1
+ − 1
<?php
+ − 2
+ − 3
/**
+ − 4
*
+ − 5
* Includes the contents of another PHP script into the source text.
+ − 6
*
+ − 7
* @category Text
+ − 8
*
+ − 9
* @package Text_Wiki
+ − 10
*
+ − 11
* @author Paul M. Jones <pmjones@php.net>
+ − 12
*
+ − 13
* @license LGPL
+ − 14
*
+ − 15
* @version $Id: Include.php,v 1.3 2005/02/23 17:38:29 pmjones Exp $
+ − 16
*
+ − 17
*/
+ − 18
+ − 19
/**
+ − 20
*
+ − 21
* This class implements a Text_Wiki_Parse to include the results of a
+ − 22
* script directly into the source at parse-time; thus, the output of the
+ − 23
* script will be parsed by Text_Wiki. This differs from the 'embed'
+ − 24
* rule, which incorporates the results at render-time, meaning that the
+ − 25
* 'embed' content is not parsed by Text_Wiki.
+ − 26
*
+ − 27
* DANGER!
+ − 28
*
+ − 29
* This rule is inherently not secure; it allows cross-site scripting to
+ − 30
* occur if the embedded output has <script> or other similar tags. Be
+ − 31
* careful.
+ − 32
*
+ − 33
* @category Text
+ − 34
*
+ − 35
* @package Text_Wiki
+ − 36
*
+ − 37
* @author Paul M. Jones <pmjones@php.net>
+ − 38
*
+ − 39
*/
+ − 40
+ − 41
class Text_Wiki_Parse_Include extends Text_Wiki_Parse {
+ − 42
+ − 43
var $conf = array(
+ − 44
'base' => '/path/to/scripts/'
+ − 45
);
+ − 46
+ − 47
var $file = null;
+ − 48
+ − 49
var $output = null;
+ − 50
+ − 51
var $vars = null;
+ − 52
+ − 53
/**
+ − 54
*
+ − 55
* The regular expression used to find source text matching this
+ − 56
* rule.
+ − 57
*
+ − 58
* @access public
+ − 59
*
+ − 60
* @var string
+ − 61
*
+ − 62
*/
+ − 63
+ − 64
var $regex = '/(\[\[include )(.+?)( .+?)?(\]\])/i';
+ − 65
+ − 66
+ − 67
/**
+ − 68
*
+ − 69
* Includes the results of the script directly into the source; the output
+ − 70
* will subsequently be parsed by the remaining Text_Wiki rules.
+ − 71
*
+ − 72
* @access public
+ − 73
*
+ − 74
* @param array &$matches The array of matches from parse().
+ − 75
*
+ − 76
* @return The results of the included script.
+ − 77
*
+ − 78
*/
+ − 79
+ − 80
function process(&$matches)
+ − 81
{
+ − 82
// save the file location
+ − 83
$this->file = $this->getConf('base', './') . $matches[2];
+ − 84
+ − 85
// extract attribs as variables in the local space
+ − 86
$this->vars = $this->getAttrs($matches[3]);
+ − 87
unset($this->vars['this']);
+ − 88
extract($this->vars);
+ − 89
+ − 90
// run the script
+ − 91
ob_start();
+ − 92
include($this->file);
+ − 93
$this->output = ob_get_contents();
+ − 94
ob_end_clean();
+ − 95
+ − 96
// done, place the script output directly in the source
+ − 97
return $this->output;
+ − 98
}
+ − 99
}
+ − 100
?>