diff --git a/milfs/funciones/convert.php b/milfs/funciones/convert.php
new file mode 100644
index 0000000..1587e02
--- /dev/null
+++ b/milfs/funciones/convert.php
@@ -0,0 +1,193 @@
+${1}',$html);
+ // emphasized
+ $html = preg_replace('/\'\'([^\'\n]+)\'\'?/','${1}',$html);
+ //interwiki links
+ $html = preg_replace_callback('/\[\[([^\|\n\]:]+)[\|]([^\]]+)\]\]/','helper_interwikilinks',$html);
+ // without text
+ $html = preg_replace_callback('/\[\[([^\|\n\]:]+)\]\]/','helper_interwikilinks',$html);
+ //
+ //$html = preg_replace('/{{([^}]+)+}}/','Interwiki: ${1}+${2}+${3}',$html);
+ $html = preg_replace('/{{([^\|\n\}]+)([\|]?([^\}]+))+\}\}/','Interwiki: ${1} » ${3}',$html);
+ // Template
+ //$html = preg_replace('/{{([^}]*)}}/',' ',$html);
+ // categories
+ //$html = preg_replace('/\[\[([^\|\n\]]+)([\|]([^\]]+))?\]\]/','',$html);
+ $html = preg_replace('/\[\[([^\|\n\]]{2})([\:]([^\]]+))?\]\]/','Translation: ${1} » ${3}',$html);
+ $html = preg_replace('/\[\[([^\|\n\]]+)([\:]([^\]]+))?\]\]/','Category: ${1} - ${2}',$html);
+ // image
+ $html = preg_replace('/\[\[([^\|\n\]]+)([\|]([^\]]+))+\]\]/','Image: ${0}+${1}+${2}+${3}',$html);
+
+ //links
+ //$html = preg_replace('/\[([^\[\]\|\n\': ]+)\]/','${1}',$html);
+ $html = preg_replace_callback('/\[([^\[\]\|\n\': ]+)\]/','helper_externlinks',$html);
+ // with text
+ //$html = preg_replace('/\[([^\[\]\|\n\' ]+)[\| ]([^\]\']+)\]/','${2}',$html);
+ $html = preg_replace_callback('/\[([^\[\]\|\n\' ]+)[\| ]([^\]\']+)\]/','helper_externlinks',$html);
+
+ // allowed tags
+ $html = preg_replace('/<(\/?)(small|sup|sub|u)>/','<${1}${2}>',$html);
+
+ $html = preg_replace('/\n*<br *\/?>\n*/',"\n",$html);
+ $html = preg_replace('/<(\/?)(math|pre|code|nowiki)>/','<${1}pre>',$html);
+ $html = preg_replace('/<!--/','',$html);
+
+ // headings
+ for($i=7;$i>0;$i--){
+ $html = preg_replace(
+ '/\n+[=]{'.$i.'}([^=]+)[=]{'.$i.'}\n*/',
+ '${1}',
+ $html
+ );
+ }
+
+ //lists
+ $html = preg_replace(
+ '/(\n[ ]*[^#* ][^\n]*)\n(([ ]*[*]([^\n]*)\n)+)/',
+ '${1}
'."\n",
+ $html
+ );
+ $html = preg_replace(
+ '/(\n[ ]*[^#* ][^\n]*)\n(([ ]*[#]([^\n]*)\n)+)/',
+ '${1}'."\n".'${2}'.'
