ここの情報は古いです。ご理解頂いた上でお取り扱いください。

Changeset 2734


Ignore:
Timestamp:
May 8, 2007, 9:10:13 PM (12 years ago)
Author:
ogawa
Message:

#665:#697:Smarty modifier のURL処理周りの見直し

Location:
OpenPNE/branches/2.8.x
Files:
13 edited

Legend:

Unmodified
Added
Removed
  • OpenPNE/branches/2.8.x/webapp/lib/OpenPNE/Config.php

    r2659 r2734  
    166166            'ADMIN_INIT_CONFIG' => true,
    167167            'SERVER_IP_KEY' => 'REMOTE_ADDR',
    168             'OPENPNE_USE_CMD_TAG' => true,
    169168            'OPENPNE_USE_FUNCTION_CACHE' => false,
    170169            'OPENPNE_USE_MYSQL_HINT' => false,
  • OpenPNE/branches/2.8.x/webapp/lib/smarty_plugins/modifier.t_cmd.php

    r2651 r2734  
    1111    }
    1212
    13     $regexp = '/<cmd\s+src="(\w+)"(?:\s+args="([\w\-\+%]+(,[\w\-\+%]+)*)?")?\s*>/i';
     13    $regexp = '/<cmd\s+src="(\w+)"(?:\s+args="([a-zA-Z0-9_\-+%]+(,[a-zA-Z0-9_\-+%]+)*)?")?\s*>/i';
    1414    $GLOBALS['_CMD']['type'] = $type;
    1515
    1616    return preg_replace_callback($regexp, '_smarty_modifier_t_cmd_make_js', $string);
    17 
    1817}
    1918
  • OpenPNE/branches/2.8.x/webapp/lib/smarty_plugins/modifier.t_url2a.php

    r2543 r2734  
    1313function smarty_modifier_t_url2a($string)
    1414{
    15     // "(") と '(') を元に戻す
    16     $search = array('"', ''');
    17     $replace = array('"', "'");
    18     $string = str_replace($search, $replace, $string);
    19 
    20     $url_pattern = '/https?:\/\/[\w\-.,:;\~\^\/?\@&=+\$%#!()]+/';
     15    $url_pattern = '/https?:\/\/(?:[a-zA-Z0-9_\-\/.,:;~?@=+$%#!()]|&)+/';
    2116    return preg_replace_callback($url_pattern, 'smarty_modifier_t_url2a_callback', $string);
    2217}
     
    2419function smarty_modifier_t_url2a_callback($matches)
    2520{
    26     return pne_url2a($matches[0]);
     21    $url = str_replace('&', '&', $matches[0]);
     22    return pne_url2a($url);
    2723}
    2824
  • OpenPNE/branches/2.8.x/webapp/lib/smarty_plugins/modifier.t_url2a_ktai.php

    r2180 r2734  
    1313function smarty_modifier_t_url2a_ktai($string)
    1414{
    15     // "(") と '(') を元に戻す
    16     $search = array('"', ''');
    17     $replace = array('"', "'");
    18     $string = str_replace($search, $replace, $string);
     15    $parts = parse_url(OPENPNE_URL);
     16    $openpne_url = $parts['host'] . $parts['path'];
    1917
    20     // "(&) と '(&) を元に戻す
    21     $search = array('&', '&;');
    22     $replace = array('&', "&");
    23     $string = str_replace($search, $replace, $string);
    24 
    25     $url_pattern = '/https?:\/\/(.*)\?m=ktai&a=page_[\w\-.,:;\~\^\/?\@&=+\$%#!()]+/';
     18    $url_pattern = sprintf('/https?:\/\/%s\?m=pc&a=(page_fh_diary(?:[a-zA-Z0-9_=]|&)*)/', preg_quote($openpne_url, '/'));
    2619    return preg_replace_callback($url_pattern, 'smarty_modifier_t_url2a_ktai_callback', $string);
    2720}
     
    2922function smarty_modifier_t_url2a_ktai_callback($matches)
    3023{
    31     $target = str_replace('https://', '', OPENPNE_URL);
    32     $target = str_replace('http://', '', $target);
    33     if ($matches[1] == $target) {
    34         return pne_url2a($matches[0]);
    35     } else {
    36         return $matches[0];
     24    $url = str_replace('&', '&', $matches[0]);
     25
     26    // 携帯用URLに置換、ksid 追加
     27    $ktai_url = str_replace('?m=pc', '?m=ktai', $url) . '&' . $GLOBALS['KTAI_URL_TAIL'];
     28
     29    // 表示上は page_ 以降を最大40文字で縮める
     30    $urlstr = str_replace('&', '&', $matches[1]);
     31
     32    $length = 40;
     33    $etc = '..';
     34
     35    if (strlen($urlstr) > $length) {
     36        $length -= strlen($etc);
     37        $urlstr = substr($urlstr, 0, $length) . $etc;
    3738    }
     39
     40    $ktai_url = htmlspecialchars($ktai_url, ENT_QUOTES, 'UTF-8');
     41    $urlstr = htmlspecialchars($urlstr, ENT_QUOTES, 'UTF-8');
     42
     43    return sprintf('<a href="%s">%s</a>', $ktai_url, $urlstr);
    3844}
    3945
  • OpenPNE/branches/2.8.x/webapp/lib/smarty_plugins/modifier.t_url2cmd.php

    r2557 r2734  
    77function smarty_modifier_t_url2cmd($string, $type = '')
    88{
    9     // "(&quot;) と '(&#039;) を元に戻す
    10     $search = array('&quot;', '&#039;');
    11     $replace = array('"', "'");
    12     $string = str_replace($search, $replace, $string);
    13 
    14     $url_pattern = "/https?:\/\/([a-zA-Z0-9\-.]+)\/?[\w\-.,:;\~\^\/?\@&=+\$%#!()]*/";
     9    $url_pattern = '/https?:\/\/([a-zA-Z0-9\-.]+)\/?(?:[a-zA-Z0-9_\-\/.,:;~?@=+$%#!()]|&amp;)*/';
    1510    $GLOBALS['_CMD']['type'] = $type;
    1611
     
    2015function _smarty_modifier_t_cmd_make_url_js($matches)
    2116{
    22     $url = $matches[0];
     17    $url = str_replace('&amp;', '&', $matches[0]);
    2318    $file = $matches[1] . '.js';
    2419    $path = './cmd/' . $file;
     
    2621    if (!OPENPNE_USE_CMD_TAG || !db_is_use_cmd($matches[1], $GLOBALS['_CMD']['type']) || !is_readable($path)) {
    2722        // t_url2aが無効
    28         if ( in_array($GLOBALS['_CMD']['type'], db_get_url2a_denied_list()) ){
    29             return $url;
     23        if (in_array($GLOBALS['_CMD']['type'], db_get_url2a_denied_list())) {
     24            return $matches[0];
    3025        } else {
    3126        // t_url2aが有効
     
    3833<script type="text/javascript">
    3934<!--
    40 url2cmd('{$url}');
     35url2cmd('{$matches[0]}');
    4136//-->
    4237</script>
  • OpenPNE/branches/2.8.x/webapp/lib/util/util.php

    r2651 r2734  
    439439        $target = sprintf(' target="%s"', $target);
    440440    }
     441
     442    $url = htmlspecialchars($url, ENT_QUOTES, 'UTF-8');
     443    $urlstr = htmlspecialchars($urlstr, ENT_QUOTES, 'UTF-8');
     444
    441445    return sprintf('<a href="%s"%s>%s</a>', $url, $target, $urlstr);
    442446}
  • OpenPNE/branches/2.8.x/webapp/modules/ktai/templates/c_bbs.tpl

    r2664 r2734  
    1515<a href="({t_url m=ktai a=page_f_home})&amp;target_c_member_id=({$c_commu_topic.c_member_id})&amp;({$tail})">({$c_commu_topic.nickname|default:"&nbsp;"})</a>
    1616<br>
    17 ({$c_commu_topic.body|nl2br|default:"&nbsp;"})<br>
     17({$c_commu_topic.body|t_url2a_ktai|nl2br})<br>
    1818({if $c_commu_topic.image_filename1})画像:[<a href="({t_img_url filename=$c_commu_topic.image_filename1 w=120 h=120 f=jpg})">小</a>/<a href="({t_img_url filename=$c_commu_topic.image_filename1 f=jpg})">大</a>]<br>({/if})
    1919({if $c_commu_topic.image_filename2})画像:[<a href="({t_img_url filename=$c_commu_topic.image_filename2 w=120 h=120 f=jpg})">小</a>/<a href="({t_img_url filename=$c_commu_topic.image_filename2 f=jpg})">大</a>]<br>({/if})
     
