X-Git-Url: https://git.cyclocoop.org/%27.WWW_URL.%27admin/?a=blobdiff_plain;f=includes%2FParser.php;h=5d5c4b4a111590dea58bfd75a41d5eb5584b0e99;hb=8da9fca6c03fa8b2ca8bc83f8704e1219aa3904d;hp=81e932a0c9edcadd9386df9dd2ab838df6290408;hpb=7925783923cb152c31457794df1779fecb5bb7a9;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/Parser.php b/includes/Parser.php index 81e932a0c9..5d5c4b4a11 100644 --- a/includes/Parser.php +++ b/includes/Parser.php @@ -15,7 +15,7 @@ require_once( 'HttpFunctions.php' ); * changes in an incompatible way, so the parser cache * can automatically discard old data. */ -define( 'MW_PARSER_VERSION', '1.5.0' ); +define( 'MW_PARSER_VERSION', '1.6.0' ); /** * Variable substitution O(N^2) attack @@ -43,18 +43,15 @@ define( 'OT_MSG' , 3 ); # may want to use in wikisyntax define( 'STRIP_COMMENTS', 'HTMLCommentStrip' ); -# prefix for escaping, used in two functions at least -define( 'UNIQ_PREFIX', 'NaodW29'); - # Constants needed for external link processing define( 'HTTP_PROTOCOLS', 'http:\/\/|https:\/\/' ); # Everything except bracket, space, or control characters -define( 'EXT_LINK_URL_CLASS', '[^]<>"\\x00-\\x20\\x7F]' ); +define( 'EXT_LINK_URL_CLASS', '[^][<>"\\x00-\\x20\\x7F]' ); # Including space define( 'EXT_LINK_TEXT_CLASS', '[^\]\\x00-\\x1F\\x7F]' ); define( 'EXT_IMAGE_FNAME_CLASS', '[A-Za-z0-9_.,~%\\-+&;#*?!=()@\\x80-\\xFF]' ); define( 'EXT_IMAGE_EXTENSIONS', 'gif|png|jpg|jpeg' ); -define( 'EXT_LINK_BRACKETED', '/\[(\b('.$wgUrlProtocols.')'.EXT_LINK_URL_CLASS.'+) *('.EXT_LINK_TEXT_CLASS.'*?)\]/S' ); +define( 'EXT_LINK_BRACKETED', '/\[(\b(' . wfUrlProtocols() . ')'.EXT_LINK_URL_CLASS.'+) *('.EXT_LINK_TEXT_CLASS.'*?)\]/S' ); define( 'EXT_IMAGE_REGEX', '/^('.HTTP_PROTOCOLS.')'. # Protocol '('.EXT_LINK_URL_CLASS.'+)\\/'. # Hostname and path @@ -76,7 +73,7 @@ define( 'EXT_IMAGE_REGEX', * performs brace substitution on MediaWiki messages * * Globals used: - * objects: $wgLang, $wgLinkCache + * objects: $wgLang * * NOT $wgArticle, $wgUser or $wgTitle. Keep them away! * @@ -101,16 +98,18 @@ class Parser # Cleared with clearState(): var $mOutput, $mAutonumber, $mDTopen, $mStripState = array(); var $mVariables, $mIncludeCount, $mArgStack, $mLastSection, $mInPre; - var $mInterwikiLinkHolders, $mLinkHolders; + var $mInterwikiLinkHolders, $mLinkHolders, $mUniqPrefix; # Temporary: - var $mOptions, $mTitle, $mOutputType, + var $mOptions, // ParserOptions object + $mTitle, // Title context, used for self-link rendering and similar things + $mOutputType, // Output type, one of the OT_xxx constants $mTemplates, // cache of already loaded templates, avoids // multiple SQL queries for the same string - $mTemplatePath; // stores an unsorted hash of all the templates already loaded + $mTemplatePath, // stores an unsorted hash of all the templates already loaded // in this path. Used for loop detection. - - var $mIWTransData = array(); + $mIWTransData = array(), + $mRevisionId; // ID to display in {{REVISIONID}} tags /**#@-*/ @@ -120,7 +119,6 @@ class Parser * @access public */ function Parser() { - global $wgContLang; $this->mTemplates = array(); $this->mTemplatePath = array(); $this->mTagHooks = array(); @@ -153,11 +151,24 @@ class Parser 'texts' => array(), 'titles' => array() ); + $this->mRevisionId = null; + $this->mUniqPrefix = 'UNIQ' . Parser::getRandomString(); + + wfRunHooks( 'ParserClearState', array( &$this ) ); + } + + /** + * Accessor for mUniqPrefix. + * + * @access public + */ + function UniqPrefix() { + return $this->mUniqPrefix; } /** - * First pass--just handle sections, pass the rest off - * to internalParse() which does all the real work. + * Convert wikitext to HTML + * Do not call this function recursively. * * @access private * @param string $text Text we want to parse @@ -165,10 +176,16 @@ class Parser * @param array $options * @param boolean $linestart * @param boolean $clearState + * @param int $revid number to pass in {{REVISIONID}} * @return ParserOutput a ParserOutput */ - function parse( $text, &$title, $options, $linestart = true, $clearState = true ) { - global $wgUseTidy, $wgContLang; + function parse( $text, &$title, $options, $linestart = true, $clearState = true, $revid = null ) { + /** + * First pass--just handle sections, pass the rest off + * to internalParse() which does all the real work. + */ + + global $wgUseTidy, $wgAlwaysUseTidy, $wgContLang; $fname = 'Parser::parse'; wfProfileIn( $fname ); @@ -178,6 +195,7 @@ class Parser $this->mOptions = $options; $this->mTitle =& $title; + $this->mRevisionId = $revid; $this->mOutputType = OT_HTML; $this->mStripState = NULL; @@ -190,6 +208,12 @@ class Parser $text = $this->strip( $text, $x ); wfRunHooks( 'ParserAfterStrip', array( &$this, &$text, &$x ) ); + # Hook to suspend the parser in this state + if ( !wfRunHooks( 'ParserBeforeInternalParse', array( &$this, &$text, &$x ) ) ) { + wfProfileOut( $fname ); + return $text ; + } + $text = $this->internalParse( $text ); $text = $this->unstrip( $text, $this->mStripState ); @@ -221,8 +245,8 @@ class Parser wfRunHooks( 'ParserBeforeTidy', array( &$this, &$text ) ); $text = Sanitizer::normalizeCharReferences( $text ); - global $wgUseTidy; - if ($wgUseTidy) { + + if (($wgUseTidy and $this->mOptions->mTidy) or $wgAlwaysUseTidy) { $text = Parser::tidy($text); } @@ -230,6 +254,7 @@ class Parser $this->mOutput->setText( $text ); wfProfileOut( $fname ); + return $this->mOutput; } @@ -273,35 +298,42 @@ class Parser } if( $tag == STRIP_COMMENTS ) { - $start = '//'; } else { - $start = "/<$tag(\\s+[^>]*|\\s*)>/i"; + $start = "/<$tag(\\s+[^\\/>]*|\\s*)(\\/?)>/i"; $end = "/<\\/$tag\\s*>/i"; } while ( '' != $text ) { $p = preg_split( $start, $text, 2, PREG_SPLIT_DELIM_CAPTURE ); $stripped .= $p[0]; - if( count( $p ) < 3 ) { + if( count( $p ) < 4 ) { break; } $attributes = $p[1]; - $inside = $p[2]; + $empty = $p[2]; + $inside = $p[3]; $marker = $rnd . sprintf('%08X', $n++); $stripped .= $marker; - $tags[$marker] = "<$tag$attributes>"; + $tags[$marker] = "<$tag$attributes$empty>"; $params[$marker] = Sanitizer::decodeTagAttributes( $attributes ); - $q = preg_split( $end, $inside, 2 ); - $content[$marker] = $q[0]; - if( count( $q ) < 2 ) { - # No end tag -- let it run out to the end of the text. - break; + if ( $empty === '/' ) { + // Empty element tag, + $content[$marker] = null; + $text = $inside; } else { - $text = $q[1]; + $q = preg_split( $end, $inside, 2 ); + $content[$marker] = $q[0]; + if( count( $q ) < 2 ) { + # No end tag -- let it run out to the end of the text. + break; + } else { + $text = $q[1]; + } } } return $stripped; @@ -349,7 +381,7 @@ class Parser $gallery_content = array(); # Replace any instances of the placeholders - $uniq_prefix = UNIQ_PREFIX; + $uniq_prefix = $this->mUniqPrefix; #$text = str_replace( $uniq_prefix, wfHtmlEscapeFirst( $uniq_prefix ), $text ); # html @@ -403,7 +435,7 @@ class Parser foreach( $gallery_content as $marker => $content ) { require_once( 'ImageGallery.php' ); if ( $render ) { - $gallery_content[$marker] = Parser::renderImageGallery( $content ); + $gallery_content[$marker] = $this->renderImageGallery( $content ); } else { $gallery_content[$marker] = ''.$content.''; } @@ -425,10 +457,15 @@ class Parser foreach( $ext_content[$tag] as $marker => $content ) { $full_tag = $ext_tags[$tag][$marker]; $params = $ext_params[$tag][$marker]; - if ( $render ) { - $ext_content[$tag][$marker] = $callback( $content, $params, $this ); - } else { - $ext_content[$tag][$marker] = "$full_tag$content"; + if ( $render ) + $ext_content[$tag][$marker] = call_user_func_array( $callback, array( $content, $params, &$this ) ); + else { + if ( is_null( $content ) ) { + // Empty element tag + $ext_content[$tag][$marker] = $full_tag; + } else { + $ext_content[$tag][$marker] = "$full_tag$content"; + } } } } @@ -470,13 +507,12 @@ class Parser if ( !is_array( $state ) ) { return $text; } - + # Must expand in reverse order, otherwise nested tags will be corrupted - $contentDict = end( $state ); - for ( $contentDict = end( $state ); $contentDict !== false; $contentDict = prev( $state ) ) { - if( key($state) != 'nowiki' && key($state) != 'html') { - for ( $content = end( $contentDict ); $content !== false; $content = prev( $contentDict ) ) { - $text = str_replace( key( $contentDict ), $content, $text ); + foreach( array_reverse( $state, true ) as $tag => $contentDict ) { + if( $tag != 'nowiki' && $tag != 'html' ) { + foreach( array_reverse( $contentDict, true ) as $uniq => $content ) { + $text = str_replace( $uniq, $content, $text ); } } } @@ -517,7 +553,7 @@ class Parser * @access private */ function insertStripItem( $text, &$state ) { - $rnd = UNIQ_PREFIX . '-item' . Parser::getRandomString(); + $rnd = $this->mUniqPrefix . '-item' . Parser::getRandomString(); if ( !$state ) { $state = array( 'html' => array(), @@ -656,7 +692,7 @@ class Parser $fc = substr ( $x , 0 , 1 ) ; if ( preg_match( '/^(:*)\{\|(.*)$/', $x, $matches ) ) { $indent_level = strlen( $matches[1] ); - + $attributes = $this->unstripForHTML( $matches[2] ); $t[$k] = str_repeat( '
