Welcome Guest, Not a member yet? Register   Sign In
Help with parse_smileys and HTML entities
#1

[eluser]dmorin[/eluser]
Not sure if I'm just being dense or what but I'm not seeing an easy solution to this (I have a feeling I"m just being dense)...

I store all user input in the database escaped using xss_clean and htmlentites. Then, when I echo out certain fields, I use the parse_smileys function to generate the image tags. The problem occurs when someone uses an htmlentity character directly before a closed parenthesis such as
Quote:("TEST")
which I then translate to
Quote:("TEST&quotWink
which the parse_smileys function then interprets the last two characters to be a wink.

It doesn't appear that these forums are affected by this, so can someone help me out? If I parse_smileys before converting to entities, it'll screw up the image tags and if I wait until after, I get smileys in the wrong places.

Thanks in advance!
#2

[eluser]sophistry[/eluser]
easy, Wink remove the wink from the smileys config file assoc. array.
#3

[eluser]dmorin[/eluser]
Ha, I'd love to do this, but I've had many requests for more smileys, not fewer!

Anyone with EE experience know how it's done in this forum?
#4

[eluser]sophistry[/eluser]
here's a hack the core way to do it, and just may fit your requirements:
EDIT: bah! ::bug:: the forum messed up the PHP code, but the important parts are still showing.

the smiley helper is just a silly old str_replace()

Code:
// ------------------------------------------------------------------------

/**
* Parse Smileys
*
* Takes a string as input and swaps any contained smileys for the actual image
*
* @access    public
* @param    string    the text to be parsed
* @param    string    the URL to the folder containing the smiley images
* @return    string
*/    
if ( ! function_exists('parse_smileys'))
{
    function parse_smileys($str = '', $image_url = '', $smileys = NULL)
    {
        if ($image_url == '')
        {
            return $str;
        }

        if ( ! is_array($smileys))
        {
            if (FALSE === ($smileys = _get_smiley_array()))
            {
                return $str;
            }        
        }
    
        // Add a trailing slash to the file path if needed
        $image_url = preg_replace("/(.+?)\/*$/", "\\1/",  $image_url);

        foreach ($smileys as $key => $val)
        {        
            $str = str_replace($key, "<img  />", $str);
        }
    
        return $str;
    }
}

if you require that smileys be proceeded by a space character, then str_replace() will only find those and not the entities.
so, just put a space char in front of $key in the foreach loop:

Code:
// added spsce char to first param of str_replace()
$str = str_replace(' '.$key, "<img  />", $str);

now that i am looking at this, it does seem that smiley helper should know this already! is it a bug?
#5

[eluser]dmorin[/eluser]
Adding a space was my first reaction also, though I was going to do it in the config file which would be a bit more work so I like your solution. I'll have to look through my user input and see if most people include a space first so I'm not breaking any of their conventions.

I was going to post this in the bug forum but after seeing that this CI forum software handles this well, I assumed there was a work around. Apparently it's just something in EE and not CI.

Anyone from Ellis Labs around that can let us know how it's working here?
#6

[eluser]sophistry[/eluser]
quick test of forum software...

space in front of winking smiley Wink (the way most people do it and expect it to work)
no space in front of winking smileyWink
letter in frontWink
number in front0Wink
dash -Wink
underscore _Wink
dollar $Wink


if you think it is a bug (or something bug-like that needs fixing) you should post the query to the bug forum... it will get more attention over there.
#7

[eluser]dmorin[/eluser]
;-)

Interesting issue though is that if you add a smiley as the first thing in the comment with no space before it, it is still interpreted correctly, which will not happen if I hack up the parse_smileys function to add a space before the key.

Waiting just a bit longer to see if anyone has any other ideas before adding starting a conversation in the bug forum.
#8

[eluser]sophistry[/eluser]
:-P ...which indicates to me that the parser is different in EE and probably uses a "smarter" regex in a preg_replace() function.

EDIT:
to get around that limitation you could just prepend a space to your string as it goes into the parser and then ltrim it when it comes out...




Theme © iAndrew 2016 - Forum software by © MyBB