├── .gitignore ├── COPYING ├── README.md ├── apple-touch-icon.png ├── classes ├── .htaccess ├── HTMLPurifier.class.php ├── HTMLPurifier │ ├── ConfigSchema │ │ ├── Builder │ │ │ ├── ConfigSchema.php │ │ │ └── Xml.php │ │ ├── Exception.php │ │ ├── Interchange.php │ │ ├── Interchange │ │ │ ├── Directive.php │ │ │ └── Id.php │ │ ├── InterchangeBuilder.php │ │ ├── Validator.php │ │ ├── ValidatorAtom.php │ │ ├── schema.ser │ │ └── schema │ │ │ ├── Attr.AllowedClasses.txt │ │ │ ├── Attr.AllowedFrameTargets.txt │ │ │ ├── Attr.AllowedRel.txt │ │ │ ├── Attr.AllowedRev.txt │ │ │ ├── Attr.ClassUseCDATA.txt │ │ │ ├── Attr.DefaultImageAlt.txt │ │ │ ├── Attr.DefaultInvalidImage.txt │ │ │ ├── Attr.DefaultInvalidImageAlt.txt │ │ │ ├── Attr.DefaultTextDir.txt │ │ │ ├── Attr.EnableID.txt │ │ │ ├── Attr.ForbiddenClasses.txt │ │ │ ├── Attr.IDBlacklist.txt │ │ │ ├── Attr.IDBlacklistRegexp.txt │ │ │ ├── Attr.IDPrefix.txt │ │ │ ├── Attr.IDPrefixLocal.txt │ │ │ ├── AutoFormat.AutoParagraph.txt │ │ │ ├── AutoFormat.Custom.txt │ │ │ ├── AutoFormat.DisplayLinkURI.txt │ │ │ ├── AutoFormat.Linkify.txt │ │ │ ├── AutoFormat.PurifierLinkify.DocURL.txt │ │ │ ├── AutoFormat.PurifierLinkify.txt │ │ │ ├── AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt │ │ │ ├── AutoFormat.RemoveEmpty.RemoveNbsp.txt │ │ │ ├── AutoFormat.RemoveEmpty.txt │ │ │ ├── AutoFormat.RemoveSpansWithoutAttributes.txt │ │ │ ├── CSS.AllowImportant.txt │ │ │ ├── CSS.AllowTricky.txt │ │ │ ├── CSS.AllowedFonts.txt │ │ │ ├── CSS.AllowedProperties.txt │ │ │ ├── CSS.DefinitionRev.txt │ │ │ ├── CSS.ForbiddenProperties.txt │ │ │ ├── CSS.MaxImgLength.txt │ │ │ ├── CSS.Proprietary.txt │ │ │ ├── CSS.Trusted.txt │ │ │ ├── Cache.DefinitionImpl.txt │ │ │ ├── Cache.SerializerPath.txt │ │ │ ├── Cache.SerializerPermissions.txt │ │ │ ├── Core.AggressivelyFixLt.txt │ │ │ ├── Core.AllowHostnameUnderscore.txt │ │ │ ├── Core.CollectErrors.txt │ │ │ ├── Core.ColorKeywords.txt │ │ │ ├── Core.ConvertDocumentToFragment.txt │ │ │ ├── Core.DirectLexLineNumberSyncInterval.txt │ │ │ ├── Core.DisableExcludes.txt │ │ │ ├── Core.EnableIDNA.txt │ │ │ ├── Core.Encoding.txt │ │ │ ├── Core.EscapeInvalidChildren.txt │ │ │ ├── Core.EscapeInvalidTags.txt │ │ │ ├── Core.EscapeNonASCIICharacters.txt │ │ │ ├── Core.HiddenElements.txt │ │ │ ├── Core.Language.txt │ │ │ ├── Core.LexerImpl.txt │ │ │ ├── Core.MaintainLineNumbers.txt │ │ │ ├── Core.NormalizeNewlines.txt │ │ │ ├── Core.RemoveInvalidImg.txt │ │ │ ├── Core.RemoveProcessingInstructions.txt │ │ │ ├── Core.RemoveScriptContents.txt │ │ │ ├── Filter.Custom.txt │ │ │ ├── Filter.ExtractStyleBlocks.Escaping.txt │ │ │ ├── Filter.ExtractStyleBlocks.Scope.txt │ │ │ ├── Filter.ExtractStyleBlocks.TidyImpl.txt │ │ │ ├── Filter.ExtractStyleBlocks.txt │ │ │ ├── Filter.YouTube.txt │ │ │ ├── HTML.Allowed.txt │ │ │ ├── HTML.AllowedAttributes.txt │ │ │ ├── HTML.AllowedComments.txt │ │ │ ├── HTML.AllowedCommentsRegexp.txt │ │ │ ├── HTML.AllowedElements.txt │ │ │ ├── HTML.AllowedModules.txt │ │ │ ├── HTML.Attr.Name.UseCDATA.txt │ │ │ ├── HTML.BlockWrapper.txt │ │ │ ├── HTML.CoreModules.txt │ │ │ ├── HTML.CustomDoctype.txt │ │ │ ├── HTML.DefinitionID.txt │ │ │ ├── HTML.DefinitionRev.txt │ │ │ ├── HTML.Doctype.txt │ │ │ ├── HTML.FlashAllowFullScreen.txt │ │ │ ├── HTML.ForbiddenAttributes.txt │ │ │ ├── HTML.ForbiddenElements.txt │ │ │ ├── HTML.MaxImgLength.txt │ │ │ ├── HTML.Nofollow.txt │ │ │ ├── HTML.Parent.txt │ │ │ ├── HTML.Proprietary.txt │ │ │ ├── HTML.SafeEmbed.txt │ │ │ ├── HTML.SafeIframe.txt │ │ │ ├── HTML.SafeObject.txt │ │ │ ├── HTML.SafeScripting.txt │ │ │ ├── HTML.Strict.txt │ │ │ ├── HTML.TargetBlank.txt │ │ │ ├── HTML.TidyAdd.txt │ │ │ ├── HTML.TidyLevel.txt │ │ │ ├── HTML.TidyRemove.txt │ │ │ ├── HTML.Trusted.txt │ │ │ ├── HTML.XHTML.txt │ │ │ ├── Output.CommentScriptContents.txt │ │ │ ├── Output.FixInnerHTML.txt │ │ │ ├── Output.FlashCompat.txt │ │ │ ├── Output.Newline.txt │ │ │ ├── Output.SortAttr.txt │ │ │ ├── Output.TidyFormat.txt │ │ │ ├── Test.ForceNoIconv.txt │ │ │ ├── URI.AllowedSchemes.txt │ │ │ ├── URI.Base.txt │ │ │ ├── URI.DefaultScheme.txt │ │ │ ├── URI.DefinitionID.txt │ │ │ ├── URI.DefinitionRev.txt │ │ │ ├── URI.Disable.txt │ │ │ ├── URI.DisableExternal.txt │ │ │ ├── URI.DisableExternalResources.txt │ │ │ ├── URI.DisableResources.txt │ │ │ ├── URI.Host.txt │ │ │ ├── URI.HostBlacklist.txt │ │ │ ├── URI.MakeAbsolute.txt │ │ │ ├── URI.Munge.txt │ │ │ ├── URI.MungeResources.txt │ │ │ ├── URI.MungeSecretKey.txt │ │ │ ├── URI.OverrideAllowedSchemes.txt │ │ │ ├── URI.SafeIframeRegexp.txt │ │ │ └── info.ini │ ├── DefinitionCache │ │ └── Serializer │ │ │ ├── HTML │ │ │ └── 4.6.0,bd08c5afbc77123dbd4e9e026a723c450e9f844b,1.ser │ │ │ └── URI │ │ │ └── 4.6.0,8d03c8ec0e84e7feb92afd4c0f1735841b5fdacf,1.ser │ ├── EntityLookup │ │ └── entities.ser │ ├── Filter │ │ ├── ExtractStyleBlocks.php │ │ └── YouTube.php │ ├── Language │ │ ├── classes │ │ │ └── en-x-test.php │ │ └── messages │ │ │ ├── en-x-test.php │ │ │ ├── en-x-testmini.php │ │ │ └── en.php │ ├── Lexer │ │ └── PH5P.php │ ├── Printer.php │ └── Printer │ │ ├── CSSDefinition.php │ │ ├── ConfigForm.css │ │ ├── ConfigForm.js │ │ ├── ConfigForm.php │ │ └── HTMLDefinition.php ├── Identicons.class.php ├── Issues.class.php ├── Mail.class.php ├── Markdown.class.php ├── Michelf │ ├── Markdown.class.php │ └── MarkdownInterface.class.php ├── OrderFilter.class.php ├── Page.class.php ├── Pager.class.php ├── Settings.class.php ├── Text.class.php ├── Uploader.class.php └── Url.class.php ├── favicon.ico ├── index.php ├── languages ├── .htaccess ├── Trad_en.class.php └── Trad_fr.class.php ├── pages ├── .htaccess ├── ajax.php ├── dashboard.php ├── downloads.php ├── error │ ├── .htaccess │ ├── 403.php │ └── 404.php ├── home.php ├── identicons.php ├── install.php ├── issues.php ├── new_issue.php ├── rss.php ├── search.php ├── settings.php ├── signup.php ├── view_issue.php └── view_user.php ├── public ├── css │ ├── app.min.css │ ├── app │ │ ├── app.less │ │ ├── fonts.less │ │ ├── forms.less │ │ ├── highlighter.less │ │ ├── icons.less │ │ ├── issues.less │ │ ├── miscellaneous.less │ │ ├── mixins.less │ │ ├── responsive.less │ │ ├── structure.less │ │ └── text.less │ └── inc │ │ ├── SourceSansPro-Black.woff │ │ ├── SourceSansPro-Regular.woff │ │ ├── glyphicons-halflings-white.png │ │ └── glyphicons-halflings.png ├── img │ └── bumpy-booby.ico └── js │ ├── highlighter.js │ ├── html5.js │ ├── jquery-1.9.1.min.js │ ├── respond.js │ ├── scripts.js │ └── scripts.min.js └── upgrade.php /.gitignore: -------------------------------------------------------------------------------- 1 | *.sublime-workspace 2 | *.sublime-project 3 | database/ 4 | .htaccess -------------------------------------------------------------------------------- /COPYING: -------------------------------------------------------------------------------- 1 | Bumpy Booby 2 | Copyright (c) 2013-2015 Pierre Monchalin 3 | 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining 6 | a copy of this software and associated documentation files (the 7 | "Software"), to deal in the Software without restriction, including 8 | without limitation the rights to use, copy, modify, merge, publish, 9 | distribute, sublicense, and/or sell copies of the Software, and to 10 | permit persons to whom the Software is furnished to do so, subject to 11 | the following conditions: 12 | 13 | The above copyright notice and this permission notice shall be 14 | included in all copies or substantial portions of the Software. 15 | 16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND 19 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE 20 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 21 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION 22 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Bumpy Booby 0.3 2 | 3 | Bumpy Booby is a simple, responsive and highly customizable PHP bug tracking 4 | system. 5 | 6 | ![Bumpy Booby logo](http://uploads.derivoile.fr/bumpy-booby.png) 7 | 8 | Features: 9 | 10 | - **No database required** 11 | - Statuses and tags highly customizable 12 | - File attachments 13 | - Syntax highlighting for code blocks 14 | - Permissions & groups highly customizable 15 | - Multiple projects management 16 | - Easy backup (one folder) 17 | - Protection against too many failed login attempts 18 | - URL rewriting 19 | - E-mail notifications 20 | - Various languages supported ( _fr_ and _en_ for now) 21 | - RSS feeds 22 | - … 23 | 24 | To get more information or to see it in action: 25 | . 26 | 27 | ## Running 28 | 29 | ### Installation 30 | 31 | Copy all files, run `./` or `./index.php`, configure Bumpy Booby and enjoy ! 32 | 33 | Note : you can delete the `./public/css/app/` folder, it is useless. 34 | 35 | ### Backup 36 | 37 | Before any update, it's highly recommended to make a backup. You only need to 38 | save the `./database/` folder. 39 | 40 | ### Requirements 41 | 42 | Bumpy Booby doesn't support IE 6 & 7. It requires JavaScript to work 43 | properly. 44 | 45 | ## About Booby Bumpy 46 | 47 | Bumpy Booby was created and is actually maintained by Pierre Monchalin. Please 48 | report bugs at . 49 | 50 | Bumpy Booby is distributed under the MIT License. See `./COPYING` for more 51 | information. -------------------------------------------------------------------------------- /apple-touch-icon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/piero-la-lune/Bumpy-Booby/306e7ef7994ddd884d5eae99761b7a3865ce55dc/apple-touch-icon.png -------------------------------------------------------------------------------- /classes/.htaccess: -------------------------------------------------------------------------------- 1 | Allow from none 2 | Deny from all 3 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/Builder/ConfigSchema.php: -------------------------------------------------------------------------------- 1 | directives as $d) { 18 | $schema->add( 19 | $d->id->key, 20 | $d->default, 21 | $d->type, 22 | $d->typeAllowsNull 23 | ); 24 | if ($d->allowed !== null) { 25 | $schema->addAllowedValues( 26 | $d->id->key, 27 | $d->allowed 28 | ); 29 | } 30 | foreach ($d->aliases as $alias) { 31 | $schema->addAlias( 32 | $alias->key, 33 | $d->id->key 34 | ); 35 | } 36 | if ($d->valueAliases !== null) { 37 | $schema->addValueAliases( 38 | $d->id->key, 39 | $d->valueAliases 40 | ); 41 | } 42 | } 43 | $schema->postProcess(); 44 | return $schema; 45 | } 46 | } 47 | 48 | // vim: et sw=4 sts=4 49 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/Builder/Xml.php: -------------------------------------------------------------------------------- 1 | startElement('div'); 26 | 27 | $purifier = HTMLPurifier::getInstance(); 28 | $html = $purifier->purify($html); 29 | $this->writeAttribute('xmlns', 'http://www.w3.org/1999/xhtml'); 30 | $this->writeRaw($html); 31 | 32 | $this->endElement(); // div 33 | } 34 | 35 | /** 36 | * @param mixed $var 37 | * @return string 38 | */ 39 | protected function export($var) 40 | { 41 | if ($var === array()) { 42 | return 'array()'; 43 | } 44 | return var_export($var, true); 45 | } 46 | 47 | /** 48 | * @param HTMLPurifier_ConfigSchema_Interchange $interchange 49 | */ 50 | public function build($interchange) 51 | { 52 | // global access, only use as last resort 53 | $this->interchange = $interchange; 54 | 55 | $this->setIndent(true); 56 | $this->startDocument('1.0', 'UTF-8'); 57 | $this->startElement('configdoc'); 58 | $this->writeElement('title', $interchange->name); 59 | 60 | foreach ($interchange->directives as $directive) { 61 | $this->buildDirective($directive); 62 | } 63 | 64 | if ($this->namespace) { 65 | $this->endElement(); 66 | } // namespace 67 | 68 | $this->endElement(); // configdoc 69 | $this->flush(); 70 | } 71 | 72 | /** 73 | * @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive 74 | */ 75 | public function buildDirective($directive) 76 | { 77 | // Kludge, although I suppose having a notion of a "root namespace" 78 | // certainly makes things look nicer when documentation is built. 79 | // Depends on things being sorted. 80 | if (!$this->namespace || $this->namespace !== $directive->id->getRootNamespace()) { 81 | if ($this->namespace) { 82 | $this->endElement(); 83 | } // namespace 84 | $this->namespace = $directive->id->getRootNamespace(); 85 | $this->startElement('namespace'); 86 | $this->writeAttribute('id', $this->namespace); 87 | $this->writeElement('name', $this->namespace); 88 | } 89 | 90 | $this->startElement('directive'); 91 | $this->writeAttribute('id', $directive->id->toString()); 92 | 93 | $this->writeElement('name', $directive->id->getDirective()); 94 | 95 | $this->startElement('aliases'); 96 | foreach ($directive->aliases as $alias) { 97 | $this->writeElement('alias', $alias->toString()); 98 | } 99 | $this->endElement(); // aliases 100 | 101 | $this->startElement('constraints'); 102 | if ($directive->version) { 103 | $this->writeElement('version', $directive->version); 104 | } 105 | $this->startElement('type'); 106 | if ($directive->typeAllowsNull) { 107 | $this->writeAttribute('allow-null', 'yes'); 108 | } 109 | $this->text($directive->type); 110 | $this->endElement(); // type 111 | if ($directive->allowed) { 112 | $this->startElement('allowed'); 113 | foreach ($directive->allowed as $value => $x) { 114 | $this->writeElement('value', $value); 115 | } 116 | $this->endElement(); // allowed 117 | } 118 | $this->writeElement('default', $this->export($directive->default)); 119 | $this->writeAttribute('xml:space', 'preserve'); 120 | if ($directive->external) { 121 | $this->startElement('external'); 122 | foreach ($directive->external as $project) { 123 | $this->writeElement('project', $project); 124 | } 125 | $this->endElement(); 126 | } 127 | $this->endElement(); // constraints 128 | 129 | if ($directive->deprecatedVersion) { 130 | $this->startElement('deprecated'); 131 | $this->writeElement('version', $directive->deprecatedVersion); 132 | $this->writeElement('use', $directive->deprecatedUse->toString()); 133 | $this->endElement(); // deprecated 134 | } 135 | 136 | $this->startElement('description'); 137 | $this->writeHTMLDiv($directive->description); 138 | $this->endElement(); // description 139 | 140 | $this->endElement(); // directive 141 | } 142 | } 143 | 144 | // vim: et sw=4 sts=4 145 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/Exception.php: -------------------------------------------------------------------------------- 1 | array(directive info) 19 | * @type HTMLPurifier_ConfigSchema_Interchange_Directive[] 20 | */ 21 | public $directives = array(); 22 | 23 | /** 24 | * Adds a directive array to $directives 25 | * @param HTMLPurifier_ConfigSchema_Interchange_Directive $directive 26 | * @throws HTMLPurifier_ConfigSchema_Exception 27 | */ 28 | public function addDirective($directive) 29 | { 30 | if (isset($this->directives[$i = $directive->id->toString()])) { 31 | throw new HTMLPurifier_ConfigSchema_Exception("Cannot redefine directive '$i'"); 32 | } 33 | $this->directives[$i] = $directive; 34 | } 35 | 36 | /** 37 | * Convenience function to perform standard validation. Throws exception 38 | * on failed validation. 39 | */ 40 | public function validate() 41 | { 42 | $validator = new HTMLPurifier_ConfigSchema_Validator(); 43 | return $validator->validate($this); 44 | } 45 | } 46 | 47 | // vim: et sw=4 sts=4 48 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/Interchange/Directive.php: -------------------------------------------------------------------------------- 1 | true). 42 | * Null if all values are allowed. 43 | * @type array 44 | */ 45 | public $allowed; 46 | 47 | /** 48 | * List of aliases for the directive. 49 | * e.g. array(new HTMLPurifier_ConfigSchema_Interchange_Id('Ns', 'Dir'))). 50 | * @type HTMLPurifier_ConfigSchema_Interchange_Id[] 51 | */ 52 | public $aliases = array(); 53 | 54 | /** 55 | * Hash of value aliases, e.g. array('alt' => 'real'). Null if value 56 | * aliasing is disabled (necessary for non-scalar types). 57 | * @type array 58 | */ 59 | public $valueAliases; 60 | 61 | /** 62 | * Version of HTML Purifier the directive was introduced, e.g. '1.3.1'. 63 | * Null if the directive has always existed. 64 | * @type string 65 | */ 66 | public $version; 67 | 68 | /** 69 | * ID of directive that supercedes this old directive. 70 | * Null if not deprecated. 71 | * @type HTMLPurifier_ConfigSchema_Interchange_Id 72 | */ 73 | public $deprecatedUse; 74 | 75 | /** 76 | * Version of HTML Purifier this directive was deprecated. Null if not 77 | * deprecated. 78 | * @type string 79 | */ 80 | public $deprecatedVersion; 81 | 82 | /** 83 | * List of external projects this directive depends on, e.g. array('CSSTidy'). 84 | * @type array 85 | */ 86 | public $external = array(); 87 | } 88 | 89 | // vim: et sw=4 sts=4 90 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/Interchange/Id.php: -------------------------------------------------------------------------------- 1 | key = $key; 20 | } 21 | 22 | /** 23 | * @return string 24 | * @warning This is NOT magic, to ensure that people don't abuse SPL and 25 | * cause problems for PHP 5.0 support. 26 | */ 27 | public function toString() 28 | { 29 | return $this->key; 30 | } 31 | 32 | /** 33 | * @return string 34 | */ 35 | public function getRootNamespace() 36 | { 37 | return substr($this->key, 0, strpos($this->key, ".")); 38 | } 39 | 40 | /** 41 | * @return string 42 | */ 43 | public function getDirective() 44 | { 45 | return substr($this->key, strpos($this->key, ".") + 1); 46 | } 47 | 48 | /** 49 | * @param string $id 50 | * @return HTMLPurifier_ConfigSchema_Interchange_Id 51 | */ 52 | public static function make($id) 53 | { 54 | return new HTMLPurifier_ConfigSchema_Interchange_Id($id); 55 | } 56 | } 57 | 58 | // vim: et sw=4 sts=4 59 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/ValidatorAtom.php: -------------------------------------------------------------------------------- 1 | context = $context; 34 | $this->obj = $obj; 35 | $this->member = $member; 36 | $this->contents =& $obj->$member; 37 | } 38 | 39 | /** 40 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom 41 | */ 42 | public function assertIsString() 43 | { 44 | if (!is_string($this->contents)) { 45 | $this->error('must be a string'); 46 | } 47 | return $this; 48 | } 49 | 50 | /** 51 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom 52 | */ 53 | public function assertIsBool() 54 | { 55 | if (!is_bool($this->contents)) { 56 | $this->error('must be a boolean'); 57 | } 58 | return $this; 59 | } 60 | 61 | /** 62 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom 63 | */ 64 | public function assertIsArray() 65 | { 66 | if (!is_array($this->contents)) { 67 | $this->error('must be an array'); 68 | } 69 | return $this; 70 | } 71 | 72 | /** 73 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom 74 | */ 75 | public function assertNotNull() 76 | { 77 | if ($this->contents === null) { 78 | $this->error('must not be null'); 79 | } 80 | return $this; 81 | } 82 | 83 | /** 84 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom 85 | */ 86 | public function assertAlnum() 87 | { 88 | $this->assertIsString(); 89 | if (!ctype_alnum($this->contents)) { 90 | $this->error('must be alphanumeric'); 91 | } 92 | return $this; 93 | } 94 | 95 | /** 96 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom 97 | */ 98 | public function assertNotEmpty() 99 | { 100 | if (empty($this->contents)) { 101 | $this->error('must not be empty'); 102 | } 103 | return $this; 104 | } 105 | 106 | /** 107 | * @return HTMLPurifier_ConfigSchema_ValidatorAtom 108 | */ 109 | public function assertIsLookup() 110 | { 111 | $this->assertIsArray(); 112 | foreach ($this->contents as $v) { 113 | if ($v !== true) { 114 | $this->error('must be a lookup array'); 115 | } 116 | } 117 | return $this; 118 | } 119 | 120 | /** 121 | * @param string $msg 122 | * @throws HTMLPurifier_ConfigSchema_Exception 123 | */ 124 | protected function error($msg) 125 | { 126 | throw new HTMLPurifier_ConfigSchema_Exception(ucfirst($this->member) . ' in ' . $this->context . ' ' . $msg); 127 | } 128 | } 129 | 130 | // vim: et sw=4 sts=4 131 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.AllowedClasses.txt: -------------------------------------------------------------------------------- 1 | Attr.AllowedClasses 2 | TYPE: lookup/null 3 | VERSION: 4.0.0 4 | DEFAULT: null 5 | --DESCRIPTION-- 6 | List of allowed class values in the class attribute. By default, this is null, 7 | which means all classes are allowed. 8 | --# vim: et sw=4 sts=4 9 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.AllowedFrameTargets.txt: -------------------------------------------------------------------------------- 1 | Attr.AllowedFrameTargets 2 | TYPE: lookup 3 | DEFAULT: array() 4 | --DESCRIPTION-- 5 | Lookup table of all allowed link frame targets. Some commonly used link 6 | targets include _blank, _self, _parent and _top. Values should be 7 | lowercase, as validation will be done in a case-sensitive manner despite 8 | W3C's recommendation. XHTML 1.0 Strict does not permit the target attribute 9 | so this directive will have no effect in that doctype. XHTML 1.1 does not 10 | enable the Target module by default, you will have to manually enable it 11 | (see the module documentation for more details.) 12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRel.txt: -------------------------------------------------------------------------------- 1 | Attr.AllowedRel 2 | TYPE: lookup 3 | VERSION: 1.6.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 | List of allowed forward document relationships in the rel attribute. Common 7 | values may be nofollow or print. By default, this is empty, meaning that no 8 | document relationships are allowed. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.AllowedRev.txt: -------------------------------------------------------------------------------- 1 | Attr.AllowedRev 2 | TYPE: lookup 3 | VERSION: 1.6.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 | List of allowed reverse document relationships in the rev attribute. This 7 | attribute is a bit of an edge-case; if you don't know what it is for, stay 8 | away. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.ClassUseCDATA.txt: -------------------------------------------------------------------------------- 1 | Attr.ClassUseCDATA 2 | TYPE: bool/null 3 | DEFAULT: null 4 | VERSION: 4.0.0 5 | --DESCRIPTION-- 6 | If null, class will auto-detect the doctype and, if matching XHTML 1.1 or 7 | XHTML 2.0, will use the restrictive NMTOKENS specification of class. Otherwise, 8 | it will use a relaxed CDATA definition. If true, the relaxed CDATA definition 9 | is forced; if false, the NMTOKENS definition is forced. To get behavior 10 | of HTML Purifier prior to 4.0.0, set this directive to false. 11 | 12 | Some rational behind the auto-detection: 13 | in previous versions of HTML Purifier, it was assumed that the form of 14 | class was NMTOKENS, as specified by the XHTML Modularization (representing 15 | XHTML 1.1 and XHTML 2.0). The DTDs for HTML 4.01 and XHTML 1.0, however 16 | specify class as CDATA. HTML 5 effectively defines it as CDATA, but 17 | with the additional constraint that each name should be unique (this is not 18 | explicitly outlined in previous specifications). 19 | --# vim: et sw=4 sts=4 20 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.DefaultImageAlt.txt: -------------------------------------------------------------------------------- 1 | Attr.DefaultImageAlt 2 | TYPE: string/null 3 | DEFAULT: null 4 | VERSION: 3.2.0 5 | --DESCRIPTION-- 6 | This is the content of the alt tag of an image if the user had not 7 | previously specified an alt attribute. This applies to all images without 8 | a valid alt attribute, as opposed to %Attr.DefaultInvalidImageAlt, which 9 | only applies to invalid images, and overrides in the case of an invalid image. 10 | Default behavior with null is to use the basename of the src tag for the alt. 11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImage.txt: -------------------------------------------------------------------------------- 1 | Attr.DefaultInvalidImage 2 | TYPE: string 3 | DEFAULT: '' 4 | --DESCRIPTION-- 5 | This is the default image an img tag will be pointed to if it does not have 6 | a valid src attribute. In future versions, we may allow the image tag to 7 | be removed completely, but due to design issues, this is not possible right 8 | now. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.DefaultInvalidImageAlt.txt: -------------------------------------------------------------------------------- 1 | Attr.DefaultInvalidImageAlt 2 | TYPE: string 3 | DEFAULT: 'Invalid image' 4 | --DESCRIPTION-- 5 | This is the content of the alt tag of an invalid image if the user had not 6 | previously specified an alt attribute. It has no effect when the image is 7 | valid but there was no alt attribute present. 8 | --# vim: et sw=4 sts=4 9 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.DefaultTextDir.txt: -------------------------------------------------------------------------------- 1 | Attr.DefaultTextDir 2 | TYPE: string 3 | DEFAULT: 'ltr' 4 | --DESCRIPTION-- 5 | Defines the default text direction (ltr or rtl) of the document being 6 | parsed. This generally is the same as the value of the dir attribute in 7 | HTML, or ltr if that is not specified. 8 | --ALLOWED-- 9 | 'ltr', 'rtl' 10 | --# vim: et sw=4 sts=4 11 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.EnableID.txt: -------------------------------------------------------------------------------- 1 | Attr.EnableID 2 | TYPE: bool 3 | DEFAULT: false 4 | VERSION: 1.2.0 5 | --DESCRIPTION-- 6 | Allows the ID attribute in HTML. This is disabled by default due to the 7 | fact that without proper configuration user input can easily break the 8 | validation of a webpage by specifying an ID that is already on the 9 | surrounding HTML. If you don't mind throwing caution to the wind, enable 10 | this directive, but I strongly recommend you also consider blacklisting IDs 11 | you use (%Attr.IDBlacklist) or prefixing all user supplied IDs 12 | (%Attr.IDPrefix). When set to true HTML Purifier reverts to the behavior of 13 | pre-1.2.0 versions. 14 | --ALIASES-- 15 | HTML.EnableAttrID 16 | --# vim: et sw=4 sts=4 17 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.ForbiddenClasses.txt: -------------------------------------------------------------------------------- 1 | Attr.ForbiddenClasses 2 | TYPE: lookup 3 | VERSION: 4.0.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 | List of forbidden class values in the class attribute. By default, this is 7 | empty, which means that no classes are forbidden. See also %Attr.AllowedClasses. 8 | --# vim: et sw=4 sts=4 9 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklist.txt: -------------------------------------------------------------------------------- 1 | Attr.IDBlacklist 2 | TYPE: list 3 | DEFAULT: array() 4 | DESCRIPTION: Array of IDs not allowed in the document. 5 | --# vim: et sw=4 sts=4 6 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.IDBlacklistRegexp.txt: -------------------------------------------------------------------------------- 1 | Attr.IDBlacklistRegexp 2 | TYPE: string/null 3 | VERSION: 1.6.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | PCRE regular expression to be matched against all IDs. If the expression is 7 | matches, the ID is rejected. Use this with care: may cause significant 8 | degradation. ID matching is done after all other validation. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefix.txt: -------------------------------------------------------------------------------- 1 | Attr.IDPrefix 2 | TYPE: string 3 | VERSION: 1.2.0 4 | DEFAULT: '' 5 | --DESCRIPTION-- 6 | String to prefix to IDs. If you have no idea what IDs your pages may use, 7 | you may opt to simply add a prefix to all user-submitted ID attributes so 8 | that they are still usable, but will not conflict with core page IDs. 9 | Example: setting the directive to 'user_' will result in a user submitted 10 | 'foo' to become 'user_foo' Be sure to set %HTML.EnableAttrID to true 11 | before using this. 12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Attr.IDPrefixLocal.txt: -------------------------------------------------------------------------------- 1 | Attr.IDPrefixLocal 2 | TYPE: string 3 | VERSION: 1.2.0 4 | DEFAULT: '' 5 | --DESCRIPTION-- 6 | Temporary prefix for IDs used in conjunction with %Attr.IDPrefix. If you 7 | need to allow multiple sets of user content on web page, you may need to 8 | have a seperate prefix that changes with each iteration. This way, 9 | seperately submitted user content displayed on the same page doesn't 10 | clobber each other. Ideal values are unique identifiers for the content it 11 | represents (i.e. the id of the row in the database). Be sure to add a 12 | seperator (like an underscore) at the end. Warning: this directive will 13 | not work unless %Attr.IDPrefix is set to a non-empty value! 14 | --# vim: et sw=4 sts=4 15 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.AutoParagraph.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.AutoParagraph 2 | TYPE: bool 3 | VERSION: 2.0.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | 7 |

