AUBBC
view release on metacpan or search on metacpan
8) Perl code highlighter in the code tags
9) Fully customizable settings.
The advantage of using this BBcode is to have the piece of mind of using a secure program,
to restrict the usage of HTML/XHTML elements and to make formatting of posts easy to people that have no HTML/XHTML skill.
Most sites that use these tags show a list of them and/or easy way to insert the tags to the form field by the user.
The [c] or code tags can highlight Perl code, highlighting the Perl code with CSS in HTML/XHTML,
and in the examples folder the tag_list.cgi file has a CSS code you could work from and now a setting to change to a costume highlighter function.
This module addresses many security issues the BBcode tags may have mainly cross site script also known as XSS.
Each message is escaped before it gets returned if script_escape is Enabled and checked for many types of security problems before that tag converts to HTML/XHTML.
The script_escape setting and method also converts the ' sign so the text can be stored in a SQL back-end.
Most of the free web portals use the | sign as the delimiter for the flat file database, the script_escape setting and method also converts that sign so the structure of the database is retained.
Allows easy conversion to HTML and XHTML, existing tags will convert to the HTML type set.
If there isn't a popular tag available this module provides a method to "Build your own tags" custom tags can help link to parts of the current web page, other web pages and add other HTML elements.
8) Perl code highlighter in the code tags
9) Fully customizable settings.
The advantage of using this BBcode is to have the piece of mind of using a secure program,
to restrict the usage of HTML/XHTML elements and to make formatting of posts easy to people that have no HTML/XHTML skill.
Most sites that use these tags show a list of them and/or easy way to insert the tags to the form field by the user.
The [c] or code tags can highlight Perl code, highlighting the Perl code with CSS in HTML/XHTML,
and in the examples folder the tag_list.cgi file has a CSS code you could work from and now a setting to change to a costume highlighter function.
This module addresses many security issues the BBcode tags may have mainly cross site script also known as XSS.
Each message is escaped before it gets returned if script_escape is Enabled and checked for many types of security problems before that tag converts to HTML/XHTML.
The script_escape setting and method also converts the ' sign so the text can be stored in a SQL back-end.
Most of the free web portals use the | sign as the delimiter for the flat file database, the script_escape setting and method also converts that sign so the structure of the database is retained.
Allows easy conversion to HTML and XHTML, existing tags will convert to the HTML type set.
If there isn't a popular tag available this module provides a method to "Build your own tags" custom tags can help link to parts of the current web page, other web pages and add other HTML elements.
=head1 Security
Security advice to ensure the proper usage of this module.
=head2 Database Manipulation
The default settings of AUBBC.pm is not good for most forums, blogs, wiki's and bulletin boards
because by default AUBBC should work and be secure. The other reason is these programs will want some
of the user input editable and portable.
For editing and portability purposes you would want to retain the tags or user input as they typed it,
but always use the script_escape before saving to a back-end. This will allow you to change the settings
of AUBBC on the fly so the tags remain portable to setting changes.
The script_escape filter is vital to security for many reasons and provides a standard format for other
methods of AUBBC. There is a file in the examples folder called Database_Manipulation.pm that try's to explain what settings
to change and how to stay safe.
=head2 Mixing HTML and BBcode
Since the script_escape method will disable HTML and JavaScript, I came up with a way
to mix the two. The recommended use of mixing is for Administrator's of the program only,
because giving anyone the ability to post unfiltered codes is just wrong.
The mixing method is good for themes, information pages and wiki's just to name a few.
for some tags when script_escape is disabled you can just run do_all_ubbc on variables with HTML mixed
There are some uncontrollable security issues with allowing images [img] and link [url] auto-link tags,
you can disable [img] tags by setting "no_img => 1," to 1 as shown.
Security issues with the [url] and auto-link tags is not as bad since you have to click it to
get to the risky web site, unlike an image loading.
=head2 FYI
XHTML has better JavaScript security standards then HTML.
Developers can also use cookies with "httponly" flags to disable JavaScript from
reading that cookie, but the browsers must support it.
XSS, browser hijacking and other security risks can change by settings, browser vendors and program versions.
=head1 Tag Security Access
New to v4.05. Assign security levels for links, images, build and code tags.
Default settings allows all tags to be seen so there would be no changes needed
if you just wanted the latest version and not use this method yet.
This method works with your current authentication and will be explained more later.
Note: The smilies is not controled by this security.
=head2 User Security Levels
Default security levels are from low to high!!!
2) The names must be spelled the same as the name passed to method user_level();
3) Security access is determined by low to high numbers and with the default Guest
will be number/level 0 in the array. if the links was set for User
the links level will have to be 1 = User making any lower level unable to
see any bbcode links but, the Administrator would still see all.
=head2 Tag Security Levels
To change the security level of links, images and code use this method this way:
$aubbc->tag_security(
code => { level => 0, text => 'register to see this', },
img => { level => 0, text => 'register to see this', },
url => { level => 0, text => 'register to see this', },
);
level - the array number of the security level
text - the text or HTML to show if user has no access
If you are using the tag security you will want to set the user_level after the user
was authenticated by the web application and before do_all_ubbc is used.
=head1 Settings
These settings effect a large part of what the do_all_ubbc method can do and what other
methods can do in do_all_ubbc. some settings are used in many methods
=head2 $aubbc->settings();
This is the method to change them when needed.
$aubbc->settings(
aubbc => 1,
utf => 1,
smileys => 1,
highlight => 1,
# est.....
);
=head2 aubbc
type - 1 is style [name://pattern], 2 is style [name]pattern[/name], 3 is style [name],
the next setting for type the function will not be used to run Perl subroutines and
will replace the text with what text is defined in the function setting, the setting is
type 4 this will use style [name] but will work different then the other built settings
see function below on how type 4 works
function - a pre-defined subroutine that receives the matched pattern, tag name and returns what you want,
unless type is set to 4 then it will replace the tag with what text is in the function.
Note: if the function returns undefined, '' or 0 the tag will not be changed.
level - the array number of the security level
error - the text or HTML to show if user has no access
Note: For the build tags leaving the variables blank will default level to 0 and
error to the $AUBBC::BAD_MESSAGE string.
Usage:
Fixed - The hash for tag_security() needed the images and link renamed to a tag
name being used. Changed the image name to img and the link to url. Read
"Tag Security Levels" for more info.
Fixed - security for links was in method make_link and was causing an access issue
if used outside of the module. Made a new method to check link access now the
make_link method could be used outside of the module without the security access
in it, as intended.
Changed - forgot to say in version 4.05 that I changed the aubbc_error so a new line
will be added after each inserted error.
v4.05 - 04/05/2011
Addition - Assign security levels for links, images, built and code tags.
New subroutine names: security_levels, user_level, tag_security, check_access
Changed - The default value for $AUBBC::BAD_MESSAGE is now 'Unathorized'
Fixed - Bug with quote tag, needed to convert all its tags.
v4.03 - 02/03/2011
Addition - New Object method aubbc_error . Developers can now controle if or when
to handle errors, see the POD 'Error Message' for usage.
Fixed - All built-in tags only convert balanced tags so no unbalanced HTML can
be produced
Fixed - Bug in code_highlight a highlight regex needed to be changed after
version 4.01 to support the Parser style.
Improvement - Small restructure of add_build_tag and change the 'all' setting
of 'pattern' to allow more.
v4.02 - 11/28/2010
Fixed - The element ID for the code download started at 1 for every instance this
will force the browser to take priority to load the first ID it reads. The fix
starts the counter at 'time.$$.000' to try to produce a more unique ID for each
instance.
Fixed - under the code tag in do_ubbc line " $do_f[8] = '' if $do_f[8]; "
Fixed - Bug that converts the true text typed to the HTML code name.
All parts of the module where effected by this bug, in the code tag if the
author ment & #59 ; it would show ; . This also caused a long standing bug with
typing any HTML code name and saving it to a backend.
this fix removes the HTML code name regex in do_unicode and had to add/move two
filters in "script_escape to conver the & to an amp and ; to #59;" and
"html_to_text to conver amp to & and #59 to ;". This fix also helped in allowing
the regex's for highlighting subroutines to be made.
Fixed - had to add a null byte marker to escape_aubbc so the code tag's
highlighter can detect the escaped character and change it back. In do_all_ubbc
All markers get removed before the message is returned because FireFox can see
the null bytes as an error.
Addition - Perl subroutine highlighting for the code tag highlighter. Had a
problem making this till this version because a HTML code name can look like
&TheName; and a Perl subroutine looked the same till ; got converted.
Addition - AUBBC::make_image($align,$src,$width,$height,$alt) this is useful enough
to mention once.
