aboutsummaryrefslogtreecommitdiff
path: root/views/default/output/url.php
diff options
context:
space:
mode:
Diffstat (limited to 'views/default/output/url.php')
-rw-r--r--views/default/output/url.php85
1 files changed, 52 insertions, 33 deletions
diff --git a/views/default/output/url.php b/views/default/output/url.php
index 7f72f0dce..81b02087d 100644
--- a/views/default/output/url.php
+++ b/views/default/output/url.php
@@ -1,37 +1,56 @@
<?php
+/**
+ * Elgg URL display
+ * Displays a URL as a link
+ *
+ * @package Elgg
+ * @subpackage Core
+ *
+ * @uses string $vars['text'] The string between the <a></a> tags.
+ * @uses string $vars['href'] The unencoded url string
+ * @uses bool $vars['encode_text'] Run $vars['text'] through htmlspecialchars() (false)
+ * @uses bool $vars['is_action'] Is this a link to an action (false)
+ * @uses bool $vars['is_trusted'] Is this link trusted (false)
+ */
- /**
- * Elgg URL display
- * Displays a URL as a link
- *
- * @package Elgg
- * @subpackage Core
-
- * @author Curverider Ltd
-
- * @link http://elgg.org/
- *
- * @uses $vars['value'] The URL to display
- *
- */
-
- $val = trim($vars['value']);
- if (!empty($val)) {
- if ((substr_count($val, "http://") == 0) && (substr_count($val, "https://") == 0)) {
- $val = "http://" . $val;
- }
-
- if ($vars['is_action'])
- {
- $ts = time();
- $token = generate_action_token($ts);
-
- $sep = "?";
- if (strpos($val, '?')>0) $sep = "&";
- $val = "$val{$sep}__elgg_token=$token&__elgg_ts=$ts";
+$url = elgg_extract('href', $vars, null);
+if (!$url and isset($vars['value'])) {
+ $url = trim($vars['value']);
+ unset($vars['value']);
+}
+
+if (isset($vars['text'])) {
+ if (elgg_extract('encode_text', $vars, false)) {
+ $text = htmlspecialchars($vars['text'], ENT_QUOTES, 'UTF-8', false);
+ } else {
+ $text = $vars['text'];
+ }
+ unset($vars['text']);
+} else {
+ $text = htmlspecialchars($url, ENT_QUOTES, 'UTF-8', false);
+}
+
+unset($vars['encode_text']);
+
+if ($url) {
+ $url = elgg_normalize_url($url);
+
+ if (elgg_extract('is_action', $vars, false)) {
+ $url = elgg_add_action_tokens_to_url($url, false);
+ }
+
+ if (!elgg_extract('is_trusted', $vars, false)) {
+ if (!isset($vars['rel'])) {
+ $vars['rel'] = 'nofollow';
+ $url = strip_tags($url);
}
-
- echo "<a href=\"{$val}\" target=\"_blank\">". htmlentities($val, ENT_QUOTES, 'UTF-8'). "</a>";
- }
+ }
+
+ $vars['href'] = $url;
+}
+
+unset($vars['is_action']);
+unset($vars['is_trusted']);
-?> \ No newline at end of file
+$attributes = elgg_format_attributes($vars);
+echo "<a $attributes>$text</a>";
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-17 14:33:54 +0000