From b01daf18c5cc36b69b8595b7e3a3d9d94761bf94 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Thu, 11 Jan 2018 22:29:56 -0500 Subject: [PATCH 1/4] Fix formatting of get_attachment_data() --- include/plaintext.php | 65 +++++++++++++++++++++++++++---------------- 1 file changed, 41 insertions(+), 24 deletions(-) diff --git a/include/plaintext.php b/include/plaintext.php index 86acad6cfe..2f7823a058 100644 --- a/include/plaintext.php +++ b/include/plaintext.php @@ -90,12 +90,13 @@ function get_old_attachment_data($body) { * 'title' -> Title of the attachment * 'description' -> Description of the attachment */ -function get_attachment_data($body) { +function get_attachment_data($body) +{ + $data = []; - $data = array(); - - if (!preg_match("/(.*)\[attachment(.*?)\](.*?)\[\/attachment\](.*)/ism", $body, $match)) + if (!preg_match("/(.*)\[attachment(.*?)\](.*?)\[\/attachment\](.*)/ism", $body, $match)) { return get_old_attachment_data($body); + } $attributes = $match[2]; @@ -103,79 +104,95 @@ function get_attachment_data($body) { $type = ""; preg_match("/type='(.*?)'/ism", $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $type = strtolower($matches[1]); + } preg_match('/type="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $type = strtolower($matches[1]); + } - if ($type == "") - return(array()); + if ($type == "") { + return []; + } - if (!in_array($type, array("link", "audio", "photo", "video"))) - return(array()); + if (!in_array($type, ["link", "audio", "photo", "video"])) { + return []; + } - if ($type != "") + if ($type != "") { $data["type"] = $type; + } $url = ""; preg_match("/url='(.*?)'/ism", $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $url = $matches[1]; + } preg_match('/url="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $url = $matches[1]; + } - if ($url != "") + if ($url != "") { $data["url"] = html_entity_decode($url, ENT_QUOTES, 'UTF-8'); + } $title = ""; preg_match("/title='(.*?)'/ism", $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $title = $matches[1]; + } preg_match('/title="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $title = $matches[1]; + } if ($title != "") { $title = bbcode(html_entity_decode($title, ENT_QUOTES, 'UTF-8'), false, false, true); $title = html_entity_decode($title, ENT_QUOTES, 'UTF-8'); - $title = str_replace(array("[", "]"), array("[", "]"), $title); + $title = str_replace(["[", "]"], ["[", "]"], $title); $data["title"] = $title; } $image = ""; preg_match("/image='(.*?)'/ism", $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $image = $matches[1]; + } preg_match('/image="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $image = $matches[1]; + } - if ($image != "") + if ($image != "") { $data["image"] = html_entity_decode($image, ENT_QUOTES, 'UTF-8'); + } $preview = ""; preg_match("/preview='(.*?)'/ism", $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $preview = $matches[1]; + } preg_match('/preview="(.*?)"/ism', $attributes, $matches); - if ($matches[1] != "") + if (x($matches, 1)) { $preview = $matches[1]; + } - if ($preview != "") + if ($preview != "") { $data["preview"] = html_entity_decode($preview, ENT_QUOTES, 'UTF-8'); + } $data["description"] = trim($match[3]); $data["after"] = trim($match[4]); - return($data); + return $data; } function get_attached_data($body, $item = array()) { From 77c1251d03de8823d27f00c92e40c3227fcdc90a Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Thu, 11 Jan 2018 22:34:02 -0500 Subject: [PATCH 2/4] Fallback to regular attachment display on oembed error --- src/Content/OEmbed.