Commit 3faf73e7 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Allow embedded youtube videos in user-generated html

parent a3dc95b4
......@@ -38,9 +38,18 @@ $themeoptions = get_themes();
$yesno = array(true => get_string('yes'),
false => get_string('no'));
$allowedfilters = array('YouTube');
$enabledfilters = get_config('filters');
if ($enabledfilters) {
$enabledfilters = unserialize($enabledfilters);
}
else {
$enabledfilters = array();
}
$searchpluginoptions = get_search_plugins();
$siteoptionform = pieform(array(
$siteoptionform = array(
'name' => 'siteoptions',
'jsform' => true,
'renderer' => 'table',
......@@ -148,12 +157,35 @@ $siteoptionform = pieform(array(
'defaultvalue' => get_config('usersallowedmultipleinstitutions'),
'help' => true,
),
'submit' => array(
'type' => 'submit',
'value' => get_string('updatesiteoptions', 'admin')
),
)
));
);
// List of HTML Purifier filters to enable
$siteoptionform['elements']['filters'] = array(
'type' => 'fieldset',
'legend' => get_string('trustedsitesforembeddedcontent', 'admin'),
'collapsible' => true,
'collapsed' => true,
'elements' => array(
'filters_description' => array(
'type' => 'html',
'value' => get_string('trustedsitesforembeddedcontentdescription', 'admin'),
),
'YouTube' => array(
'type' => 'checkbox',
'title' => 'http://www.youtube.com',
'description' => get_string('htmlfilter_YouTube', 'admin'),
'defaultvalue' => in_array('YouTube', $enabledfilters),
),
),
);
$siteoptionform['elements']['submit'] = array(
'type' => 'submit',
'value' => get_string('updatesiteoptions', 'admin')
);
$siteoptionform = pieform($siteoptionform);
function siteoptions_fail(Pieform $form, $field) {
$form->reply(PIEFORM_ERR, array(
......@@ -163,6 +195,7 @@ function siteoptions_fail(Pieform $form, $field) {
}
function siteoptions_submit(Pieform $form, $values) {
global $allowedfilters;
$fields = array('sitename','lang','theme', 'pathtoclam',
'defaultaccountlifetime', 'defaultaccountinactiveexpire', 'defaultaccountinactivewarn',
'allowpublicviews', 'allowpublicprofiles', 'searchplugin');
......@@ -188,6 +221,16 @@ function siteoptions_submit(Pieform $form, $values) {
siteoptions_fail($form, $checkbox);
}
}
// List of filters for HTMLPurifier
$enabledfilters = array();
foreach ($allowedfilters as $filter) {
if ($values[$filter] == 'on') {
$enabledfilters[] = $filter;
}
}
if (!set_config('filters', serialize($enabledfilters))) {
siteoptions_fail($form, 'filters');
}
$message = get_string('siteoptionsset', 'admin');
if ($oldtheme != $values['theme']) {
$message .= ' ' . get_string('usersseenewthemeonlogin', 'admin');
......
......@@ -131,6 +131,8 @@ $string['siteoptionspagedescription'] = 'Here you can set some global options th
$string['siteoptionsset'] = 'Site options have been updated.';
$string['sitethemedescription'] = 'The default theme for the site';
$string['theme'] = 'Theme';
$string['trustedsitesforembeddedcontent'] = 'Trusted sites for embedded content';
$string['trustedsitesforembeddedcontentdescription'] = 'If you would like to give your users the ability to embed videos from other sites, choose the trusted sites from the list below';
$string['updatesiteoptions'] = 'Update site options';
$string['usersallowedmultipleinstitutions'] = 'Users allowed multiple institutions';
$string['usersallowedmultipleinstitutionsdescription'] = 'If checked, users can be members of several institutions at the same time';
......@@ -138,6 +140,8 @@ $string['usersseenewthemeonlogin'] = 'Users will see the new theme the next time
$string['viruschecking'] = 'Virus checking';
$string['viruscheckingdescription'] = 'If checked, virus checking will be enabled for all uploaded files using ClamAV';
$string['htmlfilter_YouTube'] = 'Embed code copied from YouTube will be allowed in HTML created by users.';
// Site content
$string['about'] = 'About';
$string['discardpageedits'] = 'Discard your changes to this page?';
......
......@@ -2085,6 +2085,11 @@ function clean_text($text) {
$config->set('Core', 'Encoding', 'UTF-8');
$config->set('HTML', 'Doctype', 'XHTML 1.0 Transitional');
if (get_config('filters')) {
foreach (unserialize(get_config('filters')) as $filter) {
$config->set('Filter', $filter, true);
}
}
$def =& $config->getHTMLDefinition(true);
$def->addAttribute('a', 'target', 'Enum#_blank,_self,_target,_top');
$purifier = new HTMLPurifier($config);
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment