mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-09-19 10:45:18 +00:00
Cordon off configuration form values into one form element name.
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1111 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang
parent
073ddb0cb2
commit
0cb1d85822
@ -301,10 +301,12 @@ class HTMLPurifier_Config
|
||||
* Loads configuration values from $_GET/$_POST that were posted
|
||||
* via ConfigForm
|
||||
* @param $array $_GET or $_POST array to import
|
||||
* @param $index Index/name that the config variables are in
|
||||
* @param $mq_fix Boolean whether or not to enable magic quotes fix
|
||||
* @static
|
||||
*/
|
||||
function loadArrayFromForm($array, $mq_fix = true) {
|
||||
function loadArrayFromForm($array, $index, $mq_fix = true) {
|
||||
$array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array();
|
||||
$mq = get_magic_quotes_gpc() && $mq_fix;
|
||||
foreach ($array as $key => $value) {
|
||||
if (!strncmp($key, 'Null_', 5) && !empty($value)) {
|
||||
|
||||
@ -18,11 +18,19 @@ class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer
|
||||
var $docURL;
|
||||
|
||||
/**
|
||||
* Name of form element to stuff config in
|
||||
* @protected
|
||||
*/
|
||||
var $name;
|
||||
|
||||
/**
|
||||
* @param $name Form element name for directives to be stuffed into
|
||||
* @param $doc_url String documentation URL, will have fragment tagged on
|
||||
*/
|
||||
function HTMLPurifier_Printer_ConfigForm($doc_url = null) {
|
||||
function HTMLPurifier_Printer_ConfigForm($name, $doc_url = null) {
|
||||
parent::HTMLPurifier_Printer();
|
||||
$this->docURL = $doc_url;
|
||||
$this->name = $name;
|
||||
$this->fields['default'] = new HTMLPurifier_Printer_ConfigForm_default();
|
||||
$this->fields['bool'] = new HTMLPurifier_Printer_ConfigForm_bool();
|
||||
}
|
||||
@ -81,11 +89,15 @@ class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer
|
||||
foreach ($directives as $directive => $value) {
|
||||
$ret .= $this->start('tr');
|
||||
$ret .= $this->start('th');
|
||||
if ($this->docURL) $ret .= $this->start('a', array('href' => $this->docURL . "#$ns.$directive"));
|
||||
if ($this->docURL) {
|
||||
$url = str_replace('%s', urlencode("$ns.$directive"), $this->docURL);
|
||||
$ret .= $this->start('a', array('href' => $url));
|
||||
}
|
||||
$ret .= $this->element(
|
||||
'label',
|
||||
"%$ns.$directive",
|
||||
array('for' => "$ns.$directive")
|
||||
// component printers must create an element with this id
|
||||
array('for' => "{$this->name}:$ns.$directive")
|
||||
);
|
||||
if ($this->docURL) $ret .= $this->end('a');
|
||||
$ret .= $this->end('th');
|
||||
@ -98,7 +110,7 @@ class HTMLPurifier_Printer_ConfigForm extends HTMLPurifier_Printer
|
||||
if ($def->allow_null) {
|
||||
$type_obj = new HTMLPurifier_Printer_ConfigForm_NullDecorator($type_obj);
|
||||
}
|
||||
$ret .= $type_obj->render($ns, $directive, $value, $this->config);
|
||||
$ret .= $type_obj->render($ns, $directive, $value, $this->name, $this->config);
|
||||
$ret .= $this->end('td');
|
||||
$ret .= $this->end('tr');
|
||||
}
|
||||
@ -123,9 +135,9 @@ class HTMLPurifier_Printer_ConfigForm_NullDecorator extends HTMLPurifier_Printer
|
||||
parent::HTMLPurifier_Printer();
|
||||
$this->obj = $obj;
|
||||
}
|
||||
function render($ns, $directive, $value, $config) {
|
||||
function render($ns, $directive, $value, $name, $config) {
|
||||
$ret = '';
|
||||
$ret .= $this->start('label', array('for' => "Null_$ns.$directive"));
|
||||
$ret .= $this->start('label', array('for' => "$name:Null_$ns.$directive"));
|
||||
$ret .= $this->element('span', "$ns.$directive:", array('class' => 'verbose'));
|
||||
$ret .= $this->text(' Null/Disabled');
|
||||
$ret .= $this->end('label');
|
||||
@ -133,15 +145,15 @@ class HTMLPurifier_Printer_ConfigForm_NullDecorator extends HTMLPurifier_Printer
|
||||
'type' => 'checkbox',
|
||||
'value' => '1',
|
||||
'class' => 'null-toggle',
|
||||
'name' => "Null_$ns.$directive",
|
||||
'id' => "Null_$ns.$directive",
|
||||
'onclick' => "toggleWriteability('$ns.$directive',checked)" // INLINE JAVASCRIPT!!!!
