FIX:NP_SecurityEnforcerのpreg_matchのデリミタを変更して「#」のエスケープを削除

[nucleus-jp/nucleus-next.git] / nucleus / libs / BODYACTIONS.php

diff --git a/nucleus/libs/BODYACTIONS.php b/nucleus/libs/BODYACTIONS.php
index 01d3c3d..7568331 100644 (file)
--- a/nucleus/libs/BODYACTIONS.php
+++ b/nucleus/libs/BODYACTIONS.php
@@ -44,6 +44,18 @@ class BodyActions extends BaseActions
        }\r
        \r
        /**\r
+        * BodyActions::getAvailableActions()\r
+        * Get the defined actions in an item\r
+        * \r
+        * @param       void\r
+        * @return      array   self::$defined_actions\r
+        */\r
+       public function getAvailableActions()\r
+       {\r
+               return array_merge(self::$defined_actions, parent::getAvailableActions());\r
+       }\r
+       \r
+       /**\r
         * BodyActions::setCurrentItem()\r
         * Set the current item\r
         * \r
@@ -54,7 +66,7 @@ class BodyActions extends BaseActions
        {\r
                global $currentitemid;\r
                $this->currentItem =& $item;\r
-               $currentitemid = $this->currentItem->itemid;\r
+               $currentitemid = $this->currentItem['itemid'];\r
                return;\r
        }\r
        \r
@@ -72,19 +84,6 @@ class BodyActions extends BaseActions
        }\r
        \r
        /**\r
-        * BodyActions::getDefinedActions()\r
-        * Get the defined actions in an item\r
-        * \r
-        * @static
-        * @param       void\r
-        * @return      Array   self::$defined_actions\r
-        */\r
-       static public function getDefinedActions()
-       {\r
-               return array_merge(self::$defined_actions, parent::getDefinedActions());
-       }\r
-       \r
-       /**\r
         * BodyActions::parse_plugin()\r
         * Parse a plugin var\r
         * Called if <%plugin(...)%> in an item appears\r
@@ -108,9 +107,9 @@ class BodyActions extends BaseActions
                array_shift($params);\r
                \r
                // add item reference (array_unshift didn't work)\r
-               $params = array_merge(array(&$this->currentItem),$params);\r
+               $params = array_merge(array(&$this->currentItem), $params);\r
                \r
-               call_user_func_array(array(&$plugin,'doItemVar'), $params);\r
+               call_user_func_array(array(&$plugin, 'doItemVar'), $params);\r
                return;\r
        }\r
        \r
@@ -126,8 +125,8 @@ class BodyActions extends BaseActions
        {\r
                // image/popup calls have arguments separated by |\r
                $args = func_get_args();\r
-               $args = preg_split('#\|#',implode($args,', '));\r
-               echo call_user_func_array(array(&$this,'createImageCode'),$args);\r
+               $args = preg_split('#\|#', implode($args, ', '));\r
+               echo call_user_func_array(array(&$this, 'createImageCode'), $args);\r
        }\r
        \r
        /**\r
@@ -146,18 +145,18 @@ class BodyActions extends BaseActions
                // select private collection when no collection given\r
                if ( i18n::strpos($filename, '/') === FALSE )\r
                {\r
-                       $filename = $this->currentItem->authorid . '/' . $filename;\r
+                       $filename = $this->currentItem['authorid'] . '/' . $filename;\r
                }\r
                \r
                $windowwidth = $width;\r
                $windowheight = $height;\r
                \r
-               $vars['link']                   = Entity::hsc($CONF['MediaURL']. $filename);\r
-               $vars['text']                   = Entity::hsc($text);\r
-               $vars['image'] = '<img src="' . $vars['link'] . '" width="' . $width . '" height="' . $height . '" alt="' . $vars['text'] . '" title="' . $vars['text'] . '" />';\r
-               $vars['width']                  = $width;\r
-               $vars['height']                 = $height;\r
-               $vars['media']                  = '<a href="' . $vars['link'] . '">' . $vars['text'] . '</a>';\r
+               $vars['link']   = Entity::hsc($CONF['MediaURL']. $filename);\r
+               $vars['text']   = Entity::hsc($text);\r
+               $vars['image']  = '<img src="' . $vars['link'] . '" width="' . $width . '" height="' . $height . '" alt="' . $vars['text'] . '" title="' . $vars['text'] . '" />';\r
+               $vars['width']  = $width;\r
+               $vars['height'] = $height;\r
+               $vars['media']  = '<a href="' . $vars['link'] . '">' . $vars['text'] . '</a>';\r
                \r
                return Template::fill($this->template['IMAGE_CODE'], $vars);
        }\r
@@ -174,8 +173,8 @@ class BodyActions extends BaseActions
        {\r
                // image/popup calls have arguments separated by |\r
                $args = func_get_args();\r
-               $args = preg_split('#\|#', implode($args,', '));\r
-               echo call_user_func_array(array(&$this,'createMediaCode'), $args);\r