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/src/Content/OEmbed.php b/src/Content/OEmbed.php index 3ab5b4fea8..836f5a2184 100644 --- a/src/Content/OEmbed.php +++ b/src/Content/OEmbed.php @@ -131,14 +131,12 @@ class OEmbed $j->embedurl = $embedurl; // If fetching information doesn't work, then improve via internal functions - if (($j->type == "error") || ($no_rich_type && ($j->type == "rich"))) { + if ($no_rich_type && ($j->type == "rich")) { $data = ParseUrl::getSiteinfoCached($embedurl, true, false); $j->type = $data["type"]; if ($j->type == "photo") { $j->url = $data["url"]; - //$j->width = $data["images"][0]["width"]; - //$j->height = $data["images"][0]["height"]; } if (isset($data["title"])) { From 93355b574d323e67438631bd329e83ab4b0ceae3 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Thu, 11 Jan 2018 22:37:38 -0500 Subject: [PATCH 3/4] Fix attachment display - Move autolink before any potential OEmbed injection - Add original URL attribute to invalid href and src - Add loop to video to enable animated gifs - Add URL domain to link attachments - Hide link attachment description if equals the title - Change attachment span to div to respect block order --- include/bbcode.php | 60 ++++++++++++++++++++++++---------------------- 1 file changed, 32 insertions(+), 28 deletions(-) diff --git a/include/bbcode.php b/include/bbcode.php index d389f302b7..47c4018212 100644 --- a/include/bbcode.php +++ b/include/bbcode.php @@ -82,7 +82,7 @@ function bb_attachment($return, $simplehtml = false, $tryoembed = true) } } catch (Exception $e) { if ($simplehtml != 4) { - $return = sprintf('', $data["type"]); + $return = sprintf('
', $data["type"]); } if ($data["image"] != "") { @@ -97,12 +97,16 @@ function bb_attachment($return, $simplehtml = false, $tryoembed = true) $return .= sprintf('

%s

', $data['url'], $data['title']); } - if (trim($data["description"]) != "") { + if ($data["description"] != "" && $data["description"] != $data["title"]) { $return .= sprintf('
%s
', trim(bbcode($data["description"]))); } + if ($data["type"] == "link") { + $return .= sprintf('
%s
', $data['url'], parse_url($data['url'], PHP_URL_HOST)); + } + if ($simplehtml != 4) { - $return .= ''; + $return .= '
'; } } } @@ -957,6 +961,28 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $simplehtml = fa } while ($oldtext != $Text); } + // Set up the parameters for a URL search string + $URLSearchString = "^\[\]"; + // Set up the parameters for a MAIL search string + $MAILSearchString = $URLSearchString; + + // if the HTML is used to generate plain text, then don't do this search, but replace all URL of that kind to text + if (!$forplaintext) { + // Autolink feature + if ($simplehtml != 7) { + $Text = preg_replace("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@]+)/ism", '$1$2', $Text); + } else { + $Text = preg_replace("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,\@]+)/ism", '$1[url]$2[/url]', $Text); + + $Text = preg_replace_callback("/\[url\]([$URLSearchString]*)\[\/url\]/ism", 'bb_style_url', $Text); + $Text = preg_replace_callback("/\[url\=([$URLSearchString]*)\]([$URLSearchString]*)\[\/url\]/ism", 'bb_style_url', $Text); + } + } else { + $Text = preg_replace("(\[url\]([$URLSearchString]*)\[\/url\])ism", " $1 ", $Text); + $Text = preg_replace_callback("&\[url=([^\[\]]*)\]\[img\](.*)\[\/img\]\[\/url\]&Usi", 'bb_RemovePictureLinks', $Text); + } + + // Handle attached links or videos $Text = bb_attachment($Text, $simplehtml, $tryoembed); @@ -966,11 +992,6 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $simplehtml = fa $Text = str_replace(array("\n", "\r"), array('', ''), $Text); } - // Set up the parameters for a URL search string - $URLSearchString = "^\[\]"; - // Set up the parameters for a MAIL search string - $MAILSearchString = $URLSearchString; - // Remove all hashtag addresses if ((!$tryoembed || $simplehtml) && !in_array($simplehtml, array(3, 7))) { $Text = preg_replace("/([#@!])\[url\=([$URLSearchString]*)\](.*?)\[\/url\]/ism", '$1$3', $Text); @@ -1023,23 +1044,6 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $simplehtml = fa $expression = "=diaspora://.*?/post/([0-9A-Za-z\-_@.:]{15,254}[0-9A-Za-z])=ism"; $Text = preg_replace($expression, System::baseUrl()."/display/$1", $Text); - // if the HTML is used to generate plain text, then don't do this search, but replace all URL of that kind to text -// if ($simplehtml != 7) { - if (!$forplaintext) { - if ($simplehtml != 7) { - $Text = preg_replace("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,]+)/ism", '$1$2', $Text); - } else { - $Text = preg_replace("/([^\]\='".'"'