '[url' . (($var1) ? '=' . $var1 : '') . ']' . $var2 . '[/url]';
792 }
793
794 /**
795 * Check if url is pointing to this domain/script_path/php-file
796 *
797 * @param string $url the url to check
798 * @return true if the url is pointing to this domain/script_path/php-file, false if not
799 *
800 * @access: private
801 */
802 function path_in_domain($url)
803 {
804 global $config, $phpEx, $user;
805
806 $check_path = ($user->page['root_script_path'] != '/') ? substr($user->page['root_script_path'], 0, -1) : '/';
807
808 // Is the user trying to link to a php file in this domain and script path?
809 if (strpos($url, ".{$phpEx}") !== false && strpos($url, $check_path) !== false)
810 {
811 $server_name = (!empty($_SERVER['SERVER_NAME'])) ? $_SERVER['SERVER_NAME'] : getenv('SERVER_NAME');
812
813 // Forcing server vars is the only way to specify/override the protocol
814 if ($config['force_server_vars'] || !$server_name)
815 {
816 $server_name = $config['server_name'];
817 }
818
819 // Check again in correct order...
820 $pos_ext = strpos($url, ".{$phpEx}");
821 $pos_path = strpos($url, $check_path);
822 $pos_domain = strpos($url, $server_name);
823
824 if ($pos_domain !== false && $pos_path >= $pos_domain && $pos_ext >= $pos_path)
825 {
826 return true;
827 }
828 }
829
830 return false;
831 }
832 }
833
834 /**
835 * Main message parser for posting, pm, etc. takes raw message
836 * and parses it for attachments, bbcode and smilies
837 * @package phpBB3
838 */
839 class parse_message extends bbcode_firstpass
840 {
841 var $attachment_data = array();
842 var $filename_data = array();
843
844 // Helps ironing out user error
845 var $message_status = '';
846
847 var $allow_img_bbcode = true;
848 var $allow_flash_bbcode = true;
849 var $allow_quote_bbcode = true;
850
851 var $mode;
852
853 /**
854 * Init - give message here or manually
855 */
856 function parse_message($message = '')
857 {
858 // Init BBCode UID
859 $this->bbcode_uid = substr(md5(time()), 0, BBCODE_UID_LEN);
860
861 if ($message)
862 {
863 $this->message = $message;
864 }
865 }
866
867 /**
868 * Parse Message
869 */
870 function parse($allow_bbcode, $allow_magic_url, $allow_smilies, $allow_img_bbcode = true, $allow_flash_bbcode = true, $allow_quote_bbcode = true, $update_this_message = true, $mode = 'post')
871 {
872 global $config, $db, $user;
873
874 $mode = ($mode != 'post') ? 'sig' : 'post';
875
876 $this->mode = $mode;
877
878 $this->allow_img_bbcode = $allow_img_bbcode;
879 $this->allow_flash_bbcode = $allow_flash_bbcode;
880 $this->allow_quote_bbcode = $allow_quote_bbcode;
881
882 // If false, then $this->message won't be altered, the text will be returned instead.
883 if (!$update_this_message)
884 {
885 $tmp_message = $this->message;
886 $return_message = &$this->message;
887 }
888
889 if ($this->message_status == 'display')
890 {
891 $this->decode_message();
892 }
893
894 // Do some general 'cleanup' first before processing message,
895 // e.g. remove excessive newlines(?), smilies(?)
896 // Transform \r\n and \r into \n
897 $match = array('#\r\n?#', "#([\n][\s]+){3,}#", '#(script|about|applet|activex|chrome):#i');
898 $replace = array("\n", "\n\n", "\\1&#058;");
899 $this->message = preg_replace($match, $replace, trim($this->message));
900
901 // Message length check. -1 disables this check completely.
