1 files changed, 0 insertions, 365 deletions
diff --git a/plugins/markdown/markdown.php b/plugins/markdown/markdown.php
deleted file mode 100644
index f6f66cc5..00000000
--- a/plugins/markdown/markdown.php
+++ /dev/null
@@ -1,365 +0,0 @@
-<?php
-/**
- * Plugin Markdown.
- *
- * Shaare's descriptions are parsed with Markdown.
- */
-use Shaarli\Config\ConfigManager;
-use Shaarli\Plugin\PluginManager;
-use Shaarli\Router;
-/*
- * If this tag is used on a shaare, the description won't be processed by Parsedown.
- */
-define('NO_MD_TAG', 'nomarkdown');
-/**
- * Parse linklist descriptions.
- *
- * @param array         $data linklist data.
- * @param ConfigManager $conf instance.
- *
- * @return mixed linklist data parsed in markdown (and converted to HTML).
- */
-function hook_markdown_render_linklist($data, $conf)
-{
-    foreach ($data['links'] as &$value) {
-        if (!empty($value['tags']) && noMarkdownTag($value['tags'])) {
-            $value = stripNoMarkdownTag($value);
-            continue;
-        }
-        $value['description_src'] = $value['description'];
-        $value['description'] = process_markdown(
-            $value['description'],
-            $conf->get('security.markdown_escape', true),
-            $conf->get('security.allowed_protocols')
-        );
-    }
-    return $data;
-}
-/**
- * Parse feed linklist descriptions.
- *
- * @param array $data linklist data.
- * @param ConfigManager $conf instance.
- *
- * @return mixed linklist data parsed in markdown (and converted to HTML).
- */
-function hook_markdown_render_feed($data, $conf)
-{
-    foreach ($data['links'] as &$value) {
-        if (!empty($value['tags']) && noMarkdownTag($value['tags'])) {
-            $value = stripNoMarkdownTag($value);
-            continue;
-        }
-        $value['description'] = reverse_feed_permalink($value['description']);
-        $value['description'] = process_markdown(
-            $value['description'],
-            $conf->get('security.markdown_escape', true),
-            $conf->get('security.allowed_protocols')
-        );
-    }
-    return $data;
-}
-/**
- * Parse daily descriptions.
- *
- * @param array         $data daily data.
- * @param ConfigManager $conf instance.
- *
- * @return mixed daily data parsed in markdown (and converted to HTML).
- */
-function hook_markdown_render_daily($data, $conf)
-{
-    //var_dump($data);die;
-    // Manipulate columns data
-    foreach ($data['linksToDisplay'] as &$value) {
-        if (!empty($value['tags']) && noMarkdownTag($value['tags'])) {
-            $value = stripNoMarkdownTag($value);
-            continue;
-        }
-        $value['formatedDescription'] = process_markdown(
-            $value['formatedDescription'],
-            $conf->get('security.markdown_escape', true),
-            $conf->get('security.allowed_protocols')
-        );
-    }
-    return $data;
-}
-/**
- * Check if noMarkdown is set in tags.
- *
- * @param string $tags tag list
- *
- * @return bool true if markdown should be disabled on this link.
- */
-function noMarkdownTag($tags)
-{
-    return preg_match('/(^|\s)'. NO_MD_TAG .'(\s|$)/', $tags);
-}
-/**
- * Remove the no-markdown meta tag so it won't be displayed.
- *
- * @param array $link Link data.
- *
- * @return array Updated link without no markdown tag.
- */
-function stripNoMarkdownTag($link)
-{
-    if (! empty($link['taglist'])) {
-        $offset = array_search(NO_MD_TAG, $link['taglist']);
-        if ($offset !== false) {
-            unset($link['taglist'][$offset]);
-        }
-    }
-    if (!empty($link['tags'])) {
-        str_replace(NO_MD_TAG, '', $link['tags']);
-    }
-    return $link;
-}
-/**
- * When link list is displayed, include markdown CSS.
- *
- * @param array $data includes data.
