1 <?php

     2 

     3 /**

     4 * 

     5 * Embeds the results of a PHP script at render-time.

     6 * 

     7 * @category Text

     8 * 

     9 * @package Text_Wiki

    10 * 

    11 * @author Paul M. Jones <pmjones@php.net>

    12 * 

    13 * @license LGPL

    14 * 

    15 * @version $Id: Embed.php,v 1.3 2005/02/23 17:38:29 pmjones Exp $

    16 * 

    17 */

    18 

    19 /**

    20 * 

    21 * Embeds the results of a PHP script at render-time.

    22 * 

    23 * This class implements a Text_Wiki_Parse to embed the contents of a URL

    24 * inside the page at render-time.  Typically used to get script output.

    25 * This differs from the 'include' rule, which incorporates results at

    26 * parse-time; 'embed' output does not get parsed by Text_Wiki, while

    27 * 'include' ouput does.

    28 *

    29 * This rule is inherently not secure; it allows cross-site scripting to

    30 * occur if the embedded output has <script> or other similar tags.  Be

    31 * careful.

    32 *

    33 * @category Text

    34 * 

    35 * @package Text_Wiki

    36 * 

    37 * @author Paul M. Jones <pmjones@php.net>

    38 * 

    39 */

    40 

    41 class Text_Wiki_Parse_Embed extends Text_Wiki_Parse {

    42     

    43     var $conf = array(

    44         'base' => '/path/to/scripts/'

    45     );

    46     

    47     var $file = null;

    48 

    49     var $output = null;

    50 

    51     var $vars = null;

    52 

    53 

    54     /**

    55     * 

    56     * The regular expression used to find source text matching this

    57     * rule.

    58     * 

    59     * @access public

    60     * 

    61     * @var string

    62     * 

    63     */

    64     

    65     var $regex = '/(\[\[embed )(.+?)( .+?)?(\]\])/i';

    66     

    67     

    68     /**

    69     * 

    70     * Generates a token entry for the matched text.  Token options are:

    71     * 

    72     * 'text' => The full matched text, not including the <code></code> tags.

    73     * 

    74     * @access public

    75     *

    76     * @param array &$matches The array of matches from parse().

    77     *

    78     * @return A delimited token number to be used as a placeholder in

    79     * the source text.

    80     *

    81     */

    82     

    83     function process(&$matches)

    84     {    

    85         // save the file location

    86         $this->file = $this->getConf('base', './') . $matches[2];

    87         

    88         // extract attribs as variables in the local space

    89         $this->vars = $this->getAttrs($matches[3]);

    90         unset($this->vars['this']);

    91         extract($this->vars);

    92         

    93         // run the script

    94         ob_start();

    95         include($this->file);

    96         $this->output = ob_get_contents();

    97         ob_end_clean();

    98         

    99         // done, place the script output directly in the source

   100         return $this->wiki->addToken(

   101             $this->rule,

   102             array('text' => $this->output)

   103         );

   104     }

   105 }

   106 ?>