902 if ($config['max_' . $mode . '_chars'] != -1)
903 {
904 $msg_len = ($mode == 'post') ? strlen($this->message) : strlen(preg_replace('#\[\/?[a-z\*\+\-]+(=[\S]+)?\]#is', ' ', $this->message));
905
906 if ((!$msg_len && $mode !== 'sig') || $config['max_' . $mode . '_chars'] && $msg_len > $config['max_' . $mode . '_chars'])
907 {
908 $this->warn_msg[] = (!$msg_len) ? $user->lang['TOO_FEW_CHARS'] : $user->lang['TOO_MANY_CHARS'];
909 return $this->warn_msg;
910 }
911 }
912
913 // Prepare BBcode (just prepares some tags for better parsing)
914 if ($allow_bbcode && strpos($this->message, '[') !== false)
915 {
916 $this->bbcode_init();
917 $disallow = array('img', 'flash', 'quote');
918 foreach ($disallow as $bool)
919 {
920 if (!${'allow_' . $bool . '_bbcode'})
921 {
922 $this->bbcodes[$bool]['disabled'] = true;
923 }
924 }
925
926 $this->prepare_bbcodes();
927 }
928
929 // Parse smilies
930 if ($allow_smilies)
931 {
932 $this->smilies($config['max_' . $mode . '_smilies']);
933 }
934
935 $num_urls = 0;
936
937 // Parse BBCode
938 if ($allow_bbcode && strpos($this->message, '[') !== false)
939 {
940 $this->parse_bbcode();
941 $num_urls += $this->parsed_items['url'];
942 }
943
944 // Parse URL's
945 if ($allow_magic_url)
946 {
947 $this->magic_url(generate_board_url());
948
949 if ($config['max_' . $mode . '_urls'])
950 {
951 $num_urls += preg_match_all('#\<!-- (l|m|w|e) --\>.*?\<!-- \1 --\>#', $this->message, $matches);
952 }
953 }
954
955 // Check number of links
956 if ($config['max_' . $mode . '_urls'] && $num_urls > $config['max_' . $mode . '_urls'])
957 {
958 $this->warn_msg[] = sprintf($user->lang['TOO_MANY_URLS'], $config['max_' . $mode . '_urls']);
959 return $this->warn_msg;
960 }
961
962 if (!$update_this_message)
963 {
964 unset($this->message);
965 $this->message = $tmp_message;
966 return $return_message;
967 }
968
969 $this->message_status = 'parsed';
970 return false;
971 }
972
973 /**
974 * Formatting text for display
975 */
976 function format_display($allow_bbcode, $allow_magic_url, $allow_smilies, $update_this_message = true)
977 {
978 // If false, then the parsed message get returned but internal message not processed.
979 if (!$update_this_message)
980 {
981 $tmp_message = $this->message;
982 $return_message = &$this->message;
983 }
984
985 if ($this->message_status == 'plain')
986 {
987 // Force updating message - of course.
988 $this->parse($allow_bbcode, $allow_magic_url, $allow_smilies, $this->allow_img_bbcode, $this->allow_flash_bbcode, $this->allow_quote_bbcode, true);
989 }
990
991 // Parse BBcode
992 if ($allow_bbcode)
993 {
994 $this->bbcode_cache_init();
995
996 // We are giving those parameters to be able to use the bbcode class on its own
997 $this->bbcode_second_pass($this->message, $this->bbcode_uid);
998 }
999
1000 $this->message = smiley_text($this->message, !$allow_smilies);
1001
1002 // Replace naughty words such as farty pants
1003 $this->message = str_replace("\n", '<br />', censor_text($this->message));
1004
1005 if (!$update_this_message)
1006 {
1007 unset($this->message);
1008 $this->message = $tmp_message;
1009 return $return_message;
1010 }
1011
1012 $this->message_status = 'display';
1013 return false;
1014 }
1015
1016 /**
1017 * Decode message to be placed back into form box
1018 */
1019 function decode_message($custom_bbcode_uid = '', $update_this_message = true)
1020 {
1021 // If false, then the parsed message get returned but internal message not processed.
1022 if (!$update_this_message)
1023 {
1024 $tmp_message = $this->message;
1025 $return_message = &$this->message;
1026 }
1027
1028 ($custom_bbcode_uid) ? decode_message($this->message, $custom_bbcode_uid) : decode_message($this->message, $this->bbcode_uid);
1029
1030 if (!$update_this_message)
1031 {
1032 unset($this->message);
1033 $this->message = $tmp_message;
1034 return $return_message;
1035 }
1036
1037 $this->message_status = 'plain';
1038 return false;
1039 }
1040
1041 /**
1042 * Replace magic urls of form http://xxx.xxx., www.xxx. and xxx@xxx.xxx.
1043 * Cuts down displayed size of link if over 50 chars, turns absolute links
1044 * into relative versions when the server/script path matches the link
1045 */
1046 function magic_url($server_url)
1047 {
1048 // We use the global make_clickable function
1049 $this->message = make_clickable($this->message, $server_url);
1050 }
1051
1052 /**
1053 * Parse Smilies
1054 */
1055 function smilies($max_smilies = 0)
1056 {
1057 global $db, $user, $phpbb_root_path;
1058 static $match;
1059 static $replace;
1060
1061 // See if the static arrays have already been filled on an earlier invocation
1062 if (!is_array($match))
1063 {
1064 $match = $replace = array();
1065
1066 // NOTE: obtain_* function? chaching the table contents?
1067
1068 // For now setting the ttl to 10 minutes
1069 switch (SQL_LAYER)
1070 {
1071 case 'mssql':
1072 case 'mssql_odbc':
1073 $sql = 'SELECT *
1074 FROM ' . SMILIES_TABLE . '
1075 ORDER BY LEN(code) DESC';
1076 break;
1077
1078 case 'firebird':
1079 $sql = 'SELECT *
1080 FROM ' . SMILIES_TABLE . '
1081 ORDER BY STRLEN(code) DESC';
1082 break;
1083
1084 // LENGTH supported by MySQL, IBM DB2, Oracle and Access for sure...
1085 default:
1086 $sql = 'SELECT *
1087 FROM ' . SMILIES_TABLE . '
1088 ORDER BY LENGTH(code) DESC';
1089 break;
1090 }
1091 $result = $db->sql_query($sql, 600);
1092
1093 while ($row = $db->sql_fetchrow($result))
1094 {
1095 // (assertion)
1096 $match[] = '#(?<=^|[\n ]|\.)' . preg_quote($row['code'], '#') . '#';
1097 $replace[] = '<!-- s' . $row['code'] . ' --><img src="{SMILIES_PATH}/' . $row['smiley_url'] . '" border="0" alt="' . $row['emotion'] . '" title="' . $row['emotion'] . '" /><!-- s' . $row['code'] . ' -->';
1098 }
1099 $db->sql_freeresult($result);
1100 }
1101
1102 if (sizeof($match))
1103 {
1104 if ($max_smilies)
1105 {
1106 $num_matches = preg_match_all('#' . str_replace('#', '', implode('|', $match)) . '#', $this->message, $matches);
1107 unset($matches);
1108
1109 if ($num_matches !== false && $num_matches > $max_smilies)
1110 {
1111 $this->warn_msg[] = sprintf($user->lang['TOO_MANY_SMILIES'], $max_smilies);
1112 return;
1113 }
1114 }
1115 $this->message = trim(preg_replace($match, $replace, $this->message));
1116 }
1117 }
1118
1119 /**
1120 * Parse Attachments
1121 */
1122 function parse_attachments($form_name, $mode, $forum_id, $submit, $preview, $refresh, $is_message = false)
1123 {
1124 global $config, $auth, $user, $phpbb_root_path, $phpEx;
1125
1126 $error = array();
1127
1128 $num_attachments = sizeof($this->attachment_data);
1129 $this->filename_data['filecomment'] = request_var('filecomment', '', true);
1130 $upload_file = (isset($_FILES[$form_name]) && $_FILES[$form_name]['name'] != 'none' && trim($_FILES[$form_name]['name'])) ? true : false;
1131
1132 $add_file = (isset($_POST['add_file'])) ? true : false;
1133 $delete_file = (isset($_POST['delete_file'])) ? true : false;
1134 $edit_comment = (isset($_POST['edit_comment'])) ? true : false;
1135
1136 $cfg = array();
1137 $cfg['max_attachments'] = ($is_message) ? $config['max_attachments_pm'] : $config['max_attachments'];
1138 $forum_id = ($is_message) ? 0 : $forum_id;
1139
1140 if ($submit && in_array($mode, array('post', 'reply', 'quote', 'edit')) && $upload_file)
1141 {
1142 if ($num_attachments < $cfg['max_attachments'] || $auth->acl_get('a_') || $auth->acl_get('m_', $forum_id))
1143 {