Addition - New value for setting line_break 2 for old <br style. This effects script_escape.
Addition - This module now uses Memoize for a massive speed improvement.
If you thought it was fast before, I hope your sitting down when you bench this version. LOL
Addition - added setting highlight_function to replace the highlighting method
of AUBBC with a costume one.
Fixed - in do_ubbc the line breaks was invalidating HTML for List Block elements
Improvement - in do_all_ubbc changed defining $msg each time. there could have
been a bug in past versions if an undefined variable was used after a defined message was
converted. was going to allow do_all_ubbc to pass the last message but decided
other people may see that as a bug.
Improvement - in do_all_ubbc moved if $do_flag[4] for no_bypass to a better spot
Improvement - in do_all_ubbc moved if for for_links to a better spot
Improvement - changed tags left,right and center to only convert balanced tags
v3.00 - 09/14/2010
Improvement - made it balls to the wall faster.
v2.21 - 09/09/2010 16:32:34
Fixed - -withoutworldwriteables, bug with making an archive on windows to PAUSE.
v2.20 - 09/08/2010 19:40:55
Addition - in examples folder there is a bench.pl to test the speed and support
of all the Perl BBcode modules. BBCode::Parser Parse::BBCode HTML::BBCode HTML::BBReverse
Fixed - fixed a line break and new line sandbox bug
Improvement - Massive speed improvement to the hole module and no features lost.
changed new for faster loading, the module uses vars for some variables,
re-spaced the hole code.
v2.10 - 08/31/2010 11:17:13
Addition - adding type 4 to add_build_tag this will use style 3 but will work
different then the other built functions. Type 4 will print the text defined in
function and not point to a defined Perl subroutine.
Addition - added line_break setting to have control over the script_escape and
html_to_text methods converting html line break <br> and new line \n
Addition - added fix_amp this setting finds all the & that need to covert to the amp; html code name
so the w3c xhtml validation checks ok.
Addition - added no_img this setting will allow some control for using [img] tags
for security reasons
Fixed - bug in settings_prep when a setting gets changed html_type could change
Fixed - Better support for XHTML 1.0 Strict for some tags having issues in do_ubbc
Fixed - in do_ubbc the [url] tag produces a bug if a link is used as a name
the fix converts the period and/or colon of the name so its not seen as a new
link.
Improvement - in do_unicode removed then changed the two regexs to do a 3 in 1 filter.
Improvement - in html_to_text added a code to fix a <br> bug if ppl use html or xhtml line break.
Improvement - moved the pattern building code from do_build_tag to add_build_tag
so it only runs one time
Improvement - in add_build_tag using a hash array to store the build tag data so
there is no need to use split in do_build_tag
Improvement - in do_all_ubbc moved script_escape to a location where one call
Changed the regex in plain URL's
Removed bad patter setting and now using a more standard way to detect bad image tags
Fixed dynamic view in XHTML for the protect email method.
Added js_print method which will print out the javascript needed for the new protect email method
Added values for the code highlighter so it can support CSS classes
Added highlighting of variables and changed 2 quote regex to allow multi line quotes
and a few other things that make this 2.0
v1.30 - 09/08/2008 14:12:10
Fixed the function check in add_build_tag(), when the 1.20 changes where made this check was neglected
Edited add_build_tag() Error messages, hopefully they make more sense.
Now add_build_tag() name allows - and _ in it.
v1.20 - 09/07/2008 09:23:09
Fixed bug that bypassed utf tag converter if square bracket wasn't detected
Fixed Makefile.PL
Fixed - The hash for tag_security() needed the images and link renamed to a tag
name being used. Changed the image name to img and the link to url. Read
"Tag Security Levels" for more info.
Fixed - security for links was in method make_link and was causing an access issue
if used outside of the module. Made a new method to check link access now the
make_link method could be used outside of the module without the security access
in it, as intended.
Changed - forgot to say in version 4.05 that I changed the aubbc_error so a new line
will be added after each inserted error.
v4.05 - 04/05/2011
Addition - Assign security levels for links, images, built and code tags.
New subroutine names: security_levels, user_level, tag_security, check_access
Changed - The default value for $AUBBC::BAD_MESSAGE is now 'Unathorized'
v4.04 - 02/05/2011
Fixed - Bug with quote tag, needed to convert all its tags.
v4.03 - 02/03/2011
Addition - New Object method aubbc_error . Developers can now controle if or when
to handle errors, see the POD 'Error Message' for usage.
