From 4fe050bf1cf0183b6e269a5eb5285334f4656add Mon Sep 17 00:00:00 2001
From: Exile <iglix@me.com>
Date: Wed, 20 Aug 2014 23:30:41 +0400
Subject: [PATCH] Nofollow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Добавляем атрибут nofollow для внешних ссылок + успрощение сортировки смайликов.
---
 install/sql/mysql.sql                       |   1 -
 upload/config.php                           |   7 +++
 upload/images/smiles/cd.gif                 | Bin 1117 -> 0 bytes
 upload/includes/bbcode.php                  |  61 +++++++++++++++-----
 upload/includes/datastore/build_smilies.php |   2 +-
 upload/includes/functions.php               |  10 ----
 6 files changed, 56 insertions(+), 25 deletions(-)
 delete mode 100644 upload/images/smiles/cd.gif

diff --git a/install/sql/mysql.sql b/install/sql/mysql.sql
index a34ee47bb..cbc2e9059 100644
--- a/install/sql/mysql.sql
+++ b/install/sql/mysql.sql
@@ -1228,7 +1228,6 @@ INSERT INTO `bb_smilies` VALUES (52, ':bz:', 'bz.gif', 'bz');
 INSERT INTO `bb_smilies` VALUES (53, ':ca:', 'ca.gif', 'ca');
 INSERT INTO `bb_smilies` VALUES (54, ':cb:', 'cb.gif', 'cb');
 INSERT INTO `bb_smilies` VALUES (55, ':cc:', 'cc.gif', 'cc');
-INSERT INTO `bb_smilies` VALUES (56, ':cd:', 'cd.gif', 'cd');
 
 -- --------------------------------------------------------
 
diff --git a/upload/config.php b/upload/config.php
index ead5b4dcf..056bebe97 100644
--- a/upload/config.php
+++ b/upload/config.php
@@ -57,6 +57,7 @@
  * Misc
  * Captcha
  * Atom feed
+ * Nofollow
 **/
 
 if (!defined('BB_ROOT')) die(basename(__FILE__));
@@ -605,4 +606,10 @@ $bb_cfg['atom'] = array(
 	'url'  => './atom',         # without '/'
 );
 
+// Nofollow
+$bb_cfg['nofollow'] = array(
+	'disabled'    => false,
+	'allowed_url' => array($domain_name), // 'allowed.site', 'www.allowed.site'
+);
+
 define('BB_CFG_LOADED', true);
\ No newline at end of file
diff --git a/upload/images/smiles/cd.gif b/upload/images/smiles/cd.gif
deleted file mode 100644
index b50ce59827fc9a7d9e4c38405e8eda002493cfa7..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 1117
zcmZ?wbhEHb6k!ly_};_dY$EXgnbMEjazAg&e>^Xh86ooLp~Al>ivOM}{eP<T@{ri2
z3#Z<nkvw<iNI{&zqwPX|c7iY8y#IAqe(t35yZ7!s*(LJry6lH@Qcw4Ye7Y$8^_uM8
zM~cs1y-n~IzkdDlg6TEoY1S3#HYxtHu4V!O4uY?bi62}oGodAUPAS*xqvD(9N}oA(
z@Yg;0h0|-VF66$qK_K2!Bt1}eLUYo+^#bqDO3ka}p467soyxwZhJDVYvL|QcZ!G66
zjNqP_$Mxu>+^l@|(;KBL(roT;5=;w}xj36^-9(|crzBsWlA1fYB0G??HcRaKX0bS5
z;fgfTmF@h`_K582<jf1<dVWA`ZNJd56=LURb3fTDc65!@-X6}GtrGLPBwxIKcWR65
zrA=b_A)K@81!m^4@0h@MU=sJ+Gtvi^OI?}I{bZN$-U-}Gn|SZ67sv>f%LtZD@Dj`N
z<2buY<mOI^>(?)3`?0U?75s8b;oCjM(q!|SYXoNGv2UNicXbg@h7U(ss@0TYp5i3a
zb91=oPp!JUULf0_<NZaMlwjf0Cl7qNDtmJ|@4P7$XHOqKH<NQ&EB~+i3hzFBXBY*v
z2?52QEQ|~cJq$V^<3V|Xf#W}eB&UqWh6RpIf>K*JE-rNL5aU&n5%EZL60wZUkSJWN
zagv3LUEJb_l1BpzCzDCchC{~>HZ{pz3lL0rz`(@9&cktHfkKZIKeOc=4Wk6-CI-eG
zEFK#Y85ns?b8-ZCG`TA>yH9kwu<1%et57DBqEJW5sRm|`txN$<&l?!n_yhh3Mm*=`
zW>MpMA<M{cKtWcBV}_uxOG3M0dFYqeJJVSNm_+|{2%LC!BJyaDbbMoUs?lOQZykvf
zySM8L%g4tj+*CGb7iMzZ?8I;(rSGzOTb+!M$BFJKJj_{24HHr?`mq{!9Ent%(9C1P
zrI%sgsrHnW)hVXI@?fIE9K{NQB~}Rz4Ghg95)3;J2r_FpPPBbvvm)T(!EV{kyd5?X
k8+p5oE2l6Xm945V5me@^WnkhlX!zjh!tRz4;J{!F06<<t^Z)<=

