mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-22 08:21:52 +00:00
Convert to PHP 5 only codebase, adding visibility modifiers to all members and methods in the main library area (function only for test methods)
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1458 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
85a23bacb6
commit
43f01925cd
11
INSTALL
11
INSTALL
@ -14,11 +14,12 @@ basic sanity checks to get the most out of this library.
|
|||||||
---------------------------------------------------------------------------
|
---------------------------------------------------------------------------
|
||||||
1. Compatibility
|
1. Compatibility
|
||||||
|
|
||||||
HTML Purifier works in both PHP 4 and PHP 5, and is actively tested from
|
HTML Purifier is PHP 5 only, and is actively tested from PHP 5.0.0 and
|
||||||
PHP 4.3.7 and up (see tests/multitest.php for specific versions). It has
|
up (see tests/multitest.php for the specific versions that are being
|
||||||
no core dependencies with other libraries. PHP 4 support will be
|
actively tested). It has no core dependencies with other libraries. PHP
|
||||||
deprecated on December 31, 2007, at which time only essential security
|
4 support was deprecated on December 31, 2007 with HTML Purifier 3.0.0.
|
||||||
fixes will be issued for the PHP 4 version until August 8, 2008.
|
Essential security fixes will be issued for the 2.1.x branch until
|
||||||
|
August 8, 2008.
|
||||||
|
|
||||||
These optional extensions can enhance the capabilities of HTML Purifier:
|
These optional extensions can enhance the capabilities of HTML Purifier:
|
||||||
|
|
||||||
|
@ -17,7 +17,7 @@ ce document pour quelques choses.
|
|||||||
|
|
||||||
1. Compatibilité
|
1. Compatibilité
|
||||||
|
|
||||||
HTML Purifier fonctionne dans PHP 4 et PHP 5. PHP 4.3.2 est le dernier
|
HTML Purifier fonctionne dans PHP 5. PHP 5.0.0 est le dernier
|
||||||
version que je le testais. Il ne dépend de les autre librairies.
|
version que je le testais. Il ne dépend de les autre librairies.
|
||||||
|
|
||||||
Les extensions optionnel est iconv (en général déjà installer) et
|
Les extensions optionnel est iconv (en général déjà installer) et
|
||||||
|
6
NEWS
6
NEWS
@ -9,6 +9,12 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
|||||||
. Internal change
|
. Internal change
|
||||||
==========================
|
==========================
|
||||||
|
|
||||||
|
3.0.0, unknown release date
|
||||||
|
# HTML Purifier is PHP 5 only! The 2.1.x branch will be maintained
|
||||||
|
until PHP 4 is completely deprecated, but no new features will be added
|
||||||
|
to it.
|
||||||
|
+ Visibility declarations added
|
||||||
|
|
||||||
2.1.3, released 2007-11-05
|
2.1.3, released 2007-11-05
|
||||||
! tests/multitest.php allows you to test multiple versions by running
|
! tests/multitest.php allows you to test multiple versions by running
|
||||||
tests/index.php through multiple interpreters using `phpv` shell
|
tests/index.php through multiple interpreters using `phpv` shell
|
||||||
|
10
TODO
10
TODO
@ -11,11 +11,11 @@ If no interest is expressed for a feature that may required a considerable
|
|||||||
amount of effort to implement, it may get endlessly delayed. Do not be
|
amount of effort to implement, it may get endlessly delayed. Do not be
|
||||||
afraid to cast your vote for the next feature to be implemented!
|
afraid to cast your vote for the next feature to be implemented!
|
||||||
|
|
||||||
2.2 release [Error'ed]
|
3.1 release [Error'ed]
|
||||||
# Error logging for filtering/cleanup procedures
|
# Error logging for filtering/cleanup procedures
|
||||||
- XSS-attempt detection
|
- XSS-attempt detection
|
||||||
|
|
||||||
2.3 release [Do What I Mean, Not What I Say]
|
3.2 release [Do What I Mean, Not What I Say]
|
||||||
# Additional support for poorly written HTML
|
# Additional support for poorly written HTML
|
||||||
- Microsoft Word HTML cleaning (i.e. MsoNormal, but research essential!)
|
- Microsoft Word HTML cleaning (i.e. MsoNormal, but research essential!)
|
||||||
- Friendly strict handling of <address> (block -> <br>)
|
- Friendly strict handling of <address> (block -> <br>)
|
||||||
@ -31,13 +31,13 @@ afraid to cast your vote for the next feature to be implemented!
|
|||||||
dupe detector would also need to detect the suffix as well)
|
dupe detector would also need to detect the suffix as well)
|
||||||
- Externalize inline CSS to promote clean HTML
|
- Externalize inline CSS to promote clean HTML
|
||||||
|
|
||||||
2.4 release [It's All About Trust] (floating)
|
3.3 release [It's All About Trust] (floating)
|
||||||
# Implement untrusted, dangerous elements/attributes
|
# Implement untrusted, dangerous elements/attributes
|
||||||
# Implement IDREF support (harder than it seems, since you cannot have
|
# Implement IDREF support (harder than it seems, since you cannot have
|
||||||
IDREFs to non-existent IDs)
|
IDREFs to non-existent IDs)
|
||||||
# Frameset XHTML 1.0 and HTML 4.01 doctypes
|
# Frameset XHTML 1.0 and HTML 4.01 doctypes
|
||||||
|
|
||||||
3.0 release [Beyond HTML]
|
4.0 release [Beyond HTML]
|
||||||
# Legit token based CSS parsing (will require revamping almost every
|
# Legit token based CSS parsing (will require revamping almost every
|
||||||
AttrDef class). Probably will use CSSTidy class
|
AttrDef class). Probably will use CSSTidy class
|
||||||
# More control over allowed CSS properties (maybe modularize it in the
|
# More control over allowed CSS properties (maybe modularize it in the
|
||||||
@ -48,7 +48,7 @@ afraid to cast your vote for the next feature to be implemented!
|
|||||||
- Convert RTL/LTR override characters to <bdo> tags, or vice versa on demand.
|
- Convert RTL/LTR override characters to <bdo> tags, or vice versa on demand.
|
||||||
Also, enable disabling of directionality
|
Also, enable disabling of directionality
|
||||||
|
|
||||||
4.0 release [To XML and Beyond]
|
5.0 release [To XML and Beyond]
|
||||||
- Extended HTML capabilities based on namespacing and tag transforms (COMPLEX)
|
- Extended HTML capabilities based on namespacing and tag transforms (COMPLEX)
|
||||||
- Hooks for adding custom processors to custom namespaced tags and
|
- Hooks for adding custom processors to custom namespaced tags and
|
||||||
attributes, offer default implementation
|
attributes, offer default implementation
|
||||||
|
@ -4,10 +4,21 @@ require_once 'ConfigDoc/HTMLXSLTProcessor.php';
|
|||||||
require_once 'ConfigDoc/XMLSerializer/Types.php';
|
require_once 'ConfigDoc/XMLSerializer/Types.php';
|
||||||
require_once 'ConfigDoc/XMLSerializer/ConfigSchema.php';
|
require_once 'ConfigDoc/XMLSerializer/ConfigSchema.php';
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Facade class for configuration documentation system
|
||||||
|
*/
|
||||||
class ConfigDoc
|
class ConfigDoc
|
||||||
{
|
{
|
||||||
|
|
||||||
function generate($schema, $xsl_stylesheet_name = 'plain', $parameters = array()) {
|
/**
|
||||||
|
* Generates configuration documentation based on a HTMLPurifier_ConfigSchema
|
||||||
|
* object and styleshet name
|
||||||
|
* @param $schema Instance of HTMLPurifier_ConfigSchema to document
|
||||||
|
* @param $xsl_stylesheet_name Name of XSL stylesheet in ../styles/ directory to use
|
||||||
|
* @param $parameters Extra parameters to pass to the stylesheet
|
||||||
|
* @return string HTML output
|
||||||
|
*/
|
||||||
|
public function generate($schema, $xsl_stylesheet_name = 'plain', $parameters = array()) {
|
||||||
// generate types document, describing type constraints
|
// generate types document, describing type constraints
|
||||||
$types_serializer = new ConfigDoc_XMLSerializer_Types();
|
$types_serializer = new ConfigDoc_XMLSerializer_Types();
|
||||||
$types_document = $types_serializer->serialize($schema);
|
$types_document = $types_serializer->serialize($schema);
|
||||||
@ -29,9 +40,10 @@ class ConfigDoc
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Remove any generated files
|
* Remove any generated files
|
||||||
|
* @return boolean Success?
|
||||||
*/
|
*/
|
||||||
function cleanup() {
|
public function cleanup() {
|
||||||
unlink('configdoc.xml');
|
return unlink('configdoc.xml');
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -1,12 +1,15 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Special XSLTProcessor specifically for HTML documents. Loosely
|
* Special XSLT processor specifically for HTML documents. Loosely
|
||||||
* based off of XSLTProcessor, but not really
|
* based off of XSLTProcessor, but does not inherit from that class
|
||||||
*/
|
*/
|
||||||
class ConfigDoc_HTMLXSLTProcessor
|
class ConfigDoc_HTMLXSLTProcessor
|
||||||
{
|
{
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Instance of XSLTProcessor
|
||||||
|
*/
|
||||||
protected $xsltProcessor;
|
protected $xsltProcessor;
|
||||||
|
|
||||||
public function __construct() {
|
public function __construct() {
|
||||||
@ -16,6 +19,7 @@ class ConfigDoc_HTMLXSLTProcessor
|
|||||||
/**
|
/**
|
||||||
* Imports stylesheet for processor to use
|
* Imports stylesheet for processor to use
|
||||||
* @param $xsl XSLT DOM tree, or filename of the XSL transformation
|
* @param $xsl XSLT DOM tree, or filename of the XSL transformation
|
||||||
|
* @return bool Success?
