Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkewebvumi.com/lib/ |
<?php
class class_post_parser {
var $image_count =0;
var $emoticon_count = 0;
function convert($txt){
global $CORE, $DB;
$txt = preg_replace("/&#([0-9]+);/s", "&#\\1;", $txt );
// Remove session id's from any post
$txt = preg_replace( "#(\?|&|;|&)s=([0-9a-zA-Z]){32}(&|;|&|$)?#e", "\$this->regex_bash_session('\\1', '\\3')", $txt );
//start BBCODE
// Do [code] tag
$txt = preg_replace( "#\[code\](.+?)\[/code\]#ies", "\$this->regex_code_tag( '\\1' )", $txt );
// Do [QUOTE(name,date)] tags
$txt = preg_replace( "#(\[quote(.+?)?\].*\[/quote\])#ies" , "\$this->regex_parse_quotes('\\1')" , $txt );
// email tags
// Do [IMG] [FLASH] tags
$txt = preg_replace( "#\[img\](.+?)\[/img\]#ie" , "\$this->regex_check_image('\\1')" , $txt );
$txt = preg_replace( "#(\[flash=)(\S+?)(\,)(\S+?)(\])(\S+?)(\[\/flash\])#ie", "\$this->regex_check_flash('\\2','\\4','\\6')", $txt );
$txt = preg_replace( "#\[email\](\S+?)\[/email\]#i" , "<a href=\'mailto:\\1\'>\\1</a>", $txt );
$txt = preg_replace( "#\[email\s*=\s*\"\;([\.\w\-]+\@[\.\w\-]+\.[\.\w\-]+)\s*\"\;\s*\](.*?)\[\/email\]#i" , "<a href=\'mailto:\\1\'>\\2</a>", $txt );
$txt = preg_replace( "#\[email\s*=\s*([\.\w\-]+\@[\.\w\-]+\.[\w\-]+)\s*\](.*?)\[\/email\]#i" , "<a href=\'mailto:\\1\'>\\2</a>", $txt );
// url tags
$txt = preg_replace( "#\[url\](\S+?)\[/url\]#ie" , "\$this->regex_build_url(array('html' => '\\1', 'show' => '\\1'))", $txt );
$txt = preg_replace( "#\[url\s*=\s*\"\;\s*(\S+?)\s*\"\;\s*\](.*?)\[\/url\]#ie" , "\$this->regex_build_url(array('html' => '\\1', 'show' => '\\2'))", $txt );
$txt = preg_replace( "#\[url\s*=\s*(\S+?)\s*\](.*?)\[\/url\]#ie" , "\$this->regex_build_url(array('html' => '\\1', 'show' => '\\2'))", $txt );
// Start off with the easy stuff
$txt = preg_replace( "#\[b\](.+?)\[/b\]#is", "<b>\\1</b>", $txt );
$txt = preg_replace( "#\[i\](.+?)\[/i\]#is", "<i>\\1</i>", $txt );
$txt = preg_replace( "#\[u\](.+?)\[/u\]#is", "<u>\\1</u>", $txt );
$txt = preg_replace( "#\[s\](.+?)\[/s\]#is", "<s>\\1</s>", $txt );
//end BBCODE
// font size, colour and font style
// [font=courier]Text here[/font] [size=6]Text here[/size] [color=red]Text here[/color]
while ( preg_match( "#\[size=([^\]]+)\](.+?)\[/size\]#ies", $txt ) )
{
$txt = preg_replace( "#\[size=([^\]]+)\](.+?)\[/size\]#ies" , "\$this->regex_font_attr(array('s'=>'size','1'=>'\\1','2'=>'\\2'))", $txt );
}
while ( preg_match( "#\[font=([^\]]+)\](.*?)\[/font\]#ies", $txt ) )
{
$txt = preg_replace( "#\[font=([^\]]+)\](.*?)\[/font\]#ies" , "\$this->regex_font_attr(array('s'=>'font','1'=>'\\1','2'=>'\\2'))", $txt );
}
while( preg_match( "#\[color=([^\]]+)\](.+?)\[/color\]#ies", $txt ) )
{
$txt = preg_replace( "#\[color=([^\]]+)\](.+?)\[/color\]#ies" , "\$this->regex_font_attr(array('s'=>'col' ,'1'=>'\\1','2'=>'\\2'))", $txt );
}
//emotion start
$txt = ' '.$txt.' ';
$t = $DB->query("SELECT typed,image FROM NNCCMS_emoticons ");
while (($row = $DB->fetch_row($t)) && ($this->emoticon_count<15))
{
$code = $row['typed'];
$image = $row['image'];
$code = preg_quote($code, "/");
$txt = preg_replace( "!(?<=[^\w&;/])$code(?=.\W|\W.|\W$)!ei", "\$this->convert_emoticon('{$code}', '{$image}')", $txt );
}
//end emotion
return $txt;
}
function convert_emoticon($code="", $image="")
{
global $INFO;
if (!$code or !$image) return;
$code = stripslashes($code);
$this->emoticon_count++;
return "<!--emo&".trim($code)."--><img src=\'{$INFO['emo_url']}/{$image}\' border=\'0\' style=\'vertical-align:middle\' alt=\'$image\' /><!--endemo-->";
}
// regex_check_image: Checks, and builds the <img>
// html.