- *
- * @return mixed - includes data with markdown CSS file added.
- */
-function hook_markdown_render_includes($data)
-{
-    if ($data['_PAGE_'] == Router::$PAGE_LINKLIST
-        || $data['_PAGE_'] == Router::$PAGE_DAILY
-        || $data['_PAGE_'] == Router::$PAGE_EDITLINK
-    ) {
-        $data['css_files'][] = PluginManager::$PLUGINS_PATH . '/markdown/markdown.css';
-    }
-    return $data;
-}
-/**
- * Hook render_editlink.
- * Adds an help link to markdown syntax.
- *
- * @param array $data data passed to plugin
- *
- * @return array altered $data.
- */
-function hook_markdown_render_editlink($data)
-{
-    // Load help HTML into a string
-    $txt = file_get_contents(PluginManager::$PLUGINS_PATH .'/markdown/help.html');
-    $translations = [
-        t('Description will be rendered with'),
-        t('Markdown syntax documentation'),
-        t('Markdown syntax'),
-    ];
-    $data['edit_link_plugin'][] = vsprintf($txt, $translations);
-    // Add no markdown 'meta-tag' in tag list if it was never used, for autocompletion.
-    if (! in_array(NO_MD_TAG, $data['tags'])) {
-        $data['tags'][NO_MD_TAG] = 0;
-    }
-    return $data;
-}
-/**
- * Remove HTML links auto generated by Shaarli core system.
- * Keeps HREF attributes.
- *
- * @param string $description input description text.
- *
- * @return string $description without HTML links.
- */
-function reverse_text2clickable($description)
-{
-    $descriptionLines = explode(PHP_EOL, $description);
-    $descriptionOut = '';
-    $codeBlockOn = false;
-    $lineCount = 0;
-    foreach ($descriptionLines as $descriptionLine) {
-        // Detect line of code: starting with 4 spaces,
-        // except lists which can start with +/*/- or `2.` after spaces.
-        $codeLineOn = preg_match('/^    +(?=[^\+\*\-])(?=(?!\d\.).)/', $descriptionLine) > 0;
-        // Detect and toggle block of code
-        if (!$codeBlockOn) {
-            $codeBlockOn = preg_match('/^```/', $descriptionLine) > 0;
-        } elseif (preg_match('/^```/', $descriptionLine) > 0) {
-            $codeBlockOn = false;
-        }
-        $hashtagTitle = ' title="Hashtag [^"]+"';
-        // Reverse `inline code` hashtags.
-        $descriptionLine = preg_replace(
-            '!(`[^`\n]*)<a href="[^ ]*"'. $hashtagTitle .'>([^<]+)</a>([^`\n]*`)!m',
-            '$1$2$3',
-            $descriptionLine
-        );
-        // Reverse all links in code blocks, only non hashtag elsewhere.
-        $hashtagFilter = (!$codeBlockOn && !$codeLineOn) ? '(?!'. $hashtagTitle .')': '(?:'. $hashtagTitle .')?';
-        $descriptionLine = preg_replace(
-            '#<a href="[^ ]*"'. $hashtagFilter .'>([^<]+)</a>#m',
-            '$1',
-            $descriptionLine
-        );
-        // Make hashtag links markdown ready, otherwise the links will be ignored with escape set to true
-        if (!$codeBlockOn && !$codeLineOn) {
-            $descriptionLine = preg_replace(
-                '#<a href="([^ ]*)"'. $hashtagTitle .'>([^<]+)</a>#m',
-                '[$2]($1)',
-                $descriptionLine
-            );
-        }
-        $descriptionOut .= $descriptionLine;
-        if ($lineCount++ < count($descriptionLines) - 1) {
-            $descriptionOut .= PHP_EOL;
-        }
-    }
-    return $descriptionOut;
-}
-/**
- * Remove <br> tag to let markdown handle it.
- *
- * @param string $description input description text.
- *
- * @return string $description without <br> tags.
