X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=plugins%2Fmarkdown%2Fmarkdown.php;h=de7c823dfa4731c9d71a593db3f2a1530fb41d25;hb=9ff17ae20effa5d54fd8481c19518123590e3bd0;hp=57fcce3268a6aa5c0454e97cab9a395959635e46;hpb=47be06098396b5eef35234b88227d64ab81bd988;p=github%2Fshaarli%2FShaarli.git

diff --git a/plugins/markdown/markdown.php b/plugins/markdown/markdown.php
index 57fcce32..de7c823d 100644
--- a/plugins/markdown/markdown.php
+++ b/plugins/markdown/markdown.php
@@ -6,30 +6,28 @@
  * Shaare's descriptions are parsed with Markdown.
  */
 
-require_once 'Parsedown.php';
-
 /*
  * If this tag is used on a shaare, the description won't be processed by Parsedown.
- * Using a private tag so it won't appear for visitors.
  */
-define('NO_MD_TAG', '.nomarkdown');
+define('NO_MD_TAG', 'nomarkdown');
 
 /**
  * Parse linklist descriptions.
  *
- * @param array $data linklist data.
+ * @param array         $data linklist data.
+ * @param ConfigManager $conf instance.
  *
  * @return mixed linklist data parsed in markdown (and converted to HTML).
  */
-function hook_markdown_render_linklist($data)
+function hook_markdown_render_linklist($data, $conf)
 {
     foreach ($data['links'] as &$value) {
         if (!empty($value['tags']) && noMarkdownTag($value['tags'])) {
+            $value = stripNoMarkdownTag($value);
             continue;
         }
-        $value['description'] = process_markdown($value['description']);
+        $value['description'] = process_markdown($value['description'], $conf->get('security.markdown_escape', true));
     }
-
     return $data;
 }
 
@@ -37,16 +35,18 @@ function hook_markdown_render_linklist($data)
  * Parse feed linklist descriptions.
  *
  * @param array $data linklist data.
+ * @param ConfigManager $conf instance.
  *
  * @return mixed linklist data parsed in markdown (and converted to HTML).
  */
-function hook_markdown_render_feed($data)
+function hook_markdown_render_feed($data, $conf)
 {
     foreach ($data['links'] as &$value) {
         if (!empty($value['tags']) && noMarkdownTag($value['tags'])) {
+            $value = stripNoMarkdownTag($value);
             continue;
         }
-        $value['description'] = process_markdown($value['description']);
+        $value['description'] = process_markdown($value['description'], $conf->get('security.markdown_escape', true));
     }
 
     return $data;
@@ -55,19 +55,24 @@ function hook_markdown_render_feed($data)
 /**
  * Parse daily descriptions.
  *
- * @param array $data daily data.
+ * @param array         $data daily data.
+ * @param ConfigManager $conf instance.
  *
  * @return mixed daily data parsed in markdown (and converted to HTML).
  */
-function hook_markdown_render_daily($data)
+function hook_markdown_render_daily($data, $conf)
 {
     // Manipulate columns data
     foreach ($data['cols'] as &$value) {
         foreach ($value as &$value2) {
             if (!empty($value2['tags']) && noMarkdownTag($value2['tags'])) {
+                $value2 = stripNoMarkdownTag($value2);
                 continue;
             }
-            $value2['formatedDescription'] = process_markdown($value2['formatedDescription']);
+            $value2['formatedDescription'] = process_markdown(
+                $value2['formatedDescription'],
+                $conf->get('security.markdown_escape', true)
+            );
         }
     }
 
