aboutsummaryrefslogtreecommitdiff
path: root/engine/lib
diff options
context:
space:
mode:
authormarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-04-17 15:41:16 +0000
committermarcus <marcus@36083f99-b078-4883-b0ff-0f9b5a30f544>2009-04-17 15:41:16 +0000
commit07155a084db111c0586ce7ed958c87eed6116704 (patch)
treee5e64cd58d20bdb2a0ad896403d8814f11018f52 /engine/lib
parent566de88eb3a15b58600f5195dc7b185b8aae0d41 (diff)
downloadelgg-07155a084db111c0586ce7ed958c87eed6116704.tar.gz
elgg-07155a084db111c0586ce7ed958c87eed6116704.tar.bz2
Closes #833: Kses now built as module
git-svn-id: https://code.elgg.org/elgg/trunk@3222 36083f99-b078-4883-b0ff-0f9b5a30f544
Diffstat (limited to 'engine/lib')
-rw-r--r--engine/lib/input.php284
-rw-r--r--engine/lib/upgrades/2009041701.php10
2 files changed, 11 insertions, 283 deletions
diff --git a/engine/lib/input.php b/engine/lib/input.php
index 5ac3ad618..1380860b8 100644
--- a/engine/lib/input.php
+++ b/engine/lib/input.php
@@ -67,39 +67,6 @@
else
$CONFIG->input[trim($variable)] = trim($value);
- }
-
- /**
- * Kses filtering of tags, called on a plugin hook
- *
- * @param mixed $var Variable to filter
- * @return mixed
- */
- function kses_filter_tags($hook, $entity_type, $returnvalue, $params)
- {
- $return = $returnvalue;
- $var = $returnvalue;
-
- if (@include_once(dirname(dirname(dirname(__FILE__)))) . "/vendors/kses/kses.php") {
-
- global $CONFIG;
-
- $allowedtags = $CONFIG->allowedtags;
- $allowedprotocols = $CONFIG->allowedprotocols;
-
- if (!is_array($var)) {
- $return = "";
- $return = kses($var, $allowedtags, $allowedprotocols);
- } else {
- $return = array();
-
- foreach($var as $key => $el) {
- $return[$key] = kses($el, $allowedtags, $allowedprotocols);
- }
- }
- }
-
- return $return;
}
/**
@@ -247,257 +214,8 @@
$_SERVER['PATH_TRANSLATED'] = stripslashes($_SERVER['PATH_TRANSLATED']);
}
- }
-
-
- global $CONFIG;
- $CONFIG->allowedtags = array(
- 'address' => array(),
- 'a' => array(
- 'class' => array (),
- 'href' => array (),
- 'id' => array (),
- 'title' => array (),
- 'rel' => array (),
- 'rev' => array (),
- 'name' => array (),
- 'target' => array()),
- 'abbr' => array(
- 'class' => array (),
- 'title' => array ()),
- 'acronym' => array(
- 'title' => array ()),
- 'b' => array(),
- 'big' => array(),
- 'blockquote' => array(
- 'id' => array (),
- 'cite' => array (),
- 'class' => array(),
- 'lang' => array(),
- 'xml:lang' => array()),
- 'br' => array (
- 'class' => array ()),
- 'button' => array(
- 'disabled' => array (),
- 'name' => array (),
- 'type' => array (),
- 'value' => array ()),
- 'caption' => array(
- 'align' => array (),
- 'class' => array ()),
- 'cite' => array (
- 'class' => array(),
- 'dir' => array(),
- 'lang' => array(),
- 'title' => array ()),
- 'code' => array (),
-// 'style' => array()),
-// 'col' => array(
-// 'align' => array (),
-// 'char' => array (),
-// 'charoff' => array (),
-// 'span' => array (),
-// 'dir' => array(),
-// 'style' => array (),
-// 'valign' => array (),
-// 'width' => array ()),
- 'del' => array(
- 'datetime' => array ()),
- 'dd' => array(),
- 'div' => array(
- 'align' => array (),
- 'class' => array (),
- 'dir' => array (),
- 'lang' => array(),
-// 'style' => array (),
- 'xml:lang' => array()),
- 'dl' => array(),
- 'dt' => array(),
- 'em' => array(),
-// 'fieldset' => array(),
- 'font' => array(
- 'color' => array (),
- 'face' => array (),
- 'size' => array ()),
-// 'form' => array(
-// 'action' => array (),
-// 'accept' => array (),
-// 'accept-charset' => array (),
-// 'enctype' => array (),
-// 'method' => array (),
-// 'name' => array (),
-// 'target' => array ()),
- 'h1' => array(
- 'align' => array (),
- 'class' => array ()),
- 'h2' => array(
- 'align' => array (),
- 'class' => array ()),
- 'h3' => array(
- 'align' => array (),
- 'class' => array ()),
- 'h4' => array(
- 'align' => array (),
- 'class' => array ()),
- 'h5' => array(
- 'align' => array (),
- 'class' => array ()),
- 'h6' => array(
- 'align' => array (),
- 'class' => array ()),
- 'hr' => array(
- 'align' => array (),
- 'class' => array (),
- 'noshade' => array (),
- 'size' => array (),
- 'width' => array ()),
- 'i' => array(),