    4646({/if})
    4747詳細:<br>
    48 ({$c_commu_topic.body|nl2br|default:"&nbsp;"})<br>
     48({$c_commu_topic.body|t_url2a_ktai|nl2br})<br>
    4949({if $c_commu_topic.image_filename1})画像:[<a href="({t_img_url filename=$c_commu_topic.image_filename1 w=120 h=120 f=jpg})">小</a>/<a href="({t_img_url filename=$c_commu_topic.image_filename1 f=jpg})">大</a>]<br>({/if})
    5050({if $c_commu_topic.image_filename2})画像:[<a href="({t_img_url filename=$c_commu_topic.image_filename2 w=120 h=120 f=jpg})">小</a>/<a href="({t_img_url filename=$c_commu_topic.image_filename2 f=jpg})">大</a>]<br>({/if})
     
    7474({$item.number}).({if $item.nickname})<a href="({t_url m=ktai a=page_f_home})&amp;target_c_member_id=({$item.c_member_id})&amp;({$tail})">({$item.nickname})</a>({/if})
    7575<br>
    76 ({$item.body|nl2br|default:"&nbsp;"})<br>
     76({$item.body|t_url2a_ktai|nl2br})<br>
    7777({if $item.image_filename1})画像:[<a href="({t_img_url filename=$item.image_filename1 w=120 h=120 f=jpg})">小</a>/<a href="({t_img_url filename=$item.image_filename1 f=jpg})">大</a>]<br>({/if})
    7878({if $item.image_filename2})画像:[<a href="({t_img_url filename=$item.image_filename2 w=120 h=120 f=jpg})">小</a>/<a href="({t_img_url filename=$item.image_filename2 f=jpg})">大</a>]<br>({/if})
  • OpenPNE/branches/2.8.x/webapp/modules/ktai/templates/c_home.tpl

    r2655 r2734  
    8484<a name="intro">説明文</a>
    8585<br>
    86 ({$c_commu.info|nl2br})<br>
     86({$c_commu.info|t_url2a_ktai|nl2br})<br>
    8787({if $c_commu.image_filename})
    8888コミュニティ画像:[<a href="({t_img_url filename=$c_commu.image_filename w=120 h=120 f=jpg})">小</a>/<a href="({t_img_url filename=$c_commu.image_filename f=jpg})">大</a>]<br>({/if})
  • OpenPNE/branches/2.8.x/webapp/modules/ktai/templates/f_home.tpl

    r2524 r2734  
    155155({if $item.form_type == 'textarea'})
    156156<font color="green">[({$item.caption})]</font><br>
    157 ({$item.value|nl2br})
     157({$item.value|t_url2a_ktai|nl2br})
    158158<br>
    159159({/if})
  • OpenPNE/branches/2.8.x/webapp/modules/ktai/templates/fh_diary.tpl

    r2180 r2734  
    5050[<a href="({t_url m=ktai a=page_fh_diary_delete_c_diary_comment_confirm})&amp;target_c_diary_comment_id=({$c_diary_comment_.c_diary_comment_id})&amp;({$tail})&amp;target_c_diary_id=({$target_c_diary.c_diary_id})">削除</a>]
    5151({/if})<br>
    52 ({$c_diary_comment_.body|t_url2a_ktai|nl2br|default:"&nbsp;"})<br>
     52({$c_diary_comment_.body|t_url2a_ktai|nl2br})<br>
    5353<br>
    5454({if $c_diary_comment_.image_filename_1})
  • OpenPNE/branches/2.8.x/webapp/modules/ktai/templates/fh_intro.tpl

    r2 r2734  
    55({foreach from=$intro_list item=item})
    66<a href="({t_url m=ktai a=page_f_home})&amp;target_c_member_id=({$item.c_member_id})&amp;({$tail})">({$item.nickname})</a><br>
    7 ({$item.intro|nl2br})<br>
     7({$item.intro|t_url2a_ktai|nl2br})<br>
    88
    99({if $target_member.c_member_id==$member.c_member_id})
  • OpenPNE/branches/2.8.x/webapp/modules/ktai/templates/h_message.tpl

    r2292 r2734  
    2222({$c_message.subject})<br>
    2323<br>
    24 ({$c_message.body|nl2br})
     24({$c_message.body|t_url2a_ktai|nl2br})
    2525<br>
    2626<br>
  • OpenPNE/branches/2.8.x/webapp_biz/modules/ktai/templates/f_home.tpl

    r2524 r2734  
    157157({if $item.form_type == 'textarea'})
    158158<font color="green">[({$item.caption})]</font><br>
    159 ({$item.value|nl2br})
     159({$item.value|t_url2a_ktai|nl2br})
    160160<br>
    161161({/if})
Note: See TracChangeset for help on using the changeset viewer.