PageRenderTime 55ms CodeModel.GetById 16ms RepoModel.GetById 1ms app.codeStats 0ms

/wp-content/plugins/simple-forum/library/sf-filters.php

https://bitbucket.org/crypticrod/sr_wp_code
PHP | 1897 lines | 1054 code | 271 blank | 572 comment | 197 complexity | df17d6713524cc0e4524f06efd1b980d MD5 | raw file
Possible License(s): AGPL-1.0, GPL-2.0, LGPL-2.1, GPL-3.0, LGPL-2.0, AGPL-3.0

Large files files are truncated, but you can click here to view the full file

    

  1. <?php

    2. 

  2. /*

    3. 

  3. Simple:Press

    4. 

  4. Filters

    5. 

  5. $LastChangedDate: 2011-06-02 05:56:53 -0700 (Thu, 02 Jun 2011) $

    6. 

  6. $Rev: 6226 $

    7. 

  7. */

    8. 

  8. 

    9. 

  9. if(preg_match('#' . basename(__FILE__) . '#', $_SERVER['PHP_SELF'])) {

    10. 

  10. 	die('Access Denied');

    11. 

  11. }

    12. 

  12. 

    13. 

  13. # ===FILTERS - USEAGE ==============================================

    14. 

  14. #

    15. 

  15. #	sf_filter_content_save($content, $action)

    16. 

  16. #	sf_filter_content_display($content)

    17. 

  17. #	sf_filter_content_edit($content)

    18. 

  18. #		Used for main post/message content so includes html, images,

    19. 

  19. #		profanity etc.

    20. 

  20. #

    21. 

  21. #	sf_filter_text_save($content)

    22. 

  22. #	sf_filter_text_display($content)

    23. 

  23. #	sf_filter_text_edit($content)

    24. 

  24. #		Used for larger areas of text where html is allowed like

    25. 

  25. #		admin defined message areas etc.

    26. 

  26. #

    27. 

  27. #	sf_filter_title_save($content)

    28. 

  28. #	sf_filter_title_display($content)

    29. 

  29. #		Used for title text where no html allowed such as forum

    30. 

  30. #		titles, custom labels and links etc.

    31. 

  31. #

    32. 

  32. #	sf_filter_name_save($content)

    33. 

  33. #	sf_filter_name_display($content)

    34. 

  34. #		Used for user names such as guest name and display name etc.

    35. 

  35. #

    36. 

  36. #	sf_filter_email_save($email)

    37. 

  37. #	sf_filter_email_display($email)

    38. 

  38. #		Used for email addresses

    39. 

  39. #

    40. 

  40. #	sf_filter_url_save($url)

    41. 

  41. #	sf_filter_url_display($url)

    42. 

  42. #		Used for URLs

    43. 

  43. #

    44. 

  44. #	sf_filter_filename_save($filename)

    45. 

  45. #		used for all filenames - i.e., custom icons etc

    46. 

  46. #

    47. 

  47. #	sf_filter_signature_display($content)

    48. 

  48. #		special for siganture display

    49. 

  49. #

    50. 

  50. #	sf_filter_tooltip_display($content)

    51. 

  51. #		special for post tooltips

    52. 

  52. #

    53. 

  53. #	sf_filter_syntax_display($content)

    54. 

  54. #		special for synrax highlighting

    55. 

  55. #

    56. 

  56. #	sf_filter_rss_display($content)

    57. 

  57. #		Used for post content in rss feed

    58. 

  58. #

    59. 

  59. #	sf_filter_table_prefix($content)

    60. 

  60. #		removes prefix from tablename in seaches

    61. 

  61. #

    62. 

  62. # ==================================================================

    63. 

  63. 

    64. 

  64. 

    65. 

  65. # ===START OF SAVE FILTERS==========================================

    66. 

  66. #

    67. 

  67. # CONTENT - SAVE FILTERS UMBRELLA

    68. 

  68. #

    69. 

  69. # Used:	Forum Post (including Quick Reply)

    70. 

  70. #		Private Messages

    71. 

  71. #		Blog Linking Posts and Comments

    72. 

  72. #		?

    73. 

  73. # $action will be 'new' or 'edit'

    74. 

  74. 

    75. 

  75. function sf_filter_content_save($content, $action)

    76. 

  76. {

    77. 

  77. 	global $sfglobals, $current_user;

    78. 

  78. 	$sffilters = sf_get_option('sffilters');

    79. 

  79. 

    80. 

  80. 	# 1: Swap smileys for img tags. Do it early before kses

    81. 

  81. 	# NOTE Was a display filter - still needs to be a

    82. 

  82. 	# display filter for backward compatibility.

    83. 

  83. 	$content = sf_filter_display_smileys($content);

    84. 

  84. 

    85. 

  85.     # 2: prepare edits if using tinymce

    86. 

  86.     if ($action == 'edit' && $sfglobals['editor']['sfeditor'] == RICHTEXT)

    87. 

  87.     {

    88. 

  88.         $content = addslashes($content);

    89. 

  89.     }

    90. 

  90. 

    91. 

  91. 	# 3: convert code tags to our own code display tags

    92. 

  92. 	$content = sf_filter_save_codetags1($content, $sfglobals['editor']['sfeditor'], $action);

    93. 

  93. 

    94. 

  94. 	# 4: run it through kses

    95. 

  95. 	$content = sf_filter_save_kses($content);

    96. 

  96. 

    97. 

  97. 	# 5: parse it for the wp oEmbed class

    98. 

  98. 	$content = sf_filter_save_oEmbed($content);

    99. 

  99. 

    100. 

  100. 	# 6: remove nbsp and p/br tags

    101. 

  101. 	$content = sf_filter_save_linebreaks($content);

    102. 

  102. 

    103. 

  103. 	# 7: revist code tags in case post edit save

    104. 

  104. 	$content = sf_filter_save_codetags2($content, $sfglobals['editor']['sfeditor'], $action);

    105. 

  105. 

    106. 

  106. 	# 8: remove 'pre' tags (optional)

    107. 

  107. 	if ($sffilters['sffilterpre']) {

    108. 

  108. 		$content = sf_filter_save_pre($content);

    109. 

  109. 	}

    110. 

  110. 

    111. 

  111. 	# 9: deal with single quotes (tinymce encodes them)

    112. 

  112. 	$content = sf_filter_save_quotes($content);

    113. 

  113. 

    114. 

  114. 	# 10: balance html tags

    115. 

  115. 	$content = sf_filter_save_balancetags($content);

    116. 

  116. 

    117. 

  117. 	# 11: format links (optional)

    118. 

  118. 	if($sffilters['sfurlchars']) {

    119. 

  119. 		$content = sf_filter_save_links($content, $sffilters['sfurlchars']);

    120. 

  120. 	}

    121. 

  121. 

    122. 

  122. 	# 12: add nofollow to links (optional)

    123. 

  123. 	if ($sffilters['sfnofollow']) {

    124. 

  124. 		$content = sf_filter_save_nofollow($content);

    125. 

  125. 	}

    126. 

  126. 

    127. 

  127. 	# 13: add target blank (optional)

    128. 

  128. 	if ($sffilters['sftarget']) {

    129. 

  129. 		$content = sf_filter_save_target($content);

    130. 

  130. 	}

    131. 

  131. 

    132. 

  132. 	# 14: profanity filter

    133. 

  133. 	$content = sf_filter_save_profanity($content);

    134. 

  134. 

    135. 

  135. 	# 15: escape it All

    136. 

  136. 	$content = sf_filter_save_escape($content);

    137. 

  137. 

    138. 

  138. 	# 16: strip spoiler shortcode if not allowed

    139. 

  139. 	if (!$current_user->sfspoilers)

    140. 

  140.     {

    141. 

  141. 	   $content = sf_filter_save_spoiler($content);

    142. 

  142.     }

    143. 

  143. 

    144. 

  144. 	# 17: Try and determine images widths if not set

    145. 

  145. 	$content = sf_filter_save_images($content);

    146. 

  146. 

    147. 

  147. 	# 18: apply any users custom filters

    148. 

  148. 	$content = apply_filters('sf_save_post_content', $content);

    149. 

  149. 

    150. 

  150. 	return $content;

    151. 

  151. }

    152. 

  152. 

    153. 

  153. # ==================================================================

    154. 

  154. #

    155. 

  155. # TEXT - SAVE FILTERS UMBRELLA

    156. 

  156. #

    157. 

  157. # Used:	Profile Description

    158. 

  158. #		Blog Linking Link Text

    159. 

  159. #		Group Message

    160. 

  160. #		Forum Message

    161. 

  161. #		Email Messages

    162. 

  162. #		Signature Text

    163. 

  163. #		Announce Tag Heading/Text

    164. 

  164. #		Sneak Peak Message

    165. 

  165. #		Admin View Message

    166. 

  166. #		Custom Editor Messages

    167. 

  167. #		Registration/Privacy Messages

    168. 

  168. #		Custom Profile Message

    169. 

  169. #		Admins Off-Line Message

    170. 

  170. #		?

    171. 

  171. 

    172. 

  172. function sf_filter_text_save($content, $links=true)

    173. 

  173. {

    174. 

  174. 	global $sfglobals;

    175. 

  175. 	$sffilters = sf_get_option('sffilters');

    176. 

  176. 

    177. 

  177. 	# Decode the entities first that were applied for display

    178. 

  178. 	$content = html_entity_decode($content, ENT_COMPAT, SFCHARSET);

    179. 

  179. 

    180. 

  180. 	# 1: run it through kses

    181. 

  181. 	$content = sf_filter_save_kses($content);

    182. 

  182. 

    183. 

  183. 	# 2: remove nbsp and p/br tags

    184. 

  184. 	$content = sf_filter_save_linebreaks($content);

    185. 

  185. 

    186. 

  186. 	# 3: deal with single quotes (tinymce encodes them)

    187. 

  187. 	$content = sf_filter_save_quotes($content);

    188. 

  188. 

    189. 

  189. 	# 4: balance html tags

    190. 

  190. 	$content = sf_filter_save_balancetags($content);

    191. 

  191. 

    192. 

  192.     # are we altering links?

    193. 

  193.     if ($links)

    194. 

  194.     {

    195. 

  195.     	# 5: format links (optional)

    196. 

  196.     	if($sffilters['sfurlchars']) {

    197. 

  197.     		$content = sf_filter_save_links($content, $sffilters['sfurlchars']);

    198. 

  198.     	}

    199. 

  199. 

    200. 

  200.  		# 6: add nofollow to links (optional)

    201. 

  201.     	if ($sffilters['sfnofollow']) {

    202. 

  202.     		$content = sf_filter_save_nofollow($content);

    203. 

  203.     	}

    204. 

  204. 

    205. 

  205.     	# 7: add target blank (optional)

    206. 

  206.     	if ($sffilters['sftarget']) {

    207. 

  207.     		$content = sf_filter_save_target($content);

    208. 

  208.     	}

    209. 

  209. 

    210. 

  210.     }

    211. 

  211. 	# 8: escape it All

    212. 

  212. 	$content = sf_filter_save_escape($content);

    213. 

  213. 

    214. 

  214. 	return $content;

    215. 

  215. }

    216. 

  216. 

    217. 

  217. # ==================================================================

    218. 

  218. #

    219. 

  219. # TITLE - SAVE FILTERS UMBRELLA

    220. 

  220. #

    221. 

  221. # Used:	Group Title/Description

    222. 

  222. #		Forum Title/Description

    223. 

  223. #		Topic Title

    224. 

  224. #		Message Title

    225. 

