composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-04-23 18:48:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

N°2235 Enable notification placeholders in hyperlinks

Browse Source 
(cherry picked from commit bc55bfbee1)
This commit is contained in:
Pierre Goiffon
2019-06-06 10:59:44 +02:00
parent 07781c7c9d
commit e4324cedb4
2 changed files with 32 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
core/htmlsanitizer.class.inc.php
View File

@@ -243,10 +243,15 @@ class HTMLDOMSanitizer extends HTMLSanitizer
{ {
// Regular urls // Regular urls
$sUrlPattern = utils::GetConfig()->Get('url_validation_pattern'); $sUrlPattern = utils::GetConfig()->Get('url_validation_pattern');
// Mailto urls // Mailto urls
$sMailtoPattern = '(mailto:(' . utils::GetConfig()->Get('email_validation_pattern') . ')(?:\?(?:subject|body)=([a-zA-Z0-9+\$_.-]*)(?:&(?:subject|body)=([a-zA-Z0-9+\$_.-]*))?)?)'; $sMailtoPattern = '(mailto:(' . utils::GetConfig()->Get('email_validation_pattern') . ')(?:\?(?:subject|body)=([a-zA-Z0-9+\$_.-]*)(?:&(?:subject|body)=([a-zA-Z0-9+\$_.-]*))?)?)';
$sPattern = $sUrlPattern . '|' . $sMailtoPattern; // Notification placeholders
// eg. $this->caller_id$, $this->hyperlink()$, $this->hyperlink(portal)$, $APP_URL$, $MODULES_URL$, ...
$sPlaceholderPattern = '\$[\w-]*(->[\w]*(\([\w-]*?\))?)?\$';
$sPattern = $sUrlPattern . '|' . $sMailtoPattern . '|' . $sPlaceholderPattern;
$sPattern = '/'.str_replace('/', '\/', $sPattern).'/i'; $sPattern = '/'.str_replace('/', '\/', $sPattern).'/i';
self::$aAttrsWhiteList['href'] = $sPattern; self::$aAttrsWhiteList['href'] = $sPattern;
} }

28
core/metamodel.class.php
View File

@@ -7244,6 +7244,10 @@ abstract class MetaModel
{ {
// Expand the parameters for the object // Expand the parameters for the object
$sName = substr($sSearch, 0, $iPos); $sName = substr($sSearch, 0, $iPos);
// Note: Capturing
// 1 - The delimiter
// 2 - The arrow
// 3 - The attribute code
$aRegExps = array( $aRegExps = array(
'/(\\$)'.$sName.'-(>|>)([^\\$]+)\\$/', // Support both syntaxes: $this->xxx$ or $this->xxx$ for HTML compatibility '/(\\$)'.$sName.'-(>|>)([^\\$]+)\\$/', // Support both syntaxes: $this->xxx$ or $this->xxx$ for HTML compatibility
'/(%24)'.$sName.'-(>|>)([^%24]+)%24/', // Support for urlencoded in HTML attributes (%20this->xxx%20) '/(%24)'.$sName.'-(>|>)([^%24]+)%24/', // Support for urlencoded in HTML attributes (%20this->xxx%20)
@@ -7278,8 +7282,28 @@ abstract class MetaModel
} }
else else
{ {
$aSearches[] = '$'.$sSearch.'$'; $aRegExps = array(
$aReplacements[] = (string)$replace; '/(\$)'.$sSearch.'\$/', // Support for regular placeholders (eg. $APP_URL$)
'/(%24)'.$sSearch.'%24/', // Support for urlencoded in HTML attributes (eg. %24APP_URL%24)
);
foreach($aRegExps as $sRegExp)
{
if(preg_match_all($sRegExp, $sInput, $aMatches))
{
foreach($aMatches[1] as $idx => $sDelimiter)
{
try
{
$aReplacements[] = (string) $replace;
$aSearches[] = $aMatches[1][$idx] . $sSearch . $aMatches[1][$idx];
}
catch(Exception $e)
{
// No replacement will occur
}
}
}
}
} }
} }
return str_replace($aSearches, $aReplacements, $sInput); return str_replace($aSearches, $aReplacements, $sInput);