diff --git a/composer.json b/composer.json
index 2dbaeed7e..e86767a8f 100644
--- a/composer.json
+++ b/composer.json
@@ -40,7 +40,8 @@
"symfony/yaml": "^5.4",
"symfony/uid": "^5.4",
"symfony/mailer": "^5.4",
- "wapmorgan/mp3info": "^0.0.8"
+ "wapmorgan/mp3info": "^0.0.8",
+ "chillerlan/php-qrcode": "^4.3"
},
"require-dev" : {
"phpunit/phpunit" : "@stable",
diff --git a/composer.lock b/composer.lock
index d1ff3a84a..e57fb598f 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
- "content-hash": "47010e9f19209fb51bf8324c91a3da4b",
+ "content-hash": "5bb3d89199442e3d881913d54e581225",
"packages": [
{
"name": "blueimp/jquery-file-upload",
@@ -134,6 +134,148 @@
},
"time": "2022-10-12T17:33:08+00:00"
},
+ {
+ "name": "chillerlan/php-qrcode",
+ "version": "4.3.4",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/chillerlan/php-qrcode.git",
+ "reference": "2ca4bf5ae048af1981d1023ee42a0a2a9d51e51d"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/chillerlan/php-qrcode/zipball/2ca4bf5ae048af1981d1023ee42a0a2a9d51e51d",
+ "reference": "2ca4bf5ae048af1981d1023ee42a0a2a9d51e51d",
+ "shasum": ""
+ },
+ "require": {
+ "chillerlan/php-settings-container": "^2.1.4",
+ "ext-mbstring": "*",
+ "php": "^7.4 || ^8.0"
+ },
+ "require-dev": {
+ "phan/phan": "^5.3",
+ "phpunit/phpunit": "^9.5",
+ "setasign/fpdf": "^1.8.2"
+ },
+ "suggest": {
+ "chillerlan/php-authenticator": "Yet another Google authenticator! Also creates URIs for mobile apps.",
+ "setasign/fpdf": "Required to use the QR FPDF output."
+ },
+ "type": "library",
+ "autoload": {
+ "psr-4": {
+ "chillerlan\\QRCode\\": "src/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Kazuhiko Arase",
+ "homepage": "https://github.com/kazuhikoarase"
+ },
+ {
+ "name": "Smiley",
+ "email": "smiley@chillerlan.net",
+ "homepage": "https://github.com/codemasher"
+ },
+ {
+ "name": "Contributors",
+ "homepage": "https://github.com/chillerlan/php-qrcode/graphs/contributors"
+ }
+ ],
+ "description": "A QR code generator. PHP 7.4+",
+ "homepage": "https://github.com/chillerlan/php-qrcode",
+ "keywords": [
+ "phpqrcode",
+ "qr",
+ "qr code",
+ "qrcode",
+ "qrcode-generator"
+ ],
+ "support": {
+ "issues": "https://github.com/chillerlan/php-qrcode/issues",
+ "source": "https://github.com/chillerlan/php-qrcode/tree/4.3.4"
+ },
+ "funding": [
+ {
+ "url": "https://www.paypal.com/donate?hosted_button_id=WLYUNAT9ZTJZ4",
+ "type": "custom"
+ },
+ {
+ "url": "https://ko-fi.com/codemasher",
+ "type": "ko_fi"
+ }
+ ],
+ "time": "2022-07-25T09:12:45+00:00"
+ },
+ {
+ "name": "chillerlan/php-settings-container",
+ "version": "2.1.4",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/chillerlan/php-settings-container.git",
+ "reference": "1beb7df3c14346d4344b0b2e12f6f9a74feabd4a"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/chillerlan/php-settings-container/zipball/1beb7df3c14346d4344b0b2e12f6f9a74feabd4a",
+ "reference": "1beb7df3c14346d4344b0b2e12f6f9a74feabd4a",
+ "shasum": ""
+ },
+ "require": {
+ "ext-json": "*",
+ "php": "^7.4 || ^8.0"
+ },
+ "require-dev": {
+ "phan/phan": "^5.3",
+ "phpunit/phpunit": "^9.5"
+ },
+ "type": "library",
+ "autoload": {
+ "psr-4": {
+ "chillerlan\\Settings\\": "src/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Smiley",
+ "email": "smiley@chillerlan.net",