', $indent_level ) . @@ -767,6 +803,7 @@ class Parser wfProfileIn( $fname ); # Remove tags and sections + $text = strtr( $text, array( '' => '' , '' => '' ) ); $text = strtr( $text, array( '' => '', '' => '') ); $text = preg_replace( '/.*?<\/includeonly>/s', '', $text ); @@ -786,7 +823,7 @@ class Parser # replaceInternalLinks may sometimes leave behind # absolute URLs, which have to be masked to hide them from replaceExternalLinks - $text = str_replace(UNIQ_PREFIX."NOPARSE", "", $text); + $text = str_replace($this->mUniqPrefix."NOPARSE", "", $text); $text = $this->doMagicLinks( $text ); $text = $this->doTableStuff( $text ); @@ -817,19 +854,6 @@ class Parser return $text; } - /** - * Parse ^^ tokens and return html - * - * @access private - */ - function doExponent( $text ) { - $fname = 'Parser::doExponent'; - wfProfileIn( $fname ); - $text = preg_replace('/\^\^(.*)\^\^/','\\1', $text); - wfProfileOut( $fname ); - return $text; - } - /** * Parse headers and return html * @@ -839,7 +863,7 @@ class Parser $fname = 'Parser::doHeadings'; wfProfileIn( $fname ); for ( $i = 6; $i >= 1; --$i ) { - $h = substr( '======', 0, $i ); + $h = str_repeat( '=', $i ); $text = preg_replace( "/^{$h}(.+){$h}(\\s|$)/m", "\\1\\2", $text ); } @@ -1097,19 +1121,23 @@ class Parser # Replace & from obsolete syntax with &. # All HTML entities will be escaped by makeExternalLink() - # or maybeMakeExternalImage() $url = str_replace( '&', '&', $url ); + # Replace unnecessary URL escape codes with the referenced character + # This prevents spammers from hiding links from the filters + $url = Parser::replaceUnusualEscapes( $url ); # Process the trail (i.e. everything after this link up until start of the next link), # replacing any non-bracketed links $trail = $this->replaceFreeExternalLinks( $trail ); - # Use the encoded URL # This means that users can paste URLs directly into the text # Funny characters like ö aren't valid in URLs anyway # This was changed in August 2004 $s .= $sk->makeExternalLink( $url, $text, false, $linktype ) . $dtrail . $trail; + + # Register link in the output object + $this->mOutput->addExternalLink( $url ); } wfProfileOut( $fname ); @@ -1121,12 +1149,11 @@ class Parser * @access private */ function replaceFreeExternalLinks( $text ) { - global $wgUrlProtocols; global $wgContLang; $fname = 'Parser::replaceFreeExternalLinks'; wfProfileIn( $fname ); - $bits = preg_split( '/(\b(?:'.$wgUrlProtocols.'))/S', $text, -1, PREG_SPLIT_DELIM_CAPTURE ); + $bits = preg_split( '/(\b(?:' . wfUrlProtocols() . '))/S', $text, -1, PREG_SPLIT_DELIM_CAPTURE ); $s = array_shift( $bits ); $i = 0; @@ -1166,12 +1193,16 @@ class Parser # All HTML entities will be escaped by makeExternalLink() # or maybeMakeExternalImage() $url = str_replace( '&', '&', $url ); + # Replace unnecessary URL escape codes with their equivalent characters + $url = Parser::replaceUnusualEscapes( $url ); # Is this an external image? $text = $this->maybeMakeExternalImage( $url ); if ( $text === false ) { # Not an image, make a link $text = $sk->makeExternalLink( $url, $wgContLang->markNoConversion($url), true, 'free' ); + # Register it in the output object + $this->mOutput->addExternalLink( $url ); } $s .= $text . $trail; } else { @@ -1183,13 +1214,47 @@ class Parser } /** - * make an image if it's allowed + * Replace unusual URL escape codes with their equivalent characters + * @param string + * @return string + * @static + */ + function replaceUnusualEscapes( $url ) { + return preg_replace_callback( '/%[0-9A-Fa-f]{2}/', + array( 'Parser', 'replaceUnusualEscapesCallback' ), $url ); + } + + /** + * Callback function used in replaceUnusualEscapes(). + * Replaces unusual URL escape codes with their equivalent character + * @static + * @access private + */ + function replaceUnusualEscapesCallback( $matches ) { + $char = urldecode( $matches[0] ); + $ord = ord( $char ); + // Is it an unsafe or HTTP reserved character according to RFC 1738? + if ( $ord > 32 && $ord < 127 && strpos( '<>"#{}|\^~[]`;/?', $char ) === false ) { + // No, shouldn't be escaped + return $char; + } else { + // Yes, leave it escaped + return $matches[0]; + } + } + + /** + * make an image if it's allowed, either through the global + * option or through the exception * @access private */ function maybeMakeExternalImage( $url ) { $sk =& $this->mOptions->getSkin(); + $imagesfrom = $this->mOptions->getAllowExternalImagesFrom(); + $imagesexception = !empty($imagesfrom); $text = false; - if ( $this->mOptions->getAllowExternalImages() ) { + if ( $this->mOptions->getAllowExternalImages() + || ( $imagesexception && strpos( $url, $imagesfrom ) === 0 ) ) { if ( preg_match( EXT_IMAGE_REGEX, $url ) ) { # Image found $text = $sk->makeExternalImage( htmlspecialchars( $url ) ); @@ -1204,7 +1269,7 @@ class Parser * @access private */ function replaceInternalLinks( $s ) { - global $wgContLang, $wgLinkCache, $wgUrlProtocols; + global $wgContLang; static $fname = 'Parser::replaceInternalLinks' ; wfProfileIn( $fname ); @@ -1306,7 +1371,7 @@ class Parser # Don't allow internal links to pages containing # PROTO: where PROTO is a valid URL protocol; these # should be external links. - if (preg_match('/^(\b(?:'.$wgUrlProtocols.'))/', $m[1])) { + if (preg_match('/^(\b(?:' . wfUrlProtocols() . '))/', $m[1])) { $s .= $prefix . '[[' . $line ; continue; } @@ -1386,7 +1451,7 @@ class Parser # Interwikis if( $iw && $this->mOptions->getInterwikiMagic() && $nottalk && $wgContLang->getLanguageName( $iw ) ) { - array_push( $this->mOutput->mLanguageLinks, $nt->getFullText() ); + $this->mOutput->addLanguageLink( $nt->getFullText() ); $s = rtrim($s . "\n"); $s .= trim($prefix . $trail, "\n") == '' ? '': $prefix . $trail; continue; @@ -1402,8 +1467,8 @@ class Parser $text = $this->replaceInternalLinks($text); # cloak any absolute URLs inside the image markup, so replaceExternalLinks() won't touch them - $s .= $prefix . preg_replace("/\b($wgUrlProtocols)/", UNIQ_PREFIX."NOPARSE$1", $this->makeImage( $nt, $text) ) . $trail; - $wgLinkCache->addImageLinkObj( $nt ); + $s .= $prefix . $this->armorLinks( $this->makeImage( $nt, $text ) ) . $trail; + $this->mOutput->addImage( $nt->getDBkey() ); wfProfileOut( "$fname-image" ); continue; @@ -1414,13 +1479,8 @@ class Parser if ( $ns == NS_CATEGORY ) { wfProfileIn( "$fname-category" ); - $t = $wgContLang->convertHtml( $nt->getText() ); $s = rtrim($s . "\n"); # bug 87 - $wgLinkCache->suspend(); # Don't save in links/brokenlinks - $t = $sk->makeLinkObj( $nt, $t, '', '' , $prefix ); - $wgLinkCache->resume(); - if ( $wasblank ) { if ( $this->mTitle->getNamespace() == NS_CATEGORY ) { $sortkey = $this->mTitle->getText(); @@ -1430,9 +1490,9 @@ class Parser } else { $sortkey = $text; } + $sortkey = Sanitizer::decodeCharReferences( $sortkey ); $sortkey = $wgContLang->convertCategoryKey( $sortkey ); - $wgLinkCache->addCategoryLinkObj( $nt, $sortkey ); - $this->mOutput->addCategoryLink( $t ); + $this->mOutput->addCategory( $nt->getDBkey(), $sortkey ); /** * Strip the whitespace Category links produce, see bug 87 @@ -1454,12 +1514,23 @@ class Parser # Special and Media are pseudo-namespaces; no pages actually exist in them if( $ns == NS_MEDIA ) { - $s .= $prefix . $sk->makeMediaLinkObj( $nt, $text, true ) . $trail; - $wgLinkCache->addImageLinkObj( $nt ); + $link = $sk->makeMediaLinkObj( $nt, $text ); + # Cloak with NOPARSE to avoid replacement in replaceExternalLinks + $s .= $prefix . $this->armorLinks( $link ) . $trail; + $this->mOutput->addImage( $nt->getDBkey() ); continue; } elseif( $ns == NS_SPECIAL ) { - $s .= $prefix . $sk->makeKnownLinkObj( $nt, $text, '', $trail ); + $s .= $this->makeKnownLinkHolder( $nt, $text, '', $trail, $prefix ); continue; + } elseif( $ns == NS_IMAGE ) { + $img = Image::newFromTitle( $nt ); + if( $img->exists() ) { + // Force a blue link if the file exists; may be a remote + // upload on the shared repository, and we want to see its + // auto-generated page. + $s .= $this->makeKnownLinkHolder( $nt, $text, '', $trail, $prefix ); + continue; + } } $s .= $this->makeLinkHolder( $nt, $text, '', $trail, $prefix ); } @@ -1499,6 +1570,44 @@ class Parser return $retVal; } + /** + * Render a forced-blue link inline; protect against double expansion of + * URLs if we're in a mode that prepends full URL prefixes to internal links. + * Since this little disaster has to split off the trail text to avoid + * breaking URLs in the following text without breaking trails on the + * wiki links, it's been made into a horrible function. + * + * @param Title $nt + * @param string $text + * @param string $query + * @param string $trail + * @param string $prefix + * @return string HTML-wikitext mix oh yuck + */ + function makeKnownLinkHolder( $nt, $text = '', $query = '', $trail = '', $prefix = '' ) { + list( $inside, $trail ) = Linker::splitTrail( $trail ); + $sk =& $this->mOptions->getSkin(); + $link = $sk->makeKnownLinkObj( $nt, $text, $query, $inside, $prefix ); + return $this->armorLinks( $link ) . $trail; + } + + /** + * Insert a NOPARSE hacky thing into any inline links in a chunk that's + * going to go through further parsing steps before inline URL expansion. + * + * In particular this is important when using action=render, which causes + * full URLs to be included. + * + * Oh man I hate our multi-layer parser! + * + * @param string more-or-less HTML + * @return string less-or-more HTML with NOPARSE bits + */ + function armorLinks( $text ) { + return preg_replace( "/\b(" . wfUrlProtocols() . ')/', + "{$this->mUniqPrefix}NOPARSE$1", $text ); + } + /** * Return true if subpage links should be expanded on this page. * @return bool @@ -1745,12 +1854,11 @@ class Parser if( 0 == $prefixLength ) { wfProfileIn( "$fname-paragraph" ); # No prefix (not in list)--go to paragraph mode - $uniq_prefix = UNIQ_PREFIX; // XXX: use a stack for nestable elements like span, table and div $openmatch = preg_match('/(mUniqPrefix.'-pre|<\\/li|<\\/ul)/iS', $t ); if ( $openmatch or $closematch ) { $paragraphStack = false; $output .