Commit c2151b52 authored by Steven Wittens's avatar Steven Wittens

Committed filter separation patch: all filter-related things are now in...

Committed filter separation patch: all filter-related things are now in filter.module (which is a required module).
To do this cleanly, I reorganised some bits of system.module: there is now a generic handler available for simple variable-get/set based configuration pages. Look at filter_admin() or system_view() for example usage.

(based on the patch by Goba)
parent daaeef0e
......@@ -454,115 +454,6 @@ function check_form($text) {
return drupal_specialchars($text, ENT_QUOTES);
}
function filter($text) {
$modules = module_list();
/*
** Make sure the HTML filters that are part of the node module
** are run first.
*/
if (in_array("node", $modules)) {
$text = module_invoke("node", "filter", $text);
}
foreach ($modules as $name) {
if (module_hook($name, "filter") && $name != "node") {
$text = module_invoke($name, "filter", $text);
}
}
return $text;
}
function rewrite_old_urls($text) {
global $base_url;
$end = substr($base_url, 12);
/*
** This is a *temporary* filter to rewrite old-style URLs to new-style
** URLs (clean URLs). Currently, URLs are being rewritten dynamically
** (ie. "on output"), however when these rewrite rules have been tested
** enough, we will use them to permanently rewrite the links in node
** and comment bodies.
*/
if (variable_get("clean_url", "0") == "0") {
/*
** Relative URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"?q=\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4/\\6" , $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2", $text);
/*
** Absolute URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/?q=\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4/\\6" , $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"$end/?q=\\2", $text);
}
else {
/*
** Relative URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4/\\6", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2", $text);
/*
** Absolute URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4/\\6", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2", $text);
}
return $text;
}
function check_output($text) {
if (isset($text)) {
// filter content on output:
$text = filter($text);
/*
** If only inline elements are used and no block level elements, we
** replace all newlines with HTML line breaks.
*/
if (strip_tags($text, '<a><br><span><bdo><map><object><img><tt><i><b><big><small><em><strong><dfn><code><q><samp><kbd><var><cite><abbr><acronym><sub><sup><input><select><textarea><label><button><ins><del><script>') == $text) {
$text = nl2br($text);
}
}
else {
$text = message_na();
}
return $text;
}
function check_file($filename) {
return is_uploaded_file($filename);
}
......
......@@ -3,10 +3,11 @@
// initialize modules:
function module_init() {
// Note: changing this also requires changing system_admin() @ modules/system.module.
// Note: changing this also requires changing system_listing() @ modules/system.module.
require_once "modules/admin.module";
require_once "modules/user.module";
require_once "modules/filter.module";
require_once "modules/system.module";
require_once "modules/user.module";
require_once "modules/watchdog.module";
module_list();
module_invoke_all("init");
......@@ -49,7 +50,7 @@ function module_list($refresh = 0, $bootstrap = 0) {
}
if (!$list) {
$list = array("admin" => "admin", "system" => "system", "user" => "user", "watchdog" => "watchdog");
$list = array("admin" => "admin", "filter" => "filter", "system" => "system", "user" => "user", "watchdog" => "watchdog");
$result = db_query("SELECT name, filename, throttle, bootstrap FROM {system} WHERE type = 'module' AND status = '1' ORDER BY name");
while ($module = db_fetch_object($result)) {
if (file_exists($module->filename)) {
......
<?php
// $Id$
function filter_help($section = "admin/help#filter") {
switch ($section) {
case 'admin/system/modules#description':
return t("Framework for handling filtering of content.");
case 'admin/system/filters':
return t("Filters fit between the raw text in a node and the HTML output. They allow you to replace text selectively. Uses include automatic conversion of emoticons into graphics and filtering HTML content from users' submissions.");
}
}
function filter_link($type) {
if ($type == "system" && user_access("administer site configuration")) {
menu("admin/system/filters", t("filters"), "filter_admin", 5);
}
}
function filter_admin() {
if (user_access("administer site configuration")) {
system_settings_save();
$form = implode("\n", module_invoke_all("conf_filters"));
$output = system_settings_form($form);
print theme("page", $output);
}
else {
print theme("page", message_access());
}
}
function filter_conf_filters() {
$group1 .= form_radios(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed (see below). If set to \"Escape tags\", all HTML is escaped and presented as it was typed."));
$group1 .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'ON*' attributes and unclosed tags are always stripped."));
$group1 .= form_radios(t("HTML style attributes"), "filter_style", variable_get("filter_style", 1), array(t("Allowed"), t("Removed")), t("If \"Strip tags\" is selected, you can choose whether 'STYLE' attributes are allowed or removed from input."));
$output .= form_group(t("HTML filtering"), $group1);
$group2 .= form_radios(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers."));
$output .= form_group(t("Legacy filtering"), $group2);
return $output;
}
function check_output($text) {
if (isset($text)) {
// filter content on output:
$modules = module_list();
// Default filters are run first: they determine how to handle HTML
$text = filter_default($text);
foreach ($modules as $name) {
if (module_hook($name, "filter") && $name != "node") {
$text = module_invoke($name, "filter", $text);