8 | This directive turns on auto-paragraphing, where double newlines are 9 | converted in to paragraphs whenever possible. Auto-paragraphing: 10 |

11 |
    12 |
  • Always applies to inline elements or text in the root node,
    • 13 |
  • Applies to inline elements or text with double newlines in nodes 14 | that allow paragraph tags,
    • 15 |
  • Applies to double newlines in paragraph tags
    • 16 |
17 |

18 | p tags must be allowed for this directive to take effect. 19 | We do not use br tags for paragraphing, as that is 20 | semantically incorrect. 21 |

22 |

23 | To prevent auto-paragraphing as a content-producer, refrain from using 24 | double-newlines except to specify a new paragraph or in contexts where 25 | it has special meaning (whitespace usually has no meaning except in 26 | tags like pre, so this should not be difficult.) To prevent 27 | the paragraphing of inline text adjacent to block elements, wrap them 28 | in div tags (the behavior is slightly different outside of 29 | the root node.) 30 |

31 | --# vim: et sw=4 sts=4 32 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.Custom.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.Custom 2 | TYPE: list 3 | VERSION: 2.0.1 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 | 7 |

8 | This directive can be used to add custom auto-format injectors. 9 | Specify an array of injector names (class name minus the prefix) 10 | or concrete implementations. Injector class must exist. 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.DisplayLinkURI.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.DisplayLinkURI 2 | TYPE: bool 3 | VERSION: 3.2.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | This directive turns on the in-text display of URIs in <a> tags, and disables 8 | those links. For example, example becomes 9 | example (http://example.com). 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.Linkify.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.Linkify 2 | TYPE: bool 3 | VERSION: 2.0.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | 7 |

8 | This directive turns on linkification, auto-linking http, ftp and 9 | https URLs. a tags with the href attribute 10 | must be allowed. 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.DocURL.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.PurifierLinkify.DocURL 2 | TYPE: string 3 | VERSION: 2.0.1 4 | DEFAULT: '#%s' 5 | ALIASES: AutoFormatParam.PurifierLinkifyDocURL 6 | --DESCRIPTION-- 7 |

8 | Location of configuration documentation to link to, let %s substitute 9 | into the configuration's namespace and directive names sans the percent 10 | sign. 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.PurifierLinkify.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.PurifierLinkify 2 | TYPE: bool 3 | VERSION: 2.0.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | 7 |

8 | Internal auto-formatter that converts configuration directives in 9 | syntax %Namespace.Directive to links. a tags 10 | with the href attribute must be allowed. 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions 2 | TYPE: lookup 3 | VERSION: 4.0.0 4 | DEFAULT: array('td' => true, 'th' => true) 5 | --DESCRIPTION-- 6 |

7 | When %AutoFormat.RemoveEmpty and %AutoFormat.RemoveEmpty.RemoveNbsp 8 | are enabled, this directive defines what HTML elements should not be 9 | removede if they have only a non-breaking space in them. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.RemoveNbsp.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.RemoveEmpty.RemoveNbsp 2 | TYPE: bool 3 | VERSION: 4.0.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | When enabled, HTML Purifier will treat any elements that contain only 8 | non-breaking spaces as well as regular whitespace as empty, and remove 9 | them when %AutoForamt.RemoveEmpty is enabled. 10 |

11 |

12 | See %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions for a list of elements 13 | that don't have this behavior applied to them. 14 |

15 | --# vim: et sw=4 sts=4 16 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveEmpty.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.RemoveEmpty 2 | TYPE: bool 3 | VERSION: 3.2.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | When enabled, HTML Purifier will attempt to remove empty elements that 8 | contribute no semantic information to the document. The following types 9 | of nodes will be removed: 10 |

11 |
  • 12 | Tags with no attributes and no content, and that are not empty 13 | elements (remove <a></a> but not 14 | <br />), and 15 |
    • 16 |
  • 17 | Tags with no content, except for:
      18 |
    • The colgroup element, or
      • 19 |
    • 20 | Elements with the id or name attribute, 21 | when those attributes are permitted on those elements. 22 |
      • 23 |
    • 24 |
25 |

26 | Please be very careful when using this functionality; while it may not 27 | seem that empty elements contain useful information, they can alter the 28 | layout of a document given appropriate styling. This directive is most 29 | useful when you are processing machine-generated HTML, please avoid using 30 | it on regular user HTML. 31 |

32 |

33 | Elements that contain only whitespace will be treated as empty. Non-breaking 34 | spaces, however, do not count as whitespace. See 35 | %AutoFormat.RemoveEmpty.RemoveNbsp for alternate behavior. 36 |

37 |

38 | This algorithm is not perfect; you may still notice some empty tags, 39 | particularly if a node had elements, but those elements were later removed 40 | because they were not permitted in that context, or tags that, after 41 | being auto-closed by another tag, where empty. This is for safety reasons 42 | to prevent clever code from breaking validation. The general rule of thumb: 43 | if a tag looked empty on the way in, it will get removed; if HTML Purifier 44 | made it empty, it will stay. 45 |

46 | --# vim: et sw=4 sts=4 47 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/AutoFormat.RemoveSpansWithoutAttributes.txt: -------------------------------------------------------------------------------- 1 | AutoFormat.RemoveSpansWithoutAttributes 2 | TYPE: bool 3 | VERSION: 4.0.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | This directive causes span tags without any attributes 8 | to be removed. It will also remove spans that had all attributes 9 | removed during processing. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.AllowImportant.txt: -------------------------------------------------------------------------------- 1 | CSS.AllowImportant 2 | TYPE: bool 3 | DEFAULT: false 4 | VERSION: 3.1.0 5 | --DESCRIPTION-- 6 | This parameter determines whether or not !important cascade modifiers should 7 | be allowed in user CSS. If false, !important will stripped. 8 | --# vim: et sw=4 sts=4 9 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.AllowTricky.txt: -------------------------------------------------------------------------------- 1 | CSS.AllowTricky 2 | TYPE: bool 3 | DEFAULT: false 4 | VERSION: 3.1.0 5 | --DESCRIPTION-- 6 | This parameter determines whether or not to allow "tricky" CSS properties and 7 | values. Tricky CSS properties/values can drastically modify page layout or 8 | be used for deceptive practices but do not directly constitute a security risk. 9 | For example, display:none; is considered a tricky property that 10 | will only be allowed if this directive is set to true. 11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.AllowedFonts.txt: -------------------------------------------------------------------------------- 1 | CSS.AllowedFonts 2 | TYPE: lookup/null 3 | VERSION: 4.3.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 |

7 | Allows you to manually specify a set of allowed fonts. If 8 | NULL, all fonts are allowed. This directive 9 | affects generic names (serif, sans-serif, monospace, cursive, 10 | fantasy) as well as specific font families. 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.AllowedProperties.txt: -------------------------------------------------------------------------------- 1 | CSS.AllowedProperties 2 | TYPE: lookup/null 3 | VERSION: 3.1.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | If HTML Purifier's style attributes set is unsatisfactory for your needs, 9 | you can overload it with your own list of tags to allow. Note that this 10 | method is subtractive: it does its job by taking away from HTML Purifier 11 | usual feature set, so you cannot add an attribute that HTML Purifier never 12 | supported in the first place. 13 |

14 |

15 | Warning: If another directive conflicts with the 16 | elements here, that directive will win and override. 17 |

18 | --# vim: et sw=4 sts=4 19 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.DefinitionRev.txt: -------------------------------------------------------------------------------- 1 | CSS.DefinitionRev 2 | TYPE: int 3 | VERSION: 2.0.0 4 | DEFAULT: 1 5 | --DESCRIPTION-- 6 | 7 |

8 | Revision identifier for your custom definition. See 9 | %HTML.DefinitionRev for details. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.ForbiddenProperties.txt: -------------------------------------------------------------------------------- 1 | CSS.ForbiddenProperties 2 | TYPE: lookup 3 | VERSION: 4.2.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 |

7 | This is the logical inverse of %CSS.AllowedProperties, and it will 8 | override that directive or any other directive. If possible, 9 | %CSS.AllowedProperties is recommended over this directive, 10 | because it can sometimes be difficult to tell whether or not you've 11 | forbidden all of the CSS properties you truly would like to disallow. 12 |

13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.MaxImgLength.txt: -------------------------------------------------------------------------------- 1 | CSS.MaxImgLength 2 | TYPE: string/null 3 | DEFAULT: '1200px' 4 | VERSION: 3.1.1 5 | --DESCRIPTION-- 6 |

7 | This parameter sets the maximum allowed length on img tags, 8 | effectively the width and height properties. 9 | Only absolute units of measurement (in, pt, pc, mm, cm) and pixels (px) are allowed. This is 10 | in place to prevent imagecrash attacks, disable with null at your own risk. 11 | This directive is similar to %HTML.MaxImgLength, and both should be 12 | concurrently edited, although there are 13 | subtle differences in the input format (the CSS max is a number with 14 | a unit). 15 |

16 | --# vim: et sw=4 sts=4 17 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.Proprietary.txt: -------------------------------------------------------------------------------- 1 | CSS.Proprietary 2 | TYPE: bool 3 | VERSION: 3.0.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | 7 |

8 | Whether or not to allow safe, proprietary CSS values. 9 |

10 | --# vim: et sw=4 sts=4 11 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/CSS.Trusted.txt: -------------------------------------------------------------------------------- 1 | CSS.Trusted 2 | TYPE: bool 3 | VERSION: 4.2.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | Indicates whether or not the user's CSS input is trusted or not. If the 7 | input is trusted, a more expansive set of allowed properties. See 8 | also %HTML.Trusted. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Cache.DefinitionImpl.txt: -------------------------------------------------------------------------------- 1 | Cache.DefinitionImpl 2 | TYPE: string/null 3 | VERSION: 2.0.0 4 | DEFAULT: 'Serializer' 5 | --DESCRIPTION-- 6 | 7 | This directive defines which method to use when caching definitions, 8 | the complex data-type that makes HTML Purifier tick. Set to null 9 | to disable caching (not recommended, as you will see a definite 10 | performance degradation). 11 | 12 | --ALIASES-- 13 | Core.DefinitionCache 14 | --# vim: et sw=4 sts=4 15 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPath.txt: -------------------------------------------------------------------------------- 1 | Cache.SerializerPath 2 | TYPE: string/null 3 | VERSION: 2.0.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | Absolute path with no trailing slash to store serialized definitions in. 9 | Default is within the 10 | HTML Purifier library inside DefinitionCache/Serializer. This 11 | path must be writable by the webserver. 12 |

13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Cache.SerializerPermissions.txt: -------------------------------------------------------------------------------- 1 | Cache.SerializerPermissions 2 | TYPE: int 3 | VERSION: 4.3.0 4 | DEFAULT: 0755 5 | --DESCRIPTION-- 6 | 7 |

8 | Directory permissions of the files and directories created inside 9 | the DefinitionCache/Serializer or other custom serializer path. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.AggressivelyFixLt.txt: -------------------------------------------------------------------------------- 1 | Core.AggressivelyFixLt 2 | TYPE: bool 3 | VERSION: 2.1.0 4 | DEFAULT: true 5 | --DESCRIPTION-- 6 |

7 | This directive enables aggressive pre-filter fixes HTML Purifier can 8 | perform in order to ensure that open angled-brackets do not get killed 9 | during parsing stage. Enabling this will result in two preg_replace_callback 10 | calls and at least two preg_replace calls for every HTML document parsed; 11 | if your users make very well-formed HTML, you can set this directive false. 12 | This has no effect when DirectLex is used. 13 |

14 |

15 | Notice: This directive's default turned from false to true 16 | in HTML Purifier 3.2.0. 17 |

18 | --# vim: et sw=4 sts=4 19 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.AllowHostnameUnderscore.txt: -------------------------------------------------------------------------------- 1 | Core.AllowHostnameUnderscore 2 | TYPE: bool 3 | VERSION: 4.6.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | By RFC 1123, underscores are not permitted in host names. 8 | (This is in contrast to the specification for DNS, RFC 9 | 2181, which allows underscores.) 10 | However, most browsers do the right thing when faced with 11 | an underscore in the host name, and so some poorly written 12 | websites are written with the expectation this should work. 13 | Setting this parameter to true relaxes our allowed character 14 | check so that underscores are permitted. 15 |

16 | --# vim: et sw=4 sts=4 17 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.CollectErrors.txt: -------------------------------------------------------------------------------- 1 | Core.CollectErrors 2 | TYPE: bool 3 | VERSION: 2.0.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | 7 | Whether or not to collect errors found while filtering the document. This 8 | is a useful way to give feedback to your users. Warning: 9 | Currently this feature is very patchy and experimental, with lots of 10 | possible error messages not yet implemented. It will not cause any 11 | problems, but it may not help your users either. 12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.ColorKeywords.txt: -------------------------------------------------------------------------------- 1 | Core.ColorKeywords 2 | TYPE: hash 3 | VERSION: 2.0.0 4 | --DEFAULT-- 5 | array ( 6 | 'maroon' => '#800000', 7 | 'red' => '#FF0000', 8 | 'orange' => '#FFA500', 9 | 'yellow' => '#FFFF00', 10 | 'olive' => '#808000', 11 | 'purple' => '#800080', 12 | 'fuchsia' => '#FF00FF', 13 | 'white' => '#FFFFFF', 14 | 'lime' => '#00FF00', 15 | 'green' => '#008000', 16 | 'navy' => '#000080', 17 | 'blue' => '#0000FF', 18 | 'aqua' => '#00FFFF', 19 | 'teal' => '#008080', 20 | 'black' => '#000000', 21 | 'silver' => '#C0C0C0', 22 | 'gray' => '#808080', 23 | ) 24 | --DESCRIPTION-- 25 | 26 | Lookup array of color names to six digit hexadecimal number corresponding 27 | to color, with preceding hash mark. Used when parsing colors. The lookup 28 | is done in a case-insensitive manner. 29 | --# vim: et sw=4 sts=4 30 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.ConvertDocumentToFragment.txt: -------------------------------------------------------------------------------- 1 | Core.ConvertDocumentToFragment 2 | TYPE: bool 3 | DEFAULT: true 4 | --DESCRIPTION-- 5 | 6 | This parameter determines whether or not the filter should convert 7 | input that is a full document with html and body tags to a fragment 8 | of just the contents of a body tag. This parameter is simply something 9 | HTML Purifier can do during an edge-case: for most inputs, this 10 | processing is not necessary. 11 | 12 | --ALIASES-- 13 | Core.AcceptFullDocuments 14 | --# vim: et sw=4 sts=4 15 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.DirectLexLineNumberSyncInterval.txt: -------------------------------------------------------------------------------- 1 | Core.DirectLexLineNumberSyncInterval 2 | TYPE: int 3 | VERSION: 2.0.0 4 | DEFAULT: 0 5 | --DESCRIPTION-- 6 | 7 |

8 | Specifies the number of tokens the DirectLex line number tracking 9 | implementations should process before attempting to resyncronize the 10 | current line count by manually counting all previous new-lines. When 11 | at 0, this functionality is disabled. Lower values will decrease 12 | performance, and this is only strictly necessary if the counting 13 | algorithm is buggy (in which case you should report it as a bug). 14 | This has no effect when %Core.MaintainLineNumbers is disabled or DirectLex is 15 | not being used. 16 |

17 | --# vim: et sw=4 sts=4 18 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.DisableExcludes.txt: -------------------------------------------------------------------------------- 1 | Core.DisableExcludes 2 | TYPE: bool 3 | DEFAULT: false 4 | VERSION: 4.5.0 5 | --DESCRIPTION-- 6 |

7 | This directive disables SGML-style exclusions, e.g. the exclusion of 8 | <object> in any descendant of a 9 | <pre> tag. Disabling excludes will allow some 10 | invalid documents to pass through HTML Purifier, but HTML Purifier 11 | will also be less likely to accidentally remove large documents during 12 | processing. 13 |

14 | --# vim: et sw=4 sts=4 15 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.EnableIDNA.txt: -------------------------------------------------------------------------------- 1 | Core.EnableIDNA 2 | TYPE: bool 3 | DEFAULT: false 4 | VERSION: 4.4.0 5 | --DESCRIPTION-- 6 | Allows international domain names in URLs. This configuration option 7 | requires the PEAR Net_IDNA2 module to be installed. It operates by 8 | punycoding any internationalized host names for maximum portability. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.Encoding.txt: -------------------------------------------------------------------------------- 1 | Core.Encoding 2 | TYPE: istring 3 | DEFAULT: 'utf-8' 4 | --DESCRIPTION-- 5 | If for some reason you are unable to convert all webpages to UTF-8, you can 6 | use this directive as a stop-gap compatibility change to let HTML Purifier 7 | deal with non UTF-8 input. This technique has notable deficiencies: 8 | absolutely no characters outside of the selected character encoding will be 9 | preserved, not even the ones that have been ampersand escaped (this is due 10 | to a UTF-8 specific feature that automatically resolves all 11 | entities), making it pretty useless for anything except the most I18N-blind 12 | applications, although %Core.EscapeNonASCIICharacters offers fixes this 13 | trouble with another tradeoff. This directive only accepts ISO-8859-1 if 14 | iconv is not enabled. 15 | --# vim: et sw=4 sts=4 16 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidChildren.txt: -------------------------------------------------------------------------------- 1 | Core.EscapeInvalidChildren 2 | TYPE: bool 3 | DEFAULT: false 4 | --DESCRIPTION-- 5 |

Warning: this configuration option is no longer does anything as of 4.6.0.

6 | 7 |

When true, a child is found that is not allowed in the context of the 8 | parent element will be transformed into text as if it were ASCII. When 9 | false, that element and all internal tags will be dropped, though text will 10 | be preserved. There is no option for dropping the element but preserving 11 | child nodes.