+               $args = preg_split('#\|#', implode($args, ', '));\r
+               echo call_user_func_array(array(&$this, 'createMediaCode'), $args);\r
        }\r
        \r
        /**\r
@@ -193,7 +192,7 @@ class BodyActions extends BaseActions
                // select private collection when no collection given\r
                if ( i18n::strpos($filename, '/') === FALSE )\r
                {\r
-                       $filename = $this->currentItem->authorid . '/' . $filename;\r
+                       $filename = $this->currentItem['authorid'] . '/' . $filename;\r
                }\r
                \r
                $vars['link']                   = Entity::hsc($CONF['MediaURL'] . $filename);\r
@@ -215,8 +214,8 @@ class BodyActions extends BaseActions
        {\r
                // image/popup calls have arguments separated by |\r
                $args = func_get_args();\r
-               $args = preg_split('#\|#', implode($args,', '));\r
-               echo call_user_func_array(array(&$this,'createPopupCode'), $args);\r
+               $args = preg_split('#\|#', implode($args, ', '));\r
+               echo call_user_func_array(array(&$this, 'createPopupCode'), $args);\r
        }\r
        \r
        /**\r
@@ -236,7 +235,7 @@ class BodyActions extends BaseActions
                // select private collection when no collection given\r
                if ( i18n::strpos($filename, '/') === FALSE )\r
                {\r
-                       $filename = $this->currentItem->authorid . '/' . $filename;\r
+                       $filename = $this->currentItem['authorid'] . '/' . $filename;\r
                }\r
                \r
                $windowwidth = $width;\r
@@ -281,7 +280,7 @@ class BodyActions extends BaseActions
                                $condition = ($blog && ($blog->getSetting($name) == $value));\r
                                break;\r
                        case 'itemblogsetting':\r
-                               $b =& $manager->getBlog(getBlogIDFromItemID($this->currentItem->itemid));\r
+                               $b =& $manager->getBlog($this->currentItem['blogid']);\r
                                $condition = ($b && ($b->getSetting($name) == $value));\r
                                break;\r
                        case 'loggedin':\r
@@ -355,19 +354,19 @@ class BodyActions extends BaseActions
        {\r
                global $member, $manager;\r
                \r
-               $b =& $manager->getBlog(getBlogIDFromItemID($this->currentItem->itemid));\r
+               $b =& $manager->getBlog($this->currentItem['blogid']);\r
                \r
                // when no parameter is defined, just check if author is current visitor\r
                if ( ($key != 'isadmin' && $key != 'name') || ($key == 'name' && $value == '') )\r
                {\r
-                       return (intval($member->getID()) > 0 && intval($member->getID()) == intval($this->currentItem->authorid));\r
+                       return (intval($member->getID()) > 0 && intval($member->getID()) == intval($this->currentItem['authorid']));\r
                }\r
                \r
                // check author name\r
                if ( $key == 'name' )\r
                {\r
                        $value = strtolower($value);\r
-                       if ( $value == strtolower($this->currentItem->author) )\r
+                       if ( $value == strtolower($this->currentItem['author']) )\r
                        {\r
                                return TRUE;\r
                        }\r
@@ -376,7 +375,7 @@ class BodyActions extends BaseActions
                // check if author is admin\r
                if ( ($key == 'isadmin') )\r
                {\r
-                       $aid = intval($this->currentItem->authorid);\r
+                       $aid = intval($this->currentItem['authorid']);\r
                        $blogid = intval($b->getID());                  \r
                        $amember =& $manager->getMember($aid);\r
                        if ( $amember->isAdmin() )\r
@@ -401,7 +400,7 @@ class BodyActions extends BaseActions
        {\r
                global $catid, $manager;\r
                \r
-               $b =& $manager->getBlog(getBlogIDFromItemID($this->currentItem->itemid));\r
+               $b =& $manager->getBlog($this->currentItem['blogid']);\r
                \r
                // when no parameter is defined, just check if a category is selected\r
                if ( ($key != 'catname' && $key != 'catid') || ($value == '') )\r
@@ -409,7 +408,7 @@ class BodyActions extends BaseActions
                        return $b->isValidCategory($catid);\r
                }\r
                        \r
-               $icatid = $this->currentItem->catid;\r
+               $icatid = $this->currentItem['catid'];\r
                \r
                // check category name\r
                if ( $key == 'catname' )\r