'."\n",
+ $html
+ );
+ $html = preg_replace('/\n[ ]*[\*#]+([^\n]*)/','${1}',$html);
+
+ $html = preg_replace('/----/','
',$html);
+
+ //$html = nl2br($html);
+ // line breaks
+ $html = preg_replace('/[\n\r]{4}/',"
",$html);
+ $html = preg_replace('/[\n\r]{2}/',"
",$html);
+
+ $html = preg_replace('/[>]
[<]/',"><",$html);
+
+ return $html;
+}
+function helper_externlinks($matches){
+ $target = $matches[1];
+ $text = empty($matches[2])?$matches[1]:$matches[2];
+ return ''.$text.'';
+}
+function helper_interwikilinks($matches){
+ $target = $matches[1];
+ $text = empty($matches[2])?$matches[1]:$matches[2];
+ $class=" class=\"dunno\" ";
+ /*static $links_checked_interwiki = 0;
+ if(!$_GET["nocache"] && ++$links_checked_interwiki<10){
+ $data = cachedFunc("getPos",$target);
+ if($data["pos"]) $class = " class=\"exists\" "; $class = " class=\"notexists\" ";
+ }*/
+ return ''.$text.'';
+}
+function convertTables($text){
+ $lines = explode("\n",$text);
+ $innertable = 0;
+ $innertabledata = array();
+ foreach($lines as $line){
+ //echo "".++$i.": ".htmlspecialchars($line)."
";
+ $line = str_replace("position:relative","",$line);
+ $line = str_replace("position:absolute","",$line);
+ if(substr($line,0,2) == '{|'){
+ // inner table
+ //echo "beginning inner table #$innertable
";
+ $innertable++;
+ }
+ $innertabledata[$innertable] .= $line . "\n";
+ if($innertable){
+ // we're inside
+ if(substr($line,0,2) == '|}'){
+ $innertableconverted = convertTable($innertabledata[$innertable]);
+ $innertabledata[$innertable] = "";
+ $innertable--;
+ $innertabledata[$innertable] .= $innertableconverted."\n";
+ }
+ }
+ }
+ return $innertabledata[0];
+}
+
+function convertTable($intext){
+ $text = $intext;
+ $lines = explode("\n",$text);
+ $intable = false;
+
+ //var_dump($lines);
+ foreach($lines as $line){
+ $line = trim($line);
+ if(substr($line,0,1) == '{'){
+ //begin of the table
+ $stuff = explode('| ',substr($line,1),2);
+ $tableopen = true;
+ $table = "\n";
+ } else if(substr($line,0,1) == '|'){
+ // table related
+ $line = substr($line,1);
+ if(substr($line,0,5) == '-----'){
+ // row break
+ if($thopen)
+ $table .="\n";
+ if($tdopen)
+ $table .="\n";
+ if($rowopen)
+ $table .="\t\n";
+ $table .= "\t\n";
+ $rowopen = true;
+ $tdopen = false;
+ $thopen = false;
+ }else if(substr($line,0,1) == '}'){
+ // table end
+ break;
+ }else{
+ // td
+ $stuff = explode('| ',$line,2);
+ if($tdopen)
+ $table .="\n";
+ if(count($stuff)==1)
+ $table .= "\t\t".simpleText($stuff[0]);
+ else
+ $table .= "\t\t | ".
+ simpleText($stuff[1]);
+ $tdopen = true;
+ }
+ } else if(substr($line,0,1) == '!'){
+ // th
+ $stuff = explode('| ',substr($line,1),2);
+ if($thopen)
+ $table .="\n";
+ if(count($stuff)==1)
+ $table .= "\t\t | ".simpleText($stuff[0]);
+ else
+ $table .= "\t\t | ".
+ simpleText($stuff[1]);
+ $thopen = true;
+ }else{
+ // plain text
+ $table .= simpleText($line) ."\n";
+ }
+ //echo "".++$i.": ".htmlspecialchars($line)." ";
+ //echo "Table so far: ".htmlspecialchars($table)." ";
+ }
+ if($thopen)
+ $table .=" | \n";
+ if($tdopen)
+ $table .="\n";
+ if($rowopen)
+ $table .="\t
\n";
+ if($tableopen)
+ $table .="
\n";
+ //echo "
";
+ //echo "Table at the end:
".htmlspecialchars($table)."
