X-Git-Url: http://git.shiar.nl/minimedit.git/blobdiff_plain/c7feba44bdf1102b80a09f683321559d18755a24..8d719b97825eecf324f4cf763dc08d3b59282f40:/upload.inc.php

diff --git a/upload.inc.php b/upload.inc.php
index 6175fe2..e270b76 100644
--- a/upload.inc.php
+++ b/upload.inc.php
@@ -27,6 +27,9 @@ function userupload($input, $target = NULL, $filename = NULL)
 		$target .= $input['name'];
 	}
 
+	if (file_exists($target)) {
+		throw new Exception("bestandsnaam al aanwezig op $target");
+	}
 	if (!@move_uploaded_file($input['tmp_name'], $target)) {
 		throw new Exception("bestand kon niet worden opgeslagen in $target");
 	}
@@ -45,13 +48,22 @@ function messagehtml($input)
 	if (empty($input)) {
 		return;
 	}
-	if ($User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
+	if ($User and $User->admin and preg_match('/\A<[a-z][^>]*>/', $input)) {
 		return $input;  # allow html input as is if privileged
 	}
-	$html = preg_replace(
-		["/\r?\n/", "'(?:<br />\n?){2}'"],
-		["<br />\n", "</p>\n\n<p>"],
-		htmlspecialchars($input)
-	);
-	return "<p>$html</p>";
+	$markup = [
+		'{&lt;((?:\w+:|/).+?)&gt;}'    => '<$1>',                # unescape link entities
+		'{<(?:https?://)?([^>\s|]+)>}' => '<$1 $1>',             # unnamed link
+		'{<([^>\s|]+)[\s|]([^>]+)>}'   => '<a href="$1">$2</a>', # hyperlink
+		"/\r\n?/" => "\n",        # unix newlines
+		"/  +\n/" => "<br />",    # trailing spaces for hard line break
+		"/^[-*] (.*)$\n?/m"            => '<li>$1</li>',         # list item
+		"/^(.+)$\n?/m"                 => "<p>$1</p>\n",         # paragraph
+		"{^<p>(<li>.*</li>)(?:</p>\n)?}m" => "<ul>$1</ul>\n",    # list container
+		'/_(?<!\w_)(.+?)_(?!\w)/'      => '<em>$1</em>',         # italic
+		'/\*(?<!\w\*)(.+?)\*(?!\w)/'   => '<strong>$1</strong>', # bold
+		'/~(?<!\w~)(.+?)~(?!\w)/'      => '<s>$1</s>',           # stricken
+		'/`(?<!\w`)(.+?)`(?!\w)/'      => '<code>$1</code>',     # monospace
+	];
+	return preg_replace(array_keys($markup), array_values($markup), htmlspecialchars($input));
 }