* added Texy for PHP4

* renamed TexyModule::$default -> $syntax * fixed bug TexyPhraseModule::$linksAllowed * TexyScriptModule - added {{texy: nofollow }} * class TexyConfigurator moved to own file
jkrcma · Jun 8, 2007 · c847400 · c847400
1 parent 57cca9c
commit c847400
Show file tree

Hide file tree

Showing 48 changed files with 6,661 additions and 140 deletions.
diff --git a/changelog.cs.texy b/changelog.cs.texy
@@ -1,51 +1,25 @@
 Changelog
 *********
 
-Verze 2.0 Release Candidate 1 (rev. 128)
+Verze 2.0 Release Candidate 1 (rev. 131)
 =========
 
-23. 5. 2007 .[date]
+8. 6. 2007 .[date]
 
+- balík nyní obsahuje verzi pro PH4
+- nové konfigurační funkce TexyConfigurator::disableLinks & TexyConfigurator::disableImages
+- $texy->safeMode() vyčleněno do nové statické třídy TexyConfigurator. Používejte TexyConfigurator::safeMode($texy). 
+- zrušeno trustMode() - jde totiž o výchozí nastavení Texy
 - vnitřní DTD validátor TexyHtmlCleaner nyní kontroluje i platnost atributů
 - opravena chyba zadávání atributů před modifikátor .{attr:value}
 - změna názvu $texy->formatterModule -> $texy->cleaner
 - vráceno zpět $texy->tabWidth
 - mbstring.func_overload fix
-
-
-Verze 2.0 Release Candidate 1 (rev. 125)
-=========
-
-5. 5. 2007 .[date]
-
 - přepsána knihovna TexyHtml - k vlastnostem elementu se nyní přistupuje přes `$el['src'] = 'image.gif'` namísto původního `$el->src = 'image.gif'`
 - zrušena konstanta TEXY, přidána konstanta Texy::VERSION
-
-
-Verze 2.0 Release Candidate 1 (rev. 122)
-=========
-
-26. 4. 2007 .[date]
-
-- $texy->safeMode() a trustMode() vyčleněno do nové statické třídy TexyConfigurator. Používejte TexyConfigurator::safeMode($texy) nebo trustMode($texy)
 - klonování třídy Texy není podporováno
-
-
-Verze 2.0 Release Candidate 1 (rev. 119)
-=========
-
-13. 4. 2007 .[date]
-
-- Texy2 by mělo být připraveno na ostrý provoz
 - kompaktní knihovna přejmenována `texy-compact.php` -> `texy.compact.php`
 - TexyDefinitionListModule začleněn do TexyListModule
-
-
-Verze 2.0 beta (rev. 113)
-=========
-
-4. 4. 2007 .[date]
-
 - vylepšená syntax seznamů, viz "fórum":http://forum.texy.info/viewtopic.php?id=399
 - aktivovány typografické úpravy v atributech title
 

diff --git a/examples/HTML filtering/demo.php b/examples/HTML filtering/demo.php
@@ -50,7 +50,7 @@ function doIt($texy)
 header('Content-type: text/html; charset=utf-8');
 
 echo '<h2>Enable nearly all valid tags</h2>';
-TexyConfigurator::trustMode($texy);
+// by default
 doIt($texy);
 
 echo '<h2>Texy::ALL - enables all tags</h2>';
@@ -61,6 +61,10 @@ function doIt($texy)
 TexyConfigurator::safeMode($texy);
 doIt($texy);
 
+echo '<h2>disableLinks() - disable all links</h2>';
+TexyConfigurator::disableLinks($texy);
+doIt($texy);
+
 echo '<h2>Texy::NONE - disables all tags</h2>';
 $texy->allowedTags = Texy::NONE;
 doIt($texy);

diff --git a/examples/syntax highlighting/sample.texy b/examples/syntax highlighting/sample.texy
@@ -1,4 +1,4 @@
-Syntax highlighting in Texy!
+Syntax highlighting in Texy!
 ****************************
 
