[geeklog-cvs] geeklog-1.3/public_html lib-common.php,1.378,1.379

dhaun at iowaoutdoors.org dhaun at iowaoutdoors.org
Tue Sep 28 13:50:10 EDT 2004 

Update of /var/cvs/geeklog-1.3/public_html
In directory www:/tmp/cvs-serv15652

Modified Files:
	lib-common.php 
Log Message:
1) Introduced an additional parameter to COM_checkHTML and COM_allowedHTML to specify which permissions the current user should have to be considered an "Admin" (bugs #114 and #118)
2) COM_allowedHTML can now, optionally, return only the list of allowed HTML tags (bug #118)
3) For the poll block, always use the block title stored in the database (bug #205)


Index: lib-common.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/lib-common.php,v
retrieving revision 1.378
retrieving revision 1.379
diff -C2 -d -r1.378 -r1.379
*** lib-common.php	25 Sep 2004 11:42:18 -0000	1.378
--- lib-common.php	28 Sep 2004 17:50:08 -0000	1.379
***************
*** 1461,1465 ****
  * @param        int         $actionid       1 = write to log file, 2 = write to screen (default) both
  * @see function COM_accessLog
! * @return   string  If $actionid = 2 or '' then HTML formated string (wrapped in block) else nothing
  *
  */
--- 1461,1465 ----
  * @param        int         $actionid       1 = write to log file, 2 = write to screen (default) both
  * @see function COM_accessLog
! * @return   string  If $actionid = 2 or '' then HTML formatted string (wrapped in block) else nothing
  *
  */
***************
*** 1642,1646 ****
                  }
  
!                 $retval = COM_startBlock( $LANG01[5], '',
                                COM_getBlockTemplate( 'poll_block', 'header' ))
                          . $poll->finish( $poll->parse( 'output', 'block' ))
--- 1642,1648 ----
                  }
  
!                 $title = DB_getItem( $_TABLES['blocks'], 'title',
!                                      "name='poll_block'" );
!                 $retval = COM_startBlock( $title, '',
                                COM_getBlockTemplate( 'poll_block', 'header' ))
                          . $poll->finish( $poll->parse( 'output', 'block' ))
***************
*** 1880,1884 ****
  *
  * @param        string      $topic      TopicID of currently selected
! * @return   string    HTML formated topic list
  *
  */
--- 1882,1886 ----
  *
  * @param        string      $topic      TopicID of currently selected
! * @return   string    HTML formatted topic list
  *
  */
***************
*** 3193,3207 ****
  * This function checks html tags.
  *
! * The core of this code has been lifted from phpslash which is licenced under
! * the GPL.  It checks to see that the HTML tags are on the approved list and
  * removes them if not.
  *
! * @param        string      $str        HTML to check
! * @see function COM_checkHTML
! * @return   string  Filtered HTML
  *
  */
! 
! function COM_checkHTML( $str )
  {
      global $_CONF;
--- 3195,3207 ----
  * This function checks html tags.
  *
! * Checks to see that the HTML tags are on the approved list and
  * removes them if not.
  *
! * @param    string  $str            HTML to check
! * @param    string  $permissions    comma-separated list of rights which identify the current user as an "Admin"
! * @return   string                  Filtered HTML
  *
  */
! function COM_checkHTML( $str, $permissions = 'story.edit' )
  {
      global $_CONF;
***************
*** 3257,3261 ****
      }
  
!     if( !SEC_hasRights( 'story.edit' ) || empty( $_CONF['admin_html'] ))       
      {
          $html = $_CONF['user_html'];
--- 3257,3262 ----
      }
  
!     if( empty( $permissions) || !SEC_hasRights( $permissions ) ||
!             empty( $_CONF['admin_html'] ))       
      {
          $html = $_CONF['user_html'];
***************
*** 3263,3267 ****
      else
      {
!         $html = array_merge_recursive( $_CONF['user_html'], $_CONF['admin_html'] );
      }
  
--- 3264,3269 ----
      else
      {
!         $html = array_merge_recursive( $_CONF['user_html'],
!                                        $_CONF['admin_html'] );
      }
  
***************
*** 3945,3949 ****
  
  /**
! * Returns what HTML is allows in content
  *
  * Returns what HTML tags the system allows to be used inside content.
--- 3947,3951 ----
  
  /**
! * Returns what HTML is allowed in content
  *
  * Returns what HTML tags the system allows to be used inside content.
***************
*** 3951,3964 ****
  * (for admins, see also $_CONF['admin_html']).
  *
  * @return   string  HTML <span> enclosed string
  */
! 
! function COM_allowedHTML()
  {
      global $_CONF, $LANG01;
  
!     $retval = '<span class="warningsmall">' . $LANG01[31] . ' ';
  