Fixed - All built-in tags only convert balanced tags so no unbalanced HTML can
be produced
Fixed - Bug in code_highlight a highlight regex needed to be changed after
version 4.01 to support the Parser style.
Improvement - Small restructure of add_build_tag and change the 'all' setting
of 'pattern' to allow more.
v4.02 - 11/28/2010
Fixed - The element ID for the code download started at 1 for every instance this
will force the browser to take priority to load the first ID it reads. The fix
starts the counter at 'time.$$.000' to try to produce a more unique ID for each
instance.
Fixed - under the code tag in do_ubbc line " $do_f[8] = '' if $do_f[8]; "
Fixed - Bug that converts the true text typed to the HTML code name.
All parts of the module where effected by this bug, in the code tag if the
author ment & #59 ; it would show ; . This also caused a long standing bug with
typing any HTML code name and saving it to a backend.
this fix removes the HTML code name regex in do_unicode and had to add/move two
filters in "script_escape to conver the & to an amp and ; to #59;" and
"html_to_text to conver amp to & and #59 to ;". This fix also helped in allowing
the regex's for highlighting subroutines to be made.
Fixed - had to add a null byte marker to escape_aubbc so the code tag's
highlighter can detect the escaped character and change it back. In do_all_ubbc
All markers get removed before the message is returned because FireFox can see
the null bytes as an error.
Addition - Perl subroutine highlighting for the code tag highlighter. Had a
problem making this till this version because a HTML code name can look like
&TheName; and a Perl subroutine looked the same till ; got converted.
Addition - AUBBC::make_image($align,$src,$width,$height,$alt) this is useful enough
to mention once.
Addition - New value for setting line_break 2 for old <br style. This effects script_escape.
Addition - This module now uses Memoize for a massive speed improvement.
If you thought it was fast before, I hope your sitting down when you bench this version. LOL
Addition - added setting highlight_function to replace the highlighting method
of AUBBC with a costume one.
Fixed - in do_ubbc the line breaks was invalidating HTML for List Block elements
Improvement - in do_all_ubbc changed defining $msg each time. there could have
been a bug in past versions if an undefined variable was used after a defined message was
converted. was going to allow do_all_ubbc to pass the last message but decided
other people may see that as a bug.
Improvement - in do_all_ubbc moved if $do_flag[4] for no_bypass to a better spot
Improvement - in do_all_ubbc moved if for for_links to a better spot
Improvement - changed tags left,right and center to only convert balanced tags
v3.00 - 09/14/2010
Improvement - made it balls to the wall faster.
v2.21 - 09/09/2010 16:32:34
Fixed - -withoutworldwriteables, bug with making an archive on windows to PAUSE.
v2.20 - 09/08/2010 19:40:55
Addition - in examples folder there is a bench.pl to test the speed and support
of all the Perl BBcode modules. BBCode::Parser Parse::BBCode HTML::BBCode HTML::BBReverse
Fixed - fixed a line break and new line sandbox bug
Improvement - Massive speed improvement to the hole module and no features lost.
changed new for faster loading, the module uses vars for some variables,
re-spaced the hole code.
v2.10 - 08/31/2010 11:17:13
Addition - adding type 4 to add_build_tag this will use style 3 but will work
different then the other built functions. Type 4 will print the text defined in
function and not point to a defined Perl subroutine.
Addition - added line_break setting to have control over the script_escape and
html_to_text methods converting html line break <br> and new line \n
Addition - added fix_amp this setting finds all the & that need to covert to the amp; html code name
so the w3c xhtml validation checks ok.
Addition - added no_img this setting will allow some control for using [img] tags
for security reasons
Fixed - bug in settings_prep when a setting gets changed html_type could change
Fixed - Better support for XHTML 1.0 Strict for some tags having issues in do_ubbc
Fixed - in do_ubbc the [url] tag produces a bug if a link is used as a name
the fix converts the period and/or colon of the name so its not seen as a new
link.
Improvement - in do_unicode removed then changed the two regexs to do a 3 in 1 filter.
Improvement - in html_to_text added a code to fix a <br> bug if ppl use html or xhtml line break.