  225. #		Blog Linking Titles

    226. 

  226. #		Email Subject

    227. 

  227. #		Custom Meta Description/Keywords

    228. 

  228. #		Topic Status Name/List

    229. 

  229. #		Custom Icon Title

    230. 

  230. #		UserGroup Name/Description

    231. 

  231. #		Permission Name/Description

    232. 

  232. #		Profile Form Labels

    233. 

  233. #		?

    234. 

  234. 

    235. 

  235. function sf_filter_title_save($content)

    236. 

  236. {

    237. 

  237. 	# 1: remove all html

    238. 

  238. 	$content = sf_filter_save_nohtml($content);

    239. 

  239. 

    240. 

  240. 	# 2: encode brackets

    241. 

  241. 	$content = sf_filter_save_brackets($content);

    242. 

  242. 

    243. 

  243. 	# 3: profanity filter

    244. 

  244. 	$content = sf_filter_save_profanity($content);

    245. 

  245. 

    246. 

  246. 	# 4: escape it All

    247. 

  247. 	$content = sf_filter_save_escape($content);

    248. 

  248. 

    249. 

  249. 	return $content;

    250. 

  250. }

    251. 

  251. 

    252. 

  252. # ==================================================================

    253. 

  253. #

    254. 

  254. # USER NAMES - SAVE FILTERS UMBRELLA

    255. 

  255. #

    256. 

  256. # Used:	Display Name

    257. 

  257. #		Guest Name

    258. 

  258. #		?

    259. 

  259. 

    260. 

  260. function sf_filter_name_save($content)

    261. 

  261. {

    262. 

  262. 	# 1: Remove any html

    263. 

  263. 	$content = sf_filter_save_nohtml($content);

    264. 

  264. 

    265. 

  265. 	# 2: Encode

    266. 

  266. 	$content = sf_filter_save_encode($content);

    267. 

  267. 

    268. 

  268. 	# 3: escape it

    269. 

  269. 	$content = sf_filter_save_escape($content);

    270. 

  270. 

    271. 

  271. 	return $content;

    272. 

  272. }

    273. 

  273. 

    274. 

  274. # ==================================================================

    275. 

  275. #

    276. 

  276. # EMAIL ADDRESS - SAVE FILTERS UMBRELLA

    277. 

  277. #

    278. 

  278. # Used:	Guest posts

    279. 

  279. #		User profile

    280. 

  280. #		?

    281. 

  281. 

    282. 

  282. function sf_filter_email_save($email)

    283. 

  283. {

    284. 

  284. 	# 1: Remove any html

    285. 

  285. 	$email = sf_filter_save_nohtml($email);

    286. 

  286. 

    287. 

  287. 	# 2: Validate and Sanitise Email

    288. 

  288. 	$email = sf_filter_save_cleanemail($email);

    289. 

  289. 

    290. 

  290. 	# 3: escape it

    291. 

  291. 	$email = sf_filter_save_escape($email);

    292. 

  292. 

    293. 

  293. 	return $email;

    294. 

  294. }

    295. 

  295. 

    296. 

  296. # ==================================================================

    297. 

  297. #

    298. 

  298. # URL - SAVE FILTERS UMBRELLA

    299. 

  299. #

    300. 

  300. # Used: All URLs

    301. 

  301. #		?

    302. 

  302. 

    303. 

  303. function sf_filter_url_save($url)

    304. 

  304. {

    305. 

  305. 	# 1: clean up url for database

    306. 

  306. 	$url = sf_filter_save_cleanurl($url);

    307. 

  307. 

    308. 

  308. 	return $url;

    309. 

  309. }

    310. 

  310. 

    311. 

  311. # ==================================================================

    312. 

  312. #

    313. 

  313. # FILENAME - SAVE FILTERS UMBRELLA

    314. 

  314. #

    315. 

  315. # Used:	Avatar Upload

    316. 

  316. #		Avatar Pool

    317. 

  317. #		Signature Image

    318. 

  318. #		Custom Icons

    319. 

  319. #		Smileys

    320. 

  320. #		Editor Stylesheets

    321. 

  321. #		Registration/Privacy Documents

    322. 

  322. #		?

    323. 

  323. 

    324. 

  324. function sf_filter_filename_save($filename)

    325. 

  325. {

    326. 

  326. 	# 1: clean up filename

    327. 

  327. 	$filename = sf_filter_save_filename($filename);

    328. 

  328. 

    329. 

  329. 	return $filename;

    330. 

  330. }

    331. 

  331. 

    332. 

  332. 

    333. 

  333. # ===START OF SAVE FILTERS==========================================

    334. 

  334. 

    335. 

  335. # ------------------------------------------------------------------

    336. 

  336. # sf_filter_save_codetags1()

    337. 

  337. #

    338. 

  338. # Try and change code tags to our code divs

    339. 

  339. #	$content:		Unfiltered post content

    340. 

  340. # ------------------------------------------------------------------

    341. 

  341. function sf_filter_save_codetags1($content, $editor, $action)

    342. 

  342. {

    343. 

  343. 	global $sfglobals;

    344. 

  344. 

    345. 

  345. 	switch($editor)

    346. 

  346. 	{

    347. 

  347. 		case RICHTEXT:

    348. 

  348. 			# TinyMCE

    349. 

  349. 			include_once (SF_PLUGIN_DIR.'/forum/parsers/sf-rtetohtml.php');

    350. 

  350. 			$content = sf_RTE2Html(" ".$content);

    351. 

  351. 			break;

    352. 

  352. 

    353. 

  353. 		case BBCODE:

    354. 

  354. 			# Send everything through bbCode below as some users use it in all editors

    355. 

  355. 			break;

    356. 

  356. 

    357. 

  357. 		default:

    358. 

  358. 			# HTML and Plain Textaera

    359. 

  359. 			include_once (SF_PLUGIN_DIR.'/forum/parsers/sf-rawtohtml.php');

    360. 

  360. 			$content = sf_Raw2Html(" ".$content);

    361. 

  361. 			break;

    362. 

  362. 	}

    363. 

  363. 

    364. 

  364.     # strip excess slashes if editing for code segments

    365. 

  365.     if ($action == 'edit' && $sfglobals['editor']['sfeditor'] == RICHTEXT)

    366. 

  366.     {

    367. 

  367.         $content = stripslashes($content);

    368. 

  368.     }

    369. 

  369. 

    370. 

  370. 	# Now perform the bbCode which will preserve above changes

    371. 

  371. 	include_once (SF_PLUGIN_DIR.'/forum/parsers/sf-bbtohtml.php');

    372. 

  372. 	$content = addslashes(sf_BBCode2Html(" ".stripslashes($content), false));

    373. 

  373. 

    374. 

  374. 	# Shouldn't need any of these but there just in case...

    375. 

  375. 	$content = str_replace('<code>', '<div class="sfcode">', $content);

    376. 

  376. 	$content = str_replace('</code>', '</div>', $content);

    377. 

  377. 

    378. 

  378. 	$content = str_replace('&lt;code&gt;', '<div class="sfcode">', $content);

    379. 

  379. 	$content = str_replace('&lt;/code&gt;', '</div>', $content);

    380. 

  380. 

    381. 

  381. 	return $content;

    382. 

  382. }

    383. 

  383. 

    384. 

  384. # ------------------------------------------------------------------

    385. 

  385. # sf_filter_save_codetags2()

    386. 

  386. #

    387. 

  387. # May be post edit save - so remove br's

    388. 

  388. #	$content:		Unfiltered post content

    389. 

  389. #	$editor:		Which editor

    390. 

  390. #	$action:		'new' or 'edit'

    391. 

  391. # ------------------------------------------------------------------

    392. 

  392. function sf_filter_save_codetags2($content, $editor, $action)

    393. 

  393. {

    394. 

  394. 	# check if syntax highlighted - if so not needed

    395. 

  395. 	$sfsyntax = sf_get_option('sfsyntax');

    396. 

  396.     if ($sfsyntax['sfsyntaxforum'] == true && strpos($content, 'brush-'))

    397. 

  397. 	{

    398. 

  398. 		return $content;

    399. 

  399. 	}

    400. 

  400. 

    401. 

  401. 	# ONLY used for a TintMCE RichText Save 'Edit'

    402. 

  402. 

    403. 

  403. 	if($editor == RICHTEXT && $action == 'edit')

    404. 

  404.     {

    405. 

  405. 		# recheck extra line breaks and p tags - might have come from an edit

    406. 

  406. 		$content = preg_replace_callback('/\<div class=\"sfcode\"\>(.*?)\<\/div\>/ms', "sf_codetag_callback", stripslashes($content));

    407. 

  407. 	}

    408. 

  408. 

    409. 

  409. 	return $content;

    410. 

  410. }

    411. 

  411. 

    412. 

  412. function sf_codetag_callback($s)

    413. 

  413. {

    414. 

  414. 	$content = str_replace("<br />", "", $s[1]);

    415. 

  415. 	$content = str_replace("\n", "", $content);

    416. 

  416. 	$content = '<div class="sfcode">'.$content.'</div>';

    417. 

  417. 

    418. 

  418. 	return $content;

    419. 

  419. }

    420. 

  420. 

    421. 

  421. # ------------------------------------------------------------------

    422. 

  422. # sf_filter_save_kses()

    423. 

  423. #

    424. 

  424. # Run it through kses - needs to be unescaped first

    425. 

  425. #	$content:		Unfiltered post content

    426. 

  426. # ------------------------------------------------------------------

    427. 

  427. function sf_filter_save_kses($content)

    428. 

  428. {

    429. 

  429. 	global $allowedforumtags, $allowedforumprotocols;

    430. 

  430. 

    431. 

  431. 	if(!isset($allowedforumtags))

    432. 

  432. 	{

    433. 

  433. 		sf_kses_array();

    434. 

  434. 		$allowedforumtags = apply_filters('sf_custom_kses', $allowedforumtags);

    435. 

  435. 	}

    436. 

  436. 

    437. 

  437. 	$content = wp_kses(stripslashes($content), $allowedforumtags, $allowedforumprotocols);

    438. 

  438. 

    439. 

  439. 	return $content;

    440. 

  440. }

    441. 

  441. 

    442. 

  442. # ------------------------------------------------------------------

    443. 

  443. # sf_filter_save_linebreaks()

    444. 

  444. #

    445. 

  445. # Swap tinymce constructs with br's

    446. 

  446. #	$content:		Unfiltered post content

    447. 

  447. # ------------------------------------------------------------------

    448. 

  448. function sf_filter_save_linebreaks($content)

    449. 

  449. {

    450. 

  450. 	$gap ='<p>'.chr(194).chr(160).'</p>'.chr(13).chr(10);

    451. 

  451. 	$end ='<p>'.chr(194).chr(160).'</p>';

    452. 

  452. 

    453. 

  453. 	# trim unwanted empty space

    454. 

  454. 	$content = trim($content);

    455. 

  455. 

    456. 

  456. 	while(substr($content, 0, 11) == $gap)

    457. 

  457. 	{

    458. 

  458. 		$content = substr_replace($content, '', 0, 11);

    459. 

  459. 	}

    460. 

  460. 

    461. 

  461. 	while(substr($content, (strlen($content)-9), 9) == $end)

    462. 

  462. 	{

    463. 

  463. 		$content = substr_replace($content, '', (strlen($content)-9), 9);

    464. 

  464. 	}

    465. 

  465. 

    466. 

  466. 	while(substr($content, (strlen($content)-11), 11) == $gap)

    467. 

  467. 	{

    468. 

  468. 		$content = substr_replace($content, '', (strlen($content)-11), 11);

    469. 

  469. 	}

    470. 

  470. 

    471. 

  471. 	# On savibng edit a 'br' may have a trailng line break which

    472. 

  472. 	# will display like a paragraph break

    473. 

  473. 	$content = str_replace("<br />".chr(13).chr(10), "\n", $content);

    474. 

  474. 

    475. 

  475. 	# change br's to linebreaks

    476. 

  476. 	$content = str_replace("<br />", "\n", $content);

    477. 

  477. 

    478. 

  478. 	# change tiny blank line to a newline

    479. 

  479. 	$content = str_replace($gap.$gap, $gap, $content);

    480. 

  480. 

    481. 

  481. 	# same for blank line with p tags

    482. 

  482. 	$content = str_replace("<p></p>", "\n\n", $content);

    483. 

  483. 	$content = str_replace("<p> </p>", "\n\n", $content);

    484. 

  484. 

    485. 

  485. 	$content = str_replace("<p>", "", $content);

    486. 

  486. 	$content = str_replace("</p>", chr(13).chr(10), $content);

    487. 

  487. 

    488. 

  488. 	return $content;

    489. 

  489. }

    490. 

  490. 

    491. 

  491. # ------------------------------------------------------------------

    492. 

  492. # sf_filter_save_pre()

    493. 

  493. #

    494. 

  494. # Remove html 'pre' and '/pre' tags

    495. 

  495. #	$content:		Unfiltered post content

    496. 

  496. # ------------------------------------------------------------------

    497. 

  497. function sf_filter_save_pre($content)

    498. 

  498. {

    499. 

  499. 	# remove pre tags

    500. 

  500. 	$content = str_replace("<pre>", "", $content);

    501. 

  501. 	$content = str_replace("</pre>", "", $content);

    502. 

  502. 

    503. 

  503. 	$content = str_replace('&lt;pre&gt;', '', $content);

    504. 

  504. 	$content = str_replace('&lt;/pre&gt;', '', $content);

    505. 

  505. 

    506. 

  506. 	return $content;

    507. 

  507. }

    508. 

  508. 

    509. 

  509. # ------------------------------------------------------------------

    510. 

  510. # sf_filter_save_quotes()

    511. 

  511. #

    512. 

  512. # Turn encoded single quote back

    513. 

  513. #	$content:		Unfiltered post content

    514. 

  514. # ------------------------------------------------------------------

    515. 

  515. function sf_filter_save_quotes($content)

    516. 

  516. {

    517. 

  517. 	$content = str_replace("&#39;", "'", $content);

    518. 

  518. 	# Replace those odd 0003 chars we have seen here and there

    519. 

  519. 	$content = str_replace(chr(003), "'", $content);

    520. 

  520. 

    521. 

  521. 	return $content;

    522. 

  522. }

    523. 

  523. 

    524. 

  524. # ------------------------------------------------------------------

    525. 

  525. # sf_filter_save_balancetags()

    526. 

  526. #

    527. 

  527. # Tried to balance html tags

    528. 

  528. #	$content:		Unfiltered post content

    529. 

  529. # ------------------------------------------------------------------

    530. 

  530. function sf_filter_save_balancetags($content)

    531. 

  531. {

    532. 

  532. 	$content = balanceTags($content, true);

    533. 

  533. 

    534. 

  534. 	return $content;

    535. 

  535. }

    536. 

  536. 

    537. 

  537. # ------------------------------------------------------------------

    538. 

  538. # sf_filter_save_nofollow()

    539. 

  539. #

    540. 

  540. # Adds nofollow to links at save post time

    541. 

  541. #	$content:		Unfiltered post content

    542. 

  542. # ------------------------------------------------------------------

    543. 

  543. 

    544. 

  544. function sf_filter_save_nofollow($content)

    545. 

  545. {

    546. 

  546. 	$content = preg_replace_callback('|<a (.+?)>|i', 'sf_nofollow_callback', $content);

    547. 

  547. 	return $content;

    548. 

  548. }

    549. 

  549. 

    550. 

  550. function sf_nofollow_callback($matches)

    551. 

  551. {

    552. 

  552. 	$text = $matches[1];

    553. 

  553. 	$text = str_replace(array(' rel="nofollow"', " rel='nofollow'", 'rel="nofollow"', "rel='nofollow'"), '', $text);

    554. 

  554. 	return '<a '.$text.' rel="nofollow">';

    555. 

  555. }

    556. 

  556. 

    557. 

  557. # ------------------------------------------------------------------

    558. 

  558. # sf_filter_save_target()

    559. 

  559. #

    560. 

  560. # Forces target _blank to links at save post time

    561. 

  561. #	$content:		Unfiltered post content

    562. 

  562. # ------------------------------------------------------------------

    563. 

  563. function sf_filter_save_target($content)

    564. 

  564. {

    565. 

  565. 	$content = preg_replace_callback('|<a (.+?)>|i', 'sf_target_callback', $content);

    566. 

  566. 	return $content;

    567. 

  567. }

    568. 

  568. 

    569. 

  569. function sf_target_callback($matches)

    570. 

  570. {

    571. 

  571. 	$text = $matches[1];

    572. 

  572. 	if(strpos($text, 'javascript:void(0)')) return "<a ".$text.">";

    573. 

  573. 	$text = str_replace(array(' target="_blank"', " target='_blank'", 'target="_blank"', "target='_blank'"), '', $text);

    574. 

  574. 	return '<a '.$text.' target="_blank">';

    575. 

  575. }

    576. 

  576. 

    577. 

  577. # ------------------------------------------------------------------

    578. 

  578. # sf_filter_save_links()

    579. 

  579. #

    580. 

  580. # Turns urtls in posts to clickable links with shortened text

    581. 

  581. #	$content:		Unfiltered post content

    582. 

  582. # Thanks to Peter at http://www.theblog.ca/shorten-urls for this

    583. 

  583. # ------------------------------------------------------------------

    584. 

  584. function sf_filter_save_links($content, $charcount)

    585. 

  585. {

    586. 

  586. 	# make links clickable

    587. 

  587. 	$content = sf_make_clickable($content);

    588. 

  588. 

    589. 

  589. 	# pad it with a space

    590. 

  590. 	$content = ' ' . $content;

    591. 

  591. 

    592. 

  592. 	# chunk those long urls

    593. 

  593. 	sf_format_links($content, $charcount);

    594. 

  594. 

    595. 

  595. 	$content = preg_replace("#(\s)([a-z0-9\-_.]+)@([^,< \n\r]+)#i", "$1<a href=\"mailto:$2@$3\">$2@$3</a>", $content);

    596. 

  596. 

    597. 

  597. 	# Remove our padding..

    598. 

  598. 	$content = substr($content, 1);

    599. 

  599. 

    600. 

  600. 	return($content);

    601. 

  601. }

    602. 

  602. 

    603. 

  603. function sf_format_links(&$content, $charcount)

    604. 

  604. {

    605. 

  605. 	$links = explode('<a', $content);

    606. 

  606. 	$countlinks = count($links);

    607. 

  607. 	for ($i = 0; $i < $countlinks; $i++)

    608. 

  608. 	{

    609. 

  609. 		$link = $links[$i];

    610. 

  610. 		$link = (preg_match('#(.*)(href=")#is', $link)) ? '<a' . $link : $link;

    611. 

  611. 		$begin = strpos($link, '>') + 1;

    612. 

  612. 		$end = strpos($link, '<', $begin);

    613. 

  613. 		$length = $end - $begin;

    614. 

  614. 		$urlname = substr($link, $begin, $length);

    615. 

  615. 

    616. 

  616. 		# We chunk urls that are longer than 50 characters. Just change

    617. 

  617. 		# '50' to a value that suits your taste. We are not chunking the link

    618. 

  618. 		# text unless if begins with 'http://', 'ftp://', or 'www.'

    619. 

  619. 		$chunked = (strlen($urlname) > $charcount && preg_match('#^(http://|ftp://|www\.)#is', $urlname)) ? substr_replace($urlname, '.....', ($charcount - 10), -10) : $urlname;

    620. 

  620. 		$content = str_replace('>' . $urlname . '<', '>' . $chunked . '<', $content);

    621. 

  621. 	}

    622. 

  622. }

    623. 

  623. 

    624. 

  624. # ------------------------------------------------------------------

    625. 

  625. # sf_filter_save_profanity()

    626. 

  626. #

    627. 

  627. # Swaps any unwanted words for alternatives in post content

    628. 

  628. #	$content:		Unfiltered post content

    629. 

  629. # ------------------------------------------------------------------

    630. 

  630. function sf_filter_save_profanity($content)

    631. 

  631. {

    632. 

  632. 	$badwords = explode("\n", stripslashes(sf_get_option('sfbadwords')));

    633. 

  633. 	$replacementwords = explode("\n", stripslashes(sf_get_option('sfreplacementwords')));

    634. 

  634. 

    635. 

  635. 	# need to add in delimiter for preg replace

    636. 

  636. 	foreach ($badwords as $index => $badword)

    637. 

  637. 	{

    638. 

  638.         if (!empty($badword))

    639. 

  639.         {

    640. 

  640.             $badwords[$index] = '/\b'.trim($badword).'\b/i';

    641. 

  641.             $replacementwords[$index] = trim($replacementwords[$index]);

    642. 

  642.         } else {

    643. 

  643.             unset($badwords[$index]);

    644. 

  644.         }

    645. 

  645. 	}

    646. 

  646. 

    647. 

  647. 	# filter the bad words

    648. 

  648. 	$content = preg_replace($badwords, $replacementwords, $content);

    649. 

  649. 

    650. 

  650. 	return $content;

    651. 

  651. }

    652. 

  652. 

    653. 

  653. # ------------------------------------------------------------------

    654. 

  654. # sf_filter_save_nohtml()

    655. 

  655. #

    656. 

  656. # Remove unwanted html

    657. 

  657. #	$title:		Unfiltered title content

    658. 

  658. # ------------------------------------------------------------------

    659. 

  659. function sf_filter_save_nohtml($content)

    660. 

  660. {

    661. 

  661. 	$content = wp_kses(stripslashes($content), array());

    662. 

  662. 	return $content;

    663. 

  663. }

    664. 

  664. 

    665. 

  665. # ------------------------------------------------------------------

    666. 

  666. # sf_filter_save_brackets()

    667. 

  667. #

    668. 

  668. # Remove square brackets from titles

    669. 

  669. #	$content:		Unfiltered post content

    670. 

  670. # ------------------------------------------------------------------

    671. 

  671. function sf_filter_save_brackets($content)

    672. 

  672. {

    673. 

  673. 	$content = str_replace('[', '&#091;', $content);

    674. 

  674. 	$content = str_replace(']', '&#093;', $content);

    675. 

  675. 

    676. 

  676. 	return $content;

    677. 

  677. }

    678. 

  678. 

    679. 

  679. # ------------------------------------------------------------------

    680. 

  680. # sf_filter_save_escape()

    681. 

  681. #

    682. 

  682. # escape content before saving

    683. 

  683. #	$content:		Unfiltered post content

    684. 

  684. # ------------------------------------------------------------------

    685. 

  685. function sf_filter_save_escape($content)

    686. 

  686. {

    687. 

  687. 	$content = esc_sql($content);

    688. 

  688. 

    689. 

  689. 	return $content;

    690. 

  690. }

    691. 

  691. 

    692. 

  692. # ------------------------------------------------------------------

    693. 

  693. # sf_filter_save_filename()

    694. 

  694. #

    695. 