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.EscapeInvalidTags.txt: -------------------------------------------------------------------------------- 1 | Core.EscapeInvalidTags 2 | TYPE: bool 3 | DEFAULT: false 4 | --DESCRIPTION-- 5 | When true, invalid tags will be written back to the document as plain text. 6 | Otherwise, they are silently dropped. 7 | --# vim: et sw=4 sts=4 8 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.EscapeNonASCIICharacters.txt: -------------------------------------------------------------------------------- 1 | Core.EscapeNonASCIICharacters 2 | TYPE: bool 3 | VERSION: 1.4.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | This directive overcomes a deficiency in %Core.Encoding by blindly 7 | converting all non-ASCII characters into decimal numeric entities before 8 | converting it to its native encoding. This means that even characters that 9 | can be expressed in the non-UTF-8 encoding will be entity-ized, which can 10 | be a real downer for encodings like Big5. It also assumes that the ASCII 11 | repetoire is available, although this is the case for almost all encodings. 12 | Anyway, use UTF-8! 13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.HiddenElements.txt: -------------------------------------------------------------------------------- 1 | Core.HiddenElements 2 | TYPE: lookup 3 | --DEFAULT-- 4 | array ( 5 | 'script' => true, 6 | 'style' => true, 7 | ) 8 | --DESCRIPTION-- 9 | 10 |

11 | This directive is a lookup array of elements which should have their 12 | contents removed when they are not allowed by the HTML definition. 13 | For example, the contents of a script tag are not 14 | normally shown in a document, so if script tags are to be removed, 15 | their contents should be removed to. This is opposed to a b 16 | tag, which defines some presentational changes but does not hide its 17 | contents. 18 |

19 | --# vim: et sw=4 sts=4 20 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.Language.txt: -------------------------------------------------------------------------------- 1 | Core.Language 2 | TYPE: string 3 | VERSION: 2.0.0 4 | DEFAULT: 'en' 5 | --DESCRIPTION-- 6 | 7 | ISO 639 language code for localizable things in HTML Purifier to use, 8 | which is mainly error reporting. There is currently only an English (en) 9 | translation, so this directive is currently useless. 10 | --# vim: et sw=4 sts=4 11 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.LexerImpl.txt: -------------------------------------------------------------------------------- 1 | Core.LexerImpl 2 | TYPE: mixed/null 3 | VERSION: 2.0.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | This parameter determines what lexer implementation can be used. The 9 | valid values are: 10 |

11 |
12 |
null
13 |
14 | Recommended, the lexer implementation will be auto-detected based on 15 | your PHP-version and configuration. 16 |
17 |
string lexer identifier
18 |
19 | This is a slim way of manually overridding the implementation. 20 | Currently recognized values are: DOMLex (the default PHP5 21 | implementation) 22 | and DirectLex (the default PHP4 implementation). Only use this if 23 | you know what you are doing: usually, the auto-detection will 24 | manage things for cases you aren't even aware of. 25 |
26 |
object lexer instance
27 |
28 | Super-advanced: you can specify your own, custom, implementation that 29 | implements the interface defined by HTMLPurifier_Lexer. 30 | I may remove this option simply because I don't expect anyone 31 | to use it. 32 |
33 |
34 | --# vim: et sw=4 sts=4 35 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.MaintainLineNumbers.txt: -------------------------------------------------------------------------------- 1 | Core.MaintainLineNumbers 2 | TYPE: bool/null 3 | VERSION: 2.0.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | If true, HTML Purifier will add line number information to all tokens. 9 | This is useful when error reporting is turned on, but can result in 10 | significant performance degradation and should not be used when 11 | unnecessary. This directive must be used with the DirectLex lexer, 12 | as the DOMLex lexer does not (yet) support this functionality. 13 | If the value is null, an appropriate value will be selected based 14 | on other configuration. 15 |

16 | --# vim: et sw=4 sts=4 17 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.NormalizeNewlines.txt: -------------------------------------------------------------------------------- 1 | Core.NormalizeNewlines 2 | TYPE: bool 3 | VERSION: 4.2.0 4 | DEFAULT: true 5 | --DESCRIPTION-- 6 |

7 | Whether or not to normalize newlines to the operating 8 | system default. When false, HTML Purifier 9 | will attempt to preserve mixed newline files. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.RemoveInvalidImg.txt: -------------------------------------------------------------------------------- 1 | Core.RemoveInvalidImg 2 | TYPE: bool 3 | DEFAULT: true 4 | VERSION: 1.3.0 5 | --DESCRIPTION-- 6 | 7 |

8 | This directive enables pre-emptive URI checking in img 9 | tags, as the attribute validation strategy is not authorized to 10 | remove elements from the document. Revert to pre-1.3.0 behavior by setting to false. 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.RemoveProcessingInstructions.txt: -------------------------------------------------------------------------------- 1 | Core.RemoveProcessingInstructions 2 | TYPE: bool 3 | VERSION: 4.2.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | Instead of escaping processing instructions in the form <? ... 7 | ?>, remove it out-right. This may be useful if the HTML 8 | you are validating contains XML processing instruction gunk, however, 9 | it can also be user-unfriendly for people attempting to post PHP 10 | snippets. 11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Core.RemoveScriptContents.txt: -------------------------------------------------------------------------------- 1 | Core.RemoveScriptContents 2 | TYPE: bool/null 3 | DEFAULT: NULL 4 | VERSION: 2.0.0 5 | DEPRECATED-VERSION: 2.1.0 6 | DEPRECATED-USE: Core.HiddenElements 7 | --DESCRIPTION-- 8 |

9 | This directive enables HTML Purifier to remove not only script tags 10 | but all of their contents. 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Filter.Custom.txt: -------------------------------------------------------------------------------- 1 | Filter.Custom 2 | TYPE: list 3 | VERSION: 3.1.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 |

7 | This directive can be used to add custom filters; it is nearly the 8 | equivalent of the now deprecated HTMLPurifier->addFilter() 9 | method. Specify an array of concrete implementations. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Escaping.txt: -------------------------------------------------------------------------------- 1 | Filter.ExtractStyleBlocks.Escaping 2 | TYPE: bool 3 | VERSION: 3.0.0 4 | DEFAULT: true 5 | ALIASES: Filter.ExtractStyleBlocksEscaping, FilterParam.ExtractStyleBlocksEscaping 6 | --DESCRIPTION-- 7 | 8 |

9 | Whether or not to escape the dangerous characters <, > and & 10 | as \3C, \3E and \26, respectively. This is can be safely set to false 11 | if the contents of StyleBlocks will be placed in an external stylesheet, 12 | where there is no risk of it being interpreted as HTML. 13 |

14 | --# vim: et sw=4 sts=4 15 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.Scope.txt: -------------------------------------------------------------------------------- 1 | Filter.ExtractStyleBlocks.Scope 2 | TYPE: string/null 3 | VERSION: 3.0.0 4 | DEFAULT: NULL 5 | ALIASES: Filter.ExtractStyleBlocksScope, FilterParam.ExtractStyleBlocksScope 6 | --DESCRIPTION-- 7 | 8 |

9 | If you would like users to be able to define external stylesheets, but 10 | only allow them to specify CSS declarations for a specific node and 11 | prevent them from fiddling with other elements, use this directive. 12 | It accepts any valid CSS selector, and will prepend this to any 13 | CSS declaration extracted from the document. For example, if this 14 | directive is set to #user-content and a user uses the 15 | selector a:hover, the final selector will be 16 | #user-content a:hover. 17 |

18 |

19 | The comma shorthand may be used; consider the above example, with 20 | #user-content, #user-content2, the final selector will 21 | be #user-content a:hover, #user-content2 a:hover. 22 |

23 |

24 | Warning: It is possible for users to bypass this measure 25 | using a naughty + selector. This is a bug in CSS Tidy 1.3, not HTML 26 | Purifier, and I am working to get it fixed. Until then, HTML Purifier 27 | performs a basic check to prevent this. 28 |

29 | --# vim: et sw=4 sts=4 30 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.TidyImpl.txt: -------------------------------------------------------------------------------- 1 | Filter.ExtractStyleBlocks.TidyImpl 2 | TYPE: mixed/null 3 | VERSION: 3.1.0 4 | DEFAULT: NULL 5 | ALIASES: FilterParam.ExtractStyleBlocksTidyImpl 6 | --DESCRIPTION-- 7 |

8 | If left NULL, HTML Purifier will attempt to instantiate a csstidy 9 | class to use for internal cleaning. This will usually be good enough. 10 |

11 |

12 | However, for trusted user input, you can set this to false to 13 | disable cleaning. In addition, you can supply your own concrete implementation 14 | of Tidy's interface to use, although I don't know why you'd want to do that. 15 |

16 | --# vim: et sw=4 sts=4 17 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Filter.ExtractStyleBlocks.txt: -------------------------------------------------------------------------------- 1 | Filter.ExtractStyleBlocks 2 | TYPE: bool 3 | VERSION: 3.1.0 4 | DEFAULT: false 5 | EXTERNAL: CSSTidy 6 | --DESCRIPTION-- 7 |

8 | This directive turns on the style block extraction filter, which removes 9 | style blocks from input HTML, cleans them up with CSSTidy, 10 | and places them in the StyleBlocks context variable, for further 11 | use by you, usually to be placed in an external stylesheet, or a 12 | style block in the head of your document. 13 |

14 |

15 | Sample usage: 16 |

17 | 
';
21 | ?>
22 | 
24 | 
25 | 
26 |   Filter.ExtractStyleBlocks
27 | body {color:#F00;} Some text';
32 | 
33 |     $config = HTMLPurifier_Config::createDefault();
34 |     $config->set('Filter', 'ExtractStyleBlocks', true);
35 |     $purifier = new HTMLPurifier($config);
36 | 
37 |     $html = $purifier->purify($dirty);
38 | 
39 |     // This implementation writes the stylesheets to the styles/ directory.
40 |     // You can also echo the styles inside the document, but it's a bit
41 |     // more difficult to make sure they get interpreted properly by
42 |     // browsers; try the usual CSS armoring techniques.
43 |     $styles = $purifier->context->get('StyleBlocks');
44 |     $dir = 'styles/';
45 |     if (!is_dir($dir)) mkdir($dir);
46 |     $hash = sha1($_GET['html']);
47 |     foreach ($styles as $i => $style) {
48 |         file_put_contents($name = $dir . $hash . "_$i");
49 |         echo '';
50 |     }
51 | ?>
52 | 
53 | 
54 |   

55 |     
56 |   

57 | 
58 | 
59 | ]]>
60 |

61 | Warning: It is possible for a user to mount an 62 | imagecrash attack using this CSS. Counter-measures are difficult; 63 | it is not simply enough to limit the range of CSS lengths (using 64 | relative lengths with many nesting levels allows for large values 65 | to be attained without actually specifying them in the stylesheet), 66 | and the flexible nature of selectors makes it difficult to selectively 67 | disable lengths on image tags (HTML Purifier, however, does disable 68 | CSS width and height in inline styling). There are probably two effective 69 | counter measures: an explicit width and height set to auto in all 70 | images in your document (unlikely) or the disabling of width and 71 | height (somewhat reasonable). Whether or not these measures should be 72 | used is left to the reader. 73 |

74 | --# vim: et sw=4 sts=4 75 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Filter.YouTube.txt: -------------------------------------------------------------------------------- 1 | Filter.YouTube 2 | TYPE: bool 3 | VERSION: 3.1.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | Warning: Deprecated in favor of %HTML.SafeObject and 8 | %Output.FlashCompat (turn both on to allow YouTube videos and other 9 | Flash content). 10 |

11 |

12 | This directive enables YouTube video embedding in HTML Purifier. Check 13 | this document 14 | on embedding videos for more information on what this filter does. 15 |

16 | --# vim: et sw=4 sts=4 17 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.Allowed.txt: -------------------------------------------------------------------------------- 1 | HTML.Allowed 2 | TYPE: itext/null 3 | VERSION: 2.0.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | This is a preferred convenience directive that combines 9 | %HTML.AllowedElements and %HTML.AllowedAttributes. 10 | Specify elements and attributes that are allowed using: 11 | element1[attr1|attr2],element2.... For example, 12 | if you would like to only allow paragraphs and links, specify 13 | a[href],p. You can specify attributes that apply 14 | to all elements using an asterisk, e.g. *[lang]. 15 | You can also use newlines instead of commas to separate elements. 16 |

17 |

18 | Warning: 19 | All of the constraints on the component directives are still enforced. 20 | The syntax is a subset of TinyMCE's valid_elements 21 | whitelist: directly copy-pasting it here will probably result in 22 | broken whitelists. If %HTML.AllowedElements or %HTML.AllowedAttributes 23 | are set, this directive has no effect. 24 |

25 | --# vim: et sw=4 sts=4 26 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.AllowedAttributes.txt: -------------------------------------------------------------------------------- 1 | HTML.AllowedAttributes 2 | TYPE: lookup/null 3 | VERSION: 1.3.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | If HTML Purifier's attribute set is unsatisfactory, overload it! 9 | The syntax is "tag.attr" or "*.attr" for the global attributes 10 | (style, id, class, dir, lang, xml:lang). 11 |

12 |

13 | Warning: If another directive conflicts with the 14 | elements here, that directive will win and override. For 15 | example, %HTML.EnableAttrID will take precedence over *.id in this 16 | directive. You must set that directive to true before you can use 17 | IDs at all. 18 |

19 | --# vim: et sw=4 sts=4 20 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.AllowedComments.txt: -------------------------------------------------------------------------------- 1 | HTML.AllowedComments 2 | TYPE: lookup 3 | VERSION: 4.4.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 | A whitelist which indicates what explicit comment bodies should be 7 | allowed, modulo leading and trailing whitespace. See also %HTML.AllowedCommentsRegexp 8 | (these directives are union'ed together, so a comment is considered 9 | valid if any directive deems it valid.) 10 | --# vim: et sw=4 sts=4 11 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.AllowedCommentsRegexp.txt: -------------------------------------------------------------------------------- 1 | HTML.AllowedCommentsRegexp 2 | TYPE: string/null 3 | VERSION: 4.4.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | A regexp, which if it matches the body of a comment, indicates that 7 | it should be allowed. Trailing and leading spaces are removed prior 8 | to running this regular expression. 9 | Warning: Make sure you specify 10 | correct anchor metacharacters ^regex$, otherwise you may accept 11 | comments that you did not mean to! In particular, the regex /foo|bar/ 12 | is probably not sufficiently strict, since it also allows foobar. 13 | See also %HTML.AllowedComments (these directives are union'ed together, 14 | so a comment is considered valid if any directive deems it valid.) 15 | --# vim: et sw=4 sts=4 16 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.AllowedElements.txt: -------------------------------------------------------------------------------- 1 | HTML.AllowedElements 2 | TYPE: lookup/null 3 | VERSION: 1.3.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 |

7 | If HTML Purifier's tag set is unsatisfactory for your needs, you can 8 | overload it with your own list of tags to allow. If you change 9 | this, you probably also want to change %HTML.AllowedAttributes; see 10 | also %HTML.Allowed which lets you set allowed elements and 11 | attributes at the same time. 12 |

13 |

14 | If you attempt to allow an element that HTML Purifier does not know 15 | about, HTML Purifier will raise an error. You will need to manually 16 | tell HTML Purifier about this element by using the 17 | advanced customization features. 18 |

19 |

20 | Warning: If another directive conflicts with the 21 | elements here, that directive will win and override. 22 |

23 | --# vim: et sw=4 sts=4 24 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.AllowedModules.txt: -------------------------------------------------------------------------------- 1 | HTML.AllowedModules 2 | TYPE: lookup/null 3 | VERSION: 2.0.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | A doctype comes with a set of usual modules to use. Without having 9 | to mucking about with the doctypes, you can quickly activate or 10 | disable these modules by specifying which modules you wish to allow 11 | with this directive. This is most useful for unit testing specific 12 | modules, although end users may find it useful for their own ends. 13 |

14 |

15 | If you specify a module that does not exist, the manager will silently 16 | fail to use it, so be careful! User-defined modules are not affected 17 | by this directive. Modules defined in %HTML.CoreModules are not 18 | affected by this directive. 19 |

20 | --# vim: et sw=4 sts=4 21 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.Attr.Name.UseCDATA.txt: -------------------------------------------------------------------------------- 1 | HTML.Attr.Name.UseCDATA 2 | TYPE: bool 3 | DEFAULT: false 4 | VERSION: 4.0.0 5 | --DESCRIPTION-- 6 | The W3C specification DTD defines the name attribute to be CDATA, not ID, due 7 | to limitations of DTD. In certain documents, this relaxed behavior is desired, 8 | whether it is to specify duplicate names, or to specify names that would be 9 | illegal IDs (for example, names that begin with a digit.) Set this configuration 10 | directive to true to use the relaxed parsing rules. 11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.BlockWrapper.txt: -------------------------------------------------------------------------------- 1 | HTML.BlockWrapper 2 | TYPE: string 3 | VERSION: 1.3.0 4 | DEFAULT: 'p' 5 | --DESCRIPTION-- 6 | 7 |

8 | String name of element to wrap inline elements that are inside a block 9 | context. This only occurs in the children of blockquote in strict mode. 10 |

11 |

12 | Example: by default value, 13 | <blockquote>Foo</blockquote> would become 14 | <blockquote><p>Foo</p></blockquote>. 15 | The <p> tags can be replaced with whatever you desire, 16 | as long as it is a block level element. 17 |

18 | --# vim: et sw=4 sts=4 19 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.CoreModules.txt: -------------------------------------------------------------------------------- 1 | HTML.CoreModules 2 | TYPE: lookup 3 | VERSION: 2.0.0 4 | --DEFAULT-- 5 | array ( 6 | 'Structure' => true, 7 | 'Text' => true, 8 | 'Hypertext' => true, 9 | 'List' => true, 10 | 'NonXMLCommonAttributes' => true, 11 | 'XMLCommonAttributes' => true, 12 | 'CommonAttributes' => true, 13 | ) 14 | --DESCRIPTION-- 15 | 16 |

17 | Certain modularized doctypes (XHTML, namely), have certain modules 18 | that must be included for the doctype to be an conforming document 19 | type: put those modules here. By default, XHTML's core modules 20 | are used. You can set this to a blank array to disable core module 21 | protection, but this is not recommended. 22 |

23 | --# vim: et sw=4 sts=4 24 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.CustomDoctype.txt: -------------------------------------------------------------------------------- 1 | HTML.CustomDoctype 2 | TYPE: string/null 3 | VERSION: 2.0.1 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 | A custom doctype for power-users who defined there own document 8 | type. This directive only applies when %HTML.Doctype is blank. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionID.txt: -------------------------------------------------------------------------------- 1 | HTML.DefinitionID 2 | TYPE: string/null 3 | DEFAULT: NULL 4 | VERSION: 2.0.0 5 | --DESCRIPTION-- 6 | 7 |

8 | Unique identifier for a custom-built HTML definition. If you edit 9 | the raw version of the HTMLDefinition, introducing changes that the 10 | configuration object does not reflect, you must specify this variable. 11 | If you change your custom edits, you should change this directive, or 12 | clear your cache. Example: 13 |

14 | 
15 | $config = HTMLPurifier_Config::createDefault();
16 | $config->set('HTML', 'DefinitionID', '1');
17 | $def = $config->getHTMLDefinition();
18 | $def->addAttribute('a', 'tabindex', 'Number');
19 |
20 |

21 | In the above example, the configuration is still at the defaults, but 22 | using the advanced API, an extra attribute has been added. The 23 | configuration object normally has no way of knowing that this change 24 | has taken place, so it needs an extra directive: %HTML.DefinitionID. 25 | If someone else attempts to use the default configuration, these two 26 | pieces of code will not clobber each other in the cache, since one has 27 | an extra directive attached to it. 28 |

29 |

30 | You must specify a value to this directive to use the 31 | advanced API features. 32 |

33 | --# vim: et sw=4 sts=4 34 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.DefinitionRev.txt: -------------------------------------------------------------------------------- 1 | HTML.DefinitionRev 2 | TYPE: int 3 | VERSION: 2.0.0 4 | DEFAULT: 1 5 | --DESCRIPTION-- 6 | 7 |

8 | Revision identifier for your custom definition specified in 9 | %HTML.DefinitionID. This serves the same purpose: uniquely identifying 10 | your custom definition, but this one does so in a chronological 11 | context: revision 3 is more up-to-date then revision 2. Thus, when 12 | this gets incremented, the cache handling is smart enough to clean 13 | up any older revisions of your definition as well as flush the 14 | cache. 15 |

16 | --# vim: et sw=4 sts=4 17 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.Doctype.txt: -------------------------------------------------------------------------------- 1 | HTML.Doctype 2 | TYPE: string/null 3 | DEFAULT: NULL 4 | --DESCRIPTION-- 5 | Doctype to use during filtering. Technically speaking this is not actually 6 | a doctype (as it does not identify a corresponding DTD), but we are using 7 | this name for sake of simplicity. When non-blank, this will override any 8 | older directives like %HTML.XHTML or %HTML.Strict. 9 | --ALLOWED-- 10 | 'HTML 4.01 Transitional', 'HTML 4.01 Strict', 'XHTML 1.0 Transitional', 'XHTML 1.0 Strict', 'XHTML 1.1' 11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.FlashAllowFullScreen.txt: -------------------------------------------------------------------------------- 1 | HTML.FlashAllowFullScreen 2 | TYPE: bool 3 | VERSION: 4.2.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | Whether or not to permit embedded Flash content from 8 | %HTML.SafeObject to expand to the full screen. Corresponds to 9 | the allowFullScreen parameter. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenAttributes.txt: -------------------------------------------------------------------------------- 1 | HTML.ForbiddenAttributes 2 | TYPE: lookup 3 | VERSION: 3.1.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 |

7 | While this directive is similar to %HTML.AllowedAttributes, for 8 | forwards-compatibility with XML, this attribute has a different syntax. Instead of 9 | tag.attr, use tag@attr. To disallow href 10 | attributes in a tags, set this directive to 11 | a@href. You can also disallow an attribute globally with 12 | attr or *@attr (either syntax is fine; the latter 13 | is provided for consistency with %HTML.AllowedAttributes). 14 |

15 |

16 | Warning: This directive complements %HTML.ForbiddenElements, 17 | accordingly, check 18 | out that directive for a discussion of why you 19 | should think twice before using this directive. 20 |

21 | --# vim: et sw=4 sts=4 22 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.ForbiddenElements.txt: -------------------------------------------------------------------------------- 1 | HTML.ForbiddenElements 2 | TYPE: lookup 3 | VERSION: 3.1.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 |

7 | This was, perhaps, the most requested feature ever in HTML 8 | Purifier. Please don't abuse it! This is the logical inverse of 9 | %HTML.AllowedElements, and it will override that directive, or any 10 | other directive. 11 |

12 |

13 | If possible, %HTML.Allowed is recommended over this directive, because it 14 | can sometimes be difficult to tell whether or not you've forbidden all of 15 | the behavior you would like to disallow. If you forbid img 16 | with the expectation of preventing images on your site, you'll be in for 17 | a nasty surprise when people start using the background-image 18 | CSS property. 19 |

20 | --# vim: et sw=4 sts=4 21 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.MaxImgLength.txt: -------------------------------------------------------------------------------- 1 | HTML.MaxImgLength 2 | TYPE: int/null 3 | DEFAULT: 1200 4 | VERSION: 3.1.1 5 | --DESCRIPTION-- 6 |

7 | This directive controls the maximum number of pixels in the width and 8 | height attributes in img tags. This is 9 | in place to prevent imagecrash attacks, disable with null at your own risk. 10 | This directive is similar to %CSS.MaxImgLength, and both should be 11 | concurrently edited, although there are 12 | subtle differences in the input format (the HTML max is an integer). 13 |

14 | --# vim: et sw=4 sts=4 15 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.Nofollow.txt: -------------------------------------------------------------------------------- 1 | HTML.Nofollow 2 | TYPE: bool 3 | VERSION: 4.3.0 4 | DEFAULT: FALSE 5 | --DESCRIPTION-- 6 | If enabled, nofollow rel attributes are added to all outgoing links. 7 | --# vim: et sw=4 sts=4 8 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.Parent.txt: -------------------------------------------------------------------------------- 1 | HTML.Parent 2 | TYPE: string 3 | VERSION: 1.3.0 4 | DEFAULT: 'div' 5 | --DESCRIPTION-- 6 | 7 |

8 | String name of element that HTML fragment passed to library will be 9 | inserted in. An interesting variation would be using span as the 10 | parent element, meaning that only inline tags would be allowed. 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.Proprietary.txt: -------------------------------------------------------------------------------- 1 | HTML.Proprietary 2 | TYPE: bool 3 | VERSION: 3.1.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | Whether or not to allow proprietary elements and attributes in your 8 | documents, as per HTMLPurifier_HTMLModule_Proprietary. 9 | Warning: This can cause your documents to stop 10 | validating! 11 |

12 | --# vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.SafeEmbed.txt: -------------------------------------------------------------------------------- 1 | HTML.SafeEmbed 2 | TYPE: bool 3 | VERSION: 3.1.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | Whether or not to permit embed tags in documents, with a number of extra 8 | security features added to prevent script execution. This is similar to 9 | what websites like MySpace do to embed tags. Embed is a proprietary 10 | element and will cause your website to stop validating; you should 11 | see if you can use %Output.FlashCompat with %HTML.SafeObject instead 12 | first.

