Extension:NukeHtmlPhp

From MediaWiki.org
Jump to: navigation, search
MediaWiki extensions manual - list
Crystal Clear action run.png
NukeHtmlPhp

Release status: unknown
Implementation Tag, Page action
Description This extension enables the conditional removal replacement of the following tags <html> <php> <runphp> from article being saved. Potential security issues can thus be managed.
Author(s) Jean-Lou Dupont
License No license specified
Download see below
Hooks used
ArticleSave

Check usage (experimental)


Up to date information on this extension can be found at: [1] The update provides better integration with other extensions:

  • GeSHi syntax highlighter [2]
  • RunPHP Page [3]

[edit] Purpose

This extension enables the conditional removal replacement of the following tags <html> <php> <runphp> from article being saved. Potential security issues can thus be managed.

[edit] Other Options

  • For handling native HTML inclusion more securely (and more conveniently), please see Extension:SecureHTML.

[edit] Source Code

 <?php
# NukeHtmlPhp Mediawiki Extension
# -------------------------------
# Author: Jean-Lou Dupont
 
# This extension implements a "hook" on the "ArticleSave" event
# in order to 'nuke' any <html>, <php> or <runphp> tags
# found to be entered by members without the 'coding' right.

# To activate the extension, include it from your "LocalSettings.php"
# with: include("extensions/nukeHtmlPhp.php");

# Also, specify which group(s) have the 'coding' right e.g:
# $wgGroupPermissions['user']['coding'] = false;
# $wgGroupPermissions['sysop']['coding'] = true;

# ---------------------------------

$wgHooks['ArticleSave'][] = 'fnNukeHtmlPhpHook';
 
function fnNukeHtmlPhpHook(&$article, &$user, &$text, &$summary, $minor, $watch, $sectionanchor, &$flags)
{
 #First, check if User has "coding" permission
 if ($user->isAllowed('coding')!='true')
 {
  #If not, "nuke" all HTML, PHP and RUNPHP tags
  $text=str_ireplace("html>","ehtml>",$text);
 
  # case with <php>article_title</php>  --> <ephp>{{article_title}}</ephp>
  $text=str_ireplace("<php>","<ephp>{{",$text);
  $text=str_ireplace("</php>","}}</ephp>",$text);
 
  $text=str_ireplace("<runphp>","<erunphp>",$text);
  $text=str_ireplace("</runphp>","</erunphp>",$text);
 }
 
 return true;
}
?>
Retrieved from "http://www.mediawiki.org/w/index.php?title=Extension:NukeHtmlPhp&oldid=135686"
Personal tools
Namespaces
Variants
Actions
Site
Support
Download
Development
Communication
Print/export
Toolbox