mirror of
https://github.com/Lastorder-DC/rhymix.git
synced 2026-01-15 09:19:57 +09:00
merge from 1.5.1.8
git-svn-id: http://xe-core.googlecode.com/svn/trunk@10157 201d5d3c-b55e-5fd7-737f-ddc643e51545
This commit is contained in:
devjin
parent
2d3dfe7bc7
commit
90c18a8bb8
42 changed files with 3249 additions and 149 deletions
|
|
@ -12,6 +12,8 @@
|
|||
|
||||
var $allow_trackback_status = null;
|
||||
var $columnList = array();
|
||||
var $allowscriptaccessList = array();
|
||||
var $allowscriptaccessKey = 0;
|
||||
|
||||
function documentItem($document_srl = 0, $load_extra_vars = true, $columnList = array()) {
|
||||
$this->document_srl = $document_srl;
|
||||
|
|
@ -259,12 +261,57 @@
|
|||
if($result) $_SESSION['accessible'][$this->document_srl] = true;
|
||||
|
||||
$content = $this->get('content');
|
||||
$content = preg_replace_callback('/<(object|param|embed)[^>]*/is', array($this, '_checkAllowScriptAccess'), $content);
|
||||
$content = preg_replace_callback('/<object[^>]*>/is', array($this, '_addAllowScriptAccess'), $content);
|
||||
|
||||
if($strlen) return cut_str(strip_tags($content),$strlen,'...');
|
||||
|
||||
return htmlspecialchars($content);
|
||||
}
|
||||
|
||||
function _addAllowScriptAccess($m)
|
||||
{
|
||||
if($this->allowscriptaccessList[$this->allowscriptaccessKey] == 1)
|
||||
{
|
||||
$m[0] = $m[0].'<param name="allowscriptaccess" value="never"></param>';
|
||||
}
|
||||
$this->allowscriptaccessKey++;
|
||||
return $m[0];
|
||||
}
|
||||
|
||||
function _checkAllowScriptAccess($m)
|
||||
{
|
||||
if($m[1] == 'object')
|
||||
{
|
||||
$this->allowscriptaccessList[] = 1;
|
||||
}
|
||||
|
||||
if($m[1] == 'param')
|
||||
{
|
||||
if(stripos($m[0], 'allowscriptaccess'))
|
||||
{
|
||||
$m[0] = '<param name="allowscriptaccess" value="never"';
|
||||
if(substr($m[0], -1) == '/')
|
||||
{
|
||||
$m[0] .= '/';
|
||||
}
|
||||
$this->allowscriptaccessList[count($this->allowscriptaccessList)-1]--;
|
||||
}
|
||||
}
|
||||
else if($m[1] == 'embed')
|
||||
{
|
||||
if(stripos($m[0], 'allowscriptaccess'))
|
||||
{
|
||||
$m[0] = str_ireplace(array('always', 'samedomain'), 'never', $m[0]);
|
||||
}
|
||||
else
|
||||
{
|
||||
$m[0] = str_ireplace('<embed', '<embed allowscriptaccess="never"', $m[0]);
|
||||
}
|
||||
}
|
||||
return $m[0];
|
||||
}
|
||||
|
||||
function getContent($add_popup_menu = true, $add_content_info = true, $resource_realpath = false, $add_xe_content_class = true, $stripEmbedTagException = false) {
|
||||
if(!$this->document_srl) return;
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue