strk/friendica
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Add tag escaping to BBCode::setTags

Browse source
This commit is contained in:
Hypolite Petovan 2020-06-04 20:54:40 -04:00
parent 0bc7b89530
commit 472018191b
1 changed files with 43 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

90
src/Content/Text/BBCode.php
View file

@ -2087,64 +2087,60 @@ class BBCode
{ {
$ret = []; $ret = [];
// Convert hashtag links to hashtags BBCode::performWithEscapedTags($string, ['noparse', 'pre', 'code'], function ($string) use (&$ret) {
$string = preg_replace('/#\[url\=([^\[\]]*)\](.*?)\[\/url\]/ism', '#$2 ', $string); // Convert hashtag links to hashtags
$string = preg_replace('/#\[url\=([^\[\]]*)\](.*?)\[\/url\]/ism', '#$2 ', $string);
// ignore anything in a code block // Force line feeds at bbtags
$string = preg_replace('/\[code.*?\].*?\[\/code\]/sm', '', $string); $string = str_replace(['[', ']'], ["\n[", "]\n"], $string);
// Force line feeds at bbtags // ignore anything in a bbtag
$string = str_replace(['[', ']'], ["\n[", "]\n"], $string); $string = preg_replace('/\[(.*?)\]/sm', '', $string);
// ignore anything in a bbtag // Match full names against @tags including the space between first and last
$string = preg_replace('/\[(.*?)\]/sm', '', $string); // We will look these up afterward to see if they are full names or not recognisable.
// Match full names against @tags including the space between first and last if (preg_match_all('/(@[^ \x0D\x0A,:?]+ [^ \x0D\x0A@,:?]+)([ \x0D\x0A@,:?]|$)/', $string, $matches)) {
// We will look these up afterward to see if they are full names or not recognisable. foreach ($matches[1] as $match) {
if (strstr($match, ']')) {
// we might be inside a bbcode color tag - leave it alone
continue;
}
if (preg_match_all('/(@[^ \x0D\x0A,:?]+ [^ \x0D\x0A@,:?]+)([ \x0D\x0A@,:?]|$)/', $string, $matches)) { if (substr($match, -1, 1) === '.') {
foreach ($matches[1] as $match) { $ret[] = substr($match, 0, -1);
if (strstr($match, ']')) { } else {
// we might be inside a bbcode color tag - leave it alone $ret[] = $match;
continue; }
} }
}
// Otherwise pull out single word tags. These can be @nickname, @first_last
// and #hash tags.
if (preg_match_all('/([!#@][^\^ \x0D\x0A,;:?\']*[^\^ \x0D\x0A,;:?!\'.])/', $string, $matches)) {
foreach ($matches[1] as $match) {
if (strstr($match, ']')) {
// we might be inside a bbcode color tag - leave it alone
continue;
}
// ignore strictly numeric tags like #1
if ((strpos($match, '#') === 0) && ctype_digit(substr($match, 1))) {
continue;
}
// try not to catch url fragments
if (strpos($string, $match) && preg_match('/[a-zA-z0-9\/]/', substr($string, strpos($string, $match) - 1, 1))) {
continue;
}
if (substr($match, -1, 1) === '.') {
$ret[] = substr($match, 0, -1);
} else {
$ret[] = $match; $ret[] = $match;
} }
} }
} });
// Otherwise pull out single word tags. These can be @nickname, @first_last return array_unique($ret);
// and #hash tags.
if (preg_match_all('/([!#@][^\^ \x0D\x0A,;:?]+)([ \x0D\x0A,;:?]|$)/', $string, $matches)) {
foreach ($matches[1] as $match) {
if (strstr($match, ']')) {
// we might be inside a bbcode color tag - leave it alone
continue;
}
if (substr($match, -1, 1) === '.') {
$match = substr($match,0,-1);
}
// ignore strictly numeric tags like #1
if ((strpos($match, '#') === 0) && ctype_digit(substr($match, 1))) {
continue;
}
// try not to catch url fragments
if (strpos($string, $match) && preg_match('/[a-zA-z0-9\/]/', substr($string, strpos($string, $match) - 1, 1))) {
continue;
}
$ret[] = $match;
}
}
return $ret;
} }
/** /**