1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. This forum has been archived. New threads and replies may not be made. All add-ons/resources that are active should be migrated to the Resource Manager. See this thread for more information.

ParseHTML - Permission-enabled HTML BBCode

Discussion in 'Add-on Releases [Archive]' started by Luke F, Nov 21, 2010.

Thread Status:
Not open for further replies.
  1. Luke F

    Luke F Well-Known Member

    This addon, as requested here, allows your members with the appropriate permission to post plain HTML within [parsehtml] BBCode tags.

    Currently the tag is only enabled within threads and post previews (edit, reply, new thread).


    Update 0.0.4 to 0.0.5:

    1. Upload contents of upload folder to forum root
    2. Upgrade using new addon xml file
    Installation:

    1. Upload contents of upload folder to forum root
    2. Install addon xml file
    3. Configure the extra permission as you see fit.
    4. Optional XenPorta support


    Changelog:


    0.0.5 (26/12/2011):

    • Brought up to date with latest 1.1.1 code
    • Added support for edit previews
    • Added support for inline edit saves
    • Prevented media/url auto linking within parsehtml tags
    0.0.4 (21/11/2010):

    • Added a nasty workaround to actually fix the incompatibility BBCode Manager this time :p
    0.0.3 (21/11/2010):

    • Removed unnecessary code which was probably breaking BBCode Manager.
    0.0.2 (21/11/2010):

    • Added support for Reply and Create Thread Preview, and AJAX Quick Reply.
    • Removed extra line break after [parsehtml] tag.
    • Fixed auto linked url tags from showing up.
    • Text inside [parsehtml] no longer bypasses the word censor.

    0.0.1 (20/11/2010): First public release


    Disclaimer: This uses a very non-standard way of checking user permissions (mainly to avoid file edits), so please take this into consideration given what the addon allows users to do. I have only given it limited testing and take no responsibility if your board is compromised through nasty HTML. Also keep in mind that this addon overrides a large chunk of XenForo code for thread viewing (for now), and will probably need updated on each XF release.


    Donations go here. :)
     
    Veer, EQnoble, vkams and 16 others like this.
  2. Brogan

    Brogan XenForo Moderator Staff Member

    Excellent work as always.
     
    Darkimmortal likes this.
  3. NolF

    NolF Active Member

    I can't thank you enough Darkinmortal :) It works very well :)

    For those wondering, bbcode will not be parsed in any part of the post if [parsehtml] is present, and the AJAX posting does not show parsedHTML, you will need to refresh the page. But it works!!!
     
  4. maidos

    maidos Active Member

    now i wonder if darkmortall got the 100 usd donation :p
    btw thanks needed mod here aswel
     
  5. NolF

    NolF Active Member

    I'm contacting him for details ;)

    Xenforo is still parsing urls though :( which doesn't work :(
    HTML:
    <a href="http://google.com">G </a> is becoming  <a href="[URL]http://google.com[/URL]">G</a>
     
  6. Luke F

    Luke F Well-Known Member

    0.0.2 released :)

    I couldn't reproduce the bit about it stopping other bbcode from being parsed however.
     
  7. NolF

    NolF Active Member

    I couldn't be any happier :D Update fixed the URL issue :D

    The bbcode issue seems to be related to using the bbcode manager and using bbcodes created through that manager, othe rnormal bbcodes work fine, so no problem ^^
     
    Darkimmortal likes this.
  8. Jeremy

    Jeremy XenForo Moderator Staff Member

    Hm?
     
  9. NolF

    NolF Active Member

    I hope this helps clarify what I meant
    bbcodemanager.png
     
  10. Jeremy

    Jeremy XenForo Moderator Staff Member

    Hm. So this in essence removes all PHP callback methods from BB Code Manager?
     
  11. NolF

    NolF Active Member

    That's what it seems like. I think how it works (I could be mistaken is) it creates a somewhat alternative pathway to render the pages which does not have the callbacks methods from BB Code Manager :/
     
  12. Jeremy

    Jeremy XenForo Moderator Staff Member

    The callbacks are called statically via PHP, so location doesn't matter. I'm not entirely sure why this would be working in such a way, will try to expose a method for setting extra array parameters for advanced tags such as this with the manager, so it can render an add-on such as this obsolete (no offense Dark...!), where once its written, it could be stand alone or placed into the BB Code Manager, this, in theory could solve your issues. I will continue to investigate this over the next few days. But a quick fix that should work would be to open the file located at KingK/BbCodeManager/BbCode/Formatter/Base.php and replace the function getTags() with the following code:
    PHP:
        public function getTags()
        {
            
    $this->_tags parent::getTags();
            