- */
-function reverse_nl2br($description)
-{
-    return preg_replace('!<br */?>!im', '', $description);
-}
-/**
- * Remove HTML spaces '&nbsp;' auto generated by Shaarli core system.
- *
- * @param string $description input description text.
- *
- * @return string $description without HTML links.
- */
-function reverse_space2nbsp($description)
-{
-    return preg_replace('/(^| )&nbsp;/m', '$1 ', $description);
-}
-function reverse_feed_permalink($description)
-{
-    return preg_replace('@&#8212; <a href="([^"]+)" title="[^"]+">([^<]+)</a>$@im', '&#8212; [$2]($1)', $description);
-}
-/**
- * Replace not whitelisted protocols with http:// in given description.
- *
- * @param string $description      input description text.
- * @param array  $allowedProtocols list of allowed protocols.
- *
- * @return string $description without malicious link.
- */
-function filter_protocols($description, $allowedProtocols)
-{
-    return preg_replace_callback(
-        '#]\((.*?)\)#is',
-        function ($match) use ($allowedProtocols) {
-            return ']('. whitelist_protocols($match[1], $allowedProtocols) .')';
-        },
-        $description
-    );
-}
-/**
- * Remove dangerous HTML tags (tags, iframe, etc.).
- * Doesn't affect <code> content (already escaped by Parsedown).
- *
- * @param string $description input description text.
- *
- * @return string given string escaped.
- */
-function sanitize_html($description)
-{
-    $escapeTags = array(
-        'script',
-        'style',
-        'link',
-        'iframe',
-        'frameset',
-        'frame',
-    );
-    foreach ($escapeTags as $tag) {
-        $description = preg_replace_callback(
-            '#<\s*'. $tag .'[^>]*>(.*</\s*'. $tag .'[^>]*>)?#is',
-            function ($match) {
-                return escape($match[0]);
-            },
-            $description
-        );
-    }
-    $description = preg_replace(
-        '#(<[^>]+\s)on[a-z]*="?[^ "]*"?#is',
-        '$1',
-        $description
-    );
-    return $description;
-}
-/**
- * Render shaare contents through Markdown parser.
- *   1. Remove HTML generated by Shaarli core.
- *   2. Reverse the escape function.
- *   3. Generate markdown descriptions.
- *   4. Sanitize sensible HTML tags for security.
- *   5. Wrap description in 'markdown' CSS class.
- *
- * @param string $description input description text.
- * @param bool   $escape      escape HTML entities
- *
- * @return string HTML processed $description.
- */
-function process_markdown($description, $escape = true, $allowedProtocols = [])
-{
-    $parsedown = new Parsedown();
-    $processedDescription = $description;
-    $processedDescription = reverse_nl2br($processedDescription);
-    $processedDescription = reverse_space2nbsp($processedDescription);
-    $processedDescription = reverse_text2clickable($processedDescription);
-    $processedDescription = filter_protocols($processedDescription, $allowedProtocols);
-    $processedDescription = unescape($processedDescription);
-    $processedDescription = $parsedown
-        ->setMarkupEscaped($escape)
-        ->setBreaksEnabled(true)
-        ->text($processedDescription);
-    $processedDescription = sanitize_html($processedDescription);
-    if (!empty($processedDescription)) {
-        $processedDescription = '<div class="markdown">'. $processedDescription . '</div>';
-    }
-    return $processedDescription;
-}
-/**
- * This function is never called, but contains translation calls for GNU gettext extraction.
- */
-function markdown_dummy_translation()
-{
-    // meta
-    t('Render shaare description with Markdown syntax.<br><strong>Warning</strong>:
-If your shaared descriptions contained HTML tags before enabling the markdown plugin,
-enabling it might break your page.
-See the <a href="https://github.com/shaarli/Shaarli/tree/master/plugins/markdown#html-rendering">README</a>.');
-}

diff --git a/plugins/markdown/markdown.php b/plugins/markdown/markdown.php deleted file mode 100644 index f6f66cc5..00000000 --- a/plugins/markdown/markdown.php +++ /dev/null
@@ -1,365 +0,0 @@
1	<?php
2
3	/**
4	* Plugin Markdown.
