fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 10:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix #741 do not allow empty HTML content in document and comment

Browse source
This commit is contained in:
Kijin Sung 2017-03-06 10:50:06 +09:00
parent 29f2f6a47f
commit 387dd1f78b
6 changed files with 49 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

15
common/functions.php
View file

@ -608,3 +608,18 @@ function utf8_trim($str)
{ {
return preg_replace('/^[\s\pZ\pC]+|[\s\pZ\pC]+$/u', '', $str); return preg_replace('/^[\s\pZ\pC]+|[\s\pZ\pC]+$/u', '', $str);
} }
/**
* Check if HTML content is empty.
* This function checks whether any printable characters remain
* after removing all tags except images, videos, iframes, etc.
*
* @param string $str The input string
* @return bool
*/
function is_empty_html_content($str)
{
$str = strip_tags($str, '<img><audio><video><iframe><object><embed>');
$str = utf8_trim(utf8_clean(html_entity_decode($str, ENT_QUOTES, 'UTF-8')));
return $str === '';
}

1
common/lang/en.php
View file

@ -241,6 +241,7 @@ $lang->msg_module_is_not_exists = 'Cannot find the page you requested. Ask your
$lang->msg_module_is_not_standalone = 'Requested page cannot be executed independently.'; $lang->msg_module_is_not_standalone = 'Requested page cannot be executed independently.';
$lang->msg_empty_search_target = 'Cannot find the Search target.'; $lang->msg_empty_search_target = 'Cannot find the Search target.';
$lang->msg_empty_search_keyword = 'Cannot find the Keyword.'; $lang->msg_empty_search_keyword = 'Cannot find the Keyword.';
$lang->msg_empty_content = 'The content is empty.';
$lang->msg_server_error = 'Server Error'; $lang->msg_server_error = 'Server Error';
$lang->msg_server_error_see_log = 'Your server is configured to hide error messages. Please see your server\'s error log for details.'; $lang->msg_server_error_see_log = 'Your server is configured to hide error messages. Please see your server\'s error log for details.';
$lang->comment_to_be_approved = 'Your comment must be approved by admin before being published.'; $lang->comment_to_be_approved = 'Your comment must be approved by admin before being published.';

1
common/lang/ko.php
View file

@ -241,6 +241,7 @@ $lang->msg_module_is_not_exists = '요청한 페이지를 찾을 수 없습니
$lang->msg_module_is_not_standalone = '요청한 페이지는 독립적으로 동작할 수 없습니다.'; $lang->msg_module_is_not_standalone = '요청한 페이지는 독립적으로 동작할 수 없습니다.';
$lang->msg_empty_search_target = '검색대상이 없습니다.'; $lang->msg_empty_search_target = '검색대상이 없습니다.';
$lang->msg_empty_search_keyword = '검색어가 없습니다.'; $lang->msg_empty_search_keyword = '검색어가 없습니다.';
$lang->msg_empty_content = '내용이 없습니다.';
$lang->msg_server_error = '서버 오류'; $lang->msg_server_error = '서버 오류';
$lang->msg_server_error_see_log = '오류 메시지를 표시하지 않도록 설정되어 있습니다. 서버의 에러 로그에서 자세한 내용을 확인해 주십시오.'; $lang->msg_server_error_see_log = '오류 메시지를 표시하지 않도록 설정되어 있습니다. 서버의 에러 로그에서 자세한 내용을 확인해 주십시오.';
$lang->comment_to_be_approved = '관리자의 확인이 필요한 댓글입니다.'; $lang->comment_to_be_approved = '관리자의 확인이 필요한 댓글입니다.';

10
modules/comment/comment.controller.php
View file

@ -425,6 +425,11 @@ class commentController extends comment
// remove Rhymix's own tags from the contents // remove Rhymix's own tags from the contents
$obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content); $obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content);
// Return error if content is empty.
if (!$manual_inserted && is_empty_html_content($obj->content))
{
return new Object(-1, 'msg_empty_content');
}
// if use editor of nohtml, Remove HTML tags from the contents. // if use editor of nohtml, Remove HTML tags from the contents.
if(!$manual_inserted) if(!$manual_inserted)
@ -851,6 +856,11 @@ class commentController extends comment
// remove Rhymix's wn tags from contents // remove Rhymix's wn tags from contents
$obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content); $obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content);
// Return error if content is empty.
if (!$manual_inserted && is_empty_html_content($obj->content))
{
return new Object(-1, 'msg_empty_content');
}
// if use editor of nohtml, Remove HTML tags from the contents. // if use editor of nohtml, Remove HTML tags from the contents.
if(!$manual_updated) if(!$manual_updated)

10
modules/document/document.controller.php
View file

@ -435,6 +435,11 @@ class documentController extends document
if($obj->title == '') $obj->title = 'Untitled'; if($obj->title == '') $obj->title = 'Untitled';
// Remove XE's own tags from the contents. // Remove XE's own tags from the contents.
$obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content); $obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content);
// Return error if content is empty.
if (!$manual_inserted && is_empty_html_content($obj->content))
{
return new Object(-1, 'msg_empty_content');
}
// if use editor of nohtml, Remove HTML tags from the contents. // if use editor of nohtml, Remove HTML tags from the contents.
if(!$manual_inserted) if(!$manual_inserted)
{ {
@ -670,6 +675,11 @@ class documentController extends document
if($obj->title == '') $obj->title = 'Untitled'; if($obj->title == '') $obj->title = 'Untitled';
// Remove XE's own tags from the contents. // Remove XE's own tags from the contents.
$obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content); $obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content);
// Return error if content is empty.
if (!$manual_inserted && is_empty_html_content($obj->content))
{
return new Object(-1, 'msg_empty_content');
}
// if use editor of nohtml, Remove HTML tags from the contents. // if use editor of nohtml, Remove HTML tags from the contents.
if(!$manual_updated) if(!$manual_updated)
{ {

12
tests/unit/functions/FunctionsTest.php
View file

@ -159,4 +159,16 @@ class FunctionsTest extends \Codeception\TestCase\Test
$this->assertEquals("Trimmed", utf8_trim("\x20\xe2\x80\x80Trimmed\xe2\x80\x84\xe2\x80\x86\xe2\x80\x8b")); $this->assertEquals("Trimmed", utf8_trim("\x20\xe2\x80\x80Trimmed\xe2\x80\x84\xe2\x80\x86\xe2\x80\x8b"));
$this->assertEquals("Trimmed", utf8_trim("\x20\xe2\x80\x80Trimmed\x0a\x0c\x07\x09")); $this->assertEquals("Trimmed", utf8_trim("\x20\xe2\x80\x80Trimmed\x0a\x0c\x07\x09"));
} }
public function testIsEmptyHTMLContent()
{
$this->assertTrue(is_empty_html_content('<p>&nbsp;<br><br></p>'));
$this->assertTrue(is_empty_html_content('<p>&nbsp;</p>' . "\n\n" . '<p><span> </span></p>'));
$this->assertTrue(is_empty_html_content('<p>&#8194; &#8203; &#8205;</p>'));
$this->assertFalse(is_empty_html_content('<p>&nbsp;</p>' . "\n\n" . '<p>Hello world</p>'));
$this->assertFalse(is_empty_html_content('<p><img src="foobar.jpg"></p>'));
$this->assertFalse(is_empty_html_content('<p><iframe src="http://www.youtube.com/" /></p>'));
$this->assertFalse(is_empty_html_content('<p><video src="rickroll.webm" /></p>'));
$this->assertFalse(is_empty_html_content('<p><object></object></p>'));
}
} }