Improvement - moved the pattern building code from do_build_tag to add_build_tag
so it only runs one time
Improvement - in add_build_tag using a hash array to store the build tag data so
there is no need to use split in do_build_tag
Improvement - in do_all_ubbc moved script_escape to a location where one call
Changed the regex in plain URL's
Removed bad patter setting and now using a more standard way to detect bad image tags
Fixed dynamic view in XHTML for the protect email method.
Added js_print method which will print out the javascript needed for the new protect email method
Added values for the code highlighter so it can support CSS classes
Added highlighting of variables and changed 2 quote regex to allow multi line quotes
and a few other things that make this 2.0
v1.30 - 09/08/2008 14:12:10
Fixed the function check in add_build_tag(), when the 1.20 changes where made this check was neglected
Edited add_build_tag() Error messages, hopefully they make more sense.
Now add_build_tag() name allows - and _ in it.
v1.20 - 09/07/2008 09:23:09
Fixed bug that bypassed utf tag converter if square bracket wasn't detected
Fixed Makefile.PL
8) Perl code highlighter in the code tags
9) Fully customizable settings.
The advantage of using this BBcode is to have the piece of mind of using a secure program,
to restrict the usage of HTML/XHTML elements and to make formatting of posts easy to people that have no HTML/XHTML skill.
Most sites that use these tags show a list of them and/or easy way to insert the tags to the form field by the user.
The [c] or code tags can highlight Perl code, highlighting the Perl code with CSS in HTML/XHTML,
and in the examples folder the tag_list.cgi file has a CSS code you could work from and now a setting to change to a costume highlighter function.
This module addresses many security issues the BBcode tags may have mainly cross site script also known as XSS.
Each message is escaped before it gets returned if script_escape is Enabled and checked for many types of security problems before that tag converts to HTML/XHTML.
The script_escape setting and method also converts the ' sign so the text can be stored in a SQL back-end.
Most of the free web portals use the | sign as the delimiter for the flat file database, the script_escape setting and method also converts that sign so the structure of the database is retained.
Allows easy conversion to HTML and XHTML, existing tags will convert to the HTML type set.
If there isn't a popular tag available this module provides a method to "Build your own tags" custom tags can help link to parts of the current web page, other web pages and add other HTML elements.
=head1 Security
Security advice to ensure the proper usage of this module.
=head2 Database Manipulation
The default settings of AUBBC.pm is not good for most forums, blogs, wiki's and bulletin boards
because by default AUBBC should work and be secure. The other reason is these programs will want some
of the user input editable and portable.
For editing and portability purposes you would want to retain the tags or user input as they typed it,
but always use the script_escape before saving to a back-end. This will allow you to change the settings
of AUBBC on the fly so the tags remain portable to setting changes.
The script_escape filter is vital to security for many reasons and provides a standard format for other
methods of AUBBC. There is a file in the examples folder called Database_Manipulation.pm that try's to explain what settings
to change and how to stay safe.
=head2 Mixing HTML and BBcode
Since the script_escape method will disable HTML and JavaScript, I came up with a way
to mix the two. The recommended use of mixing is for Administrator's of the program only,
because giving anyone the ability to post unfiltered codes is just wrong.
The mixing method is good for themes, information pages and wiki's just to name a few.
for some tags when script_escape is disabled you can just run do_all_ubbc on variables with HTML mixed
There are some uncontrollable security issues with allowing images [img] and link [url] auto-link tags,
you can disable [img] tags by setting "no_img => 1," to 1 as shown.
Security issues with the [url] and auto-link tags is not as bad since you have to click it to
get to the risky web site, unlike an image loading.
=head2 FYI
XHTML has better JavaScript security standards then HTML.
Developers can also use cookies with "httponly" flags to disable JavaScript from
reading that cookie, but the browsers must support it.
XSS, browser hijacking and other security risks can change by settings, browser vendors and program versions.
=head1 Tag Security Access
New to v4.05. Assign security levels for links, images, build and code tags.
Default settings allows all tags to be seen so there would be no changes needed
if you just wanted the latest version and not use this method yet.
This method works with your current authentication and will be explained more later.
Note: The smilies is not controled by this security.
=head2 User Security Levels
Default security levels are from low to high!!!
2) The names must be spelled the same as the name passed to method user_level();
3) Security access is determined by low to high numbers and with the default Guest
will be number/level 0 in the array. if the links was set for User
the links level will have to be 1 = User making any lower level unable to
see any bbcode links but, the Administrator would still see all.