= $this->closeParagraph(); @@ -1868,45 +1976,59 @@ class Parser * @access private */ function getVariableValue( $index ) { - global $wgContLang, $wgSitename, $wgServer, $wgServerName, $wgArticle, $wgScriptPath; + global $wgContLang, $wgSitename, $wgServer, $wgServerName, $wgScriptPath; /** * Some of these require message or data lookups and can be * expensive to check many times. */ static $varCache = array(); - if( isset( $varCache[$index] ) ) return $varCache[$index]; + if ( wfRunHooks( 'ParserGetVariableValueVarCache', array( &$this, &$varCache ) ) ) + if ( isset( $varCache[$index] ) ) + return $varCache[$index]; + + $ts = time(); + wfRunHooks( 'ParserGetVariableValueTs', array( &$this, &$ts ) ); switch ( $index ) { case MAG_CURRENTMONTH: - return $varCache[$index] = $wgContLang->formatNum( date( 'm' ) ); + return $varCache[$index] = $wgContLang->formatNum( date( 'm', $ts ) ); case MAG_CURRENTMONTHNAME: - return $varCache[$index] = $wgContLang->getMonthName( date('n') ); + return $varCache[$index] = $wgContLang->getMonthName( date( 'n', $ts ) ); case MAG_CURRENTMONTHNAMEGEN: - return $varCache[$index] = $wgContLang->getMonthNameGen( date('n') ); + return $varCache[$index] = $wgContLang->getMonthNameGen( date( 'n', $ts ) ); case MAG_CURRENTMONTHABBREV: - return $varCache[$index] = $wgContLang->getMonthAbbreviation( date('n') ); + return $varCache[$index] = $wgContLang->getMonthAbbreviation( date( 'n', $ts ) ); case MAG_CURRENTDAY: - return $varCache[$index] = $wgContLang->formatNum( date('j') ); + return $varCache[$index] = $wgContLang->formatNum( date( 'j', $ts ) ); + case MAG_CURRENTDAY2: + return $varCache[$index] = $wgContLang->formatNum( date( 'd', $ts ) ); case MAG_PAGENAME: return $this->mTitle->getText(); case MAG_PAGENAMEE: return $this->mTitle->getPartialURL(); + case MAG_FULLPAGENAME: + return $this->mTitle->getPrefixedText(); + case MAG_FULLPAGENAMEE: + return $this->mTitle->getPrefixedURL(); case MAG_REVISIONID: - return $wgArticle->getRevIdFetched(); + return $this->mRevisionId; case MAG_NAMESPACE: - # return Namespace::getCanonicalName($this->mTitle->getNamespace()); - return $wgContLang->getNsText($this->mTitle->getNamespace()); # Patch by Dori + return $wgContLang->getNsText( $this->mTitle->getNamespace() ); + case MAG_NAMESPACEE: + return wfUrlencode( $wgContLang->getNsText( $this->mTitle->getNamespace() ) ); case MAG_CURRENTDAYNAME: - return $varCache[$index] = $wgContLang->getWeekdayName( date('w')+1 ); + return $varCache[$index] = $wgContLang->getWeekdayName( date( 'w', $ts ) + 1 ); case MAG_CURRENTYEAR: - return $varCache[$index] = $wgContLang->formatNum( date( 'Y' ), true ); + return $varCache[$index] = $wgContLang->formatNum( date( 'Y', $ts ), true ); case MAG_CURRENTTIME: - return $varCache[$index] = $wgContLang->time( wfTimestampNow(), false ); + return $varCache[$index] = $wgContLang->time( wfTimestamp( TS_MW, $ts ), false, false ); case MAG_CURRENTWEEK: - return $varCache[$index] = $wgContLang->formatNum( date('W') ); + // @bug 4594 PHP5 has it zero padded, PHP4 does not, cast to + // int to remove the padding + return $varCache[$index] = $wgContLang->formatNum( (int)date( 'W', $ts ) ); case MAG_CURRENTDOW: - return $varCache[$index] = $wgContLang->formatNum( date('w') ); + return $varCache[$index] = $wgContLang->formatNum( date( 'w', $ts ) ); case MAG_NUMBEROFARTICLES: return $varCache[$index] = $wgContLang->formatNum( wfNumberOfArticles() ); case MAG_NUMBEROFFILES: @@ -1920,7 +2042,11 @@ class Parser case MAG_SCRIPTPATH: return $wgScriptPath; default: - return NULL; + $ret = null; + if ( wfRunHooks( 'ParserGetVariableValueSwitch', array( &$this, &$varCache, &$index, &$ret ) ) ) + return $ret; + else + return null; } } @@ -1941,6 +2067,180 @@ class Parser wfProfileOut( $fname ); } + /** + * parse any parentheses in format ((title|part|part)) + * and call callbacks to get a replacement text for any found piece + * + * @param string $text The text to parse + * @param array $callbacks rules in form: + * '{' => array( # opening parentheses + * 'end' => '}', # closing parentheses + * 'cb' => array(2 => callback, # replacement callback to call if {{..}} is found + * 4 => callback # replacement callback to call if {{{{..}}}} is found + * ) + * ) + * @access private + */ + function replace_callback ($text, $callbacks) { + $openingBraceStack = array(); # this array will hold a stack of parentheses which are not closed yet + $lastOpeningBrace = -1; # last not closed parentheses + + for ($i = 0; $i < strlen($text); $i++) { + # check for any opening brace + $rule = null; + $nextPos = -1; + foreach ($callbacks as $key => $value) { + $pos = strpos ($text, $key, $i); + if (false !== $pos && (-1 == $nextPos || $pos < $nextPos)) { + $rule = $value; + $nextPos = $pos; + } + } + + if ($lastOpeningBrace >= 0) { + $pos = strpos ($text, $openingBraceStack[$lastOpeningBrace]['braceEnd'], $i); + + if (false !== $pos && (-1 == $nextPos || $pos < $nextPos)){ + $rule = null; + $nextPos = $pos; + } + + $pos = strpos ($text, '|', $i); + + if (false !== $pos && (-1 == $nextPos || $pos < $nextPos)){ + $rule = null; + $nextPos = $pos; + } + } + + if ($nextPos == -1) + break; + + $i = $nextPos; + + # found openning brace, lets add it to parentheses stack + if (null != $rule) { + $piece = array('brace' => $text[$i], + 'braceEnd' => $rule['end'], + 'count' => 1, + 'title' => '', + 'parts' => null); + + # count openning brace characters + while ($i+1 < strlen($text) && $text[$i+1] == $piece['brace']) { + $piece['count']++; + $i++; + } + + $piece['startAt'] = $i+1; + $piece['partStart'] = $i+1; + + # we need to add to stack only if openning brace count is enough for any given rule + foreach ($rule['cb'] as $cnt => $fn) { + if ($piece['count'] >= $cnt) { + $lastOpeningBrace ++; + $openingBraceStack[$lastOpeningBrace] = $piece; + break; + } + } + + continue; + } + else if ($lastOpeningBrace >= 0) { + # first check if it is a closing brace + if ($openingBraceStack[$lastOpeningBrace]['braceEnd'] == $text[$i]) { + # lets check if it is enough characters for closing brace + $count = 1; + while ($i+$count < strlen($text) && $text[$i+$count] == $text[$i]) + $count++; + + # if there are more closing parentheses than opening ones, we parse less + if ($openingBraceStack[$lastOpeningBrace]['count'] < $count) + $count = $openingBraceStack[$lastOpeningBrace]['count']; + + # check for maximum matching characters (if there are 5 closing characters, we will probably need only 3 - depending on the rules) + $matchingCount = 0; + $matchingCallback = null; + foreach ($callbacks[$openingBraceStack[$lastOpeningBrace]['brace']]['cb'] as $cnt => $fn) { + if ($count >= $cnt && $matchingCount < $cnt) { + $matchingCount = $cnt; + $matchingCallback = $fn; + } + } + + if ($matchingCount == 0) { + $i += $count - 1; + continue; + } + + # lets set a title or last part (if '|' was found) + if (null === $openingBraceStack[$lastOpeningBrace]['parts']) + $openingBraceStack[$lastOpeningBrace]['title'] = substr($text, $openingBraceStack[$lastOpeningBrace]['partStart'], $i - $openingBraceStack[$lastOpeningBrace]['partStart']); + else + $openingBraceStack[$lastOpeningBrace]['parts'][] = substr($text, $openingBraceStack[$lastOpeningBrace]['partStart'], $i - $openingBraceStack[$lastOpeningBrace]['partStart']); + + $pieceStart = $openingBraceStack[$lastOpeningBrace]['startAt'] - $matchingCount; + $pieceEnd = $i + $matchingCount; + + if( is_callable( $matchingCallback ) ) { + $cbArgs = array ( + 'text' => substr($text, $pieceStart, $pieceEnd - $pieceStart), + 'title' => trim($openingBraceStack[$lastOpeningBrace]['title']), + 'parts' => $openingBraceStack[$lastOpeningBrace]['parts'], + 'lineStart' => (($pieceStart > 0) && ($text[$pieceStart-1] == '\n')), + ); + # finally we can call a user callback and replace piece of text + $replaceWith = call_user_func( $matchingCallback, $cbArgs ); + $text = substr($text, 0, $pieceStart) . $replaceWith . substr($text, $pieceEnd); + $i = $pieceStart + strlen($replaceWith) - 1; + } + else { + # null value for callback means that parentheses should be parsed, but not replaced + $i += $matchingCount - 1; + } + + # reset last openning parentheses, but keep it in case there are unused characters + $piece = array('brace' => $openingBraceStack[$lastOpeningBrace]['brace'], + 'braceEnd' => $openingBraceStack[$lastOpeningBrace]['braceEnd'], + 'count' => $openingBraceStack[$lastOpeningBrace]['count'], + 'title' => '', + 'parts' => null, + 'startAt' => $openingBraceStack[$lastOpeningBrace]['startAt']); + $openingBraceStack[$lastOpeningBrace--] = null; + + if ($matchingCount < $piece['count']) { + $piece['count'] -= $matchingCount; + $piece['startAt'] -= $matchingCount; + $piece['partStart'] = $piece['startAt']; + # do we still qualify for any callback with remaining count? + foreach ($callbacks[$piece['brace']]['cb'] as $cnt => $fn) { + if ($piece['count'] >= $cnt) { + $lastOpeningBrace ++; + $openingBraceStack[$lastOpeningBrace] = $piece; + break; + } + } + } + continue; + } + + # lets set a title if it is a first separator, or next part otherwise + if ($text[$i] == '|') { + if (null === $openingBraceStack[$lastOpeningBrace]['parts']) { + $openingBraceStack[$lastOpeningBrace]['title'] = substr($text, $openingBraceStack[$lastOpeningBrace]['partStart'], $i - $openingBraceStack[$lastOpeningBrace]['partStart']); + $openingBraceStack[$lastOpeningBrace]['parts'] = array(); + } + else + $openingBraceStack[$lastOpeningBrace]['parts'][] = substr($text, $openingBraceStack[$lastOpeningBrace]['partStart'], $i - $openingBraceStack[$lastOpeningBrace]['partStart']); + + $openingBraceStack[$lastOpeningBrace]['partStart'] = $i + 1; + } + } + } + + return $text; + } + /** * Replace magic variables, templates, and template arguments * with the appropriate text. Templates are substituted recursively, @@ -1956,7 +2256,6 @@ class Parser * @access private */ function replaceVariables( $text, $args = array() ) { - # Prevent too big inclusions if( strlen( $text ) > MAX_INCLUDE_SIZE ) { return $text; @@ -1965,21 +2264,18 @@ class Parser $fname = 'Parser::replaceVariables'; wfProfileIn( $fname ); - $titleChars = Title::legalChars(); - # This function is called recursively. To keep track of arguments we need a stack: array_push( $this->mArgStack, $args ); - # Variable substitution - $text = preg_replace_callback( "/{{([$titleChars]*?)