/*-------------------------------------------------------------------------*/
function regex_check_image($url="")
{
global $CORE;
if (!$url) return;
$url = trim($url);
$default = "[img]".$url."[/img]";
++$this->image_count;
//-----------------------------------------
// Make sure we've not overriden the set image # limit
//-----------------------------------------
if ($CORE->vars['max_images'])
{
if ($this->image_count > $CORE->vars['max_images'])
{
$this->error = 'too_many_img';
return $default;
}
}
//-----------------------------------------
// Are they attempting to post a dynamic image, or JS?
//-----------------------------------------
if ($CORE->vars['allow_dynamic_img'] != 1)
{
if (preg_match( "/[?&;]/", $url))
{
$this->error = 'no_dynamic';
return $default;
}
if (preg_match( "/javascript(\:|\s)/i", $url ))
{
$this->error = 'no_dynamic';
return $default;
}
}
//-----------------------------------------
// Is the img extension allowed to be posted?
//-----------------------------------------
if ($CORE->vars['img_ext'])
{
$extension = preg_replace( "#^.*\.(\S+)$#", "\\1", $url );
$extension = strtolower($extension);
if ( (! $extension) OR ( preg_match( "#/#", $extension ) ) )
{
$this->error = 'invalid_ext';
return $default;
}
$CORE->vars['img_ext'] = strtolower($ibforums->vars['img_ext']);
if ( ! preg_match( "/".preg_quote($extension, '/')."(,|$)/", $CORE->vars['img_ext'] ))
{
$this->error = 'invalid_ext';
return $default;
}
}
//-----------------------------------------
// Is it a legitimate image?
//-----------------------------------------
if (!preg_match( "/^(http|https|ftp):\/\//i", $url )) {
$this->error = 'no_dynamic';
return $default;
}
//-----------------------------------------
// If we are still here....
//-----------------------------------------
$url = str_replace( " ", "%20", $url );
return "<img src=\'$url\' border=\'0\' alt=\'user posted image\' />";
}
function regex_font_attr($IN)
{
if (!is_array($IN)) return "";
//-----------------------------------------
// Trim out stoopid 1337 stuff
// [color=black;font-size:500pt;border:orange 50in solid;]hehe[/color]
//-----------------------------------------
if ( preg_match( "/;/", $IN['1'] ) )
{
$attr = explode( ";", $IN['1'] );
$IN['1'] = $attr[0];
}
$IN['1'] = preg_replace( "/[&\(\)\.\%\[\]<>]/", "", $IN['1'] );
if ($IN['s'] == 'size')
{
$IN['1'] = intval($IN['1']) + 7;
if ($IN['1'] > 30)
{
$IN['1'] = 30;
}
return "<span style='font-size:".$IN['1']."pt;line-height:100%'>".$IN['2']."</span>";
}
else if ($IN['s'] == 'col')
{
$IN[1] = preg_replace( "/[^\d\w\#\s]/s", "", $IN[1] );
return "<span style='color:".$IN[1]."'>".$IN['2']."</span>";
}
else if ($IN['s'] == 'font')
{
$IN['1'] = preg_replace( "/[^\d\w\#\-\_\s]/s", "", $IN['1'] );
return "<span style='font-family:".$IN['1']."'>".$IN['2']."</span>";
}
}
function regex_build_url($url=array())
{
$skip_it = 0;
//-----------------------------------------
// Make sure the last character isn't punctuation..