=head2 Tag Security Levels
To change the security level of links, images and code use this method this way:
$aubbc->tag_security(
code => { level => 0, text => 'register to see this', },
img => { level => 0, text => 'register to see this', },
url => { level => 0, text => 'register to see this', },
);
level - the array number of the security level
text - the text or HTML to show if user has no access
If you are using the tag security you will want to set the user_level after the user
was authenticated by the web application and before do_all_ubbc is used.
=head1 Settings
These settings effect a large part of what the do_all_ubbc method can do and what other
methods can do in do_all_ubbc. some settings are used in many methods
=head2 $aubbc->settings();
This is the method to change them when needed.
$aubbc->settings(
aubbc => 1,
utf => 1,
smileys => 1,
highlight => 1,
# est.....
);
=head2 aubbc
type - 1 is style [name://pattern], 2 is style [name]pattern[/name], 3 is style [name],
the next setting for type the function will not be used to run Perl subroutines and
will replace the text with what text is defined in the function setting, the setting is
type 4 this will use style [name] but will work different then the other built settings
see function below on how type 4 works
function - a pre-defined subroutine that receives the matched pattern, tag name and returns what you want,
unless type is set to 4 then it will replace the tag with what text is in the function.
Note: if the function returns undefined, '' or 0 the tag will not be changed.
level - the array number of the security level
error - the text or HTML to show if user has no access
Note: For the build tags leaving the variables blank will default level to 0 and
error to the $AUBBC::BAD_MESSAGE string.
Usage:
Fixed - The hash for tag_security() needed the images and link renamed to a tag
name being used. Changed the image name to img and the link to url. Read
"Tag Security Levels" for more info.
Fixed - security for links was in method make_link and was causing an access issue
if used outside of the module. Made a new method to check link access now the
make_link method could be used outside of the module without the security access
in it, as intended.
Changed - forgot to say in version 4.05 that I changed the aubbc_error so a new line
will be added after each inserted error.
v4.05 - 04/05/2011
Addition - Assign security levels for links, images, built and code tags.
New subroutine names: security_levels, user_level, tag_security, check_access
Changed - The default value for $AUBBC::BAD_MESSAGE is now 'Unathorized'
Fixed - Bug with quote tag, needed to convert all its tags.
v4.03 - 02/03/2011
Addition - New Object method aubbc_error . Developers can now controle if or when
to handle errors, see the POD 'Error Message' for usage.
Fixed - All built-in tags only convert balanced tags so no unbalanced HTML can
be produced
Fixed - Bug in code_highlight a highlight regex needed to be changed after
version 4.01 to support the Parser style.
Improvement - Small restructure of add_build_tag and change the 'all' setting
of 'pattern' to allow more.
v4.02 - 11/28/2010
Fixed - The element ID for the code download started at 1 for every instance this
will force the browser to take priority to load the first ID it reads. The fix
starts the counter at 'time.$$.000' to try to produce a more unique ID for each
instance.
Fixed - under the code tag in do_ubbc line " $do_f[8] = '' if $do_f[8]; "
Fixed - Bug that converts the true text typed to the HTML code name.
All parts of the module where effected by this bug, in the code tag if the
author ment & #59 ; it would show ; . This also caused a long standing bug with
typing any HTML code name and saving it to a backend.
this fix removes the HTML code name regex in do_unicode and had to add/move two
filters in "script_escape to conver the & to an amp and ; to #59;" and
"html_to_text to conver amp to & and #59 to ;". This fix also helped in allowing
the regex's for highlighting subroutines to be made.
Fixed - had to add a null byte marker to escape_aubbc so the code tag's
highlighter can detect the escaped character and change it back. In do_all_ubbc
All markers get removed before the message is returned because FireFox can see
the null bytes as an error.
Addition - Perl subroutine highlighting for the code tag highlighter. Had a
problem making this till this version because a HTML code name can look like
&TheName; and a Perl subroutine looked the same till ; got converted.
Addition - AUBBC::make_image($align,$src,$width,$height,$alt) this is useful enough
to mention once.
Addition - New value for setting line_break 2 for old <br style. This effects script_escape.
Addition - This module now uses Memoize for a massive speed improvement.
If you thought it was fast before, I hope your sitting down when you bench this version. LOL
Addition - added setting highlight_function to replace the highlighting method
of AUBBC with a costume one.
Fixed - in do_ubbc the line breaks was invalidating HTML for List Block elements
Improvement - in do_all_ubbc changed defining $msg each time. there could have
been a bug in past versions if an undefined variable was used after a defined message was
converted. was going to allow do_all_ubbc to pass the last message but decided
other people may see that as a bug.
Improvement - in do_all_ubbc moved if $do_flag[4] for no_bypass to a better spot
Improvement - in do_all_ubbc moved if for for_links to a better spot
Improvement - changed tags left,right and center to only convert balanced tags
v3.00 - 09/14/2010
Improvement - made it balls to the wall faster.
v2.21 - 09/09/2010 16:32:34
Fixed - -withoutworldwriteables, bug with making an archive on windows to PAUSE.
v2.20 - 09/08/2010 19:40:55
Addition - in examples folder there is a bench.pl to test the speed and support
of all the Perl BBcode modules. BBCode::Parser Parse::BBCode HTML::BBCode HTML::BBReverse
Fixed - fixed a line break and new line sandbox bug
Improvement - Massive speed improvement to the hole module and no features lost.
changed new for faster loading, the module uses vars for some variables,
re-spaced the hole code.
v2.10 - 08/31/2010 11:17:13
Addition - adding type 4 to add_build_tag this will use style 3 but will work
different then the other built functions. Type 4 will print the text defined in
function and not point to a defined Perl subroutine.
Addition - added line_break setting to have control over the script_escape and
html_to_text methods converting html line break <br> and new line \n
Addition - added fix_amp this setting finds all the & that need to covert to the amp; html code name
so the w3c xhtml validation checks ok.
Addition - added no_img this setting will allow some control for using [img] tags
for security reasons
Fixed - bug in settings_prep when a setting gets changed html_type could change
Fixed - Better support for XHTML 1.0 Strict for some tags having issues in do_ubbc
Fixed - in do_ubbc the [url] tag produces a bug if a link is used as a name
the fix converts the period and/or colon of the name so its not seen as a new
link.
Improvement - in do_unicode removed then changed the two regexs to do a 3 in 1 filter.
Improvement - in html_to_text added a code to fix a <br> bug if ppl use html or xhtml line break.
Improvement - moved the pattern building code from do_build_tag to add_build_tag
so it only runs one time
Improvement - in add_build_tag using a hash array to store the build tag data so
there is no need to use split in do_build_tag
Improvement - in do_all_ubbc moved script_escape to a location where one call
Changed the regex in plain URL's
Removed bad patter setting and now using a more standard way to detect bad image tags
Fixed dynamic view in XHTML for the protect email method.
Added js_print method which will print out the javascript needed for the new protect email method
Added values for the code highlighter so it can support CSS classes
Added highlighting of variables and changed 2 quote regex to allow multi line quotes
and a few other things that make this 2.0
v1.30 - 09/08/2008 14:12:10
Fixed the function check in add_build_tag(), when the 1.20 changes where made this check was neglected
Edited add_build_tag() Error messages, hopefully they make more sense.
Now add_build_tag() name allows - and _ in it.
v1.20 - 09/07/2008 09:23:09
Fixed bug that bypassed utf tag converter if square bracket wasn't detected
Fixed Makefile.PL
examples/Database_Manipulation.cgi view on Meta::CPAN
=cut
# Start the module
use AUBBC;
my $aubbc = new AUBBC;
# script_escape will need to be disabled in the settings method and
# this will tell the do_all_ubbc method not to use script_escape!
#
# other settings can be changed here if needed.
$aubbc->settings(
script_escape => 0,
);
# Build your own tags can be added, est......
# This will be the data or users input from a HTML form to save to a backend.
# The message will have some characters that would normaly brake some database
# structures, cause risky errors or be html.
examples/Mixing_HTML_and_BBcode.cgi view on Meta::CPAN
=cut
# Start the module
use AUBBC;
my $aubbc = new AUBBC;
# script_escape will need to be disabled in the settings method and
# this will tell the do_all_ubbc method not to use script_escape!
#
# other settings can be changed here if needed.
$aubbc->settings(
script_escape => 0,
);
# Build your own tags can be added, est......
# This will be the data or Administrator input from a HTML form to save to a backend.
# The message will have some BBcode mixed in HTML and a home made tage for full
# AUBBC support is <aubbc> Full AUBBC support </aubbc>
( run in 0.592 second using v1.01-cache-2.11-cpan-c333fce770f )