diff options
| -rw-r--r-- | includes/common.inc | 109 | ||||
| -rw-r--r-- | includes/module.inc | 7 | ||||
| -rw-r--r-- | modules/filter.module | 162 | ||||
| -rw-r--r-- | modules/filter/filter.module | 162 | ||||
| -rw-r--r-- | modules/node.module | 49 | ||||
| -rw-r--r-- | modules/node/node.module | 49 | ||||
| -rw-r--r-- | modules/system.module | 141 | ||||
| -rw-r--r-- | modules/system/system.module | 141 |
8 files changed, 472 insertions, 348 deletions
diff --git a/includes/common.inc b/includes/common.inc index 2de172c89..304e753ca 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -454,115 +454,6 @@ function check_form($text) { return drupal_specialchars($text, ENT_QUOTES); } -function filter($text) { - $modules = module_list(); - - /* - ** Make sure the HTML filters that are part of the node module - ** are run first. - */ - - if (in_array("node", $modules)) { - $text = module_invoke("node", "filter", $text); - } - - foreach ($modules as $name) { - if (module_hook($name, "filter") && $name != "node") { - $text = module_invoke($name, "filter", $text); - } - } - - return $text; -} - -function rewrite_old_urls($text) { - global $base_url; - - $end = substr($base_url, 12); - - /* - ** This is a *temporary* filter to rewrite old-style URLs to new-style - ** URLs (clean URLs). Currently, URLs are being rewritten dynamically - ** (ie. "on output"), however when these rewrite rules have been tested - ** enough, we will use them to permanently rewrite the links in node - ** and comment bodies. - */ - - if (variable_get("clean_url", "0") == "0") { - /* - ** Relative URLs: - */ - - // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: - $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"?q=\\1/view/\\2/\\4", $text); - - // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: - $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4/\\6" , $text); - $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4", $text); - $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2", $text); - - /* - ** Absolute URLs: - */ - - // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: - $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/?q=\\1/view/\\2/\\4", $text); - - // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: - $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4/\\6" , $text); - $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4", $text); - $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"$end/?q=\\2", $text); - } - else { - /* - ** Relative URLs: - */ - - // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: - $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"\\1/view/\\2/\\4", $text); - - // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: - $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4/\\6", $text); - $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4", $text); - $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2", $text); - - /* - ** Absolute URLs: - */ - - // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: - $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/\\1/view/\\2/\\4", $text); - - // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: - $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4/\\6", $text); - $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4", $text); - $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2", $text); -} - - return $text; -} - -function check_output($text) { - if (isset($text)) { - // filter content on output: - $text = filter($text); - - /* - ** If only inline elements are used and no block level elements, we - ** replace all newlines with HTML line breaks. - */ - if (strip_tags($text, '<a><br><span><bdo><map><object><img><tt><i><b><big><small><em><strong><dfn><code><q><samp><kbd><var><cite><abbr><acronym><sub><sup><input><select><textarea><label><button><ins><del><script>') == $text) { - $text = nl2br($text); - } - } - else { - $text = message_na(); - } - - return $text; -} - - function check_file($filename) { return is_uploaded_file($filename); } diff --git a/includes/module.inc b/includes/module.inc index a3e8bbb13..cbc4bb0d5 100644 --- a/includes/module.inc +++ b/includes/module.inc @@ -3,10 +3,11 @@ // initialize modules: function module_init() { - // Note: changing this also requires changing system_admin() @ modules/system.module. + // Note: changing this also requires changing system_listing() @ modules/system.module. require_once "modules/admin.module"; - require_once "modules/user.module"; + require_once "modules/filter.module"; require_once "modules/system.module"; + require_once "modules/user.module"; require_once "modules/watchdog.module"; module_list(); module_invoke_all("init"); @@ -49,7 +50,7 @@ function module_list($refresh = 0, $bootstrap = 0) { } if (!$list) { - $list = array("admin" => "admin", "system" => "system", "user" => "user", "watchdog" => "watchdog"); + $list = array("admin" => "admin", "filter" => "filter", "system" => "system", "user" => "user", "watchdog" => "watchdog"); $result = db_query("SELECT name, filename, throttle, bootstrap FROM {system} WHERE type = 'module' AND status = '1' ORDER BY name"); while ($module = db_fetch_object($result)) { if (file_exists($module->filename)) { diff --git a/modules/filter.module b/modules/filter.module new file mode 100644 index 000000000..19849c5a7 --- /dev/null +++ b/modules/filter.module @@ -0,0 +1,162 @@ +<?php +// $Id$ + +function filter_help($section = "admin/help#filter") { + switch ($section) { + case 'admin/system/modules#description': + return t("Framework for handling filtering of content."); + case 'admin/system/filters': + return t("Filters fit between the raw text in a node and the HTML output. They allow you to replace text selectively. Uses include automatic conversion of emoticons into graphics and filtering HTML content from users' submissions."); + } +} + +function filter_link($type) { + if ($type == "system" && user_access("administer site configuration")) { + menu("admin/system/filters", t("filters"), "filter_admin", 5); + } +} + +function filter_admin() { + if (user_access("administer site configuration")) { + system_settings_save(); + + $form = implode("\n", module_invoke_all("conf_filters")); + $output = system_settings_form($form); + print theme("page", $output); + } + else { + print theme("page", message_access()); + } +} + +function filter_conf_filters() { + $group1 .= form_radios(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed (see below). If set to \"Escape tags\", all HTML is escaped and presented as it was typed.")); + $group1 .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'ON*' attributes and unclosed tags are always stripped.")); + $group1 .= form_radios(t("HTML style attributes"), "filter_style", variable_get("filter_style", 1), array(t("Allowed"), t("Removed")), t("If \"Strip tags\" is selected, you can choose whether 'STYLE' attributes are allowed or removed from input.")); + $output .= form_group(t("HTML filtering"), $group1); + + $group2 .= form_radios(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers.")); + $output .= form_group(t("Legacy filtering"), $group2); + + return $output; +} + +function check_output($text) { + if (isset($text)) { + // filter content on output: + $modules = module_list(); + + // Default filters are run first: they determine how to handle HTML + $text = filter_default($text); + + foreach ($modules as $name) { + if (module_hook($name, "filter") && $name != "node") { + $text = module_invoke($name, "filter", $text); + } + } + + /* + ** If only inline elements are used and no block level elements, we + ** replace all newlines with HTML line breaks. + */ + if (strip_tags($text, '<a><br><span><bdo><map><object><img><tt><i><b><big><small><em><strong><dfn><code><q><samp><kbd><var><cite><abbr><acronym><sub><sup><input><select><textarea><label><button><ins><del><script>') == $text) { + $text = nl2br($text); + } + } + else { + $text = message_na(); + } + + return $text; +} + +function filter_default($text) { + if (variable_get("filter_html", 0) == 1) { + // Allow users to enter HTML, but filter it + $text = strip_tags($text, variable_get("allowed_html", "")); + if (variable_get("filter_style", 1)) { + $text = preg_replace("/\Wstyle\s*=[^>]+?>/i", ">", $text); + } + $text = preg_replace("/\Won[a-z]+\s*=[^>]+?>/i", ">", $text); + } + + if (variable_get("rewrite_old_urls", 0)) { + $text = filter_old_urls($text); + } + + if (variable_get("filter_html", 0) == 2) { + // Escape HTML + $text = htmlspecialchars($text); + } + + return trim($text); +} + +function filter_old_urls($text) { + global $base_url; + + $end = substr($base_url, 12); + + /* + ** This is a *temporary* filter to rewrite old-style URLs to new-style + ** URLs (clean URLs). Currently, URLs are being rewritten dynamically + ** (ie. "on output"), however when these rewrite rules have been tested + ** enough, we will use them to permanently rewrite the links in node + ** and comment bodies. + */ + + if (variable_get("clean_url", "0") == "0") { + /* + ** Relative URLs: + */ + + // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: + $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"?q=\\1/view/\\2/\\4", $text); + + // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4/\\6" , $text); + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4", $text); + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2", $text); + + /* + ** Absolute URLs: + */ + + // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: + $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/?q=\\1/view/\\2/\\4", $text); + + // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4/\\6" , $text); + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4", $text); + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"$end/?q=\\2", $text); + } + else { + /* + ** Relative URLs: + */ + + // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: + $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"\\1/view/\\2/\\4", $text); + + // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4/\\6", $text); + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4", $text); + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2", $text); + + /* + ** Absolute URLs: + */ + + // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: + $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/\\1/view/\\2/\\4", $text); + + // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4/\\6", $text); + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4", $text); + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2", $text); + } + + return $text; +} + +?>
\ No newline at end of file diff --git a/modules/filter/filter.module b/modules/filter/filter.module new file mode 100644 index 000000000..19849c5a7 --- /dev/null +++ b/modules/filter/filter.module @@ -0,0 +1,162 @@ +<?php +// $Id$ + +function filter_help($section = "admin/help#filter") { + switch ($section) { + case 'admin/system/modules#description': + return t("Framework for handling filtering of content."); + case 'admin/system/filters': + return t("Filters fit between the raw text in a node and the HTML output. They allow you to replace text selectively. Uses include automatic conversion of emoticons into graphics and filtering HTML content from users' submissions."); + } +} + +function filter_link($type) { + if ($type == "system" && user_access("administer site configuration")) { + menu("admin/system/filters", t("filters"), "filter_admin", 5); + } +} + +function filter_admin() { + if (user_access("administer site configuration")) { + system_settings_save(); + + $form = implode("\n", module_invoke_all("conf_filters")); + $output = system_settings_form($form); + print theme("page", $output); + } + else { + print theme("page", message_access()); + } +} + +function filter_conf_filters() { + $group1 .= form_radios(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed (see below). If set to \"Escape tags\", all HTML is escaped and presented as it was typed.")); + $group1 .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'ON*' attributes and unclosed tags are always stripped.")); + $group1 .= form_radios(t("HTML style attributes"), "filter_style", variable_get("filter_style", 1), array(t("Allowed"), t("Removed")), t("If \"Strip tags\" is selected, you can choose whether 'STYLE' attributes are allowed or removed from input.")); + $output .= form_group(t("HTML filtering"), $group1); + + $group2 .= form_radios(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers.")); + $output .= form_group(t("Legacy filtering"), $group2); + + return $output; +} + +function check_output($text) { + if (isset($text)) { + // filter content on output: + $modules = module_list(); + + // Default filters are run first: they determine how to handle HTML + $text = filter_default($text); + + foreach ($modules as $name) { + if (module_hook($name, "filter") && $name != "node") { + $text = module_invoke($name, "filter", $text); + } + } + + /* + ** If only inline elements are used and no block level elements, we + ** replace all newlines with HTML line breaks. + */ + if (strip_tags($text, '<a><br><span><bdo><map><object><img><tt><i><b><big><small><em><strong><dfn><code><q><samp><kbd><var><cite><abbr><acronym><sub><sup><input><select><textarea><label><button><ins><del><script>') == $text) { + $text = nl2br($text); + } + } + else { + $text = message_na(); + } + + return $text; +} + +function filter_default($text) { + if (variable_get("filter_html", 0) == 1) { + // Allow users to enter HTML, but filter it + $text = strip_tags($text, variable_get("allowed_html", "")); + if (variable_get("filter_style", 1)) { + $text = preg_replace("/\Wstyle\s*=[^>]+?>/i", ">", $text); + } + $text = preg_replace("/\Won[a-z]+\s*=[^>]+?>/i", ">", $text); + } + + if (variable_get("rewrite_old_urls", 0)) { + $text = filter_old_urls($text); + } + + if (variable_get("filter_html", 0) == 2) { + // Escape HTML + $text = htmlspecialchars($text); + } + + return trim($text); +} + +function filter_old_urls($text) { + global $base_url; + + $end = substr($base_url, 12); + + /* + ** This is a *temporary* filter to rewrite old-style URLs to new-style + ** URLs (clean URLs). Currently, URLs are being rewritten dynamically + ** (ie. "on output"), however when these rewrite rules have been tested + ** enough, we will use them to permanently rewrite the links in node + ** and comment bodies. + */ + + if (variable_get("clean_url", "0") == "0") { + /* + ** Relative URLs: + */ + + // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: + $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"?q=\\1/view/\\2/\\4", $text); + + // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4/\\6" , $text); + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4", $text); + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2", $text); + + /* + ** Absolute URLs: + */ + + // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: + $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/?q=\\1/view/\\2/\\4", $text); + + // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4/\\6" , $text); + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4", $text); + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"$end/?q=\\2", $text); + } + else { + /* + ** Relative URLs: + */ + + // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: + $text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"\\1/view/\\2/\\4", $text); + + // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4/\\6", $text); + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4", $text); + $text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2", $text); + + /* + ** Absolute URLs: + */ + + // rewrite 'node.php?id=<number>[&cid=<number>]' style URLs: + $text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/\\1/view/\\2/\\4", $text); + + // rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs: + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4/\\6", $text); + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4", $text); + $text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2", $text); + } + + return $text; +} + +?>
\ No newline at end of file diff --git a/modules/node.module b/modules/node.module index df8b0ea73..1164e76dc 100644 --- a/modules/node.module +++ b/modules/node.module @@ -515,39 +515,6 @@ function node_settings() { return $output; } -function node_conf_filters() { - $group1 .= form_radios(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed (see below). If set to \"Escape tags\", all HTML is escaped and presented as it was typed.")); - $group1 .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'ON*' attributes and unclosed tags are always stripped.")); - $group1 .= form_radios(t("HTML style attributes"), "filter_style", variable_get("filter_style", 1), array(t("Allowed"), t("Removed")), t("If \"Strip tags\" is selected, you can choose whether 'STYLE' attributes are allowed or removed from input.")); - $output .= form_group("HTML filtering", $group1); - - $group2 .= form_radios(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers.")); - $output .= form_group("Legacy filtering", $group2); - - return $output; -} - -function node_escape_html($text) { - return htmlspecialchars($text); -} - -function node_filter_html($text) { - $text = strip_tags($text, variable_get("allowed_html", "")); - - if (variable_get("filter_style", 1)) { - $text = preg_replace("/\Wstyle\s*=[^>]+?>/i", ">", $text); - } - - $text = preg_replace("/\Won[a-z]+\s*=[^>]+?>/i", ">", $text); - - return $text; -} - -function node_filter_link($text) { - $pat = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}'; // [link|description] - return ereg_replace($pat, $dst, $text); -} - function node_comment_mode($nid) { static $comment_mode; if (!isset($comment_mode[$nid])) { @@ -556,22 +523,6 @@ function node_comment_mode($nid) { return $comment_mode[$nid]; } -function node_filter($text) { - if (variable_get("filter_html", 0) == 1) { - $text = node_filter_html($text); - } - - if (variable_get("rewrite_old_urls", 0)) { - $text = rewrite_old_urls($text); - } - - if (variable_get("filter_html", 0) == 2) { - $text = node_escape_html($text); - } - - return trim($text); -} - function node_link($type, $node = 0, $main = 0) { $links = array(); diff --git a/modules/node/node.module b/modules/node/node.module index df8b0ea73..1164e76dc 100644 --- a/modules/node/node.module +++ b/modules/node/node.module @@ -515,39 +515,6 @@ function node_settings() { return $output; } -function node_conf_filters() { - $group1 .= form_radios(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed (see below). If set to \"Escape tags\", all HTML is escaped and presented as it was typed.")); - $group1 .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'ON*' attributes and unclosed tags are always stripped.")); - $group1 .= form_radios(t("HTML style attributes"), "filter_style", variable_get("filter_style", 1), array(t("Allowed"), t("Removed")), t("If \"Strip tags\" is selected, you can choose whether 'STYLE' attributes are allowed or removed from input.")); - $output .= form_group("HTML filtering", $group1); - - $group2 .= form_radios(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers.")); - $output .= form_group("Legacy filtering", $group2); - - return $output; -} - -function node_escape_html($text) { - return htmlspecialchars($text); -} - -function node_filter_html($text) { - $text = strip_tags($text, variable_get("allowed_html", "")); - - if (variable_get("filter_style", 1)) { - $text = preg_replace("/\Wstyle\s*=[^>]+?