13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.SafeIframe.txt: -------------------------------------------------------------------------------- 1 | HTML.SafeIframe 2 | TYPE: bool 3 | VERSION: 4.4.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | Whether or not to permit iframe tags in untrusted documents. This 8 | directive must be accompanied by a whitelist of permitted iframes, 9 | such as %URI.SafeIframeRegexp, otherwise it will fatally error. 10 | This directive has no effect on strict doctypes, as iframes are not 11 | valid. 12 |

13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.SafeObject.txt: -------------------------------------------------------------------------------- 1 | HTML.SafeObject 2 | TYPE: bool 3 | VERSION: 3.1.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | Whether or not to permit object tags in documents, with a number of extra 8 | security features added to prevent script execution. This is similar to 9 | what websites like MySpace do to object tags. You should also enable 10 | %Output.FlashCompat in order to generate Internet Explorer 11 | compatibility code for your object tags. 12 |

13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.SafeScripting.txt: -------------------------------------------------------------------------------- 1 | HTML.SafeScripting 2 | TYPE: lookup 3 | VERSION: 4.5.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 |

7 | Whether or not to permit script tags to external scripts in documents. 8 | Inline scripting is not allowed, and the script must match an explicit whitelist. 9 |

10 | --# vim: et sw=4 sts=4 11 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.Strict.txt: -------------------------------------------------------------------------------- 1 | HTML.Strict 2 | TYPE: bool 3 | VERSION: 1.3.0 4 | DEFAULT: false 5 | DEPRECATED-VERSION: 1.7.0 6 | DEPRECATED-USE: HTML.Doctype 7 | --DESCRIPTION-- 8 | Determines whether or not to use Transitional (loose) or Strict rulesets. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.TargetBlank.txt: -------------------------------------------------------------------------------- 1 | HTML.TargetBlank 2 | TYPE: bool 3 | VERSION: 4.4.0 4 | DEFAULT: FALSE 5 | --DESCRIPTION-- 6 | If enabled, target=blank attributes are added to all outgoing links. 7 | (This includes links from an HTTPS version of a page to an HTTP version.) 8 | --# vim: et sw=4 sts=4 9 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.TidyAdd.txt: -------------------------------------------------------------------------------- 1 | HTML.TidyAdd 2 | TYPE: lookup 3 | VERSION: 2.0.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 | 7 | Fixes to add to the default set of Tidy fixes as per your level. 8 | --# vim: et sw=4 sts=4 9 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.TidyLevel.txt: -------------------------------------------------------------------------------- 1 | HTML.TidyLevel 2 | TYPE: string 3 | VERSION: 2.0.0 4 | DEFAULT: 'medium' 5 | --DESCRIPTION-- 6 | 7 |

General level of cleanliness the Tidy module should enforce. 8 | There are four allowed values:

9 |
10 |
none
11 |
No extra tidying should be done
12 |
light
13 |
Only fix elements that would be discarded otherwise due to 14 | lack of support in doctype
15 |
medium
16 |
Enforce best practices
17 |
heavy
18 |
Transform all deprecated elements and attributes to standards 19 | compliant equivalents
20 |
21 | 22 | --ALLOWED-- 23 | 'none', 'light', 'medium', 'heavy' 24 | --# vim: et sw=4 sts=4 25 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.TidyRemove.txt: -------------------------------------------------------------------------------- 1 | HTML.TidyRemove 2 | TYPE: lookup 3 | VERSION: 2.0.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 | 7 | Fixes to remove from the default set of Tidy fixes as per your level. 8 | --# vim: et sw=4 sts=4 9 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.Trusted.txt: -------------------------------------------------------------------------------- 1 | HTML.Trusted 2 | TYPE: bool 3 | VERSION: 2.0.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | Indicates whether or not the user input is trusted or not. If the input is 7 | trusted, a more expansive set of allowed tags and attributes will be used. 8 | See also %CSS.Trusted. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/HTML.XHTML.txt: -------------------------------------------------------------------------------- 1 | HTML.XHTML 2 | TYPE: bool 3 | DEFAULT: true 4 | VERSION: 1.1.0 5 | DEPRECATED-VERSION: 1.7.0 6 | DEPRECATED-USE: HTML.Doctype 7 | --DESCRIPTION-- 8 | Determines whether or not output is XHTML 1.0 or HTML 4.01 flavor. 9 | --ALIASES-- 10 | Core.XHTML 11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Output.CommentScriptContents.txt: -------------------------------------------------------------------------------- 1 | Output.CommentScriptContents 2 | TYPE: bool 3 | VERSION: 2.0.0 4 | DEFAULT: true 5 | --DESCRIPTION-- 6 | Determines whether or not HTML Purifier should attempt to fix up the 7 | contents of script tags for legacy browsers with comments. 8 | --ALIASES-- 9 | Core.CommentScriptContents 10 | --# vim: et sw=4 sts=4 11 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Output.FixInnerHTML.txt: -------------------------------------------------------------------------------- 1 | Output.FixInnerHTML 2 | TYPE: bool 3 | VERSION: 4.3.0 4 | DEFAULT: true 5 | --DESCRIPTION-- 6 |

7 | If true, HTML Purifier will protect against Internet Explorer's 8 | mishandling of the innerHTML attribute by appending 9 | a space to any attribute that does not contain angled brackets, spaces 10 | or quotes, but contains a backtick. This slightly changes the 11 | semantics of any given attribute, so if this is unacceptable and 12 | you do not use innerHTML on any of your pages, you can 13 | turn this directive off. 14 |

15 | --# vim: et sw=4 sts=4 16 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Output.FlashCompat.txt: -------------------------------------------------------------------------------- 1 | Output.FlashCompat 2 | TYPE: bool 3 | VERSION: 4.1.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | If true, HTML Purifier will generate Internet Explorer compatibility 8 | code for all object code. This is highly recommended if you enable 9 | %HTML.SafeObject. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Output.Newline.txt: -------------------------------------------------------------------------------- 1 | Output.Newline 2 | TYPE: string/null 3 | VERSION: 2.0.1 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | Newline string to format final output with. If left null, HTML Purifier 9 | will auto-detect the default newline type of the system and use that; 10 | you can manually override it here. Remember, \r\n is Windows, \r 11 | is Mac, and \n is Unix. 12 |

13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Output.SortAttr.txt: -------------------------------------------------------------------------------- 1 | Output.SortAttr 2 | TYPE: bool 3 | VERSION: 3.2.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | If true, HTML Purifier will sort attributes by name before writing them back 8 | to the document, converting a tag like: <el b="" a="" c="" /> 9 | to <el a="" b="" c="" />. This is a workaround for 10 | a bug in FCKeditor which causes it to swap attributes order, adding noise 11 | to text diffs. If you're not seeing this bug, chances are, you don't need 12 | this directive. 13 |

14 | --# vim: et sw=4 sts=4 15 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Output.TidyFormat.txt: -------------------------------------------------------------------------------- 1 | Output.TidyFormat 2 | TYPE: bool 3 | VERSION: 1.1.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | Determines whether or not to run Tidy on the final output for pretty 8 | formatting reasons, such as indentation and wrap. 9 |

10 |

11 | This can greatly improve readability for editors who are hand-editing 12 | the HTML, but is by no means necessary as HTML Purifier has already 13 | fixed all major errors the HTML may have had. Tidy is a non-default 14 | extension, and this directive will silently fail if Tidy is not 15 | available. 16 |

17 |

18 | If you are looking to make the overall look of your page's source 19 | better, I recommend running Tidy on the entire page rather than just 20 | user-content (after all, the indentation relative to the containing 21 | blocks will be incorrect). 22 |

23 | --ALIASES-- 24 | Core.TidyFormat 25 | --# vim: et sw=4 sts=4 26 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/Test.ForceNoIconv.txt: -------------------------------------------------------------------------------- 1 | Test.ForceNoIconv 2 | TYPE: bool 3 | DEFAULT: false 4 | --DESCRIPTION-- 5 | When set to true, HTMLPurifier_Encoder will act as if iconv does not exist 6 | and use only pure PHP implementations. 7 | --# vim: et sw=4 sts=4 8 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.AllowedSchemes.txt: -------------------------------------------------------------------------------- 1 | URI.AllowedSchemes 2 | TYPE: lookup 3 | --DEFAULT-- 4 | array ( 5 | 'http' => true, 6 | 'https' => true, 7 | 'mailto' => true, 8 | 'ftp' => true, 9 | 'nntp' => true, 10 | 'news' => true, 11 | ) 12 | --DESCRIPTION-- 13 | Whitelist that defines the schemes that a URI is allowed to have. This 14 | prevents XSS attacks from using pseudo-schemes like javascript or mocha. 15 | There is also support for the data and file 16 | URI schemes, but they are not enabled by default. 17 | --# vim: et sw=4 sts=4 18 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.Base.txt: -------------------------------------------------------------------------------- 1 | URI.Base 2 | TYPE: string/null 3 | VERSION: 2.1.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | The base URI is the URI of the document this purified HTML will be 9 | inserted into. This information is important if HTML Purifier needs 10 | to calculate absolute URIs from relative URIs, such as when %URI.MakeAbsolute 11 | is on. You may use a non-absolute URI for this value, but behavior 12 | may vary (%URI.MakeAbsolute deals nicely with both absolute and 13 | relative paths, but forwards-compatibility is not guaranteed). 14 | Warning: If set, the scheme on this URI 15 | overrides the one specified by %URI.DefaultScheme. 16 |

17 | --# vim: et sw=4 sts=4 18 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.DefaultScheme.txt: -------------------------------------------------------------------------------- 1 | URI.DefaultScheme 2 | TYPE: string 3 | DEFAULT: 'http' 4 | --DESCRIPTION-- 5 | 6 |

7 | Defines through what scheme the output will be served, in order to 8 | select the proper object validator when no scheme information is present. 9 |

10 | --# vim: et sw=4 sts=4 11 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.DefinitionID.txt: -------------------------------------------------------------------------------- 1 | URI.DefinitionID 2 | TYPE: string/null 3 | VERSION: 2.1.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | Unique identifier for a custom-built URI definition. If you want 9 | to add custom URIFilters, you must specify this value. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.DefinitionRev.txt: -------------------------------------------------------------------------------- 1 | URI.DefinitionRev 2 | TYPE: int 3 | VERSION: 2.1.0 4 | DEFAULT: 1 5 | --DESCRIPTION-- 6 | 7 |

8 | Revision identifier for your custom definition. See 9 | %HTML.DefinitionRev for details. 10 |

11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.Disable.txt: -------------------------------------------------------------------------------- 1 | URI.Disable 2 | TYPE: bool 3 | VERSION: 1.3.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | 7 |

8 | Disables all URIs in all forms. Not sure why you'd want to do that 9 | (after all, the Internet's founded on the notion of a hyperlink). 10 |

11 | 12 | --ALIASES-- 13 | Attr.DisableURI 14 | --# vim: et sw=4 sts=4 15 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.DisableExternal.txt: -------------------------------------------------------------------------------- 1 | URI.DisableExternal 2 | TYPE: bool 3 | VERSION: 1.2.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | Disables links to external websites. This is a highly effective anti-spam 7 | and anti-pagerank-leech measure, but comes at a hefty price: nolinks or 8 | images outside of your domain will be allowed. Non-linkified URIs will 9 | still be preserved. If you want to be able to link to subdomains or use 10 | absolute URIs, specify %URI.Host for your website. 11 | --# vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.DisableExternalResources.txt: -------------------------------------------------------------------------------- 1 | URI.DisableExternalResources 2 | TYPE: bool 3 | VERSION: 1.3.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | Disables the embedding of external resources, preventing users from 7 | embedding things like images from other hosts. This prevents access 8 | tracking (good for email viewers), bandwidth leeching, cross-site request 9 | forging, goatse.cx posting, and other nasties, but also results in a loss 10 | of end-user functionality (they can't directly post a pic they posted from 11 | Flickr anymore). Use it if you don't have a robust user-content moderation 12 | team. 13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.DisableResources.txt: -------------------------------------------------------------------------------- 1 | URI.DisableResources 2 | TYPE: bool 3 | VERSION: 4.2.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | Disables embedding resources, essentially meaning no pictures. You can 8 | still link to them though. See %URI.DisableExternalResources for why 9 | this might be a good idea. 10 |

11 |

12 | Note: While this directive has been available since 1.3.0, 13 | it didn't actually start doing anything until 4.2.0. 14 |

15 | --# vim: et sw=4 sts=4 16 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.Host.txt: -------------------------------------------------------------------------------- 1 | URI.Host 2 | TYPE: string/null 3 | VERSION: 1.2.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | Defines the domain name of the server, so we can determine whether or 9 | an absolute URI is from your website or not. Not strictly necessary, 10 | as users should be using relative URIs to reference resources on your 11 | website. It will, however, let you use absolute URIs to link to 12 | subdomains of the domain you post here: i.e. example.com will allow 13 | sub.example.com. However, higher up domains will still be excluded: 14 | if you set %URI.Host to sub.example.com, example.com will be blocked. 15 | Note: This directive overrides %URI.Base because 16 | a given page may be on a sub-domain, but you wish HTML Purifier to be 17 | more relaxed and allow some of the parent domains too. 18 |

19 | --# vim: et sw=4 sts=4 20 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.HostBlacklist.txt: -------------------------------------------------------------------------------- 1 | URI.HostBlacklist 2 | TYPE: list 3 | VERSION: 1.3.0 4 | DEFAULT: array() 5 | --DESCRIPTION-- 6 | List of strings that are forbidden in the host of any URI. Use it to kill 7 | domain names of spam, etc. Note that it will catch anything in the domain, 8 | so moo.com will catch moo.com.example.com. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.MakeAbsolute.txt: -------------------------------------------------------------------------------- 1 | URI.MakeAbsolute 2 | TYPE: bool 3 | VERSION: 2.1.0 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 | 7 |

8 | Converts all URIs into absolute forms. This is useful when the HTML 9 | being filtered assumes a specific base path, but will actually be 10 | viewed in a different context (and setting an alternate base URI is 11 | not possible). %URI.Base must be set for this directive to work. 12 |

13 | --# vim: et sw=4 sts=4 14 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.Munge.txt: -------------------------------------------------------------------------------- 1 | URI.Munge 2 | TYPE: string/null 3 | VERSION: 1.3.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 | 7 |

8 | Munges all browsable (usually http, https and ftp) 9 | absolute URIs into another URI, usually a URI redirection service. 10 | This directive accepts a URI, formatted with a %s where 11 | the url-encoded original URI should be inserted (sample: 12 | http://www.google.com/url?q=%s). 13 |

14 |

15 | Uses for this directive: 16 |

17 |
    18 |
  • 19 | Prevent PageRank leaks, while being fairly transparent 20 | to users (you may also want to add some client side JavaScript to 21 | override the text in the statusbar). Notice: 22 | Many security experts believe that this form of protection does not deter spam-bots. 23 |
    • 24 |
  • 25 | Redirect users to a splash page telling them they are leaving your 26 | website. While this is poor usability practice, it is often mandated 27 | in corporate environments. 28 |
    • 29 |
30 |

31 | Prior to HTML Purifier 3.1.1, this directive also enabled the munging 32 | of browsable external resources, which could break things if your redirection 33 | script was a splash page or used meta tags. To revert to 34 | previous behavior, please use %URI.MungeResources. 35 |

36 |

37 | You may want to also use %URI.MungeSecretKey along with this directive 38 | in order to enforce what URIs your redirector script allows. Open 39 | redirector scripts can be a security risk and negatively affect the 40 | reputation of your domain name. 41 |

42 |

43 | Starting with HTML Purifier 3.1.1, there is also these substitutions: 44 |

45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 |
KeyDescriptionExample <a href="">
%r1 - The URI embeds a resource
(blank) - The URI is merely a link
%nThe name of the tag this URI came froma
%mThe name of the attribute this URI came fromhref
%pThe name of the CSS property this URI came from, or blank if irrelevant
76 |

77 | Admittedly, these letters are somewhat arbitrary; the only stipulation 78 | was that they couldn't be a through f. r is for resource (I would have preferred 79 | e, but you take what you can get), n is for name, m 80 | was picked because it came after n (and I couldn't use a), p is for 81 | property. 82 |

83 | --# vim: et sw=4 sts=4 84 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.MungeResources.txt: -------------------------------------------------------------------------------- 1 | URI.MungeResources 2 | TYPE: bool 3 | VERSION: 3.1.1 4 | DEFAULT: false 5 | --DESCRIPTION-- 6 |

7 | If true, any URI munging directives like %URI.Munge 8 | will also apply to embedded resources, such as <img src="">. 9 | Be careful enabling this directive if you have a redirector script 10 | that does not use the Location HTTP header; all of your images 11 | and other embedded resources will break. 12 |

13 |

14 | Warning: It is strongly advised you use this in conjunction 15 | %URI.MungeSecretKey to mitigate the security risk of an open redirector. 16 |

17 | --# vim: et sw=4 sts=4 18 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.MungeSecretKey.txt: -------------------------------------------------------------------------------- 1 | URI.MungeSecretKey 2 | TYPE: string/null 3 | VERSION: 3.1.1 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 |

7 | This directive enables secure checksum generation along with %URI.Munge. 8 | It should be set to a secure key that is not shared with anyone else. 9 | The checksum can be placed in the URI using %t. Use of this checksum 10 | affords an additional level of protection by allowing a redirector 11 | to check if a URI has passed through HTML Purifier with this line: 12 |

13 | 14 | 
$checksum === hash_hmac("sha256", $url, $secret_key)
15 | 16 |

17 | If the output is TRUE, the redirector script should accept the URI. 18 |

19 | 20 |

21 | Please note that it would still be possible for an attacker to procure 22 | secure hashes en-mass by abusing your website's Preview feature or the 23 | like, but this service affords an additional level of protection 24 | that should be combined with website blacklisting. 25 |

26 | 27 |

28 | Remember this has no effect if %URI.Munge is not on. 29 |

30 | --# vim: et sw=4 sts=4 31 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.OverrideAllowedSchemes.txt: -------------------------------------------------------------------------------- 1 | URI.OverrideAllowedSchemes 2 | TYPE: bool 3 | DEFAULT: true 4 | --DESCRIPTION-- 5 | If this is set to true (which it is by default), you can override 6 | %URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme to the 7 | registry. If false, you will also have to update that directive in order 8 | to add more schemes. 9 | --# vim: et sw=4 sts=4 10 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/URI.SafeIframeRegexp.txt: -------------------------------------------------------------------------------- 1 | URI.SafeIframeRegexp 2 | TYPE: string/null 3 | VERSION: 4.4.0 4 | DEFAULT: NULL 5 | --DESCRIPTION-- 6 |

7 | A PCRE regular expression that will be matched against an iframe URI. This is 8 | a relatively inflexible scheme, but works well enough for the most common 9 | use-case of iframes: embedded video. This directive only has an effect if 10 | %HTML.SafeIframe is enabled. Here are some example values: 11 |

12 |
    13 |
  • %^http://www.youtube.com/embed/% - Allow YouTube videos
    • 14 |
  • %^http://player.vimeo.com/video/% - Allow Vimeo videos
    • 15 |
  • %^http://(www.youtube.com/embed/|player.vimeo.com/video/)% - Allow both
    • 16 |
17 |

18 | Note that this directive does not give you enough granularity to, say, disable 19 | all autoplay videos. Pipe up on the HTML Purifier forums if this 20 | is a capability you want. 21 |