|
||||||
*/
|
*/
|
||||||
public function importStylesheet($xsl) {
|
public function importStylesheet($xsl) {
|
||||||
if (is_string($xsl)) {
|
if (is_string($xsl)) {
|
||||||
@ -27,16 +31,20 @@ class ConfigDoc_HTMLXSLTProcessor
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Transforms an XML file into HTML based on the stylesheet
|
* Transforms an XML file into compatible XHTML based on the stylesheet
|
||||||
* @param $xml XML DOM tree
|
* @param $xml XML DOM tree
|
||||||
|
* @return string HTML output
|
||||||
|
* @todo Rename to transformToXHTML, as transformToHTML is misleading
|
||||||
*/
|
*/
|
||||||
public function transformToHTML($xml) {
|
public function transformToHTML($xml) {
|
||||||
$out = $this->xsltProcessor->transformToXML($xml);
|
$out = $this->xsltProcessor->transformToXML($xml);
|
||||||
|
|
||||||
// fudges for HTML backwards compatibility
|
// fudges for HTML backwards compatibility
|
||||||
|
// assumes that document is XHTML
|
||||||
$out = str_replace('/>', ' />', $out); // <br /> not <br/>
|
$out = str_replace('/>', ' />', $out); // <br /> not <br/>
|
||||||
$out = str_replace(' xmlns=""', '', $out); // rm unnecessary xmlns
|
$out = str_replace(' xmlns=""', '', $out); // rm unnecessary xmlns
|
||||||
$out = str_replace(' xmlns="http://www.w3.org/1999/xhtml"', '', $out); // rm unnecessary xmlns
|
$out = str_replace(' xmlns="http://www.w3.org/1999/xhtml"', '', $out); // rm unnecessary xmlns
|
||||||
|
|
||||||
if (class_exists('Tidy')) {
|
if (class_exists('Tidy')) {
|
||||||
// cleanup output
|
// cleanup output
|
||||||
$config = array(
|
$config = array(
|
||||||
@ -49,9 +57,14 @@ class ConfigDoc_HTMLXSLTProcessor
|
|||||||
$tidy->cleanRepair();
|
$tidy->cleanRepair();
|
||||||
$out = (string) $tidy;
|
$out = (string) $tidy;
|
||||||
}
|
}
|
||||||
|
|
||||||
return $out;
|
return $out;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Bulk sets parameters for the XSL stylesheet
|
||||||
|
* @param array $options Associative array of options to set
|
||||||
|
*/
|
||||||
public function setParameters($options) {
|
public function setParameters($options) {
|
||||||
foreach ($options as $name => $value) {
|
foreach ($options as $name => $value) {
|
||||||
$this->xsltProcessor->setParameter('', $name, $value);
|
$this->xsltProcessor->setParameter('', $name, $value);
|
||||||
|
@ -8,16 +8,22 @@
|
|||||||
class ConfigDoc_XMLSerializer
|
class ConfigDoc_XMLSerializer
|
||||||
{
|
{
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Appends a div containing HTML into a node
|
||||||
|
* @param $document Base document node belongs to
|
||||||
|
* @param $node Node to append to
|
||||||
|
* @param $html HTML to place inside div to append
|
||||||
|
* @todo Place this directly in DOMNode, using registerNodeClass to
|
||||||
|
* override.
|
||||||
|
*/
|
||||||
protected function appendHTMLDiv($document, $node, $html) {
|
protected function appendHTMLDiv($document, $node, $html) {
|
||||||
$purifier = HTMLPurifier::getInstance();
|
$purifier = HTMLPurifier::getInstance();
|
||||||
$html = $purifier->purify($html);
|
$html = $purifier->purify($html);
|
||||||
$dom_html = $document->createDocumentFragment();
|
$dom_html = $document->createDocumentFragment();
|
||||||
$dom_html->appendXML($html);
|
$dom_html->appendXML($html);
|
||||||
|
|
||||||
$dom_div = $document->createElement('div');
|
$dom_div = $document->createElement('div');
|
||||||
$dom_div->setAttribute('xmlns', 'http://www.w3.org/1999/xhtml');
|
$dom_div->setAttribute('xmlns', 'http://www.w3.org/1999/xhtml');
|
||||||
$dom_div->appendChild($dom_html);
|
$dom_div->appendChild($dom_html);
|
||||||
|
|
||||||
$node->appendChild($dom_div);
|
$node->appendChild($dom_div);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -9,6 +9,7 @@ class ConfigDoc_XMLSerializer_ConfigSchema extends ConfigDoc_XMLSerializer
|
|||||||
* Serializes a schema into DOM form
|
* Serializes a schema into DOM form
|
||||||
* @todo Split into sub-serializers
|
* @todo Split into sub-serializers
|
||||||
* @param $schema HTMLPurifier_ConfigSchema to serialize
|
* @param $schema HTMLPurifier_ConfigSchema to serialize
|
||||||
|
* @return DOMDocument representation of schema
|
||||||
*/
|
*/
|
||||||
public function serialize($schema) {
|
public function serialize($schema) {
|
||||||
$dom_document = new DOMDocument('1.0', 'UTF-8');
|
$dom_document = new DOMDocument('1.0', 'UTF-8');
|
||||||
|
@ -8,6 +8,7 @@ class ConfigDoc_XMLSerializer_Types extends ConfigDoc_XMLSerializer
|
|||||||
/**
|
/**
|
||||||
* Serializes the types in a schema into DOM form
|
* Serializes the types in a schema into DOM form
|
||||||
* @param $schema HTMLPurifier_ConfigSchema owner of types to serialize
|
* @param $schema HTMLPurifier_ConfigSchema owner of types to serialize
|
||||||
|
* @return DOMDocument representing schema types
|
||||||
*/
|
*/
|
||||||
public function serialize($schema) {
|
public function serialize($schema) {
|
||||||
$types_document = new DOMDocument('1.0', 'UTF-8');
|
$types_document = new DOMDocument('1.0', 'UTF-8');
|
||||||
|
@ -83,19 +83,19 @@ since 2.0.0.
|
|||||||
class HTMLPurifier
|
class HTMLPurifier
|
||||||
{
|
{
|
||||||
|
|
||||||
var $version = '2.1.3';
|
public $version = '2.1.3';
|
||||||
|
|
||||||
var $config;
|
public $config;
|
||||||
var $filters = array();
|
public $filters = array();
|
||||||
|
|
||||||
var $strategy, $generator;
|
protected $strategy, $generator;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Resultant HTMLPurifier_Context of last run purification. Is an array
|
* Resultant HTMLPurifier_Context of last run purification. Is an array
|
||||||
* of contexts if the last called method was purifyArray().
|
* of contexts if the last called method was purifyArray().
|
||||||
* @public
|
* @public
|
||||||
*/
|
*/
|
||||||
var $context;
|
public $context;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initializes the purifier.
|
* Initializes the purifier.
|
||||||
@ -105,7 +105,7 @@ class HTMLPurifier
|
|||||||
* The parameter can also be any type that
|
* The parameter can also be any type that
|
||||||
* HTMLPurifier_Config::create() supports.
|
* HTMLPurifier_Config::create() supports.
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier($config = null) {
|
public function HTMLPurifier($config = null) {
|
||||||
|
|
||||||
$this->config = HTMLPurifier_Config::create($config);
|
$this->config = HTMLPurifier_Config::create($config);
|
||||||
|
|
||||||
@ -118,7 +118,7 @@ class HTMLPurifier
|
|||||||
* Adds a filter to process the output. First come first serve
|
* Adds a filter to process the output. First come first serve
|
||||||
* @param $filter HTMLPurifier_Filter object
|
* @param $filter HTMLPurifier_Filter object
|
||||||
*/
|
*/
|
||||||
function addFilter($filter) {
|
public function addFilter($filter) {
|
||||||
$this->filters[] = $filter;
|
$this->filters[] = $filter;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -132,7 +132,7 @@ class HTMLPurifier
|
|||||||
* that HTMLPurifier_Config::create() supports.
|
* that HTMLPurifier_Config::create() supports.
|
||||||
* @return Purified HTML
|
* @return Purified HTML
|
||||||
*/
|
*/
|
||||||
function purify($html, $config = null) {
|
public function purify($html, $config = null) {
|
||||||
|
|
||||||
$config = $config ? HTMLPurifier_Config::create($config) : $this->config;
|
$config = $config ? HTMLPurifier_Config::create($config) : $this->config;
|
||||||
|
|
||||||
@ -198,7 +198,7 @@ class HTMLPurifier
|
|||||||
* See HTMLPurifier::purify() for more details.
|
* See HTMLPurifier::purify() for more details.
|
||||||
* @return Array of purified HTML
|
* @return Array of purified HTML
|
||||||
*/
|
*/
|
||||||
function purifyArray($array_of_html, $config = null) {
|
public function purifyArray($array_of_html, $config = null) {
|
||||||
$context_array = array();
|
$context_array = array();
|
||||||
foreach ($array_of_html as $key => $html) {
|
foreach ($array_of_html as $key => $html) {
|
||||||
$array_of_html[$key] = $this->purify($html, $config);
|
$array_of_html[$key] = $this->purify($html, $config);
|
||||||
@ -213,10 +213,10 @@ class HTMLPurifier
|
|||||||
* @param $prototype Optional prototype HTMLPurifier instance to
|
* @param $prototype Optional prototype HTMLPurifier instance to
|
||||||
* overload singleton with.
|
* overload singleton with.
|
||||||
*/
|
*/
|
||||||
function &getInstance($prototype = null) {
|
public static function &getInstance($prototype = null) {
|
||||||
static $htmlpurifier;
|
static $htmlpurifier;
|
||||||
if (!$htmlpurifier || $prototype) {
|
if (!$htmlpurifier || $prototype) {
|
||||||
if (is_a($prototype, 'HTMLPurifier')) {
|
if ($prototype instanceof HTMLPurifier) {
|
||||||
$htmlpurifier = $prototype;
|
$htmlpurifier = $prototype;
|
||||||
} elseif ($prototype) {
|
} elseif ($prototype) {
|
||||||
$htmlpurifier = new HTMLPurifier($prototype);
|
$htmlpurifier = new HTMLPurifier($prototype);
|
||||||
|
@ -12,7 +12,7 @@ class HTMLPurifier_AttrCollections
|
|||||||
/**
|
/**
|
||||||
* Associative array of attribute collections, indexed by name
|
* Associative array of attribute collections, indexed by name
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
public $info = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Performs all expansions on internal data for use by other inclusions
|
* Performs all expansions on internal data for use by other inclusions
|
||||||
@ -21,7 +21,7 @@ class HTMLPurifier_AttrCollections
|
|||||||
* @param $attr_types HTMLPurifier_AttrTypes instance
|
* @param $attr_types HTMLPurifier_AttrTypes instance
|
||||||
* @param $modules Hash array of HTMLPurifier_HTMLModule members
|
* @param $modules Hash array of HTMLPurifier_HTMLModule members
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrCollections($attr_types, $modules) {
|
public function HTMLPurifier_AttrCollections($attr_types, $modules) {
|
||||||
// load extensions from the modules
|
// load extensions from the modules
|
||||||
foreach ($modules as $module) {
|
foreach ($modules as $module) {
|
||||||
foreach ($module->attr_collections as $coll_i => $coll) {
|
foreach ($module->attr_collections as $coll_i => $coll) {
|
||||||
@ -53,7 +53,7 @@ class HTMLPurifier_AttrCollections
|
|||||||
* all inclusions specified by the zero index.
|
* all inclusions specified by the zero index.
|
||||||
* @param &$attr Reference to attribute array
|
* @param &$attr Reference to attribute array
|
||||||
*/
|
*/
|
||||||
function performInclusions(&$attr) {
|
public function performInclusions(&$attr) {
|
||||||
if (!isset($attr[0])) return;
|
if (!isset($attr[0])) return;
|
||||||
$merge = $attr[0];
|
$merge = $attr[0];
|
||||||
$seen = array(); // recursion guard
|
$seen = array(); // recursion guard
|
||||||
@ -81,7 +81,7 @@ class HTMLPurifier_AttrCollections
|
|||||||
* @param &$attr Reference to attribute array
|
* @param &$attr Reference to attribute array
|
||||||
* @param $attr_types HTMLPurifier_AttrTypes instance
|
* @param $attr_types HTMLPurifier_AttrTypes instance
|
||||||
*/
|
*/
|
||||||
function expandIdentifiers(&$attr, $attr_types) {
|
public function expandIdentifiers(&$attr, $attr_types) {
|
||||||
|
|
||||||
// because foreach will process new elements we add, make sure we
|
// because foreach will process new elements we add, make sure we
|
||||||
// skip duplicates
|
// skip duplicates
|
||||||
|
@ -10,32 +10,29 @@
|
|||||||
* subclasses are also responsible for cleaning the code if possible.
|
* subclasses are also responsible for cleaning the code if possible.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
class HTMLPurifier_AttrDef
|
abstract class HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tells us whether or not an HTML attribute is minimized. Has no
|
* Tells us whether or not an HTML attribute is minimized. Has no
|
||||||
* meaning in other contexts.
|
* meaning in other contexts.
|
||||||
*/
|
*/
|
||||||
var $minimized = false;
|
public $minimized = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Tells us whether or not an HTML attribute is required. Has no
|
* Tells us whether or not an HTML attribute is required. Has no
|
||||||
* meaning in other contexts
|
* meaning in other contexts
|
||||||
*/
|
*/
|
||||||
var $required = false;
|
public $required = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Validates and cleans passed string according to a definition.
|
* Validates and cleans passed string according to a definition.
|
||||||
*
|
*
|
||||||
* @public
|
|
||||||
* @param $string String to be validated and cleaned.
|
* @param $string String to be validated and cleaned.
|
||||||
* @param $config Mandatory HTMLPurifier_Config object.
|
* @param $config Mandatory HTMLPurifier_Config object.
|
||||||
* @param $context Mandatory HTMLPurifier_AttrContext object.
|
* @param $context Mandatory HTMLPurifier_AttrContext object.
|
||||||
*/
|
*/
|
||||||
function validate($string, $config, &$context) {
|
abstract public function validate($string, $config, &$context);
|
||||||
trigger_error('Cannot call abstract function', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Convenience method that parses a string as if it were CDATA.
|
* Convenience method that parses a string as if it were CDATA.
|
||||||
@ -59,10 +56,8 @@ class HTMLPurifier_AttrDef
|
|||||||
* function. Trim and whitespace collapsing are supposed to only
|
* function. Trim and whitespace collapsing are supposed to only
|
||||||
* occur in NMTOKENs. However, note that we are NOT necessarily
|
* occur in NMTOKENs. However, note that we are NOT necessarily
|
||||||
* parsing XML, thus, this behavior may still be correct.
|
* parsing XML, thus, this behavior may still be correct.
|
||||||
*
|
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
function parseCDATA($string) {
|
public function parseCDATA($string) {
|
||||||
$string = trim($string);
|
$string = trim($string);
|
||||||
$string = str_replace("\n", '', $string);
|
$string = str_replace("\n", '', $string);
|
||||||
$string = str_replace(array("\r", "\t"), ' ', $string);
|
$string = str_replace(array("\r", "\t"), ' ', $string);
|
||||||
@ -73,9 +68,8 @@ class HTMLPurifier_AttrDef
|
|||||||
* Factory method for creating this class from a string.
|
* Factory method for creating this class from a string.
|
||||||
* @param $string String construction info
|
* @param $string String construction info
|
||||||
* @return Created AttrDef object corresponding to $string
|
* @return Created AttrDef object corresponding to $string
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
function make($string) {
|
public function make($string) {
|
||||||
// default implementation, return flyweight of this object
|
// default implementation, return flyweight of this object
|
||||||
// if overloaded, it is *necessary* for you to clone the
|
// if overloaded, it is *necessary* for you to clone the
|
||||||
// object (usually by instantiating a new copy) and return that
|
// object (usually by instantiating a new copy) and return that
|
||||||
|
@ -17,7 +17,7 @@ require_once 'HTMLPurifier/CSSDefinition.php';
|
|||||||
class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($css, $config, &$context) {
|
public function validate($css, $config, &$context) {
|
||||||
|
|
||||||
$css = $this->parseCDATA($css);
|
$css = $this->parseCDATA($css);
|
||||||
|
|
||||||
|
@ -14,9 +14,9 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
|
|||||||
* Local copy of component validators.
|
* Local copy of component validators.
|
||||||
* @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.
|
* @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.
|
||||||
*/
|
*/
|
||||||
var $info;
|
protected $info;
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_CSS_Background($config) {
|
public function HTMLPurifier_AttrDef_CSS_Background($config) {
|
||||||
$def = $config->getCSSDefinition();
|
$def = $config->getCSSDefinition();
|
||||||
$this->info['background-color'] = $def->info['background-color'];
|
$this->info['background-color'] = $def->info['background-color'];
|
||||||
$this->info['background-image'] = $def->info['background-image'];
|
$this->info['background-image'] = $def->info['background-image'];
|
||||||
@ -25,7 +25,7 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
|
|||||||
$this->info['background-position'] = $def->info['background-position'];
|
$this->info['background-position'] = $def->info['background-position'];
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
// regular pre-processing
|
// regular pre-processing
|
||||||
$string = $this->parseCDATA($string);
|
$string = $this->parseCDATA($string);
|
||||||
|
@ -48,15 +48,15 @@ require_once 'HTMLPurifier/AttrDef/CSS/Percentage.php';
|
|||||||
class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
var $length;
|
protected $length;
|
||||||
var $percentage;
|
protected $percentage;
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_CSS_BackgroundPosition() {
|
public function HTMLPurifier_AttrDef_CSS_BackgroundPosition() {
|
||||||
$this->length = new HTMLPurifier_AttrDef_CSS_Length();
|
$this->length = new HTMLPurifier_AttrDef_CSS_Length();
|
||||||
$this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage();
|
$this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage();
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
$string = $this->parseCDATA($string);
|
$string = $this->parseCDATA($string);
|
||||||
$bits = explode(' ', $string);
|
$bits = explode(' ', $string);
|
||||||
|
|
||||||
|
@ -11,16 +11,16 @@ class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef
|
|||||||
/**
|
/**
|
||||||
* Local copy of properties this property is shorthand for.
|
* Local copy of properties this property is shorthand for.
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
protected $info = array();
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_CSS_Border($config) {
|
public function HTMLPurifier_AttrDef_CSS_Border($config) {
|
||||||
$def = $config->getCSSDefinition();
|
$def = $config->getCSSDefinition();
|
||||||
$this->info['border-width'] = $def->info['border-width'];
|
$this->info['border-width'] = $def->info['border-width'];
|
||||||
$this->info['border-style'] = $def->info['border-style'];
|
$this->info['border-style'] = $def->info['border-style'];
|
||||||
$this->info['border-top-color'] = $def->info['border-top-color'];
|
$this->info['border-top-color'] = $def->info['border-top-color'];
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
$string = $this->parseCDATA($string);
|
$string = $this->parseCDATA($string);
|
||||||
// we specifically will not support rgb() syntax with spaces
|
// we specifically will not support rgb() syntax with spaces
|
||||||
$bits = explode(' ', $string);
|
$bits = explode(' ', $string);
|
||||||
|
@ -33,7 +33,7 @@ This directive has been available since 2.0.0.
|
|||||||
class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($color, $config, &$context) {
|
public function validate($color, $config, &$context) {
|
||||||
|
|
||||||
static $colors = null;
|
static $colors = null;
|
||||||
if ($colors === null) $colors = $config->get('Core', 'ColorKeywords');
|
if ($colors === null) $colors = $config->get('Core', 'ColorKeywords');
|
||||||
|
@ -14,18 +14,18 @@ class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* List of HTMLPurifier_AttrDef objects that may process strings
|
* List of HTMLPurifier_AttrDef objects that may process strings
|
||||||
* @protected
|
* @todo Make protected
|
||||||
*/
|
*/
|
||||||
var $defs;
|
public $defs;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $defs List of HTMLPurifier_AttrDef objects
|
* @param $defs List of HTMLPurifier_AttrDef objects
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrDef_CSS_Composite($defs) {
|
public function HTMLPurifier_AttrDef_CSS_Composite($defs) {
|
||||||
$this->defs = $defs;
|
$this->defs = $defs;
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
foreach ($this->defs as $i => $def) {
|
foreach ($this->defs as $i => $def) {
|
||||||
$result = $this->defs[$i]->validate($string, $config, $context);
|
$result = $this->defs[$i]->validate($string, $config, $context);
|
||||||
if ($result !== false) return $result;
|
if ($result !== false) return $result;
|
||||||
|
@ -16,9 +16,9 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
|
|||||||
* CSSDefinition, this wouldn't be necessary. We'd instantiate
|
* CSSDefinition, this wouldn't be necessary. We'd instantiate
|
||||||
* our own copies.
|
* our own copies.
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
protected $info = array();
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_CSS_Font($config) {
|
public function HTMLPurifier_AttrDef_CSS_Font($config) {
|
||||||
$def = $config->getCSSDefinition();
|
$def = $config->getCSSDefinition();
|
||||||
$this->info['font-style'] = $def->info['font-style'];
|
$this->info['font-style'] = $def->info['font-style'];
|
||||||
$this->info['font-variant'] = $def->info['font-variant'];
|
$this->info['font-variant'] = $def->info['font-variant'];
|
||||||
@ -28,7 +28,7 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
|
|||||||
$this->info['font-family'] = $def->info['font-family'];
|
$this->info['font-family'] = $def->info['font-family'];
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
static $system_fonts = array(
|
static $system_fonts = array(
|
||||||
'caption' => true,
|
'caption' => true,
|
||||||
|
@ -10,7 +10,7 @@ require_once 'HTMLPurifier/AttrDef.php';
|
|||||||
class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
static $generic_names = array(
|
static $generic_names = array(
|
||||||
'serif' => true,
|
'serif' => true,
|
||||||
'sans-serif' => true,
|
'sans-serif' => true,
|
||||||
|
@ -14,22 +14,22 @@ class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef
|
|||||||
* @warning The code assumes all units are two characters long. Be careful
|
* @warning The code assumes all units are two characters long. Be careful
|
||||||
* if we have to change this behavior!
|
* if we have to change this behavior!
|
||||||
*/
|
*/
|
||||||
var $units = array('em' => true, 'ex' => true, 'px' => true, 'in' => true,
|
protected $units = array('em' => true, 'ex' => true, 'px' => true, 'in' => true,
|
||||||
'cm' => true, 'mm' => true, 'pt' => true, 'pc' => true);
|
'cm' => true, 'mm' => true, 'pt' => true, 'pc' => true);
|
||||||
/**
|
/**
|
||||||
* Instance of HTMLPurifier_AttrDef_Number to defer number validation to
|
* Instance of HTMLPurifier_AttrDef_Number to defer number validation to
|
||||||
*/
|
*/
|
||||||
var $number_def;
|
protected $number_def;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $non_negative Bool indication whether or not negative values are
|
* @param $non_negative Bool indication whether or not negative values are
|
||||||
* allowed.
|
* allowed.
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrDef_CSS_Length($non_negative = false) {
|
public function HTMLPurifier_AttrDef_CSS_Length($non_negative = false) {
|
||||||
$this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
|
$this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($length, $config, &$context) {
|
public function validate($length, $config, &$context) {
|
||||||
|
|
||||||
$length = $this->parseCDATA($length);
|
$length = $this->parseCDATA($length);
|
||||||
if ($length === '') return false;
|
if ($length === '') return false;
|
||||||
|
@ -13,16 +13,16 @@ class HTMLPurifier_AttrDef_CSS_ListStyle extends HTMLPurifier_AttrDef
|
|||||||
* Local copy of component validators.
|
* Local copy of component validators.
|
||||||
* @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl.
|
* @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl.
|
||||||
*/
|
*/
|
||||||
var $info;
|
protected $info;
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_CSS_ListStyle($config) {
|
public function HTMLPurifier_AttrDef_CSS_ListStyle($config) {
|
||||||
$def = $config->getCSSDefinition();
|
$def = $config->getCSSDefinition();
|
||||||
$this->info['list-style-type'] = $def->info['list-style-type'];
|
$this->info['list-style-type'] = $def->info['list-style-type'];
|
||||||
$this->info['list-style-position'] = $def->info['list-style-position'];
|
$this->info['list-style-position'] = $def->info['list-style-position'];
|
||||||
$this->info['list-style-image'] = $def->info['list-style-image'];
|
$this->info['list-style-image'] = $def->info['list-style-image'];
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
// regular pre-processing
|
// regular pre-processing
|
||||||
$string = $this->parseCDATA($string);
|
$string = $this->parseCDATA($string);
|
||||||
|
@ -18,24 +18,26 @@ class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Instance of component definition to defer validation to.
|
* Instance of component definition to defer validation to.
|
||||||
|
* @todo Make protected
|
||||||
*/
|
*/
|
||||||
var $single;
|
public $single;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Max number of values allowed.
|
* Max number of values allowed.
|
||||||
|
* @todo Make protected
|
||||||
*/
|
*/
|
||||||
var $max;
|
public $max;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $single HTMLPurifier_AttrDef to multiply
|
* @param $single HTMLPurifier_AttrDef to multiply
|
||||||
* @param $max Max number of values allowed (usually four)
|
* @param $max Max number of values allowed (usually four)
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrDef_CSS_Multiple($single, $max = 4) {
|
public function HTMLPurifier_AttrDef_CSS_Multiple($single, $max = 4) {
|
||||||
$this->single = $single;
|
$this->single = $single;
|
||||||
$this->max = $max;
|
$this->max = $max;
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
$string = $this->parseCDATA($string);
|
$string = $this->parseCDATA($string);
|
||||||
if ($string === '') return false;
|
if ($string === '') return false;
|
||||||
$parts = explode(' ', $string); // parseCDATA replaced \r, \t and \n
|
$parts = explode(' ', $string); // parseCDATA replaced \r, \t and \n
|
||||||
|
@ -9,16 +9,16 @@ class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef
|
|||||||
/**
|
/**
|
||||||
* Bool indicating whether or not only positive values allowed.
|
* Bool indicating whether or not only positive values allowed.
|
||||||
*/
|
*/
|
||||||
var $non_negative = false;
|
protected $non_negative = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $non_negative Bool indicating whether negatives are forbidden
|
* @param $non_negative Bool indicating whether negatives are forbidden
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrDef_CSS_Number($non_negative = false) {
|
public function HTMLPurifier_AttrDef_CSS_Number($non_negative = false) {
|
||||||
$this->non_negative = $non_negative;
|
$this->non_negative = $non_negative;
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($number, $config, &$context) {
|
public function validate($number, $config, &$context) {
|
||||||
|
|
||||||
$number = $this->parseCDATA($number);
|
$number = $this->parseCDATA($number);
|
||||||
|
|
||||||
|
@ -12,16 +12,16 @@ class HTMLPurifier_AttrDef_CSS_Percentage extends HTMLPurifier_AttrDef
|
|||||||
/**
|
/**
|
||||||
* Instance of HTMLPurifier_AttrDef_CSS_Number to defer number validation
|
* Instance of HTMLPurifier_AttrDef_CSS_Number to defer number validation
|
||||||
*/
|
*/
|
||||||
var $number_def;
|
protected $number_def;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param Bool indicating whether to forbid negative values
|
* @param Bool indicating whether to forbid negative values
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrDef_CSS_Percentage($non_negative = false) {
|
public function HTMLPurifier_AttrDef_CSS_Percentage($non_negative = false) {
|
||||||
$this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
|
$this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
$string = $this->parseCDATA($string);
|
$string = $this->parseCDATA($string);
|
||||||
|
|
||||||
|
@ -10,7 +10,7 @@ require_once 'HTMLPurifier/AttrDef.php';
|
|||||||
class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
static $allowed_values = array(
|
static $allowed_values = array(
|
||||||
'line-through' => true,
|
'line-through' => true,
|
||||||
|
@ -14,11 +14,11 @@ require_once 'HTMLPurifier/AttrDef/URI.php';
|
|||||||
class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
|
class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
|
||||||
{
|
{
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_CSS_URI() {
|
public function HTMLPurifier_AttrDef_CSS_URI() {
|
||||||
parent::HTMLPurifier_AttrDef_URI(true); // always embedded
|
parent::HTMLPurifier_AttrDef_URI(true); // always embedded
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($uri_string, $config, &$context) {
|
public function validate($uri_string, $config, &$context) {
|
||||||
// parse the URI out of the string and then pass it onto
|
// parse the URI out of the string and then pass it onto
|
||||||
// the parent object
|
// the parent object
|
||||||
|
|
||||||
|
@ -14,27 +14,28 @@ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Lookup table of valid values.