// if it is, remove it and add it to the
// end array
//-----------------------------------------
if ( preg_match( "/([\.,\?]|!)$/", $url['html'], $match) )
{
$url['end'] .= $match[1];
$url['html'] = preg_replace( "/([\.,\?]|!)$/", "", $url['html'] );
$url['show'] = preg_replace( "/([\.,\?]|!)$/", "", $url['show'] );
}
//-----------------------------------------
// Make sure it's not being used in a
// closing code/quote/html or sql block
//-----------------------------------------
if (preg_match( "/\[\/(html|quote|code|sql)/i", $url['html']) )
{
return $url['html'];
}
//-----------------------------------------
// clean up the ampersands / brackets
//-----------------------------------------
$url['html'] = str_replace( "&" , "&" , $url['html'] );
$url['html'] = str_replace( "[" , "%5b" , $url['html'] );
$url['html'] = str_replace( "]" , "%5d" , $url['html'] );
//-----------------------------------------
// Make sure we don't have a JS link
//-----------------------------------------
$url['html'] = preg_replace( "/javascript:/i", "java script: ", $url['html'] );
//-----------------------------------------
// Do we have http:// at the front?
//-----------------------------------------
if ( ! preg_match("#^(http|news|https|ftp|aim)://#", $url['html'] ) )
{
$url['html'] = 'http://'.$url['html'];
}
//-----------------------------------------
// Tidy up the viewable URL
//-----------------------------------------
if (preg_match( "/^<img src/i", $url['show'] )) $skip_it = 1;
$url['show'] = preg_replace( "/&/" , "&" , $url['show'] );
$url['show'] = preg_replace( "/javascript:/i", "javascript: ", $url['show'] );
if ( (strlen($url['show']) -58 ) < 3 ) $skip_it = 1;
//-----------------------------------------
// Make sure it's a "proper" url
//-----------------------------------------
if (!preg_match( "/^(http|ftp|https|news):\/\//i", $url['show'] )) $skip_it = 1;
$show = $url['show'];
if ($skip_it != 1)
{
$stripped = preg_replace( "#^(http|ftp|https|news)://(\S+)$#i", "\\2", $url['show'] );
$uri_type = preg_replace( "#^(http|ftp|https|news)://(\S+)$#i", "\\1", $url['show'] );
$show = $uri_type.'://'.substr( $stripped , 0, 35 ).'...'.substr( $stripped , -15 );
}
return $url['st'] . "<a href=\'".$url['html']."\' target=\'_blank\'>".$show."</a>" . $url['end'];
}
function regex_parse_quotes($the_txt="") {
if ($the_txt == "") return;
$txt = $the_txt;
$txt = str_replace( chr(173).']', ']', $txt );
$this->quote_html = $this->wrap_style('quote');
$txt = preg_replace( "#\[quote\]#ie" , "\$this->regex_simple_quote_tag()" , $txt );
$txt = preg_replace( "#\[quote=([^\],]+?),([^\]]+?)\]#ie" , "\$this->regex_quote_tag('\\1', '\\2')" , $txt );
$txt = preg_replace( "#\[quote=([^\]]+?)\]#ie" , "\$this->regex_quote_tag('\\1', '')" , $txt );
$txt = preg_replace( "#\[/quote\]#ie" , "\$this->regex_close_quote()" , $txt );
$txt = str_replace( "\n", "<br />", $txt );
if ( ($this->quote_open == $this->quote_closed) and ($this->quote_error == 0) )
{
$txt = preg_replace( "#(<!--QuoteEBegin-->.+?<!--QuoteEnd-->)#es", "\$this->regex_preserve_spacing('\\1')", trim($txt) );
return $txt;
}
else
{
return $the_txt;
}
}
function regex_preserve_spacing($txt="")
{
$txt = preg_replace( "#^<!--QuoteEBegin-->(?:<br>|<br />)#", "<!--QuoteEBegin-->", trim($txt) );
$txt = preg_replace( "#\s{2}#", " ", $txt );
return $txt;
}
function regex_close_quote() {
if ($this->quote_open == 0)
{
$this->quote_error++;
return;
}
$this->quote_closed++;
return "<!--QuoteEnd-->{$this->quote_html['END']}<!--QuoteEEnd-->";
}
function regex_quote_tag($name="", $date="")
{
global $CORE;
if ( $date != "" )
{
$default = "\[quote=$name,$date\]";
}
else
{
$default = "\[quote=$name\]";
}
if ( strstr( $name, '<!--c1-->' ) or strstr( $date, '<!--c1-->' ) )
{
//-----------------------------------------
// Code tag detected...