  695. # Sanitises a filename and makes it safe

    696. 

  696. #	$filename:		Unfiltered file name

    697. 

  697. # ------------------------------------------------------------------

    698. 

  698. function sf_filter_save_filename($filename)

    699. 

  699. {

    700. 

  700. 	$filename_raw = $filename;

    701. 

  701. 	$special_chars = array("?", "[", "]", "/", "\\", "=", "<", ">", ":", ";", ",", "'", "\"", "&", "$", "#", "*", "(", ")", "|", "~", "`", "!", "{", "}", chr(0));

    702. 

  702. 	$filename = str_replace($special_chars, '', $filename);

    703. 

  703. 	$filename = preg_replace('/[\s-]+/', '-', $filename);

    704. 

  704. 	$filename = trim($filename, '.-_');

    705. 

  705. 

    706. 

  706. 	# Split the filename into a base and extension[s]

    707. 

  707. 	$parts = explode('.', $filename);

    708. 

  708. 

    709. 

  709. 	# Return if only one extension

    710. 

  710. 	if ( count($parts) <= 2 )

    711. 

  711. 		return $filename;

    712. 

  712. 

    713. 

  713. 	# Process multiple extensions

    714. 

  714. 	$filename = array_shift($parts);

    715. 

  715. 	$extension = array_pop($parts);

    716. 

  716. 	$mimes =  get_allowed_mime_types();

    717. 

  717. 

    718. 

  718. 	# Loop over any intermediate extensions.  Munge them with a trailing underscore if they are a 2 - 5 character

    719. 

  719. 	# long alpha string not in the extension whitelist.

    720. 

  720. 	foreach ( (array) $parts as $part) {

    721. 

  721. 		$filename .= '.' . $part;

    722. 

  722. 

    723. 

  723. 		if ( preg_match("/^[a-zA-Z]{2,5}\d?$/", $part) ) {

    724. 

  724. 			$allowed = false;

    725. 

  725. 			foreach ( $mimes as $ext_preg => $mime_match ) {

    726. 

  726. 				$ext_preg = '!(^' . $ext_preg . ')$!i';

    727. 

  727. 				if ( preg_match( $ext_preg, $part ) ) {

    728. 

  728. 					$allowed = true;

    729. 

  729. 					break;

    730. 

  730. 				}

    731. 

  731. 			}

    732. 

  732. 			if ( !$allowed )

    733. 

  733. 				$filename .= '_';

    734. 

  734. 		}

    735. 

  735. 	}

    736. 

  736. 	$filename = str_replace(' ', '_', $filename);

    737. 

  737. 	$filename .= '.' . $extension;

    738. 

  738. 

    739. 

  739. 	return $filename;

    740. 

  740. }

    741. 

  741. 

    742. 

  742. # ------------------------------------------------------------------

    743. 

  743. # sf_filter_save_encode()

    744. 

  744. #

    745. 

  745. # Encode atributes

    746. 

  746. #	$content:		usually a display name

    747. 

  747. # ------------------------------------------------------------------

    748. 

  748. function sf_filter_save_encode($content)

    749. 

  749. {

    750. 

  750. 	$content = esc_attr($content);

    751. 

  751. 

    752. 

  752. 	return $content;

    753. 

  753. }

    754. 

  754. 

    755. 

  755. # ------------------------------------------------------------------

    756. 

  756. # sf_filter_save_cleanemail()

    757. 

  757. #

    758. 

  758. # Sanitises am email address and makes it safe

    759. 

  759. #	$filename:		Unfiltered file name

    760. 

  760. # ------------------------------------------------------------------

    761. 

  761. function sf_filter_save_cleanemail($email)

    762. 

  762. {

    763. 

  763. 	$email = sanitize_email($email);

    764. 

  764. 

    765. 

  765. 	return $email;

    766. 

  766. }

    767. 

  767. 

    768. 

  768. # ------------------------------------------------------------------

    769. 

  769. # sf_filter_save_cleanurl()

    770. 

  770. #

    771. 

  771. # Sanitises an url for db  and makes it safe

    772. 

  772. #	$url:		Unfiltered url

    773. 

  773. # ------------------------------------------------------------------

    774. 

  774. function sf_filter_save_cleanurl($url)

    775. 

  775. {

    776. 

  776. 	$url = esc_url_raw($url);

    777. 

  777. 

    778. 

  778. 	return $url;

    779. 

  779. }

    780. 

  780. 

    781. 

  781. # ------------------------------------------------------------------

    782. 

  782. # sf_filter_save_spoiler() and support functions

    783. 

  783. #

    784. 

  784. # Remove spoilers from content if not allowed

    785. 

  785. #	$content:		Unfiltered post content

    786. 

  786. # ------------------------------------------------------------------

    787. 

  787. function sf_filter_save_spoiler($content)

    788. 

  788. {

    789. 

  789.     $content = preg_replace('/\[spoiler\][^>]*\[\/spoiler\]/', '' , $content);

    790. 

  790. 	return $content;

    791. 

  791. }

    792. 

  792. 

    793. 

  793. # ------------------------------------------------------------------

    794. 

  794. # sf_filter_save_oEmbed() and support function

    795. 

  795. #

    796. 

  796. # Checks urls against the WP oEmbed class and pulls in the embed

    797. 

  797. # code if a match is found. Performed before other url checks

    798. 

  798. #	$content:		Unfiltered post content

    799. 

  799. # ------------------------------------------------------------------

    800. 

  800. function sf_filter_save_oEmbed($content)

    801. 

  801. {

    802. 

  802. 	$content = preg_replace_callback('#(?<!=\')(?<!=")(http|ftp|https):\/\/[\w\-_]+(\.[\w\-_]+)+([\w\-\.,@?^=%&:/~\+\#]*[\w\-\@?^=%&amp;/~\+\#])?#i', 'sf_check_save_oEmbed', $content);

    803. 

  803. 	return $content;

    804. 

  804. }

    805. 

  805. 

    806. 

  806. function sf_check_save_oEmbed($match)

    807. 

  807. {

    808. 

  808. 	$url = wp_oembed_get($match[0]);

    809. 

  809. 	if(empty($url)) $url=$match[0];

    810. 

  810. 	return $url;

    811. 

  811. }

    812. 

  812. 

    813. 

  813. # ------------------------------------------------------------------

    814. 

  814. # sf_filter_save_images() and support functions

    815. 

  815. #

    816. 

  816. # Set the width of images if possible at save time

    817. 

  817. #	$content:		Unfiltered post content

    818. 

  818. # ------------------------------------------------------------------

    819. 

  819. function sf_filter_save_images($content)

    820. 

  820. {

    821. 

  821. 	return sf_check_save_image_width($content);

    822. 

  822. }

    823. 

  823. 

    824. 

  824. function sf_check_save_image_width($content)

    825. 

  825. {

    826. 

  826. 	$content = preg_replace_callback('/<img[^>]*>/', 'sf_check_save_width' , $content);

    827. 

  827. 	return $content;

    828. 

  828. }

    829. 

  829. 

    830. 

  830. function sf_check_save_width($match)

    831. 

  831. {

    832. 

  832. 	global $SFPATHS;

    833. 

  833. 

    834. 

  834. 	$out = '';

    835. 

  835. 	$match[0] = stripslashes($match[0]);

    836. 

  836. 

    837. 

  837. 	preg_match('/title\s*=\s*"([^"]*)"|title\s*=\s*\'([^\']*)\'/i', $match[0], $title);

    838. 

  838. 	preg_match('/alt\s*=\s*"([^"]*)"|alt\s*=\s*\'([^\']*)\'/i', $match[0], $alt);

    839. 

  839. 	preg_match('/width\s*=\s*"([^"]*)"|width\s*=\s*\'([^\']*)\'/i', $match[0], $width);

    840. 

  840. 	preg_match('/src\s*=\s*"([^"]*)"|src\s*=\s*\'([^\']*)\'/i', $match[0], $src);

    841. 

  841. 	preg_match('/style\s*=\s*"([^"]*)"|style\s*=\s*\'([^\']*)\'/i', $match[0], $style);

    842. 

  842. 	preg_match('/class\s*=\s*"([^"]*)"|class\s*=\s*\'([^\']*)\'/i', $match[0], $class);

    843. 

  843. 

    844. 

  844. 	if(isset($width[1])) return $match[0];

    845. 

  845. 

    846. 

  846. 	if (isset($class[1])) return $match[0];

    847. 

  847. 

    848. 

  848. 	if ((strpos($src[1], 'plugins/emotions')) || (strpos($src[1], 'images/smilies')) || (strpos($src[1], $SFPATHS['smileys'])))

    849. 

  849. 	{

    850. 

  850. 		$out = str_replace('img src', 'img class="sfsmiley" src', $match[0]);

    851. 

  851. 		return $out;

    852. 

  852. 	}

    853. 

  853. 

    854. 

  854. 	# figure out whether its relative path (same server) or a url

    855. 

  855.     $parsed = parse_url($src[1]);

    856. 

  856.     if (array_key_exists('scheme', $parsed))

    857. 

  857.     {

    858. 

  858.     	$srcfile = $src[1];  # url, so leave it alone

    859. 

  859.     } else {

    860. 

  860.   		$srcfile = $_SERVER['DOCUMENT_ROOT'].$src[1];  # relative path, so add DOCUMENT_ROOT to path

    861. 

  861.   	}

    862. 

  862. 

    863. 

  863. 	if (empty($width[1]))

    864. 

  864. 	{

    865. 

  865. 		global $gis_error;

    866. 

  866. 		$gis_error = '';

    867. 

  867. 		set_error_handler('sf_gis_error');

    868. 

  868. 

    869. 

  869. 		$size = getimagesize($srcfile);

    870. 

  870. 

    871. 

  871. 		restore_error_handler();

    872. 

  872. 		if ($gis_error == '')

    873. 

  873. 		{

    874. 

  874. 			if ($size[0])

    875. 

  875. 			{

    876. 

  876. 				$width[1] = $size[0];

    877. 

  877. 			} else {

    878. 

  878. 				return '['.__('Image Can Not Be Found', 'sp').']';

    879. 

  879. 			}

    880. 

  880. 		}

    881. 

  881. 	}

    882. 

  882. 

    883. 

  883. 	if (isset($src[1])) 	$thissrc = 		'src="'.$src[1].'" '; 		else $thissrc = '';

    884. 

  884. 	if (isset($title[1])) 	$thistitle = 	'title="'.$title[1].'" '; 	else $thistitle = '';

    885. 

  885. 	if (isset($alt[1])) 	$thisalt = 		'alt="'.$alt[1].'" '; 		else $thisalt = '';

    886. 

  886. 	if (isset($width[1]))	$thiswidth =	'width="'.$width[1].'" ';	else $thiswidth = '';

    887. 

  887. 	if (isset($style[1]))	$thisstyle =	'style="'.$style[1].'" ';	else $thisstyle = '';

    888. 

  888. 	if (isset($class[1]))	$thisclass =	'class="'.$class[1].'" ';	else $thisclass = '';

    889. 

  889. 

    890. 

  890. 	$out.= esc_sql('<img '.$thissrc.$thiswidth.$thisstyle.$thisclass.$thistitle.$thisalt.'/>');

    891. 

  891. 	return $out;

    892. 

  892. }

    893. 

  893. 

    894. 

  894. # ===END OF SAVE FILTERS============================================

    895. 

  895. 

    896. 

  896. # ===START OF EDIT FILTERS==========================================

    897. 

  897. #

    898. 