}}/", array( &$this, 'variableSubstitution' ), $text ); - + $braceCallbacks = array(); + $braceCallbacks[2] = array( &$this, 'braceSubstitution' ); if ( $this->mOutputType == OT_HTML || $this->mOutputType == OT_WIKI ) { - # Argument substitution - $text = preg_replace_callback( "/{{{([$titleChars]*?)}}}/", array( &$this, 'argSubstitution' ), $text ); + $braceCallbacks[3] = array( &$this, 'argSubstitution' ); } - # Template substitution - $regex = '/(\\n|{)?{{(['.$titleChars.']*)(\\|.*?|)}}/s'; - $text = preg_replace_callback( $regex, array( &$this, 'braceSubstitution' ), $text ); + $callbacks = array(); + $callbacks['{'] = array('end' => '}', 'cb' => $braceCallbacks); + $callbacks['['] = array('end' => ']', 'cb' => array(2=>null)); + $text = $this->replace_callback ($text, $callbacks); array_pop( $this->mArgStack ); @@ -1992,7 +2288,7 @@ class Parser * @access private */ function variableSubstitution( $matches ) { - $fname = 'parser::variableSubstitution'; + $fname = 'Parser::variableSubstitution'; $varname = $matches[1]; wfProfileIn( $fname ); if ( !$this->mVariables ) { @@ -2048,44 +2344,46 @@ class Parser * Return the text of a template, after recursively * replacing any variables or templates within the template. * - * @param array $matches The parts of the template - * $matches[1]: the title, i.e. the part before the | - * $matches[2]: the parameters (including a leading |), if any + * @param array $piece The parts of the template + * $piece['text']: matched text + * $piece['title']: the title, i.e. the part before the | + * $piece['parts']: the parameter array * @return string the text of the template * @access private */ - function braceSubstitution( $matches ) { - global $wgLinkCache, $wgContLang; + function braceSubstitution( $piece ) { + global $wgContLang; $fname = 'Parser::braceSubstitution'; wfProfileIn( $fname ); $found = false; $nowiki = false; $noparse = false; + $replaceHeadings = false; + $isHTML = false; $title = NULL; - # Need to know if the template comes at the start of a line, - # to treat the beginning of the template like the beginning - # of a line for tables and block-level elements. - $linestart = $matches[1]; + $linestart = ''; # $part1 is the bit before the first |, and must contain only title characters # $args is a list of arguments, starting from index 0, not including $part1 - $part1 = $matches[2]; + $part1 = $piece['title']; # If the third subpattern matched anything, it will start with | - $args = $this->getTemplateArgs($matches[3]); - $argc = count( $args ); - - # Don't parse {{{}}} because that's only for template arguments - if ( $linestart === '{' ) { - $text = $matches[0]; - $found = true; - $noparse = true; + if (null == $piece['parts']) { + $replaceWith = $this->variableSubstitution (array ($piece['text'], $piece['title'])); + if ($replaceWith != $piece['text']) { + $text = $replaceWith; + $found = true; + $noparse = true; + } } + $args = (null == $piece['parts']) ? array() : $piece['parts']; + $argc = count( $args ); + # SUBST if ( !$found ) { $mwSubst =& MagicWord::get( MAG_SUBST ); @@ -2094,7 +2392,7 @@ class Parser # 1) Found SUBST but not in the PST phase # 2) Didn't find SUBST and in the PST phase # In either case, return without further processing - $text = $matches[0]; + $text = $piece['text']; $found = true; $noparse = true; } @@ -2127,7 +2425,7 @@ class Parser # Check for NS: (namespace expansion) $mwNs = MagicWord::get( MAG_NS ); if ( $mwNs->matchStartAndRemove( $part1 ) ) { - if ( intval( $part1 ) ) { + if ( intval( $part1 ) || $part1 == "0" ) { $text = $linestart . $wgContLang->getNsText( intval( $part1 ) ); $found = true; } else { @@ -2140,20 +2438,48 @@ class Parser } } - # LOCALURL and LOCALURLE + # LCFIRST, UCFIRST, LC and UC if ( !$found ) { - $mwLocal = MagicWord::get( MAG_LOCALURL ); - $mwLocalE = MagicWord::get( MAG_LOCALURLE ); + $lcfirst =& MagicWord::get( MAG_LCFIRST ); + $ucfirst =& MagicWord::get( MAG_UCFIRST ); + $lc =& MagicWord::get( MAG_LC ); + $uc =& MagicWord::get( MAG_UC ); + if ( $lcfirst->matchStartAndRemove( $part1 ) ) { + $text = $linestart . $wgContLang->lcfirst( $part1 ); + $found = true; + } else if ( $ucfirst->matchStartAndRemove( $part1 ) ) { + $text = $linestart . $wgContLang->ucfirst( $part1 ); + $found = true; + } else if ( $lc->matchStartAndRemove( $part1 ) ) { + $text = $linestart . $wgContLang->lc( $part1 ); + $found = true; + } else if ( $uc->matchStartAndRemove( $part1 ) ) { + $text = $linestart . $wgContLang->uc( $part1 ); + $found = true; + } + } + + # LOCALURL and FULLURL + if ( !$found ) { + $mwLocal =& MagicWord::get( MAG_LOCALURL ); + $mwLocalE =& MagicWord::get( MAG_LOCALURLE ); + $mwFull =& MagicWord::get( MAG_FULLURL ); + $mwFullE =& MagicWord::get( MAG_FULLURLE ); + if ( $mwLocal->matchStartAndRemove( $part1 ) ) { $func = 'getLocalURL'; } elseif ( $mwLocalE->matchStartAndRemove( $part1 ) ) { $func = 'escapeLocalURL'; + } elseif ( $mwFull->matchStartAndRemove( $part1 ) ) { + $func = 'getFullURL'; + } elseif ( $mwFullE->matchStartAndRemove( $part1 ) ) { + $func = 'escapeFullURL'; } else { - $func = ''; + $func = false; } - if ( $func !== '' ) { + if ( $func !== false ) { $title = Title::newFromText( $part1 ); if ( !is_null( $title ) ) { if ( $argc > 0 ) { @@ -2197,7 +2523,7 @@ class Parser $noparse = true; $found = true; $text = $linestart . - "\{\{$part1}}" . + '{{' . $part1 . '}}' . ''; wfDebug( "$fname: template loop broken at '$part1'\n" ); } else { @@ -2207,8 +2533,6 @@ class Parser } # Load from database - $replaceHeadings = false; - $isHTML = false; $lastPathLevel = $this->mTemplatePath; if ( !$found ) { $ns = NS_TEMPLATE; @@ -2218,47 +2542,51 @@ class Parser } $title = Title::newFromText( $part1, $ns ); - if ($title) { - $interwiki = Title::getInterwikiLink($title->getInterwiki()); - if ($interwiki != '' && $title->isTrans()) { - return $this->scarytransclude($title, $interwiki); - } - } - - if ( !is_null( $title ) && !$title->isExternal() ) { - # Check for excessive inclusion - $dbk = $title->getPrefixedDBkey(); - if ( $this->incrementIncludeCount( $dbk ) ) { - if ( $title->getNamespace() == NS_SPECIAL && $this->mOptions->getAllowSpecialInclusion() ) { - # Capture special page output - $text = SpecialPage::capturePath( $title ); - if ( is_string( $text ) ) { - $found = true; - $noparse = true; - $isHTML = true; - $this->disableCache(); - } - } else { - $article = new Article( $title ); - $articleContent = $article->fetchContent(0, false); - if ( $articleContent !== false ) { - $found = true; - $text = $articleContent; - $replaceHeadings = true; + if ( !is_null( $title ) ) { + if ( !$title->isExternal() ) { + # Check for excessive inclusion + $dbk = $title->getPrefixedDBkey(); + if ( $this->incrementIncludeCount( $dbk ) ) { + if ( $title->getNamespace() == NS_SPECIAL && $this->mOptions->getAllowSpecialInclusion() ) { + # Capture special page output + $text = SpecialPage::capturePath( $title ); + if ( is_string( $text ) ) { + $found = true; + $noparse = true; + $isHTML = true; + $this->disableCache(); + } + } else { + $articleContent = $this->fetchTemplate( $title ); + if ( $articleContent !== false ) { + $found = true; + $text = $articleContent; + $replaceHeadings = true; + } } } - } - # If the title is valid but undisplayable, make a link to it - if ( $this->mOutputType == OT_HTML && !$found ) { - $text = '[['.$title->getPrefixedText().']]'; - $found = true; - } + # If the title is valid but undisplayable, make a link to it + if ( $this->mOutputType == OT_HTML && !$found ) { + $text = '[['.$title->getPrefixedText().']]'; + $found = true; + } - # Template cache array insertion - if( $found ) { - $this->mTemplates[$part1] = $text; - $text = $linestart . $text; + # Template cache array insertion + if( $found ) { + $this->mTemplates[$part1] = $text; + $text = $linestart . $text; + } + } elseif ( $title->isTrans() ) { + // Interwiki transclusion + if ( $this->mOutputType == OT_HTML ) { + $text = $this->interwikiTransclude( $title, 'render' ); + $isHTML = true; + $noparse = true; + } else { + $text = $this->interwikiTransclude( $title, 'raw' ); + } + $found = true; } } } @@ -2290,24 +2618,27 @@ class Parser # Add a new element to the templace recursion path $this->mTemplatePath[$part1] = 1; + # If there are any tags, only include them + if ( in_string( '', $text ) && in_string( '', $text ) ) { + preg_match_all( '/(.*?)\n?<\/onlyinclude>/s', $text, $m ); + $text = ''; + foreach ($m[1] as $piece) + $text .= $piece; + } + # Remove sections and tags + $text = preg_replace( '/.*?<\/noinclude>/s', '', $text ); + $text = strtr( $text, array( '' => '' , '' => '' ) ); + if( $this->mOutputType == OT_HTML ) { - # Remove sections and tags - $text = preg_replace( '/.*?<\/noinclude>/s', '', $text ); - $text = strtr( $text, array( '' => '' , '' => '' ) ); # Strip , 
, etc.
 				$text = $this->strip( $text, $this->mStripState );
 				$text = Sanitizer::removeHTMLtags( $text, array( &$this, 'replaceVariables' ), $assocArgs );
 			}
 			$text = $this->replaceVariables( $text, $assocArgs );
 