5	*
6	* Shaare's descriptions are parsed with Markdown.
7	*/
8
9	use Shaarli\Config\ConfigManager;
10	use Shaarli\Plugin\PluginManager;
11	use Shaarli\Router;
12
13	/*
14	* If this tag is used on a shaare, the description won't be processed by Parsedown.
15	*/
16	define('NO_MD_TAG', 'nomarkdown');
17
18	/**
19	* Parse linklist descriptions.
20	*
21	* @param array $data linklist data.
22	* @param ConfigManager $conf instance.
23	*
24	* @return mixed linklist data parsed in markdown (and converted to HTML).
25	*/
26	function hook_markdown_render_linklist($data, $conf)
27	{
28	foreach ($data['links'] as &$value) {
29	if (!empty($value['tags']) && noMarkdownTag($value['tags'])) {
30	$value = stripNoMarkdownTag($value);
31	continue;
32	}
33	$value['description_src'] = $value['description'];
34	$value['description'] = process_markdown(
35	$value['description'],
36	$conf->get('security.markdown_escape', true),
37	$conf->get('security.allowed_protocols')
38	);
39	}
40	return $data;
41	}
42
43	/**
44	* Parse feed linklist descriptions.
45	*
46	* @param array $data linklist data.
47	* @param ConfigManager $conf instance.
48	*
49	* @return mixed linklist data parsed in markdown (and converted to HTML).
50	*/
51	function hook_markdown_render_feed($data, $conf)
52	{
53	foreach ($data['links'] as &$value) {
54	if (!empty($value['tags']) && noMarkdownTag($value['tags'])) {
55	$value = stripNoMarkdownTag($value);
56	continue;
57	}
58	$value['description'] = reverse_feed_permalink($value['description']);
59	$value['description'] = process_markdown(
60	$value['description'],
61	$conf->get('security.markdown_escape', true),
62	$conf->get('security.allowed_protocols')
63	);
64	}
65
66	return $data;
67	}
68
69	/**
70	* Parse daily descriptions.
71	*
72	* @param array $data daily data.
73	* @param ConfigManager $conf instance.
74	*
75	* @return mixed daily data parsed in markdown (and converted to HTML).
76	*/
77	function hook_markdown_render_daily($data, $conf)
78	{
79	//var_dump($data);die;
80	// Manipulate columns data
81	foreach ($data['linksToDisplay'] as &$value) {
82	if (!empty($value['tags']) && noMarkdownTag($value['tags'])) {
83	$value = stripNoMarkdownTag($value);
84	continue;
85	}
86	$value['formatedDescription'] = process_markdown(
87	$value['formatedDescription'],
88	$conf->get('security.markdown_escape', true),
89	$conf->get('security.allowed_protocols')
90	);
91	}
92
93	return $data;
94	}
95
96	/**
97	* Check if noMarkdown is set in tags.
98	*
99	* @param string $tags tag list
100	*
101	* @return bool true if markdown should be disabled on this link.
102	*/
103	function noMarkdownTag($tags)
104	{
105	return preg_match('/(^\|\s)'. NO_MD_TAG .'(\s\|$)/', $tags);
106	}
107
108	/**
109	* Remove the no-markdown meta tag so it won't be displayed.
110	*
111	* @param array $link Link data.
112	*
113	* @return array Updated link without no markdown tag.
114	*/
115	function stripNoMarkdownTag($link)
116	{
117	if (! empty($link['taglist'])) {
118	$offset = array_search(NO_MD_TAG, $link['taglist']);
119	if ($offset !== false) {
120	unset($link['taglist'][$offset]);
121	}
122	}
123
124	if (!empty($link['tags'])) {
125	str_replace(NO_MD_TAG, '', $link['tags']);
126	}
127
128	return $link;
129	}
130
131	/**
132	* When link list is displayed, include markdown CSS.
133	*
134	* @param array $data includes data.
135	*
136	* @return mixed - includes data with markdown CSS file added.