  898. # CONTENT - EDIT FILTERS UMBRELLA

    899. 

  899. #

    900. 

  900. # Used:	Forum Post

    901. 

  901. #		?

    902. 

  902. 

    903. 

  903. function sf_filter_content_edit($content)

    904. 

  904. {

    905. 

  905. 	global $sfglobals;

    906. 

  906. 

    907. 

  907. 	# 1: Convert smiley codes to images

    908. 

  908. 	$content = sf_filter_display_smileys($content);

    909. 

  909. 

    910. 

  910. 	# 2: Convert Chars

    911. 

  911. 	$content = sf_filter_display_chars($content);

    912. 

  912. 

    913. 

  913. 	# 3: Format the paragraphs (p and br onlt Richtext)

    914. 

  914. 	if($sfglobals['editor']['sfeditor'] != RICHTEXT) {

    915. 

  915. 		$content = sf_filter_save_linebreaks($content);

    916. 

  916. 	} else {

    917. 

  917. 		$content = sf_filter_display_paragraphs($content);

    918. 

  918. 	}

    919. 

  919. 

    920. 

  920. 	# 4: Parse post into appropriate editor format

    921. 

  921. 	$content = sf_filter_edit_parser($content, $sfglobals['editor']['sfeditor']);

    922. 

  922. 

    923. 

  923. 	# 5: Turn off shortcode processing to keep from messing up their display

    924. 

  924. 	remove_all_shortcodes();

    925. 

  925. 

    926. 

  926. 	return $content;

    927. 

  927. }

    928. 

  928. 

    929. 

  929. # ==================================================================

    930. 

  930. #

    931. 

  931. # TEXT - EDIT FILTERS UMBRELLA

    932. 

  932. #

    933. 

  933. # Used:	Text Areas

    934. 

  934. #		?

    935. 

  935. 

    936. 

  936. function sf_filter_text_edit($content)

    937. 

  937. {

    938. 

  938. 	global $sfglobals;

    939. 

  939. 

    940. 

  940. 	# 1: Convert Chars

    941. 

  941. 	$content = sf_filter_display_chars($content);

    942. 

  942. 

    943. 

  943. 	# 2: Format the paragraphs (p and br)

    944. 

  944. 	$content = sf_filter_display_paragraphs($content);

    945. 

  945. 	$content = sf_filter_save_linebreaks($content);

    946. 

  946. 

    947. 

  947. 	# 3: Parse post into appropriate editor format

    948. 

  948. 	$content = sf_filter_edit_parser($content, PLAIN);

    949. 

  949. 

    950. 

  950. 	# 4: remove escape slashes

    951. 

  951. 	$content = sf_filter_display_stripslashes($content);

    952. 

  952. 

    953. 

  953. 	# finally htnl encode it for edit display

    954. 

  954. 	$content = htmlentities($content, ENT_COMPAT, SFCHARSET);

    955. 

  955. 

    956. 

  956. 	return $content;

    957. 

  957. }

    958. 

  958. 

    959. 

  959. function sf_filter_edit_parser($content, $editor)

    960. 

  960. {

    961. 

  961. 

    962. 

  962. 	if($editor == BBCODE) {

    963. 

  963. 		# load the bbcode to html parser

    964. 

  964. 		include_once (SF_PLUGIN_DIR.'/forum/parsers/sf-htmltobb.php');

    965. 

  965. 		$content = sf_Html2BBCode($content);

    966. 

  966. 	} elseif($editor == HTML || $editor == PLAIN) {

    967. 

  967. 		# load the raw to html parser

    968. 

  968. 		include_once (SF_PLUGIN_DIR.'/forum/parsers/sf-htmltoraw.php');

    969. 

  969. 		$content = sf_Html2Raw($content);

    970. 

  970. 	}

    971. 

  971. 

    972. 

  972. 	return $content;

    973. 

  973. }

    974. 

  974. 

    975. 

  975. 

    976. 

  976. # ===END OF EDIT FILTERS============================================

    977. 

  977. 

    978. 

  978. # ===START OF DISPLAY FILTERS=======================================

    979. 

  979. #

    980. 

  980. # CONTENT - DISPLAY FILTERS UMBRELLA

    981. 

  981. #

    982. 

  982. # Used:	Forum Post

    983. 

  983. #		Private Messages

    984. 

  984. #		Post Report

    985. 

  985. #		Template Tag

    986. 

  986. #		?

    987. 

  987. 

    988. 

  988. function sf_filter_content_display($content)

    989. 

  989. {

    990. 

  990.     global $current_user;

    991. 

  991. 

    992. 

  992. 	# 1: Backwards compatible make links clickable

    993. 

  993. 	$content = sf_filter_display_links($content);

    994. 

  994. 

    995. 

  995. 	# 2: Convert smiley codes to images

    996. 

  996. 	$content = sf_filter_display_smileys($content);

    997. 

  997. 

    998. 

  998. 	# 3: Convert Chars

    999. 

  999. 	$content = sf_filter_display_chars($content);

    1000. 

  1000. 

    1001. 

  1001. 	# 4: Format the paragraphs

    1002. 

  1002. 	$content = sf_filter_display_paragraphs($content);

    1003. 

  1003. 

    1004. 

  1004. 	# 5: Format the code select Divs.

    1005. 

  1005. 	$content = sf_filter_display_codeselect($content);

    1006. 

  1006. 

    1007. 

  1007. 	# 6: Format image tags

    1008. 

  1008. 	$content = sf_filter_display_images($content);

    1009. 

  1009. 

    1010. 

  1010.     # 7: strip shortcodes

    1011. 

  1011.     if (sf_get_option('sffiltershortcodes'))

    1012. 

  1012.     {

    1013. 

  1013.     	$content = sf_filter_display_shortcodes($content);

    1014. 

  1014.     }

    1015. 

  1015. 

    1016. 

  1016.     # 8: hide links

    1017. 

  1017.     if (!$current_user->sfviewlinks)

    1018. 

  1018.     {

    1019. 

  1019.         $content = sf_filter_display_hidelinks($content);

    1020. 

  1020.     }

    1021. 

  1021. 

    1022. 

  1022. 	# 9: apply any users custom filters

    1023. 

  1023. 	$content = apply_filters('sf_show_post_content', $content);

    1024. 

  1024. 

    1025. 

  1025. 	return $content;

    1026. 

  1026. }

    1027. 

  1027. 

    1028. 

  1028. # ==================================================================

    1029. 

  1029. #

    1030. 

  1030. # TEXT - DISPLAY FILTERS UMBRELLA

    1031. 

  1031. #

    1032. 

  1032. # Used:	Profile Description

    1033. 

  1033. #		Blog Linking Link Text

    1034. 

  1034. #		Group Message

    1035. 

  1035. #		Forum Message

    1036. 

  1036. #		Email Messages

    1037. 

  1037. #		Signature Text

    1038. 

  1038. #		Announce Tag Heading/Text

    1039. 

  1039. #		Sneak Peak Message

    1040. 

  1040. #		Admin View Message

    1041. 

  1041. #		Custom Editor Messages

    1042. 

  1042. #		Registration/Privacy Messages

    1043. 

  1043. #		Custom Profile Message

    1044. 

  1044. #		Admins Off-Line Message

    1045. 

  1045. #		?

    1046. 

  1046. 

    1047. 

  1047. function sf_filter_text_display($content)

    1048. 

  1048. {

    1049. 

  1049. 	# 1: Convert Chars

    1050. 

  1050. 	$content = sf_filter_display_chars($content);

    1051. 

  1051. 

    1052. 

  1052. 	# 2: Format the paragraphs

    1053. 

  1053. 	$content = sf_filter_display_paragraphs($content);

    1054. 

  1054. 

    1055. 

  1055. 	# 3: remove escape slashes

    1056. 

  1056. 	$content = sf_filter_display_stripslashes($content);

    1057. 

  1057. 

    1058. 

  1058. 	return $content;

    1059. 

  1059. }

    1060. 

  1060. 

    1061. 

  1061. # ==================================================================

    1062. 

  1062. #

    1063. 

  1063. # TITLE - DISPLAY FILTERS UMBRELLA

    1064. 

  1064. #

    1065. 

  1065. # Used:	Group Title/Description *

    1066. 

  1066. #		Forum Title/Description *

    1067. 

  1067. #		Topic Title *

    1068. 

  1068. #		Message Title *

    1069. 

  1069. #		Blog Linking Titles *

    1070. 

  1070. #		Email Subject *

    1071. 

  1071. #		Custom Meta Description/Keywords *

    1072. 

  1072. #		Topic Status Name/List *

    1073. 

  1073. #		Custom Icon Title *

    1074. 

  1074. #		UserGroup Name/Description *

    1075. 

  1075. #		Permission Name/Description *

    1076. 

  1076. #		Profile Form Labels *

    1077. 

  1077. #		?

    1078. 

  1078. 

    1079. 

  1079. function sf_filter_title_display($content)

    1080. 

  1080. {

    1081. 

  1081. 	# 1: Convert Chars

    1082. 

  1082. 	$content = sf_filter_display_chars($content);

    1083. 

  1083. 

    1084. 

  1084. 	# 2: remove escape slashes

    1085. 

  1085. 	$content = sf_filter_display_stripslashes($content);

    1086. 

  1086. 

    1087. 

  1087. 	return $content;

    1088. 

  1088. }

    1089. 

  1089. 

    1090. 

  1090. # ==================================================================

    1091. 

  1091. #

    1092. 

  1092. # USER NAMES - DISPLAY FILTERS UMBRELLA

    1093. 

  1093. #

    1094. 

  1094. # Used:	Display Name

    1095. 

  1095. #		Guest Name

    1096. 

  1096. #		?

    1097. 

  1097. 

    1098. 

  1098. function sf_filter_name_display($content)

    1099. 

  1099. {

    1100. 

  1100. 	# 1: Convert Chars

    1101. 

  1101. 	$content = sf_filter_display_chars($content);

    1102. 

  1102. 

    1103. 

  1103. 	# 2: remove escape slashes

    1104. 

  1104. 	$content = sf_filter_display_stripslashes($content);

    1105. 

  1105. 

    1106. 

  1106. 	return $content;

    1107. 

  1107. }

    1108. 

  1108. 

    1109. 

  1109. # ==================================================================

    1110. 

  1110. #

    1111. 

  1111. # EMAIL ADDRESS - DISPLAY FILTERS UMBRELLA

    1112. 

  1112. #

    1113. 

  1113. # Used:	Guest posts

    1114. 

  1114. #		User profile

    1115. 

  1115. #		?

    1116. 

  1116. 

    1117. 

  1117. function sf_filter_email_display($email)

    1118. 

  1118. {

    1119. 

  1119. 	# 1: Convert Chars

    1120. 

  1120. 	$email = sf_filter_display_chars($email);

    1121. 

  1121. 

    1122. 

  1122. 	# 2: remove escape slashes

    1123. 

  1123. 	$email = sf_filter_display_stripslashes($email);

    1124. 

  1124. 

    1125. 

  1125. 	return $email;

    1126. 

  1126. }

    1127. 

  1127. 

    1128. 

  1128. # ==================================================================

    1129. 

  1129. #

    1130. 

  1130. # URL - DISPLAY FILTERS UMBRELLA

    1131. 

  1131. #

    1132. 

  1132. # Used: All URLs

    1133. 

  1133. #		?

    1134. 

  1134. 

    1135. 

  1135. function sf_filter_url_display($url)

    1136. 

  1136. {

    1137. 

  1137. 	# 1: Clean url for display

    1138. 