-			# Resume the link cache and register the inclusion as a link
-			if ( $this->mOutputType == OT_HTML && !is_null( $title ) ) {
-				$wgLinkCache->addLinkObj( $title );
-			}
-
 			# If the template begins with a table or block-level
 			# element, it should be treated as beginning a new line.
-			if ($linestart !== '\n' && preg_match('/^({\\||:|;|#|\*)/', $text)) {
+			if (!$piece['lineStart'] && preg_match('/^({\\||:|;|#|\*)/', $text)) {
 				$text = "\n" . $text;
 			}
 		}
@@ -2316,7 +2647,7 @@ class Parser
 
 		if ( !$found ) {
 			wfProfileOut( $fname );
-			return $matches[0];
+			return $piece['text'];
 		} else {
 			if ( $isHTML ) {
 				# Replace raw HTML by a placeholder
@@ -2358,7 +2689,7 @@ class Parser
 
 		if ( !$found ) {
 			wfProfileOut( $fname );
-			return $matches[0];
+			return $piece['text'];
 		} else {
 			wfProfileOut( $fname );
 			return $text;
@@ -2366,41 +2697,71 @@ class Parser
 	}
 
 	/**
-	 * Translude an interwiki link.
+	 * Fetch the unparsed text of a template and register a reference to it. 
 	 */
-	function scarytransclude($title, $interwiki) {
-		global $wgEnableScaryTranscluding;
+	function fetchTemplate( $title ) {
+		$text = false;
+		// Loop to fetch the article, with up to 1 redirect
+		for ( $i = 0; $i < 2 && is_object( $title ); $i++ ) {
+			$rev = Revision::newFromTitle( $title );
+			$this->mOutput->addTemplate( $title, $title->getArticleID() );
+			if ( !$rev ) {
+				break;
+			}
+			$text = $rev->getText();
+			if ( $text === false ) {
+				break;
+			}
+			// Redirect?
+			$title = Title::newFromRedirect( $text );
+		}
+		return $text;
+	}
+
+	/**
+	 * Transclude an interwiki link.
+	 */
+	function interwikiTransclude( $title, $action ) {
+		global $wgEnableScaryTranscluding, $wgCanonicalNamespaceNames;
 
 		if (!$wgEnableScaryTranscluding)
 			return wfMsg('scarytranscludedisabled');
 
