• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.
  • This forum has been archived. New threads and replies may not be made. All add-ons/resources that are active should be migrated to the Resource Manager. See this thread for more information.

ParseHTML - Permission-enabled HTML BBCode

Status
Not open for further replies.

Luke F

Well-known member
#1
This addon, as requested here, allows your members with the appropriate permission to post plain HTML within [parsehtml] BBCode tags.

Currently the tag is only enabled within threads and post previews (edit, reply, new thread).


Update 0.0.4 to 0.0.5:

  1. Upload contents of upload folder to forum root
  2. Upgrade using new addon xml file
Installation:

  1. Upload contents of upload folder to forum root
  2. Install addon xml file
  3. Configure the extra permission as you see fit.
  4. Optional XenPorta support


Changelog:


0.0.5 (26/12/2011):

  • Brought up to date with latest 1.1.1 code
  • Added support for edit previews
  • Added support for inline edit saves
  • Prevented media/url auto linking within parsehtml tags
0.0.4 (21/11/2010):

  • Added a nasty workaround to actually fix the incompatibility BBCode Manager this time :p
0.0.3 (21/11/2010):

  • Removed unnecessary code which was probably breaking BBCode Manager.
0.0.2 (21/11/2010):

  • Added support for Reply and Create Thread Preview, and AJAX Quick Reply.
  • Removed extra line break after [parsehtml] tag.
  • Fixed auto linked url tags from showing up.
  • Text inside [parsehtml] no longer bypasses the word censor.

0.0.1 (20/11/2010): First public release


Disclaimer: This uses a very non-standard way of checking user permissions (mainly to avoid file edits), so please take this into consideration given what the addon allows users to do. I have only given it limited testing and take no responsibility if your board is compromised through nasty HTML. Also keep in mind that this addon overrides a large chunk of XenForo code for thread viewing (for now), and will probably need updated on each XF release.


Donations go here. :)
 

NolF

Active member
#3
I can't thank you enough Darkinmortal :) It works very well :)

For those wondering, bbcode will not be parsed in any part of the post if [parsehtml] is present, and the AJAX posting does not show parsedHTML, you will need to refresh the page. But it works!!!
 

NolF

Active member
#5
I'm contacting him for details ;)

Xenforo is still parsing urls though :( which doesn't work :(
HTML:
<a href="http://google.com">G </a> is becoming  <a href="[URL]http://google.com[/URL]">G</a>
 

NolF

Active member
#11
That's what it seems like. I think how it works (I could be mistaken is) it creates a somewhat alternative pathway to render the pages which does not have the callbacks methods from BB Code Manager :/
 

Jeremy

Well-known member
#12
The callbacks are called statically via PHP, so location doesn't matter. I'm not entirely sure why this would be working in such a way, will try to expose a method for setting extra array parameters for advanced tags such as this with the manager, so it can render an add-on such as this obsolete (no offense Dark...!), where once its written, it could be stand alone or placed into the BB Code Manager, this, in theory could solve your issues. I will continue to investigate this over the next few days. But a quick fix that should work would be to open the file located at KingK/BbCodeManager/BbCode/Formatter/Base.php and replace the function getTags() with the following code:
PHP:
	public function getTags()
	{
		$this->_tags = parent::getTags();
		$customTags = XenForo_Model::create('KingK_BbCodeManager_Model_CustomBbCode')->getAllCustomBbCodes();
		foreach($customTags AS $custom)
		{
			if((boolean)$custom['active'])
			{
				if($custom['replacementBegin'])
				{
					$this->_tags[$custom['tag']] = array(
						'hasOption' => $this->_hasOption($custom['requiresOption']),
						'replace' => array($custom['replacementBegin'], $custom['replacementEnd'])
				}
				else if($custom['phpcallback_class'])
				{
					$this->_tags[$custom['tag']] = array(
						'parseCallback' => array($this, 'parseValidatePlainIfNoOption'),
						'callback' => array($this, 'renderAdvancedTag')
					);
				}
			}
		}
		$tags['parsehtml'] = array(
				'hasOption' => false,
				'plainChildren' => true,
				'stopSmilies' => true,
				'stopLineBreakConversion' => true,
				'trimLeadingLinesAfter' => 1,
				'callback' => array($this, 'renderTagParseHtml')
			);
		return $this->_tags;
	}

	public function renderTagParseHtml(array $tag, array $rendererStates)
	{
		if($this->user_id < 1)
			return $this->renderTagUnparsed($tag, $rendererStates);
		@$usermodel = XenForo_Model::getModelFromCache('XenForo_Model_User');
		$user = $usermodel->getUserById($this->user_id, array(
			'join' => XenForo_Model_User::FETCH_USER_PERMISSIONS
		));
		if(!XenForo_Permission::hasPermission(unserialize($user['global_permission_cache']), 'dark_parsehtml', 'thread'))
			return $this->renderTagUnparsed($tag, $rendererStates);		
		$content = $this->stringifyTree($tag['children']);
		$content = str_ireplace(array("[url]", "[/url]", "[email]", "[/email]", "[media]", "[/media]"), "", $content);
		$content = XenForo_Helper_String::censorString($content);
		//$content = $this->filterString($content, $rendererStates);

		return '<div class="parseHTML">' . $content . '</div>';
	}
Then, in this add-on, remove the PHP file located at Dark/ParseHTML/BbCode/Formatter/Ritsu.php. Don't worry, its contents are in the edit I provided above. Doing so should in theory and hopefully fix your problem. If not, there are some more issues within my manager that need to be worked out.
 

NolF

Active member
#13
I think you missed a ); here
PHP:
                if($custom['replacementBegin'])
                {
                    $this->_tags[$custom['tag']] = array(
                        'hasOption' => $this->_hasOption($custom['requiresOption']),
                        'replace' => array($custom['replacementBegin'], $custom['replacementEnd'])
                    );
                }
The solution is not working though :(

After changing KingK/BbCodeManager/BbCode/Formatter/Base.php and removing Dark/ParseHTML/BbCode/Formatter/Ritsu.php I get the following error
Fatal error: Class name must be a valid object or a string in /public_html/library/XenForo/BbCode/Formatter/Base.php on line 1360 contains
PHP:
$tag['children'][$first] = ltrim($tag['children'][$first]);
Disabling the parseHTML hack gives the following error
Fatal error: Call to undefined method KingK_BbCodeManager_BbCode_Formatter_Base::_hasOption() in /public_html/library/KingK/BbCodeManager/BbCode/Formatter/Base.php on line 18

I hope that helps you debug the problem :)
 

Jeremy

Well-known member
#15
NoIF, revert back to normal. If it had worked, I wouldn't have minded figuring out teh real reason with Dark. But I wrote it late without much sleep. Ooops. :D
 

NolF

Active member
#16
NoIF, revert back to normal. If it had worked, I wouldn't have minded figuring out teh real reason with Dark. But I wrote it late without much sleep. Ooops. :D
Wish it had :( Thanks for the effort though

Fixed the incompatibility with BBCode Manager, I think.
The 0.03 is still giving me the same problem as reported in post #9. BBcodes using the BBcode Manager callback methods are still not working :(
 
F

Floris

Guest
#18
What happens if someone has permission to use that code, but someone quotes the post. It shows as plain text and doesn't get executed right? Security is a must.
 

Luke F

Well-known member
#19
What happens if someone has permission to use that code, but someone quotes the post. It shows as plain text and doesn't get executed right? Security is a must.
Yup, the permissions are based on who the poster is, regardless of quotes etc. :)
 
Status
Not open for further replies.