//-----------------------------------------
$this->quote_error++;
return $default;
}
$name = str_replace( "+", "+", $name );
$name = str_replace( "-", "-", $name );
$name = str_replace( '[', "[", $name );
$name = str_replace( ']', "]", $name );
$this->quote_open++;
if ($date == "")
{
$html = $this->wrap_style( 'quote', "($name)");
}
else
{
$html = $this->wrap_style( 'quote', "($name @ $date)" );
}
$extra = "-".$name.'+'.$date;
return "<!--QuoteBegin".$extra."-->{$html['START']}<!--QuoteEBegin-->";
}
function regex_simple_quote_tag()
{
$this->quote_open++;
return "<!--QuoteBegin-->{$this->quote_html['START']}<!--QuoteEBegin-->";
}
function regex_code_tag($txt="")
{
$default = "\[code\]$txt\[/code\]";
if ($txt == "") return;
//-----------------------------------------
// Too many embedded code/quote/html/sql tags can crash Opera and Moz
//-----------------------------------------
if (preg_match( "/\[(quote|code|html|sql)\].+?\[(quote|code|html|sql)\].+?\[(quote|code|html|sql)\].+?\[(quote|code|html|sql)\].+?\[(quote|code|html|sql)\].+?\[(quote|code|html|sql)\].+?\[(quote|code|html|sql)\]/i", $txt) ) {
return $default;
}
//-----------------------------------------
// Take a stab at removing most of the common
// smilie characters.
//-----------------------------------------
//$txt = str_replace( "&" , "&", $txt );
$txt = preg_replace( "#<#" , "<", $txt );
$txt = preg_replace( "#>#" , ">", $txt );
$txt = preg_replace( "#"#" , """, $txt );
$txt = preg_replace( "#:#" , ":", $txt );
$txt = preg_replace( "#\[#" , "[", $txt );
$txt = preg_replace( "#\]#" , "]", $txt );
$txt = preg_replace( "#\)#" , ")", $txt );
$txt = preg_replace( "#\(#" , "(", $txt );
$txt = preg_replace( "#\r#" , "<br />", $txt );
$txt = preg_replace( "#\n#" , "<br />", $txt );
$txt = preg_replace( "#\s{1};#" , ";", $txt );
//-----------------------------------------
// Ensure that spacing is preserved
//-----------------------------------------
$txt = preg_replace( "#\s{2}#", " ", $txt );
$html = $this->wrap_style( 'code' );
return "<!--c1-->{$html['START']}<!--ec1-->$txt<!--c2-->{$html['END']}<!--ec2-->";
}
function wrap_style( $type='quote', $extra="" )
{
global $ibforums;
$used = array(
'quote' => array( 'title' => 'QUOTE', 'css_top' => 'quotetop' , 'css_main' => 'quotemain' ),
'code' => array( 'title' => 'code' , 'css_top' => 'codetop' , 'css_main' => 'codemain' ),
'sql' => array( 'title' => 'SQL' , 'css_top' => 'sqltop' , 'css_main' => 'sqlmain' ),
'html' => array( 'title' => 'HTML' , 'css_top' => 'htmltop' , 'css_main' => 'htmlmain' )
);
return array( 'START' => "<div class=\'{$used[ $type ]['css_top']}\'>{$used[ $type ]['title']}{$extra}</div><div class=\'{$used[ $type ]['css_main']}\'>",
'END' => "</div>"
);
}
function regex_bash_session($start_tok, $end_tok)
{
//-----------------------------------------
// Case 1: index.php?s=0000 :: Return nothing (parses: index.php)
// Case 2: index.php?s=0000&this=1 :: Return ? (parses: index.php?this=1)
// Case 3: index.php?this=1&s=0000 :: Return nothing (parses: index.php?this=1)
// Case 4: index.php?t=1&s=00&y=2 :: Return & (parses: index.php?t=1&y=2)
//-----------------------------------------
$start_tok = str_replace( '&', '&', $start_tok );
$end_tok = str_replace( '&', '&', $end_tok );
//1:
if ($start_tok == '?' and $end_tok == '')
{
return "";
}
//2:
else if ($start_tok == '?' and $end_tok == '&')
{
return '?';
}
//3:
else if ($start_tok == '&' and $end_tok == '')