-		$articlename = "Template:" . $title->getDBkey();
-		$url = str_replace('$1', urlencode($articlename), $interwiki);
+		// The namespace will actually only be 0 or 10, depending on whether there was a leading :
+		// But we'll handle it generally anyway
+		if ( $title->getNamespace() ) {
+			// Use the canonical namespace, which should work anywhere
+			$articleName = $wgCanonicalNamespaceNames[$title->getNamespace()] . ':' . $title->getDBkey();
+		} else {
+			$articleName = $title->getDBkey();
+		}
+
+		$url = str_replace('$1', urlencode($articleName), Title::getInterwikiLink($title->getInterwiki()));
+		$url .= "?action=$action";
 		if (strlen($url) > 255)
 			return wfMsg('scarytranscludetoolong');
-		$text = $this->fetchScaryTemplateMaybeFromCache($url);
-		$this->mIWTransData[] = $text;
-		return "";
+		return $this->fetchScaryTemplateMaybeFromCache($url);
 	}
 
 	function fetchScaryTemplateMaybeFromCache($url) {
+		global $wgTranscludeCacheExpiry;
 		$dbr =& wfGetDB(DB_SLAVE);
 		$obj = $dbr->selectRow('transcache', array('tc_time', 'tc_contents'),
 				array('tc_url' => $url));
 		if ($obj) {
 			$time = $obj->tc_time;
 			$text = $obj->tc_contents;
-			if ($time && $time < (time() + (60*60))) {
+			if ($time && time() < $time + $wgTranscludeCacheExpiry ) {
 				return $text;
 			}
 		}
 
-		$text = wfGetHTTP($url . '?action=render');
+		$text = wfGetHTTP($url);
 		if (!$text)
 			return wfMsg('scarytranscludefailed', $url);
 
 		$dbw =& wfGetDB(DB_MASTER);
-		$dbw->replace('transcache', array(), array(
+		$dbw->replace('transcache', array('tc_url'), array(
 			'tc_url' => $url,
 			'tc_time' => time(),
 			'tc_contents' => $text));
@@ -2413,12 +2774,14 @@ class Parser
 	 * @access private
 	 */
 	function argSubstitution( $matches ) {
-		$arg = trim( $matches[1] );
-		$text = $matches[0];
+		$arg = trim( $matches['title'] );
+		$text = $matches['text'];
 		$inputArgs = end( $this->mArgStack );
 
 		if ( array_key_exists( $arg, $inputArgs ) ) {
 			$text = $inputArgs[$arg];
+		} else if ($this->mOutputType == OT_HTML && null != $matches['parts'] && count($matches['parts']) > 0) {
+			$text = $matches['parts'][0];
 		}
 
 		return $text;
@@ -2454,7 +2817,7 @@ class Parser
 	 * @access private
 	 */
 	function formatHeadings( $text, $isMain=true ) {
-		global $wgMaxTocLevel, $wgContLang, $wgLinkHolders, $wgInterwikiLinkHolders;
+		global $wgMaxTocLevel, $wgContLang;
 
 		$doNumberHeadings = $this->mOptions->getNumberHeadings();
 		$doShowToc = true;
@@ -2617,12 +2980,7 @@ class Parser
 			# strip out HTML
 			$canonized_headline = preg_replace( '/<.*?' . '>/','',$canonized_headline );
 			$tocline = trim( $canonized_headline );
-			$canonized_headline = urlencode( Sanitizer::decodeCharReferences( str_replace(' ', '_', $tocline) ) );
-			$replacearray = array(
-				'%3A' => ':',
-				'%' => '.'
-			);
-			$canonized_headline = str_replace(array_keys($replacearray),array_values($replacearray),$canonized_headline);
+			$canonized_headline = Sanitizer::escapeId( $tocline );
 			$refers[$headlineCount] = $canonized_headline;
 
 			# count how many in assoc. array so we can track dupes in anchors
@@ -2842,7 +3200,7 @@ class Parser
 			"\r\n" => "\n",
 		);
 		$text = str_replace( array_keys( $pairs ), array_values( $pairs ), $text );
-		$text = $this->strip( $text, $stripState, false );
+		$text = $this->strip( $text, $stripState, true );
 		$text = $this->pstPass2( $text, $user );
 		$text = $this->unstrip( $text, $stripState );
 		$text = $this->unstripNoWiki( $text, $stripState );
@@ -2856,44 +3214,39 @@ class Parser
 	function pstPass2( $text, &$user ) {
 		global $wgContLang, $wgLocaltimezone;
 
-		# Variable replacement
-		# Because mOutputType is OT_WIKI, this will only process {{subst:xxx}} type tags
-		$text = $this->replaceVariables( $text );
-
-		# Signatures
-		#
-		$n = $user->getName();
-		$k = $user->getOption( 'nickname' );
-		if ( '' == $k ) { $k = $n; }
-		if ( isset( $wgLocaltimezone ) ) {
-			$oldtz = getenv( 'TZ' );
-			putenv( 'TZ='.$wgLocaltimezone );
-		}
-
 		/* Note: This is the timestamp saved as hardcoded wikitext to
 		 * the database, we use $wgContLang here in order to give
 		 * everyone the same signiture and use the default one rather
 		 * than the one selected in each users preferences.
 		 */
+		if ( isset( $wgLocaltimezone ) ) {
+			$oldtz = getenv( 'TZ' );
+			putenv( 'TZ='.$wgLocaltimezone );
+		}
 		$d = $wgContLang->timeanddate( date( 'YmdHis' ), false, false) .
 		  ' (' . date( 'T' ) . ')';
 		if ( isset( $wgLocaltimezone ) ) {
 			putenv( 'TZ='.$oldtz );
 		}
 
-		if( $user->getOption( 'fancysig' ) ) {
-			$sigText = $k;
-		} else {
-			$sigText = '[[' . $wgContLang->getNsText( NS_USER ) . ":$n|$k]]";
-		}
-		$text = preg_replace( '/~~~~~/', $d, $text );
-		$text = preg_replace( '/~~~~/', "$sigText $d", $text );
-		$text = preg_replace( '/~~~/', $sigText, $text );
+		# Variable replacement
+		# Because mOutputType is OT_WIKI, this will only process {{subst:xxx}} type tags
+		$text = $this->replaceVariables( $text );
+		
+		# Signatures
+		$sigText = $this->getUserSig( $user );
+		$text = strtr( $text, array( 
+			'~~~~~' => $d,
+			'~~~~' => "$sigText $d",
+			'~~~' => $sigText
+		) );
 
 		# Context links: [[|name]] and [[name (context)|]]
 		#
-		$tc = "[&;%\\-,.\\(\\)' _0-9A-Za-z\\/:\\x80-\\xff]";
-		$np = "[&;%\\-,.' _0-9A-Za-z\\/:\\x80-\\xff]"; # No parens
+		global $wgLegalTitleChars;
+		$tc = "[$wgLegalTitleChars]";
+		$np = str_replace( array( '(', ')' ), array( '', '' ), $tc ); # No parens
+
 		$namespacechar = '[ _0-9A-Za-z\x80-\xff]'; # Namespaces can use non-ascii!
 		$conpat = "/^({$np}+) \\(({$tc}+)\\)$/";
 
@@ -2926,6 +3279,69 @@ class Parser
 		return $text;
 	}
 
+	/**
+	 * Fetch the user's signature text, if any, and normalize to
+	 * validated, ready-to-insert wikitext.
+	 *
+	 * @param User $user
+	 * @return string
+	 * @access private
+	 */
+	function getUserSig( &$user ) {
+		global $wgContLang;
+
+		$username = $user->getName();
+		$nickname = $user->getOption( 'nickname' );
+		$nickname = $nickname === '' ? $username : $nickname;
+	
+		if( $user->getBoolOption( 'fancysig' ) !== false ) {
+			# Sig. might contain markup; validate this
+			if( $this->validateSig( $nickname ) !== false ) {
+				# Validated; clean up (if needed) and return it
+				return( $this->cleanSig( $nickname ) );
+			} else {
+				# Failed to validate; fall back to the default
+				$nickname = $username;
+				wfDebug( "Parser::getUserSig: $username has bad XML tags in signature.\n" );
+			}
+		}
+
+		# If we're still here, make it a link to the user page
+		$userpage = $user->getUserPage();
+		return( '[[' . $userpage->getPrefixedText() . '|' . wfEscapeWikiText( $nickname ) . ']]' );
+	}
+
+	/**
+	 * Check that the user's signature contains no bad XML
+	 *
+	 * @param string $text
+	 * @return mixed An expanded string, or false if invalid.
+	 */
+	function validateSig( $text ) {
+		return( wfIsWellFormedXmlFragment( $text ) ? $text : false );
+	}
+	
+	/**
+	 * Clean up signature text
+	 *
+	 * 1) Strip ~~~, ~~~~ and ~~~~~ out of signatures
+	 * 2) Substitute all transclusions
+	 *
+	 * @param string $text
+	 * @return string Signature text
+	 */
+	function cleanSig( $text ) {
+		$substWord = MagicWord::get( MAG_SUBST );
+		$substRegex = '/\{\{(?!(?:' . $substWord->getBaseRegex() . '))/x' . $substWord->getRegexCase();
+		$substText = '{{' . $substWord->getSynonym( 0 );
+
+		$text = preg_replace( $substRegex, $substText, $text );
+		$text = preg_replace( '/~{3,5}/', '', $text );
+		$text = $this->replaceVariables( $text );
+	
+		return $text;
+	}
+	
 	/**
 	 * Set up some variables which are usually set up in parse()
 	 * so that an external function can call some class members with confidence
@@ -2952,12 +3368,16 @@ class Parser
 		global $wgTitle;
 		static $executing = false;
 
