$message){
if(isset($message['body'])) {
if (isset($message['meta']['htmlpurifier_light'])) {
// format hook was called outside of Phorum's normal
// functions, do the abridged purification
$data[$message_id]['body'] = $purifier->purify($message['body']);
continue;
}
if (
isset($message['meta']['body_cache']) &&
isset($message['meta']['body_cache_serial']) &&
$message['meta']['body_cache_serial'] == $cache_serial
) {
// cached version is present, bail out early
$data[$message_id]['body'] = base64_decode($message['meta']['body_cache']);
continue;
}
// migration might edit this array, that's why it's defined
// so early
$updated_message = array();
// create the $body variable
if (
!isset($message['meta']['body_cache_serial'])
) {
// perform migration
$fake_data = array();
$fake_data[$message_id] = $message;
$fake_data = phorum_htmlpurifier_migrate($fake_data);
$body = $fake_data[$message_id]['body'];
$body = str_replace("", '', $body);
$updated_message['body'] = $body; // save it in
} else {
// reverse Phorum's pre-processing
$body = $message['body'];
// order is important
$body = str_replace(array('<','>','&'), array('<','>','&'), $body);
$body = str_replace("\n", "\n", $body);
}
$body = $purifier->purify($body);
// dynamically update the cache
// this is inefficient on the first read, but the cache
// catches will more than make up for it
// this should ONLY be called on read, for posting and preview
// phorum_htmlpurifier_posting should do the trick
$updated_message['meta'] = $message['meta'];
$updated_message['meta']['body_cache'] = base64_encode($body);
$updated_message['meta']['body_cache_serial'] = $cache_serial;
phorum_db_update_message($message_id, $updated_message);
// must not get overloaded until after we cache it
$data[$message_id]['body'] = $body;
}
}
return $data;
}
/**
* Generate necessary cache and serial entries when a posting action happens
*/
function phorum_htmlpurifier_posting($message) {
$PHORUM = $GLOBALS["PHORUM"];
$fake_data = array($message);
// this is a temporary attribute
$fake_data[0]['meta']['htmlpurifier_light'] = true; // only purify, please
list($changed_message) = phorum_hook('format', $fake_data);
$message['meta']['body_cache'] = base64_encode($changed_message['body']);
$message['meta']['body_cache_serial'] = $PHORUM['mod_htmlpurifier']['body_cache_serial'];
return $message;
}
/**
* Overload quoting mechanism to prevent default, mail-style quote from happening
*/
function phorum_htmlpurifier_quote($array) {
$PHORUM = $GLOBALS["PHORUM"];
$purifier =& HTMLPurifier::getInstance();
$text = $purifier->purify($array[1]);
return "\n$text\n
";
}
/**
* Ensure that our format hook is processed last. Also, loads the library.
* @credits
*/
function phorum_htmlpurifier_common() {
require_once (dirname(__FILE__).'/htmlpurifier/HTMLPurifier.auto.php');
$config_exists = file_exists(dirname(__FILE__) . '/config.php');
if ($config_exists || !isset($PHORUM['mod_htmlpurifier']['config'])) {
$config = HTMLPurifier_Config::createDefault();
include(dirname(__FILE__) . '/config.default.php');
if ($config_exists) {
include(dirname(__FILE__) . '/config.php');
}
} else {
// used cached version that was constructed from web interface
$config = HTMLPurifier_Config::create($PHORUM['mod_htmlpurifier']['config']);
}
HTMLPurifier::getInstance($config);
// increment revision.txt if you want to invalidate the cache
$GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial();
$GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'] = true;
// load migration
if (file_exists(dirname(__FILE__) . '/migrate.php')) {
include(dirname(__FILE__) . '/migrate.php');
} else {
echo 'Error: No migration path specified for HTML Purifier, please check
modes/htmlpurifier/migrate.bbcode.php for instructions on
how to migrate from your previous markup language.';
exit;
}
// see if our hooks need to be bubbled to the end
phorum_htmlpurifier_bubble_hook('format');
}
function phorum_htmlpurifier_bubble_hook($hook) {
global $PHORUM;
$our_idx = null;
$last_idx = null;
if (!isset($PHORUM['hooks'][$hook]['mods'])) return;
foreach ($PHORUM['hooks'][$hook]['mods'] as $idx => $mod) {
if ($mod == 'htmlpurifier') $our_idx = $idx;
$last_idx = $idx;
}
list($mod) = array_splice($PHORUM['hooks'][$hook]['mods'], $our_idx, 1);
$PHORUM['hooks'][$hook]['mods'][] = $mod;
list($func) = array_splice($PHORUM['hooks'][$hook]['funcs'], $our_idx, 1);
$PHORUM['hooks'][$hook]['funcs'][] = $func;
}
/**
* Pre-emptively performs purification if it looks like a WYSIWYG editor
* is being used
*/
function phorum_htmlpurifier_before_editor($message) {
if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) {
if (!empty($message['body'])) {
$body = $message['body'];
// de-entity-ize contents
$body = str_replace(array('<','>','&'), array('<','>','&'), $body);
$purifier =& HTMLPurifier::getInstance();
$body = $purifier->purify($message['body']);
// re-entity-ize contents
$body = htmlspecialchars($body, ENT_QUOTES, $GLOBALS['PHORUM']['DATA']['CHARSET']);
}
}
return $message;
}