"], ['[', ']'], $string); // High-bit filter no longer used // return str_replace(array("<",">","\xBA","\xBC","\xBE"), array('[',']','','',''), $string); } /** * use this on "body" or "content" input where angle chars shouldn't be removed, * and allow them to be safely displayed. * @param string $string * @return string */ function escape_tags($string) { return htmlspecialchars($string, ENT_COMPAT, 'UTF-8', false); } /** * generate a string that's random, but usually pronounceable. * used to generate initial passwords * @param int $len * @return string */ function autoname($len) { if ($len <= 0) { return ''; } $vowels = ['a','a','ai','au','e','e','e','ee','ea','i','ie','o','ou','u']; if (mt_rand(0, 5) == 4) { $vowels[] = 'y'; } $cons = [ 'b','bl','br', 'c','ch','cl','cr', 'd','dr', 'f','fl','fr', 'g','gh','gl','gr', 'h', 'j', 'k','kh','kl','kr', 'l', 'm', 'n', 'p','ph','pl','pr', 'qu', 'r','rh', 's','sc','sh','sm','sp','st', 't','th','tr', 'v', 'w','wh', 'x', 'z','zh' ]; $midcons = ['ck','ct','gn','ld','lf','lm','lt','mb','mm', 'mn','mp', 'nd','ng','nk','nt','rn','rp','rt']; $noend = ['bl', 'br', 'cl','cr','dr','fl','fr','gl','gr', 'kh', 'kl','kr','mn','pl','pr','rh','tr','qu','wh','q']; $start = mt_rand(0,2); if ($start == 0) { $table = $vowels; } else { $table = $cons; } $word = ''; for ($x = 0; $x < $len; $x ++) { $r = mt_rand(0,count($table) - 1); $word .= $table[$r]; if ($table == $vowels) { $table = array_merge($cons,$midcons); } else { $table = $vowels; } } $word = substr($word,0,$len); foreach ($noend as $noe) { $noelen = strlen($noe); if ((strlen($word) > $noelen) && (substr($word, -$noelen) == $noe)) { $word = autoname($len); break; } } return $word; } /** * Turn user/group ACLs stored as angle bracketed text into arrays * * @param string $s * @return array */ function expand_acl($s) { // turn string array of angle-bracketed elements into numeric array // e.g. "<1><2><3>" => array(1,2,3); $ret = []; if (strlen($s)) { $t = str_replace('<', '', $s); $a = explode('>', $t); foreach ($a as $aa) { if (intval($aa)) { $ret[] = intval($aa); } } } return $ret; } /** * Wrap ACL elements in angle brackets for storage * @param string $item */ function sanitise_acl(&$item) { if (intval($item)) { $item = '<' . intval(notags(trim($item))) . '>'; } else { unset($item); } } /** * Convert an ACL array to a storable string * * Normally ACL permissions will be an array. * We'll also allow a comma-separated string. * * @param string|array $p * @return string */ function perms2str($p) { $ret = ''; if (is_array($p)) { $tmp = $p; } else { $tmp = explode(',', $p); } if (is_array($tmp)) { array_walk($tmp, 'sanitise_acl'); $ret = implode('', $tmp); } return $ret; } /** * for html,xml parsing - let's say you've got * an attribute foobar="class1 class2 class3" * and you want to find out if it contains 'class3'. * you can't use a normal sub string search because you * might match 'notclass3' and a regex to do the job is * possible but a bit complicated. * pass the attribute string as $attr and the attribute you * are looking for as $s - returns true if found, otherwise false * * @param string $attr attribute value * @param string $s string to search * @return boolean True if found, False otherwise */ function attribute_contains($attr, $s) { $a = explode(' ', $attr); return (count($a) && in_array($s,$a)); } /** * Compare activity uri. Knows about activity namespace. * * @param string $haystack * @param string $needle * @return boolean */ function activity_match($haystack,$needle) { return (($haystack === $needle) || ((basename($needle) === $haystack) && strstr($needle, NAMESPACE_ACTIVITY_SCHEMA))); } /** * @brief Pull out all #hashtags and @person tags from $string. * * We also get @person@domain.com - which would make * the regex quite complicated as tags can also * end a sentence. So we'll run through our results * and strip the period from any tags which end with one. * Returns array of tags found, or empty array. * * @param string $string Post content * @return array List of tag and person names */ function get_tags($string) { $ret = []; // Convert hashtag links to hashtags $string = preg_replace('/#\[url\=([^\[\]]*)\](.*?)\[\/url\]/ism', '#$2', $string); // ignore anything in a code block $string = preg_replace('/\[code\](.*?)\[\/code\]/sm', '', $string); // Force line feeds at bbtags $string = str_replace(['[', ']'], ["\n[", "]\n"], $string); // ignore anything in a bbtag $string = preg_replace('/\[(.*?)