X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/671946af5f06753cb83c9e1fdaf0bdd44ea28b8d..52aab71e2268171618efe0f8f8e683b9bc5406f6:/upload.inc.php

diff --git a/upload.inc.php b/upload.inc.php
index 74219ed..4f5c5fe 100644
--- a/upload.inc.php
+++ b/upload.inc.php
@@ -27,6 +27,9 @@ function userupload($input, $target = NULL, $filename = NULL)
 		$target .= $input['name'];
 	}
 
+	if (file_exists($target)) {
+		throw new Exception("bestandsnaam al aanwezig op $target");
+	}
 	if (!@move_uploaded_file($input['tmp_name'], $target)) {
 		throw new Exception("bestand kon niet worden opgeslagen in $target");
 	}
@@ -45,13 +48,21 @@ function messagehtml($input)
 	if (empty($input)) {
 		return;
 	}
-	if ($User and $User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
+	if ($User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
 		return $input;  # allow html input as is if privileged
 	}
-	$html = preg_replace(
-		["/\r?\n/", "'(?:<br />\n?){2}'"],
-		["<br />\n", "</p>\n\n<p>"],
-		htmlspecialchars($input)
-	);
+	$markup = [
+		'{&lt;((?:\w+:|/).+?)&gt;}'    => '<$1>',                # unescape link entities
+		'{<(?:https?://)?([^>\s|]+)>}' => '<$1 $1>',             # unnamed link
+		'{<([^>\s|]+)[\s|]([^>]+)>}'   => '<a href="$1">$2</a>', # hyperlink
+		"/\r\n?/" => "\n",        # unix newlines
+		"/  +\n/" => "<br />",    # trailing spaces for hard line break
+		"/\n/"    => "</p>\n<p>", # newlines start paragraphs
+		'/_(?<!\w_)(.+?)_(?!\w)/'      => '<em>$1</em>',         # italic
+		'/\*(?<!\w\*)(.+?)\*(?!\w)/'   => '<strong>$1</strong>', # bold
+		'/~(?<!\w~)(.+?)~(?!\w)/'      => '<s>$1</s>',           # stricken
+		'/`(?<!\w`)(.+?)`(?!\w)/'      => '<code>$1</code>',     # monospace
+	];
+	$html = preg_replace(array_keys($markup), array_values($markup), htmlspecialchars($input));
 	return "<p>$html</p>";
 }