|
* Lookup table of valid values.
|
||||||
|
* @todo Make protected
|
||||||
*/
|
*/
|
||||||
var $valid_values = array();
|
public $valid_values = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Bool indicating whether or not enumeration is case sensitive.
|
* Bool indicating whether or not enumeration is case sensitive.
|
||||||
* @note In general this is always case insensitive.
|
* @note In general this is always case insensitive.
|
||||||
*/
|
*/
|
||||||
var $case_sensitive = false; // values according to W3C spec
|
protected $case_sensitive = false; // values according to W3C spec
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $valid_values List of valid values
|
* @param $valid_values List of valid values
|
||||||
* @param $case_sensitive Bool indicating whether or not case sensitive
|
* @param $case_sensitive Bool indicating whether or not case sensitive
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrDef_Enum(
|
public function HTMLPurifier_AttrDef_Enum(
|
||||||
$valid_values = array(), $case_sensitive = false
|
$valid_values = array(), $case_sensitive = false
|
||||||
) {
|
) {
|
||||||
$this->valid_values = array_flip($valid_values);
|
$this->valid_values = array_flip($valid_values);
|
||||||
$this->case_sensitive = $case_sensitive;
|
$this->case_sensitive = $case_sensitive;
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
$string = trim($string);
|
$string = trim($string);
|
||||||
if (!$this->case_sensitive) {
|
if (!$this->case_sensitive) {
|
||||||
// we may want to do full case-insensitive libraries
|
// we may want to do full case-insensitive libraries
|
||||||
@ -50,7 +51,7 @@ class HTMLPurifier_AttrDef_Enum extends HTMLPurifier_AttrDef
|
|||||||
* valid values. Example: "foo,bar,baz". Prepend "s:" to make
|
* valid values. Example: "foo,bar,baz". Prepend "s:" to make
|
||||||
* case sensitive
|
* case sensitive
|
||||||
*/
|
*/
|
||||||
function make($string) {
|
public function make($string) {
|
||||||
if (strlen($string) > 2 && $string[0] == 's' && $string[1] == ':') {
|
if (strlen($string) > 2 && $string[0] == 's' && $string[1] == ':') {
|
||||||
$string = substr($string, 2);
|
$string = substr($string, 2);
|
||||||
$sensitive = true;
|
$sensitive = true;
|
||||||
|
@ -8,12 +8,12 @@ require_once 'HTMLPurifier/AttrDef.php';
|
|||||||
class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
var $name;
|
protected $name;
|
||||||
var $minimized = true;
|
public $minimized = true;
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_HTML_Bool($name = false) {$this->name = $name;}
|
public function HTMLPurifier_AttrDef_HTML_Bool($name = false) {$this->name = $name;}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
if (empty($string)) return false;
|
if (empty($string)) return false;
|
||||||
return $this->name;
|
return $this->name;
|
||||||
}
|
}
|
||||||
@ -21,7 +21,7 @@ class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
|
|||||||
/**
|
/**
|
||||||
* @param $string Name of attribute
|
* @param $string Name of attribute
|
||||||
*/
|
*/
|
||||||
function make($string) {
|
public function make($string) {
|
||||||
return new HTMLPurifier_AttrDef_HTML_Bool($string);
|
return new HTMLPurifier_AttrDef_HTML_Bool($string);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -9,7 +9,7 @@ require_once 'HTMLPurifier/AttrDef/CSS/Color.php'; // for %Core.ColorKeywords
|
|||||||
class HTMLPurifier_AttrDef_HTML_Color extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_HTML_Color extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
static $colors = null;
|
static $colors = null;
|
||||||
if ($colors === null) $colors = $config->get('Core', 'ColorKeywords');
|
if ($colors === null) $colors = $config->get('Core', 'ColorKeywords');
|
||||||
|
@ -19,12 +19,12 @@ require_once 'HTMLPurifier/AttrDef/Enum.php';
|
|||||||
class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum
|
class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum
|
||||||
{
|
{
|
||||||
|
|
||||||
var $valid_values = false; // uninitialized value
|
public $valid_values = false; // uninitialized value
|
||||||
var $case_sensitive = false;
|
protected $case_sensitive = false;
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_HTML_FrameTarget() {}
|
public function HTMLPurifier_AttrDef_HTML_FrameTarget() {}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
if ($this->valid_values === false) $this->valid_values = $config->get('Attr', 'AllowedFrameTargets');
|
if ($this->valid_values === false) $this->valid_values = $config->get('Attr', 'AllowedFrameTargets');
|
||||||
return parent::validate($string, $config, $context);
|
return parent::validate($string, $config, $context);
|
||||||
}
|
}
|
||||||
|
@ -66,7 +66,7 @@ class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
|||||||
// ref functionality disabled, since we also have to verify
|
// ref functionality disabled, since we also have to verify
|
||||||
// whether or not the ID it refers to exists
|
// whether or not the ID it refers to exists
|
||||||
|
|
||||||
function validate($id, $config, &$context) {
|
public function validate($id, $config, &$context) {
|
||||||
|
|
||||||
if (!$config->get('Attr', 'EnableID')) return false;
|
if (!$config->get('Attr', 'EnableID')) return false;
|
||||||
|
|
||||||
|
@ -13,7 +13,7 @@ require_once 'HTMLPurifier/AttrDef/HTML/Pixels.php';
|
|||||||
class HTMLPurifier_AttrDef_HTML_Length extends HTMLPurifier_AttrDef_HTML_Pixels
|
class HTMLPurifier_AttrDef_HTML_Length extends HTMLPurifier_AttrDef_HTML_Pixels
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
$string = trim($string);
|
$string = trim($string);
|
||||||
if ($string === '') return false;
|
if ($string === '') return false;
|
||||||
|
@ -27,9 +27,9 @@ class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef
|
|||||||
{
|
{
|
||||||
|
|
||||||
/** Name config attribute to pull. */
|
/** Name config attribute to pull. */
|
||||||
var $name;
|
protected $name;
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_HTML_LinkTypes($name) {
|
public function HTMLPurifier_AttrDef_HTML_LinkTypes($name) {
|
||||||
$configLookup = array(
|
$configLookup = array(
|
||||||
'rel' => 'AllowedRel',
|
'rel' => 'AllowedRel',
|
||||||
'rev' => 'AllowedRev'
|
'rev' => 'AllowedRev'
|
||||||
@ -42,7 +42,7 @@ class HTMLPurifier_AttrDef_HTML_LinkTypes extends HTMLPurifier_AttrDef
|
|||||||
$this->name = $configLookup[$name];
|
$this->name = $configLookup[$name];
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
$allowed = $config->get('Attr', $this->name);
|
$allowed = $config->get('Attr', $this->name);
|
||||||
if (empty($allowed)) return false;
|
if (empty($allowed)) return false;
|
||||||
|
@ -12,7 +12,7 @@ require_once 'HTMLPurifier/AttrDef/HTML/Length.php';
|
|||||||
class HTMLPurifier_AttrDef_HTML_MultiLength extends HTMLPurifier_AttrDef_HTML_Length
|
class HTMLPurifier_AttrDef_HTML_MultiLength extends HTMLPurifier_AttrDef_HTML_Length
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
$string = trim($string);
|
$string = trim($string);
|
||||||
if ($string === '') return false;
|
if ($string === '') return false;
|
||||||
|
@ -13,7 +13,7 @@ require_once 'HTMLPurifier/Config.php';
|
|||||||
class HTMLPurifier_AttrDef_HTML_Nmtokens extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_HTML_Nmtokens extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
$string = trim($string);
|
$string = trim($string);
|
||||||
|
|
||||||
|
@ -8,7 +8,7 @@ require_once 'HTMLPurifier/AttrDef.php';
|
|||||||
class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
$string = trim($string);
|
$string = trim($string);
|
||||||
if ($string === '0') return $string;
|
if ($string === '0') return $string;
|
||||||
|
@ -15,24 +15,24 @@ class HTMLPurifier_AttrDef_Integer extends HTMLPurifier_AttrDef
|
|||||||
/**
|
/**
|
||||||
* Bool indicating whether or not negative values are allowed
|
* Bool indicating whether or not negative values are allowed
|
||||||
*/
|
*/
|
||||||
var $negative = true;
|
protected $negative = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Bool indicating whether or not zero is allowed
|
* Bool indicating whether or not zero is allowed
|
||||||
*/
|
*/
|
||||||
var $zero = true;
|
protected $zero = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Bool indicating whether or not positive values are allowed
|
* Bool indicating whether or not positive values are allowed
|
||||||
*/
|
*/
|
||||||
var $positive = true;
|
protected $positive = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $negative Bool indicating whether or not negative values are allowed
|
* @param $negative Bool indicating whether or not negative values are allowed
|
||||||
* @param $zero Bool indicating whether or not zero is allowed
|
* @param $zero Bool indicating whether or not zero is allowed
|
||||||
* @param $positive Bool indicating whether or not positive values are allowed
|
* @param $positive Bool indicating whether or not positive values are allowed
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrDef_Integer(
|
public function HTMLPurifier_AttrDef_Integer(
|
||||||
$negative = true, $zero = true, $positive = true
|
$negative = true, $zero = true, $positive = true
|
||||||
) {
|
) {
|
||||||
$this->negative = $negative;
|
$this->negative = $negative;
|
||||||
@ -40,7 +40,7 @@ class HTMLPurifier_AttrDef_Integer extends HTMLPurifier_AttrDef
|
|||||||
$this->positive = $positive;
|
$this->positive = $positive;
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($integer, $config, &$context) {
|
public function validate($integer, $config, &$context) {
|
||||||
|
|
||||||
$integer = $this->parseCDATA($integer);
|
$integer = $this->parseCDATA($integer);
|
||||||
if ($integer === '') return false;
|
if ($integer === '') return false;
|
||||||
|
@ -9,7 +9,7 @@ require_once 'HTMLPurifier/AttrDef.php';
|
|||||||
class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_Lang extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
|
|
||||||
$string = trim($string);
|
$string = trim($string);
|
||||||
if (!$string) return false;
|
if (!$string) return false;
|
||||||
|
@ -8,7 +8,7 @@ require_once 'HTMLPurifier/AttrDef.php';
|
|||||||
class HTMLPurifier_AttrDef_Text extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_Text extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
return $this->parseCDATA($string);
|
return $this->parseCDATA($string);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -68,19 +68,19 @@ HTMLPurifier_ConfigSchema::define(
|
|||||||
class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
|
class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
var $parser, $percentEncoder;
|
protected $parser, $percentEncoder;
|
||||||
var $embedsResource;
|
protected $embedsResource;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $embeds_resource_resource Does the URI here result in an extra HTTP request?
|
* @param $embeds_resource_resource Does the URI here result in an extra HTTP request?
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrDef_URI($embeds_resource = false) {
|
public function HTMLPurifier_AttrDef_URI($embeds_resource = false) {
|
||||||
$this->parser = new HTMLPurifier_URIParser();
|
$this->parser = new HTMLPurifier_URIParser();
|
||||||
$this->percentEncoder = new HTMLPurifier_PercentEncoder();
|
$this->percentEncoder = new HTMLPurifier_PercentEncoder();
|
||||||
$this->embedsResource = (bool) $embeds_resource;
|
$this->embedsResource = (bool) $embeds_resource;
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($uri, $config, &$context) {
|
public function validate($uri, $config, &$context) {
|
||||||
|
|
||||||
if ($config->get('URI', 'Disable')) return false;
|
if ($config->get('URI', 'Disable')) return false;
|
||||||
|
|
||||||
|
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
require_once 'HTMLPurifier/AttrDef.php';
|
require_once 'HTMLPurifier/AttrDef.php';
|
||||||
|
|
||||||
class HTMLPurifier_AttrDef_URI_Email extends HTMLPurifier_AttrDef
|
abstract class HTMLPurifier_AttrDef_URI_Email extends HTMLPurifier_AttrDef
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -9,7 +9,7 @@ require_once 'HTMLPurifier/AttrDef/URI/Email.php';
|
|||||||
class HTMLPurifier_AttrDef_URI_Email_SimpleCheck extends HTMLPurifier_AttrDef_URI_Email
|
class HTMLPurifier_AttrDef_URI_Email_SimpleCheck extends HTMLPurifier_AttrDef_URI_Email
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
// no support for named mailboxes i.e. "Bob <bob@example.com>"
|
// no support for named mailboxes i.e. "Bob <bob@example.com>"
|
||||||
// that needs more percent encoding to be done
|
// that needs more percent encoding to be done
|
||||||
if ($string == '') return false;
|
if ($string == '') return false;
|
||||||
|
@ -13,19 +13,19 @@ class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef
|
|||||||
/**
|
/**
|
||||||
* Instance of HTMLPurifier_AttrDef_URI_IPv4 sub-validator
|
* Instance of HTMLPurifier_AttrDef_URI_IPv4 sub-validator
|
||||||
*/
|
*/
|
||||||
var $ipv4;
|
protected $ipv4;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Instance of HTMLPurifier_AttrDef_URI_IPv6 sub-validator
|
* Instance of HTMLPurifier_AttrDef_URI_IPv6 sub-validator
|
||||||
*/
|
*/
|
||||||
var $ipv6;
|
protected $ipv6;
|
||||||
|
|
||||||
function HTMLPurifier_AttrDef_URI_Host() {
|
public function HTMLPurifier_AttrDef_URI_Host() {
|
||||||
$this->ipv4 = new HTMLPurifier_AttrDef_URI_IPv4();
|
$this->ipv4 = new HTMLPurifier_AttrDef_URI_IPv4();
|
||||||
$this->ipv6 = new HTMLPurifier_AttrDef_URI_IPv6();
|
$this->ipv6 = new HTMLPurifier_AttrDef_URI_IPv6();
|
||||||
}
|
}
|
||||||
|
|
||||||
function validate($string, $config, &$context) {
|
public function validate($string, $config, &$context) {
|
||||||
$length = strlen($string);
|
$length = strlen($string);
|
||||||
if ($string === '') return '';
|
if ($string === '') return '';
|
||||||
if ($length > 1 && $string[0] === '[' && $string[$length-1] === ']') {
|
if ($length > 1 && $string[0] === '[' && $string[$length-1] === ']') {
|
||||||
|
@ -11,11 +11,10 @@ class HTMLPurifier_AttrDef_URI_IPv4 extends HTMLPurifier_AttrDef
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* IPv4 regex, protected so that IPv6 can reuse it
|
* IPv4 regex, protected so that IPv6 can reuse it
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $ip4;
|
protected $ip4;
|
||||||
|
|
||||||
function validate($aIP, $config, &$context) {
|
public function validate($aIP, $config, &$context) {
|
||||||
|
|
||||||
if (!$this->ip4) $this->_loadRegex();
|
if (!$this->ip4) $this->_loadRegex();
|
||||||
|
|
||||||
@ -32,7 +31,7 @@ class HTMLPurifier_AttrDef_URI_IPv4 extends HTMLPurifier_AttrDef
|
|||||||
* Lazy load function to prevent regex from being stuffed in
|
* Lazy load function to prevent regex from being stuffed in
|
||||||
* cache.
|
* cache.
|
||||||
*/
|
*/
|
||||||
function _loadRegex() {
|
protected function _loadRegex() {
|
||||||
$oct = '(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])'; // 0-255
|
$oct = '(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])'; // 0-255
|
||||||
$this->ip4 = "(?:{$oct}\\.{$oct}\\.{$oct}\\.{$oct})";
|
$this->ip4 = "(?:{$oct}\\.{$oct}\\.{$oct}\\.{$oct})";
|
||||||
}
|
}
|
||||||
|
@ -11,7 +11,7 @@ require_once 'HTMLPurifier/AttrDef/URI/IPv4.php';
|
|||||||
class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4
|
class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4
|
||||||
{
|
{
|
||||||
|
|
||||||
function validate($aIP, $config, &$context) {
|
public function validate($aIP, $config, &$context) {
|
||||||
|
|
||||||
if (!$this->ip4) $this->_loadRegex();
|
if (!$this->ip4) $this->_loadRegex();
|
||||||
|
|
||||||
|
@ -14,7 +14,7 @@
|
|||||||
* more details.
|
* more details.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
class HTMLPurifier_AttrTransform
|
abstract class HTMLPurifier_AttrTransform
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -26,9 +26,7 @@ class HTMLPurifier_AttrTransform
|
|||||||
* @param $context Mandatory HTMLPurifier_Context object
|
* @param $context Mandatory HTMLPurifier_Context object
|
||||||
* @returns Processed attribute array.
|
* @returns Processed attribute array.
|
||||||
*/
|
*/
|
||||||
function transform($attr, $config, &$context) {
|
abstract public function transform($attr, $config, &$context);
|
||||||
trigger_error('Cannot call abstract function', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Prepends CSS properties to the style attribute, creating the
|
* Prepends CSS properties to the style attribute, creating the
|
||||||
@ -36,7 +34,7 @@ class HTMLPurifier_AttrTransform
|
|||||||
* @param $attr Attribute array to process (passed by reference)
|
* @param $attr Attribute array to process (passed by reference)
|
||||||
* @param $css CSS to prepend
|
* @param $css CSS to prepend
|
||||||
*/
|
*/
|
||||||
function prependCSS(&$attr, $css) {
|
public function prependCSS(&$attr, $css) {
|
||||||
$attr['style'] = isset($attr['style']) ? $attr['style'] : '';
|
$attr['style'] = isset($attr['style']) ? $attr['style'] : '';
|
||||||
$attr['style'] = $css . $attr['style'];
|
$attr['style'] = $css . $attr['style'];
|
||||||
}
|
}
|
||||||
@ -46,7 +44,7 @@ class HTMLPurifier_AttrTransform
|
|||||||
* @param $attr Attribute array to process (passed by reference)
|
* @param $attr Attribute array to process (passed by reference)
|
||||||
* @param $key Key of attribute to confiscate
|
* @param $key Key of attribute to confiscate
|
||||||
*/
|
*/
|
||||||
function confiscateAttr(&$attr, $key) {
|
public function confiscateAttr(&$attr, $key) {
|
||||||
if (!isset($attr[$key])) return null;
|
if (!isset($attr[$key])) return null;
|
||||||
$value = $attr[$key];
|
$value = $attr[$key];
|
||||||
unset($attr[$key]);
|
unset($attr[$key]);
|
||||||
|
@ -20,7 +20,7 @@ HTMLPurifier_ConfigSchema::defineAllowedValues(
|
|||||||
class HTMLPurifier_AttrTransform_BdoDir extends HTMLPurifier_AttrTransform
|
class HTMLPurifier_AttrTransform_BdoDir extends HTMLPurifier_AttrTransform
|
||||||
{
|
{
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
if (isset($attr['dir'])) return $attr;
|
if (isset($attr['dir'])) return $attr;
|
||||||
$attr['dir'] = $config->get('Attr', 'DefaultTextDir');
|
$attr['dir'] = $config->get('Attr', 'DefaultTextDir');
|
||||||
return $attr;
|
return $attr;
|
||||||
|
@ -5,10 +5,9 @@ require_once 'HTMLPurifier/AttrTransform.php';
|
|||||||
/**
|
/**
|
||||||
* Pre-transform that changes deprecated bgcolor attribute to CSS.