."]|^)(https?\:\/\/[a-zA-Z0-9\:\/\-\?\&\;\.\=\_\~\#\%\$\!\+\,]+)/ism", '$1[url]$2[/url]', $Text); - - $Text = preg_replace_callback("/\[url\]([$URLSearchString]*)\[\/url\]/ism", 'bb_style_url', $Text); - $Text = preg_replace_callback("/\[url\=([$URLSearchString]*)\]([$URLSearchString]*)\[\/url\]/ism", 'bb_style_url', $Text); - } - } else { - $Text = preg_replace("(\[url\]([$URLSearchString]*)\[\/url\])ism", " $1 ", $Text); - $Text = preg_replace_callback("&\[url=([^\[\]]*)\]\[img\](.*)\[\/img\]\[\/url\]&Usi", 'bb_RemovePictureLinks', $Text); - } -// } - if ($tryoembed) { $Text = preg_replace_callback("/\[url\]([$URLSearchString]*)\[\/url\]/ism", $tryoembed_callback, $Text); } @@ -1237,7 +1241,7 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $simplehtml = fa // Try to Oembed if ($tryoembed) { - $Text = preg_replace("/\[video\](.*?\.(ogg|ogv|oga|ogm|webm|mp4))\[\/video\]/ism", '', $Text); + $Text = preg_replace("/\[video\](.*?\.(ogg|ogv|oga|ogm|webm|mp4))\[\/video\]/ism", '', $Text); $Text = preg_replace("/\[audio\](.*?\.(ogg|ogv|oga|ogm|webm|mp4|mp3))\[\/audio\]/ism", '', $Text); $Text = preg_replace_callback("/\[video\](.*?)\[\/video\]/ism", $tryoembed_callback, $Text); @@ -1351,7 +1355,7 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $simplehtml = fa // sanitizes src attributes (http and redir URLs for displaying in a web page, cid used for inline images in emails) static $allowed_src_protocols = array('http', 'redir', 'cid'); $Text = preg_replace('#<([^>]*?)(src)="(?!' . implode('|', $allowed_src_protocols) . ')(.*?)"(.*?)>#ism', - '<$1$2=""$4 class="invalid-src" title="' . t('Invalid source protocol') . '">', $Text); + '<$1$2=""$4 data-original-src="$3" class="invalid-src" title="' . t('Invalid source protocol') . '">', $Text); // sanitize href attributes (only whitelisted protocols URLs) // default value for backward compatibility @@ -1362,7 +1366,7 @@ function bbcode($Text, $preserve_nl = false, $tryoembed = true, $simplehtml = fa $allowed_link_protocols[] = 'redir/'; $regex = '#<([^>]*?)(href)="(?!' . implode('|', $allowed_link_protocols) . ')(.*?)"(.*?)>#ism'; - $Text = preg_replace($regex, '<$1$2="javascript:void(0)"$4 class="invalid-href" title="' . t('Invalid link protocol') . '">', $Text); + $Text = preg_replace($regex, '<$1$2="javascript:void(0)"$4 data-original-href="$3" class="invalid-href" title="' . t('Invalid link protocol') . '">', $Text); if ($saved_image) { $Text = bb_replace_images($Text, $saved_image); From 2c90c5be942815f806cb0b1b1e6df9c503c89b5a Mon Sep 17 00:00:00 2001 From: Michael Date: Fri, 12 Jan 2018 23:32:58 +0000 Subject: [PATCH 4/4] Better treatment of Oembed detection with no OEmbed data and not title --- src/Content/OEmbed.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/Content/OEmbed.php b/src/Content/OEmbed.php index 3ab5b4fea8..58fe32ade1 100644 --- a/src/Content/OEmbed.php +++ b/src/Content/OEmbed.php @@ -202,23 +202,22 @@ class OEmbed // add link to source if not present in "rich" type if ($j->type != 'rich' || !strpos($j->html, $embedurl)) { $ret .= '

'; - if (isset($j->title)) { - if (isset($j->provider_name)) { + if (!empty($j->title)) { + if (!empty($j->provider_name)) { $ret .= $j->provider_name . ": "; } - $embedlink = (isset($j->title)) ? $j->title : $embedurl; - $ret .= '' . $embedlink . ''; - if (isset($j->author_name)) { + $ret .= '' . $j->title . ''; + if (!empty($j->author_name)) { $ret .= ' (' . $j->author_name . ')'; } - } elseif (isset($j->provider_name) || isset($j->author_name)) { + } elseif (!empty($j->provider_name) || !empty($j->author_name)) { $embedlink = ""; - if (isset($j->provider_name)) { + if (!empty($j->provider_name)) { $embedlink .= $j->provider_name; } - if (isset($j->author_name)) { + if (!empty($j->author_name)) { if ($embedlink != "") { $embedlink .= ": "; } @@ -230,6 +229,8 @@ class OEmbed } $ret .= '' . $embedlink . ''; + } else { + $ret .= '' . $embedurl . ''; } $ret .= "

"; } elseif (!strpos($j->html, $embedurl)) {