{
return "";
}
else if ($start_tok == '&' and $end_tok == '&')
{
return "&";
}
else
{
return $start_tok.$end_tok;
}
}
function unconvert($txt="") {
$txt = preg_replace( "#<!--emo&(.+?)-->.+?<!--endemo-->#", "\\1" , $txt );
$txt = preg_replace( "#<!--Flash (.+?)-->.+?<!--End Flash-->#e" , "\$this->unconvert_flash('\\1')", $txt );
$txt = preg_replace( "#<img src=[\"'](\S+?)['\"].+?".">#" , "\[img\]\\1\[/img\]" , $txt );
$txt = preg_replace( "#<a href=[\"']mailto:(.+?)['\"]>(.+?)</a>#" , "\[email=\\1\]\\2\[/email\]" , $txt );
$txt = preg_replace( "#<a href=[\"'](http://|https://|ftp://|news://)?(\S+?)['\"].+?".">(.+?)</a>#" , "\[url=\\1\\2\]\\3\[/url\]" , $txt );
$txt = preg_replace( "#<!--QuoteBegin-->(.+?)<!--QuoteEBegin-->#" , '[quote]' , $txt );
$txt = preg_replace( "#<!--QuoteBegin-{1,2}([^>]+?)\+([^>]+?)-->(.+?)<!--QuoteEBegin-->#" , "[quote=\\1,\\2]" , $txt );
$txt = preg_replace( "#<!--QuoteBegin-{1,2}([^>]+?)\+-->(.+?)<!--QuoteEBegin-->#" , "[quote=\\1]" , $txt );
$txt = preg_replace( "#<!--QuoteEnd-->(.+?)<!--QuoteEEnd-->#" , '[/quote]' , $txt );
$txt = preg_replace( "#<!--c1-->(.+?)<!--ec1-->#", '[code]' , $txt );
$txt = preg_replace( "#<!--c2-->(.+?)<!--ec2-->#", '[/code]' , $txt );
$txt = preg_replace( "#<i>(.+?)</i>#is" , "\[i\]\\1\[/i\]" , $txt );
$txt = preg_replace( "#<b>(.+?)</b>#is" , "\[b\]\\1\[/b\]" , $txt );
$txt = preg_replace( "#<s>(.+?)</s>#is" , "\[s\]\\1\[/s\]" , $txt );
$txt = preg_replace( "#<u>(.+?)</u>#is" , "\[u\]\\1\[/u\]" , $txt );
$txt = preg_replace( "#(\n){0,}<ul>#" , "\\1\[list\]" , $txt );
$txt = preg_replace( "#(\n){0,}<ol type='(a|A|i|I|1)'>#" , "\\1\[list=\\2\]\n" , $txt );
$txt = preg_replace( "#(\n){0,}<li>#" , "\n\[*\]" , $txt );
$txt = preg_replace( "#(\n){0,}</ul>(\n){0,}#", "\n\[/list\]\\2" , $txt );
$txt = preg_replace( "#(\n){0,}</ol>(\n){0,}#", "\n\[/list\]\\2" , $txt );
while ( preg_match( "#<span style=['\"]font-size:(.+?)pt;line-height:100%['\"]>(.+?)</span>#is", $txt ) )
{
$txt = preg_replace( "#<span style=['\"]font-size:(.+?)pt;line-height:100%['\"]>(.+?)</span>#ise" , "\$this->unconvert_size('\\1', '\\2')", $txt );
}
while ( preg_match( "#<span style=['\"]color:(.+?)['\"]>(.+?)</span>#is", $txt ) )
{
$txt = preg_replace( "#<span style=['\"]color:(.+?)['\"]>(.+?)</span>#is" , "\[color=\\1\]\\2\[/color\]", $txt );
}
while ( preg_match( "#<span style=['\"]font-family:(.+?)['\"]>(.+?)</span>#is", $txt ) )
{
$txt = preg_replace( "#<span style=['\"]font-family:(.+?)['\"]>(.+?)</span>#is", "\[font=\\1\]\\2\[/font\]", $txt );
}
// Tidy up the end quote stuff
$txt = preg_replace( "#(\[/QUOTE\])\s*?<br />\s*#si", "\\1\n", $txt );
$txt = preg_replace( "#(\[/QUOTE\])\s*?<br>\s*#si" , "\\1\n", $txt );
$txt = preg_replace( "#<!--EDIT\|.+?\|.+?-->#" , "" , $txt );
$txt = str_replace( "</li>", "", $txt );
$txt = str_replace( "™", "(tm)", $txt );
$txt = str_replace( "<br>" , "\n", $txt );
$txt = str_replace( "<br />", "\n", $txt );
return trim(stripslashes($txt));
}
function unconvert_size($size="", $text="")
{
$size -= 7;
return '[size='.$size.']'.$text.'[/size]';
}
function unconvert_sql($sql="")
{
$sql = stripslashes($sql);
$sql = preg_replace( "#<span style='.+?'>#is", "", $sql );
$sql = str_replace( "</span>" , "", $sql );
$sql = preg_replace( "#\s*$#" , "", $sql );
return '[sql]'.$sql.'[/sql]';
}
function unconvert_flash($flash="")
{
$f_arr = explode( "+", $flash );
return '[flash='.$f_arr[0].','.$f_arr[1].']'.$f_arr[2].'[/flash]';
}
}
?>