|
* Pre-transform that changes deprecated bgcolor attribute to CSS.
|
||||||
*/
|
*/
|
||||||
class HTMLPurifier_AttrTransform_BgColor
|
class HTMLPurifier_AttrTransform_BgColor extends HTMLPurifier_AttrTransform {
|
||||||
extends HTMLPurifier_AttrTransform {
|
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
|
|
||||||
if (!isset($attr['bgcolor'])) return $attr;
|
if (!isset($attr['bgcolor'])) return $attr;
|
||||||
|
|
||||||
|
@ -11,23 +11,23 @@ extends HTMLPurifier_AttrTransform {
|
|||||||
/**
|
/**
|
||||||
* Name of boolean attribute that is trigger
|
* Name of boolean attribute that is trigger
|
||||||
*/
|
*/
|
||||||
var $attr;
|
protected $attr;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* CSS declarations to add to style, needs trailing semicolon
|
* CSS declarations to add to style, needs trailing semicolon
|
||||||
*/
|
*/
|
||||||
var $css;
|
protected $css;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $attr string attribute name to convert from
|
* @param $attr string attribute name to convert from
|
||||||
* @param $css string CSS declarations to add to style (needs semicolon)
|
* @param $css string CSS declarations to add to style (needs semicolon)
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrTransform_BoolToCSS($attr, $css) {
|
public function HTMLPurifier_AttrTransform_BoolToCSS($attr, $css) {
|
||||||
$this->attr = $attr;
|
$this->attr = $attr;
|
||||||
$this->css = $css;
|
$this->css = $css;
|
||||||
}
|
}
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
if (!isset($attr[$this->attr])) return $attr;
|
if (!isset($attr[$this->attr])) return $attr;
|
||||||
unset($attr[$this->attr]);
|
unset($attr[$this->attr]);
|
||||||
$this->prependCSS($attr, $this->css);
|
$this->prependCSS($attr, $this->css);
|
||||||
|
@ -7,7 +7,7 @@ require_once 'HTMLPurifier/AttrTransform.php';
|
|||||||
*/
|
*/
|
||||||
class HTMLPurifier_AttrTransform_Border extends HTMLPurifier_AttrTransform {
|
class HTMLPurifier_AttrTransform_Border extends HTMLPurifier_AttrTransform {
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
if (!isset($attr['border'])) return $attr;
|
if (!isset($attr['border'])) return $attr;
|
||||||
$border_width = $this->confiscateAttr($attr, 'border');
|
$border_width = $this->confiscateAttr($attr, 'border');
|
||||||
// some validation should happen here
|
// some validation should happen here
|
||||||
|
@ -11,32 +11,32 @@ class HTMLPurifier_AttrTransform_EnumToCSS extends HTMLPurifier_AttrTransform {
|
|||||||
/**
|
/**
|
||||||
* Name of attribute to transform from
|
* Name of attribute to transform from
|
||||||
*/
|
*/
|
||||||
var $attr;
|
protected $attr;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Lookup array of attribute values to CSS
|
* Lookup array of attribute values to CSS
|
||||||
*/
|
*/
|
||||||
var $enumToCSS = array();
|
protected $enumToCSS = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Case sensitivity of the matching
|
* Case sensitivity of the matching
|
||||||
* @warning Currently can only be guaranteed to work with ASCII
|
* @warning Currently can only be guaranteed to work with ASCII
|
||||||
* values.
|
* values.
|
||||||
*/
|
*/
|
||||||
var $caseSensitive = false;
|
protected $caseSensitive = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $attr String attribute name to transform from
|
* @param $attr String attribute name to transform from
|
||||||
* @param $enumToCSS Lookup array of attribute values to CSS
|
* @param $enumToCSS Lookup array of attribute values to CSS
|
||||||
* @param $case_sensitive Boolean case sensitivity indicator, default false
|
* @param $case_sensitive Boolean case sensitivity indicator, default false
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrTransform_EnumToCSS($attr, $enum_to_css, $case_sensitive = false) {
|
public function HTMLPurifier_AttrTransform_EnumToCSS($attr, $enum_to_css, $case_sensitive = false) {
|
||||||
$this->attr = $attr;
|
$this->attr = $attr;
|
||||||
$this->enumToCSS = $enum_to_css;
|
$this->enumToCSS = $enum_to_css;
|
||||||
$this->caseSensitive = (bool) $case_sensitive;
|
$this->caseSensitive = (bool) $case_sensitive;
|
||||||
}
|
}
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
|
|
||||||
if (!isset($attr[$this->attr])) return $attr;
|
if (!isset($attr[$this->attr])) return $attr;
|
||||||
|
|
||||||
|
@ -28,7 +28,7 @@ HTMLPurifier_ConfigSchema::define(
|
|||||||
class HTMLPurifier_AttrTransform_ImgRequired extends HTMLPurifier_AttrTransform
|
class HTMLPurifier_AttrTransform_ImgRequired extends HTMLPurifier_AttrTransform
|
||||||
{
|
{
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
|
|
||||||
$src = true;
|
$src = true;
|
||||||
if (!isset($attr['src'])) {
|
if (!isset($attr['src'])) {
|
||||||
|
@ -5,23 +5,22 @@ require_once 'HTMLPurifier/AttrTransform.php';
|
|||||||
/**
|
/**
|
||||||
* Pre-transform that changes deprecated hspace and vspace attributes to CSS
|
* Pre-transform that changes deprecated hspace and vspace attributes to CSS
|
||||||
*/
|
*/
|
||||||
class HTMLPurifier_AttrTransform_ImgSpace
|
class HTMLPurifier_AttrTransform_ImgSpace extends HTMLPurifier_AttrTransform {
|
||||||
extends HTMLPurifier_AttrTransform {
|
|
||||||
|
|
||||||
var $attr;
|
protected $attr;
|
||||||
var $css = array(
|
protected $css = array(
|
||||||
'hspace' => array('left', 'right'),
|
'hspace' => array('left', 'right'),
|
||||||
'vspace' => array('top', 'bottom')
|
'vspace' => array('top', 'bottom')
|
||||||
);
|
);
|
||||||
|
|
||||||
function HTMLPurifier_AttrTransform_ImgSpace($attr) {
|
public function HTMLPurifier_AttrTransform_ImgSpace($attr) {
|
||||||
$this->attr = $attr;
|
$this->attr = $attr;
|
||||||
if (!isset($this->css[$attr])) {
|
if (!isset($this->css[$attr])) {
|
||||||
trigger_error(htmlspecialchars($attr) . ' is not valid space attribute');
|
trigger_error(htmlspecialchars($attr) . ' is not valid space attribute');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
|
|
||||||
if (!isset($attr[$this->attr])) return $attr;
|
if (!isset($attr[$this->attr])) return $attr;
|
||||||
|
|
||||||
|
@ -10,7 +10,7 @@ require_once 'HTMLPurifier/AttrTransform.php';
|
|||||||
class HTMLPurifier_AttrTransform_Lang extends HTMLPurifier_AttrTransform
|
class HTMLPurifier_AttrTransform_Lang extends HTMLPurifier_AttrTransform
|
||||||
{
|
{
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
|
|
||||||
$lang = isset($attr['lang']) ? $attr['lang'] : false;
|
$lang = isset($attr['lang']) ? $attr['lang'] : false;
|
||||||
$xml_lang = isset($attr['xml:lang']) ? $attr['xml:lang'] : false;
|
$xml_lang = isset($attr['xml:lang']) ? $attr['xml:lang'] : false;
|
||||||
|
@ -8,15 +8,15 @@ require_once 'HTMLPurifier/AttrTransform.php';
|
|||||||
class HTMLPurifier_AttrTransform_Length extends HTMLPurifier_AttrTransform
|
class HTMLPurifier_AttrTransform_Length extends HTMLPurifier_AttrTransform
|
||||||
{
|
{
|
||||||
|
|
||||||
var $name;
|
protected $name;
|
||||||
var $cssName;
|
protected $cssName;
|
||||||
|
|
||||||
function HTMLPurifier_AttrTransform_Length($name, $css_name = null) {
|
public function HTMLPurifier_AttrTransform_Length($name, $css_name = null) {
|
||||||
$this->name = $name;
|
$this->name = $name;
|
||||||
$this->cssName = $css_name ? $css_name : $name;
|
$this->cssName = $css_name ? $css_name : $name;
|
||||||
}
|
}
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
if (!isset($attr[$this->name])) return $attr;
|
if (!isset($attr[$this->name])) return $attr;
|
||||||
$length = $this->confiscateAttr($attr, $this->name);
|
$length = $this->confiscateAttr($attr, $this->name);
|
||||||
if(ctype_digit($length)) $length .= 'px';
|
if(ctype_digit($length)) $length .= 'px';
|
||||||
|
@ -8,7 +8,7 @@ require_once 'HTMLPurifier/AttrTransform.php';
|
|||||||
class HTMLPurifier_AttrTransform_Name extends HTMLPurifier_AttrTransform
|
class HTMLPurifier_AttrTransform_Name extends HTMLPurifier_AttrTransform
|
||||||
{
|
{
|
||||||
|
|
||||||
function transform($attr, $config, &$context) {
|
public function transform($attr, $config, &$context) {
|
||||||
if (!isset($attr['name'])) return $attr;
|
if (!isset($attr['name'])) return $attr;
|
||||||
$id = $this->confiscateAttr($attr, 'name');
|
$id = $this->confiscateAttr($attr, 'name');
|
||||||
if ( isset($attr['id'])) return $attr;
|
if ( isset($attr['id'])) return $attr;
|
||||||
|
@ -20,15 +20,14 @@ class HTMLPurifier_AttrTypes
|
|||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* Lookup array of attribute string identifiers to concrete implementations
|
* Lookup array of attribute string identifiers to concrete implementations
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
public $info = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructs the info array, supplying default implementations for attribute
|
* Constructs the info array, supplying default implementations for attribute
|
||||||
* types.
|
* types.