diff --git a/upload/includes/bbcode.php b/upload/includes/bbcode.php
index 73c0ff20a..e258dc0e1 100644
--- a/upload/includes/bbcode.php
+++ b/upload/includes/bbcode.php
@@ -497,10 +497,9 @@ class bbcode
 	*/
 	function init_replacements ()
 	{
-		$tpl         = $this->tpl;
-		$img_url_exp = '(https?:)?//[^\s\?&;=\#\"<>]+?\.(jpg|jpeg|gif|png)([a-z0-9/?&%;][^\[\]]*)?';
-		$email_exp   = '[a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+';
-		$url_exp     = '[\w\#!$%&~/.\-;:=,?@а-яА-Я\[\]+]+?';
+		$tpl       = $this->tpl;
+		$img_exp   = '(https?:)?//[^\s\?&;=\#\"<>]+?\.(jpg|jpeg|gif|png)([a-z0-9/?&%;][^\[\]]*)?';
+		$email_exp = '[a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+';
 
 		$this->preg = array(
 			'#\[quote="(.+?)"\]#isu'                                 => $tpl['quote_username_open'],
@@ -514,12 +513,8 @@ class bbcode
 			'#\[size=([1-2]?[0-9])\]#isu'                            => '<span style="font-size: $1px; line-height: normal;">',
 			'#\[align=(left|right|center|justify)\]#isu'             => '<span class="post-align" style="text-align: $1;">',
 			'#\[font="([\w\- \']+)"\]#isu'                           => '<span style="font-family: $1;">',
-			"#\[img\]($img_url_exp)\[/img\]#isu"                     => $tpl['img'],
-			"#\[img=(left|right)\]($img_url_exp)\[/img\]\s*#isu"     => $tpl['img_aligned'],
-			"#\[url\](https?://$url_exp)\[/url\]#isu"                => '<a href="$1" class="postLink">$1</a>',
-			"#\[url\](www\.$url_exp)\[/url\]#isu"                    => '<a href="http://$1" class="postLink">$1</a>',
-			"#\[url=(https?://$url_exp)\]([^?\n\t].*?)\[/url\]#isu"  => '<a href="$1" class="postLink">$2</a>',
-			"#\[url=(www\.$url_exp)\]([^?\n\t].*?)\[/url\]#isu"      => '<a href="http://$1" class="postLink">$2</a>',
+			"#\[img\]($img_exp)\[/img\]#isu"                         => $tpl['img'],
+			"#\[img=(left|right|center)\]($img_exp)\[/img\]\s*#isu"  => $tpl['img_aligned'],
 			"#\[email\]($email_exp)\[/email\]#isu"                   => '<a href="mailto:$1">$1</a>',
 			"#\[qpost=([0-9]*)\]#isu"                                => '<u class="q-post">$1</u>',
 		);
@@ -570,15 +565,22 @@ class bbcode
 		$text = $this->clean_up($text);
 		$text = $this->spam_filter($text);
 
-		// парсинг тегов
+		// Tag parse
 		if (strpos($text, '[') !== false)
 		{
-			// [CODE]
+			// [code]
 			$text = preg_replace_callback('#(\s*)\[code\](.+?)\[/code\](\s*)#s', array(&$this, 'code_callback'), $text);
 