  1138. 	$url = sf_filter_display_cleanurl($url);

    1139. 

  1139. 

    1140. 

  1140. 	return $url;

    1141. 

  1141. }

    1142. 

  1142. 

    1143. 

  1143. # ===START OF DISPLAY FILTERS=======================================

    1144. 

  1144. 

    1145. 

  1145. # ------------------------------------------------------------------

    1146. 

  1146. # sf_filter_display_links()

    1147. 

  1147. #

    1148. 

  1148. # Makes unanchored links clickable. This is here for backward

    1149. 

  1149. # compatibility with older storage of posts that incuded p tags

    1150. 

  1150. #

    1151. 

  1151. #	$content:		Unfiltered post content

    1152. 

  1152. # ------------------------------------------------------------------

    1153. 

  1153. function sf_filter_display_links($content)

    1154. 

  1154. {

    1155. 

  1155. 	# dont make clickable in pre or code tags

    1156. 

  1156. 	$content = sf_make_clickable($content);

    1157. 

  1157. 	return $content;

    1158. 

  1158. }

    1159. 

  1159. 

    1160. 

  1160. # ------------------------------------------------------------------

    1161. 

  1161. # sf_convert_custom_smileys()

    1162. 

  1162. #

    1163. 

  1163. # Swaps codes for smileys if using custom images

    1164. 

  1164. #	$content:		Unfiltered post content

    1165. 

  1165. # ------------------------------------------------------------------

    1166. 

  1166. function sf_filter_display_smileys($content)

    1167. 

  1167. {

    1168. 

  1168. 	global $sfglobals;

    1169. 

  1169. 

    1170. 

  1170. 	# Custom

    1171. 

  1171. 	if($sfglobals['smileyoptions']['sfsmallow'] && $sfglobals['smileyoptions']['sfsmtype']==1)

    1172. 

  1172. 	{

    1173. 

  1173. 		if($sfglobals['smileys'])

    1174. 

  1174. 		{

    1175. 

  1175. 			foreach ($sfglobals['smileys'] as $sname => $sinfo)

    1176. 

  1176. 			{

    1177. 

  1177. 				$content = str_replace($sinfo[1], '<img src="'.SFSMILEYS.$sinfo[0].'" title="'.$sname.'" alt="'.$sname.'" />', $content);

    1178. 

  1178. 			}

    1179. 

  1179. 		}

    1180. 

  1180. 	}

    1181. 

  1181. 

    1182. 

  1182. 	# WP versions

    1183. 

  1183. 	if($sfglobals['smileyoptions']['sfsmallow'] && $sfglobals['smileyoptions']['sfsmtype']==3)

    1184. 

  1184. 	{

    1185. 

  1185. 		$content = convert_smilies($content);

    1186. 

  1186. 		$content = str_replace("'", '"', $content);

    1187. 

  1187. 	}

    1188. 

  1188. 

    1189. 

  1189. 	return $content;

    1190. 

  1190. }

    1191. 

  1191. 

    1192. 

  1192. # ------------------------------------------------------------------

    1193. 

  1193. # sf_filter_display_chars()

    1194. 

  1194. #

    1195. 

  1195. # Converts specific chars to entities

    1196. 

  1196. #	$content:		Unfiltered post content

    1197. 

  1197. # ------------------------------------------------------------------

    1198. 

  1198. function sf_filter_display_chars($content)

    1199. 

  1199. {

    1200. 

  1200. 	$content = convert_chars($content);

    1201. 

  1201. 

    1202. 

  1202. 	# This simply replaces those odd 0003 chars we have seen

    1203. 

  1203. 	$content = str_replace(chr(003), "'", $content);

    1204. 

  1204. 	return $content;

    1205. 

  1205. }

    1206. 

  1206. 

    1207. 

  1207. # ------------------------------------------------------------------

    1208. 

  1208. # sf_filter_display_paragraphs()

    1209. 

  1209. #

    1210. 

  1210. # Breaks up into paragraphs - excluding syntax highlighted blocks

    1211. 

  1211. #	$content:		Unfiltered post content

    1212. 

  1212. # ------------------------------------------------------------------

    1213. 

  1213. function sf_filter_display_paragraphs($content)

    1214. 

  1214. {

    1215. 

  1215. 	# check if syntax hoighlighted

    1216. 

  1216. 	$sfsyntax = sf_get_option('sfsyntax');

    1217. 

  1217.     if($sfsyntax['sfsyntaxforum'] == true && strpos($content, 'brush-'))

    1218. 

  1218. 	{

    1219. 

  1219. 		$base = explode('<div class="sfcode">', $content);

    1220. 

  1220. 		if($base)

    1221. 

  1221. 		{

    1222. 

  1222. 			$comp = array();

    1223. 

  1223. 			foreach($base as $part)

    1224. 

  1224. 			{

    1225. 

  1225. 				if(substr(trim($part), 0, 18) == '<pre class="brush-')

    1226. 

  1226. 				{

    1227. 

  1227. 					$subparts = explode('</pre>', $part);

    1228. 

  1228. 					$comp[] = '<div class="sfcode">' . $subparts[0] .'</pre></div>';

    1229. 

  1229. 					$pos = strpos($subparts[1], '</div>');

    1230. 

  1230. 					$subparts[1] = substr($subparts[1], ($pos+6));

    1231. 

  1231. 					$comp[] = wpautop($subparts[1]);

    1232. 

  1232. 					unset($subparts);

    1233. 

  1233. 				} else {

    1234. 

  1234. 					$comp[] = wpautop($part);

    1235. 

  1235. 				}

    1236. 

  1236. 			}

    1237. 

  1237. 			$content = implode($comp);

    1238. 

  1238. 		}

    1239. 

  1239. 	} else {

    1240. 

  1240. 		$content = wpautop($content);

    1241. 

  1241. 	}

    1242. 

  1242. 

    1243. 

  1243. 	$content = shortcode_unautop($content);

    1244. 

  1244. 

    1245. 

  1245. 	return $content;

    1246. 

  1246. }

    1247. 

  1247. 

    1248. 

  1248. # ------------------------------------------------------------------

    1249. 

  1249. # sf_filter_display_codeselect()

    1250. 

  1250. #

    1251. 

  1251. # Adds the 'Select Code' button to code blocks

    1252. 

  1252. # ------------------------------------------------------------------

    1253. 

  1253. function sf_filter_display_codeselect($content)

    1254. 

  1254. {

    1255. 

  1255. 	# add the 'select code' button

    1256. 

  1256. 	$pos = strpos($content, '<div class="sfcode">');

    1257. 

  1257. 	if($pos === false) return $content;

    1258. 

  1258. 

    1259. 

  1259. 	# check if syntax hoighlighted

    1260. 

  1260. 	$sfsyntax = sf_get_option('sfsyntax');

    1261. 

  1261.     if($sfsyntax['sfsyntaxforum'] == true && strpos($content, 'brush-'))

    1262. 

  1262.     {

    1263. 

  1263.     	return $content;

    1264. 

  1264. 	}

    1265. 

  1265. 

    1266. 

  1266. 	while($pos !== false)

    1267. 

  1267. 	{

    1268. 

  1268. 		$id = rand(100, 10000);

    1269. 

  1269. 		$selector = '#sfcode'.$id;

    1270. 

  1270. 		$replace = '<p><input type="button" class="sfcodeselect" name="sfselectit'.$id.'" value="'.__("Select Code", "sforum").'" onclick="sfjSelectCode(\'sfcode'.$id.'\');" /></p><div class="sfcode" id="sfcode'.$id.'">';

    1271. 

  1271. 		$content = substr_replace ($content, $replace, $pos, 20);

    1272. 

  1272. 		$pos = $pos + 140;

    1273. 

  1273. 		$pos = strpos($content, '<div class="sfcode">', $pos);

    1274. 

  1274. 	}

    1275. 

  1275. 	return $content;

    1276. 

  1276. }

    1277. 

  1277. 

    1278. 

  1278. # ------------------------------------------------------------------

    1279. 

  1279. # sf_filter_display_images() and support functions

    1280. 

  1280. #

    1281. 

  1281. # Change large images to small thumbnails and embed

    1282. 

  1282. #	$content:		Unfiltered post content

    1283. 

  1283. # ------------------------------------------------------------------

    1284. 

  1284. function sf_filter_display_images($content)

    1285. 

  1285. {

    1286. 

  1286. 	return sf_swap_IMGs($content);

    1287. 

  1287. }

    1288. 

  1288. 

    1289. 

  1289. function sf_swap_IMGs($content)

    1290. 

  1290. {

    1291. 

  1291. 	$content = preg_replace_callback('/<img[^>]*>/', 'sf_check_width' , $content);

    1292. 

  1292. 	return $content;

    1293. 

  1293. }

    1294. 

  1294. 

    1295. 

  1295. function sf_check_width($match)

    1296. 

  1296. {

    1297. 

  1297. 	global $SFPATHS;

    1298. 

  1298. 

    1299. 

  1299.     $out = '';

    1300. 

  1300. 

    1301. 

  1301. 	$sfimage = array();

    1302. 

  1302. 	$sfimage = sf_get_option('sfimage');

    1303. 

  1303. 

    1304. 

  1304. 	# is any of this needed?

    1305. 

  1305. 	if ($sfimage['enlarge']==false && $sfimage['process']==false) return $match[0];

    1306. 

  1306. 

    1307. 

  1307. 	$thumb = $sfimage['thumbsize'];

    1308. 

  1308. 	if ((empty($thumb)) || ($thumb < 100)) $thumb=100;

    1309. 

  1309. 

    1310. 

  1310. 	preg_match('/title\s*=\s*"([^"]*)"|title\s*=\s*\'([^\']*)\'/i', $match[0], $title);

    1311. 

  1311. 	preg_match('/alt\s*=\s*"([^"]*)"|alt\s*=\s*\'([^\']*)\'/i', $match[0], $alt);

    1312. 

  1312. 	preg_match('/width\s*=\s*"([^"]*)"|width\s*=\s*\'([^\']*)\'/i', $match[0], $width);

    1313. 

  1313. 	preg_match('/src\s*=\s*"([^"]*)"|src\s*=\s*\'([^\']*)\'/i', $match[0], $src);

    1314. 

  1314. 	preg_match('/style\s*=\s*"([^"]*)"|style\s*=\s*\'([^\']*)\'/i', $match[0], $style);

    1315. 

  1315. 	preg_match('/class\s*=\s*"([^"]*)"|class\s*=\s*\'([^\']*)\'/i', $match[0], $class);

    1316. 

  1316. 

    1317. 

  1317. 	if (isset($class[1])) return $match[0];

    1318. 

  1318. 

    1319. 

  1319. 	if ((strpos($src[1], 'plugins/emotions')) || (strpos($src[1], 'images/smilies')) || (strpos($src[1], $SFPATHS['smileys'])))

    1320. 

  1320. 	{

    1321. 

  1321. 		$out = str_replace('img src', 'img class="sfsmiley" src', $match[0]);

    1322. 

  1322. 		return $out;

    1323. 

  1323. 	}

    1324. 

  1324. 

    1325. 

  1325. 	# see if we can determoine if the image still exists before going further. So is it relative?

    1326. 

  1326. 	if (empty($width[1]) && substr($src[1], 0, 7) == 'http://')

    1327. 

  1327. 	{

    1328. 

  1328. 		if(function_exists('curl_init'))

    1329. 

  1329. 		{

    1330. 

  1330. 			$fcheck = curl_init();

    1331. 

  1331. 			curl_setopt($fcheck, CURLOPT_URL,$src[1]);

    1332. 