22 | --# vim: et sw=4 sts=4 23 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/ConfigSchema/schema/info.ini: -------------------------------------------------------------------------------- 1 | name = "HTML Purifier" 2 | 3 | ; vim: et sw=4 sts=4 4 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/DefinitionCache/Serializer/URI/4.6.0,8d03c8ec0e84e7feb92afd4c0f1735841b5fdacf,1.ser: -------------------------------------------------------------------------------- 1 | O:26:"HTMLPurifier_URIDefinition":8:{s:4:"type";s:3:"URI";s:10:"*filters";a:2:{s:13:"HostBlacklist";O:36:"HTMLPurifier_URIFilter_HostBlacklist":4:{s:4:"name";s:13:"HostBlacklist";s:12:"*blacklist";a:0:{}s:4:"post";b:0;s:11:"always_load";b:0;}s:10:"SafeIframe";O:33:"HTMLPurifier_URIFilter_SafeIframe":4:{s:4:"name";s:10:"SafeIframe";s:11:"always_load";b:1;s:9:"*regexp";N;s:4:"post";b:0;}}s:14:"*postFilters";a:0:{}s:4:"base";N;s:4:"host";N;s:13:"defaultScheme";s:4:"http";s:5:"setup";b:1;s:9:"optimized";N;} -------------------------------------------------------------------------------- /classes/HTMLPurifier/EntityLookup/entities.ser: -------------------------------------------------------------------------------- 1 | a:253:{s:4:"fnof";s:2:"ƒ";s:5:"Alpha";s:2:"Α";s:4:"Beta";s:2:"Β";s:5:"Gamma";s:2:"Γ";s:5:"Delta";s:2:"Δ";s:7:"Epsilon";s:2:"Ε";s:4:"Zeta";s:2:"Ζ";s:3:"Eta";s:2:"Η";s:5:"Theta";s:2:"Θ";s:4:"Iota";s:2:"Ι";s:5:"Kappa";s:2:"Κ";s:6:"Lambda";s:2:"Λ";s:2:"Mu";s:2:"Μ";s:2:"Nu";s:2:"Ν";s:2:"Xi";s:2:"Ξ";s:7:"Omicron";s:2:"Ο";s:2:"Pi";s:2:"Π";s:3:"Rho";s:2:"Ρ";s:5:"Sigma";s:2:"Σ";s:3:"Tau";s:2:"Τ";s:7:"Upsilon";s:2:"Υ";s:3:"Phi";s:2:"Φ";s:3:"Chi";s:2:"Χ";s:3:"Psi";s:2:"Ψ";s:5:"Omega";s:2:"Ω";s:5:"alpha";s:2:"α";s:4:"beta";s:2:"β";s:5:"gamma";s:2:"γ";s:5:"delta";s:2:"δ";s:7:"epsilon";s:2:"ε";s:4:"zeta";s:2:"ζ";s:3:"eta";s:2:"η";s:5:"theta";s:2:"θ";s:4:"iota";s:2:"ι";s:5:"kappa";s:2:"κ";s:6:"lambda";s:2:"λ";s:2:"mu";s:2:"μ";s:2:"nu";s:2:"ν";s:2:"xi";s:2:"ξ";s:7:"omicron";s:2:"ο";s:2:"pi";s:2:"π";s:3:"rho";s:2:"ρ";s:6:"sigmaf";s:2:"ς";s:5:"sigma";s:2:"σ";s:3:"tau";s:2:"τ";s:7:"upsilon";s:2:"υ";s:3:"phi";s:2:"φ";s:3:"chi";s:2:"χ";s:3:"psi";s:2:"ψ";s:5:"omega";s:2:"ω";s:8:"thetasym";s:2:"ϑ";s:5:"upsih";s:2:"ϒ";s:3:"piv";s:2:"ϖ";s:4:"bull";s:3:"•";s:6:"hellip";s:3:"…";s:5:"prime";s:3:"′";s:5:"Prime";s:3:"″";s:5:"oline";s:3:"‾";s:5:"frasl";s:3:"⁄";s:6:"weierp";s:3:"℘";s:5:"image";s:3:"ℑ";s:4:"real";s:3:"ℜ";s:5:"trade";s:3:"™";s:7:"alefsym";s:3:"ℵ";s:4:"larr";s:3:"←";s:4:"uarr";s:3:"↑";s:4:"rarr";s:3:"→";s:4:"darr";s:3:"↓";s:4:"harr";s:3:"↔";s:5:"crarr";s:3:"↵";s:4:"lArr";s:3:"⇐";s:4:"uArr";s:3:"⇑";s:4:"rArr";s:3:"⇒";s:4:"dArr";s:3:"⇓";s:4:"hArr";s:3:"⇔";s:6:"forall";s:3:"∀";s:4:"part";s:3:"∂";s:5:"exist";s:3:"∃";s:5:"empty";s:3:"∅";s:5:"nabla";s:3:"∇";s:4:"isin";s:3:"∈";s:5:"notin";s:3:"∉";s:2:"ni";s:3:"∋";s:4:"prod";s:3:"∏";s:3:"sum";s:3:"∑";s:5:"minus";s:3:"−";s:6:"lowast";s:3:"∗";s:5:"radic";s:3:"√";s:4:"prop";s:3:"∝";s:5:"infin";s:3:"∞";s:3:"ang";s:3:"∠";s:3:"and";s:3:"∧";s:2:"or";s:3:"∨";s:3:"cap";s:3:"∩";s:3:"cup";s:3:"∪";s:3:"int";s:3:"∫";s:6:"there4";s:3:"∴";s:3:"sim";s:3:"∼";s:4:"cong";s:3:"≅";s:5:"asymp";s:3:"≈";s:2:"ne";s:3:"≠";s:5:"equiv";s:3:"≡";s:2:"le";s:3:"≤";s:2:"ge";s:3:"≥";s:3:"sub";s:3:"⊂";s:3:"sup";s:3:"⊃";s:4:"nsub";s:3:"⊄";s:4:"sube";s:3:"⊆";s:4:"supe";s:3:"⊇";s:5:"oplus";s:3:"⊕";s:6:"otimes";s:3:"⊗";s:4:"perp";s:3:"⊥";s:4:"sdot";s:3:"⋅";s:5:"lceil";s:3:"⌈";s:5:"rceil";s:3:"⌉";s:6:"lfloor";s:3:"⌊";s:6:"rfloor";s:3:"⌋";s:4:"lang";s:3:"〈";s:4:"rang";s:3:"〉";s:3:"loz";s:3:"◊";s:6:"spades";s:3:"♠";s:5:"clubs";s:3:"♣";s:6:"hearts";s:3:"♥";s:5:"diams";s:3:"♦";s:4:"quot";s:1:""";s:3:"amp";s:1:"&";s:2:"lt";s:1:"<";s:2:"gt";s:1:">";s:4:"apos";s:1:"'";s:5:"OElig";s:2:"Œ";s:5:"oelig";s:2:"œ";s:6:"Scaron";s:2:"Š";s:6:"scaron";s:2:"š";s:4:"Yuml";s:2:"Ÿ";s:4:"circ";s:2:"ˆ";s:5:"tilde";s:2:"˜";s:4:"ensp";s:3:" ";s:4:"emsp";s:3:" ";s:6:"thinsp";s:3:" ";s:4:"zwnj";s:3:"‌";s:3:"zwj";s:3:"‍";s:3:"lrm";s:3:"‎";s:3:"rlm";s:3:"‏";s:5:"ndash";s:3:"–";s:5:"mdash";s:3:"—";s:5:"lsquo";s:3:"‘";s:5:"rsquo";s:3:"’";s:5:"sbquo";s:3:"‚";s:5:"ldquo";s:3:"“";s:5:"rdquo";s:3:"”";s:5:"bdquo";s:3:"„";s:6:"dagger";s:3:"†";s:6:"Dagger";s:3:"‡";s:6:"permil";s:3:"‰";s:6:"lsaquo";s:3:"‹";s:6:"rsaquo";s:3:"›";s:4:"euro";s:3:"€";s:4:"nbsp";s:2:" ";s:5:"iexcl";s:2:"¡";s:4:"cent";s:2:"¢";s:5:"pound";s:2:"£";s:6:"curren";s:2:"¤";s:3:"yen";s:2:"¥";s:6:"brvbar";s:2:"¦";s:4:"sect";s:2:"§";s:3:"uml";s:2:"¨";s:4:"copy";s:2:"©";s:4:"ordf";s:2:"ª";s:5:"laquo";s:2:"«";s:3:"not";s:2:"¬";s:3:"shy";s:2:"­";s:3:"reg";s:2:"®";s:4:"macr";s:2:"¯";s:3:"deg";s:2:"°";s:6:"plusmn";s:2:"±";s:4:"sup2";s:2:"²";s:4:"sup3";s:2:"³";s:5:"acute";s:2:"´";s:5:"micro";s:2:"µ";s:4:"para";s:2:"¶";s:6:"middot";s:2:"·";s:5:"cedil";s:2:"¸";s:4:"sup1";s:2:"¹";s:4:"ordm";s:2:"º";s:5:"raquo";s:2:"»";s:6:"frac14";s:2:"¼";s:6:"frac12";s:2:"½";s:6:"frac34";s:2:"¾";s:6:"iquest";s:2:"¿";s:6:"Agrave";s:2:"À";s:6:"Aacute";s:2:"Á";s:5:"Acirc";s:2:"Â";s:6:"Atilde";s:2:"Ã";s:4:"Auml";s:2:"Ä";s:5:"Aring";s:2:"Å";s:5:"AElig";s:2:"Æ";s:6:"Ccedil";s:2:"Ç";s:6:"Egrave";s:2:"È";s:6:"Eacute";s:2:"É";s:5:"Ecirc";s:2:"Ê";s:4:"Euml";s:2:"Ë";s:6:"Igrave";s:2:"Ì";s:6:"Iacute";s:2:"Í";s:5:"Icirc";s:2:"Î";s:4:"Iuml";s:2:"Ï";s:3:"ETH";s:2:"Ð";s:6:"Ntilde";s:2:"Ñ";s:6:"Ograve";s:2:"Ò";s:6:"Oacute";s:2:"Ó";s:5:"Ocirc";s:2:"Ô";s:6:"Otilde";s:2:"Õ";s:4:"Ouml";s:2:"Ö";s:5:"times";s:2:"×";s:6:"Oslash";s:2:"Ø";s:6:"Ugrave";s:2:"Ù";s:6:"Uacute";s:2:"Ú";s:5:"Ucirc";s:2:"Û";s:4:"Uuml";s:2:"Ü";s:6:"Yacute";s:2:"Ý";s:5:"THORN";s:2:"Þ";s:5:"szlig";s:2:"ß";s:6:"agrave";s:2:"à";s:6:"aacute";s:2:"á";s:5:"acirc";s:2:"â";s:6:"atilde";s:2:"ã";s:4:"auml";s:2:"ä";s:5:"aring";s:2:"å";s:5:"aelig";s:2:"æ";s:6:"ccedil";s:2:"ç";s:6:"egrave";s:2:"è";s:6:"eacute";s:2:"é";s:5:"ecirc";s:2:"ê";s:4:"euml";s:2:"ë";s:6:"igrave";s:2:"ì";s:6:"iacute";s:2:"í";s:5:"icirc";s:2:"î";s:4:"iuml";s:2:"ï";s:3:"eth";s:2:"ð";s:6:"ntilde";s:2:"ñ";s:6:"ograve";s:2:"ò";s:6:"oacute";s:2:"ó";s:5:"ocirc";s:2:"ô";s:6:"otilde";s:2:"õ";s:4:"ouml";s:2:"ö";s:6:"divide";s:2:"÷";s:6:"oslash";s:2:"ø";s:6:"ugrave";s:2:"ù";s:6:"uacute";s:2:"ú";s:5:"ucirc";s:2:"û";s:4:"uuml";s:2:"ü";s:6:"yacute";s:2:"ý";s:5:"thorn";s:2:"þ";s:4:"yuml";s:2:"ÿ";} -------------------------------------------------------------------------------- /classes/HTMLPurifier/Filter/YouTube.php: -------------------------------------------------------------------------------- 1 | ]+>.+?' . 20 | 'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?#s'; 21 | $pre_replace = '\1'; 22 | return preg_replace($pre_regex, $pre_replace, $html); 23 | } 24 | 25 | /** 26 | * @param string $html 27 | * @param HTMLPurifier_Config $config 28 | * @param HTMLPurifier_Context $context 29 | * @return string 30 | */ 31 | public function postFilter($html, $config, $context) 32 | { 33 | $post_regex = '#((?:v|cp)/[A-Za-z0-9\-_=]+)#'; 34 | return preg_replace_callback($post_regex, array($this, 'postFilterCallback'), $html); 35 | } 36 | 37 | /** 38 | * @param $url 39 | * @return string 40 | */ 41 | protected function armorUrl($url) 42 | { 43 | return str_replace('--', '--', $url); 44 | } 45 | 46 | /** 47 | * @param array $matches 48 | * @return string 49 | */ 50 | protected function postFilterCallback($matches) 51 | { 52 | $url = $this->armorUrl($matches[1]); 53 | return '' . 55 | '' . 56 | '' . 61 | ''; 62 | } 63 | } 64 | 65 | // vim: et sw=4 sts=4 66 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/Language/classes/en-x-test.php: -------------------------------------------------------------------------------- 1 | 'HTML Purifier X' 9 | ); 10 | 11 | // vim: et sw=4 sts=4 12 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/Language/messages/en-x-testmini.php: -------------------------------------------------------------------------------- 1 | 'HTML Purifier XNone' 10 | ); 11 | 12 | // vim: et sw=4 sts=4 13 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/Language/messages/en.php: -------------------------------------------------------------------------------- 1 | 'HTML Purifier', 8 | // for unit testing purposes 9 | 'LanguageFactoryTest: Pizza' => 'Pizza', 10 | 'LanguageTest: List' => '$1', 11 | 'LanguageTest: Hash' => '$1.Keys; $1.Values', 12 | 'Item separator' => ', ', 13 | 'Item separator last' => ' and ', // non-Harvard style 14 | 15 | 'ErrorCollector: No errors' => 'No errors detected. However, because error reporting is still incomplete, there may have been errors that the error collector was not notified of; please inspect the output HTML carefully.', 16 | 'ErrorCollector: At line' => ' at line $line', 17 | 'ErrorCollector: Incidental errors' => 'Incidental errors', 18 | 'Lexer: Unclosed comment' => 'Unclosed comment', 19 | 'Lexer: Unescaped lt' => 'Unescaped less-than sign (<) should be <', 20 | 'Lexer: Missing gt' => 'Missing greater-than sign (>), previous less-than sign (<) should be escaped', 21 | 'Lexer: Missing attribute key' => 'Attribute declaration has no key', 22 | 'Lexer: Missing end quote' => 'Attribute declaration has no end quote', 23 | 'Lexer: Extracted body' => 'Removed document metadata tags', 24 | 'Strategy_RemoveForeignElements: Tag transform' => '<$1> element transformed into $CurrentToken.Serialized', 25 | 'Strategy_RemoveForeignElements: Missing required attribute' => '$CurrentToken.Compact element missing required attribute $1', 26 | 'Strategy_RemoveForeignElements: Foreign element to text' => 'Unrecognized $CurrentToken.Serialized tag converted to text', 27 | 'Strategy_RemoveForeignElements: Foreign element removed' => 'Unrecognized $CurrentToken.Serialized tag removed', 28 | 'Strategy_RemoveForeignElements: Comment removed' => 'Comment containing "$CurrentToken.Data" removed', 29 | 'Strategy_RemoveForeignElements: Foreign meta element removed' => 'Unrecognized $CurrentToken.Serialized meta tag and all descendants removed', 30 | 'Strategy_RemoveForeignElements: Token removed to end' => 'Tags and text starting from $1 element where removed to end', 31 | 'Strategy_RemoveForeignElements: Trailing hyphen in comment removed' => 'Trailing hyphen(s) in comment removed', 32 | 'Strategy_RemoveForeignElements: Hyphens in comment collapsed' => 'Double hyphens in comments are not allowed, and were collapsed into single hyphens', 33 | 'Strategy_MakeWellFormed: Unnecessary end tag removed' => 'Unnecessary $CurrentToken.Serialized tag removed', 34 | 'Strategy_MakeWellFormed: Unnecessary end tag to text' => 'Unnecessary $CurrentToken.Serialized tag converted to text', 35 | 'Strategy_MakeWellFormed: Tag auto closed' => '$1.Compact started on line $1.Line auto-closed by $CurrentToken.Compact', 36 | 'Strategy_MakeWellFormed: Tag carryover' => '$1.Compact started on line $1.Line auto-continued into $CurrentToken.Compact', 37 | 'Strategy_MakeWellFormed: Stray end tag removed' => 'Stray $CurrentToken.Serialized tag removed', 38 | 'Strategy_MakeWellFormed: Stray end tag to text' => 'Stray $CurrentToken.Serialized tag converted to text', 39 | 'Strategy_MakeWellFormed: Tag closed by element end' => '$1.Compact tag started on line $1.Line closed by end of $CurrentToken.Serialized', 40 | 'Strategy_MakeWellFormed: Tag closed by document end' => '$1.Compact tag started on line $1.Line closed by end of document', 41 | 'Strategy_FixNesting: Node removed' => '$CurrentToken.Compact node removed', 42 | 'Strategy_FixNesting: Node excluded' => '$CurrentToken.Compact node removed due to descendant exclusion by ancestor element', 43 | 'Strategy_FixNesting: Node reorganized' => 'Contents of $CurrentToken.Compact node reorganized to enforce its content model', 44 | 'Strategy_FixNesting: Node contents removed' => 'Contents of $CurrentToken.Compact node removed', 45 | 'AttrValidator: Attributes transformed' => 'Attributes on $CurrentToken.Compact transformed from $1.Keys to $2.Keys', 46 | 'AttrValidator: Attribute removed' => '$CurrentAttr.Name attribute on $CurrentToken.Compact removed', 47 | ); 48 | 49 | $errorNames = array( 50 | E_ERROR => 'Error', 51 | E_WARNING => 'Warning', 52 | E_NOTICE => 'Notice' 53 | ); 54 | 55 | // vim: et sw=4 sts=4 56 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/Printer.php: -------------------------------------------------------------------------------- 1 | getAll(); 35 | $context = new HTMLPurifier_Context(); 36 | $this->generator = new HTMLPurifier_Generator($config, $context); 37 | } 38 | 39 | /** 40 | * Main function that renders object or aspect of that object 41 | * @note Parameters vary depending on printer 42 | */ 43 | // function render() {} 44 | 45 | /** 46 | * Returns a start tag 47 | * @param string $tag Tag name 48 | * @param array $attr Attribute array 49 | * @return string 50 | */ 51 | protected function start($tag, $attr = array()) 52 | { 53 | return $this->generator->generateFromToken( 54 | new HTMLPurifier_Token_Start($tag, $attr ? $attr : array()) 55 | ); 56 | } 57 | 58 | /** 59 | * Returns an end tag 60 | * @param string $tag Tag name 61 | * @return string 62 | */ 63 | protected function end($tag) 64 | { 65 | return $this->generator->generateFromToken( 66 | new HTMLPurifier_Token_End($tag) 67 | ); 68 | } 69 | 70 | /** 71 | * Prints a complete element with content inside 72 | * @param string $tag Tag name 73 | * @param string $contents Element contents 74 | * @param array $attr Tag attributes 75 | * @param bool $escape whether or not to escape contents 76 | * @return string 77 | */ 78 | protected function element($tag, $contents, $attr = array(), $escape = true) 79 | { 80 | return $this->start($tag, $attr) . 81 | ($escape ? $this->escape($contents) : $contents) . 82 | $this->end($tag); 83 | } 84 | 85 | /** 86 | * @param string $tag 87 | * @param array $attr 88 | * @return string 89 | */ 90 | protected function elementEmpty($tag, $attr = array()) 91 | { 92 | return $this->generator->generateFromToken( 93 | new HTMLPurifier_Token_Empty($tag, $attr) 94 | ); 95 | } 96 | 97 | /** 98 | * @param string $text 99 | * @return string 100 | */ 101 | protected function text($text) 102 | { 103 | return $this->generator->generateFromToken( 104 | new HTMLPurifier_Token_Text($text) 105 | ); 106 | } 107 | 108 | /** 109 | * Prints a simple key/value row in a table. 110 | * @param string $name Key 111 | * @param mixed $value Value 112 | * @return string 113 | */ 114 | protected function row($name, $value) 115 | { 116 | if (is_bool($value)) { 117 | $value = $value ? 'On' : 'Off'; 118 | } 119 | return 120 | $this->start('tr') . "\n" . 121 | $this->element('th', $name) . "\n" . 122 | $this->element('td', $value) . "\n" . 123 | $this->end('tr'); 124 | } 125 | 126 | /** 127 | * Escapes a string for HTML output. 128 | * @param string $string String to escape 129 | * @return string 130 | */ 131 | protected function escape($string) 132 | { 133 | $string = HTMLPurifier_Encoder::cleanUTF8($string); 134 | $string = htmlspecialchars($string, ENT_COMPAT, 'UTF-8'); 135 | return $string; 136 | } 137 | 138 | /** 139 | * Takes a list of strings and turns them into a single list 140 | * @param string[] $array List of strings 141 | * @param bool $polite Bool whether or not to add an end before the last 142 | * @return string 143 | */ 144 | protected function listify($array, $polite = false) 145 | { 146 | if (empty($array)) { 147 | return 'None'; 148 | } 149 | $ret = ''; 150 | $i = count($array); 151 | foreach ($array as $value) { 152 | $i--; 153 | $ret .= $value; 154 | if ($i > 0 && !($polite && $i == 1)) { 155 | $ret .= ', '; 156 | } 157 | if ($polite && $i == 1) { 158 | $ret .= 'and '; 159 | } 160 | } 161 | return $ret; 162 | } 163 | 164 | /** 165 | * Retrieves the class of an object without prefixes, as well as metadata 166 | * @param object $obj Object to determine class of 167 | * @param string $sec_prefix Further prefix to remove 168 | * @return string 169 | */ 170 | protected function getClass($obj, $sec_prefix = '') 171 | { 172 | static $five = null; 173 | if ($five === null) { 174 | $five = version_compare(PHP_VERSION, '5', '>='); 175 | } 176 | $prefix = 'HTMLPurifier_' . $sec_prefix; 177 | if (!$five) { 178 | $prefix = strtolower($prefix); 179 | } 180 | $class = str_replace($prefix, '', get_class($obj)); 181 | $lclass = strtolower($class); 182 | $class .= '('; 183 | switch ($lclass) { 184 | case 'enum': 185 | $values = array(); 186 | foreach ($obj->valid_values as $value => $bool) { 187 | $values[] = $value; 188 | } 189 | $class .= implode(', ', $values); 190 | break; 191 | case 'css_composite': 192 | $values = array(); 193 | foreach ($obj->defs as $def) { 194 | $values[] = $this->getClass($def, $sec_prefix); 195 | } 196 | $class .= implode(', ', $values); 197 | break; 198 | case 'css_multiple': 199 | $class .= $this->getClass($obj->single, $sec_prefix) . ', '; 200 | $class .= $obj->max; 201 | break; 202 | case 'css_denyelementdecorator': 203 | $class .= $this->getClass($obj->def, $sec_prefix) . ', '; 204 | $class .= $obj->element; 205 | break; 206 | case 'css_importantdecorator': 207 | $class .= $this->getClass($obj->def, $sec_prefix); 208 | if ($obj->allow) { 209 | $class .= ', !important'; 210 | } 211 | break; 212 | } 213 | $class .= ')'; 214 | return $class; 215 | } 216 | } 217 | 218 | // vim: et sw=4 sts=4 219 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/Printer/CSSDefinition.php: -------------------------------------------------------------------------------- 1 | def = $config->getCSSDefinition(); 17 | $ret = ''; 18 | 19 | $ret .= $this->start('div', array('class' => 'HTMLPurifier_Printer')); 20 | $ret .= $this->start('table'); 21 | 22 | $ret .= $this->element('caption', 'Properties ($info)'); 23 | 24 | $ret .= $this->start('thead'); 25 | $ret .= $this->start('tr'); 26 | $ret .= $this->element('th', 'Property', array('class' => 'heavy')); 27 | $ret .= $this->element('th', 'Definition', array('class' => 'heavy', 'style' => 'width:auto;')); 28 | $ret .= $this->end('tr'); 29 | $ret .= $this->end('thead'); 30 | 31 | ksort($this->def->info); 32 | foreach ($this->def->info as $property => $obj) { 33 | $name = $this->getClass($obj, 'AttrDef_'); 34 | $ret .= $this->row($property, $name); 35 | } 36 | 37 | $ret .= $this->end('table'); 38 | $ret .= $this->end('div'); 39 | 40 | return $ret; 41 | } 42 | } 43 | 44 | // vim: et sw=4 sts=4 45 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/Printer/ConfigForm.css: -------------------------------------------------------------------------------- 1 | 2 | .hp-config {} 3 | 4 | .hp-config tbody th {text-align:right; padding-right:0.5em;} 5 | .hp-config thead, .hp-config .namespace {background:#3C578C; color:#FFF;} 6 | .hp-config .namespace th {text-align:center;} 7 | .hp-config .verbose {display:none;} 8 | .hp-config .controls {text-align:center;} 9 | 10 | /* vim: et sw=4 sts=4 */ 11 | -------------------------------------------------------------------------------- /classes/HTMLPurifier/Printer/ConfigForm.js: -------------------------------------------------------------------------------- 1 | function toggleWriteability(id_of_patient, checked) { 2 | document.getElementById(id_of_patient).disabled = checked; 3 | } 4 | 5 | // vim: et sw=4 sts=4 6 | -------------------------------------------------------------------------------- /classes/Mail.class.php: -------------------------------------------------------------------------------- 1 | object = $object; 13 | $this->content = $content; 14 | $this->replace(array('%title%' => $config['title'])); 15 | if (getProject()) { 16 | if (onlyDefaultProject()) { 17 | $this->replace(array('%project%' => '')); 18 | } 19 | else { 20 | $this->replace(array('%project%' => getProject())); 21 | } 22 | } 23 | } 24 | 25 | public function replace($find) { 26 | foreach ($find as $k => $v) { 27 | $this->content = str_replace($k, $v, $this->content); 28 | $this->object = str_replace($k, $v, $this->object); 29 | } 30 | $this->personal_object = $this->object; 31 | $this->personal_content = $this->content; 32 | } 33 | 34 | public function replace_personal($find) { 35 | foreach ($find as $k => $v) { 36 | $this->personal_content = str_replace($k, $v, $this->content); 37 | $this->personal_object = str_replace($k, $v, $this->object); 38 | } 39 | } 40 | 41 | public function send($to) { 42 | global $config; 43 | if (!$config['email'] 44 | || !filter_var($to, FILTER_VALIDATE_EMAIL)) 45 | { return true; } 46 | 47 | $title = htmlspecialchars_decode($config['title']); 48 | $from = '=?UTF-8?B?'.base64_encode($title)."?="; 49 | 50 | $headers = 'From: '.$from.' <'.$config['email'].'>'."\n"; 51 | $headers .= 'MIME-Version: 1.0'."\n"; 52 | $headers .= 'Content-Type: text/plain; charset="UTF-8"'."\n"; 53 | $headers .= 'Content-Transfer-Encoding: 8bit'."\n"; 54 | $headers .= "\n"; 55 | 56 | $object = '=?UTF-8?B?'.base64_encode($this->personal_object).'?='; 57 | 58 | return mail($to, $object, $this->personal_content, $headers); 59 | } 60 | 61 | } 62 | 63 | ?> -------------------------------------------------------------------------------- /classes/Markdown.class.php: -------------------------------------------------------------------------------- 1 | $1', $text); 16 | return $text; 17 | } 18 | 19 | # Adds code blocks with ``` 20 | protected function doCodeBlocks($text) { 21 | $text = parent::doCodeBlocks($text); 22 | return $this->doFencedCodeBlocks($text); 23 | } 24 | 25 | protected function doFencedCodeBlocks($text) { 26 | $text = preg_replace_callback('{ 27 | (?:\n|\A) 28 | # 1: Opening marker 29 | ( 30 | (?:~{3,}|`{3,}) # 3 or more tildes/backticks. 31 | ) 32 | [ ]* 33 | (?: 34 | \.?([-_:a-zA-Z0-9]+) # 2: standalone class name 35 | )? 36 | [ ]* \n # Whitespace and newline following marker. 37 | # 4: Content 38 | ( 39 | (?> 40 | (?!\1 [ ]* \n) # Not a closing marker. 41 | .*\n+ 42 | )+ 43 | ) 44 | # Closing marker. 45 | \1 [ ]* (?= \n ) 46 | }xm', 47 | array($this, '_doFencedCodeBlocks_callback'), $text); 48 | return $text; 49 | } 50 | 51 | protected function _doFencedCodeBlocks_callback($matches) { 52 | $classname =& $matches[2]; 53 | $codeblock = $matches[3]; 54 | $codeblock = htmlspecialchars($codeblock, ENT_NOQUOTES); 55 | $codeblock = preg_replace_callback('/^\n+/', 56 | array($this, '_doFencedCodeBlocks_newlines'), $codeblock); 57 | $attr_str = ''; 58 | if ($classname != "" && in_array($classname, $this->languages)) { 59 | $attr_str = ' class="'.$classname.'"'; 60 | } 61 | $codeblock = "
$codeblock
"; 62 | return "\n\n".$this->hashBlock($codeblock)."\n\n"; 63 | } 64 | 65 | protected function _doFencedCodeBlocks_newlines($matches) { 66 | return str_repeat("empty_element_suffix", 67 | strlen($matches[0])); 68 | } 69 | 70 | } -------------------------------------------------------------------------------- /classes/Michelf/MarkdownInterface.class.php: -------------------------------------------------------------------------------- 1 | 8 | # 9 | # Original Markdown 10 | # Copyright (c) 2004-2006 John Gruber 11 | # 12 | # 13 | namespace Michelf; 14 | 15 | 16 | # 17 | # Markdown Parser Interface 18 | # 19 | 20 | interface MarkdownInterface { 21 | 22 | # 23 | # Initialize the parser and return the result of its transform method. 24 | # This will work fine for derived classes too. 25 | # 26 | public static function defaultTransform($text); 27 | 28 | # 29 | # Main function. Performs some preprocessing on the input text 30 | # and pass it through the document gamut. 31 | # 32 | public function transform($text); 33 | 34 | } 35 | -------------------------------------------------------------------------------- /classes/OrderFilter.class.php: -------------------------------------------------------------------------------- 1 | $b['time']) ? -1 : 1; 32 | } 33 | 34 | public static function filter_statuses($a) { 35 | return in_array($a['status'], self::$filter); 36 | } 37 | 38 | public static function filter_open($a) { 39 | return in_array($a['open'], self::$filter); 40 | } 41 | 42 | public static function filter_label($a) { 43 | foreach (self::$filter as $v) { 44 | if (!in_array($v, $a['labels'])) { return false; } 45 | } 46 | return true; 47 | } 48 | 49 | public static function filter_user($a) { 50 | if (in_array($a['openedby'], self::$filter)) { return true; } 51 | foreach ($a['edits'] as $e) { 52 | if (!empty($e) && in_array($e['by'], self::$filter)) { 53 | return true; 54 | } 55 | } 56 | return false; 57 | } 58 | 59 | public static function filter_status($a) { 60 | foreach (self::$filter as $k => $v) { 61 | if ($a['status'] != $k || $a['assignedto'] != $v) { 62 | return false; 63 | } 64 | } 65 | return true; 66 | } 67 | } 68 | 69 | ?> -------------------------------------------------------------------------------- /classes/Page.class.php: -------------------------------------------------------------------------------- 1 | page = $page; 35 | $path = dirname(__FILE__).'/../pages/'.$page.'.php'; 36 | if (!in_array($page, $this->pages) 37 | || (in_array($page, $this->need_project) && !getProject()) 38 | || !is_file($path) 39 | ) { 40 | $this->page = 'error/404'; 41 | $path = dirname(__FILE__).'/../pages/error/404.php'; 42 | } 43 | elseif (!canAccess($page)) { 44 | $this->page = 'error/403'; 45 | $path = dirname(__FILE__).'/../pages/error/403.php'; 46 | } 47 | global $config; 48 | include($path); 49 | 50 | if (isset($load)) { $this->load($load); } 51 | else { 52 | $this->title = $title; 53 | $this->content = $content; 54 | if (isset($javascript)) { $this->javascript = $javascript; } 55 | else { $this->javascript = ''; } 56 | } 57 | } 58 | 59 | public function getPage() { 60 | return $this->page; 61 | } 62 | public function getTitle() { 63 | return $this->title; 64 | } 65 | public function getContent() { 66 | return $this->content; 67 | } 68 | public function getJavascript() { 69 | return $this->javascript; 70 | } 71 | public function getSafePage() { 72 | return Text::purge($this->page); 73 | } 74 | 75 | public function addAlert($txt, $type = 'alert-error') { 76 | $this->errors[] = array('text' => $txt, 'type' => $type); 77 | } 78 | public function getAlerts() { 79 | $txt = ''; 80 | if (isset($_SESSION['alert'])) { 81 | $this->errors[] = $_SESSION['alert']; 82 | unset($_SESSION['alert']); 83 | } 84 | foreach ($this->errors as $error) { 85 | $txt .= '
' 86 | .$error['text'] 87 | .'
'; 88 | } 89 | return $txt; 90 | } 91 | 92 | } -------------------------------------------------------------------------------- /classes/Pager.class.php: -------------------------------------------------------------------------------- 1 | $nb) { return false; } 19 | 20 | $end = min($start+$per_page, $nb); 21 | 22 | $proceed = array(); 23 | for ($i=$start; $i<$end; $i++) { 24 | $proceed[] = $a[$keys[$i]]; 25 | } 26 | 27 | $html = call_user_func($render, $proceed); 28 | 29 | $html .= '
'; 30 | if ($page > 1) { 31 | $url->addParam('pagen', $page-1); 32 | $html .= ''; 36 | } 37 | $html .= ' ' 38 | .str_replace( 39 | array('%nb1%', '%nb2%'), 40 | array($page, $nbpages), 41 | Trad::W_CURRENT) 42 | .' '; 43 | if ($page < $nbpages) { 44 | $url->addParam('pagen', $page+1); 45 | $html .= ''; 49 | } 50 | $html .= '
'; 51 | return $html; 52 | } 53 | 54 | } -------------------------------------------------------------------------------- /classes/Uploader.class.php: -------------------------------------------------------------------------------- 1 | uploads = Text::unhash(get_file(FILE_UPLOADS)); 12 | } 13 | 14 | public static function getInstance() { 15 | if (!isset(self::$instance)) { 16 | self::$instance = new Uploader(); 17 | } 18 | return self::$instance; 19 | } 20 | 21 | protected function save() { 22 | update_file(FILE_UPLOADS, Text::hash($this->uploads)); 23 | } 24 | 25 | public function add_file($file, $post) { 26 | global $config; 27 | if (!canAccess('upload') 28 | || !isset($post['token']) 29 | || !isset($file['error']) 30 | || $file['error'] > 1 31 | || !isset($file['tmp_name']) 32 | || !isset($file['name']) 33 | ) { return Trad::A_ERROR_FORM; } 34 | if (!tokenOk($post['token'])) { return Trad::A_ERROR_TOKEN; } 35 | 36 | $size = filesize($file['tmp_name']); 37 | $maxsize = Uploader::get_maxsize(); 38 | if ($file['error'] == 1 39 | || !$size 40 | || $size <= 0 41 | || $size > $maxsize 42 | ) { 43 | return str_replace( 44 | '%nb%', 45 | Text::to_xbytes($maxsize), 46 | Trad::A_ERROR_UPLOAD_SIZE 47 | ); 48 | } 49 | 50 | if ($config['loggedin'] 51 | && isset($config['users'][$_SESSION['id']]) 52 | ) { 53 | $by = intval($_SESSION['id']); 54 | } 55 | else { $by = NULL; } 56 | 57 | if ($config['allocated_space']) { 58 | $space_left = Text::to_bytes($config['allocated_space']) 59 | - $this->get_spaceused($by); 60 | if ($size > $space_left) { 61 | return str_replace( 62 | '%nb%', 63 | Text::to_xbytes($space_left), 64 | Trad::A_ERROR_UPLOAD_FULL 65 | ); 66 | } 67 | } 68 | 69 | $name = $this->generateName($file['name']); 70 | $newfile = DIR_DATABASE.FOLDER_UPLOADS.$name; 71 | if (!is_uploaded_file($file['tmp_name']) 72 | || !move_uploaded_file($file['tmp_name'], $newfile) 73 | ) { 74 | return Trad::A_ERROR_UPLOAD; 75 | } 76 | 77 | $type = NULL; 78 | if (preg_match('/(png|jpg|jpeg|gif)$/i', $name)) { 79 | $imgstats = @getimagesize($newfile); 80 | if ($imgstats && !empty($imgstats['mime'])) { 81 | $type = $imgstats['mime']; 82 | } 83 | } 84 | 85 | $this->uploads[$name] = array( 86 | 'name' => $name, 87 | 'display' => $file['name'], 88 | 'size' => $size, 89 | 'date' => time(), 90 | 'mime-type' => $type, 91 | 'user' => $by 92 | ); 93 | $this->save(); 94 | $this->lastupload = $this->uploads[$name]; 95 | return true; 96 | } 97 | 98 | public function remove_file($post) { 99 | global $config; 100 | if (!canAccess('upload') 101 | || !isset($post['name']) 102 | || !isset($post['token']) 103 | || !isset($this->uploads[$post['name']]) 104 | || (!canAccess('settings') 105 | && (!$config['loggedin'] 106 | || $_SESSION['id'] != $this->uploads[$post['name']]['user'])) 107 | ) { return Trad::A_ERROR_FORM; } 108 | if (!tokenOk($post['token'])) { return Trad::A_ERROR_TOKEN; } 109 | 110 | $name = $post['name']; 111 | $a = $this->uploads[$name]; 112 | unset($this->uploads[$name]); 113 | $this->save(); 114 | if (!unlink(DIR_DATABASE.FOLDER_UPLOADS.$name)) { 115 | logm('Unable to remove file “'.DIR_DATABASE.FOLDER_UPLOADS.$name.'”'); 116 | } 117 | return true; 118 | } 119 | 120 | public function remove_file_linked($post) { 121 | global $config; 122 | if (!canAccess('upload') 123 | || !isset($post['name']) 124 | || !isset($post['token']) 125 | || !isset($this->uploads[$post['name']]) 126 | || (!canAccess('settings') 127 | && (!$config['loggedin'] 128 | || $_SESSION['id'] != $this->uploads[$post['name']]['user'])) 129 | ) { return Trad::A_ERROR_FORM; } 130 | if (!tokenOk($post['token'])) { return Trad::A_ERROR_TOKEN; } 131 | 132 | foreach ($config['projects'] as $k => $v) { 133 | $issues = Issues::getInstance($k); 134 | $issues->check_uploads($post['name']); 135 | } 136 | $post['token'] = getToken(); # because we will check it a second time 137 | return $this->remove_file($post); 138 | } 139 | 140 | protected function generateName($name) { 141 | $name = Text::purge($name, false); 142 | while (array_key_exists($name, $this->uploads)) { 143 | $name = rand(0, 9).$name; 144 | } 145 | return $name; 146 | } 147 | 148 | public function get_spaceused($user) { 149 | global $config; 150 | if (!$config['loggedin']) { return 0; } 151 | $space = 0; 152 | foreach ($this->uploads as $u) { 153 | if ($u['user'] == $user) { 154 | $space = $space + $u['size']; 155 | } 156 | } 157 | return $space; 158 | } 159 | 160 | public function get($name) { 161 | if (!isset($this->uploads[$name])) { return false; } 162 | return $this->uploads[$name]; 163 | } 164 | 165 | public function getAll() { 166 | return $this->uploads; 167 | } 168 | 169 | public static function get_maxsize() { 170 | global $config; 171 | $a = Text::to_bytes(ini_get('upload_max_filesize')); 172 | $b = Text::to_bytes(ini_get('post_max_size')); 173 | $c = Text::to_bytes(ini_get('memory_limit')); 174 | $d = Text::to_bytes($config['max_size_upload']); 175 | $maxsize = min($a, $b, $c, $d); 176 | return $maxsize; 177 | } 178 | 179 | public static function get_html($link, $uploads = array()) { 180 | global $config; 181 | if (!canAccess('upload')) { return ''; } 182 | $uploader = Uploader::getInstance(); 183 | $up = ''; $up_a = array(); 184 | foreach ($uploads as $u) { 185 | if ($u = $uploader->get($u)) { 186 | $up .= '
' 187 | .htmlspecialchars($u['display']); 188 | if ($config['loggedin']) { 189 | $up .= '' 190 | .'' 191 | .'' 192 | .''; 193 | } 194 | $up .= '
'; 195 | $up_a[] = $u['name']; 196 | } 197 | } 198 | return '
' 199 | .'
' 200 | .''.Trad::S_UPLOAD_ADD 201 | .'
' 202 | .'' 204 | .'
' 205 | .'
' 209 | .'' 210 | .'  ' 211 | .''.Trad::V_SELECT_FILE.'' 212 | .'' 215 | .'' 216 | .'' 217 | .'' 218 | .'' 219 | .'
' 220 | .'
' 221 | .'
' 222 | .'
' 223 | .$up 224 | .'
' 225 | .'
' 226 | .'
' 227 | .'
'; 228 | } 229 | 230 | public static function get_javascript() { 231 | return ''; 232 | } 233 | 234 | } 235 | 236 | ?> -------------------------------------------------------------------------------- /classes/Url.class.php: -------------------------------------------------------------------------------- 1 | '^$', 12 | 'redirect' => 'index.php?page=home' 13 | ), 14 | array( 15 | 'rule' => '^home$', 16 | 'redirect' => 'index.php?page=home' 17 | ), 18 | array( 19 | 'rule' => '^install$', 20 | 'redirect' => 'index.php?page=install' 21 | ), 22 | array( 23 | 'rule' => '^settings$', 24 | 'redirect' => 'index.php?page=settings' 25 | ), 26 | array( 27 | 'rule' => '^error/([0-9]{3})$', 28 | 'redirect' => 'index.php?page=error/$1' 29 | ), 30 | array( 31 | 'rule' => '^signup$', 32 | 'redirect' => 'index.php?page=signup' 33 | ), 34 | array( 35 | 'rule' => '^([a-zA-Z0-9-]+)/dashboard$', 36 | 'redirect' => 'index.php?project=$1&page=dashboard' 37 | ), 38 | array( 39 | 'rule' => '^([a-zA-Z0-9-]+)/issues$', 40 | 'redirect' => 'index.php?project=$1&page=issues' 41 | ), 42 | array( 43 | 'rule' => '^([a-zA-Z0-9-]+)/labels/([a-z0-9-]+)$', 44 | 'redirect' => 'index.php?project=$1&page=issues&label=$2' 45 | ), 46 | array( 47 | 'rule' => '^([a-zA-Z0-9-]+)/search$', 48 | 'redirect' => 'index.php?project=$1&page=search' 49 | ), 50 | array( 51 | 'rule' => '^([a-zA-Z0-9-]+)/issues/([0-9]+)$', 52 | 'redirect' => 'index.php?project=$1&page=view_issue&id=$2' 53 | ), 54 | array( 55 | 'rule' => '^([a-zA-Z0-9-]+)/issues/new$', 56 | 'redirect' => 'index.php?project=$1&page=new_issue' 57 | ), 58 | array( 59 | 'rule' => '^([a-zA-Z0-9-]+)/rss$', 60 | 'redirect' => 'index.php?project=$1&page=rss' 61 | ), 62 | array( 63 | 'rule' => '^users/([0-9]+)$', 64 | 'redirect' => 'index.php?page=view_user&id=$1' 65 | ), 66 | array( 67 | 'rule' => '^public/ajax$', 68 | 'redirect' => 'index.php?page=ajax' 69 | ), 70 | array( 71 | 'rule' => '^public/uploads/(.*)$', 72 | 'redirect' => 'index.php?page=downloads&file=$1' 73 | ), 74 | array( 75 | 'rule' => '^public/identicons/([0-9a-z]{32}).png$', 76 | 'redirect' => 'index.php?page=identicons&seed=$1' 77 | ) 78 | ); 79 | 80 | public function __construct($page, $params = array(), $anchor = '') { 81 | $this->page = $page; 82 | $this->params = $params; 83 | $this->anchor = $anchor; 84 | } 85 | 86 | public function addParam($name, $value) { 87 | $this->params[$name] = $value; 88 | } 89 | 90 | public function get() { 91 | return self::parse($this->page, $this->params, $this->anchor); 92 | } 93 | public function getBase() { 94 | return self::parse($this->page); 95 | } 96 | public static function getRules() { 97 | return self::$rewriting; 98 | } 99 | 100 | public static function parse($page, $params = array(), $anchor = '') { 101 | global $config; 102 | $project = ''; 103 | $page = self::rewriting($project.$page); 104 | $parts = explode('?', $page); 105 | if (isset($parts[1]) && !empty($parts[1])) { 106 | $query = explode('&', $parts[1]); 107 | foreach ($query as $v) { 108 | if (!empty($v)) { 109 | $v = explode('=', $v); 110 | if (isset($v[0]) && isset($v[1])) { 111 | $params[$v[0]] = $v[1]; 112 | } 113 | } 114 | } 115 | } 116 | $ret = $config['url'].$parts[0]; 117 | if (!empty($params)) { 118 | $ret .= '?'.http_build_query($params); 119 | } 120 | if (!empty($anchor)) { $ret .= '#'.$anchor; } 121 | return $ret; 122 | } 123 | 124 | protected static function rewriting($page) { 125 | global $config; 126 | if ($config['url_rewriting']) { return $page; } 127 | foreach (self::$rewriting as $v) { 128 | $rule = '#'.$v['rule'].'#'; 129 | if (preg_match($rule, $page)) { 130 | if (isset($v['condition']) 131 | && $v['condition'] == 'file_doesnt_exist' 132 | ) { 133 | if (!file_exists($page)) { 134 | return preg_replace($rule, $v['redirect'], $page); 135 | } 136 | } 137 | else { 138 | return preg_replace($rule, $v['redirect'], $page); 139 | } 140 | } 141 | } 142 | return $page; 143 | } 144 | 145 | } 146 | 147 | ?> -------------------------------------------------------------------------------- /favicon.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/piero-la-lune/Bumpy-Booby/306e7ef7994ddd884d5eae99761b7a3865ce55dc/favicon.ico -------------------------------------------------------------------------------- /languages/.htaccess: -------------------------------------------------------------------------------- 1 | Allow from none 2 | Deny from all 3 | -------------------------------------------------------------------------------- /pages/.htaccess: -------------------------------------------------------------------------------- 1 | Allow from none 2 | Deny from all 3 | -------------------------------------------------------------------------------- /pages/ajax.php: -------------------------------------------------------------------------------- 1 | true, 7 | 'text' => Text::markdown($_POST['text']) 8 | ); 9 | echo json_encode($obj); 10 | exit; 11 | } 12 | elseif ($_POST['action'] == 'upload' && isset($_FILES['upload'])) { 13 | $uploader = Uploader::getInstance(); 14 | $ans = $uploader->add_file($_FILES['upload'], $_POST); 15 | if ($ans === true) { 16 | $upload = $uploader->lastupload; 17 | $ret = '
'; 18 | $ret .= htmlspecialchars($upload['display']); 19 | if ($config['loggedin']) { 20 | $ret .= ''; 21 | $ret .= ''; 22 | $ret .= ''; 23 | } 24 | $ret .= '
'; 25 | $obj = array( 26 | 'success' => true, 27 | 'text' => $ret, 28 | 'name' => $upload['name'], 29 | 'token' => getToken() 30 | ); 31 | } 32 | else { 33 | $obj = array( 34 | 'success' => false, 35 | 'token' => getToken(), 36 | 'text' => $ans 37 | ); 38 | } 39 | $json = json_encode($obj); 40 | if (isset($_POST['type']) && $_POST['type'] == 'xhr') { echo $json; } 41 | else { echo ''; } 42 | exit; 43 | } 44 | elseif ($_POST['action'] == 'upload_remove') { 45 | $uploader = Uploader::getInstance(); 46 | $ans = $uploader->remove_file($_POST); 47 | if ($ans === true) { 48 | $obj = array( 49 | 'success' => true, 50 | 'token' => getToken() 51 | ); 52 | } 53 | else { 54 | $obj = array( 55 | 'success' => false, 56 | 'token' => getToken(), 57 | 'text' => $ans 58 | ); 59 | } 60 | echo json_encode($obj); 61 | exit; 62 | } 63 | elseif ($_POST['action'] == 'upload_remove_linked') { 64 | $uploader = Uploader::getInstance(); 65 | $ans = $uploader->remove_file_linked($_POST); 66 | if ($ans === true) { 67 | $obj = array( 68 | 'success' => true, 69 | 'token' => getToken() 70 | ); 71 | if (isset($_POST['user']) 72 | && isset($config['users'][$_POST['user']]) 73 | && ($_SESSION['id'] == $_POST['user'] || canAccess('settings'))) 74 | { 75 | $space = $uploader->get_spaceused($_POST['user']); 76 | $allocated_space = Text::to_bytes($config['allocated_space']); 77 | $obj['space'] = Text::to_xbytes($allocated_space-$space); 78 | $obj['percent'] = intval($space*100/$allocated_space); 79 | } 80 | } 81 | else { 82 | $obj = array( 83 | 'success' => false, 84 | 'token' => getToken(), 85 | 'text' => $ans 86 | ); 87 | } 88 | echo json_encode($obj); 89 | exit; 90 | } 91 | } 92 | if ($_SERVER['REQUEST_METHOD'] == 'POST' 93 | && empty($_POST) 94 | && empty($_FILES) 95 | && $_SERVER['CONTENT_LENGTH'] > 0 96 | ) { 97 | $max_size = Text::to_xbytes(Uploader::get_maxsize()); 98 | $obj = array( 99 | 'success' => false, 100 | 'token' => getToken(), 101 | 'text' => str_replace('%nb%', $max_size, Trad::A_ERROR_UPLOAD_SIZE) 102 | ); 103 | $json = json_encode($obj); 104 | if (isset($_POST['type']) && $_POST['type'] == 'xhr') { echo $json; } 105 | else { echo ''; } 106 | exit; 107 | } 108 | 109 | $obj = array( 110 | 'success' => false, 111 | 'token' => getToken(), 112 | 'text' => Trad::A_ERROR_FORM 113 | ); 114 | echo json_encode($obj); 115 | exit; 116 | 117 | ?> -------------------------------------------------------------------------------- /pages/dashboard.php: -------------------------------------------------------------------------------- 1 | ' 6 | .Text::markdown($config['projects'][getProject()]['description']) 7 | .''; 8 | 9 | if (canAccess('issues')) { 10 | 11 | $issues = Issues::getInstance(); 12 | $nb_display = $config['nb_last_activity_dashboard']; 13 | 14 | $activity = array(); 15 | for ($i=0; $i<$nb_display; $i++) { 16 | $activity[$i] = array('id' => 0, 'time' => 0, 'edit' => 0); 17 | } 18 | $nb_statuses = array(); 19 | foreach ($config['statuses'] as $k => $v) { 20 | if ($v['dashboard']) { $nb_statuses[$k] = 0; } 21 | } 22 | 23 | $iss = $issues->getAll(); 24 | foreach ($iss as $i) { 25 | if (isset($nb_statuses[$i['status']])) { 26 | $nb_statuses[$i['status']]++; 27 | } 28 | if ($i['date'] > $activity[$nb_display-1]['time']) { 29 | $activity[$nb_display-1] = array( 30 | 'id' => $i['id'], 31 | 'time' => $i['date'], 32 | 'edit' => 0 33 | ); 34 | usort($activity, array('OrderFilter', 'compare_time')); 35 | } 36 | if ($i['edit'] > $activity[$nb_display-1]['time']) { 37 | foreach ($i['edits'] as $e) { 38 | if (empty($e)) { continue; } 39 | if ($e['date'] > $activity[$nb_display-1]['time']) { 40 | $activity[$nb_display-1] = array( 41 | 'id' => $i['id'], 42 | 'time' => $e['date'], 43 | 'edit' => $e['id'] 44 | ); 45 | usort($activity, array('OrderFilter', 'compare_time')); 46 | } 47 | } 48 | } 49 | } 50 | 51 | $edits = ''; 52 | foreach ($activity as $v) { 53 | if ($v['time'] == 0) { continue; } 54 | $i = $iss[$v['id']]; 55 | if ($v['edit'] == 0) { 56 | $edit = array( 57 | 'id' => 0, 58 | 'type' => 'newissue', 59 | 'by' => $i['openedby'], 60 | 'date' => $i['date']); 61 | $preview = '
' 62 | .Text::intro($i['text'], $config['length_preview_text']); 63 | } 64 | else { 65 | $edit = $i['edits'][$v['edit']]; 66 | if ($edit['type'] == 'comment') { 67 | $preview = '
' 68 | .Text::intro($edit['text'], $config['length_preview_text']); 69 | } 70 | else { 71 | $preview = ''; 72 | } 73 | } 74 | $edits .= '
' 75 | .'' 78 | .htmlspecialchars($i['summary']) 79 | .'' 80 | .$preview 81 | .'
'.Issues::get_preview_edit($edit) 82 | .'
'; 83 | } 84 | 85 | $pie_html = ''; 86 | $sum = array_sum($nb_statuses); 87 | if ($sum > 0) { 88 | $pie = array(); 89 | $start = 0; 90 | foreach ($nb_statuses as $k => $v) { 91 | $angle = $v/$sum*2*pi(); 92 | $pie[] = Array( 93 | 'nb' => $v, 94 | 'start' => $start, 95 | 'end' => $start+$angle, 96 | 'color' => $config['statuses'][$k]['color'], 97 | 'url' => Url::parse(getProject().'/issues', 98 | array('statuses' => $k, 'open' => 'all')) 99 | ); 100 | $start = $start + $angle; 101 | } 102 | $pie_html = ''; 111 | } 112 | 113 | $content = '
' 114 | .'
' 115 | .'