}
}
/*
** If only inline elements are used and no block level elements, we
** replace all newlines with HTML line breaks.
*/
if (strip_tags($text, '<a><br><span><bdo><map><object><img><tt><i><b><big><small><em><strong><dfn><code><q><samp><kbd><var><cite><abbr><acronym><sub><sup><input><select><textarea><label><button><ins><del><script>') == $text) {
$text = nl2br($text);
}
}
else {
$text = message_na();
}
return $text;
}
function filter_default($text) {
if (variable_get("filter_html", 0) == 1) {
// Allow users to enter HTML, but filter it
$text = strip_tags($text, variable_get("allowed_html", ""));
if (variable_get("filter_style", 1)) {
$text = preg_replace("/\Wstyle\s*=[^>]+?>/i", ">", $text);
}
$text = preg_replace("/\Won[a-z]+\s*=[^>]+?>/i", ">", $text);
}
if (variable_get("rewrite_old_urls", 0)) {
$text = filter_old_urls($text);
}
if (variable_get("filter_html", 0) == 2) {
// Escape HTML
$text = htmlspecialchars($text);
}
return trim($text);
}
function filter_old_urls($text) {
global $base_url;
$end = substr($base_url, 12);
/*
** This is a *temporary* filter to rewrite old-style URLs to new-style
** URLs (clean URLs). Currently, URLs are being rewritten dynamically
** (ie. "on output"), however when these rewrite rules have been tested
** enough, we will use them to permanently rewrite the links in node
** and comment bodies.
*/
if (variable_get("clean_url", "0") == "0") {
/*
** Relative URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"?q=\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4/\\6" , $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2", $text);
/*
** Absolute URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/?q=\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4/\\6" , $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"$end/?q=\\2", $text);
}
else {
/*
** Relative URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4/\\6", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2", $text);
/*
** Absolute URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4/\\6", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2", $text);
}
return $text;
}
?>
\ No newline at end of file
<?php
// $Id$
function filter_help($section = "admin/help#filter") {
switch ($section) {
case 'admin/system/modules#description':
return t("Framework for handling filtering of content.");
case 'admin/system/filters':
return t("Filters fit between the raw text in a node and the HTML output. They allow you to replace text selectively. Uses include automatic conversion of emoticons into graphics and filtering HTML content from users' submissions.");
}
}
function filter_link($type) {
if ($type == "system" && user_access("administer site configuration")) {
menu("admin/system/filters", t("filters"), "filter_admin", 5);
}
}
function filter_admin() {
if (user_access("administer site configuration")) {
system_settings_save();
$form = implode("\n", module_invoke_all("conf_filters"));
$output = system_settings_form($form);
print theme("page", $output);
}
else {
print theme("page", message_access());
}
}
function filter_conf_filters() {
$group1 .= form_radios(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed (see below). If set to \"Escape tags\", all HTML is escaped and presented as it was typed."));
$group1 .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'ON*' attributes and unclosed tags are always stripped."));
$group1 .= form_radios(t("HTML style attributes"), "filter_style", variable_get("filter_style", 1), array(t("Allowed"), t("Removed")), t("If \"Strip tags\" is selected, you can choose whether 'STYLE' attributes are allowed or removed from input."));
$output .= form_group(t("HTML filtering"), $group1);
$group2 .= form_radios(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers."));
$output .= form_group(t("Legacy filtering"), $group2);
return $output;
}
function check_output($text) {
if (isset($text)) {
// filter content on output:
$modules = module_list();
// Default filters are run first: they determine how to handle HTML
$text = filter_default($text);
foreach ($modules as $name) {
if (module_hook($name, "filter") && $name != "node") {
$text = module_invoke($name, "filter", $text);
}
}
/*
** If only inline elements are used and no block level elements, we
** replace all newlines with HTML line breaks.
*/
if (strip_tags($text, '<a><br><span><bdo><map><object><img><tt><i><b><big><small><em><strong><dfn><code><q><samp><kbd><var><cite><abbr><acronym><sub><sup><input><select><textarea><label><button><ins><del><script>') == $text) {
$text = nl2br($text);
}
}
else {
$text = message_na();
}
return $text;
}
function filter_default($text) {
if (variable_get("filter_html", 0) == 1) {
// Allow users to enter HTML, but filter it
$text = strip_tags($text, variable_get("allowed_html", ""));
if (variable_get("filter_style", 1)) {
$text = preg_replace("/\Wstyle\s*=[^>]+?>/i", ">", $text);
}
$text = preg_replace("/\Won[a-z]+\s*=[^>]+?>/i", ">", $text);
}
if (variable_get("rewrite_old_urls", 0)) {
$text = filter_old_urls($text);
}
if (variable_get("filter_html", 0) == 2) {
// Escape HTML
$text = htmlspecialchars($text);
}
return trim($text);
}
function filter_old_urls($text) {
global $base_url;
$end = substr($base_url, 12);