|
||||
'name' => "$name:Null_$ns.$directive",
|
||||
'id' => "$name:Null_$ns.$directive",
|
||||
'onclick' => "toggleWriteability('$name:$ns.$directive',checked)" // INLINE JAVASCRIPT!!!!
|
||||
);
|
||||
if ($value === null) $attr['checked'] = 'checked';
|
||||
$ret .= $this->elementEmpty('input', $attr);
|
||||
$ret .= $this->text(' or ');
|
||||
$ret .= $this->elementEmpty('br');
|
||||
$ret .= $this->obj->render($ns, $directive, $value, $config);
|
||||
$ret .= $this->obj->render($ns, $directive, $value, $name, $config);
|
||||
return $ret;
|
||||
}
|
||||
}
|
||||
@ -150,7 +162,7 @@ class HTMLPurifier_Printer_ConfigForm_NullDecorator extends HTMLPurifier_Printer
|
||||
* Swiss-army knife configuration form field printer
|
||||
*/
|
||||
class HTMLPurifier_Printer_ConfigForm_default extends HTMLPurifier_Printer {
|
||||
function render($ns, $directive, $value, $config) {
|
||||
function render($ns, $directive, $value, $name, $config) {
|
||||
// this should probably be split up a little
|
||||
$ret = '';
|
||||
$def = $config->def->info[$ns][$directive];
|
||||
@ -182,8 +194,8 @@ class HTMLPurifier_Printer_ConfigForm_default extends HTMLPurifier_Printer {
|
||||
}
|
||||
$attr = array(
|
||||
'type' => 'text',
|
||||
'name' => "$ns.$directive",
|
||||
'id' => "$ns.$directive"
|
||||
'name' => "$name"."[$ns.$directive]",
|
||||
'id' => "$name:$ns.$directive"
|
||||
);
|
||||
if ($value === null) $attr['disabled'] = 'disabled';
|
||||
if (is_array($def->allowed)) {
|
||||
@ -206,34 +218,34 @@ class HTMLPurifier_Printer_ConfigForm_default extends HTMLPurifier_Printer {
|
||||
* Bool form field printer
|
||||
*/
|
||||
class HTMLPurifier_Printer_ConfigForm_bool extends HTMLPurifier_Printer {
|
||||
function render($ns, $directive, $value, $config) {
|
||||
function render($ns, $directive, $value, $name, $config) {
|
||||
$ret = '';
|
||||
|
||||
$ret .= $this->start('div', array('id' => "$ns.$directive"));
|
||||
$ret .= $this->start('div', array('id' => "$name:$ns.$directive"));
|
||||
|
||||
$ret .= $this->start('label', array('for' => "Yes_$ns.$directive"));
|
||||
$ret .= $this->start('label', array('for' => "$name:Yes_$ns.$directive"));
|
||||
$ret .= $this->element('span', "$ns.$directive:", array('class' => 'verbose'));
|
||||
$ret .= $this->text(' Yes');
|
||||
$ret .= $this->end('label');
|
||||
|
||||
$attr = array(
|
||||
'type' => 'radio',
|
||||
'name' => "Yes_$ns.$directive",
|
||||
'id' => "Yes_$ns.$directive",
|
||||
'name' => "$name"."[$ns.$directive]",
|
||||
'id' => "$name:Yes_$ns.$directive",
|
||||
'value' => '1'
|
||||
);
|
||||
if ($value) $attr['checked'] = 'checked';
|
||||
$ret .= $this->elementEmpty('input', $attr);
|
||||
|
||||