+		$fname = "Parser::transformMsg";
+
 		# Guard against infinite recursion
 		if ( $executing ) {
 			return $text;
 		}
 		$executing = true;
 
+		wfProfileIn($fname);
+
 		$this->mTitle = $wgTitle;
 		$this->mOptions = $options;
 		$this->mOutputType = OT_MSG;
@@ -2965,6 +3385,7 @@ class Parser
 		$text = $this->replaceVariables( $text );
 
 		$executing = false;
+		wfProfileOut($fname);
 		return $text;
 	}
 
@@ -2972,11 +3393,18 @@ class Parser
 	 * Create an HTML-style tag, e.g. special text
 	 * Callback will be called with the text within
 	 * Transform and return the text within
+	 *
 	 * @access public
+	 *
+	 * @param mixed $tag The tag to use, e.g. 'hook' for 
+	 * @param mixed $callback The callback function (and object) to use for the tag
+	 *
+	 * @return The old value of the mTagHooks array associated with the hook
 	 */
 	function setHook( $tag, $callback ) {
 		$oldVal = @$this->mTagHooks[$tag];
 		$this->mTagHooks[$tag] = $callback;
+
 		return $oldVal;
 	}
 
@@ -2990,7 +3418,7 @@ class Parser
 	 * $options is a bit field, RLH_FOR_UPDATE to select for update
 	 */
 	function replaceLinkHolders( &$text, $options = 0 ) {
-		global $wgUser, $wgLinkCache;
+		global $wgUser;
 		global $wgOutputReplace;
 
 		$fname = 'Parser::replaceLinkHolders';
@@ -2998,7 +3426,8 @@ class Parser
 
 		$pdbks = array();
 		$colours = array();
-		$sk = $this->mOptions->getSkin();
+		$sk =& $this->mOptions->getSkin();
+		$linkCache =& LinkCache::singleton();
 
 		if ( !empty( $this->mLinkHolders['namespaces'] ) ) {
 			wfProfileIn( $fname.'-check' );
@@ -3011,7 +3440,7 @@ class Parser
 
 			# Generate query
 			$query = false;
-			foreach ( $this->mLinkHolders['namespaces'] as $key => $val ) {
+			foreach ( $this->mLinkHolders['namespaces'] as $key => $ns ) {
 				# Make title object
 				$title = $this->mLinkHolders['titles'][$key];
 
@@ -3022,23 +3451,26 @@ class Parser
 				}
 				$pdbk = $pdbks[$key] = $title->getPrefixedDBkey();
 
-				# Check if it's in the link cache already
-				if ( $title->isAlwaysKnown() || $wgLinkCache->getGoodLinkID( $pdbk ) ) {
+				# Check if it's a static known link, e.g. interwiki
+				if ( $title->isAlwaysKnown() ) {
+					$colours[$pdbk] = 1;
+				} elseif ( ( $id = $linkCache->getGoodLinkID( $pdbk ) ) != 0 ) {
 					$colours[$pdbk] = 1;
-				} elseif ( $wgLinkCache->isBadLink( $pdbk ) ) {
+					$this->mOutput->addLink( $title, $id );
+				} elseif ( $linkCache->isBadLink( $pdbk ) ) {
 					$colours[$pdbk] = 0;
 				} else {
 					# Not in the link cache, add it to the query
 					if ( !isset( $current ) ) {
-						$current = $val;
+						$current = $ns;
 						$query =  "SELECT page_id, page_namespace, page_title";
 						if ( $threshold > 0 ) {
 							$query .= ', page_len, page_is_redirect';
 						}
-						$query .= " FROM $page WHERE (page_namespace=$val AND page_title IN(";
-					} elseif ( $current != $val ) {
-						$current = $val;
-						$query .= ")) OR (page_namespace=$val AND page_title IN(";
+						$query .= " FROM $page WHERE (page_namespace=$ns AND page_title IN(";
+					} elseif ( $current != $ns ) {
+						$current = $ns;
+						$query .= ")) OR (page_namespace=$ns AND page_title IN(";
 					} else {
 						$query .= ', ';
 					}
@@ -3061,7 +3493,8 @@ class Parser
 				while ( $s = $dbr->fetchObject($res) ) {
 					$title = Title::makeTitle( $s->page_namespace, $s->page_title );
 					$pdbk = $title->getPrefixedDBkey();
-					$wgLinkCache->addGoodLinkObj( $s->page_id, $title );
+					$linkCache->addGoodLinkObj( $s->page_id, $title );
+					$this->mOutput->addLink( $title, $s->page_id );
 
 					if ( $threshold >  0 ) {
 						$size = $s->page_len;
@@ -3085,8 +3518,9 @@ class Parser
 				$searchkey = "";
 				$title = $this->mLinkHolders['titles'][$key];
 				if ( empty( $colours[$pdbk] ) ) {
-					$wgLinkCache->addBadLinkObj( $title );
+					$linkCache->addBadLinkObj( $title );
 					$colours[$pdbk] = 0;
+					$this->mOutput->addLink( $title, 0 );
 					$wgOutputReplace[$searchkey] = $sk->makeBrokenLinkObj( $title,
 									$this->mLinkHolders['texts'][$key],
 									$this->mLinkHolders['queries'][$key] );
@@ -3142,7 +3576,7 @@ class Parser
 	 * @return string
 	 */
 	function replaceLinkHoldersText( $text ) {
-		global $wgUser, $wgLinkCache;
+		global $wgUser;
 		global $wgOutputReplace;
 
 		$fname = 'Parser::replaceLinkHoldersText';
@@ -3185,16 +3619,12 @@ class Parser
 	 * given as text will return the HTML of a gallery with two images,
 	 * labeled 'The number "1"' and
 	 * 'A tree'.
-	 *
-	 * @static
 	 */
 	function renderImageGallery( $text ) {
 		# Setup the parser
-		global $wgUser, $wgTitle;
-		$parserOptions = ParserOptions::newFromUser( $wgUser );
+		$parserOptions = new ParserOptions;
 		$localParser = new Parser();
 
-		global $wgLinkCache;
 		$ig = new ImageGallery();
 		$ig->setShowBytes( false );
 		$ig->setShowFilename( false );
@@ -3208,7 +3638,7 @@ class Parser
 			if ( count( $matches ) == 0 ) {
 				continue;
 			}
-			$nt = Title::newFromURL( $matches[1] );
+			$nt =& Title::newFromText( $matches[1] );
 			if( is_null( $nt ) ) {
 				# Bogus title. Ignore these so we don't bomb out later.
 				continue;
@@ -3219,11 +3649,11 @@ class Parser
 				$label = '';
 			}
 
-			$html = $localParser->parse( $label , $wgTitle, $parserOptions );
-			$html = $html->mText;
+			$pout = $localParser->parse( $label , $this->mTitle, $parserOptions );
+			$html = $pout->getText();
 
 			$ig->add( new Image( $nt ), $html );
-			$wgLinkCache->addImageLinkObj( $nt );
+			$this->mOutput->addImage( $nt->getDBkey() );
 		}
 		return $ig->toHTML();
 	}
@@ -3232,8 +3662,7 @@ class Parser
 	 * Parse image options text and use it to make an image
 	 */
 	function makeImage( &$nt, $options ) {
-		global $wgContLang, $wgUseImageResize;
-		global $wgUser, $wgThumbLimits;
+		global $wgContLang, $wgUseImageResize, $wgUser;
 
 		$align = '';
 
@@ -3306,14 +3735,14 @@ class Parser
 	}
 
 	/**
-	 * Set a flag in the output object indicating that the content is dynamic and 
+	 * Set a flag in the output object indicating that the content is dynamic and
 	 * shouldn't be cached.
 	 */
 	function disableCache() {
 		$this->mOutput->mCacheTime = -1;
 	}
-	
-	/**
+
+	/**#@+ 
 	 * Callback from the Sanitizer for expanding items found in HTML attribute
 	 * values, so they can be safely tested and escaped.
 	 * @param string $text
@@ -3326,12 +3755,27 @@ class Parser
 		$text = $this->unstripForHTML( $text );
 		return $text;
 	}
-	
+
 	function unstripForHTML( $text ) {
 		$text = $this->unstrip( $text, $this->mStripState );
 		$text = $this->unstripNoWiki( $text, $this->mStripState );
 		return $text;
 	}
+	/**#@-*/
+
+	/**#@+
+	 * Accessor/mutator
+	 */
+	function Title( $x = NULL ) { return wfSetVar( $this->mTitle, $x ); }
+	function Options( $x = NULL ) { return wfSetVar( $this->mOptions, $x ); }
+	function OutputType( $x = NULL ) { return wfSetVar( $this->mOutputType, $x ); }
+	/**#@-*/
+
+	/**#@+
+	 * Accessor
+	 */
+	function getTags() { return array_keys( $this->mTagHooks ); }
+	/**#@-*/
 }
 
