lifetype-1.2/class/data/textfilter.class.php

00001 <?php
00002 
00011         lt_include( PLOG_CLASS_PATH."class/data/stringutils.class.php" );
00012         
00017         define( 'URLIZE_WORD_SEPARATOR_DEFAULT', '_' ); 
00018 
00025         class TextFilter  
00026         {
00027 
00028                 var $htmlAllowedTags;
00029 
00033                 function TextFilter()
00034                 {
00035             lt_include( PLOG_CLASS_PATH."class/config/config.class.php" );
00036                         $config =& Config::getConfig();
00037                         $this->htmlAllowedTags = $config->getValue( "html_allowed_tags_in_comments" );
00038                 }
00039 
00048         function filterJavaScript( $text )
00049         {
00050                 // convert text first, to get "hidden" javascript
00051             $text = Textfilter::htmlDecode($text);
00052             
00053                 // Strip all of the Javascript in script tags out...
00054                 $text = preg_replace('/<SCRIPT.*?<\/SCRIPT>/ims',"",$text);
00055 
00057                 /* The following matches any on* events, followed by any amount of space, a
00058                  *' or " some script and then the matching ' or " (the \\2 matches the
00059                  *single or double quote).  Note that this regex is
00060                  * in single quotes to alleviate the problem of double quoting special
00061                  * chars, otherwise the backreferenced 2 would be \\\\2
00062                  * -- which is just silly...
00063                                  */
00064                 $text = preg_replace('/on(Load|Click|DblClick|DragStart|KeyDown|KeyPress|KeyUp|MouseDown|MouseMove|MouseOut|MouseOver|SelectStart|Blur|Focus|Scroll|Select|Unload|Change|Submit)\s*=\s*(\'|").*?\\2/smi',"",$text);
00065                 
00066                 $text = preg_replace('/(\'|")Javascript:.*?\\1/smi','',$text);
00067 
00068                 return $text;
00069         }
00070 
00080         function filterHTML( $string )
00081         {
00082                         $tmp = strip_tags( $string, $this->htmlAllowedTags );
00083                         // y luego eliminamos el javascript
00084                         $filteredString = $this->filterJavaScript( $tmp );
00085 
00086                         return $filteredString;
00087         }
00088 
00097         function filterAllHTML( $string )
00098         {
00099                         $tmp = strip_tags( $string );
00100                         // y luego eliminamos el javascript
00101                         $filteredString = Textfilter::filterJavaScript( $tmp );
00102 
00103                         return( trim($filteredString));
00104         }
00105 
00112                 function filterHTMLEntities( $string )
00113                 {
00114                         return htmlentities( $string );
00115                 }
00116 
00122                 function filterXMLEntities( $string )
00123                 {
00124                         return $this->filterHTMLEntities($string);
00125                 }
00126                 
00134                 function filterCharacters( $string, $characters = Array()) 
00135                 {
00136                         foreach( $characters as $char ) {
00137                                 $string = str_replace( $char, "", $string );
00138                         }
00139                         
00140                         return $string;
00141                 }
00142                 
00148         function texturize($text)
00149         {
00150             $textarr = preg_split("/(<.*>)/U", $text, -1, PREG_SPLIT_DELIM_CAPTURE); // capture the tags as well as in between
00151             $stop = count($textarr); $next = true; // loop stuff
00152             for ($i = 0; $i < $stop; $i++) {
00153                 $curl = $textarr[$i];
00154                 if (!strstr($_SERVER['HTTP_USER_AGENT'], 'Gecko')) {
00155                         $curl = str_replace('<q>', '&#8220;', $curl);
00156                     $curl = str_replace('</q>', '&#8221;', $curl);
00157                 }
00158                 if ('<' != $curl{0} && $next) { // If it's not a tag
00159                         $curl = str_replace('---', '&#8212;', $curl);
00160                     $curl = str_replace('--', '&#8211;', $curl);