$ret .= $this->start('label', array('for' => "No_$ns.$directive"));
|
||||
$ret .= $this->start('label', array('for' => "$name:No_$ns.$directive"));
|
||||
$ret .= $this->element('span', "$ns.$directive:", array('class' => 'verbose'));
|
||||
$ret .= $this->text(' No');
|
||||
$ret .= $this->end('label');
|
||||
|
||||
$attr = array(
|
||||
'type' => 'radio',
|
||||
'name' => "No_$ns.$directive",
|
||||
'id' => "No_$ns.$directive",
|
||||
'name' => "$name"."[$ns.$directive]",
|
||||
'id' => "$name:No_$ns.$directive",
|
||||
'value' => '0'
|
||||
);
|
||||
if (!$value) $attr['checked'] = 'checked';
|
||||
|
||||
@ -62,8 +62,8 @@ require_once 'HTMLPurifier/Printer/ConfigForm.php';
|
||||
require_once 'testSchema.php';
|
||||
|
||||
// cleanup ( this should be rolled into Config )
|
||||
$config = HTMLPurifier_Config::loadArrayFromForm($_GET);
|
||||
$printer = new HTMLPurifier_Printer_ConfigForm('?doc');
|
||||
$config = HTMLPurifier_Config::loadArrayFromForm($_GET, 'config');
|
||||
$printer = new HTMLPurifier_Printer_ConfigForm('config', '?doc#%s');
|
||||
echo $printer->render($config);
|
||||
|
||||
?>
|
||||
|
||||
@ -6,7 +6,7 @@ require_once 'HTMLPurifier/Printer/HTMLDefinition.php';
|
||||
require_once 'HTMLPurifier/Printer/CSSDefinition.php';
|
||||
require_once 'HTMLPurifier/Printer/ConfigForm.php';
|
||||
|
||||
$config = HTMLPurifier_Config::loadArrayFromForm($_GET);
|
||||
$config = HTMLPurifier_Config::loadArrayFromForm($_GET, 'config');
|
||||
|
||||
// you can do custom configuration!
|
||||
if (file_exists('printDefinition.settings.php')) {
|
||||
@ -27,6 +27,11 @@ $html_definition->manager->addModule($module);
|
||||
$printer_html_definition = new HTMLPurifier_Printer_HTMLDefinition();
|
||||
$printer_css_definition = new HTMLPurifier_Printer_CSSDefinition();
|
||||
|
||||
$printer_config_form = new HTMLPurifier_Printer_ConfigForm(
|
||||
'config',
|
||||
'http://htmlpurifier.org/live/configdoc/plain.html#%s'
|
||||
);
|
||||
|
||||
echo '<?xml version="1.0" encoding="UTF-8" ?>';
|
||||
?>
|
||||
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
|
||||
@ -69,8 +74,7 @@ transformation into a real array list or a lookup table).</p>
|
||||
|
||||
<form method="get" action="" name="hp-configform">
|
||||
<?php
|
||||
$printer = new HTMLPurifier_Printer_ConfigForm('http://htmlpurifier.org/live/configdoc/plain.html');
|
||||
echo $printer->render($config, 'HTML');
|
||||
echo $printer_config_form->render($config, 'HTML');
|
||||
?>
|
||||
<p>* Some configuration directives make a distinction between an empty
|
||||
variable and a null variable. A whitelist, for example, will take an
|
||||
|
||||
Loading…
Reference in New Issue
Block a user