0
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-12-23 00:41:52 +00:00

[Phorum] Final polishing: Have default config auto-detect character encoding; add WYSIWYG hook; update error message to be more friendly

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1271 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2007-06-29 00:48:55 +00:00
parent 148681d1b0
commit b2ed0aff01
4 changed files with 35 additions and 5 deletions

View File

@ -20,5 +20,8 @@ $config->set('AutoFormat', 'AutoParagraph', true);
$config->set('AutoFormat', 'Linkify', true); $config->set('AutoFormat', 'Linkify', true);
$config->set('HTML', 'Doctype', 'XHTML 1.0 Transitional'); $config->set('HTML', 'Doctype', 'XHTML 1.0 Transitional');
$config->set('Core', 'AggressivelyFixLt', true); $config->set('Core', 'AggressivelyFixLt', true);
$config->set('Core', 'Encoding', 'iso-8859-1'); // we'll change this eventually $config->set('Core', 'Encoding', $GLOBALS['PHORUM']['DATA']['CHARSET']); // we'll change this eventually
if (strtolower($GLOBALS['PHORUM']['DATA']['CHARSET']) !== 'utf-8') {
$config->set('Core', 'EscapeNonASCIICharacters', true);
}

View File

@ -12,6 +12,11 @@
* For help migrating from your previous markup language to pure HTML * For help migrating from your previous markup language to pure HTML
* please check the migrate.bbcode.php file. * please check the migrate.bbcode.php file.
* *
* If you'd like to use this with a WYSIWYG editor, make sure that
* editor sets $PHORUM['mod_htmlpurifier']['wysiwyg'] to true. Otherwise,
* administrators who need to edit other people's comments may be at
* risk for some nasty attacks.
*
* Tested with Phorum 5.1.22. This module will almost definitely need * Tested with Phorum 5.1.22. This module will almost definitely need
* to be upgraded when Phorum 6 rolls around. * to be upgraded when Phorum 6 rolls around.
*/ */
@ -140,6 +145,8 @@ function phorum_htmlpurifier_common() {
// increment revision.txt if you want to invalidate the cache // increment revision.txt if you want to invalidate the cache
$GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial(); $GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial();
$GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'] = true;
// load migration // load migration
if (file_exists(dirname(__FILE__) . '/migrate.php')) { if (file_exists(dirname(__FILE__) . '/migrate.php')) {
include(dirname(__FILE__) . '/migrate.php'); include(dirname(__FILE__) . '/migrate.php');
@ -170,3 +177,22 @@ function phorum_htmlpurifier_bubble_hook($hook) {
$PHORUM['hooks'][$hook]['funcs'][] = $func; $PHORUM['hooks'][$hook]['funcs'][] = $func;
} }
/**
* Pre-emptively performs purification if it looks like a WYSIWYG editor
* is being used
*/
function phorum_htmlpurifier_before_editor($message) {
if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) {
if (!empty($message['body'])) {
$body = $message['body'];
// de-entity-ize contents
$body = str_replace(array('&lt;','&gt;','&amp;'), array('<','>','&'), $body);
$purifier =& HTMLPurifier::getInstance();
$body = $purifier->purify($message['body']);
// re-entity-ize contents
$body = htmlspecialchars($body, ENT_QUOTES, $GLOBALS['PHORUM']['DATA']['CHARSET']);
}
}
return $message;
}

View File

@ -2,5 +2,6 @@ hook: format|phorum_htmlpurifier_format
hook: quote|phorum_htmlpurifier_quote hook: quote|phorum_htmlpurifier_quote
hook: posting_custom_action|phorum_htmlpurifier_posting hook: posting_custom_action|phorum_htmlpurifier_posting
hook: common|phorum_htmlpurifier_common hook: common|phorum_htmlpurifier_common
hook: before_editor|phorum_htmlpurifier_before_editor
title: HTML Purifier Phorum Mod title: HTML Purifier Phorum Mod
desc: This module enables standards-compliant HTML filtering on Phorum. Please check migrate.bbcode.php before enabling this mod. desc: This module enables standards-compliant HTML filtering on Phorum. Please check migrate.bbcode.php before enabling this mod.

View File

@ -106,8 +106,8 @@ if ($config_exists) {
$frm->addbreak("Edit settings for the HTML Purifier module"); $frm->addbreak("Edit settings for the HTML Purifier module");
$frm->addMessage('<p>Click on directive links to read what each option does. $frm->addMessage('<p>Click on directive links to read what each option does
<strong>Warning: This will navigate you to a new page.</strong></p> (links do not open in new windows).</p>
<p>For more flexibility (for instance, you want to edit the full <p>For more flexibility (for instance, you want to edit the full
range of configuration directives), you can create a <tt>config.php</tt> range of configuration directives), you can create a <tt>config.php</tt>
file in your <tt>mods/htmlpurifier/</tt> directory. Doing so will, file in your <tt>mods/htmlpurifier/</tt> directory. Doing so will,