\]/sm', '', $string); // Match full names against @tags including the space between first and last // We will look these up afterward to see if they are full names or not recognisable. if (preg_match_all('/(@[^ \x0D\x0A,:?]+ [^ \x0D\x0A@,:?]+)([ \x0D\x0A@,:?]|$)/', $string, $matches)) { foreach ($matches[1] as $match) { if (strstr($match, ']')) { // we might be inside a bbcode color tag - leave it alone continue; } if (substr($match, -1, 1) === '.') { $ret[] = substr($match, 0, -1); } else { $ret[] = $match; } } } // Otherwise pull out single word tags. These can be @nickname, @first_last // and #hash tags. if (preg_match_all('/([!#@][^\^ \x0D\x0A,;:?]+)([ \x0D\x0A,;:?]|$)/', $string, $matches)) { foreach ($matches[1] as $match) { if (strstr($match, ']')) { // we might be inside a bbcode color tag - leave it alone continue; } if (substr($match, -1, 1) === '.') { $match = substr($match,0,-1); } // ignore strictly numeric tags like #1 if ((strpos($match, '#') === 0) && ctype_digit(substr($match, 1))) { continue; } // try not to catch url fragments if (strpos($string, $match) && preg_match('/[a-zA-z0-9\/]/', substr($string, strpos($string, $match) - 1, 1))) { continue; } $ret[] = $match; } } return $ret; } /** * quick and dirty quoted_printable encoding * * @param string $s * @return string */ function qp($s) { return str_replace("%", "=", rawurlencode($s)); } /** * @brief Check for a valid email string * * @param string $email_address * @return boolean */ function valid_email($email_address) { return preg_match('/^[_a-zA-Z0-9\-\+]+(\.[_a-zA-Z0-9\-\+]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)+$/', $email_address); } /** * Normalize url * * @param string $url * @return string */ function normalise_link($url) { $ret = str_replace(['https:', '//www.'], ['http:', '//'], $url); return rtrim($ret,'/'); } /** * Compare two URLs to see if they are the same, but ignore * slight but hopefully insignificant differences such as if one * is https and the other isn't, or if one is www.something and * the other isn't - and also ignore case differences. * * @param string $a first url * @param string $b second url * @return boolean True if the URLs match, otherwise False * */ function link_compare($a, $b) { return (strcasecmp(normalise_link($a), normalise_link($b)) === 0); } /** * @brief Find any non-embedded images in private items and add redir links to them * * @param App $a * @param array &$item The field array of an item row */ function redir_private_images($a, &$item) { $matches = false; $cnt = preg_match_all('|\[img\](http[^\[]*?/photo/[a-fA-F0-9]+?(-[0-9]\.[\w]+?)?)\[\/img\]|', $item['body'], $matches, PREG_SET_ORDER); if ($cnt) { foreach ($matches as $mtch) { if (strpos($mtch[1], '/redir') !== false) { continue; } if ((local_user() == $item['uid']) && ($item['private'] == 1) && ($item['contact-id'] != $a->contact['id']) && ($item['network'] == Protocol::DFRN)) { $img_url = 'redir?f=1&quiet=1&url=' . urlencode($mtch[1]) . '&conurl=' . urlencode($item['author-link']); $item['body'] = str_replace($mtch[0], '[img]' . $img_url . '[/img]', $item['body']); } } } } /** * Sets the "rendered-html" field of the provided item * * Body is preserved to avoid side-effects as we modify it just-in-time for spoilers and private image links * * @param array $item * @param bool $update * * @todo Remove reference, simply return "rendered-html" and "rendered-hash" */ function put_item_in_cache(&$item, $update = false) { $body = $item["body"]; $rendered_hash = defaults($item, 'rendered-hash', ''); $rendered_html = defaults($item, 'rendered-html', ''); if ($rendered_hash == '' || $rendered_html == "" || $rendered_hash != hash("md5", $item["body"]) || Config::get("system", "ignore_cache") ) { $a = get_app(); redir_private_images($a, $item); $item["rendered-html"] = prepare_text($item["body"]); $item["rendered-hash"] = hash("md5", $item["body"]); $hook_data = ['item' => $item, 'rendered-html' => $item['rendered-html'], 'rendered-hash' => $item['rendered-hash']]; Addon::callHooks('put_item_in_cache', $hook_data); $item['rendered-html'] = $hook_data['rendered-html']; $item['rendered-hash'] = $hook_data['rendered-hash']; unset($hook_data); // Force an update if the generated values differ from the existing ones if ($rendered_hash != $item["rendered-hash"]) { $update = true; } // Only compare the HTML when we forcefully ignore the cache if (Config::get("system", "ignore_cache") && ($rendered_html != $item["rendered-html"])) { $update = true; } if ($update && !empty($item["id"])) { Item::update(['rendered-html' => $item["rendered-html"], 'rendered-hash' => $item["rendered-hash"]], ['id' => $item["id"]]); } } $item["body"] = $body; } /** * @brief Given an item array, convert the body element from bbcode to html and add smilie icons. * If attach is true, also add icons for item attachments. * * @param array $item * @param boolean $attach * @param boolean $is_preview * @return string item body html * @hook prepare_body_init item array before any work * @hook prepare_body_content_filter ('item'=>item array, 'filter_reasons'=>string array) before first bbcode to html * @hook prepare_body ('item'=>item array, 'html'=>body string, 'is_preview'=>boolean, 'filter_reasons'=>string array) after first bbcode to html * @hook prepare_body_final ('item'=>item array, 'html'=>body string) after attach icons and blockquote special case handling (spoiler, author) */ function prepare_body(array &$item, $attach = false, $is_preview = false) { $a = get_app(); Addon::callHooks('prepare_body_init', $item); // In order to provide theme developers more possibilities, event items // are treated differently. if ($item['object-type'] === ACTIVITY_OBJ_EVENT && isset($item['event-id'])) { $ev = Event::getItemHTML($item); return $ev; } $tags = \Friendica\Model\Term::populateTagsFromItem($item); $item['tags'] = $tags['tags']; $item['hashtags'] = $tags['hashtags']; $item['mentions'] = $tags['mentions']; // Compile eventual content filter reasons $filter_reasons = []; if (!$is_preview && public_contact() != $item['author-id']) { if (!empty($item['content-warning']) && (!local_user() || !PConfig::get(local_user(), 'system', 'disable_cw', false))) { $filter_reasons[] = L10n::t('Content warning: %s', $item['content-warning']); } $hook_data = [ 'item' => $item, 'filter_reasons' => $filter_reasons ]; Addon::callHooks('prepare_body_content_filter', $hook_data); $filter_reasons = $hook_data['filter_reasons']; unset($hook_data); } // Update the cached values if there is no "zrl=..." on the links. $update = (!local_user() && !remote_user() && ($item["uid"] == 0)); // Or update it if the current viewer is the intented viewer. if (($item["uid"] == local_user()) && ($item["uid"] != 0)) { $update = true; } put_item_in_cache($item, $update); $s = $item["rendered-html"]; $hook_data = [ 'item' => $item, 'html' => $s, 'preview' => $is_preview, 'filter_reasons' => $filter_reasons ]; Addon::callHooks('prepare_body', $hook_data); $s = $hook_data['html']; unset($hook_data); if (!$attach) { // Replace the blockquotes with quotes that are used in mails. $mailquote = '
'; $s = str_replace(['', '', ''], [$mailquote, $mailquote, $mailquote], $s); return $s; } $as = ''; $vhead = false; $matches = []; preg_match_all('|\[attach\]href=\"(.*?)\" length=\"(.*?)\" type=\"(.*?)\"(?: title=\"(.*?)\")?|', $item['attach'], $matches, PREG_SET_ORDER); foreach ($matches as $mtch) { $mime = $mtch[3]; $the_url = Contact::magicLinkById($item['author-id'], $mtch[1]); if (strpos($mime, 'video') !== false) { if (!$vhead) { $vhead = true; $a->page['htmlhead'] .= Renderer::replaceMacros(Renderer::getMarkupTemplate('videos_head.tpl'), [ '$baseurl' => System::baseUrl(), ]); } $url_parts = explode('/', $the_url); $id = end($url_parts); $as .= Renderer::replaceMacros(Renderer::getMarkupTemplate('video_top.tpl'), [ '$video' => [ 'id' => $id, 'title' => L10n::t('View Video'), 'src' => $the_url, 'mime' => $mime, ], ]); } $filetype = strtolower(substr($mime, 0, strpos($mime, '/'))); if ($filetype) { $filesubtype = strtolower(substr($mime, strpos($mime, '/') + 1)); $filesubtype = str_replace('.', '-', $filesubtype); } else { $filetype = 'unkn'; $filesubtype = 'unkn'; } $title = escape_tags(trim(!empty($mtch[4]) ? $mtch[4] : $mtch[1])); $title .= ' ' . $mtch[2] . ' ' . L10n::t('bytes'); $icon = ''; $as .= '' . $icon . ''; } if ($as != '') { $s .= ''.$as.''; } // Map. if (strpos($s, '') !== false && x($item, 'coord')) { $x = Map::byCoordinates(trim($item['coord'])); if ($x) { $s = preg_replace('/\/', '$0' . $x, $s); } } // Look for spoiler. $spoilersearch = ''; // Remove line breaks before the spoiler. while ((strpos($s, "\n" . $spoilersearch) !== false)) { $s = str_replace("\n" . $spoilersearch, $spoilersearch, $s); } while ((strpos($s, "
" . $spoilersearch) !== false)) { $s = str_replace("
" . $spoilersearch, $spoilersearch, $s); } while ((strpos($s, $spoilersearch) !== false)) { $pos = strpos($s, $spoilersearch); $rnd = random_string(8); $spoilerreplace = '
' . L10n::t('Click to open/close') . ''. '