  1332. 			curl_setopt($fcheck, CURLOPT_NOBODY, 1);

    1333. 

  1333. 			curl_setopt($fcheck, CURLOPT_FAILONERROR, 1);

    1334. 

  1334. 			curl_setopt($fcheck, CURLOPT_RETURNTRANSFER, 1);

    1335. 

  1335. 			if(curl_exec($fcheck)===false)

    1336. 

  1336. 			{

    1337. 

  1337. 				return '['.__('Image Can Not Be Found', 'sforum').']';

    1338. 

  1338. 			}

    1339. 

  1339. 		}

    1340. 

  1340. 	}

    1341. 

  1341. 

    1342. 

  1342. 	if (empty($style[1]))

    1343. 

  1343. 	{

    1344. 

  1344. 		if ($sfimage['style'] == 'left' || $sfimage['style']=='right')

    1345. 

  1345. 		{

    1346. 

  1346. 			$style[1] = 'float: '.$sfimage['style'];

    1347. 

  1347. 		} else {

    1348. 

  1348. 			$style[1] = 'vertical-align: '.$sfimage['style'];

    1349. 

  1349. 		}

    1350. 

  1350. 	}

    1351. 

  1351. 

    1352. 

  1352. 	$iclass='';

    1353. 

  1353. 	$mclass="sfmouseother";

    1354. 

  1354. 

    1355. 

  1355. 	switch ($style[1])

    1356. 

  1356. 	{

    1357. 

  1357. 		case 'float: left':

    1358. 

  1358. 			$iclass="sfimageleft";

    1359. 

  1359. 			$mclass="sfmouseleft";

    1360. 

  1360. 			break;

    1361. 

  1361. 		case 'float: right':

    1362. 

  1362. 			$iclass="sfimageright";

    1363. 

  1363. 			$mclass="sfmouseright";

    1364. 

  1364. 			break;

    1365. 

  1365. 		case 'vertical-align: baseline':

    1366. 

  1366. 			$iclass="sfimagebaseline";

    1367. 

  1367. 			break;

    1368. 

  1368. 		case 'vertical-align: top':

    1369. 

  1369. 			$iclass="sfimagetop";

    1370. 

  1370. 			break;

    1371. 

  1371. 		case 'vertical-align: middle':

    1372. 

  1372. 			$iclass="sfimagemiddle";

    1373. 

  1373. 			break;

    1374. 

  1374. 		case 'vertical-align: bottom':

    1375. 

  1375. 			$iclass="sfimagebottom";

    1376. 

  1376. 			break;

    1377. 

  1377. 		case 'vertical-align: text-top':

    1378. 

  1378. 			$iclass="sfimagetexttop";

    1379. 

  1379. 			break;

    1380. 

  1380. 		case 'vertical-align: text-bottom':

    1381. 

  1381. 			$iclass="sfimagetextbottom";

    1382. 

  1382. 			break;

    1383. 

  1383. 	}

    1384. 

  1384. 

    1385. 

  1385. 	# figure out whether its relative path (same server) or a url

    1386. 

  1386.     $parsed = parse_url($src[1]);

    1387. 

  1387.     if (array_key_exists('scheme', $parsed))

    1388. 

  1388.     {

    1389. 

  1389.     	$srcfile = $src[1];  # url, so leave it alone

    1390. 

  1390.     } else {

    1391. 

  1391.   		$srcfile = $_SERVER['DOCUMENT_ROOT'].$src[1];  # relative path, so add DOCUMENT_ROOT to path

    1392. 

  1392.   	}

    1393. 

  1393. /*

    1394. 

  1394. 	global $gis_error;

    1395. 

  1395. 	$gis_error = '';

    1396. 

  1396. 	set_error_handler('sf_gis_error');

    1397. 

  1397. 

    1398. 

  1398. 	if (empty($width[1]))

    1399. 

  1399. 	{

    1400. 

  1400. 		$size = getimagesize($srcfile);

    1401. 

  1401. 		restore_error_handler();

    1402. 

  1402. 		if ($gis_error == '')

    1403. 

  1403. 		{

    1404. 

  1404. 			if ($size[0])

    1405. 

  1405. 			{

    1406. 

  1406. 				$width[1] = $size[0];

    1407. 

  1407. 			} else {

    1408. 

  1408. 				return '['.__('Image Can Not Be Found', 'sforum').']';

    1409. 

  1409. 			}

    1410. 

  1410. 		}

    1411. 

  1411. 	}

    1412. 

  1412. */

    1413. 

  1413. 	if (isset($src[1])) $thissrc = 'src="'.$src[1].'" '; else $thissrc = '';

    1414. 

  1414. 	if (isset($title[1])) $thistitle = 'title="'.$title[1].'" '; else $thistitle = '';

    1415. 

  1415. 	if (isset($alt[1])) $thisalt = 'alt="'.$alt[1].'" '; else $thisalt = '';

    1416. 

  1416. 

    1417. 

  1417. 	if ((int) $width[1] > (int)$thumb) { # is width > thumb size

    1418. 

  1418. 		$thiswidth = 'width="'.$thumb.'" ';

    1419. 

  1419. 		$anchor = true;

    1420. 

  1420. 	} else if (!empty($width)) { # width is smaller than thumb, so use the width

    1421. 

  1421. 		$thiswidth = 'width="'.$width[1].'" ';

    1422. 

  1422. 		$mclass = '';

    1423. 

  1423. 		$anchor = false;

    1424. 

  1424. 	} else { # couldnt determine width, so dont output it

    1425. 

  1425. //		$thiswidth = '';

    1426. 

  1426. //		$mclass = '';

    1427. 

  1427. 		$thiswidth = 'width="'.$thumb.'" ';

    1428. 

  1428. //		$anchor = false;

    1429. 

  1429. 		$anchor = true;

    1430. 

  1430. 	}

    1431. 

  1431. 

    1432. 

  1432. 	if (!empty($iclass))

    1433. 

  1433. 	{

    1434. 

  1434. 		$thisformat = 'class="'.$iclass.'" ';

    1435. 

  1435. 	} else {

    1436. 

  1436. 		$thisformat = 'style="'.$style[1].'" ';

    1437. 

  1437. 	}

    1438. 

  1438. 

    1439. 

  1439. 	if ($anchor)

    1440. 

  1440. 	{

    1441. 

  1441. 		# Use highslide popup

    1442. 

  1442. 		if($sfimage['enlarge'] == true)

    1443. 

  1443. 		{

    1444. 

  1444. 			$out = '<a onclick="return hs.expand(this)" class="highslide" href="'.$src[1].'" '.$thistitle.'>';

    1445. 

  1445. 		} else {

    1446. 

  1446. 			$out = '<a href="'.$src[1].'" '.$thistitle.'>';

    1447. 

  1447. 		}

    1448. 

  1448. 	}

    1449. 

  1449. 

    1450. 

  1450. 	$out.= '<img '.$thissrc.$thiswidth.$thisformat.$thistitle.$thisalt.'/>';

    1451. 

  1451. 	if ($gis_error) $out.= '<br /><span class="sfimgerror small">['.__("Image Error", "sforum").': '.$gis_error.']</span>';

    1452. 

  1452. 

    1453. 

  1453. 	if ($mclass)

    1454. 

  1454. 	{

    1455. 

  1455. 		$out.= '<img src="'.SFRESOURCES.'mouse.png" class="'.$iclass.' '.$mclass.'" alt="" />';

    1456. 

  1456. 	}

    1457. 

  1457. 

    1458. 

  1458. 	if ($anchor)

    1459. 

  1459. 	{

    1460. 

  1460. 		$out.= '</a>';

    1461. 

  1461. 	}

    1462. 

  1462. 

    1463. 

  1463. 	return $out;

    1464. 

  1464. }

    1465. 

  1465. 

    1466. 

  1466. # ------------------------------------------------------------------

    1467. 

  1467. # sf_filter_display_stripslashes()

    1468. 

  1468. #

    1469. 

  1469. # Remov escaped slashes

    1470. 

  1470. #	$content:		Unfiltered post content

    1471. 

  1471. # ------------------------------------------------------------------

    1472. 

  1472. function sf_filter_display_stripslashes($content)

    1473. 

  1473. {

    1474. 

  1474. 	$content = stripslashes($content);

    1475. 

  1475. 

    1476. 

  1476. 	return $content;

    1477. 

  1477. }

    1478. 

  1478. 

    1479. 

  1479. # ------------------------------------------------------------------

    1480. 

  1480. # sf_filter_display_cleanurl()

    1481. 

  1481. #

    1482. 

  1482. # Cleans up url for display

    1483. 

  1483. #	$url:		Unfiltered url

    1484. 

  1484. # ------------------------------------------------------------------

    1485. 

  1485. function sf_filter_display_cleanurl($url)

    1486. 

  1486. {

    1487. 

  1487. 	$url = esc_url($url);

    1488. 

  1488. 

    1489. 

  1489. 	return $url;

    1490. 

  1490. }

    1491. 

  1491. 

    1492. 

  1492. # ------------------------------------------------------------------

    1493. 

  1493. # sf_filter_display_shortcodes()

    1494. 

  1494. #

    1495. 

  1495. # Removes non allowed shortcodes

    1496. 

  1496. # ------------------------------------------------------------------

    1497. 

  1497. function sf_filter_display_shortcodes($content)

    1498. 

  1498. {

    1499. 

  1499. 	global $shortcode_tags;

    1500. 

  1500. 

    1501. 

  1501. 	# Backup current registered shortcodes

    1502. 

  1502. 	$orig_shortcode_tags = $shortcode_tags;

    1503. 

  1503. 

    1504. 

  1504. 	$allowed_shortcodes = explode("\n", stripslashes(sf_get_option('sfshortcodes')));

    1505. 

  1505.     if ($allowed_shortcodes)

    1506. 

  1506.     {

    1507. 

  1507.         foreach ($allowed_shortcodes as $tag)

    1508. 

  1508.         {

    1509. 

  1509.             If (array_key_exists($tag, $orig_shortcode_tags)) unset($shortcode_tags[$tag]);

    1510. 

  1510.         }

    1511. 

  1511.     }

    1512. 

  1512. 

    1513. 

  1513.     # be sure to allow our spoilers

    1514. 

  1514.     unset($shortcode_tags['spoiler']);

    1515. 

  1515. 

    1516. 

  1516.     # strip all but allowed shortcodes

    1517. 

  1517.     $content = strip_shortcodes($content);

    1518. 

  1518. 

    1519. 

  1519. 	# Restore registered shortcodes

    1520. 

  1520. 	$shortcode_tags = $orig_shortcode_tags;

    1521. 

  1521. 

    1522. 

  1522. 	return $content;

    1523. 

  1523. }

    1524. 

  1524. 

    1525. 

  1525. # ------------------------------------------------------------------

    1526. 

  1526. # sf_filter_display_hidelinks()

    1527. 

  1527. #

    1528. 

  1528. # Option: Removes links from post content

    1529. 

  1529. # ------------------------------------------------------------------

    1530. 

  1530. function sf_filter_display_hidelinks($content)

    1531. 

  1531. {

    1532. 

  1532. 	$sffilters = sf_get_option('sffilters');

    1533. 

  1533.     $string = sf_filter_save_nohtml($sffilters['sfnolinksmsg']);

    1534. 

  1534.     $content = preg_replace("#(<a.*>).*(</a>)#", $string, $content);

    1535. 

  1535. 

    1536. 

  1536. 	return $content;

    1537. 

  1537. }

    1538. 

  1538. 