'.Trad::T_DASHBOARD.'

' 116 | .$intro 117 | .$pie_html 118 | .'
' 119 | .'
' 120 | .'

'.Trad::T_LAST_UPDATES.'

' 121 | .$edits 122 | .'
' 123 | .'
'; 124 | 125 | } 126 | else { 127 | $content = '

'.Trad::T_DASHBOARD.'

' 128 | .$intro 129 | .'

'.Trad::A_PLEASE_LOGIN_ISSUES.'

'; 130 | } 131 | 132 | ?> -------------------------------------------------------------------------------- /pages/downloads.php: -------------------------------------------------------------------------------- 1 | load('error/403'); 5 | } 6 | else { 7 | 8 | $uploader = Uploader::getInstance(); 9 | $file = $uploader->get(Text::purge($_GET['file'], false)); 10 | 11 | if ($file) { 12 | if ($file['mime-type']) { 13 | header('Content-Type: '.$file['mime-type']); 14 | readfile(DIR_DATABASE.FOLDER_UPLOADS.$file['name']); 15 | exit; 16 | } 17 | else { 18 | header('Content-Description: File Transfer'); 19 | header('Content-Type: application/octet-stream'); 20 | header('Content-Disposition: attachment; filename="'.htmlspecialchars($file['display']).'"'); 21 | header('Content-Transfer-Encoding: binary'); 22 | header('Expires: 0'); 23 | header('Cache-Control: must-revalidate'); 24 | header('Pragma: public'); 25 | header('Content-Length: '.filesize(DIR_DATABASE.FOLDER_UPLOADS.$file['name'])); 26 | readfile(DIR_DATABASE.FOLDER_UPLOADS.$file['name']); 27 | exit; 28 | } 29 | exit; 30 | } 31 | 32 | $page->load('error/404'); 33 | } 34 | 35 | ?> -------------------------------------------------------------------------------- /pages/error/.htaccess: -------------------------------------------------------------------------------- 1 | Allow from none 2 | Deny from all 3 | -------------------------------------------------------------------------------- /pages/error/403.php: -------------------------------------------------------------------------------- 1 | 403 – '.Trad::W_FORBIDDEN.' 9 |

'.Trad::S_FORBIDDEN.'

10 | '; 11 | 12 | ?> -------------------------------------------------------------------------------- /pages/error/404.php: -------------------------------------------------------------------------------- 1 | 404 – '.Trad::W_NOTFOUND.'' 8 | .'

'.Trad::S_NOTFOUND.'

'; 9 | 10 | ?> -------------------------------------------------------------------------------- /pages/home.php: -------------------------------------------------------------------------------- 1 | '.Trad::T_PROJECTS.'' 10 | .'
' 11 | .Text::markdown($config['intro']) 12 | .'
'; 13 | 14 | $projects = ''; 15 | $i = 0; 16 | foreach ($config['projects'] as $k => $v) { 17 | if (canAccessProject($k)) { 18 | if ($i % 2 == 0) { 19 | $projects .= '
'; 20 | } 21 | $cut = $config['length_preview_project']; 22 | $projects .= '
' 23 | .'' 24 | .''.$k.'' 25 | .Text::intro($v['description'], $cut, false) 26 | .'' 27 | .'
'; 28 | if ($i % 2 == 1) { 29 | $projects .= '
'; 30 | } 31 | $i++; 32 | } 33 | } 34 | if (!empty($projects)) { 35 | if ($i % 2 == 1) { 36 | $projects .= '
 
'; 37 | } 38 | $content .= $projects; 39 | } 40 | else { 41 | $content .= '

'.Trad::S_NO_PROJECT.'

'; 42 | } 43 | 44 | ?> -------------------------------------------------------------------------------- /pages/identicons.php: -------------------------------------------------------------------------------- 1 | build($seed); 14 | imagepng($img, $filename); 15 | imagepng($img); 16 | } 17 | exit; 18 | } 19 | else { 20 | $page->load('error/404'); 21 | } 22 | 23 | ?> -------------------------------------------------------------------------------- /pages/install.php: -------------------------------------------------------------------------------- 1 | '.Trad::T_INSTALLATION.'' 10 | .'

'.Trad::S_INTRO_INSTALL.'

' 11 | .'

 

'; 12 | 13 | if (isset($_POST['language']) && Text::check_language($_POST['language'])) { 14 | 15 | $content .= '
' 17 | .'
' 18 | .'
' 19 | .'' 20 | .Trad::W_SUPERUSER 21 | .'
' 22 | .'
' 23 | .'' 24 | .'' 26 | .'' 27 | .'' 29 | .'
' 30 | .'
' 31 | .'
' 32 | .'
' 33 | .'' 34 | .Trad::T_GLOBAL_SETTINGS 35 | .'
' 36 | .'
' 37 | .'' 38 | .'' 40 | .'

'.Trad::F_TIP_NAME.'

' 41 | .'' 42 | .'' 44 | .'
' 45 | .'
' 46 | .'
' 47 | .'' 48 | .'' 50 | .'' 53 | .'
' 54 | .'
'; 55 | } 56 | else { 57 | $content .= '
' 59 | .'
' 60 | .'
' 61 | .'' 62 | .'' 65 | .'
' 66 | .'
' 67 | .'
' 68 | .'' 72 | .'
' 73 | .'
'; 74 | } 75 | 76 | if (is_file(DIR_DATABASE.FILE_CONFIG)) { 77 | $content = ' 78 |
79 | '.Trad::A_ERROR_INSTALL.' 80 |
81 | '; 82 | } 83 | elseif (isset($_POST['action']) 84 | && isset($_POST['language']) 85 | && Text::check_language($_POST['language']) 86 | ) { 87 | $config = Settings::get_default_config($_POST['language']); 88 | $settings = new Settings(); 89 | $post = $_POST; 90 | $post['user_id'] = array(''); 91 | $post['user_email'] = array(''); 92 | $post['user_notifications'] = array('never'); 93 | $post['user_group'] = array(DEFAULT_GROUP_SUPERUSER); 94 | $ans = $settings->changes($post); 95 | if (!empty($ans)) { 96 | foreach ($ans as $v) { 97 | $this->addAlert(Trad::settings($v)); 98 | } 99 | } 100 | else { 101 | $_SESSION['alert'] = array( 102 | 'text' => Trad::A_SUCCESS_INSTALL, 103 | 'type' => 'alert-success' 104 | ); 105 | header('Location: '.Url::parse('home')); 106 | exit; 107 | } 108 | } 109 | 110 | ?> -------------------------------------------------------------------------------- /pages/new_issue.php: -------------------------------------------------------------------------------- 1 | new_issue($_POST); 29 | if ($ans === true) { 30 | header('Location: ' 31 | .Url::parse(getProject().'/issues/'.$issues->lastissue)); 32 | exit; 33 | } 34 | $this->addAlert($ans); 35 | } 36 | 37 | $title = Trad::T_NEW_ISSUE; 38 | 39 | $should_login = ''; 40 | if (!$config['loggedin'] 41 | && canAccess('signup') 42 | && in_array(DEFAULT_GROUP, $config['permissions']['new_issue']) 43 | ) { 44 | $should_login = '

'.Trad::A_SHOULD_LOGIN.'

'; 45 | } 46 | 47 | $settings = ''; 48 | if (canAccess('update_issue')) { 49 | $statuses = array(); 50 | foreach ($config['statuses'] as $k => $v) { 51 | $statuses[$k] = $v['name']; 52 | } 53 | $users = array(DEFAULT_USER => Trad::W_NOBODY); 54 | foreach ($config['users'] as $k => $u) { 55 | $users[$k] = htmlspecialchars($u['username']); 56 | } 57 | $labels = ''; 58 | foreach ($config['labels'] as $k => $v) { 59 | if (canAccess('private_issues') || $k != PRIVATE_LABEL) { 60 | $selected = (in_array($k, $form_l)) ? 61 | 'label selected': 62 | 'label unselected'; 63 | $labels .= '' 65 | .$v['name'] 66 | .''; 67 | } 68 | } 69 | $settings = '
' 70 | .'' 71 | .'' 74 | .'' 77 | .'' 78 | .'' 80 | .'' 81 | .'

'.$labels.'

' 82 | .'' 83 | .'
'; 84 | } 85 | 86 | $content = '

'.Trad::T_NEW_ISSUE.'