    $customTags XenForo_Model::create('KingK_BbCodeManager_Model_CustomBbCode')->getAllCustomBbCodes();
            foreach(
    $customTags AS $custom)
            {
                if((boolean)
    $custom['active'])
                {
                    if(
    $custom['replacementBegin'])
                    {
                        
    $this->_tags[$custom['tag']] = array(
                            
    'hasOption' => $this->_hasOption($custom['requiresOption']),
                            
    'replace' => array($custom['replacementBegin'], $custom['replacementEnd'])
                    }
                    else if(
    $custom['phpcallback_class'])
                    {
                        
    $this->_tags[$custom['tag']] = array(
                            
    'parseCallback' => array($this'parseValidatePlainIfNoOption'),
                            
    'callback' => array($this'renderAdvancedTag')
                        );
                    }
                }
            }
            
    $tags['parsehtml'] = array(
                    
    'hasOption' => false,
                    
    'plainChildren' => true,
                    
    'stopSmilies' => true,
                    
    'stopLineBreakConversion' => true,
                    
    'trimLeadingLinesAfter' => 1,
                    
    'callback' => array($this'renderTagParseHtml')
                );
            return 
    $this->_tags;
        }

        public function 
    renderTagParseHtml(array $tag, array $rendererStates)
        {
            if(
    $this->user_id 1)
                return 
    $this->renderTagUnparsed($tag$rendererStates);
            @
    $usermodel XenForo_Model::getModelFromCache('XenForo_Model_User');
            
    $user $usermodel->getUserById($this->user_id, array(
                
    'join' => XenForo_Model_User::FETCH_USER_PERMISSIONS
            
    ));
            if(!
    XenForo_Permission::hasPermission(unserialize($user['global_permission_cache']), 'dark_parsehtml''thread'))
                return 
    $this->renderTagUnparsed($tag$rendererStates);        
            
    $content $this->stringifyTree($tag['children']);
            
    $content str_ireplace(array("[url]""[/url]""[email]""[/email]""[media]""[/media]"), ""$content);
            
    $content XenForo_Helper_String::censorString($content);
            
    //$content = $this->filterString($content, $rendererStates);

            
    return '<div class="parseHTML">' $content '</div>';
        }
    Then, in this add-on, remove the PHP file located at Dark/ParseHTML/BbCode/Formatter/Ritsu.php. Don't worry, its contents are in the edit I provided above. Doing so should in theory and hopefully fix your problem. If not, there are some more issues within my manager that need to be worked out.
     
  13. NolF

    NolF Active Member

    I think you missed a ); here
    PHP:
                    if($custom['replacementBegin'])
                    {
                        
    $this->_tags[$custom['tag']] = array(
                            
    'hasOption' => $this->_hasOption($custom['requiresOption']),
                            
    'replace' => array($custom['replacementBegin'], $custom['replacementEnd'])
                        );
                    }
    The solution is not working though :(

    After changing KingK/BbCodeManager/BbCode/Formatter/Base.php and removing Dark/ParseHTML/BbCode/Formatter/Ritsu.php I get the following error
    Fatal error: Class name must be a valid object or a string in /public_html/library/XenForo/BbCode/Formatter/Base.php on line 1360 contains
    PHP:
    $tag['children'][$first] = ltrim($tag['children'][$first]);
    Disabling the parseHTML hack gives the following error
    Fatal error: Call to undefined method KingK_BbCodeManager_BbCode_Formatter_Base::_hasOption() in /public_html/library/KingK/BbCodeManager/BbCode/Formatter/Base.php on line 18

    I hope that helps you debug the problem :)
     
  14. Luke F

    Luke F Well-Known Member

    Fixed the incompatibility with BBCode Manager, I think.

    Dunno why I left the getTagsAgain function from TaigaChat in >.>
     
  15. Jeremy

    Jeremy XenForo Moderator Staff Member

    NoIF, revert back to normal. If it had worked, I wouldn't have minded figuring out teh real reason with Dark. But I wrote it late without much sleep. Ooops. :D
     
  16. NolF

    NolF Active Member

    Wish it had :( Thanks for the effort though

    The 0.03 is still giving me the same problem as reported in post #9. BBcodes using the BBcode Manager callback methods are still not working :(
     
  17. Luke F

    Luke F Well-Known Member

    0.0.4 released - seems to work with BBCode Manager now :)
     
    Jeremy and NolF like this.
  18. Floris

    Floris Guest

    What happens if someone has permission to use that code, but someone quotes the post. It shows as plain text and doesn't get executed right? Security is a must.
     
  19. Luke F

    Luke F Well-Known Member

    Yup, the permissions are based on who the poster is, regardless of quotes etc. :)
     
  20. Floris

    Floris Guest

    Excellent.
     
Thread Status:
Not open for further replies.

Share This Page