    1539. 

  1539. 

    1540. 

  1540. # ==================================================================

    1541. 

  1541. #

    1542. 

  1542. # SPECIAL FILTERS - ONE OFFS

    1543. 

  1543. #

    1544. 

  1544. # The following filters are specific to one task - usually display

    1545. 

  1545. 

    1546. 

  1546. # ------------------------------------------------------------------

    1547. 

  1547. # sf_filter_signature_display() and support function

    1548. 

  1548. #

    1549. 

  1549. # Filters the display of signature images

    1550. 

  1550. #	$content:		Unfiltered signature content

    1551. 

  1551. # ------------------------------------------------------------------

    1552. 

  1552. function sf_filter_signature_display($content)

    1553. 

  1553. {

    1554. 

  1554. 	$sfsigimagesize = sf_get_option('sfsigimagesize');

    1555. 

  1555. 	if ($sfsigimagesize['sfsigwidth'] > 0 || $sfsigimagesize['sfsigheight'] > 0)

    1556. 

  1556.     {

    1557. 

  1557.         $content = preg_replace_callback('/<img[^>]*>/', 'sf_check_sig' , $content);

    1558. 

  1558.     }

    1559. 

  1559. 	return $content;

    1560. 

  1560. }

    1561. 

  1561. 

    1562. 

  1562. function sf_check_sig($match)

    1563. 

  1563. {

    1564. 

  1564. 	$sfsigimagesize = sf_get_option('sfsigimagesize');

    1565. 

  1565. 

    1566. 

  1566.     # get the elements of the img tags

    1567. 

  1567. 	preg_match('/title\s*=\s*"([^"]*)"|title\s*=\s*\'([^\']*)\'/i', $match[0], $title);

    1568. 

  1568. 	preg_match('/width\s*=\s*"([^"]*)"|width\s*=\s*\'([^\']*)\'/i', $match[0], $width);

    1569. 

  1569. 	preg_match('/height\s*=\s*"([^"]*)"|height\s*=\s*\'([^\']*)\'/i', $match[0], $height);

    1570. 

  1570. 	preg_match('/src\s*=\s*"([^"]*)"|src\s*=\s*\'([^\']*)\'/i', $match[0], $src);

    1571. 

  1571. 	preg_match('/style\s*=\s*"([^"]*)"|style\s*=\s*\'([^\']*)\'/i', $match[0], $style);

    1572. 

  1572. 	preg_match('/alt\s*=\s*"([^"]*)"|alt\s*=\s*\'([^\']*)\'/i', $match[0], $alt);

    1573. 

  1573. 

    1574. 

  1574.     # check for possible single quote match or double quote

    1575. 

  1575.     if (empty($title[1])  && !empty($title[2]))  $title[1]  = $title[2] ;

    1576. 

  1576.     if (empty($width[1])  && !empty($width[2]))  $width[1]  = $width[2] ;

    1577. 

  1577.     if (empty($height[1]) && !empty($height[2])) $height[1] = $height[2] ;

    1578. 

  1578.     if (empty($src[1])    && !empty($src[2]))    $src[1]    = $src[2] ;

    1579. 

  1579.     if (empty($style[1])  && !empty($style[2]))  $style[1]  = $style[2] ;

    1580. 

  1580.     if (empty($alt[1])    && !empty($alt[2]))    $alt[1]    = $alt[2] ;

    1581. 

  1581. 

    1582. 

  1582.     # if user defined heights are valid, just return

    1583. 

  1583. 	if ((!isset($width[1]) || $width[1] <= $sfsigimagesize['sfsigwidth']) &&

    1584. 

  1584.         (!isset($height[1]) || $height[1] <= $sfsigimagesize['sfsigheight']))

    1585. 

  1585.     {

    1586. 

  1586.         return $match[0];

    1587. 

  1587.     }

    1588. 

  1588. 

    1589. 

  1589.     # insepct the image itself

    1590. 

  1590. 	global $gis_error;

    1591. 

  1591. 	$gis_error = '';

    1592. 

  1592. 	set_error_handler('sf_gis_error');

    1593. 

  1593. 

    1594. 

  1594.     $display_width = '';

    1595. 

  1595.     $display_height = '';

    1596. 

  1596. 	$size = getimagesize($src[1]);

    1597. 

  1597. 	restore_error_handler();

    1598. 

  1598. 	if ($gis_error == '')

    1599. 

  1599. 	{

    1600. 

  1600.         # Did image exist?

    1601. 

  1601. 		if ($size[0] && $size[1])

    1602. 

  1602. 		{

    1603. 

  1603.             # check width

    1604. 

  1604.         	if (isset($width[1]) && ($width[1] <= $sfsigimagesize['sfsigwidth'] || $sfsigimagesize['sfsigwidth'] == 0)) # width specified and less than max allowed

    1605. 

  1605.             {

    1606. 

  1606.                 $display_width = ' width="'.$width[1].'"';

    1607. 

  1607.             } else if ($sfsigimagesize['sfsigwidth'] > 0 && $size[0] > $sfsigimagesize['sfsigwidth']) {

    1608. 

  1608.                 $display_width = ' width="'.$sfsigimagesize['sfsigwidth'].'"';

    1609. 

  1609.             }

    1610. 

  1610. 

    1611. 

  1611.             # check the height

    1612. 

  1612.         	if (isset($height[1]) && ($height[1] <= $sfsigimagesize['sfsigheight'] || $sfsigimagesize['sfsigheight'] == 0)) # height specified and less than max allowed

    1613. 

  1613.             {

    1614. 

  1614.                 $display_height = ' height="'.$height[1].'"';

    1615. 

  1615.             } else if ($sfsigimagesize['sfsigheight'] > 0 && $size[1] > $sfsigimagesize['sfsigheight']) {

    1616. 

  1616.                 $display_height = ' height="'.$sfsigimagesize['sfsigheight'].'"';

    1617. 

  1617.             }

    1618. 

  1618. 		} else {

    1619. 

  1619.             # image not found, strip tags

    1620. 

  1620. 			return '';

    1621. 

  1621. 		}

    1622. 

  1622. 	} else {

    1623. 

  1623.         # problem checking sizes, so just limit

    1624. 

  1624.         $display_width = ' width="'.$sfsigimagesize['sfsigwidth'].'"';

    1625. 

  1625.         $display_height = ' height="'.$sfsigimagesize['sfsigheight'].'"';

    1626. 

  1626. 	}

    1627. 

  1627. 

    1628. 

  1628. 	#

    1629. 

  1629. 	return '<img src="'.$src[1].'"'.$display_width.$display_height.' style="'.$style[1].'" title="'.$title[1].'" alt="'.$alt[1].'" />';

    1630. 

  1630. }

    1631. 

  1631. 

    1632. 

  1632. # ------------------------------------------------------------------

    1633. 

  1633. # sf_filter_tooltip_display()

    1634. 

  1634. #

    1635. 

  1635. # Filters the display of topic linked post 'tooltips'

    1636. 

  1636. #	$content:		Unfiltered post content

    1637. 

  1637. #	$status:		False if post awaiting moderation

    1638. 

  1638. # ------------------------------------------------------------------

    1639. 

  1639. function sf_filter_tooltip_display($content, $status)

    1640. 

  1640. {

    1641. 

  1641. 	global $current_user;

    1642. 

  1642. 

    1643. 

  1643. 	# can the current user view this post?

    1644. 

  1644. 	if($current_user->moderator == false && $status == 1)

    1645. 

  1645. 	{

    1646. 

  1646. 		$content = __("Post Awaiting Approval by Forum Administrator", "sforum");

    1647. 

  1647. 	} else {

    1648. 

  1648. 		$content = addslashes($content);

    1649. 

  1649. 		$content = sf_filter_save_nohtml($content);

    1650. 

  1650.         # remove shortcodes to prevent messing up tooltip

    1651. 

  1651.         $content = strip_shortcodes($content);

    1652. 

  1652. 		if(strlen($content) > 320)

    1653. 

  1653. 		{

    1654. 

  1654. 			$pos = strpos($content, ' ', 300);

    1655. 

  1655. 			$content = substr($content, 0, $pos).'...';

    1656. 

  1656. 		}

    1657. 

  1657. 		$content = htmlspecialchars($content, ENT_QUOTES, 'UTF-8');

    1658. 

  1658. 		$content = str_replace('&amp;', '&', $content);

    1659. 

  1659. 

    1660. 

  1660. 		# link urls to prevent oembed problems

    1661. 

  1661. 		$content = esc_attr(sf_make_clickable($content));

    1662. 

  1662. 	}

    1663. 

  1663. 

    1664. 

  1664. 	return $content;

    1665. 

  1665. }

    1666. 

  1666. 

    1667. 

  1667. # ------------------------------------------------------------------

    1668. 

  1668. # sf_filter_rss_display()

    1669. 

  1669. #

    1670. 

  1670. # Filters the display of post content in rss feed

    1671. 

  1671. #	$content:		Unfiltered post content

    1672. 

  1672. # ------------------------------------------------------------------

    1673. 

  1673. # Used:	RSS Feeds

    1674. 

  1674. 

    1675. 

  1675. function sf_filter_rss_display($content)

    1676. 

  1676. {

    1677. 

  1677.     global $current_user;

    1678. 

  1678. 

    1679. 

  1679. 	# 1: Backwards compatible make links clickable

    1680. 

  1680. 	$content = sf_filter_display_links($content);

    1681. 

  1681. 

    1682. 

  1682. 	# 2: Convert smiley codes to images

    1683. 

  1683. 	$content = sf_filter_display_smileys($content);

    1684. 

  1684. 

    1685. 

  1685. 	# 3: Convert Chars

    1686. 

  1686. 	$content = sf_filter_display_chars($content);

    1687. 

  1687. 

    1688. 

  1688. 	# 4: Format the paragraphs

    1689. 

  1689. 	$content = sf_filter_display_paragraphs($content);

    1690. 

  1690. 

    1691. 

  1691.     # 5: strip shortcodes

    1692. 

  1692.     if (sf_get_option('sffiltershortcodes'))

    1693. 

  1693.     {

    1694. 

  1694.     	$content = sf_filter_display_shortcodes($content);

    1695. 

  1695.     }

    1696. 

  1696. 

    1697. 

  1697.     # 6: hide links

    1698. 

  1698.     if (!$current_user->sfviewlinks)

    1699. 

  1699.     {

    1700. 

  1700.         $content = sf_filter_display_hidelinks($content);

    1701. 

  1701.     }

    1702. 

  1702. 

    1703. 

  1703. 	# 7: apply any users custom filters

    1704. 

  1704. 	$content = apply_filters('sf_show_post_content', $content);

    1705. 

  1705. 

    1706. 

  1706. 	return $content;

    1707. 

  1707. }

    1708. 

  1708. 

    1709. 

  1709. # ------------------------------------------------------------------

    1710. 

  1710. # sf_filter_table_prefix()

    1711. 

  1711. #

    1712. 

  1712. # Filters the prefix from table names

    1713. 

  1713. #	$content:		Unfiltered content

    1714. 

  1714. # ------------------------------------------------------------------

    1715. 

  1715. # Used as a filter in seach values - aids killing SQL injections

    1716. 

  1716. function sf_filter_table_prefix($content)

    1717. 

  1717. {

    1718. 

  1718. $long = array(

    1719. 

  1719. 	SF_PREFIX.'commentmeta', SF_PREFIX.'comments', SF_PREFIX.'links', SF_PREFIX.'options', SF
    1720.

Large files files are truncated, but you can click here to view the full file