From ce004083d9c3c22cacaf059aae3cfd725fda6936 Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Tue, 18 Aug 2009 14:15:55 -0400 Subject: IPv4 and IPv6 addresses are picked up in URLs Added ".onion" as a possible TLD --- lib/util.php | 28 ++++++++++++++++++++++++---- 1 file changed, 24 insertions(+), 4 deletions(-) (limited to 'lib/util.php') diff --git a/lib/util.php b/lib/util.php index c8e318efe..5ecee6915 100644 --- a/lib/util.php +++ b/lib/util.php @@ -417,11 +417,31 @@ function common_replace_urls_callback($text, $callback, $notice_id = null) { '(?:https?|ftps?|mms|rtsp|gopher|news|nntp|telnet|wais|file|prospero|webcal|irc)://'. '|'. '(?:mailto|aim|tel|xmpp):'. + ')?'. + '('. + '(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)'. //IPv4 + '|(?:'. + '([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,6}|'. //IPv6 + '([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}|'. + '([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|'. + '([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}|'. + '([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|'. + '([0-9a-f]{1,4}:){1,6}(:[0-9a-f]{1,4}){1,1}|'. + '(([0-9a-f]{1,4}:){1,7}|:):|'. + ':(:[0-9a-f]{1,4}){1,7}|'. + '((([0-9a-f]{1,4}:){6})(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3})|'. + '(([0-9a-f]{1,4}:){5}[0-9a-f]{1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3})|'. + '([0-9a-f]{1,4}:){5}:[0-9a-f]{1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,3}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,2}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,1}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '(([0-9a-f]{1,4}:){1,5}|:):(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + ':(:[0-9a-f]{1,4}){1,5}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}'. + ')|'. + '(?:[^.\s/:]+\.)+'. //DNS + '(?:museum|travel|onion|[a-z]{2,4})'. ')'. - '[^.\s]+\.[^\s]+'. - '|'. - '(?:[^.\s/:]+\.)+'. - '(?:museum|travel|[a-z]{2,4})'. '(?:[:/][^\s]*)?'. ')'. '#ix'; -- cgit v1.2.3-54-g00ecf From f4e4a8dd8a0dab47909b132e1af17739739bb12a Mon Sep 17 00:00:00 2001 From: Craig Andrews Date: Tue, 18 Aug 2009 20:40:16 -0400 Subject: Removed all the redundant logic in common_replace_urls_callback Modified the regex so that strings such as /usr/share/perl5/HTML/Mason/ApacheHandler.pm as not turned into links --- lib/util.php | 90 ++++++++++++++---------------------------------------------- 1 file changed, 20 insertions(+), 70 deletions(-) (limited to 'lib/util.php') diff --git a/lib/util.php b/lib/util.php index 5ecee6915..ba3760678 100644 --- a/lib/util.php +++ b/lib/util.php @@ -412,32 +412,32 @@ function common_render_text($text) function common_replace_urls_callback($text, $callback, $notice_id = null) { // Start off with a regex $regex = '#'. - '(?:'. + '(?:^|\s+)('. '(?:'. '(?:https?|ftps?|mms|rtsp|gopher|news|nntp|telnet|wais|file|prospero|webcal|irc)://'. '|'. '(?:mailto|aim|tel|xmpp):'. ')?'. - '('. + '(?:'. '(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)'. //IPv4 '|(?:'. - '([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,6}|'. //IPv6 - '([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,5}|'. - '([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,4}|'. - '([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,3}|'. - '([0-9a-f]{1,4}:){1,5}(:[0-9a-f]{1,4}){1,2}|'. - '([0-9a-f]{1,4}:){1,6}(:[0-9a-f]{1,4}){1,1}|'. - '(([0-9a-f]{1,4}:){1,7}|:):|'. - ':(:[0-9a-f]{1,4}){1,7}|'. - '((([0-9a-f]{1,4}:){6})(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3})|'. - '(([0-9a-f]{1,4}:){5}[0-9a-f]{1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3})|'. - '([0-9a-f]{1,4}:){5}:[0-9a-f]{1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. - '([0-9a-f]{1,4}:){1,1}(:[0-9a-f]{1,4}){1,4}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. - '([0-9a-f]{1,4}:){1,2}(:[0-9a-f]{1,4}){1,3}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. - '([0-9a-f]{1,4}:){1,3}(:[0-9a-f]{1,4}){1,2}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. - '([0-9a-f]{1,4}:){1,4}(:[0-9a-f]{1,4}){1,1}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. - '(([0-9a-f]{1,4}:){1,5}|:):(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. - ':(:[0-9a-f]{1,4}){1,5}:(25[0-5]|2[0-4]\d|[0-1]?\d?\d)(\.(25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}'. + '(?:[0-9a-f]{1,4}:){1,1}(?::[0-9a-f]{1,4}){1,6}|'. //IPv6 + '(?:[0-9a-f]{1,4}:){1,2}(?::[0-9a-f]{1,4}){1,5}|'. + '(?:[0-9a-f]{1,4}:){1,3}(?::[0-9a-f]{1,4}){1,4}|'. + '(?:[0-9a-f]{1,4}:){1,4}(?::[0-9a-f]{1,4}){1,3}|'. + '(?:[0-9a-f]{1,4}:){1,5}(?::[0-9a-f]{1,4}){1,2}|'. + '(?:[0-9a-f]{1,4}:){1,6}(?::[0-9a-f]{1,4}){1,1}|'. + '(?:(?:[0-9a-f]{1,4}:){1,7}|:):|'. + ':(?::[0-9a-f]{1,4}){1,7}|'. + '(?:(?:(?:[0-9a-f]{1,4}:){6})(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3})|'. + '(?:(?:[0-9a-f]{1,4}:){5}[0-9a-f]{1,4}:(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3})|'. + '(?:[0-9a-f]{1,4}:){5}:[0-9a-f]{1,4}:(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '(?:[0-9a-f]{1,4}:){1,1}(?::[0-9a-f]{1,4}){1,4}:(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '(?:[0-9a-f]{1,4}:){1,2}(?::[0-9a-f]{1,4}){1,3}:(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '(?:[0-9a-f]{1,4}:){1,3}(?::[0-9a-f]{1,4}){1,2}:(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '(?:[0-9a-f]{1,4}:){1,4}(?::[0-9a-f]{1,4}){1,1}:(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + '(?:(?:[0-9a-f]{1,4}:){1,5}|:):(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}|'. + ':(?::[0-9a-f]{1,4}){1,5}:(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)(?:\.(?:25[0-5]|2[0-4]\d|[0-1]?\d?\d)){3}'. ')|'. '(?:[^.\s/:]+\.)+'. //DNS '(?:museum|travel|onion|[a-z]{2,4})'. @@ -446,59 +446,9 @@ function common_replace_urls_callback($text, $callback, $notice_id = null) { ')'. '#ix'; preg_match_all($regex, $text, $matches); - // Then clean up what the regex left behind $offset = 0; - foreach($matches[0] as $orig_url) { - $url = htmlspecialchars_decode($orig_url); - - // Make sure we didn't pick up an email address - if (preg_match('#^[A-Z0-9._%+-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$#i', $url)) continue; - - // Remove surrounding punctuation - $url = trim($url, '.?!,;:\'"`([<'); - - // Remove surrounding parens and the like - preg_match('/[)\]>]+$/', $url, $trailing); - if (isset($trailing[0])) { - preg_match_all('/[(\[<]/', $url, $opened); - preg_match_all('/[)\]>]/', $url, $closed); - $unopened = count($closed[0]) - count($opened[0]); - - // Make sure not to take off more closing parens than there are at the end - $unopened = ($unopened > mb_strlen($trailing[0])) ? mb_strlen($trailing[0]):$unopened; - - $url = ($unopened > 0) ? mb_substr($url, 0, $unopened * -1):$url; - } - - // Remove trailing punctuation again (in case there were some inside parens) - $url = rtrim($url, '.?!,;:\'"`'); - - // Make sure we didn't capture part of the next sentence - preg_match('#((?:[^.\s/]+\.)+)(museum|travel|[a-z]{2,4})#i', $url, $url_parts); - - // Were the parts capitalized any? - $last_part = (mb_strtolower($url_parts[2]) !