 

diff --git a/texy-for-php4/libs/RegExp.Patterns.php b/texy-for-php4/libs/RegExp.Patterns.php
@@ -0,0 +1,52 @@
+<?php
+
+/**
+ * This file is part of the Texy! formatter (http://texy.info/)
+ *
+ * Copyright (c) 2004-2007 David Grudl aka -dgx- <[email protected]>
+ *
+ * @version  $Revision$ $Date$
+ * @package  Texy
+ */
+
+
+// security - include texy.php, not this file
+if (!class_exists('Texy')) die();
+
+
+
+// Regular expression patterns
+
+// Unicode character classes
+define('TEXY_CHAR',        'A-Za-z\x{C0}-\x{2FF}\x{370}-\x{1EFF}');
+
+// marking meta-characters
+// any mark:               \x14-\x1F
+// CONTENT_MARKUP mark:    \x17-\x1F
+// CONTENT_REPLACED mark:  \x16-\x1F
+// CONTENT_TEXTUAL mark:   \x15-\x1F
+// CONTENT_BLOCK mark:     \x14-\x1F
+define('TEXY_MARK',        "\x14-\x1F");
+
+
+// modifier .(title)[class]{style}
+define('TEXY_MODIFIER',    '(?: *(?<= |^)\\.((?:\\([^)\\n]+\\)|\\[[^\\]\\n]+\\]|\\{[^}\\n]+\\}){1,3}?))');
+
+// modifier .(title)[class]{style}<>
+define('TEXY_MODIFIER_H',  '(?: *(?<= |^)\\.((?:\\([^)\\n]+\\)|\\[[^\\]\\n]+\\]|\\{[^}\\n]+\\}|<>|>|=|<){1,4}?))');
+
+// modifier .(title)[class]{style}<>^
+define('TEXY_MODIFIER_HV', '(?: *(?<= |^)\\.((?:\\([^)\\n]+\\)|\\[[^\\]\\n]+\\]|\\{[^}\\n]+\\}|<>|>|=|<|\\^|\\-|\\_){1,5}?))');
+
+
+
+// images   [* urls .(title)[class]{style} >]
+define('TEXY_IMAGE',       '\[\*([^\n'.TEXY_MARK.']+)'.TEXY_MODIFIER.'? *(\*|>|<)\]');
+
+
+// links
+define('TEXY_LINK_URL',    '(?:\[[^\]\n]+\]|(?!\[)[^\s'.TEXY_MARK.']*?[^:);,.!?\s'.TEXY_MARK.'])'); // any url (nekonèí :).,!?
+define('TEXY_LINK',        '(?::('.TEXY_LINK_URL.'))');       // any link
+define('TEXY_LINK_N',      '(?::('.TEXY_LINK_URL.'|:))');     // any link (also unstated)
+define('TEXY_EMAIL',       '[a-z0-9.+_-]+@[a-z0-9.+_-]+\.[a-z]{2,}');    // [email protected]
+define('TEXY_URLSCHEME',   '[a-z][a-z0-9+.-]*:');    // http:  |  mailto:
diff --git a/texy-for-php4/libs/TexyConfigurator.php b/texy-for-php4/libs/TexyConfigurator.php
@@ -0,0 +1,126 @@
+<?php
+
+/**
+ * This file is part of the Texy! formatter (http://texy.info/)
+ *
+ * Copyright (c) 2004-2007 David Grudl aka -dgx- <[email protected]>
+ *
+ * @version  $Revision$ $Date$
+ * @package  Texy
+ */
+
+// security - include texy.php, not this file
+if (!class_exists('Texy')) die();
+
+
+
+$GLOBALS['TexyConfigurator::$safeTags'] = array(
+    'a'         => array('href', 'title'),
+    'acronym'   => array('title'),
+    'b'         => array(),
+    'br'        => array(),
+    'cite'      => array(),
+    'code'      => array(),
+    'em'        => array(),
+    'i'         => array(),
+    'strong'    => array(),
+    'sub'       => array(),
+    'sup'       => array(),
+    'q'         => array(),
+    'small'     => array(),
+); /* class static property */
+
+
+/**
+ * Texy basic configurators
+ *
+ * <code>
+ *     $texy = new Texy();
+ *     TexyConfigurator::safeMode($texy);
+ * </code>
+ */
+class TexyConfigurator
+{
+    /**
+     * Configure Texy! for web comments and other usages, where input text may insert attacker
+     *
+     * @param Texy  object to configure
+     * @return void
+     */