@@ -83,7 +88,30 @@ function hook_markdown_render_daily($data)
  */
 function noMarkdownTag($tags)
 {
-    return strpos($tags, NO_MD_TAG) !== false;
+    return preg_match('/(^|\s)'. NO_MD_TAG .'(\s|$)/', $tags);
+}
+
+/**
+ * Remove the no-markdown meta tag so it won't be displayed.
+ *
+ * @param array $link Link data.
+ *
+ * @return array Updated link without no markdown tag.
+ */
+function stripNoMarkdownTag($link)
+{
+    if (! empty($link['taglist'])) {
+        $offset = array_search(NO_MD_TAG, $link['taglist']);
+        if ($offset !== false) {
+            unset($link['taglist'][$offset]);
+        }
+    }
+
+    if (!empty($link['tags'])) {
+        str_replace(NO_MD_TAG, '', $link['tags']);
+    }
+
+    return $link;
 }
 
 /**
@@ -138,7 +166,45 @@ function hook_markdown_render_editlink($data)
  */
 function reverse_text2clickable($description)
 {
-    return preg_replace('!<a +href="([^ ]*)">[^ ]+</a>!m', '$1', $description);
+    $descriptionLines = explode(PHP_EOL, $description);
+    $descriptionOut = '';
+    $codeBlockOn = false;
+    $lineCount = 0;
+
+    foreach ($descriptionLines as $descriptionLine) {
+        // Detect line of code: starting with 4 spaces,
+        // except lists which can start with +/*/- or `2.` after spaces.
+        $codeLineOn = preg_match('/^    +(?=[^\+\*\-])(?=(?!\d\.).)/', $descriptionLine) > 0;
+        // Detect and toggle block of code
+        if (!$codeBlockOn) {
+            $codeBlockOn = preg_match('/^```/', $descriptionLine) > 0;
+        }
+        elseif (preg_match('/^```/', $descriptionLine) > 0) {
+            $codeBlockOn = false;
+        }
+
+        $hashtagTitle = ' title="Hashtag [^"]+"';
+        // Reverse `inline code` hashtags.
+        $descriptionLine = preg_replace(
+            '!(`[^`\n]*)<a href="[^ ]*"'. $hashtagTitle .'>([^<]+)</a>([^`\n]*`)!m',
+            '$1$2$3',
+            $descriptionLine
+        );
+
+        // Reverse all links in code blocks, only non hashtag elsewhere.
+        $hashtagFilter = (!$codeBlockOn && !$codeLineOn) ? '(?!'. $hashtagTitle .')': '(?:'. $hashtagTitle .')?';
+        $descriptionLine = preg_replace(
+            '#<a href="[^ ]*"'. $hashtagFilter .'>([^<]+)</a>#m',
+            '$1',
+            $descriptionLine
+        );
+
+        $descriptionOut .= $descriptionLine;
+        if ($lineCount++ < count($descriptionLines) - 1) {
+            $descriptionOut .= PHP_EOL;
+        }
+    }
+    return $descriptionOut;
 }
 
 /**
@@ -190,7 +256,7 @@ function sanitize_html($description)
             $description);
     }
     $description = preg_replace(
-        '#(<[^>]+)on[a-z]*="[^"]*"#is',
+        '#(<[^>]+)on[a-z]*="?[^ "]*"?#is',
         '$1',
         $description);
     return $description;
@@ -205,20 +271,21 @@ function sanitize_html($description)
  *   5. Wrap description in 'markdown' CSS class.
  *
  * @param string $description input description text.
+ * @param bool   $escape      escape HTML entities
  *
  * @return string HTML processed $description.
  */
-function process_markdown($description)
+function process_markdown($description, $escape = true)
 {
     $parsedown = new Parsedown();
 
     $processedDescription = $description;
-    $processedDescription = reverse_text2clickable($processedDescription);
     $processedDescription = reverse_nl2br($processedDescription);
     $processedDescription = reverse_space2nbsp($processedDescription);
+    $processedDescription = reverse_text2clickable($processedDescription);
     $processedDescription = unescape($processedDescription);
     $processedDescription = $parsedown
-        ->setMarkupEscaped(false)
+        ->setMarkupEscaped($escape)
         ->setBreaksEnabled(true)
         ->text($processedDescription);
     $processedDescription = sanitize_html($processedDescription);