 /**
@@ -3340,43 +3784,85 @@ class Parser
  */
 class ParserOutput
 {
-	var $mText, $mLanguageLinks, $mCategoryLinks, $mContainsOldMagic;
-	var $mCacheTime; # Timestamp on this article, or -1 for uncacheable. Used in ParserCache.
-	var $mVersion;   # Compatibility check
-	var $mTitleText; # title text of the chosen language variant
+	var $mText,             # The output text
+		$mLanguageLinks,    # List of the full text of language links, in the order they appear
+		$mCategories,       # Map of category names to sort keys
+		$mContainsOldMagic, # Boolean variable indicating if the input contained variables like {{CURRENTDAY}}
+		$mCacheTime,        # Timestamp on this article, or -1 for uncacheable. Used in ParserCache.
+		$mVersion,          # Compatibility check
+		$mTitleText,        # title text of the chosen language variant
+		$mLinks,            # 2-D map of NS/DBK to ID for the links in the document. ID=zero for broken.
+		$mTemplates,        # 2-D map of NS/DBK to ID for the template references. ID=zero for broken.
+		$mImages,           # DB keys of the images used, in the array key only
+		$mExternalLinks;    # External link URLs, in the key only
 
 	function ParserOutput( $text = '', $languageLinks = array(), $categoryLinks = array(),
 		$containsOldMagic = false, $titletext = '' )
 	{
 		$this->mText = $text;
 		$this->mLanguageLinks = $languageLinks;
-		$this->mCategoryLinks = $categoryLinks;
+		$this->mCategories = $categoryLinks;
 		$this->mContainsOldMagic = $containsOldMagic;
 		$this->mCacheTime = '';
 		$this->mVersion = MW_PARSER_VERSION;
 		$this->mTitleText = $titletext;
+		$this->mLinks = array();
+		$this->mTemplates = array();
+		$this->mImages = array();
+		$this->mExternalLinks = array();
 	}
 
 	function getText()                   { return $this->mText; }
 	function getLanguageLinks()          { return $this->mLanguageLinks; }
-	function getCategoryLinks()          { return array_keys( $this->mCategoryLinks ); }
+	function getCategoryLinks()          { return array_keys( $this->mCategories ); }
+	function &getCategories()            { return $this->mCategories; }
 	function getCacheTime()              { return $this->mCacheTime; }
 	function getTitleText()              { return $this->mTitleText; }
+	function &getLinks()                 { return $this->mLinks; }
+	function &getTemplates()             { return $this->mTemplates; }
+	function &getImages()                { return $this->mImages; }
+	function &getExternalLinks()         { return $this->mExternalLinks; }
+
 	function containsOldMagic()          { return $this->mContainsOldMagic; }
 	function setText( $text )            { return wfSetVar( $this->mText, $text ); }
 	function setLanguageLinks( $ll )     { return wfSetVar( $this->mLanguageLinks, $ll ); }
-	function setCategoryLinks( $cl )     { return wfSetVar( $this->mCategoryLinks, $cl ); }
+	function setCategoryLinks( $cl )     { return wfSetVar( $this->mCategories, $cl ); }
 	function setContainsOldMagic( $com ) { return wfSetVar( $this->mContainsOldMagic, $com ); }
 	function setCacheTime( $t )          { return wfSetVar( $this->mCacheTime, $t ); }
 	function setTitleText( $t )          { return wfSetVar ($this->mTitleText, $t); }
 
-	function addCategoryLink( $c )       { $this->mCategoryLinks[$c] = 1; }
+	function addCategory( $c, $sort )    { $this->mCategories[$c] = $sort; }
+	function addImage( $name )           { $this->mImages[$name] = 1; }
+	function addLanguageLink( $t )       { $this->mLanguageLinks[] = $t; }
+	function addExternalLink( $url )     { $this->mExternalLinks[$url] = 1; }
+
+	function addLink( $title, $id ) {
+		$ns = $title->getNamespace();
+		$dbk = $title->getDBkey();
+		if ( !isset( $this->mLinks[$ns] ) ) {
+			$this->mLinks[$ns] = array();
+		}
+		$this->mLinks[$ns][$dbk] = $id;
+	}
+
+	function addTemplate( $title, $id ) {
+		$ns = $title->getNamespace();
+		$dbk = $title->getDBkey();
+		if ( !isset( $this->mTemplates[$ns] ) ) {
+			$this->mTemplates[$ns] = array();
+		}
+		$this->mTemplates[$ns][$dbk] = $id;
+	}
 
+	/**
+	 * @deprecated
+	 */
+	/*
 	function merge( $other ) {
 		$this->mLanguageLinks = array_merge( $this->mLanguageLinks, $other->mLanguageLinks );
-		$this->mCategoryLinks = array_merge( $this->mCategoryLinks, $this->mLanguageLinks );
+		$this->mCategories = array_merge( $this->mCategories, $this->mLanguageLinks );
 		$this->mContainsOldMagic = $this->mContainsOldMagic || $other->mContainsOldMagic;
-	}
+	}*/
 
 	/**
 	 * Return true if this cached output object predates the global or
@@ -3390,7 +3876,7 @@ class ParserOutput
 	function expired( $touched ) {
 		global $wgCacheEpoch;
 		return $this->getCacheTime() == -1 || // parser says it's uncacheable
-		       $this->getCacheTime() <= $touched ||
+		       $this->getCacheTime() < $touched ||
 		       $this->getCacheTime() <= $wgCacheEpoch ||
 		       !isset( $this->mVersion ) ||
 		       version_compare( $this->mVersion, MW_PARSER_VERSION, "lt" );
@@ -3409,32 +3895,36 @@ class ParserOptions
 	var $mUseDynamicDates;           # Use DateFormatter to format dates
 	var $mInterwikiMagic;            # Interlanguage links are removed and returned in an array
 	var $mAllowExternalImages;       # Allow external images inline
+	var $mAllowExternalImagesFrom;   # If not, any exception?
 	var $mSkin;                      # Reference to the preferred skin
 	var $mDateFormat;                # Date format index
 	var $mEditSection;               # Create "edit section" links
 	var $mNumberHeadings;            # Automatically number headings
 	var $mAllowSpecialInclusion;     # Allow inclusion of special pages
+	var $mTidy;	        	 # Ask for tidy cleanup
 
 	function getUseTeX()                        { return $this->mUseTeX; }
 	function getUseDynamicDates()               { return $this->mUseDynamicDates; }
 	function getInterwikiMagic()                { return $this->mInterwikiMagic; }
 	function getAllowExternalImages()           { return $this->mAllowExternalImages; }
+	function getAllowExternalImagesFrom()       { return $this->mAllowExternalImagesFrom; }
 	function &getSkin()                         { return $this->mSkin; }
 	function getDateFormat()                    { return $this->mDateFormat; }
 	function getEditSection()                   { return $this->mEditSection; }
 	function getNumberHeadings()                { return $this->mNumberHeadings; }
 	function getAllowSpecialInclusion()         { return $this->mAllowSpecialInclusion; }
-
+	function getTidy()		            { return $this->mTidy; }
 
 	function setUseTeX( $x )                    { return wfSetVar( $this->mUseTeX, $x ); }
 	function setUseDynamicDates( $x )           { return wfSetVar( $this->mUseDynamicDates, $x ); }
 	function setInterwikiMagic( $x )            { return wfSetVar( $this->mInterwikiMagic, $x ); }
 	function setAllowExternalImages( $x )       { return wfSetVar( $this->mAllowExternalImages, $x ); }
+	function setAllowExternalImagesFrom( $x )   { return wfSetVar( $this->mAllowExternalImagesFrom, $x ); }
 	function setDateFormat( $x )                { return wfSetVar( $this->mDateFormat, $x ); }
 	function setEditSection( $x )               { return wfSetVar( $this->mEditSection, $x ); }
 	function setNumberHeadings( $x )            { return wfSetVar( $this->mNumberHeadings, $x ); }
 	function setAllowSpecialInclusion( $x )     { return wfSetVar( $this->mAllowSpecialInclusion, $x ); }
-
+	function setTidy( $x )			    { return wfSetVar( $this->mTidy, $x); }
 	function setSkin( &$x ) { $this->mSkin =& $x; }
 
 	function ParserOptions() {
@@ -3455,7 +3945,7 @@ class ParserOptions
 	/** Get user options */
 	function initialiseFromUser( &$userInput ) {
 		global $wgUseTeX, $wgUseDynamicDates, $wgInterwikiMagic, $wgAllowExternalImages,
-		       $wgAllowSpecialInclusion;
+		       $wgAllowExternalImagesFrom, $wgAllowSpecialInclusion;
 		$fname = 'ParserOptions::initialiseFromUser';
 		wfProfileIn( $fname );
 		if ( !$userInput ) {
@@ -3469,6 +3959,7 @@ class ParserOptions
 		$this->mUseDynamicDates = $wgUseDynamicDates;
 		$this->mInterwikiMagic = $wgInterwikiMagic;
 		$this->mAllowExternalImages = $wgAllowExternalImages;
+		$this->mAllowExternalImagesFrom = $wgAllowExternalImagesFrom;
 		wfProfileIn( $fname.'-skin' );
 		$this->mSkin =& $user->getSkin();
 		wfProfileOut( $fname.'-skin' );
@@ -3476,6 +3967,7 @@ class ParserOptions
 		$this->mEditSection = true;
 		$this->mNumberHeadings = $user->getOption( 'numberheadings' );
 		$this->mAllowSpecialInclusion = $wgAllowSpecialInclusion;
+		$this->mTidy = false;
 		wfProfileOut( $fname );
 	}
 }
@@ -3515,7 +4007,7 @@ function wfNumberOfFiles() {
 
 /**
  * Get various statistics from the database
- * @private
+ * @access private
  */
 function wfLoadSiteStats() {
 	global $wgNumberOfArticles, $wgTotalViews, $wgTotalEdits;
@@ -3539,7 +4031,7 @@ function wfLoadSiteStats() {
 
 /**
  * Escape html tags
- * Basicly replacing " > and < with HTML entities ( ", >, <)
+ * Basically replacing " > and < with HTML entities ( ", >, <)
  *
  * @param string $in Text that might contain HTML tags
  * @return string Escaped string