check_naughty_javascript_url (line 43)
Check the specified URL for potentially malicious JavaScript. If any is found, the hack attack is logged, and an error is returned.
URLPATH
check_naughty_javascript_url
(MEMBER $source_member, URLPATH $url, boolean $as_admin)
-
MEMBER
$source_member: The member who submitted the URL
-
URLPATH
$url: The URL to check
-
boolean
$as_admin: Whether to check as arbitrary admin
comcode_parse_error (line 213)
Show a comcode parser error.
tempcode
comcode_parse_error
(boolean $preparse_mode, array $_message, integer $pos, LONG_TEXT $comcode, [boolean $check_only = false])
-
boolean
$preparse_mode: Whether this is being pre-parsed, to pick up errors before row insertion.
-
array
$_message: Error message details to pass to do_lang, or if the first in the list is NULL, use directly
-
integer
$pos: The position during parsing that the error occured at
-
LONG_TEXT
$comcode: The comcode the parser error occured in
-
boolean
$check_only: Whether to only check the Comcode.
do_code_box (line 389)
Render a code box.
array
do_code_box
(string $type, tempcode $embed, [boolean $numbers = true], [boolean $in_semihtml = false], [boolean $is_all_semihtml = false])
-
string
$type: The data type (e.g. file extension) we are rendering.
-
tempcode
$embed: Contents (code) to render.
-
boolean
$numbers: Whether to show line numbers.
-
boolean
$in_semihtml: Whether what we have came from inside a semihtml tag
-
boolean
$is_all_semihtml: Whether what we have came from semihtml mode
init__comcode_renderer (line 24)
Standard code module initialisation function.
void
init__comcode_renderer
()
map_keys_to_upper (line 2427)
Turn keys of a map to upper case, and return modified map.
array
map_keys_to_upper
(array $array)
reinsert_parameters (line 326)
Build some Comcode-syntax attribute parameters from our in-memory parameters.
string
reinsert_parameters
(array $attributes)
-
array
$attributes: In-memory array.
test_url (line 344)
Test a URL as a broken link.
tempcode
test_url
(URLPATH $url_full, string $tag_type, string $given_url)
-
URLPATH
$url_full: URL to test.
-
string
$tag_type: Comcode tag type, to which the URL is associated.
-
string
$given_url: URL actually provided.
_comcode_to_tempcode (line 169)
Convert the specified comcode (unknown format) into a tempcode tree. You shouldn't output the tempcode tree to the browser, as it looks really horrible. If you are in a rare case where you need to output directly (not through templates), you should call the evaluate method on the tempcode object, to convert it into a string.
tempcode
_comcode_to_tempcode
(LONG_TEXT $comcode, [?MEMBER $source_member = NULL], [boolean $as_admin = false], [?integer $wrap_pos = 60], [?string $pass_id = NULL], [?object $connection = NULL], [boolean $semiparse_mode = false], [boolean $preparse_mode = false], [boolean $is_all_semihtml = false], [boolean $structure_sweep = false], [boolean $check_only = false], [?array $highlight_bits = NULL], [?MEMBER $on_behalf_of_member = NULL])
-
LONG_TEXT
$comcode: The comcode to convert
-
?MEMBER
$source_member: The member the evaluation is running as. This is a security issue, and you should only run as an administrator if you have considered where the comcode came from carefully (NULL: current member)
-
boolean
$as_admin: Whether to explicitly execute this with admin rights. There are a few rare situations where this should be done, for data you know didn't come from a member, but is being evaluated by one.
-
?integer
$wrap_pos: The position to conduct wordwrapping at (NULL: do not conduct word-wrapping)
-
?string
$pass_id: A special identifier that can identify this resource in a sea of our resources of this class; usually this can be ignored, but may be used to provide a binding between Javascript in evaluated comcode, and the surrounding environment (NULL: no explicit binding)
-
?object
$connection: The database connection to use (NULL: standard site connection)
-
boolean
$semiparse_mode: Whether to parse so as to create something that would fit inside a semihtml tag. It means we generate HTML, with Comcode written into it where the tag could never be reverse-converted (e.g. a block).
-
boolean
$preparse_mode: Whether this is being pre-parsed, to pick up errors before row insertion.
-
boolean
$is_all_semihtml: Whether to treat this whole thing as being wrapped in semihtml, but apply normal security otherwise.
-
boolean
$structure_sweep: Whether we are only doing this parse to find the title structure
-
boolean
$check_only: Whether to only check the Comcode. It's best to use the check_comcode function which will in turn use this parameter.
-
?array
$highlight_bits: A list of words to highlight (NULL: none)
-
?MEMBER
$on_behalf_of_member: The member we are running on behalf of, with respect to how attachments are handled; we may use this members attachments that are already within this post, and our new attachments will be handed to this member (NULL: member evaluating)
_custom_comcode_import (line 89)
Load up custom comcode tags so that we may parse them.
void
_custom_comcode_import
(object The $connection)
-
object The
$connection: database connection to use
_do_contents_level (line 2399)
Recursive algorithm to make table of contents.
tempcode
_do_contents_level
(array $tree_structure, array $list_types, integer $base, [integer $the_level = 0])
-
array
$tree_structure: The TOC (sub)tree
-
array
$list_types: The list types to use for each level
-
integer
$base: The level to start from
-
integer
$the_level: The level we are at in the recursion
_do_tags_comcode (line 484)
Get tempcode for a Comcode tag. This function should always return (errors should be placed in the Comcode output stream), for stability reasons (i.e. if you're submitting something, you can't have the whole submit process die half way through in an unstructured fashion).
tempcode
_do_tags_comcode
(string $tag, array $attributes, mixed $embed, boolean $comcode_dangerous, string $pass_id, integer $marker, MEMBER $source_member, boolean $as_admin, object The $connection, string &$comcode, boolean $wml, boolean $structure_sweep, boolean $semiparse_mode, [?array $highlight_bits = NULL], [?MEMBER $on_behalf_of_member = NULL], [boolean $in_semihtml = false], [boolean $is_all_semihtml = false])
-
string
$tag: The tag being converted
-
array
$attributes: A map of the attributes (name=>val) for the tag. Val is usually a string, although in select places, the XML parser may pass tempcode.
-
mixed
$embed: Tempcode of the inside of the tag ([between]THIS[/between]); the XML parser may pass in special stuff here, which is interpreted only for select tags
-
boolean
$comcode_dangerous: Whether we are allowed to proceed even if this tag is marked as 'dangerous'
-
string
$pass_id: A special identifier to mark where the resultant tempcode is going to end up (e.g. the ID of a post)
-
integer
$marker: The position this tag occurred at in the Comcode
-
MEMBER
$source_member: The member who is responsible for this Comcode
-
boolean
$as_admin: Whether to check as arbitrary admin
-
object The
$connection: database connection to use
-
string
&$comcode: The whole chunk of comcode
-
boolean
$wml: Whether this is for WML output
-
boolean
$structure_sweep: Whether this is only a structure sweep
-
boolean
$semiparse_mode: Whether we are in semi-parse-mode (some tags might convert differently)
-
?array
$highlight_bits: A list of words to highlight (NULL: none)
-
?MEMBER
$on_behalf_of_member: The member we are running on behalf of, with respect to how attachments are handled; we may use this members attachments that are already within this post, and our new attachments will be handed to this member (NULL: member evaluating)
-
boolean
$in_semihtml: Whether what we have came from inside a semihtml tag
-
boolean
$is_all_semihtml: Whether what we have came from semihtml mode