137	*/
138	function hook_markdown_render_includes($data)
139	{
140	if ($data['_PAGE_'] == Router::$PAGE_LINKLIST
141	\|\| $data['_PAGE_'] == Router::$PAGE_DAILY
142	\|\| $data['_PAGE_'] == Router::$PAGE_EDITLINK
143	) {
144	$data['css_files'][] = PluginManager::$PLUGINS_PATH . '/markdown/markdown.css';
145	}
146
147	return $data;
148	}
149
150	/**
151	* Hook render_editlink.
152	* Adds an help link to markdown syntax.
153	*
154	* @param array $data data passed to plugin
155	*
156	* @return array altered $data.
157	*/
158	function hook_markdown_render_editlink($data)
159	{
160	// Load help HTML into a string
161	$txt = file_get_contents(PluginManager::$PLUGINS_PATH .'/markdown/help.html');
162	$translations = [
163	t('Description will be rendered with'),
164	t('Markdown syntax documentation'),
165	t('Markdown syntax'),
166	];
167	$data['edit_link_plugin'][] = vsprintf($txt, $translations);
168	// Add no markdown 'meta-tag' in tag list if it was never used, for autocompletion.
169	if (! in_array(NO_MD_TAG, $data['tags'])) {
170	$data['tags'][NO_MD_TAG] = 0;
171	}
172
173	return $data;
174	}
175
176
177	/**
178	* Remove HTML links auto generated by Shaarli core system.
179	* Keeps HREF attributes.
180	*
181	* @param string $description input description text.
182	*
183	* @return string $description without HTML links.
184	*/
185	function reverse_text2clickable($description)
186	{
187	$descriptionLines = explode(PHP_EOL, $description);
188	$descriptionOut = '';
189	$codeBlockOn = false;
190	$lineCount = 0;
191
192	foreach ($descriptionLines as $descriptionLine) {
193	// Detect line of code: starting with 4 spaces,
194	// except lists which can start with +/*/- or `2.` after spaces.
195	$codeLineOn = preg_match('/^ +(?=[^\+\*\-])(?=(?!\d\.).)/', $descriptionLine) > 0;
196	// Detect and toggle block of code
197	if (!$codeBlockOn) {
198	$codeBlockOn = preg_match('/^```/', $descriptionLine) > 0;
199	} elseif (preg_match('/^```/', $descriptionLine) > 0) {
200	$codeBlockOn = false;
201	}
202
203	$hashtagTitle = ' title="Hashtag [^"]+"';
204	// Reverse `inline code` hashtags.
205	$descriptionLine = preg_replace(
206	'!(`[^`\n])<a href="[^ ]"'. $hashtagTitle .'>([^<]+)</a>([^`\n]*`)!m',
207	'$1$2$3',
208	$descriptionLine
209	);
210
211	// Reverse all links in code blocks, only non hashtag elsewhere.
212	$hashtagFilter = (!$codeBlockOn && !$codeLineOn) ? '(?!'. $hashtagTitle .')': '(?:'. $hashtagTitle .')?';
213	$descriptionLine = preg_replace(
214	'#<a href="[^ ]*"'. $hashtagFilter .'>([^<]+)</a>#m',
215	'$1',
216	$descriptionLine
217	);
218
219	// Make hashtag links markdown ready, otherwise the links will be ignored with escape set to true
220	if (!$codeBlockOn && !$codeLineOn) {
221	$descriptionLine = preg_replace(
222	'#<a href="([^ ]*)"'. $hashtagTitle .'>([^<]+)</a>#m',
223	'[$2]($1)',
224	$descriptionLine
225	);
226	}
227
228	$descriptionOut .= $descriptionLine;
229	if ($lineCount++ < count($descriptionLines) - 1) {
230	$descriptionOut .= PHP_EOL;
231	}
232	}
233	return $descriptionOut;
234	}
235
236	/**
237	* Remove <br> tag to let markdown handle it.
238	*
239	* @param string $description input description text.
240	*
241	* @return string $description without <br> tags.