";
+ //echo $table;
+ return $table;
+}
diff --git a/milfs/funciones/funciones.php b/milfs/funciones/funciones.php
index e339526..e6af75b 100644
--- a/milfs/funciones/funciones.php
+++ b/milfs/funciones/funciones.php
@@ -305,6 +305,7 @@ $xajax->registerFunction("editar_campo");
function formulario_imprimir($id,$control,$tipo) {
+
$id = mysql_seguridad($id);
if($tipo =='obligatorio'){ $w_tipo = "AND obligatorio = '1' ";}
if($id !='') {$w_id = "AND form_id = '$id'";}
@@ -323,6 +324,7 @@ $timestamp=mysql_result($sql,0,"timestamp");
$fecha = date ( "Y-m-d h:i:s" , $timestamp);
if (mysql_num_rows($sql)!='0'){
+
mysql_data_seek($sql, 0);
$resultado ="
";
@@ -344,12 +346,32 @@ if (mysql_num_rows($sql)!='0'){
$lat = $campos[0];
$lon = $campos[1];
$zoom = $campos[2];
- $contenido = "
";
+ $contenido = "
+
";
}
- else {$contenido = "$contenido";}
+ else {
+ $html ="$contenido";
+$html = html_entity_decode($html);
+ //$html = str_replace('–','-',$html);
+ //$html = str_replace('"','"',$html);
+ //$html = preg_replace('/\&(nbsp);/','&${1};',$html);
+
+
+ $html = str_replace('{{PAGENAME}}',$title,$html);
+
+ // Table
+ $html = convertTables($html);
+
+ $html = simpleText($html);
+
+
+
+
+
+ $contenido = "$html";}
$campo_nombre = remplacetas('form_campos','id',$row[id_campo],'campo_nombre');
- $resultado .= "
$campo_nombre[0]
$contenido
";
+ $resultado .= "
$campo_nombre[0]
$contenido
";
}
$resultado .="
@@ -1887,7 +1909,7 @@ return $existe;
function formulario_grabar($formulario) {
$respuesta = new xajaxResponse('utf-8');
- $formulario = mysql_seguridad($formulario);
+ //$formulario = mysql_seguridad($formulario);
$consulta_grabada ='0';
$control = $formulario[control]; //
$form_id = $formulario[form_id]; //
@@ -1983,8 +2005,8 @@ if(is_null($igual) ){$repetido = 0;}else{
$repetido = 1;
}
-$debug .= " (c= $c md5 = $md5 , igual = $igual, repetid =$repetido )
";
-$respuesta->addAssign("respuesta_$control","innerHTML","$debug");
+//$debug .= " (c= $c md5 = $md5 , igual = $igual, repetid =$repetido )
";
+//$respuesta->addAssign("respuesta_$control","innerHTML","$debug");
//return $respuesta;
//$respuesta->addAlert("$debug");
//return $respuesta;
@@ -1992,6 +2014,7 @@ $respuesta->addAssign("respuesta_$control","innerHTML","$debug");
if(($V !='') && (is_numeric($c)) AND $repetido !=1 ) {
$ip = obtener_ip();
$graba_ip = "INET_ATON('".$ip."') ";
+ $V = mysql_real_escape_string($V);
$consulta ="
INSERT INTO `form_datos` (`id`, `id_campo`,`form_id`, `id_usuario`, `contenido`, `timestamp`, `control`, ip , id_empresa)
VALUES (NULL, '$c', '$formulario[form_id]', '$_SESSION[id]', '$V', UNIX_TIMESTAMP(), '$formulario[control]',$graba_ip,'$id_empresa');";
@@ -2081,7 +2104,7 @@ function mysql_seguridad($inp) {
return array_map(__METHOD__, $inp);
if(!empty($inp) && is_string($inp)) {
- return str_replace(array('\\', "\0", "\n", "\r", "'", '"', "\x1a"), array('\\\\', '\\0', '\\n', '\\r', "\\*", "\\*", '\\Z'), $inp);
+ return str_replace(array('\\', "\0", "'", '"', "\x1a"), array('\\\\', '\\0', "\\*", "\\*", '\\Z'), $inp);
}
return $inp;