/*
** This is a *temporary* filter to rewrite old-style URLs to new-style
** URLs (clean URLs). Currently, URLs are being rewritten dynamically
** (ie. "on output"), however when these rewrite rules have been tested
** enough, we will use them to permanently rewrite the links in node
** and comment bodies.
*/
if (variable_get("clean_url", "0") == "0") {
/*
** Relative URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"?q=\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4/\\6" , $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2/\\4", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"?q=\\2", $text);
/*
** Absolute URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/?q=\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4/\\6" , $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/?q=\\2/\\4", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"$end/?q=\\2", $text);
}
else {
/*
** Relative URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("\"(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "\"\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4/\\6", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2/\\4", $text);
$text = ereg_replace("\"module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "\"\\2", $text);
/*
** Absolute URLs:
*/
// rewrite 'node.php?id=<number>[&cid=<number>]' style URLs:
$text = eregi_replace("$end/(node)\.php\?id=([[:digit:]]+)(&cid=)?([[:digit:]]*)", "$end/\\1/view/\\2/\\4", $text);
// rewrite 'module.php?mod=<name>{&<op>=<value>}' style URLs:
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4/\\6", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2/\\4", $text);
$text = ereg_replace("$end/module\.php\?(&?[[:alpha:]]+=([[:alnum:]]+))", "$end/\\2", $text);
}
return $text;
}
?>
\ No newline at end of file
......@@ -515,39 +515,6 @@ function node_settings() {
return $output;
}
function node_conf_filters() {
$group1 .= form_radios(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed (see below). If set to \"Escape tags\", all HTML is escaped and presented as it was typed."));
$group1 .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'ON*' attributes and unclosed tags are always stripped."));
$group1 .= form_radios(t("HTML style attributes"), "filter_style", variable_get("filter_style", 1), array(t("Allowed"), t("Removed")), t("If \"Strip tags\" is selected, you can choose whether 'STYLE' attributes are allowed or removed from input."));
$output .= form_group("HTML filtering", $group1);
$group2 .= form_radios(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers."));
$output .= form_group("Legacy filtering", $group2);
return $output;
}
function node_escape_html($text) {
return htmlspecialchars($text);
}
function node_filter_html($text) {
$text = strip_tags($text, variable_get("allowed_html", ""));
if (variable_get("filter_style", 1)) {
$text = preg_replace("/\Wstyle\s*=[^>]+?>/i", ">", $text);
}
$text = preg_replace("/\Won[a-z]+\s*=[^>]+?>/i", ">", $text);
return $text;
}
function node_filter_link($text) {
$pat = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}'; // [link|description]
return ereg_replace($pat, $dst, $text);
}
function node_comment_mode($nid) {
static $comment_mode;
if (!isset($comment_mode[$nid])) {
......@@ -556,22 +523,6 @@ function node_comment_mode($nid) {
return $comment_mode[$nid];
}
function node_filter($text) {
if (variable_get("filter_html", 0) == 1) {
$text = node_filter_html($text);
}
if (variable_get("rewrite_old_urls", 0)) {
$text = rewrite_old_urls($text);
}
if (variable_get("filter_html", 0) == 2) {
$text = node_escape_html($text);
}
return trim($text);
}
function node_link($type, $node = 0, $main = 0) {
$links = array();
......
