<?php
-$Page->api = $_SERVER['HTTP_ACCEPT'] == 'text/plain';
-
function userupload($input, $target = NULL, $filename = NULL)
{
switch ($input['error']) {
$target .= $input['name'];
}
+ if (file_exists($target)) {
+ throw new Exception("bestandsnaam al aanwezig op $target");
+ }
if (!@move_uploaded_file($input['tmp_name'], $target)) {
throw new Exception("bestand kon niet worden opgeslagen in $target");
}
if ($User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
return $input; # allow html input as is if privileged
}
- $html = preg_replace(
- ["/\r?\n/", "'(?:<br />\n?){2}'"],
- ["<br />\n", "</p>\n\n<p>"],
- htmlspecialchars($input)
- );
+ $markup = [
+ '{<((?:\w+:|/).+?)>}' => '<$1>', # unescape link entities
+ '{<(?:https?://)?([^>\s|]+)>}' => '<$1 $1>', # unnamed link
+ '{<([^>\s|]+)[\s|]([^>]+)>}' => '<a href="$1">$2</a>', # hyperlink
+ "/\r\n?/" => "\n", # unix newlines
+ "/ +\n/" => "<br />", # trailing spaces for hard line break
+ "/\n/" => "</p>\n<p>", # newlines start paragraphs
+ '/_(?<!\w_)(.+?)_(?!\w)/' => '<em>$1</em>', # italic
+ '/\*(?<!\w\*)(.+?)\*(?!\w)/' => '<strong>$1</strong>', # bold
+ '/~(?<!\w~)(.+?)~(?!\w)/' => '<s>$1</s>', # stricken
+ '/`(?<!\w`)(.+?)`(?!\w)/' => '<code>$1</code>', # monospace
+ ];
+ $html = preg_replace(array_keys($markup), array_values($markup), htmlspecialchars($input));
return "<p>$html</p>";
}