242	*/
243	function reverse_nl2br($description)
244	{
245	return preg_replace('!<br */?>!im', '', $description);
246	}
247
248	/**
249	* Remove HTML spaces ' ' auto generated by Shaarli core system.
250	*
251	* @param string $description input description text.
252	*
253	* @return string $description without HTML links.
254	*/
255	function reverse_space2nbsp($description)
256	{
257	return preg_replace('/(^\| ) /m', '$1 ', $description);
258	}
259
260	function reverse_feed_permalink($description)
261	{
262	return preg_replace('@— <a href="([^"]+)" title="[^"]+">([^<]+)</a>$@im', '— [$2]($1)', $description);
263	}
264
265	/**
266	* Replace not whitelisted protocols with http:// in given description.
267	*
268	* @param string $description input description text.
269	* @param array $allowedProtocols list of allowed protocols.
270	*
271	* @return string $description without malicious link.
272	*/
273	function filter_protocols($description, $allowedProtocols)
274	{
275	return preg_replace_callback(
276	'#]\((.*?)\)#is',
277	function ($match) use ($allowedProtocols) {
278	return ']('. whitelist_protocols($match[1], $allowedProtocols) .')';
279	},
280	$description
281	);
282	}
283
284	/**
285	* Remove dangerous HTML tags (tags, iframe, etc.).
286	* Doesn't affect <code> content (already escaped by Parsedown).
287	*
288	* @param string $description input description text.
289	*
290	* @return string given string escaped.
291	*/
292	function sanitize_html($description)
293	{
294	$escapeTags = array(
295	'script',
296	'style',
297	'link',
298	'iframe',
299	'frameset',
300	'frame',
301	);
302	foreach ($escapeTags as $tag) {
303	$description = preg_replace_callback(
304	'#<\s'. $tag .'[^>]>(.</\s'. $tag .'[^>]*>)?#is',
305	function ($match) {
306	return escape($match[0]);
307	},
308	$description
309	);
310	}
311	$description = preg_replace(
312	'#(<[^>]+\s)on[a-z]="?[^ "]"?#is',
313	'$1',
314	$description
315	);
316	return $description;
317	}
318
319	/**
320	* Render shaare contents through Markdown parser.
321	* 1. Remove HTML generated by Shaarli core.
322	* 2. Reverse the escape function.
323	* 3. Generate markdown descriptions.
324	* 4. Sanitize sensible HTML tags for security.
325	* 5. Wrap description in 'markdown' CSS class.
326	*
327	* @param string $description input description text.
328	* @param bool $escape escape HTML entities
329	*
330	* @return string HTML processed $description.
331	*/
332	function process_markdown($description, $escape = true, $allowedProtocols = [])
333	{
334	$parsedown = new Parsedown();
335
336	$processedDescription = $description;
337	$processedDescription = reverse_nl2br($processedDescription);
338	$processedDescription = reverse_space2nbsp($processedDescription);
339	$processedDescription = reverse_text2clickable($processedDescription);
340	$processedDescription = filter_protocols($processedDescription, $allowedProtocols);
341	$processedDescription = unescape($processedDescription);
342	$processedDescription = $parsedown
343	->setMarkupEscaped($escape)
344	->setBreaksEnabled(true)
345	->text($processedDescription);
346	$processedDescription = sanitize_html($processedDescription);
347
348	if (!empty($processedDescription)) {
349	$processedDescription = '<div class="markdown">'. $processedDescription . '</div>';
350	}
351
352	return $processedDescription;
353	}
354
355	/**
356	* This function is never called, but contains translation calls for GNU gettext extraction.
357	*/
358	function markdown_dummy_translation()
359	{
360	// meta
361	t('Render shaare description with Markdown syntax.<br><strong>Warning</strong>:
362	If your shaared descriptions contained HTML tags before enabling the markdown plugin,
363	enabling it might break your page.
364	See the <a href="https://github.com/shaarli/Shaarli/tree/master/plugins/markdown#html-rendering">README</a>.');
365	}