+    function safeMode(/*Texy*/ $texy) /* static */
+    {
+        $texy->allowedClasses = TEXY_NONE;                 // no class or ID are allowed
+        $texy->allowedStyles  = TEXY_NONE;                 // style modifiers are disabled
+        $texy->allowedTags = $GLOBALS['TexyConfigurator::$safeTags'];               // only some "safe" HTML tags and attributes are allowed
+        $texy->urlSchemeFilters['a'] = '#https?:|ftp:|mailto:#A';
+        $texy->urlSchemeFilters['i'] = '#https?:#A';
+        $texy->urlSchemeFilters['c'] = '#http:#A';
+        $texy->allowed['image'] = FALSE;                    // disable images
+        $texy->allowed['link/definition'] = FALSE;          // disable [ref]: URL  reference definitions
+        $texy->allowed['html/comment'] = FALSE;             // disable HTML comments
+        $texy->linkModule->forceNoFollow = TRUE;            // force rel="nofollow"
+    }
+
+
+
+    /**
+     * Switch Texy! configuration to the (default) trust mode
+     *
+     * @param Texy  object to configure
+     * @return void
+     */
+    function trustMode(/*Texy*/ $texy) /* static */
+    {
+        trigger_error('trustMode() is deprecated. Trust configuration is by default.', E_USER_WARNING);
+
+        $texy->allowedClasses = TEXY_ALL;                  // classes and id are allowed
+        $texy->allowedStyles  = TEXY_ALL;                  // inline styles are allowed
+        $texy->allowedTags = array();                       // all valid HTML tags
+        foreach ($GLOBALS['TexyHtmlCleaner::$dtd']as $tag => $dtd)
+            $texy->allowedTags[$tag] = is_array($dtd[0]) ? array_keys($dtd[0]) : $dtd[0];
+        $texy->urlSchemeFilters = NULL;                     // disable URL scheme filter
+        $texy->allowed['image'] = TRUE;                     // enable images
+        $texy->allowed['link/definition'] = TRUE;           // enable [ref]: URL  reference definitions
+        $texy->allowed['html/comment'] = TRUE;              // enable HTML comments
+        $texy->linkModule->forceNoFollow = FALSE;           // disable automatic rel="nofollow"
+    }
+
+
+
+    /**
+     * Disable all links
+     *
+     * @param Texy  object to configure
+     * @return void
+     */
+    function disableLinks($texy)
+    {
+        $texy->allowed['link/reference'] = FALSE;
+        $texy->allowed['link/email'] = FALSE;
+        $texy->allowed['link/url'] = FALSE;
+        $texy->allowed['link/definition'] = FALSE;
+        $texy->phraseModule->linksAllowed = FALSE;
+
+        if (is_array($texy->allowedTags))
+            unset($texy->allowedTags['a']);
+        // TODO: else...
+    }
+
+
+    /**
+     * Disable all images
+     *
+     * @param Texy  object to configure
+     * @return void
+     */
+    function disableImages($texy)
+    {
+        $texy->allowed['image'] = FALSE;
+        $texy->allowed['figure'] = FALSE;
+        $texy->allowed['image/definition'] = FALSE;
+
+        if (is_array($texy->allowedTags))
+            unset($texy->allowedTags['img'], $texy->allowedTags['object'], $texy->allowedTags['embed'], $texy->allowedTags['applet']);
+        // TODO: else...
+    }
+}