>/i", ">", $text); - } - - $text = preg_replace("/\Won[a-z]+\s*=[^>]+?>/i", ">", $text); - - return $text; -} - -function node_filter_link($text) { - $pat = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}'; // [link|description] - return ereg_replace($pat, $dst, $text); -} - function node_comment_mode($nid) { static $comment_mode; if (!isset($comment_mode[$nid])) { @@ -556,22 +523,6 @@ function node_comment_mode($nid) { return $comment_mode[$nid]; } -function node_filter($text) { - if (variable_get("filter_html", 0) == 1) { - $text = node_filter_html($text); - } - - if (variable_get("rewrite_old_urls", 0)) { - $text = rewrite_old_urls($text); - } - - if (variable_get("filter_html", 0) == 2) { - $text = node_escape_html($text); - } - - return trim($text); -} - function node_link($type, $node = 0, $main = 0) { $links = array(); diff --git a/modules/system.module b/modules/system.module index 5021c8331..bce1ad06f 100644 --- a/modules/system.module +++ b/modules/system.module @@ -15,9 +15,6 @@ function system_help($section = "admin/help#system") { case 'admin/system/modules': $output = t("Modules are plugins for Drupal that extend its core functionality. Here you can select which modules are enabled. Click on the name of the module in the navigation menu for their individual configuration pages. Once a module is enabled, new %permissions might be made available. Modules can automatically be temporarily disabled to reduce server load when your site becomes extremely busy by checking throttle. The auto-throttle functionality must be enabled on the %throttle after having enabled the throttle module.", array("%permissions" => l(t("permissions"), "admin/user/permission"), "%throttle" => l(t("throttle configuration page"), "admin/system/modules/throttle"))); break; - case 'admin/system/filters': - $output = t("Filters fit between the raw text in a node and the HTML output. They allow you to replace text selectively. Uses include automatic conversion of emoticons into graphics and filtering HTML content from users' submissions."); - break; case 'admin/help#system': case 'admin/system/help': $output .= "<p>Drupal comes with system-wide defaults but the setting-module provides control over many Drupal preferences, behaviours including visual and operational settings.</p>"; @@ -79,7 +76,6 @@ function system_link($type) { menu("admin/system/modules/$name", t($name), "system_admin"); } } - menu("admin/system/filters", t("filters"), "system_admin", 4); menu("admin/system/help", t("help"), "system_help_page", 9); } } @@ -196,78 +192,45 @@ function system_view_theme($name) { return $output; } -function system_view_filters() { - return implode("\n", module_invoke_all("conf_filters")); -} - -function system_save_settings($edit = array()) { - - if ($edit["type"]) { - db_query("UPDATE {system} SET status = '0' WHERE type = '%s'", $edit["type"]); - foreach ($edit["status"] as $filename => $status) { - db_query("UPDATE {system} SET status = %d, throttle = %d WHERE filename = '$filename'", $status, $edit["throttle"]["$filename"]); - } - if ($edit["type"] == "theme") { - variable_set("theme_default", $edit["theme_default"]); - } - } - else { - foreach ($edit as $name => $value) { - variable_set($name, $value); - } - } - cache_clear_all(); - - drupal_set_message(t("the configuration options have been saved.")); -} - -function system_reset_default($edit = array()) { - foreach ($edit as $name => $value) { - variable_del($name); +function system_view($type, $arg = "") { + // The module/theme lists don't use the generic settings handler + if (($type == "modules" || $type == "themes") && $arg == "") { + system_listing_save(); + $form = system_listing($type); + $form .= form_submit(t("Save configuration")); + return form($form); } - cache_clear_all(); - - drupal_set_message(t("the configuration options have been reset to their default values.")); -} + system_settings_save(); -function system_view($type, $arg = "") { - $required = array("modules/admin.module", "modules/user.module", "modules/system.module", "modules/watchdog.module"); - $links = array(); switch ($type) { - case "filters": - $form = system_view_filters(); - break; case "modules": - if ($arg) { - $form = module_invoke($arg, "settings"); - } - else { - $form = system_listing("module", "modules", $required); - } + $form = module_invoke($arg, "settings"); break; case "themes": - if ($arg) { - $form = system_view_theme($arg); - } - else { - $form = system_listing("theme", "themes", $required); - } + $form = system_view_theme($arg); break; default: $form = system_view_general(); break; } - $form .= form_submit(t("Save configuration")); - $form .