mirrors/htmlpurifier
0
0
Fork 0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2024-11-10 15:48:42 +00:00
Code Releases Activity

[1.3.2] printDefinition.php: added labels, added better clarification

Browse Source 
- Updated TODO

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@609 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
Edward Z. Yang 2006-12-13 04:14:30 +00:00
parent a0fd6a9f5c
commit 41a25cb6b8
3 changed files with 29 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
NEWS
View File

@ -14,6 +14,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
1.3.2, unknown release date, may be dropped 1.3.2, unknown release date, may be dropped
(security/bugfix/minor feature release) (security/bugfix/minor feature release)
- printDefinition.php: added labels, added better clarification
1.3.1, released 2006-12-06 1.3.1, released 2006-12-06
! Added HTMLPurifier.func.php stub for a convenient function to call the library ! Added HTMLPurifier.func.php stub for a convenient function to call the library

6
TODO
View File

@ -85,6 +85,12 @@ Requested
contents should be dropped or not (currently, there's code that could do contents should be dropped or not (currently, there's code that could do
something like this if it didn't drop the inner text too.) something like this if it didn't drop the inner text too.)
- Accept array input, by iterating and purifying all of the items - Accept array input, by iterating and purifying all of the items
- More user-friendly warnings when %HTML.Allow* attempts to specify a
tag or attribute that is not supported
- Allow specifying global attributes on a tag-by-tag basis in
%HTML.AllowAttributes
- Parse TinyMCE whitelist into our %HTML.Allow whitelists
- XSS-attempt detection
Wontfix Wontfix
- Non-lossy smart alternate character encoding transformations (unless - Non-lossy smart alternate character encoding transformations (unless

25
smoketests/printDefinition.php
View File

@ -36,6 +36,7 @@ echo '<?xml version="1.0" encoding="UTF-8" ?>';
<style type="text/css"> <style type="text/css">
form table {margin:1em auto;} form table {margin:1em auto;}
form th {text-align:right;padding-right:1em;} form th {text-align:right;padding-right:1em;}
form .c {display:none;}
.HTMLPurifier_Printer table {border-collapse:collapse; .HTMLPurifier_Printer table {border-collapse:collapse;
border:1px solid #000; width:600px; border:1px solid #000; width:600px;
margin:1em auto;font-family:sans-serif;font-size:75%;} margin:1em auto;font-family:sans-serif;font-size:75%;}
@ -62,11 +63,9 @@ influences the internal workings of the definition objects.</p>
<p>You can specify an array by typing in a comma-separated <p>You can specify an array by typing in a comma-separated
list of items, HTML Purifier will take care of the rest (including list of items, HTML Purifier will take care of the rest (including
transformation into a real array list or a lookup table). If a transformation into a real array list or a lookup table).</p>
directive can be set to null, that usually means that the feature
is disabled when it is null (not that, say, no tags are allowed).</p>
<form id="edit-config" method="get" action="printDefinition.php"> <form id="edit-config" name="edit-config" method="get" action="printDefinition.php">
<table> <table>
<?php <?php
$directives = $config->getBatch('HTML'); $directives = $config->getBatch('HTML');
@ -91,27 +90,31 @@ is disabled when it is null (not that, say, no tags are allowed).</p>
<tr> <tr>
<th> <th>
<a href="http://hp.jpsband.org/live/configdoc/plain.html#<?php echo $directive ?>"> <a href="http://hp.jpsband.org/live/configdoc/plain.html#<?php echo $directive ?>">
%<?php echo $directive; ?> <label for="<?php echo $directive; ?>">%<?php echo $directive; ?></label>
</a> </a>
</th> </th>
<td> <td>
<?php if (is_bool($value)) { ?> <?php if (is_bool($value)) { ?>
Yes <input type="radio" name="<?php echo $directive; ?>" value="1"<?php if ($value) { ?> checked="checked"<?php } ?> /> &nbsp; <label for="Yes_<?php echo $directive; ?>"><span class="c">%<?php echo $directive; ?>:</span> Yes</label>
No <input type="radio" name="<?php echo $directive; ?>" value="0"<?php if (!$value) { ?> checked="checked"<?php } ?> /> <input type="radio" name="<?php echo $directive; ?>" id="Yes_<?php echo $directive; ?>" value="1"<?php if ($value) { ?> checked="checked"<?php } ?> /> &nbsp;
<label for="No_<?php echo $directive; ?>"><span class="c">%<?php echo $directive; ?>:</span> No</label>
<input type="radio" name="<?php echo $directive; ?>" id="No_<?php echo $directive; ?>" value="0"<?php if (!$value) { ?> checked="checked"<?php } ?> />
<?php } else { ?> <?php } else { ?>
<?php if($allow_null) { ?> <?php if($allow_null) { ?>
Null/Disabled <input <label for="Null_<?php echo $directive; ?>"><span class="c">%<?php echo $directive; ?>:</span> Null/Disabled*</label>
<input
type="checkbox" type="checkbox"
value="1" value="1"
onclick="toggleWriteability('<?php echo $directive ?>',checked)" onclick="toggleWriteability('<?php echo $directive ?>',checked)"
name="Null_<?php echo $directive; ?>" name="Null_<?php echo $directive; ?>"
id="Null_<?php echo $directive; ?>"
<?php if ($value === null) { ?> checked="checked"<?php } ?> <?php if ($value === null) { ?> checked="checked"<?php } ?>
/> or <br /> /> or <br />
<?php } ?> <?php } ?>
<input <input
type="text" type="text"
id="<?php echo $directive; ?>"
name="<?php echo $directive; ?>" name="<?php echo $directive; ?>"
id="<?php echo $directive; ?>"
value="<?php echo escapeHTML($value); ?>" value="<?php echo escapeHTML($value); ?>"
<?php if($value === null) {echo 'disabled="disabled"';} ?> <?php if($value === null) {echo 'disabled="disabled"';} ?>
/> />
@ -128,6 +131,10 @@ is disabled when it is null (not that, say, no tags are allowed).</p>
</td> </td>
</tr> </tr>
</table> </table>
<p>* Some configuration directives make a distinction between an empty
variable and a null variable. A whitelist, for example, will take an
empty array as meaning <em>no</em> allowed elements, while checking
Null/Disabled will mean that user whitelisting functionality is disabled.</p>
</form> </form>
<h2>HTMLDefinition</h2> <h2>HTMLDefinition</h2>
<?php echo $printer_html_definition->render($config) ?> <?php echo $printer_html_definition->render($config) ?>