1144 $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message);
1145 $error = $filedata['error'];
1146
1147 if ($filedata['post_attach'] && !sizeof($error))
1148 {
1149 $new_entry = array(
1150 'physical_filename' => $filedata['physical_filename'],
1151 'comment' => $this->filename_data['filecomment'],
1152 'real_filename' => $filedata['real_filename'],
1153 'extension' => $filedata['extension'],
1154 'mimetype' => $filedata['mimetype'],
1155 'filesize' => $filedata['filesize'],
1156 'filetime' => $filedata['filetime'],
1157 'attach_id' => 0,
1158 'thumbnail' => $filedata['thumbnail']
1159 );
1160
1161 $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
1162 $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message);
1163
1164 $this->filename_data['filecomment'] = '';
1165
1166 // This Variable is set to false here, because Attachments are entered into the
1167 // Database in two modes, one if the id_list is 0 and the second one if post_attach is true
1168 // Since post_attach is automatically switched to true if an Attachment got added to the filesystem,
1169 // but we are assigning an id of 0 here, we have to reset the post_attach variable to false.
1170 //
1171 // This is very relevant, because it could happen that the post got not submitted, but we do not
1172 // know this circumstance here. We could be at the posting page or we could be redirected to the entered
1173 // post. :)
1174 $filedata['post_attach'] = false;
1175 }
1176 }
1177 else
1178 {
1179 $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']);
1180 }
1181 }
1182
1183 if ($preview || $refresh || sizeof($error))
1184 {
1185 // Perform actions on temporary attachments
1186 if ($delete_file)
1187 {
1188 include_once($phpbb_root_path . 'includes/functions_admin.' . $phpEx);
1189
1190 $index = (int) key($_POST['delete_file']);
1191
1192 // delete selected attachment
1193 if (!$this->attachment_data[$index]['attach_id'])
1194 {
1195 phpbb_unlink($this->attachment_data[$index]['physical_filename'], 'file');
1196
1197 if ($this->attachment_data[$index]['thumbnail'])
1198 {
1199 phpbb_unlink($this->attachment_data[$index]['physical_filename'], 'thumbnail');
1200 }
1201 }
1202 else
1203 {
1204 delete_attachments('attach', array(intval($this->attachment_data[$index]['attach_id'])));
1205 }
1206
1207 unset($this->attachment_data[$index]);
1208 $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "(\\1 == \$index) ? '' : ((\\1 > \$index) ? '[attachment=' . (\\1 - 1) . ']\\2[/attachment]' : '\\0')", $this->message);
1209
1210 // Reindex Array
1211 $this->attachment_data = array_values($this->attachment_data);
1212 }
1213 else if ($edit_comment || $add_file || $preview)
1214 {
1215 if ($edit_comment)
1216 {
1217 $actual_comment_list = request_var('comment_list', array(''), true);
1218
1219 $edit_comment = request_var('edit_comment', array(0 => ''));
1220 $edit_comment = key($edit_comment);
1221 $this->attachment_data[$edit_comment]['comment'] = $actual_comment_list[$edit_comment];
1222 }
1223
1224 if (($add_file || $preview) && $upload_file)
1225 {
1226 if ($num_attachments < $cfg['max_attachments'] || $auth->acl_gets('m_', 'a_'))
1227 {
1228 $filedata = upload_attachment($form_name, $forum_id, false, '', $is_message);
1229 $error = array_merge($error, $filedata['error']);
1230
1231 if (!sizeof($error))
1232 {
1233 $new_entry = array(
1234 'physical_filename' => $filedata['physical_filename'],
1235 'comment' => $this->filename_data['filecomment'],
1236 'real_filename' => $filedata['real_filename'],
1237 'extension' => $filedata['extension'],
1238 'mimetype' => $filedata['mimetype'],
1239 'filesize' => $filedata['filesize'],
1240 'filetime' => $filedata['filetime'],
1241 'attach_id' => 0,
1242 'thumbnail' => $filedata['thumbnail']
1243 );
1244
1245 $this->attachment_data = array_merge(array(0 => $new_entry), $this->attachment_data);
1246 $this->message = preg_replace('#\[attachment=([0-9]+)\](.*?)\[\/attachment\]#e', "'[attachment='.(\\1 + 1).']\\2[/attachment]'", $this->message);
1247 $this->filename_data['filecomment'] = '';
1248 }
1249 }
1250 else
1251 {
1252 $error[] = sprintf($user->lang['TOO_MANY_ATTACHMENTS'], $cfg['max_attachments']);
1253 }
1254 }
1255 }
1256 }
1257
1258 foreach ($error as $error_msg)
1259 {
1260 $this->warn_msg[] = $error_msg;
1261 }
1262 }
1263
1264 /**
1265 * Get Attachment Data
1266 */
1267 function get_submitted_attachment_data($check_user_id = false)
1268 {
1269 global $user, $db, $phpbb_root_path, $phpEx, $config;
1270
1271 $this->filename_data['filecomment'] = request_var('filecomment', '', true);
1272 $this->attachment_data = (isset($_POST['attachment_data'])) ? $_POST['attachment_data'] : array();
1273
1274 $check_user_id = ($check_user_id === false) ? $user->data['user_id'] : $check_user_id;
1275
1276 // Regenerate data array...
1277 $attach_ids = $filenames = array();
1278
1279 foreach ($this->attachment_data as $pos => $var_ary)
1280 {
1281 if ($var_ary['attach_id'])
1282 {
1283 $attach_ids[(int) $this->attachment_data[$pos]['attach_id']] = $pos;
1284 }
1285 else
1286 {
1287 $filenames[$pos] = '';
1288 set_var($filenames[$pos], $this->attachment_data[$pos]['physical_filename'], 'string');
1289 $filenames[$pos] = basename($filenames[$pos]);
1290 }
1291 }
1292
1293 $this->attachment_data = array();
1294
1295 // Regenerate already posted attachments...
1296 if (sizeof($attach_ids))
1297 {
1298 // Get the data from the attachments
1299 $sql = 'SELECT attach_id, physical_filename, real_filename, extension, mimetype, filesize, filetime, thumbnail
1300 FROM ' . ATTACHMENTS_TABLE . '
1301 WHERE attach_id IN (' . implode(', ', array_keys($attach_ids)) . ')
1302 AND poster_id = ' . $check_user_id;
1303 $result = $db->sql_query($sql);
1304
1305 while ($row = $db->sql_fetchrow($result))
1306 {
1307 if (isset($attach_ids[$row['attach_id']]))
1308 {
1309 $pos = $attach_ids[$row['attach_id']];
1310 $this->attachment_data[$pos] = $row;
1311 set_var($this->attachment_data[$pos]['comment'], $_POST['attachment_data'][$pos]['comment'], 'string', true);
1312
1313 unset($attach_ids[$row['attach_id']]);
1314 }
1315 }
1316 $db->sql_freeresult($result);
1317
1318 if (sizeof($attach_ids))
1319 {
1320 trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
1321 }
1322 }
1323
1324 // Regenerate newly uploaded attachments
1325 if (sizeof($filenames))
1326 {
1327 include_once($phpbb_root_path . 'includes/functions_upload.' . $phpEx);
1328
1329 $sql = 'SELECT attach_id
1330 FROM ' . ATTACHMENTS_TABLE . "
1331 WHERE LOWER(physical_filename) IN ('" . implode("', '", array_map('strtolower', $filenames)) . "')";
1332 $result = $db->sql_query_limit($sql, 1);
1333 $row = $db->sql_fetchrow($result);
1334 $db->sql_freeresult($result);
1335
1336 if ($row)
1337 {
1338 trigger_error($user->lang['NO_ACCESS_ATTACHMENT'], E_USER_ERROR);
1339 }
1340
1341 foreach ($filenames as $pos => $physical_filename)
1342 {
1343 $this->attachment_data[$pos] = array(
1344 'physical_filename' => $physical_filename,
1345 'extension' => strtolower(filespec::get_extension($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename)),
1346 'filesize' => filespec::get_filesize($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename),
1347 'attach_id' => 0,
1348 'thumbnail' => (file_exists($phpbb_root_path . $config['upload_path'] . '/thumb_' . $physical_filename)) ? 1 : 0,
1349 );
1350
1351 set_var($this->attachment_data[$pos]['comment'], $_POST['attachment_data'][$pos]['comment'], 'string', true);
1352 set_var($this->attachment_data[$pos]['real_filename'], $_POST['attachment_data'][$pos]['real_filename'], 'string', true);
1353 set_var($this->attachment_data[$pos]['filetime'], $_POST['attachment_data'][$pos]['filetime'], 'int');
1354
1355 if (strpos($_POST['attachment_data'][$pos]['mimetype'], 'image/') !== false)
1356 {
1357 set_var($this->attachment_data[$pos]['mimetype'], $_POST['attachment_data'][$pos]['mimetype'], 'string');
1358 }
1359 else
1360 {
1361 $this->attachment_data[$pos]['mimetype'] = filespec::get_mimetype($phpbb_root_path . $config['upload_path'] . '/' . $physical_filename);
1362 }
1363 }
1364 }
1365 }
1366
1367 /**
1368 * Parse Poll
1369 */
1370 function parse_poll(&$poll)
1371 {
1372 global $auth, $user, $config;
1373
1374 $poll_max_options = $poll['poll_max_options'];
1375
1376 // Parse Poll Option text ;)
1377 $tmp_message = $this->message;
1378 $this->message = $poll['poll_option_text'];
1379 $bbcode_bitfield = $this->bbcode_bitfield;
1380
1381 $poll['poll_option_text'] = $this->parse($poll['enable_bbcode'], $poll['enable_urls'], $poll['enable_smilies'], $poll['img_status'], false, false, false);
1382
1383 $this->bbcode_bitfield |= $bbcode_bitfield;
1384 $this->message = $tmp_message;
1385
1386 // Parse Poll Title
1387 $tmp_message = $this->message;
1388 $this->message = $poll['poll_title'];
1389 $bbcode_bitfield = $this->bbcode_bitfield;
1390
1391 $poll['poll_title'] = $this->parse($poll['enable_bbcode'], $poll['enable_urls'], $poll['enable_smilies'], $poll['img_status'], false, false, false);
1392
1393 $this->bbcode_bitfield |= $bbcode_bitfield;
1394 $this->message = $tmp_message;
1395
1396 unset($tmp_message);
1397
1398 $poll['poll_options'] = explode("\n", trim($poll['poll_option_text']));
1399 $poll['poll_options_size'] = sizeof($poll['poll_options']);
1400
1401 if (sizeof($poll['poll_options']) == 1)
1402 {
1403 $this->warn_msg[] = $user->lang['TOO_FEW_POLL_OPTIONS'];
1404 }
1405 else if ($poll['poll_options_size'] > (int) $config['max_poll_options'])
1406 {
1407 $this->warn_msg[] = $user->lang['TOO_MANY_POLL_OPTIONS'];
1408 }
1409 else if ($poll_max_options > $poll['poll_options_size'])
1410 {
1411 $this->warn_msg[] = $user->lang['TOO_MANY_USER_OPTIONS'];
1412 }
1413
1414 if (!$poll['poll_title'] && $poll['poll_options_size'])
1415 {
1416 $this->warn_msg[] = $user->lang['NO_POLL_TITLE'];
1417 }
1418
1419 $poll['poll_max_options'] = ($poll['poll_max_options'] < 1) ? 1 : (($poll['poll_max_options'] > $config['max_poll_options']) ? $config['max_poll_options'] : $poll['poll_max_options']);
1420 }
1421 }
1422
1423 ?>
phpbb is a php-based BBS (buletin board system)