<?php /** * HTML Purifier Phorum Mod. Filter your HTML the Standards-Compliant Way! * * This Phorum mod enables users to post raw HTML into Phorum. But never * fear: with the help of HTML Purifier, this HTML will be beat into * de-XSSed and standards-compliant form, safe for general consumption. * It is not recommended, but possible to run this mod in parallel * with other formatters (in short, please DISABLE the BBcode mod). * * For help migrating from your previous markup language to pure HTML * please check the migrate.bbcode.php file. * * If you'd like to use this with a WYSIWYG editor, make sure that * editor sets $PHORUM['mod_htmlpurifier']['wysiwyg'] to true. Otherwise, * administrators who need to edit other people's comments may be at * risk for some nasty attacks. * * Tested with Phorum 5.2.6. */ // Note: Cache data is base64 encoded because Phorum insists on flinging // to the user and expecting it to come back unharmed, newlines and // all, which ain't happening. It's slower, it takes up more space, but // at least it won't get mutilated /** * Purifies a data array */ function phorum_htmlpurifier_format($data) { $PHORUM = $GLOBALS["PHORUM"]; $purifier =& HTMLPurifier::getInstance(); $cache_serial = $PHORUM['mod_htmlpurifier']['body_cache_serial']; foreach($data as $message_id => $message){ if(isset($message['body'])) { if ($message_id) { // we're dealing with a real message, not a fake, so // there a number of shortcuts that can be taken if (isset($message['meta']['htmlpurifier_light'])) { // format hook was called outside of Phorum's normal // functions, do the abridged purification $data[$message_id]['body'] = $purifier->purify($message['body']); continue; } if (!empty($PHORUM['args']['purge'])) { // purge the cache, must be below the following if unset($message['meta']['body_cache']); } if ( isset($message['meta']['body_cache']) && isset($message['meta']['body_cache_serial']) && $message['meta']['body_cache_serial'] == $cache_serial ) { // cached version is present, bail out early $data[$message_id]['body'] = base64_decode($message['meta']['body_cache']); continue; } } // migration might edit this array, that's why it's defined // so early $updated_message = array(); // create the $body variable if ( $message_id && // message must be real to migrate !isset($message['meta']['body_cache_serial']) ) { // perform migration $fake_data = array(); list($signature, $edit_message) = phorum_htmlpurifier_remove_sig_and_editmessage($message); $fake_data[$message_id] = $message; $fake_data = phorum_htmlpurifier_migrate($fake_data); $body = $fake_data[$message_id]['body']; $body = str_replace("<phorum break>\n", "\n", $body); $updated_message['body'] = $body; // save it in $body .= $signature . $edit_message; // add it back in } else { // reverse Phorum's pre-processing $body = $message['body']; // order is important $body = str_replace("<phorum break>\n", "\n", $body); $body = str_replace(array('<','>','&', '"'), array('<','>','&','"'), $body); if (!$message_id && defined('PHORUM_CONTROL_CENTER')) { // we're in control.php, so it was double-escaped $body = str_replace(array('<','>','&', '"'), array('<','>','&','"'), $body); } } $body = $purifier->purify($body); // dynamically update the cache (MUST BE DONE HERE!) // this is inefficient because it's one db call per // cache miss, but once the cache is in place things are // a lot zippier. if ($message_id) { // make sure it's not a fake id $updated_message['meta'] = $message['meta']; $updated_message['meta']['body_cache'] = base64_encode($body); $updated_message['meta']['body_cache_serial'] = $cache_serial; phorum_db_update_message($message_id, $updated_message); } // must not get overloaded until after we cache it, otherwise // we'll inadvertently change the original text $data[$message_id]['body'] = $body; } } return $data; } // ----------------------------------------------------------------------- // This is fragile code, copied from read.php:596 (Phorum 5.2.6). Please // keep this code in-sync with Phorum /** * Generates a signature based on a message array */ function phorum_htmlpurifier_generate_sig($row) { $phorum_sig = ''; if(isset($row["user"]["signature"]) && isset($row['meta']['show_signature']) && $row['meta']['show_signature']==1){ $phorum_sig=trim($row["user"]["signature"]); if(!empty($phorum_sig)){ $phorum_sig="\n\n$phorum_sig"; } } return $phorum_sig; } /** * Generates an edit message based on a message array */ function phorum_htmlpurifier_generate_editmessage($row) { $PHORUM = $GLOBALS['PHORUM']; $editmessage = ''; if(isset($row['meta']['edit_count']) && $row['meta']['edit_count'] > 0) { $editmessage = str_replace ("%count%", $row['meta']['edit_count'], $PHORUM["DATA"]["LANG"]["EditedMessage"]); $editmessage = str_replace ("%lastedit%", phorum_date($PHORUM["short_date_time"],$row['meta']['edit_date']), $editmessage); $editmessage = str_replace ("%lastuser%", $row['meta']['edit_username'], $editmessage); $editmessage = "\n\n\n\n$editmessage"; } return $editmessage; } // End fragile code // ----------------------------------------------------------------------- /** * Removes the signature and edit message from a message * @param $row Message passed by reference */ function phorum_htmlpurifier_remove_sig_and_editmessage(&$row) { $signature = phorum_htmlpurifier_generate_sig($row); $editmessage = phorum_htmlpurifier_generate_editmessage($row); $replacements = array(); // we need to remove add <phorum break> as that is the form these // extra bits are in. if ($signature) $replacements[str_replace("\n", "<phorum break>\n", $signature)] = ''; if ($editmessage) $replacements[str_replace("\n", "<phorum break>\n", $editmessage)] = ''; $row['body'] = strtr($row['body'], $replacements); return array($signature, $editmessage); } /** * Indicate that data is fully HTML and not from migration, invalidate * previous caches * @note This function could generate the actual cache entries, but * since there's data missing that must be deferred to the first read */ function phorum_htmlpurifier_posting($message) { $PHORUM = $GLOBALS["PHORUM"]; unset($message['meta']['body_cache']); // invalidate the cache $message['meta']['body_cache_serial'] = $PHORUM['mod_htmlpurifier']['body_cache_serial']; return $message; } /** * Overload quoting mechanism to prevent default, mail-style quote from happening */ function phorum_htmlpurifier_quote($array) { $PHORUM = $GLOBALS["PHORUM"]; $purifier =& HTMLPurifier::getInstance(); $text = $purifier->purify($array[1]); $source = htmlspecialchars($array[0]); return "<blockquote cite=\"$source\">\n$text\n</blockquote>"; } /** * Ensure that our format hook is processed last. Also, loads the library. * @credits <http://secretsauce.phorum.org/snippets/make_bbcode_last_formatter.php.txt> */ function phorum_htmlpurifier_common() { require_once(dirname(__FILE__).'/htmlpurifier/HTMLPurifier.auto.php'); require(dirname(__FILE__).'/init-config.php'); $config = phorum_htmlpurifier_get_config(); HTMLPurifier::getInstance($config); // increment revision.txt if you want to invalidate the cache $GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial(); // load migration if (file_exists(dirname(__FILE__) . '/migrate.php')) { include(dirname(__FILE__) . '/migrate.php'); } else { echo '<strong>Error:</strong> No migration path specified for HTML Purifier, please check <tt>modes/htmlpurifier/migrate.bbcode.php</tt> for instructions on how to migrate from your previous markup language.'; exit; } if (!function_exists('phorum_htmlpurifier_migrate')) { // Dummy function function phorum_htmlpurifier_migrate($data) {return $data;} } } /** * Pre-emptively performs purification if it looks like a WYSIWYG editor * is being used */ function phorum_htmlpurifier_before_editor($message) { if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) { if (!empty($message['body'])) { $body = $message['body']; // de-entity-ize contents $body = str_replace(array('<','>','&'), array('<','>','&'), $body); $purifier =& HTMLPurifier::getInstance(); $body = $purifier->purify($body); // re-entity-ize contents $body = htmlspecialchars($body, ENT_QUOTES, $GLOBALS['PHORUM']['DATA']['CHARSET']); $message['body'] = $body; } } return $message; } function phorum_htmlpurifier_editor_after_subject() { // don't show this message if it's a WYSIWYG editor, since it will // then be handled automatically if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) { $i = $GLOBALS['PHORUM']['DATA']['MODE']; if ($i == 'quote' || $i == 'edit' || $i == 'moderation') { ?> <div> <p> <strong>Notice:</strong> HTML has been scrubbed for your safety. If you would like to see the original, turn off WYSIWYG mode (consult your administrator for details.) </p> </div> <?php } return; } if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['suppress_message'])) return; ?><div class="htmlpurifier-help"> <p> <strong>HTML input</strong> is enabled. Make sure you escape all HTML and angled brackets with <code>&lt;</code> and <code>&gt;</code>. </p><?php $purifier =& HTMLPurifier::getInstance(); $config = $purifier->config; if ($config->get('AutoFormat', 'AutoParagraph')) { ?><p> <strong>Auto-paragraphing</strong> is enabled. Double newlines will be converted to paragraphs; for single newlines, use the <code>pre</code> tag. </p><?php } $html_definition = $config->getDefinition('HTML'); $allowed = array(); foreach ($html_definition->info as $name => $x) $allowed[] = "<code>$name</code>"; sort($allowed); $allowed_text = implode(', ', $allowed); ?><p><strong>Allowed tags:</strong> <?php echo $allowed_text; ?>.</p><?php ?> </p> <p> For inputting literal code such as HTML and PHP for display, use CDATA tags to auto-escape your angled brackets, and <code>pre</code> to preserve newlines: </p> <pre><pre><![CDATA[ <em>Place code here</em> ]]></pre></pre> <p> Power users, you can hide this notice with: <pre>.htmlpurifier-help {display:none;}</pre> </p> </div><?php }