+ "homepage": "https://github.com/codemasher"
+ }
+ ],
+ "description": "A container class for immutable settings objects. Not a DI container. PHP 7.4+",
+ "homepage": "https://github.com/chillerlan/php-settings-container",
+ "keywords": [
+ "PHP7",
+ "Settings",
+ "configuration",
+ "container",
+ "helper"
+ ],
+ "support": {
+ "issues": "https://github.com/chillerlan/php-settings-container/issues",
+ "source": "https://github.com/chillerlan/php-settings-container"
+ },
+ "funding": [
+ {
+ "url": "https://www.paypal.com/donate?hosted_button_id=WLYUNAT9ZTJZ4",
+ "type": "custom"
+ },
+ {
+ "url": "https://ko-fi.com/codemasher",
+ "type": "ko_fi"
+ }
+ ],
+ "time": "2022-07-05T22:32:14+00:00"
+ },
{
"name": "commerceguys/intl",
"version": "v0.7.5",
diff --git a/include/bbcode.php b/include/bbcode.php
index 50fe1b360..0afe252b3 100644
--- a/include/bbcode.php
+++ b/include/bbcode.php
@@ -5,11 +5,13 @@ use Code\Lib\Libzot;
use Code\Lib\Oembed;
use Code\Lib\SvgSanitizer;
use Code\Extend\Hook;
-use Michelf\MarkdownExtra;
+use chillerlan\QRCode\QRCode;
+
/**
* @file include/bbcode.php
- * @brief BBCode related functions for parsing, etc.
+ * @brief Converts Markdown and BBCode constructs into HTML.
+ *
*/
require_once('include/event.php');
@@ -783,6 +785,12 @@ function bb_map_location($match)
return str_replace($match[0], '' . generate_named_map($match[1]) . '
', $match[0]);
}
+function bb_qr($match)
+{
+ $str = $match[1];
+ return str_replace($match[0], ')->render($str) . ')
', $match[0]);
+}
+
function bb_opentag($match)
{
$openclose = (($match[2]) ? '' . $match[1] . '' : t('Click to open/close'));
@@ -2122,6 +2130,11 @@ function bbcode($Text, $options = [])
$Text = preg_replace_callback("/\[([zi])mg([ \=])(.*?)\](.*?)\[\/[zi]mg\]/ism", 'bb_imgoptions', $Text);
+ if (str_contains($Text,'[/qr]')) {
+ $Text = preg_replace_callback("/\[qr\](.*?)\[\/qr\]/ism", 'bb_qr', $Text);
+ }
+
+
if ($censored) {
// This function in include/misc.php separates images wrapped in links
// so the links are still accessible when censored (where clicking the img views it).
@@ -2245,27 +2258,12 @@ function bbcode($Text, $options = [])
$Text = str_replace('%eY9-!', 'http', $Text);
$Text = bb_code_unprotect($Text);
- // This lets you use HTML entities in posts - just wrap them in brackets. For instance [©] to display a copyright symbol.
-
- $Text = preg_replace('/\[\&\;([#a-z0-9]+)\;\]/', '&$1;', $Text);
-
// fix any escaped ampersands that may have been converted into links
if (str_contains($Text, '&')) {
$Text = preg_replace("/\<(.*?)(src|href)=(.*?)\&\;(.*?)\>/ism", '<$1$2=$3&$4>', $Text);
}
- // This is subtle - it's an XSS filter. It only accepts links with a protocol scheme and where
- // the scheme begins with z (zhttp), h (http(s)), f (ftp(s)), g (gemini), m (mailto|magnet), t (tel) and named anchors.
- // data: urls are allowed if exporting to activitypub which allows inline svg to federate, but not
- // to be used for local display
-
- if ($activitypub) {
- $Text = preg_replace("/\<(.*?)(src|href)=\"[^dzghfmt#](.*?)\>/ism", '<$1$2="">', $Text);
- } else {
- $Text = preg_replace("/\<(.*?)(src|href)=\"[^zhgfmt#](.*?)\>/ism", '<$1$2="">', $Text);
- }
-
$Text = bb_replace_images($Text, $saved_images);
$args = [ 'text' => $Text, 'options' => $options ];