== $url_parts[2]) ? true:false; - $prev_part = (mb_strtolower($url_parts[1]) !== $url_parts[1]) ? true:false; - - // If the first part wasn't cap'd but the last part was, we captured too much - if ((!$prev_part && $last_part)) { - $url = mb_substr($url, 0 , mb_strpos($url, '.'.$url_parts['2'], 0)); - } - - // Capture the new TLD - preg_match('#((?:[^.\s/]+\.)+)(museum|travel|[a-z]{2,4})#i', $url, $url_parts); - - $tlds = array('ac', 'ad', 'ae', 'aero', 'af', 'ag', 'ai', 'al', 'am', 'an', 'ao', 'aq', 'ar', 'arpa', 'as', 'asia', 'at', 'au', 'aw', 'ax', 'az', 'ba', 'bb', 'bd', 'be', 'bf', 'bg', 'bh', 'bi', 'biz', 'bj', 'bm', 'bn', 'bo', 'br', 'bs', 'bt', 'bv', 'bw', 'by', 'bz', 'ca', 'cat', 'cc', 'cd', 'cf', 'cg', 'ch', 'ci', 'ck', 'cl', 'cm', 'cn', 'co', 'com', 'coop', 'cr', 'cu', 'cv', 'cx', 'cy', 'cz', 'de', 'dj', 'dk', 'dm', 'do', 'dz', 'ec', 'edu', 'ee', 'eg', 'er', 'es', 'et', 'eu', 'fi', 'fj', 'fk', 'fm', 'fo', 'fr', 'ga', 'gb', 'gd', 'ge', 'gf', 'gg', 'gh', 'gi', 'gl', 'gm', 'gn', 'gov', 'gp', 'gq', 'gr', 'gs', 'gt', 'gu', 'gw', 'gy', 'hk', 'hm', 'hn', 'hr', 'ht', 'hu', 'id', 'ie', 'il', 'im', 'in', 'info', 'int', 'io', 'iq', 'ir', 'is', 'it', 'je', 'jm', 'jo', 'jobs', 'jp', 'ke', 'kg', 'kh', 'ki', 'km', 'kn', 'kp', 'kr', 'kw', 'ky', 'kz', 'la', 'lb', 'lc', 'li', 'lk', 'lr', 'ls', 'lt', 'lu', 'lv', 'ly', 'ma', 'mc', 'md', 'me', 'mg', 'mh', 'mil', 'mk', 'ml', 'mm', 'mn', 'mo', 'mobi', 'mp', 'mq', 'mr', 'ms', 'mt', 'mu', 'museum', 'mv', 'mw', 'mx', 'my', 'mz', 'na', 'name', 'nc', 'ne', 'net', 'nf', 'ng', 'ni', 'nl', 'no', 'np', 'nr', 'nu', 'nz', 'om', 'org', 'pa', 'pe', 'pf', 'pg', 'ph', 'pk', 'pl', 'pm', 'pn', 'pr', 'pro', 'ps', 'pt', 'pw', 'py', 'qa', 're', 'ro', 'rs', 'ru', 'rw', 'sa', 'sb', 'sc', 'sd', 'se', 'sg', 'sh', 'si', 'sj', 'sk', 'sl', 'sm', 'sn', 'so', 'sr', 'st', 'su', 'sv', 'sy', 'sz', 'tc', 'td', 'tel', 'tf', 'tg', 'th', 'tj', 'tk', 'tl', 'tm', 'tn', 'to', 'tp', 'tr', 'travel', 'tt', 'tv', 'tw', 'tz', 'ua', 'ug', 'uk', 'us', 'uy', 'uz', 'va', 'vc', 've', 'vg', 'vi', 'vn', 'vu', 'wf', 'ws', 'ye', 'yt', 'yu', 'za', 'zm', 'zw'); - - if (!in_array($url_parts[2], $tlds)) continue; - - // Make sure we didn't capture a hash tag - if (strpos($url, '#') === 0) continue; - - // Put the url back the way we found it. - $url = (mb_strpos($orig_url, htmlspecialchars($url)) === FALSE) ? $url:htmlspecialchars($url); - + foreach($matches[1] as $url) { // Call user specified func if (empty($notice_id)) { $modified_url = call_user_func($callback, $url); -- cgit v1.2.3-54-g00ecf From 418a5a95ab4831ec905dd849fa2632dec24b96da Mon Sep 17 00:00:00 2001 From: Marcel van der Boom Date: Wed, 19 Aug 2009 08:34:17 +0200 Subject: Change the notice type defines all into class constants and adapt all files. --- actions/shownotice.php | 2 +- classes/Notice.php | 23 ++++++++++++----------- lib/search_engines.php | 2 +- lib/unqueuemanager.php | 4 ++-- lib/util.php | 4 ++-- 5 files changed, 18 insertions(+), 17 deletions(-) (limited to 'lib/util.php') diff --git a/actions/shownotice.php b/actions/shownotice.php index 8f2ffd6b9..fb15dddcf 100644 --- a/actions/shownotice.php +++ b/actions/shownotice.php @@ -190,7 +190,7 @@ class ShownoticeAction extends OwnerDesignAction { parent::handle($args); - if ($this->notice->is_local == 0) { + if ($this->notice->is_local == Notice::REMOTE_OMB) { if (!empty($this->notice->url)) { common_redirect($this->notice->url, 301); } else if (!empty($this->notice->uri) && preg_match('/^https?:/', $this->notice->uri)) { diff --git a/classes/Notice.php b/classes/Notice.php index ebd5e1efd..442eb00fd 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -29,10 +29,6 @@ require_once INSTALLDIR.'