......@@ -515,39 +515,6 @@ function node_settings() {
return $output;
}
function node_conf_filters() {
$group1 .= form_radios(t("Filter HTML tags"), "filter_html", variable_get("filter_html", 0), array(0 => t("Do not filter"), 1 => t("Strip tags"), 2 => t("Escape tags")), t("How to deal with HTML and PHP tags in user-contributed content. If set to \"Strip tags\", dangerous tags are removed (see below). If set to \"Escape tags\", all HTML is escaped and presented as it was typed."));
$group1 .= form_textfield(t("Allowed HTML tags"), "allowed_html", variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>"), 64, 255, t("If \"Strip tags\" is selected, optionally specify tags which should not be stripped. 'ON*' attributes and unclosed tags are always stripped."));
$group1 .= form_radios(t("HTML style attributes"), "filter_style", variable_get("filter_style", 1), array(t("Allowed"), t("Removed")), t("If \"Strip tags\" is selected, you can choose whether 'STYLE' attributes are allowed or removed from input."));
$output .= form_group("HTML filtering", $group1);
$group2 .= form_radios(t("Rewrite old URLs"), "rewrite_old_urls", variable_get("rewrite_old_urls", 0), array(t("Disabled"), t("Enabled")), t("The introduction of 'clean URLs' in Drupal 4.2.0 breaks internal URLs that date back from Drupal 4.1.0 and before. If enabled, this filter will attempt to rewrite the old style URLs to avoid broken links. If <code>mod_rewrite</code> is available on your system, use the rewrite rules in Drupal's <code>.htaccess</code> file instead as these will also correct external referrers."));
$output .= form_group("Legacy filtering", $group2);
return $output;
}
function node_escape_html($text) {
return htmlspecialchars($text);
}
function node_filter_html($text) {
$text = strip_tags($text, variable_get("allowed_html", ""));
if (variable_get("filter_style", 1)) {
$text = preg_replace("/\Wstyle\s*=[^>]+?>/i", ">", $text);
}
$text = preg_replace("/\Won[a-z]+\s*=[^>]+?>/i", ">", $text);
return $text;
}
function node_filter_link($text) {
$pat = '\[{2}([^\|]+)(\|([^\|]+)?)?\]{2}'; // [link|description]
return ereg_replace($pat, $dst, $text);
}
function node_comment_mode($nid) {
static $comment_mode;
if (!isset($comment_mode[$nid])) {
......@@ -556,22 +523,6 @@ function node_comment_mode($nid) {
return $comment_mode[$nid];
}
function node_filter($text) {
if (variable_get("filter_html", 0) == 1) {
$text = node_filter_html($text);
}
if (variable_get("rewrite_old_urls", 0)) {
$text = rewrite_old_urls($text);
}
if (variable_get("filter_html", 0) == 2) {
$text = node_escape_html($text);
}
return trim($text);
}
function node_link($type, $node = 0, $main = 0) {
$links = array();
......
......@@ -15,9 +15,6 @@ function system_help($section = "admin/help#system") {
case 'admin/system/modules':
$output = t("Modules are plugins for Drupal that extend its core functionality. Here you can select which modules are enabled. Click on the name of the module in the navigation menu for their individual configuration pages. Once a module is enabled, new %permissions might be made available. Modules can automatically be temporarily disabled to reduce server load when your site becomes extremely busy by checking throttle. The auto-throttle functionality must be enabled on the %throttle after having enabled the throttle module.", array("%permissions" => l(t("permissions"), "admin/user/permission"), "%throttle" => l(t("throttle configuration page"), "admin/system/modules/throttle")));
break;
case 'admin/system/filters':
$output = t("Filters fit between the raw text in a node and the HTML output. They allow you to replace text selectively. Uses include automatic conversion of emoticons into graphics and filtering HTML content from users' submissions.");
break;
case 'admin/help#system':
case 'admin/system/help':
$output .= "<p>Drupal comes with system-wide defaults but the setting-module provides control over many Drupal preferences, behaviours including visual and operational settings.</p>";
......@@ -79,7 +76,6 @@ function system_link($type) {
menu("admin/system/modules/$name", t($name), "system_admin");
}
}
menu("admin/system/filters", t("filters"), "system_admin", 4);
menu("admin/system/help", t("help"), "system_help_page", 9);
}
}
......@@ -196,78 +192,45 @@ function system_view_theme($name) {
return $output;
}
function system_view_filters() {
return implode("\n", module_invoke_all("conf_filters"));
}
function system_save_settings($edit = array()) {
if ($edit["type"]) {
db_query("UPDATE {system} SET status = '0' WHERE type = '%s'", $edit["type"]);
foreach ($edit["status"] as $filename => $status) {
db_query("UPDATE {system} SET status = %d, throttle = %d WHERE filename = '$filename'", $status, $edit["throttle"]["$filename"]);
}
if ($edit["type"] == "theme") {
variable_set("theme_default", $edit["theme_default"]);
}
}
else {
foreach ($edit as $name => $value) {
variable_set($name, $value);
}
}
cache_clear_all();
drupal_set_message(t("the configuration options have been saved."));
}
function system_reset_default($edit = array()) {
foreach ($edit as $name => $value) {
variable_del($name);
function system_view($type, $arg = "") {
// The module/theme lists don't use the generic settings handler
if (($type == "modules" || $type == "themes") && $arg == "") {
system_listing_save();
$form = system_listing($type);
$form .= form_submit(t("Save configuration"));
return form($form);
}
cache_clear_all();
drupal_set_message(t("the configuration options have been reset to their default values."));
}
system_settings_save();
function system_view($type, $arg = "") {
$required = array("modules/admin.module", "modules/user.module", "modules/system.module", "modules/watchdog.module");
$links = array();
switch ($type) {
case "filters":
$form = system_view_filters();
break;
case "modules":
if ($arg) {
$form = module_invoke($arg, "settings");
}
else {
$form = system_listing("module", "modules", $required);
}
$form = module_invoke($arg, "settings");