- 'img' => array(
- 'alt' => array (),
- 'align' => array (),
- 'border' => array (),
- 'class' => array (),
- 'height' => array (),
- 'hspace' => array (),
- 'longdesc' => array (),
- 'vspace' => array (),
- 'src' => array (),
-// 'style' => array (),
- 'width' => array ()),
- 'ins' => array(
- 'datetime' => array (),
- 'cite' => array ()),
- 'kbd' => array(),
- 'label' => array(
- 'for' => array ()),
- 'legend' => array(
- 'align' => array ()),
- 'li' => array (
- 'align' => array (),
- 'class' => array ()),
- 'p' => array(
- 'class' => array (),
- 'align' => array (),
- 'dir' => array(),
- 'lang' => array(),
-// 'style' => array (),
- 'xml:lang' => array()),
- 'pre' => array(
-// 'style' => array(),
- 'width' => array ()),
- 'q' => array(
- 'cite' => array ()),
- 's' => array(),
- 'span' => array (
- 'class' => array (),
- 'dir' => array (),
- 'align' => array (),
- 'lang' => array (),
-// 'style' => array (),
- 'title' => array (),
- 'xml:lang' => array()),
- 'strike' => array(),
- 'strong' => array(),
- 'sub' => array(),
- 'sup' => array(),
-// 'table' => array(
-// 'align' => array (),
-// 'bgcolor' => array (),
-// 'border' => array (),
-// 'cellpadding' => array (),
-// 'cellspacing' => array (),
-// 'class' => array (),
-// 'dir' => array(),
-// 'id' => array(),
-// 'rules' => array (),
-// 'style' => array (),
-// 'summary' => array (),
-// 'width' => array ()),
-// 'tbody' => array(
-// 'align' => array (),
-// 'char' => array (),
-// 'charoff' => array (),
-// 'valign' => array ()),
-// 'td' => array(
-// 'abbr' => array (),
-// 'align' => array (),
-// 'axis' => array (),
-// 'bgcolor' => array (),
-// 'char' => array (),
-// 'charoff' => array (),
-// 'class' => array (),
-// 'colspan' => array (),
-// 'dir' => array(),
-// 'headers' => array (),
-// 'height' => array (),
-// 'nowrap' => array (),
-// 'rowspan' => array (),
-// 'scope' => array (),
-// 'style' => array (),
-// 'valign' => array (),
-// 'width' => array ()),
-// 'textarea' => array(
-// 'cols' => array (),
-// 'rows' => array (),
-// 'disabled' => array (),
-// 'name' => array (),
-// 'readonly' => array ()),
-// 'tfoot' => array(
-// 'align' => array (),
-// 'char' => array (),
-// 'class' => array (),
-// 'charoff' => array (),
-// 'valign' => array ()),
-// 'th' => array(
-// 'abbr' => array (),
-// 'align' => array (),
-// 'axis' => array (),
-// 'bgcolor' => array (),
-// 'char' => array (),
-// 'charoff' => array (),
-// 'class' => array (),
-// 'colspan' => array (),
-// 'headers' => array (),
-// 'height' => array (),
-// 'nowrap' => array (),
-// 'rowspan' => array (),
-// 'scope' => array (),
-// 'valign' => array (),
-// 'width' => array ()),
-// 'thead' => array(
-// 'align' => array (),
-// 'char' => array (),
-// 'charoff' => array (),
-// 'class' => array (),
-// 'valign' => array ()),
- 'title' => array(),
-// 'tr' => array(
-// 'align' => array (),
-// 'bgcolor' => array (),
-// 'char' => array (),
-// 'charoff' => array (),
-// 'class' => array (),
-// 'style' => array (),
-// 'valign' => array ()),
- 'tt' => array(),
- 'u' => array(),
- 'ul' => array (
- 'class' => array (),
-// 'style' => array (),
- 'type' => array ()),
- 'ol' => array (
- 'class' => array (),
- 'start' => array (),
-// 'style' => array (),
- 'type' => array ()),
- 'var' => array ());
+ }
- $CONFIG->allowedprotocols = array('http', 'https', 'ftp', 'news', 'mailto', 'rtsp', 'teamspeak', 'gopher', 'mms',
- 'color', 'callto', 'cursor', 'text-align', 'font-size', 'font-weight', 'font-style',
- 'border', 'margin', 'padding', 'float');
-
- // For now, register the kses for processing
- register_plugin_hook('validate', 'input', 'kses_filter_tags', 1);
}
register_elgg_event_handler('init','system','input_init');
diff --git a/engine/lib/upgrades/2009041701.php b/engine/lib/upgrades/2009041701.php
new file mode 100644
index 000000000..609c7e569
--- /dev/null
+++ b/engine/lib/upgrades/2009041701.php
@@ -0,0 +1,10 @@
+<?php
+
+ global $CONFIG;
+
+ /// Activate kses
+ /**
+ * Elgg now has kses tag filtering built as a plugin. This needs to be enabled.
+ */
+ enable_plugin('kses', $CONFIG->site->guid);
+?> \ No newline at end of file