/classes/Memcached_DataObject.php'; define('NOTICE_CACHE_WINDOW', 61); -define('NOTICE_LOCAL_PUBLIC', 1); -define('NOTICE_REMOTE_OMB', 0); -define('NOTICE_LOCAL_NONPUBLIC', -1); - define('MAX_BOXCARS', 128); class Notice extends Memcached_DataObject @@ -62,7 +58,11 @@ class Notice extends Memcached_DataObject /* the code above is auto generated do not remove the tag below */ ###END_AUTOCODE - const GATEWAY = -2; + /* Notice types */ + const LOCAL_PUBLIC = 1; + const REMOTE_OMB = 0; + const LOCAL_NONPUBLIC = -1; + const GATEWAY = -2; function getProfile() { @@ -134,7 +134,7 @@ class Notice extends Memcached_DataObject } static function saveNew($profile_id, $content, $source=null, - $is_local=1, $reply_to=null, $uri=null, $created=null) { + $is_local=Notice::LOCAL_PUBLIC, $reply_to=null, $uri=null, $created=null) { $profile = Profile::staticGet($profile_id); @@ -177,7 +177,7 @@ class Notice extends Memcached_DataObject if (($blacklist && in_array($profile_id, $blacklist)) || ($source && $autosource && in_array($source, $autosource))) { - $notice->is_local = -1; + $notice->is_local = Notice::LOCAL_NONPUBLIC; } else { $notice->is_local = $is_local; } @@ -509,7 +509,7 @@ class Notice extends Memcached_DataObject function blowPublicCache($blowLast=false) { - if ($this->is_local == 1) { + if ($this->is_local == Notice::LOCAL_PUBLIC) { $cache = common_memcache(); if ($cache) { $cache->delete(common_cache_key('public')); @@ -775,10 +775,11 @@ class Notice extends Memcached_DataObject } if (common_config('public', 'localonly')) { - $notice->whereAdd('is_local = 1'); + $notice->whereAdd('is_local = ' . Notice::LOCAL_PUBLIC); } else { - # -1 == blacklisted - $notice->whereAdd('is_local != -1'); + # -1 == blacklisted, -2 == gateway (i.e. Twitter) + $notice->whereAdd('is_local !='. Notice::LOCAL_NONPUBLIC); + $notice->whereAdd('is_local !='. Notice::GATEWAY); } if ($since_id != 0) { diff --git a/lib/search_engines.php b/lib/search_engines.php index 772f41883..7c26363fc 100644 --- a/lib/search_engines.php +++ b/lib/search_engines.php @@ -120,7 +120,7 @@ class MySQLSearch extends SearchEngine } else if ('identica_notices' === $this->table) { // Don't show imported notices - $this->target->whereAdd('notice.is_local != ' . NOTICE_GATEWAY); + $this->target->whereAdd('notice.is_local != ' . Notice::GATEWAY); if (strtolower($q) != $q) { $this->target->whereAdd("( MATCH(content) AGAINST ('" . addslashes($q) . diff --git a/lib/unqueuemanager.php b/lib/unqueuemanager.php index 515461072..a10ca339a 100644 --- a/lib/unqueuemanager.php +++ b/lib/unqueuemanager.php @@ -79,7 +79,7 @@ class UnQueueManager function _isLocal($notice) { - return ($notice->is_local == NOTICE_LOCAL_PUBLIC || - $notice->is_local == NOTICE_LOCAL_NONPUBLIC); + return ($notice->is_local == Notice::LOCAL_PUBLIC || + $notice->is_local == Notice::LOCAL_NONPUBLIC); } } \ No newline at end of file diff --git a/lib/util.php b/lib/util.php index ba3760678..748c8332f 100644 --- a/lib/util.php +++ b/lib/util.php @@ -854,8 +854,8 @@ function common_enqueue_notice($notice) $transports[] = 'jabber'; } - if ($notice->is_local == NOTICE_LOCAL_PUBLIC || - $notice->is_local == NOTICE_LOCAL_NONPUBLIC) { + if ($notice->is_local == Notice::LOCAL_PUBLIC || + $notice->is_local == Notice::LOCAL_NONPUBLIC) { $transports = array_merge($transports, $localTransports); if ($xmpp) { $transports[] = 'public'; -- cgit v1.2.3-54-g00ecf