' 87 | .'
' 88 | .'
' 89 | .'
' 90 | .'' 91 | .'' 92 | .'' 93 | .'
' 94 | .'' 95 | .Trad::F_WRITE 96 | .'
' 97 | .'
' 99 | .'
' 100 | .'
'.Trad::HELP_MARKDOWN.'
' 101 | .'' 103 | .'' 107 | .'' 108 | .$should_login 109 | .'
' 110 | .'' 113 | .'' 116 | .'
' 117 | .'' 118 | .'' 119 | .'' 120 | .'
' 121 | .$settings 122 | .'
' 123 | .'
'; 124 | 125 | if (canAccess('upload')) { 126 | $content .= Uploader::get_html('.box-new-issue form', $form_up); 127 | } 128 | 129 | ?> -------------------------------------------------------------------------------- /pages/rss.php: -------------------------------------------------------------------------------- 1 | '."\n"; 6 | echo ''."\n"; 7 | 8 | if (canAccess('issues') && getProject() !== false) { 9 | 10 | echo ' '."\n"; 11 | echo ' '.getProject().''."\n"; 12 | echo ' '.Trad::S_LAST_UPDATES.''."\n"; 13 | echo ' '.date('r').''."\n"; 14 | echo ' '.htmlspecialchars(Url::parse(getProject().'/dashboard')).''."\n"; 15 | 16 | $issues = Issues::getInstance(); 17 | 18 | $nb_display = $config['nb_last_activity_rss']; 19 | $activity = array(); 20 | for ($i=0; $i<$nb_display; $i++) { 21 | $activity[$i] = array('id' => 0, 'time' => 0, 'edit' => 0); 22 | } 23 | 24 | $issues = $issues->getAll(); 25 | foreach ($issues as $i) { 26 | if ($i['date'] > $activity[$nb_display-1]['time']) { 27 | $activity[$nb_display-1] = array( 28 | 'id' => $i['id'], 29 | 'time' => $i['date'], 30 | 'edit' => 0 31 | ); 32 | usort($activity, array('OrderFilter', 'compare_time')); 33 | } 34 | if ($i['edit'] > $activity[$nb_display-1]['time']) { 35 | foreach ($i['edits'] as $e) { 36 | if (empty($e)) { continue; } 37 | if ($e['date'] > $activity[$nb_display-1]['time']) { 38 | $activity[$nb_display-1] = array( 39 | 'id' => $i['id'], 40 | 'time' => $e['date'], 41 | 'edit' => $e['id'] 42 | ); 43 | usort($activity, array('OrderFilter', 'compare_time')); 44 | } 45 | } 46 | } 47 | } 48 | 49 | $edits = ''; 50 | foreach ($activity as $v) { 51 | if ($v['time'] == 0) { continue; } 52 | $i = $issues[$v['id']]; 53 | echo ' '."\n"; 54 | echo ' #'.$i['id'].' '.htmlspecialchars($i['summary']).''."\n"; 55 | echo ' '.date('r', $v['time']).''."\n"; 56 | if ($v['edit'] == 0) { 57 | echo ' ' 64 | .Text::intro($i['text'], $config['length_preview_text']) 65 | .']]>'."\n"; 66 | echo ' ' 67 | .htmlspecialchars(Url::parse(getProject().'/issues/'.$i['id'])) 68 | .''."\n"; 69 | } 70 | else { 71 | $edit = $i['edits'][$v['edit']]; 72 | if ($edit['type'] == 'comment') { 73 | echo ' ' 80 | .Text::intro($edit['text'], $config['length_preview_text']) 81 | .']]>'."\n"; 82 | } 83 | elseif ($edit['type'] == 'open' && $edit['changedto']) { 84 | echo ' '."\n"; 91 | } 92 | elseif ($edit['type'] == 'open') { 93 | echo ' '."\n"; 100 | } 101 | elseif ($edit['type'] == 'status') { 102 | echo ' '."\n"; 112 | } 113 | echo ' ' 114 | .htmlspecialchars(Url::parse(getProject().'/issues/'.$i['id'], array(), 'e-'.$edit['id'])) 115 | .''."\n"; 116 | } 117 | echo ' '."\n"; 118 | } 119 | 120 | echo ' '."\n"; 121 | 122 | } 123 | 124 | echo ''; 125 | 126 | exit; 127 | 128 | 129 | ?> -------------------------------------------------------------------------------- /pages/search.php: -------------------------------------------------------------------------------- 1 | addParam('q', $_POST['q']); } 8 | header('Location: '.$url->get()); 9 | exit; 10 | } 11 | 12 | $issues = Issues::getInstance(); 13 | $text = '

'.Trad::S_NO_ISSUE.'

'; 14 | $small = ''; 15 | if (isset($_GET['q'])) { 16 | $q = trim($_GET['q']); 17 | if (preg_match('/^#?([0-9]+)$/', $q, $matches)) { 18 | if ($issues->get($matches[1])) { 19 | header('Location: '.Url::parse(getProject().'/issues/'.$matches[1])); 20 | exit; 21 | } 22 | $small = '#'.$matches[1]; 23 | } 24 | elseif (preg_match('/^@(.+)$/', $q, $matches)) { 25 | foreach ($config['users'] as $u) { 26 | if ($u['username'] == $matches[1]) { 27 | header('Location: '.Url::parse('users/'.$u['id'])); 28 | exit; 29 | } 30 | } 31 | $text = '

'.Trad::S_NO_USER.'

'; 32 | $small = '@'.htmlspecialchars($matches[1]); 33 | } 34 | else { 35 | foreach ($config['users'] as $u) { 36 | if ($u['username'] == $q) { 37 | header('Location: '.Url::parse('users/'.$u['id'])); 38 | exit; 39 | } 40 | } 41 | $words = array(); 42 | $wds = explode(' ', $q); 43 | foreach ($wds as $w) { 44 | if (strlen($w) > 2) { 45 | $words[] = htmlspecialchars(strtolower($w)); 46 | } 47 | } 48 | $matches = array(); 49 | $iss = $issues->getAll(); 50 | if (!$iss) { 51 | # if the user is not allowed to access issues 52 | $iss = array(); 53 | } 54 | foreach ($iss as $i) { 55 | $points = 0; 56 | $sum = htmlspecialchars($i['summary']); 57 | $tex = htmlspecialchars($i['text']); 58 | $sumRep = $sum; 59 | $texRep = ''; 60 | foreach ($words as $w) { 61 | $nbSum = stripos($sum, $w); 62 | $nbTex = stripos($tex, $w); 63 | if ($nbSum !== false) { 64 | $points = $points+4; 65 | } 66 | if ($nbTex !== false) { 67 | $points = $points+2; 68 | if (empty($texRep)) { 69 | $texRep = Text::intro( 70 | $tex, 71 | $config['length_search_text'], 72 | true, 73 | $w 74 | ); 75 | } 76 | } 77 | foreach ($i['edits'] as $e) { 78 | if (empty($e) || $e['type'] != 'comment') { continue; } 79 | $com = htmlspecialchars($e['text']); 80 | $nbCom = stripos($com, $w); 81 | if ($nbCom !== false) { 82 | $points = $points+1; 83 | if (empty($texRep)) { 84 | $texRep = Text::intro( 85 | $com, 86 | $config['length_search_text'], 87 | true, 88 | $w 89 | ); 90 | } 91 | } 92 | } 93 | $texRep = str_ireplace( 94 | $w, 95 | ''.$w.'', 96 | $texRep 97 | ); 98 | $sumRep = str_ireplace( 99 | $w, 100 | ''.$w.'', 101 | $sumRep 102 | ); 103 | } 104 | if ($points) { 105 | if (empty($texRep)) { 106 | $texRep = Text::intro( 107 | $tex, 108 | $config['length_search_text'], 109 | true 110 | ); 111 | } 112 | $matches[] = array( 113 | 'id' => $i['id'], 114 | 'summary' => $sumRep, 115 | 'text' => $texRep, 116 | 'status' => $i['status'], 117 | 'points' => $points, 118 | 'edit' => $i['edit'] 119 | ); 120 | } 121 | } 122 | if (!empty($matches)) { 123 | usort($matches, function($a, $b) { 124 | if ($a['points'] > $b['points']) { return -1; } 125 | else if ($a['points'] < $b['points']) { return 1; } 126 | else if ($a['edit'] > $b['edit']) { return -1; } 127 | return -1; 128 | }); 129 | function render($a) { 130 | global $config; 131 | $html = ''; 132 | foreach ($a as $m) { 133 | $url = Url::parse(getProject().'/issues/'.$m['id']); 134 | $html .= '
' 135 | .'
' 136 | .'
' 137 | .'' 141 | .'#'.$m['id'] 142 | .'' 143 | .'
' 144 | .'
' 145 | .'' 146 | .$m['summary'] 147 | .'' 148 | .''.$m['text'].'' 149 | .'
' 150 | .'
' 151 | .'
'; 152 | } 153 | $html = Text::remove_blanks($html); 154 | return $html; 155 | } 156 | $url = new Url(getProject().'/search', array('q' => $q)); 157 | $pager = new Pager(); 158 | $text = '

'.str_replace( 159 | '%nb%', 160 | count($matches), 161 | Trad::S_MATCHING_ISSUES 162 | ).'.

'; 163 | $text .= '

 

'; 164 | $text .= $pager->get( 165 | $matches, 166 | $url, 167 | 'render', 168 | $config['search_per_page'] 169 | ); 170 | } 171 | $small = implode(' ', $words); 172 | } 173 | } 174 | 175 | $title = Trad::T_SEARCH; 176 | 177 | $content = '

'.Trad::T_SEARCH.' '.$small.'

'; 178 | $content .= $text; 179 | 180 | ?> -------------------------------------------------------------------------------- /pages/signup.php: -------------------------------------------------------------------------------- 1 | new_user($_POST); 9 | if ($ans === true) { 10 | $_SESSION['alert'] = array('text' => Trad::A_SUCCESS_SIGNUP, 'type' => 'alert-success'); 11 | header('Location: '.Url::parse('home')); 12 | exit; 13 | } 14 | else { 15 | $this->addAlert($ans); 16 | } 17 | } 18 | 19 | $title = Trad::V_SIGNUP; 20 | 21 | $content = ' 22 | 23 |

'.Trad::V_SIGNUP.'