00161                     $curl = str_replace("...", '&#8230;', $curl);
00162                     $curl = str_replace('``', '&#8220;', $curl);
00163 
00164                     $curl = preg_replace("/'s/", "&#8217;s", $curl);
00165                     $curl = preg_replace("/'(\d\d(?:&#8217;|')?s)/", "&#8217;$1", $curl);
00166                     $curl = preg_replace('/(\s|\A|")\'/', '$1&#8216;', $curl);
00167                     $curl = preg_replace("/(\d+)\"/", "$1&Prime;", $curl);
00168                     $curl = preg_replace("/(\d+)'/", "$1&prime;", $curl);
00169                     $curl = preg_replace("/(\S)'([^'\s])/", "$1&#8217;$2", $curl);
00170                     $curl = preg_replace('/"([\s.]|\Z)/', '&#8221;$1', $curl);
00171                     $curl = preg_replace('/(\s|\A)"/', '$1&#8220;', $curl);
00172                     $curl = preg_replace("/'([\s.]|\Z)/", '&#8217;$1', $curl);
00173                     $curl = preg_replace("/\(tm\)/i", '&#8482;', $curl);
00174                     $curl = preg_replace("/\(c\)/i", '&#169;', $curl);
00175                     $curl = preg_replace("/\(r\)/i", '&#174;', $curl);
00176 
00177                     $curl = str_replace("''", '&#8221;', $curl);
00178                     $curl = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&#038;$1', $curl);
00179 
00180                     $curl = preg_replace('/(d+)x(\d+)/', "$1&#215;$2", $curl);
00181                } elseif (strstr($curl, '<code') || strstr($curl, '<pre') || strstr($curl, '<kbd' || strstr($curl, '<style') || strstr($curl, '<script'))) {
00182                         // strstr is fast
00183                         $next = false;
00184                   } else {
00185                         $next = true;
00186                   }
00187                   $output .= $curl;
00188         }
00189 
00190         return $output;
00191         }
00192 
00202                 function autoP($pee, $br=1)
00203         {
00204                         $pee = preg_replace("/(\r\n|\n|\r)/", "\n", $pee); // cross-platform newline
00205             $pee = preg_replace("/\n\n+/", "\n\n", $pee); // take care of duplicates
00206                 $pee = preg_replace('/\n?(.+?)(\n\n|\z)/s', "<p>$1</p>\n", $pee); // make paragraphs, including one at the end
00207                 $pee = preg_replace('/<p>(<(?:table|[ou]l|pre|select|form|blockquote)>)/', "$1", $pee);
00208                 $pee = preg_replace('!(</?(?:table|[ou]l|pre|select|form|blockquote)>)</p>!', "$1", $pee);
00209                 if ($br) $pee = preg_replace('|(?<!</p>)\s*\n|', "<br />\n", $pee); // optionally make line breaks
00210                 $pee = preg_replace('!(</(?:table|[ou]l|pre|select|form|blockquote)>)<br />!', "$1", $pee);
00211                 $pee = str_replace('<p><p>', '<p>', $pee);
00212                 $pee = str_replace('</p></p>', '</p>', $pee);
00213 
00214                 return $pee;
00215                 }
00216                 
00229                 function htmlDecode( $htmlString, $quote_style = ENT_QUOTES )
00230                 {
00231             // replace numeric entities
00232             $htmlString = preg_replace('~&#x([0-9a-f]+);~ei', 'chr(hexdec("\\1"))', $htmlString);
00233             $htmlString = preg_replace('~&#([0-9]+);~e', 'chr(\\1)', $htmlString);
00234             // get the entity translation table from PHP (current encoding is ISO-8859-1)
00235             $trans_table = get_html_translation_table( HTML_ENTITIES, $quote_style );
00236             // when we want to decode the input string to normalized string, there are two factors 
00237             // we need to take into consideration:
00238             //  - Input string encoding
00239             //  - MySQL default-character-set encoding
00240             // No matter what input string encoding does, the normalized text saved to MySQL should 
00241             // follow MySQL data validation. If we don't follow the constraint, then MySQL will raise 
00242             // an error for us. (It only happend in MySQL5 strict mode)
00243             // Therefore, we need to check the db_character_set in our config file to see we should
00244             // use the UTF-8 translation table or ISO-8859-1 translation table
00245             // This should fixed the CJK/UTF-8 characters break by Jon's original modification.
00246             //
00247             // If possible, I really hope we can accept UTF-8 encoding only, it will make our life easier.
00248             lt_include( PLOG_CLASS_PATH . "class/config/configfilestorage.class.php" );
00249                         $config = new ConfigFileStorage();
00250                         if( $config->getValue( 'db_character_set' ) == 'utf8' ) {
00251                                 // Convert the ISO-8859-1 translation table to UTF-8
00252                                 foreach ( $trans_table as $key => $value ){
00253                                         $new_trans_table[$value] = utf8_encode( $key );
00254                                 }
00255                         } else {
00256                                 // Keep original ISO-8859-1 translation table, just flip it
00257                 $new_trans_table = array_flip($trans_table);
00258                         }
00259             return strtr( $htmlString, $new_trans_table );
00260                 } 
00261                 
00274                 function normalizeText( $text )
00275                 {
00276                           lt_include( PLOG_CLASS_PATH."class/dao/article.class.php" ); // because of the POST_EXTENDED_TEXT_MODIFIER constant
00277                       // remove all html code
00278                       $result = TextFilter::filterAllHtml( $text );
00279                       // remove the "extended post modifier"
00280                       $result = str_replace( POST_EXTENDED_TEXT_MODIFIER, "", $result );
00281                       // put all the html entities back to what they should be
00282                       $result = TextFilter::htmlDecode( $result );
00283                       // and remove everything which is not letters or numbers
00284                       $result = ereg_replace( "/[^A-Za-z0-9_]/", " ", $result );
00285                       // finally, remove the unnecessary spaces
00286                       $result = preg_replace( "/ +/", " ", $result );
00287                       
00288                       return $result;
00289                 }
00290                 
00309         function balanceTags($text, $is_comment = 0) 
00310         {        
00311             $tagstack = array(); $stacksize = 0; $tagqueue = ''; $newtext = '';
00312         
00313             # WP bug fix for comments - in case you REALLY meant to type '< !--'
00314             $text = str_replace('< !--', '<    !--', $text);
00315             # WP bug fix for LOVE <3 (and other situations with '<' before a number)
00316             $text = preg_replace('#<([0-9]{1})#', '&lt;$1', $text);
00317         
00318             while (preg_match("/<(\/?\w*)\s*([^>]*)>/",$text,$regex)) {
00319                 $newtext .= $tagqueue;
00320         
00321                 $i = strpos($text,$regex[0]);
00322                 $l = strlen($regex[0]);
00323         
00324                 // clear the shifter
00325                 $tagqueue = '';
00326                 // Pop or Push
00327                 if ($regex[1][0] == "/") { // End Tag
00328                     $tag = strtolower(substr($regex[1],1));
00329                     // if too many closing tags
00330                     if($stacksize <= 0) { 
00331                         $tag = '';
00332                         //or close to be safe $tag = '/' . $tag;
00333                     }
00334                     // if stacktop value = tag close value then pop
00335                     else if ($tagstack[$stacksize - 1] == $tag) { // found closing tag
00336                         $tag = '</' . $tag . '>'; // Close Tag
00337                         // Pop
00338                         array_pop ($tagstack);
00339                         $stacksize--;
00340                     } else { // closing tag not at top, search for it
00341                         for ($j=$stacksize-1;$j>=0;$j--) {
00342                             if ($tagstack[$j] == $tag) {
00343                             // add tag to tagqueue
00344                                 for ($k=$stacksize-1;$k>=$j;$k--){
00345                                     $tagqueue .= '</' . array_pop ($tagstack) . '>';
00346                                     $stacksize--;
00347                                 }
00348                                 break;
00349                             }
00350                         }
00351                         $tag = '';
00352                     }
00353                 } else { // Begin Tag
00354                     $tag = strtolower($regex[1]);
00355         
00356                     // Tag Cleaning
00357         
00358                     // If self-closing or '', don't do anything.
00359                     if((substr($regex[2],-1) == '/') || ($tag == '')) {
00360                     }
00361                     // ElseIf it's a known single-entity tag but it doesn't close itself, do so
00362                     elseif ($tag == 'br' || $tag == 'img' || $tag == 'hr' || $tag == 'input') {
00363                         $regex[2] .= '/';
00364                     } else {    // Push the tag onto the stack
00365                         // If the top of the stack is the same as the tag we want to push, close previous tag
00366                         if (($stacksize > 0) && ($tag != 'div') && ($tagstack[$stacksize - 1] == $tag)) {
00367                             $tagqueue = '</' . array_pop ($tagstack) . '>';
00368                             $stacksize--;
00369                         }
00370                         $stacksize = array_push ($tagstack, $tag);
00371                     }
00372         
00373                     // Attributes
00374                     $attributes = $regex[2];
00375                     if($attributes) {
00376                         $attributes = ' '.$attributes;
00377                     }
00378                     $tag = '<'.$tag.$attributes.'>';
00379                     //If already queuing a close tag, then put this tag on, too
00380                     if ($tagqueue) {
00381                         $tagqueue .= $tag;
00382                         $tag = '';
00383                     }
00384                 }
00385                 $newtext .= substr($text,0,$i) . $tag;
00386                 $text = substr($text,$i+$l);
00387             }  
00388         
00389             // Clear Tag Queue
00390             $newtext .= $tagqueue;
00391         
00392             // Add Remaining text
00393             $newtext .= $text;
00394         
00395             // Empty Stack
00396             while($x = array_pop($tagstack)) {
00397                 $newtext .= '</' . $x . '>'; // Add remaining tags to close
00398             }
00399         
00400             // WP fix for the bug with HTML comments
00401             $newtext = str_replace("< !--","<!--",$newtext);
00402             $newtext = str_replace("<    !--","< !--",$newtext);
00403         
00404             return $newtext;
00405         }
00406         
00418         function urlize( $string, $domainize = false )
00419         {
00420             lt_include( PLOG_CLASS_PATH."class/config/config.class.php" );
00421                         $config =& Config::getConfig();
00422             $separator = $config->getValue( "urlize_word_separator", URLIZE_WORD_SEPARATOR_DEFAULT );
00423 
00424             // remove unnecessary spaces and make everything lower case
00425                     $string = preg_replace( "/ +/", " ", strtolower($string) );
00426 
00427             // removing a set of reserved characters (rfc2396: ; / ? : @ & = + $ ,)
00428             $string = str_replace(array(';','/','?',':','@','&','=','+','$',','),
00429                                   $separator, $string);
00430 
00431             // replace some characters to similar ones
00432             $search  = array(' ', 'ä', 'ö', 'ü','é','è','à','ç', 'à', 'è', 'ì',
00433                              'ò', 'ù', 'á', 'é', 'í', 'ó', 'ú', 'ë', 'ï' );
00434             $replace = array( $separator, 'a','o','u','e','e','a','c', 'a', 'e', 'i',
00435                               'o', 'u', 'a', 'e', 'i', 'o', 'u', 'e', 'i' );
00436             if($domainize){
00437                     // domains shouldn't have underscores, and we'll convert
00438                     // hyphens to the user-customizable $separator to be
00439                     // consistent
00440                 $search[] = '-';
00441                 $search[] = '_';
00442                 $replace[] = $separator;
00443                 $replace[] = $separator;
00444             }
00445             $string = str_replace($search, $replace, $string);
00446             
00447                 // and everything that is still left that hasn't been
00448                 // replaced/encoded, throw it away
00449                 // NOTE: need double backslash to pass the escape to preg_replace
00450             $good_characters = "a-z0-9.\\".$separator;
00451             if(!$domainize){
00452                 $good_characters .= "_\\-";
00453             }
00454             $string = preg_replace( '/[^'.$good_characters.']/', '', $string );        
00455             
00456                 // remove doubled separators
00457             $string = preg_replace("/[".$separator."]+/", $separator, $string);
00458                 // remove starting and trailing separator chars
00459             $string = trim($string, $separator);
00460             if($domainize){
00461                 // remove trailing dots - LT will add them back in if appropriate
00462                 $string = trim($string, ".");
00463             }
00464             
00465             return $string;            
00466         }
00467                 
00483         function domainize( $string )
00484         {
00485             return Textfilter::urlize($string, true);
00486         }
00487 
00497                 function xhtmlize( $string )
00498                 {
00499                       // use kses in the "xhtml converter" mode
00500             lt_include( PLOG_CLASS_PATH."class/config/config.class.php" );
00501             $config =& Config::getConfig();
00502             if( $config->getValue( "xhtml_converter_enabled" )) {
00503                 lt_include( PLOG_CLASS_PATH."class/data/kses.class.php" );                    
00504                 $kses = new kses( true, $config->getValue( "xhtml_converter_aggresive_mode_enabled"));
00505                 $result = $kses->Parse( $string );
00506                 
00507                     // if balanceTags wasn't broken, we could use it...
00508                     //$result = Textfilter::balanceTags( $result );                       
00509             }
00510             else
00511                 $result = $string;
00512             
00513             return $result;
00514                 }
00515 
00516 
00525         function slugify( $string ){
00526             lt_include( PLOG_CLASS_PATH."class/config/config.class.php" );
00527             lt_include( PLOG_CLASS_PATH.'class/net/linkparser.class.php' );
00528 
00529                         $config =& Config::getConfig();
00530             $separator = $config->getValue( "urlize_word_separator", URLIZE_WORD_SEPARATOR_DEFAULT );
00531                 // remove characters not allowed by the link parser
00532             $lp = new LinkParser("");
00533             $regexp = $lp->getValidTag("{postname}");
00534             $start_bracket = strpos($regexp, "[");
00535             $end_bracket = strrpos($regexp, "]");
00536             $validChars = false;
00537             if($start_bracket !== false && $end_bracket !== false){
00538                 $validChars = substr($regexp, $start_bracket+1,
00539                                      $end_bracket-$start_bracket-1);
00540             }
00541                 // link format doesn't contain brackets, or is not what we
00542                 // were expecting using default
00543             if($validChars === false){
00544                 $validChars = "_0-9a-zA-Z.-";
00545             }
00546                 // remove "bad" characters
00547             $string = preg_replace("/[^".$validChars."]/", $separator, strip_tags(Textfilter::htmlDecode($string)));
00548                 // remove doubled separators
00549             $string = preg_replace("/[".$separator."]+/", $separator, $string);
00550                 // remove starting and trailing separator chars
00551             $string = trim($string, $separator);
00552                                 // and convert to lowercase
00553                         $string = strtolower( $string );
00554 
00555             return $string;
00556                 }
00557 
00558 
00559         function recursiveStripSlashes($obj){
00560             foreach($obj as $key => $value){
00561                 if(is_array($value)){
00562                     $obj[$key] = Textfilter::recursiveStripSlashes($value);
00563                 }
00564                 else{
00565                     $obj[$key] = stripslashes($value);
00566                 }
00567             }
00568             return $obj;
00569         }
00570             
00571         
00575                 function checkboxToBoolean( $value )
00576                 {
00577                         if( $value == "1" || $value == "on" )
00578                                 return true;
00579                         else
00580                                 return false;
00581                 }
00582     }
00583 ?>