!     if( !SEC_hasRights( 'story.edit' ) || empty( $_CONF['admin_html'] ))
      {
          $html = $_CONF['user_html'];
--- 3953,3973 ----
  * (for admins, see also $_CONF['admin_html']).
  *
+ * @param    string  $permissions    comma-separated list of rights which identify the current user as an "Admin"
+ * @param    boolean $list_only      true = return only the list of HTML tags
  * @return   string  HTML <span> enclosed string
+ * @see function COM_checkHTML
  */
! function COM_allowedHTML( $permissions = 'story.edit', $list_only = false )
  {
      global $_CONF, $LANG01;
  
!     $retval = '';
!     if( !$list_only )
!     {
!         $retval .= '<span class="warningsmall">' . $LANG01[31] . ' ';
!     }
  
!     if( empty( $permissions ) || !SEC_hasRights( $permissions ) ||
!             empty( $_CONF['admin_html'] ))
      {
          $html = $_CONF['user_html'];
***************
*** 3966,4001 ****
      else
      {
!         $html = array_merge_recursive( $_CONF['user_html'], $_CONF['admin_html'] );
      }
  
-     $br = 0;
      foreach( $html as $tag => $attr )
      {
!         $br++;
!         $retval .= '<' . $tag . '>,';
!         if( $br == 10 )
!         {
!             $retval .= ' ';
!             $br = 0;
!         }
      }
  
      $retval .= '[code]';
-     $br++;
  
      $autotags = PLG_collectTags();
      foreach( $autotags as $tag => $module )
      {
!         $retval .= ',';
!         if( $br == 10 )
!         {
!             $retval .= ' ';
!             $br = 0;
!         }
!         $br++;
!         $retval .= '[' . $tag . ':]';
      }
  
!     $retval .= '</span>';
  
      return $retval;
--- 3975,4000 ----
      else
      {
!         $html = array_merge_recursive( $_CONF['user_html'],
!                                        $_CONF['admin_html'] );
      }
  
      foreach( $html as $tag => $attr )
      {
!         $retval .= '<' . $tag . '>, ';
      }
  
      $retval .= '[code]';
  
+     // list autolink tags
      $autotags = PLG_collectTags();
      foreach( $autotags as $tag => $module )
      {
!         $retval .= ', [' . $tag . ':]';
      }
  
!     if( !$list_only )
!     {
!         $retval .= '</span>';
!     }
  
      return $retval;
***************
*** 4057,4061 ****
  * @param        string      $help       Help file for block
  * @param        string      $title      Title to be used in block header
! * @return   string  HTML formated block containing events.
  */
  
--- 4056,4060 ----
  * @param        string      $help       Help file for block
  * @param        string      $title      Title to be used in block header
! * @return   string  HTML formatted block containing events.
  */
  
***************
*** 4735,4739 ****
  * @param        int         $curpage        current page we are on
  * @param        int         $num_pages      Total number of pages
! * @return   string   HTML formated widget
  */
  
--- 4734,4738 ----
  * @param        int         $curpage        current page we are on
  * @param        int         $num_pages      Total number of pages
! * @return   string   HTML formatted widget
  */
  
***************
*** 4818,4830 ****
  
  /**
! * Returns formated date/time for user
  *
  * This function COM_takes a date in either unixtimestamp or in english and
  * formats it to the users preference.  If the user didn't specify a format
! * the format in the config file is used.  This returns array where array[0]
! * is the formated date and array[1] is the unixtimestamp
  *
  * @param        string      $date       date to format, otherwise we format current date/time
! * @return   array   array[0] is the formated date and array[1] is the unixtimestamp.
  */
  
--- 4817,4829 ----
  
  /**
! * Returns formatted date/time for user
  *
  * This function COM_takes a date in either unixtimestamp or in english and
  * formats it to the users preference.  If the user didn't specify a format
! * the format in the config file is used.  This returns an array where array[0]
! * is the formatted date and array[1] is the unixtimestamp
  *
  * @param        string      $date       date to format, otherwise we format current date/time
! * @return   array   array[0] is the formatted date and array[1] is the unixtimestamp.
  */
  
***************
*** 4877,4882 ****
  * Returns user-defined cookie timeout
  *
! * In account preferences users can specify when their long-term cookie expires.  This
! * function returns that value.
  *
  * @return   int Cookie time out value in seconds
--- 4876,4881 ----
  * Returns user-defined cookie timeout
  *
! * In account preferences users can specify when their long-term cookie expires.
! * This function returns that value.
  *
  * @return   int Cookie time out value in seconds
***************
*** 5326,5331 ****
  * This function sets the name of the arguments found in url
  *
! * @param        array       $names      Names of arguments in query string to assign to values
! * @return   boolean     True if suscessful
  */
  
--- 5325,5330 ----
  * This function sets the name of the arguments found in url
  *
! * @param    array   $names  Names of arguments in query string to assign to values
! * @return   boolean         True if successful
  */

More information about the geeklog-cvs mailing list