24 | 25 | 39 | 40 | '; 41 | 42 | ?> -------------------------------------------------------------------------------- /public/css/app/app.less: -------------------------------------------------------------------------------- 1 | @inc: "./inc/"; 2 | 3 | @text-black: #444; 4 | @text-black-hover: #000; 5 | @title-black: #222; 6 | 7 | @link-red: #D95A43; 8 | 9 | @bgd-blue: #618DB1; 10 | @bgd-red: #FF7769; 11 | @bgd-yellow: #FFCB83; 12 | @bgd-grey: lighten(#E1EDF7, 2%); 13 | 14 | @green: #8DD69D; 15 | @red: #ED92AC; 16 | @blue: #A9B9DC; 17 | 18 | @font-family: "Source Sans Pro", sans-serif; 19 | @font-size: 16px; 20 | 21 | @width-aside: 260px; 22 | @width-about: 220px; 23 | @max-width: 1400px; 24 | 25 | 26 | @import "mixins.less"; 27 | 28 | @import "fonts.less"; 29 | 30 | @import "structure.less"; 31 | @import "miscellaneous.less"; 32 | @import "issues.less"; 33 | @import "forms.less"; 34 | @import "text.less"; 35 | 36 | @import "responsive.less"; 37 | 38 | @import "icons.less"; 39 | @import "highlighter.less"; -------------------------------------------------------------------------------- /public/css/app/fonts.less: -------------------------------------------------------------------------------- 1 | @font-face { 2 | font-family: "Source Sans Pro"; 3 | font-style: normal; 4 | font-weight: 400; 5 | src: local("Source Sans Pro"), local("SourceSansPro-Regular"), 6 | url("@{inc}SourceSansPro-Regular.woff") format("woff"); 7 | } 8 | 9 | @font-face { 10 | font-family: "Source Sans Pro"; 11 | font-style: normal; 12 | font-weight: 900; 13 | src: local("Source Sans Pro Black"), local("SourceSansPro-Black"), 14 | url("@{inc}SourceSansPro-Black.woff") format("woff"); 15 | } -------------------------------------------------------------------------------- /public/css/app/forms.less: -------------------------------------------------------------------------------- 1 | label, input, button, select, textarea { 2 | font-weight: normal; 3 | font-size: @font-size; 4 | font-family: @font-family; 5 | } 6 | input, textarea { -webkit-appearance: none; } 7 | 8 | .form-actions { 9 | text-align: center; 10 | margin: 16px 0 8px 0; 11 | .btn { 12 | margin: 3px 2px; 13 | } 14 | } 15 | 16 | .main-right { 17 | input { 18 | width: @width-aside - 24px - 16px - 2px; // 2px because of Firefox 19 | margin: 2px 0 2px 0; 20 | padding: 8px; 21 | border: none; 22 | text-align: center; 23 | background: lighten(@bgd-blue, 40%); 24 | .transition(background .4s ease-in-out); 25 | &:focus { background-color: #fff; } 26 | &.input-left { 27 | width: @width-aside - 24px - 16px - 26px; 28 | } 29 | } 30 | button { 31 | background: none; 32 | border: none; 33 | cursor: pointer; 34 | padding: 0; 35 | margin: 0; 36 | } 37 | } 38 | 39 | .main-left { 40 | .btn { 41 | border: none; 42 | padding: 6px 12px; 43 | font-weight: 900; 44 | cursor: pointer; 45 | background: darken(@bgd-grey, 5%); 46 | &:hover { 47 | color: @text-black-hover; 48 | background: #fff; 49 | } 50 | } 51 | a.btn { 52 | display: inline-block; 53 | color: @text-black; 54 | &:hover { text-decoration: none; } 55 | } 56 | .btn-primary { 57 | color: #fff; 58 | background: #222; 59 | &:hover { 60 | color: #fff; 61 | background: #444; 62 | } 63 | } 64 | } 65 | 66 | .form { 67 | background: @bgd-yellow; 68 | padding: 12px; 69 | } 70 | .box .inner-form, .form { 71 | input, textarea, select { 72 | display: block; 73 | .box-sizing(border-box); 74 | width: 100%; 75 | margin: 0 0 6px 0; 76 | padding: 8px; 77 | border: none; 78 | background: lighten(@bgd-yellow, 18%); 79 | .transition(background .4s ease-in-out); 80 | &:focus { background-color: #fff; } 81 | } 82 | .input-small { max-width: 120px; } 83 | .input-medium { max-width: 360px; } 84 | .input-inline { display: inline-block; } 85 | input[readonly] { 86 | font-style: italic; 87 | &:focus { background-color: lighten(@bgd-yellow, 18%); } 88 | } 89 | label { 90 | display: block; 91 | margin: 16px 6px 2px 6px; 92 | font-weight: 900; 93 | font-style: italic; 94 | } 95 | label:first-child { margin-top: 0; } 96 | .help { 97 | margin: -6px 0 0 24px; 98 | padding: 4px; 99 | font-style: italic; 100 | border-left: 6px solid lighten(@bgd-yellow, 18%); 101 | } 102 | .p-tip { margin: 0 0 24px 0; } 103 | .p-form { font-style: italic; } 104 | .p-buttons { text-align: center; margin: 8px 0 0 0; } 105 | .btn { 106 | color: @text-black; 107 | background: lighten(@bgd-yellow, 18%); 108 | &:hover { 109 | color: @text-black-hover; 110 | background: #fff; 111 | } 112 | } 113 | .btn-check { 114 | font-weight: normal; 115 | } 116 | .btn-check.active { 117 | font-weight: 900; 118 | background: #fff; 119 | } 120 | .table { 121 | border-collapse: collapse; 122 | td { 123 | border-top: 4px solid @text-black; 124 | padding: 12px 4px; 125 | } 126 | } 127 | } 128 | 129 | .div-pick-color { display: none; } 130 | .square { 131 | display: inline-block; 132 | width: 20px; 133 | height: 20px; 134 | margin: 2px; 135 | } 136 | .btn-color { 137 | padding: 6px; 138 | .square { 139 | height: 14px; 140 | width: 14px; 141 | margin: 0; 142 | } 143 | } 144 | 145 | .form-signup, .form-user, .form-install { 146 | max-width: 400px; 147 | margin: auto; 148 | overflow: hidden; 149 | } 150 | 151 | 152 | .form-upload { 153 | text-align: center; 154 | .uploads { 155 | text-align: left; 156 | div { 157 | margin-top: 8px; 158 | .a-remove { margin-left: 4px; } 159 | } 160 | } 161 | } 162 | .btn-upload { 163 | position: relative; 164 | overflow: hidden; 165 | } 166 | .btn-upload input { 167 | position: absolute; 168 | top: 0; 169 | right: 0; 170 | margin: 0; 171 | border: solid transparent; 172 | border-width: 0 0 100px 200px; 173 | .opacity(0); 174 | cursor: pointer; 175 | -moz-transform: translate(-300px, 0) scale(4); 176 | direction: ltr; 177 | } 178 | .progress { 179 | position: relative; 180 | margin: 16px 0 0 0; 181 | width: 100%; 182 | border-top: 4px solid lighten(@text-black, 50%); 183 | .box-uploads & { border-top: 4px solid lighten(@bgd-yellow, 18%); } 184 | .bar { 185 | position: absolute; 186 | top: -4px; 187 | left: 0; 188 | width: 0%; 189 | height: 4px; 190 | background: @text-black; 191 | } 192 | padding-top: 4px; 193 | text-align: center; 194 | font-style: italic; 195 | } 196 | 197 | .div-help-markdown { 198 | display: none; 199 | margin-bottom: 32px; 200 | h2 { 201 | margin: 0 0 8px 0; 202 | padding: 0; 203 | text-align: center; 204 | font-weight: 900; 205 | } 206 | pre { margin: 0; } 207 | pre + pre { margin-top: 4px; } 208 | p { 209 | margin: 12px 0 4px 24px; 210 | font-weight: 900; 211 | font-style: italic; 212 | } 213 | } 214 | 215 | 216 | .box-sort-filter { 217 | p { margin-bottom: 12px; } 218 | .inner-form select { 219 | display: inline; 220 | width: auto; 221 | } 222 | a { 223 | color: @text-black; 224 | font-weight: 900; 225 | text-decoration: none; 226 | &:hover { text-decoration: underline; } 227 | } 228 | } -------------------------------------------------------------------------------- /public/css/app/highlighter.less: -------------------------------------------------------------------------------- 1 | code { 2 | background: lighten(@bgd-grey, 4%); 3 | padding: 1px 4px; 4 | font-size: 0.9em; 5 | } 6 | 7 | pre code { 8 | display: block; 9 | max-height: 320px; .ie8 & { max-height: none; } 10 | overflow: auto; 11 | padding: 8px; 12 | line-height: normal; 13 | } 14 | 15 | pre .td-nb { 16 | text-align: right; 17 | padding-right: 4px; 18 | border-right: 1px solid #ccc; 19 | .user-select(none); 20 | } 21 | pre .td-code { 22 | padding-left: 8px; 23 | } 24 | 25 | pre .comment, 26 | pre .template_comment, 27 | pre .diff .header, 28 | pre .javadoc { 29 | color: #998; 30 | font-style: italic; 31 | } 32 | 33 | pre .keyword, 34 | pre .css .rule .keyword, 35 | pre .winutils, 36 | pre .javascript .title, 37 | pre .nginx .title, 38 | pre .subst, 39 | pre .request, 40 | pre .status { 41 | color: #333; 42 | font-weight: bold; 43 | } 44 | 45 | pre .number, 46 | pre .hexcolor, 47 | pre .ruby .constant { 48 | color: #099; 49 | } 50 | 51 | pre .string, 52 | pre .tag .value, 53 | pre .phpdoc, 54 | pre .tex .formula { 55 | color: #d14; 56 | } 57 | 58 | pre .title, 59 | pre .id { 60 | color: #900; 61 | font-weight: bold; 62 | } 63 | 64 | pre .javascript .title, 65 | pre .lisp .title, 66 | pre .clojure .title, 67 | pre .subst { 68 | font-weight: normal; 69 | } 70 | 71 | pre .class .title, 72 | pre .haskell .type, 73 | pre .vhdl .literal, 74 | pre .tex .command { 75 | color: #458; 76 | font-weight: bold; 77 | } 78 | 79 | pre .tag, 80 | pre .tag .title, 81 | pre .rules .property, 82 | pre .django .tag .keyword { 83 | color: #000080; 84 | font-weight: normal; 85 | } 86 | 87 | pre .attribute, 88 | pre .variable, 89 | pre .lisp .body { 90 | color: #008080; 91 | } 92 | 93 | pre .regexp { 94 | color: #009926; 95 | } 96 | 97 | pre .class { 98 | color: #458; 99 | font-weight: bold; 100 | } 101 | 102 | pre .symbol, 103 | pre .ruby .symbol .string, 104 | pre .lisp .keyword, 105 | pre .tex .special, 106 | pre .prompt { 107 | color: #990073; 108 | } 109 | 110 | pre .built_in, 111 | pre .lisp .title, 112 | pre .clojure .built_in { 113 | color: #0086b3; 114 | } 115 | 116 | pre .preprocessor, 117 | pre .pi, 118 | pre .doctype, 119 | pre .shebang, 120 | pre .cdata { 121 | color: #999; 122 | font-weight: bold; 123 | } 124 | 125 | pre .deletion { 126 | background: #fdd; 127 | } 128 | 129 | pre .addition { 130 | background: #dfd; 131 | } 132 | 133 | pre .diff .change { 134 | background: #0086b3; 135 | } 136 | 137 | pre .chunk { 138 | color: #aaa; 139 | } -------------------------------------------------------------------------------- /public/css/app/issues.less: -------------------------------------------------------------------------------- 1 | .div-preview-issue { 2 | padding: 16px 0 16px 0; 3 | .table { display: table; } 4 | .cell-left, .cell-right { display: table-cell; vertical-align: middle; } 5 | .a-id-issue { 6 | display: inline-block; 7 | padding: 6px 12px; 8 | margin: 0 20px 0 0; 9 | font-size: 2em; 10 | font-weight: 900; 11 | color: #fff; 12 | .border-radius(0 12px 12px 0); 13 | .transition(all .2s ease-in-out); 14 | span { 15 | font-size: 0.7em; 16 | } 17 | } 18 | .a-summary { 19 | line-height: 1em; 20 | font-size: 1.8em; 21 | font-weight: 900; 22 | color: @text-black; 23 | &:hover { color: @text-black-hover; } 24 | } 25 | .closed { 26 | text-decoration: line-through; 27 | } 28 | .grey { 29 | display: inline-block; 30 | padding-left: 8px; 31 | a { 32 | color: @text-black; 33 | font-weight: 900; 34 | &:hover { color: @text-black-hover; } 35 | } 36 | } 37 | .icon-comment { .opacity(80); } 38 | .a-nb-comment:hover .icon-comment { .opacity(100); } 39 | &:hover { 40 | .a-id-issue { padding-right: 24px; margin-right: 8px; } 41 | background: darken(@bgd-grey, 5%); 42 | } 43 | .transition(all .2s ease-in-out); 44 | border-bottom: 4px solid darken(@bgd-grey, 10%); 45 | } 46 | 47 | .box-details { 48 | display: none; 49 | } 50 | 51 | .box { 52 | margin-bottom: 20px; 53 | .top { 54 | padding: 6px 6px; 55 | background: @bgd-yellow; 56 | a { 57 | font-weight: bold; 58 | color: @text-black; 59 | &:hover { color: @text-black-hover; } 60 | } 61 | i { 62 | .opacity(80); 63 | margin: 0 8px; 64 | } 65 | .manage { 66 | margin-right: 4px; 67 | float: right; 68 | i { margin: 0; } 69 | } 70 | } 71 | .div-left, .div-right { 72 | display: table-cell; 73 | vertical-align: top; 74 | } 75 | .div-right { width: @width-about; } 76 | .inner { 77 | border-left: 6px solid @bgd-yellow; 78 | padding: 12px; 79 | } 80 | .inner-form { 81 | background: @bgd-yellow; 82 | padding: 12px; 83 | } 84 | .div-status { 85 | margin: 0 0 16px 0; 86 | padding: 6px 12px; 87 | text-align: center; 88 | font-weight: 900; 89 | color: #fff; 90 | a { 91 | color: #fff; 92 | text-decoration: underline; 93 | &:hover { text-decoration: none; } 94 | } 95 | } 96 | .p-text, .ul-actions { 97 | a { 98 | color: @text-black; 99 | font-weight: bold; 100 | &:hover { color: @text-black-hover; } 101 | } 102 | } 103 | .p-text { 104 | margin: 0 0 16px 0; 105 | } 106 | .ul-actions { 107 | list-style: none; 108 | margin: 32px 0 0 0; 109 | padding: 0; 110 | text-align: center; 111 | font-style: italic; 112 | text-transform: lowercase; 113 | li { 114 | margin: 0 0 8px 0; 115 | line-height: 1em; 116 | } 117 | } 118 | .p-edit-labels { margin-bottom: 24px; } 119 | } 120 | .box-identicon { 121 | float: left; 122 | border: solid @bgd-yellow; 123 | border-width: 6px 0 6px 6px; 124 | .border-radius(6px 0 0 6px); 125 | img { display: block; } 126 | } 127 | .box-comment, .box-update { 128 | margin-left: 54px; 129 | } 130 | .box-post-comment, .box-new-issue { 131 | margin-bottom: 0; 132 | } 133 | .box-uploads { 134 | overflow: hidden; 135 | max-width: 360px; 136 | margin: auto; 137 | &:before { 138 | content: ""; 139 | border: 4px solid @bgd-yellow; 140 | margin-left: 50%; 141 | } 142 | } 143 | .box-settings { 144 | .top { cursor: pointer; } 145 | table { 146 | width: auto; 147 | margin: auto; 148 | } 149 | .btn-group-up-down { 150 | display: inline-block; 151 | vertical-align: middle; 152 | margin: 4px 0; 153 | .btn { 154 | display: block; 155 | margin: 0; 156 | } 157 | } 158 | .btn-export { 159 | margin: 0 0 4px 0; 160 | } 161 | .btn-export-users { 162 | margin: 0 0 0 4px; 163 | } 164 | .td-actions { 165 | width: 40px; 166 | } 167 | } 168 | 169 | .div-uploads { 170 | margin: 12px -12px -12px -12px; 171 | padding: 6px; 172 | background: @bgd-yellow; 173 | .upload-tiny { 174 | display: block; 175 | max-width: 140px; 176 | max-height: 92px; 177 | margin: -2px -4px; 178 | } 179 | a { 180 | display: inline-block; 181 | margin: 2px; 182 | padding: 2px 4px; 183 | vertical-align: middle; 184 | border: 6px solid @bgd-yellow; 185 | .border-radius(6px); 186 | color: @text-black; 187 | i { .opacity(80); } 188 | &:hover { 189 | border-color: lighten(@bgd-yellow, 18%); 190 | color: @text-black-hover; 191 | i { .opacity(100); } 192 | } 193 | } 194 | } 195 | .div-list-uploads { 196 | .upload-tiny { 197 | max-width: 140px; 198 | max-height: 92px; 199 | vertical-align: middle; 200 | } 201 | p { 202 | margin: 12px 0; 203 | } 204 | a { 205 | color: @link-red; 206 | &:hover { text-decoration: underline; } 207 | } 208 | } 209 | 210 | .div-table-comments, .div-table-issues { 211 | display: table; 212 | table-layout: fixed; 213 | width: 100%; 214 | } 215 | .div-comments, .div-post-comment, .div-issues, .div-filter-issues { 216 | display: table-cell; 217 | vertical-align: top; 218 | } 219 | .div-post-comment, .div-filter-issues { 220 | padding-left: 12px; 221 | &.aligned-bottom { vertical-align: bottom; } 222 | } 223 | .div-post-comment { 224 | width: 420px; 225 | .div-affix { width: 420px; } 226 | } 227 | .div-filter-issues { 228 | width: 280px; 229 | .div-affix { width: 280px; } 230 | } 231 | 232 | 233 | .div-intro { 234 | margin-bottom: 32px; 235 | } 236 | .div-preview-projects { 237 | display: table; 238 | table-layout: fixed; 239 | width: 100%; 240 | } 241 | .div-preview-project { 242 | display: table-cell; 243 | width: 50%; 244 | word-wrap: break-word; 245 | a { 246 | display: block; 247 | margin: 12px; 248 | padding: 18px; 249 | word-wrap: break-word; 250 | background: @bgd-yellow; 251 | color: @text-black; 252 | span { 253 | display: block; 254 | font-size: 2em; 255 | font-weight: bold; 256 | text-align: center; 257 | margin-bottom: 12px; 258 | } 259 | &:hover { 260 | text-decoration: none; 261 | span { color: @text-black-hover; } 262 | } 263 | } 264 | } 265 | 266 | .div-view-personnal-issues { 267 | clear: both; 268 | padding-top: 12px; 269 | text-align: right; 270 | a { 271 | color: @text-black; 272 | font-weight: 900; 273 | font-style: italic; 274 | &:hover { 275 | color: @text-black-hover; 276 | } 277 | } 278 | } 279 | 280 | .preview { 281 | background: @bgd-grey; 282 | padding: 8px 12px; 283 | margin-bottom: 6px; 284 | } 285 | 286 | 287 | // Settings 288 | .identicon { 289 | background: lighten(@bgd-yellow, 18%); 290 | border: 6px solid lighten(@bgd-yellow, 18%); 291 | .border-radius(6px); 292 | float: left; 293 | margin-right: 8px; 294 | } -------------------------------------------------------------------------------- /public/css/app/miscellaneous.less: -------------------------------------------------------------------------------- 1 | .div-table { 2 | display: table; 3 | table-layout: fixed; 4 | width: 100%; 5 | } 6 | .div-cell { 7 | display: table-cell; 8 | vertical-align: top; 9 | } 10 | .div-cell-left { 11 | padding-right: 12px; 12 | } 13 | 14 | .div-last-edits { 15 | background: @bgd-yellow; 16 | padding: 8px; 17 | width: 360px; 18 | h2 { 19 | background: lighten(@bgd-yellow, 18%); 20 | margin: 0; 21 | padding: 4px; 22 | text-align: center; 23 | font-size: 1.2em; 24 | } 25 | p { margin-top: 12px; } 26 | } 27 | .div-last-edit { 28 | margin: 24px 4px 0 4px; 29 | .a-summary { 30 | font-weight: 900; 31 | font-size: 1.4em; 32 | line-height: 1em; 33 | color: @text-black; 34 | &:hover { color: @text-black-hover; } 35 | } 36 | .box-update { 37 | display: inline-block; 38 | margin: 0; 39 | } 40 | } 41 | 42 | .div-pie-statuses { 43 | text-align: center; 44 | canvas { display: inline-block} 45 | } 46 | 47 | .pager { 48 | margin: 20px 12px; 49 | text-align: center; 50 | line-height: 2em; 51 | .current { 52 | font-weight: 900; 53 | margin: 0 8px; 54 | white-space: nowrap; 55 | } 56 | .previous, .next { 57 | padding: 8px; 58 | background: @bgd-yellow; 59 | color: @text-black; 60 | white-space: nowrap; 61 | &:hover { color: @text-black-hover; } 62 | } 63 | .next { 64 | .border-radius(0 8px 8px 0); 65 | } 66 | .previous { 67 | .border-radius(8px 0 0 8px); 68 | } 69 | } 70 | 71 | .alert { 72 | padding: 12px; 73 | text-align: center; 74 | cursor: pointer; 75 | color: @text-black; 76 | &:hover { color: @text-black-hover; } 77 | } 78 | .alert-error { 79 | background: @red; 80 | } 81 | .alert-success { 82 | background: @green; 83 | } -------------------------------------------------------------------------------- /public/css/app/mixins.less: -------------------------------------------------------------------------------- 1 | .box-shadow(@shadowA, @shadowB:X, ...){ 2 | @props: ~`"@{arguments}".replace(/[\[\]]|\,\sX/g, '')`; 3 | -webkit-box-shadow: @props; 4 | -moz-box-shadow: @props; 5 | box-shadow: @props; 6 | } 7 | 8 | .transform-origin(@arg) { 9 | -webkit-transform-origin: @arg; 10 | -moz-transform-origin: @arg; 11 | -o-transform-origin: @arg; 12 | transform-origin: @arg; 13 | } 14 | 15 | .transform(@arg) { 16 | -webkit-transform: @arg; 17 | -moz-transform: @arg; 18 | -o-transform: @arg; 19 | -ms-transform: @arg; 20 | transform: @arg; 21 | } 22 | 23 | .border-radius(@radius) { 24 | -webkit-border-radius: @radius; 25 | -moz-border-radius: @radius; 26 | border-radius: @radius; 27 | } 28 | 29 | .vertical-gradient(@startColor: #555, @endColor: #333) { 30 | background-color: mix(@startColor, @endColor, 60%); 31 | background-image: -moz-linear-gradient(top, @startColor, @endColor); 32 | background-image: -webkit-gradient(linear, 0 0, 0 100%, from(@startColor), to(@endColor)); 33 | background-image: -webkit-linear-gradient(top, @startColor, @endColor); 34 | background-image: -o-linear-gradient(top, @startColor, @endColor); 35 | background-image: linear-gradient(to bottom, @startColor, @endColor); 36 | background-repeat: repeat-x; 37 | filter: e(%("progid:DXImageTransform.Microsoft.gradient(startColorstr='%d', endColorstr='%d', GradientType=0)",argb(@startColor),argb(@endColor))); // IE9 and down 38 | } 39 | 40 | .transition(@transition) { 41 | -webkit-transition: @transition; 42 | -moz-transition: @transition; 43 | -o-transition: @transition; 44 | transition: @transition; 45 | } 46 | 47 | .box-sizing(@boxmodel) { 48 | -webkit-box-sizing: @boxmodel; 49 | -moz-box-sizing: @boxmodel; 50 | box-sizing: @boxmodel; 51 | } 52 | 53 | .opacity(@opacity) { 54 | filter: ~"alpha(opacity=@{opacity})"; 55 | opacity: @opacity / 100; 56 | } 57 | 58 | .user-select(@opt) { 59 | -webkit-touch-callout: @opt; 60 | -webkit-user-select: @opt; 61 | -khtml-user-select: @opt; 62 | -moz-user-select: @opt; 63 | -ms-user-select: @opt; 64 | user-select: @opt; 65 | } -------------------------------------------------------------------------------- /public/css/app/responsive.less: -------------------------------------------------------------------------------- 1 | @media screen and (max-width: @max-width) { 2 | header .header-inner { 3 | padding-left: 0; 4 | } 5 | } 6 | 7 | @media screen and (max-width: 1199px) { 8 | .main-right { 9 | width: 32px; 10 | &.open { 11 | .main-right-open { margin-left: @width-aside; } 12 | .main-right-inner { display: block; } 13 | } 14 | } 15 | .main-right-open { 16 | display: block; 17 | width: 32px - 12px; 18 | position: absolute; 19 | } 20 | .main-right-inner { 21 | display: none; 22 | position: absolute; 23 | z-index: 999; 24 | } 25 | } 26 | 27 | @media screen and (max-width: 999px) { 28 | .div-table-issues, .div-table-comments { 29 | display: block; 30 | } 31 | .div-issues, .div-filter-issues, .div-comments, .div-post-comment { 32 | display: block; 33 | width: auto; 34 | .div-affix { 35 | position: static; 36 | width: auto; 37 | top: auto; 38 | } 39 | } 40 | .div-post-comment, .div-filter-issues { 41 | padding-left: 0; 42 | } 43 | } 44 | 45 | @media screen and (max-width: 799px) { 46 | .main-right { 47 | width: 0; 48 | &.open { 49 | .main-right-inner { display: block; } 50 | } 51 | } 52 | .main-right-open { 53 | display: none; 54 | } 55 | header .a-menu { 56 | display: inline-block; 57 | } 58 | .div-table, .div-preview-projects { 59 | display: block; 60 | } 61 | .div-cell { 62 | display: block; 63 | margin: 0 auto 32px auto; 64 | width: auto; 65 | } 66 | .box .div-left, .box .div-right { 67 | display: block; 68 | width: auto; 69 | } 70 | .div-preview-project { 71 | display: block; 72 | width: auto; 73 | a { 74 | margin-left: 0; 75 | margin-right: 0; 76 | } 77 | } 78 | } 79 | 80 | @media screen and (max-width: 499px) { 81 | .div-preview-issue { 82 | .a-id-issue { margin-right: 8px; } 83 | &:hover .a-id-issue { 84 | margin-right: 8px; 85 | padding-right: 12px; 86 | } 87 | } 88 | .box .inner-form, .form { 89 | .help { 90 | margin-left: 6px; 91 | } 92 | } 93 | } -------------------------------------------------------------------------------- /public/css/app/structure.less: -------------------------------------------------------------------------------- 1 | html, body { 2 | margin: 0; 3 | padding: 0; 4 | } 5 | 6 | body { 7 | font-size: @font-size; 8 | font-weight: normal; 9 | font-family: @font-family; 10 | background: @bgd-grey; 11 | color: @text-black; 12 | margin: 0 auto; 13 | -webkit-text-size-adjust: 100%; 14 | -webkit-font-smoothing: antialiased; 15 | } 16 | 17 | header { 18 | background: @bgd-blue; 19 | padding: 8px 16px; 20 | color: lighten(@bgd-blue, 40%); 21 | font-weight: 900; 22 | a { 23 | color: lighten(@bgd-blue, 40%); 24 | &:hover { 25 | color: #fff; 26 | } 27 | } 28 | .brand { 29 | display: inline; 30 | font-size: 2em; 31 | } 32 | .slash { 33 | padding: 0 10px; 34 | } 35 | .a-project { 36 | color: #fff; 37 | } 38 | .a-menu, .nav-bar { 39 | display: none; 40 | } 41 | .a-menu { 42 | width: 18px; 43 | margin-right: 12px; 44 | .bar { 45 | width: 18px; 46 | height: 2px; 47 | display: block; 48 | margin-bottom: 4px; 49 | background: lighten(@bgd-blue, 40%); 50 | } 51 | &:hover .bar { 52 | background: #fff; 53 | } 54 | } 55 | .header-inner { 56 | padding-left: 12px; 57 | } 58 | } 59 | 60 | .main, .header-inner { 61 | max-width: @max-width; 62 | margin-left: auto; 63 | margin-right: auto; 64 | } 65 | 66 | .main { 67 | display: table; 68 | table-layout: fixed; 69 | width: 100%; 70 | margin-top: 12px; 71 | } 72 | .main-right, .main-left { 73 | display: table-cell; 74 | vertical-align: top; 75 | } 76 | .main-right { 77 | width: @width-aside; 78 | position: relative; 79 | } 80 | .main-right-open { 81 | display: none; 82 | padding: 6px; 83 | background: @bgd-blue; 84 | color: lighten(@bgd-blue, 40%); 85 | font-weight: 900; 86 | word-wrap: break-word; 87 | line-height: 0.8em; 88 | font-size: 1.2em; 89 | text-align: center; 90 | cursor: pointer; 91 | .border-radius(0 6px 6px 0); 92 | &:hover { 93 | color: #fff; 94 | } 95 | } 96 | .main-right-inner { 97 | width: @width-aside - 24px; 98 | background: @bgd-blue; 99 | padding: 12px; 100 | a { color: lighten(@bgd-blue, 40%); } 101 | a:hover { color: #fff; } 102 | .active a { 103 | color: #fff; 104 | &:before, &:after { 105 | color: #fff; 106 | } 107 | } 108 | nav { 109 | margin-bottom: 12px; 110 | ul { 111 | list-style: none; 112 | margin: 0; 113 | padding: 0; 114 | font-weight: 900; 115 | font-size: 1.1em; 116 | li { display: block } 117 | a { 118 | display: block; 119 | text-align: center; 120 | &:before { 121 | content: "• "; 122 | color: @bgd-blue; 123 | } 124 | &:after { 125 | content: " •"; 126 | color: @bgd-blue; 127 | } 128 | } 129 | } 130 | } 131 | .form-log-in, .form-log-out, .div-copyright { 132 | padding-top: 8px; 133 | margin-top: 8px; 134 | border-top: 1px solid lighten(@bgd-blue, 20%); 135 | } 136 | .form-log-in { 137 | a { 138 | display: block; 139 | text-align: center; 140 | font-size: 1.2em; 141 | font-weight: 900; 142 | margin-bottom: 8px; 143 | } 144 | } 145 | .form-log-out { 146 | text-align: center; 147 | color: lighten(@bgd-blue, 40%); 148 | a { 149 | font-weight: 900; 150 | } 151 | } 152 | .div-labels { 153 | text-align: center; 154 | margin-top: 8px; 155 | } 156 | .div-copyright { 157 | color: lighten(@bgd-blue, 40%); 158 | font-size: 0.8em; 159 | font-style: italic; 160 | text-align: center; 161 | a { text-decoration: underline; } 162 | a:hover { text-decoration: none; } 163 | } 164 | } 165 | .main-left { 166 | padding: 0 12px 12px 12px; 167 | } 168 | 169 | footer { 170 | display: none; 171 | } 172 | 173 | .aligned-bottom { 174 | vertical-align: bottom; 175 | } 176 | .aligned-fixed { 177 | .div-affix { 178 | position: fixed; 179 | top: 12px; 180 | } 181 | } -------------------------------------------------------------------------------- /public/css/app/text.less: -------------------------------------------------------------------------------- 1 | p { 2 | margin: 0; 3 | } 4 | 5 | h1, h2, h3, h4, h5, h6 { 6 | color: @title-black; 7 | font-weight: 900; 8 | } 9 | h1 { 10 | margin: 0 0 24px 0; 11 | padding: 0; 12 | font-size: 2.2em; 13 | line-height: 1em; 14 | small { 15 | font-size: 0.7em; 16 | font-weight: normal; 17 | } 18 | .span-id { 19 | display: inline-block; 20 | padding: 6px 12px; 21 | margin: 0 8px 0 0; 22 | color: #fff; 23 | .border-radius(0 12px 12px 0); 24 | span { 25 | font-size: 0.7em; 26 | } 27 | } 28 | } 29 | h3 { 30 | font-size: 1.6em; 31 | } 32 | h4 { 33 | font-size: 1.2em; 34 | font-style: italic; 35 | } 36 | h5 { 37 | font-size: 0.9em; 38 | font-style: italic; 39 | } 40 | 41 | a { 42 | text-decoration: none; 43 | } 44 | .text-container a { 45 | color: @link-red; 46 | &:hover { text-decoration: underline; } 47 | } 48 | 49 | .text-container { 50 | p { 51 | margin-top: 8px; 52 | } 53 | p:first-child { margin-top: 0; } 54 | img { 55 | max-width: 100%; 56 | } 57 | blockquote { 58 | background: lighten(@bgd-grey, 4%); 59 | padding: 6px 8px; 60 | } 61 | } 62 | 63 | .found, .strong { 64 | font-weight: 900; 65 | } 66 | .a-summary .found { 67 | font-weight: normal; 68 | } 69 | 70 | .label { 71 | display: inline-block; 72 | font-size: 0.8em; 73 | font-weight: 900; 74 | color: #fff; 75 | white-space: nowrap; 76 | padding: 1px 3px; 77 | margin: 2px; 78 | } 79 | a.label, a.label:hover { 80 | color: #fff; 81 | text-decoration: none; 82 | } 83 | .p-edit-labels .label { 84 | &.unselected { background: transparent !important; color: @text-black; } 85 | &:hover { text-decoration: underline; } 86 | &.selected:hover { text-decoration: none; } 87 | } 88 | 89 | .btn-open, .btn-closed, .btn-status, .btn-commented { 90 | display: inline-block; 91 | vertical-align: baseline; 92 | font-size: 0.9em; 93 | font-weight: 900; 94 | white-space: nowrap; 95 | padding: 1px 3px; 96 | margin: 2px; 97 | .top & { margin: 0; } 98 | .box-sort-filter &.unselected { 99 | background: transparent !important; 100 | &:hover { text-decoration: underline; } 101 | } 102 | .box-sort-filter &:hover { text-decoration: none; } 103 | } 104 | a.btn-open, a.btn-closed, a.btn-commented { color: @text-black; } 105 | a.btn-status { color: #fff; } 106 | a.btn-status.unselected { color: @text-black; } 107 | .btn-open { 108 | background: @green; 109 | } 110 | .btn-closed { 111 | background: @red; 112 | } 113 | .btn-commented { 114 | background: lighten(#97AAD5, 5%); 115 | } 116 | .btn-status { 117 | color: #fff; 118 | a, .top & a { 119 | color: #fff; 120 | text-decoration: underline; 121 | &:hover { 122 | text-decoration: none; 123 | color: #fff; 124 | } 125 | } 126 | } 127 | -------------------------------------------------------------------------------- /public/css/inc/SourceSansPro-Black.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/piero-la-lune/Bumpy-Booby/306e7ef7994ddd884d5eae99761b7a3865ce55dc/public/css/inc/SourceSansPro-Black.woff -------------------------------------------------------------------------------- /public/css/inc/SourceSansPro-Regular.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/piero-la-lune/Bumpy-Booby/306e7ef7994ddd884d5eae99761b7a3865ce55dc/public/css/inc/SourceSansPro-Regular.woff -------------------------------------------------------------------------------- /public/css/inc/glyphicons-halflings-white.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/piero-la-lune/Bumpy-Booby/306e7ef7994ddd884d5eae99761b7a3865ce55dc/public/css/inc/glyphicons-halflings-white.png -------------------------------------------------------------------------------- /public/css/inc/glyphicons-halflings.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/piero-la-lune/Bumpy-Booby/306e7ef7994ddd884d5eae99761b7a3865ce55dc/public/css/inc/glyphicons-halflings.png -------------------------------------------------------------------------------- /public/img/bumpy-booby.ico: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/piero-la-lune/Bumpy-Booby/306e7ef7994ddd884d5eae99761b7a3865ce55dc/public/img/bumpy-booby.ico -------------------------------------------------------------------------------- /public/js/html5.js: -------------------------------------------------------------------------------- 1 | /* 2 | HTML5 Shiv v3.6.2pre | @afarkas @jdalton @jon_neal @rem | MIT/GPL2 Licensed 3 | Uncompressed source: https://github.com/aFarkas/html5shiv 4 | */ 5 | (function(l,f){function m(){var a=e.elements;return"string"==typeof a?a.split(" "):a}function i(a){var b=n[a[o]];b||(b={},h++,a[o]=h,n[h]=b);return b}function p(a,b,c){b||(b=f);if(g)return b.createElement(a);c||(c=i(b));b=c.cache[a]?c.cache[a].cloneNode():r.test(a)?(c.cache[a]=c.createElem(a)).cloneNode():c.createElem(a);return b.canHaveChildren&&!s.test(a)?c.frag.appendChild(b):b}function t(a,b){if(!b.cache)b.cache={},b.createElem=a.createElement,b.createFrag=a.createDocumentFragment,b.frag=b.createFrag(); 6 | a.createElement=function(c){return!e.shivMethods?b.createElem(c):p(c,a,b)};a.createDocumentFragment=Function("h,f","return function(){var n=f.cloneNode(),c=n.createElement;h.shivMethods&&("+m().join().replace(/\w+/g,function(a){b.createElem(a);b.frag.createElement(a);return'c("'+a+'")'})+");return n}")(e,b.frag)}function q(a){a||(a=f);var b=i(a);if(e.shivCSS&&!j&&!b.hasCSS){var c,d=a;c=d.createElement("p");d=d.getElementsByTagName("head")[0]||d.documentElement;c.innerHTML="x"; 7 | c=d.insertBefore(c.lastChild,d.firstChild);b.hasCSS=!!c}g||t(a,b);return a}var k=l.html5||{},s=/^<|^(?:button|map|select|textarea|object|iframe|option|optgroup)$/i,r=/^(?:a|b|code|div|fieldset|h1|h2|h3|h4|h5|h6|i|label|li|ol|p|q|span|strong|style|table|tbody|td|th|tr|ul)$/i,j,o="_html5shiv",h=0,n={},g;(function(){try{var a=f.createElement("a");a.innerHTML="";j="hidden"in a;var b;if(!(b=1==a.childNodes.length)){f.createElement("a");var c=f.createDocumentFragment();b="undefined"==typeof c.cloneNode|| 8 | "undefined"==typeof c.createDocumentFragment||"undefined"==typeof c.createElement}g=b}catch(d){g=j=!0}})();var e={elements:k.elements||"abbr article aside audio bdi canvas data datalist details figcaption figure footer header hgroup main mark meter nav output progress section summary time video",version:"3.6.2pre",shivCSS:!1!==k.shivCSS,supportsUnknownElements:g,shivMethods:!1!==k.shivMethods,type:"default",shivDocument:q,createElement:p,createDocumentFragment:function(a,b){a||(a=f);if(g)return a.createDocumentFragment(); 9 | for(var b=b||i(a),c=b.frag.cloneNode(),d=0,e=m(),h=e.length;d #mq-test-1 { width: 42px; }';a.insertBefore(d,b);c=g.offsetWidth==42;a.removeChild(d);return{matches:c,media:h}}})(document); 4 | 5 | /*! Respond.js v1.1.0: min/max-width media query polyfill. (c) Scott Jehl. MIT/GPLv2 Lic. j.mp/respondjs */ 6 | (function(e){e.respond={};respond.update=function(){};respond.mediaQueriesSupported=e.matchMedia&&e.matchMedia("only all").matches;if(respond.mediaQueriesSupported){return}var w=e.document,s=w.documentElement,i=[],k=[],q=[],o={},h=30,f=w.getElementsByTagName("head")[0]||s,g=w.getElementsByTagName("base")[0],b=f.getElementsByTagName("link"),d=[],a=function(){var D=b,y=D.length,B=0,A,z,C,x;for(;B-1,minw:F.match(/\(min\-width:[\s]*([\s]*[0-9\.]+)(px|em)[\s]*\)/)&&parseFloat(RegExp.$1)+(RegExp.$2||""),maxw:F.match(/\(max\-width:[\s]*([\s]*[0-9\.]+)(px|em)[\s]*\)/)&&parseFloat(RegExp.$1)+(RegExp.$2||"")})}}j()},l,r,v=function(){var z,A=w.createElement("div"),x=w.body,y=false;A.style.cssText="position:absolute;font-size:1em;width:1em";if(!x){x=y=w.createElement("body");x.style.background="none"}x.appendChild(A);s.insertBefore(x,s.firstChild);z=A.offsetWidth;if(y){s.removeChild(x)}else{x.removeChild(A)}z=p=parseFloat(z);return z},p,j=function(I){var x="clientWidth",B=s[x],H=w.compatMode==="CSS1Compat"&&B||w.body[x]||B,D={},G=b[b.length-1],z=(new Date()).getTime();if(I&&l&&z-l-1?(p||v()):1)}if(!!J){J=parseFloat(J)*(J.indexOf(y)>-1?(p||v()):1)}if(!K.hasquery||(!A||!L)&&(A||H>=C)&&(L||H<=J)){if(!D[K.media]){D[K.media]=[]}D[K.media].push(k[K.rules])}}for(var E in q){if(q[E]&&q[E].parentNode===f){f.removeChild(q[E])}}for(var E in D){var M=w.createElement("style"),F=D[E].join("\n");M.type="text/css";M.media=E;f.insertBefore(M,G.nextSibling);if(M.styleSheet){M.styleSheet.cssText=F}else{M.appendChild(w.createTextNode(F))}q.push(M)}},n=function(x,z){var y=c();if(!y){return}y.open("GET",x,true);y.onreadystatechange=function(){if(y.readyState!=4||y.status!=200&&y.status!=304){return}z(y.responseText)};if(y.readyState==4){return}y.send(null)},c=(function(){var x=false;try{x=new XMLHttpRequest()}catch(y){x=new ActiveXObject("Microsoft.XMLHTTP")}return function(){return x}})();a();respond.update=a;function t(){j(true)}if(e.addEventListener){e.addEventListener("resize",t,false)}else{if(e.attachEvent){e.attachEvent("onresize",t)}}})(this); -------------------------------------------------------------------------------- /upgrade.php: -------------------------------------------------------------------------------- 1 | $nb) { return false; } 15 | if ($na < $nb) { return true; } 16 | } 17 | return false; 18 | } 19 | 20 | if (strict_lower($config['version'], '0.3')) { 21 | 22 | $config['nb_last_activity_rss'] = 20; 23 | 24 | } 25 | 26 | $settings = new Settings(); 27 | if ($config['url_rewriting']) { $settings->url_rewriting(); } 28 | $settings->save(); 29 | 30 | header('Content-Type: text/html; charset=utf-8'); 31 | die('Mise à jour effectuée avec succès ! Raffraichissez cette page pour accéder à Bumpy Boopby.'); 32 | 33 | ?> --------------------------------------------------------------------------------