BBCodeLibrary::DoImage( $bbcode, $action, $name, $default, $params, $content )
Description
Source
File: bp-forums/admin/parser.php
function DoImage($bbcode, $action, $name, $default, $params, $content) {
if ($action == BBCODE_CHECK) return true;
$content = trim($bbcode->UnHTMLEncode(strip_tags($content)));
if (preg_match("/\\.(?:gif|jpeg|jpg|jpe|png)$/", $content)) {
if (preg_match("/^[a-zA-Z0-9_][^:]+$/", $content)) {
if (!preg_match("/(?:\\/\\.\\.\\/)|(?:^\\.\\.\\/)|(?:^\\/)/", $content)) {
$info = @getimagesize("{$bbcode->local_img_dir}/{$content}");
if ($info[2] == IMAGETYPE_GIF || $info[2] == IMAGETYPE_JPEG || $info[2] == IMAGETYPE_PNG) {
return "<img src=\""
. htmlspecialchars("{$bbcode->local_img_url}/{$content}") . "\" alt=\""
. htmlspecialchars(basename($content)) . "\" width=\""
. htmlspecialchars($info[0]) . "\" height=\""
. htmlspecialchars($info[1]) . "\" class=\"bbcode_img\" />";
}
}
}
else if ($bbcode->IsValidURL($content, false)) {
return "<img src=\"" . htmlspecialchars($content) . "\" alt=\""
. htmlspecialchars(basename($content)) . "\" class=\"bbcode_img\" />";
}
}
return htmlspecialchars($params['_tag']) . htmlspecialchars($content) . htmlspecialchars($params['_endtag']);
}
Questions?
We're always happy to help with code or other questions you might have! Search our developer docs, contact support, or connect with our sales team.