= form_submit(t("Reset to defaults")); - - return form($form); + return system_settings_form($form); } -function system_listing($type, $directory, $required = array()) { - // Make sure we set $type correctly - $type = $type != 'theme' ? "module" : "theme"; +function system_listing($type) { + // Pick appropriate directory and filetype + switch ($type) { + case "modules": + $directory = "modules"; + $type = "module"; + break; + case "themes": + default: + $directory = "themes"; + $type = "theme"; + break; + } // Find files in the directory. $files = file_scan_directory($directory, "\.$type$"); @@ -285,11 +248,14 @@ function system_listing($type, $directory, $required = array()) { ksort($files); if ($type == "module") { - $header = array(t("name"), t("description"), t("status"), t("throttle")); + $required = array("modules/admin.module", "modules/filter.module", "modules/system.module", "modules/user.module", "modules/watchdog.module"); // the throttle mechanism requires additional modules always be enabled $throttle_required = array_merge($required, array("modules/statistics.module", "modules/throttle.module")); + + $header = array(t("name"), t("description"), t("status"), t("throttle")); } else { + $required = array(); $header = array(t("name"), t("description"), t("enable"), t("default")); } @@ -338,20 +304,57 @@ function system_listing($type, $directory, $required = array()) { return $output; } -function system_admin() { - +function system_listing_save($edit = array()) { $op = $_POST["op"]; $edit = $_POST["edit"]; - if (user_access("administer site configuration")) { - if ($op == t("Reset to defaults")) { - system_reset_default($edit); + if ($op == t("Save configuration")) { + db_query("UPDATE {system} SET status = '0' WHERE type = '%s'", $edit["type"]); + foreach ($edit["status"] as $filename => $status) { + db_query("UPDATE {system} SET status = %d, throttle = %d WHERE filename = '$filename'", $status, $edit["throttle"]["$filename"]); } + if ($edit["type"] == "theme") { + variable_set("theme_default", $edit["theme_default"]); + } + + cache_clear_all(); + + drupal_set_message(t("the configuration options have been saved.")); + } +} + +function system_settings_form($form) { + $form .= form_submit(t("Save configuration")); + $form .= form_submit(t("Reset to defaults")); + + return form($form); +} + +function system_settings_save() { + $op = $_POST["op"]; + $edit = $_POST["edit"]; - if ($op == t("Save configuration")) { - system_save_settings($edit); + if ($op == t("Reset to defaults")) { + foreach ($edit as $name => $value) { + variable_del($name); + } + drupal_set_message(t("the configuration options have been reset to their default values.")); + } + if ($op == t("Save configuration")) { + foreach ($edit as $name => $value) { + variable_set($name, $value); } + drupal_set_message(t("the configuration options have been saved.")); + } + else { + return; + } + cache_clear_all(); +} + +function system_admin() { + if (user_access("administer site configuration")) { $output = system_view(arg(2), arg(3)); print theme("page", $output); } diff --git a/modules/system/system.module b/modules/system/system.module index 5021c8331..bce1ad06f 100644 --- a/modules/system/system.module +++ b/modules/system/system.module @@ -15,9 +15,6 @@ function system_help($section = "admin/help#system") { case 'admin/system/modules': $output = t("Modules are plugins for Drupal that extend its core functionality. Here you can select which modules are enabled. Click on the name of the module in the navigation menu for their individual configuration pages. Once a module is enabled, new %permissions might be made available. Modules can automatically be temporarily disabled to reduce server load when your site becomes extremely busy by checking throttle. The auto-throttle functionality must be enabled on the %throttle after having enabled the throttle module.", array("%permissions" => l(t("permissions"), "admin/user/permission"), "%throttle" => l(t("throttle configuration page"), "admin/system/modules/throttle"))); break; - case 'admin/system/filters': - $output = t("Filters fit between the raw text in a node and the HTML output. They allow you to replace text selectively. Uses include automatic conversion of emoticons into graphics and filtering HTML content from users' submissions."); - break; case 'admin/help#system': case 'admin/system/help': $output .= "<p>Drupal comes with system-wide defaults but the setting-module provides control over many Drupal preferences, behaviours including visual and operational settings.