 			// Escape tags inside tiltes in [quote="tilte"]
 			$text = preg_replace_callback('#(\[(quote|spoiler)=")(.+?)("\])#', array(&$this, 'escape_tiltes_callback'), $text);
 
+			// [url]
+			$url_exp = '[\w\#!$%&~/.\-;:=,?@а-яА-Я\[\]+]+?';
+			$text = preg_replace_callback("#\[url\](https?://$url_exp)\[/url\]#isu", array(&$this, 'url_callback'), $text);
+			$text = preg_replace_callback("#\[url\](www\.$url_exp)\[/url\]#isu", array(&$this, 'url_callback'), $text);
+			$text = preg_replace_callback("#\[url=(https?://$url_exp)\]([^?\n\t].*?)\[/url\]#isu", array(&$this, 'url_callback'), $text);
+			$text = preg_replace_callback("#\[url=(www\.$url_exp)\]([^?\n\t].*?)\[/url\]#isu", array(&$this, 'url_callback'), $text);
+
 			// Normalize block level tags wrapped with new lines
 			$block_tags = join('|', $this->block_tags);
 			$text = str_replace("\n\n[hr]\n\n", '[br][hr][br]', $text);
@@ -692,6 +694,28 @@ class bbcode
 		return $this->tpl['code_open'] . $code . $this->tpl['code_close'];
 	}
 
+	/**
+	* [url] callback
+	*/
+	function url_callback ($m)
+	{
+		global $bb_cfg;
+
+		$url = trim($m[1]);
+		$url_name = (isset($m[2])) ? trim($m[2]) : $url;
+
+		if (in_array(parse_url($url, PHP_URL_HOST), $bb_cfg['nofollow']['allowed_url']) || $bb_cfg['nofollow']['disabled'])
+		{
+			$link = "<a href=\"$url\" class=\"postLink\">$url_name</a>";
+		}
+		else
+		{
+			$link = "<a href=\"$url\" class=\"postLink\" rel=\"nofollow\">$url_name</a>";
+		}
+
+		return $link;
+	}
+
 	/**
 	* Escape tags inside tiltes in [quote="tilte"]
 	*/
@@ -739,11 +763,22 @@ class bbcode
 	*/
 	function make_url_clickable_callback ($m)
 	{
+		global $bb_cfg;
+
 		$max_len = 70;
 		$href    = $m[1];
 		$name    = (mb_strlen($href, 'UTF-8') > $max_len) ? mb_substr($href, 0, $max_len - 19) .'...'. mb_substr($href, -16) : $href;
 
-		return "<a href=\"$href\" class=\"postLink\">$name</a>";
+		if (in_array(parse_url($href, PHP_URL_HOST), $bb_cfg['nofollow']['allowed_url']) || $bb_cfg['nofollow']['disabled'])
+		{
+			$link = "<a href=\"$href\" class=\"postLink\">$name</a>";
+		}
+		else
+		{
+			$link = "<a href=\"$href\" class=\"postLink\" rel=\"nofollow\">$name</a>";
+		}
+
+		return $link;
 	}
 
 	/**
diff --git a/upload/includes/datastore/build_smilies.php b/upload/includes/datastore/build_smilies.php
index 0bc49996a..64aab6d74 100644
--- a/upload/includes/datastore/build_smilies.php
+++ b/upload/includes/datastore/build_smilies.php
@@ -7,7 +7,7 @@ global $bb_cfg;
 $smilies = array();
 
 $rowset = DB()->fetch_rowset("SELECT * FROM ". BB_SMILIES);
-usort($rowset, 'smiley_sort');
+sort($rowset, 'SORT_NUMERIC');
 
 foreach ($rowset as $smile)
 {
diff --git a/upload/includes/functions.php b/upload/includes/functions.php
index 2779b68b5..09d508309 100644
--- a/upload/includes/functions.php
+++ b/upload/includes/functions.php
@@ -1777,16 +1777,6 @@ function obtain_word_list (&$orig_word, &$replacement_word)
 	return true;
 }
 
-function smiley_sort ($a, $b)
-{
-	if (strlen($a['code']) == strlen($b['code']))
-	{
-		return 0;
-	}
-
-	return (strlen($a['code']) > strlen($b['code'])) ? -1 : 1;
-}
-
 function bb_die ($msg_text)
 {
 	global $ajax, $bb_cfg, $lang, $template, $theme, $userdata;