2006-07-23 00:11:03 +00:00
|
|
|
<?php
|
|
|
|
|
|
2006-07-23 03:43:53 +00:00
|
|
|
/*!
|
|
|
|
|
* @mainpage
|
|
|
|
|
*
|
|
|
|
|
* HTMLPurifier is a purification class that will take an arbitrary snippet of
|
|
|
|
|
* HTML and rigorously test, validate and filter it into a version that
|
|
|
|
|
* is safe for output onto webpages. It achieves this by:
|
|
|
|
|
*
|
|
|
|
|
* -# Lexing (parsing into tokens) the document,
|
|
|
|
|
* -# Removing all elements not in the whitelist,
|
|
|
|
|
* -# Making the tokens well-formed,
|
|
|
|
|
* -# Fixing the nesting of the nodes,
|
|
|
|
|
* -# Validating attributes of the nodes, and
|
|
|
|
|
* -# Generating HTML from the purified tokens.
|
|
|
|
|
*
|
|
|
|
|
* See /docs/spec.txt for more details.
|
|
|
|
|
*/
|
|
|
|
|
|
2006-07-23 00:11:03 +00:00
|
|
|
require_once 'HTMLPurifier/Lexer.php';
|
|
|
|
|
require_once 'HTMLPurifier/Definition.php';
|
|
|
|
|
require_once 'HTMLPurifier/Generator.php';
|
|
|
|
|
|
2006-07-23 03:43:53 +00:00
|
|
|
/**
|
|
|
|
|
* Main library execution class.
|
|
|
|
|
*
|
|
|
|
|
* Facade that performs calls to the HTMLPurifier_Lexer,
|
|
|
|
|
* HTMLPurifier_Definition and HTMLPurifier_Generator subsystems in order to
|
|
|
|
|
* purify HTML.
|
|
|
|
|
*/
|
2006-07-23 00:11:03 +00:00
|
|
|
class HTMLPurifier
|
|
|
|
|
{
|
|
|
|
|
|
2006-07-23 03:43:53 +00:00
|
|
|
var $lexer; /*!< @brief Instance of HTMLPurifier_Lexer concrete
|
|
|
|
|
implementation. */
|
|
|
|
|
var $definition; /*!< @brief Instance of HTMLPurifier_Definition. */
|
|
|
|
|
var $generator; /*!< @brief Instance of HTMLPurifier_Generator. */
|
2006-07-23 00:11:03 +00:00
|
|
|
|
2006-07-23 03:43:53 +00:00
|
|
|
/**
|
|
|
|
|
* Initializes the purifier.
|
|
|
|
|
*
|
|
|
|
|
* The constructor instantiates all necessary sub-objects to do the job,
|
|
|
|
|
* because creating some of them (esp. HTMLPurifier_Definition) can be
|
|
|
|
|
* expensive.
|
|
|
|
|
*
|
|
|
|
|
* @todo Accept Policy object to define configuration.
|
|
|
|
|
*/
|
2006-07-23 00:11:03 +00:00
|
|
|
function HTMLPurifier() {
|
2006-07-23 03:43:53 +00:00
|
|
|
$this->lexer = new HTMLPurifier_Lexer::create();
|
2006-07-23 00:11:03 +00:00
|
|
|
$this->definition = new HTMLPurifier_Definition();
|
|
|
|
|
$this->generator = new HTMLPurifier_Generator();
|
|
|
|
|
}
|
|
|
|
|
|
2006-07-23 03:43:53 +00:00
|
|
|
/**
|
|
|
|
|
* Purifies HTML.
|
|
|
|
|
*
|
|
|
|
|
* @param $html String of HTML to purify
|
|
|
|
|
* @return Purified HTML
|
|
|
|
|
*/
|
2006-07-23 00:11:03 +00:00
|
|
|
function purify($html) {
|
|
|
|
|
$tokens = $this->lexer->tokenizeHTML($html);
|
|
|
|
|
$tokens = $this->definition->purifyTokens($tokens);
|
|
|
|
|
return $this->generator->generateFromTokens($tokens);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2006-04-15 01:13:42 +00:00
|
|
|
?>
|