</p>"; @@ -79,7 +76,6 @@ function system_link($type) { menu("admin/system/modules/$name", t($name), "system_admin"); } } - menu("admin/system/filters", t("filters"), "system_admin", 4); menu("admin/system/help", t("help"), "system_help_page", 9); } } @@ -196,78 +192,45 @@ function system_view_theme($name) { return $output; } -function system_view_filters() { - return implode("\n", module_invoke_all("conf_filters")); -} - -function system_save_settings($edit = array()) { - - if ($edit["type"]) { - db_query("UPDATE {system} SET status = '0' WHERE type = '%s'", $edit["type"]); - foreach ($edit["status"] as $filename => $status) { - db_query("UPDATE {system} SET status = %d, throttle = %d WHERE filename = '$filename'", $status, $edit["throttle"]["$filename"]); - } - if ($edit["type"] == "theme") { - variable_set("theme_default", $edit["theme_default"]); - } - } - else { - foreach ($edit as $name => $value) { - variable_set($name, $value); - } - } - cache_clear_all(); - - drupal_set_message(t("the configuration options have been saved.")); -} - -function system_reset_default($edit = array()) { - foreach ($edit as $name => $value) { - variable_del($name); +function system_view($type, $arg = "") { + // The module/theme lists don't use the generic settings handler + if (($type == "modules" || $type == "themes") && $arg == "") { + system_listing_save(); + $form = system_listing($type); + $form .= form_submit(t("Save configuration")); + return form($form); } - cache_clear_all(); - - drupal_set_message(t("the configuration options have been reset to their default values.")); -} + system_settings_save(); -function system_view($type, $arg = "") { - $required = array("modules/admin.module", "modules/user.module", "modules/system.module", "modules/watchdog.module"); - $links = array(); switch ($type) { - case "filters": - $form = system_view_filters(); - break; case "modules": - if ($arg) { - $form = module_invoke($arg, "settings"); - } - else { - $form = system_listing("module", "modules", $required); - } + $form = module_invoke($arg, "settings"); break; case "themes": - if ($arg) { - $form = system_view_theme($arg); - } - else { - $form = system_listing("theme", "themes", $required); - } + $form = system_view_theme($arg); break; default: $form = system_view_general(); break; } - $form .= form_submit(t("Save configuration")); - $form .= form_submit(t("Reset to defaults")); - - return form($form); + return system_settings_form($form); } -function system_listing($type, $directory, $required = array()) { - // Make sure we set $type correctly - $type = $type != 'theme' ? "module" : "theme"; +function system_listing($type) { + // Pick appropriate directory and filetype + switch ($type) { + case "modules": + $directory = "modules"; + $type = "module"; + break; + case "themes": + default: + $directory = "themes"; + $type = "theme"; + break; + } // Find files in the directory. $files = file_scan_directory($directory, "\.$type$"); @@ -285,11 +248,14 @@ function system_listing($type, $directory, $required = array()) { ksort($files); if ($type == "module") { - $header = array(t("name"), t("description"), t("status"), t("throttle")); + $required = array("modules/admin.module", "modules/filter.module", "modules/system.module", "modules/user.module", "modules/watchdog.module"); // the throttle mechanism requires additional modules always be enabled $throttle_required = array_merge($required, array("modules/statistics.module", "modules/throttle.module")); + + $header = array(t("name"), t("description"), t("status"), t("throttle")); } else { + $required = array(); $header = array(t("name"), t("description"), t("enable"), t("default")); } @@ -338,20 +304,57 @@ function system_listing($type, $directory, $required = array()) { return $output; } -function system_admin() { - +function system_listing_save($edit = array()) { $op = $_POST["op"]; $edit = $_POST["edit"]; - if (user_access("administer site configuration")) { - if ($op == t("Reset to defaults")) { - system_reset_default($edit); + if ($op == t("Save configuration")) { + db_query("UPDATE {system} SET status = '0' WHERE type = '%s'", $edit["type"]); + foreach ($edit["status"] as $filename => $status) { + db_query("UPDATE {system} SET status = %d, throttle = %d WHERE filename = '$filename'", $status, $edit["throttle"]["$filename"]); } + if ($edit["type"] == "theme") { + variable_set("theme_default", $edit["theme_default"]); + } + + cache_clear_all(); + + drupal_set_message(t("the configuration options have been saved.")); + } +} + +function system_settings_form($form) { + $form .= form_submit(t("Save configuration")); + $form .= form_submit(t("Reset to defaults")); + + return form($form); +} + +function system_settings_save() { + $op = $_POST["op"]; + $edit = $_POST["edit"]; - if ($op == t("Save configuration")) { - system_save_settings($edit); + if ($op == t("Reset to defaults")) { + foreach ($edit as $name => $value) { + variable_del($name); + } + drupal_set_message(t("the configuration options have been reset to their default values.")); + } + if ($op == t("Save configuration")) { + foreach ($edit as $name => $value) { + variable_set($name, $value); } + drupal_set_message(t("the configuration options have been saved.")); + } + else { + return; + } + cache_clear_all(); +} + +function system_admin() { + if (user_access("administer site configuration")) { $output = system_view(arg(2), arg(3)); print theme("page", $output); } |