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_AttrTypes() {
|
public function HTMLPurifier_AttrTypes() {
|
||||||
// pseudo-types, must be instantiated via shorthand
|
// pseudo-types, must be instantiated via shorthand
|
||||||
$this->info['Enum'] = new HTMLPurifier_AttrDef_Enum();
|
$this->info['Enum'] = new HTMLPurifier_AttrDef_Enum();
|
||||||
$this->info['Bool'] = new HTMLPurifier_AttrDef_HTML_Bool();
|
$this->info['Bool'] = new HTMLPurifier_AttrDef_HTML_Bool();
|
||||||
@ -57,7 +56,7 @@ class HTMLPurifier_AttrTypes
|
|||||||
* @param $type String type name
|
* @param $type String type name
|
||||||
* @return Object AttrDef for type
|
* @return Object AttrDef for type
|
||||||
*/
|
*/
|
||||||
function get($type) {
|
public function get($type) {
|
||||||
|
|
||||||
// determine if there is any extra info tacked on
|
// determine if there is any extra info tacked on
|
||||||
if (strpos($type, '#') !== false) list($type, $string) = explode('#', $type, 2);
|
if (strpos($type, '#') !== false) list($type, $string) = explode('#', $type, 2);
|
||||||
@ -77,7 +76,7 @@ class HTMLPurifier_AttrTypes
|
|||||||
* @param $type String type name
|
* @param $type String type name
|
||||||
* @param $impl Object AttrDef for type
|
* @param $impl Object AttrDef for type
|
||||||
*/
|
*/
|
||||||
function set($type, $impl) {
|
public function set($type, $impl) {
|
||||||
$this->info[$type] = $impl;
|
$this->info[$type] = $impl;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -18,7 +18,7 @@ class HTMLPurifier_AttrValidator
|
|||||||
* @param $config Instance of HTMLPurifier_Config
|
* @param $config Instance of HTMLPurifier_Config
|
||||||
* @param $context Instance of HTMLPurifier_Context
|
* @param $context Instance of HTMLPurifier_Context
|
||||||
*/
|
*/
|
||||||
function validateToken(&$token, &$config, &$context) {
|
public function validateToken(&$token, &$config, &$context) {
|
||||||
|
|
||||||
$definition = $config->getHTMLDefinition();
|
$definition = $config->getHTMLDefinition();
|
||||||
$e =& $context->get('ErrorCollector', true);
|
$e =& $context->get('ErrorCollector', true);
|
||||||
|
@ -33,17 +33,17 @@ HTMLPurifier_ConfigSchema::define(
|
|||||||
class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
|
||||||
{
|
{
|
||||||
|
|
||||||
var $type = 'CSS';
|
public $type = 'CSS';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Assoc array of attribute name to definition object.
|
* Assoc array of attribute name to definition object.
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
public $info = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructs the info array. The meat of this class.
|
* Constructs the info array. The meat of this class.
|
||||||
*/
|
*/
|
||||||
function doSetup($config) {
|
protected function doSetup($config) {
|
||||||
|
|
||||||
$this->info['text-align'] = new HTMLPurifier_AttrDef_Enum(
|
$this->info['text-align'] = new HTMLPurifier_AttrDef_Enum(
|
||||||
array('left', 'right', 'center', 'justify'), false);
|
array('left', 'right', 'center', 'justify'), false);
|
||||||
|
@ -22,29 +22,25 @@ class HTMLPurifier_ChildDef
|
|||||||
/**
|
/**
|
||||||
* Type of child definition, usually right-most part of class name lowercase.
|
* Type of child definition, usually right-most part of class name lowercase.
|
||||||
* Used occasionally in terms of context.
|
* Used occasionally in terms of context.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $type;
|
public $type;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Bool that indicates whether or not an empty array of children is okay
|
* Bool that indicates whether or not an empty array of children is okay
|
||||||
*
|
*
|
||||||
* This is necessary for redundant checking when changes affecting
|
* This is necessary for redundant checking when changes affecting
|
||||||
* a child node may cause a parent node to now be disallowed.
|
* a child node may cause a parent node to now be disallowed.
|
||||||
*
|
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $allow_empty;
|
public $allow_empty;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Lookup array of all elements that this definition could possibly allow
|
* Lookup array of all elements that this definition could possibly allow
|
||||||
*/
|
*/
|
||||||
var $elements = array();
|
public $elements = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Validates nodes according to definition and returns modification.
|
* Validates nodes according to definition and returns modification.
|
||||||
*
|
*
|
||||||
* @public
|
|
||||||
* @param $tokens_of_children Array of HTMLPurifier_Token
|
* @param $tokens_of_children Array of HTMLPurifier_Token
|
||||||
* @param $config HTMLPurifier_Config object
|
* @param $config HTMLPurifier_Config object
|
||||||
* @param $context HTMLPurifier_Context object
|
* @param $context HTMLPurifier_Context object
|
||||||
@ -52,7 +48,7 @@ class HTMLPurifier_ChildDef
|
|||||||
* @return bool false to remove parent node
|
* @return bool false to remove parent node
|
||||||
* @return array of replacement child tokens
|
* @return array of replacement child tokens
|
||||||
*/
|
*/
|
||||||
function validateChildren($tokens_of_children, $config, &$context) {
|
public function validateChildren($tokens_of_children, $config, &$context) {
|
||||||
trigger_error('Call to abstract function', E_USER_ERROR);
|
trigger_error('Call to abstract function', E_USER_ERROR);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -16,29 +16,27 @@ class HTMLPurifier_ChildDef_Chameleon extends HTMLPurifier_ChildDef
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Instance of the definition object to use when inline. Usually stricter.
|
* Instance of the definition object to use when inline. Usually stricter.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $inline;
|
public $inline;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Instance of the definition object to use when block.
|
* Instance of the definition object to use when block.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $block;
|
public $block;
|
||||||
|
|
||||||
var $type = 'chameleon';
|
public $type = 'chameleon';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $inline List of elements to allow when inline.
|
* @param $inline List of elements to allow when inline.
|
||||||
* @param $block List of elements to allow when block.
|
* @param $block List of elements to allow when block.
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_ChildDef_Chameleon($inline, $block) {
|
public function HTMLPurifier_ChildDef_Chameleon($inline, $block) {
|
||||||
$this->inline = new HTMLPurifier_ChildDef_Optional($inline);
|
$this->inline = new HTMLPurifier_ChildDef_Optional($inline);
|
||||||
$this->block = new HTMLPurifier_ChildDef_Optional($block);
|
$this->block = new HTMLPurifier_ChildDef_Optional($block);
|
||||||
$this->elements = $this->block->elements;
|
$this->elements = $this->block->elements;
|
||||||
}
|
}
|
||||||
|
|
||||||
function validateChildren($tokens_of_children, $config, &$context) {
|
public function validateChildren($tokens_of_children, $config, &$context) {
|
||||||
if ($context->get('IsInline') === false) {
|
if ($context->get('IsInline') === false) {
|
||||||
return $this->block->validateChildren(
|
return $this->block->validateChildren(
|
||||||
$tokens_of_children, $config, $context);
|
$tokens_of_children, $config, $context);
|
||||||
|
@ -12,28 +12,28 @@ require_once 'HTMLPurifier/ChildDef.php';
|
|||||||
*/
|
*/
|
||||||
class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef
|
class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef
|
||||||
{
|
{
|
||||||
var $type = 'custom';
|
public $type = 'custom';
|
||||||
var $allow_empty = false;
|
public $allow_empty = false;
|
||||||
/**
|
/**
|
||||||
* Allowed child pattern as defined by the DTD
|
* Allowed child pattern as defined by the DTD
|
||||||
*/
|
*/
|
||||||
var $dtd_regex;
|
public $dtd_regex;
|
||||||
/**
|
/**
|
||||||
* PCRE regex derived from $dtd_regex
|
* PCRE regex derived from $dtd_regex
|
||||||
* @private
|
* @private
|
||||||
*/
|
*/
|
||||||
var $_pcre_regex;
|
private $_pcre_regex;
|
||||||
/**
|
/**
|
||||||
* @param $dtd_regex Allowed child pattern from the DTD
|
* @param $dtd_regex Allowed child pattern from the DTD
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_ChildDef_Custom($dtd_regex) {
|
public function HTMLPurifier_ChildDef_Custom($dtd_regex) {
|
||||||
$this->dtd_regex = $dtd_regex;
|
$this->dtd_regex = $dtd_regex;
|
||||||
$this->_compileRegex();
|
$this->_compileRegex();
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
* Compiles the PCRE regex from a DTD regex ($dtd_regex to $_pcre_regex)
|
* Compiles the PCRE regex from a DTD regex ($dtd_regex to $_pcre_regex)
|
||||||
*/
|
*/
|
||||||
function _compileRegex() {
|
protected function _compileRegex() {
|
||||||
$raw = str_replace(' ', '', $this->dtd_regex);
|
$raw = str_replace(' ', '', $this->dtd_regex);
|
||||||
if ($raw{0} != '(') {
|
if ($raw{0} != '(') {
|
||||||
$raw = "($raw)";
|
$raw = "($raw)";
|
||||||
@ -61,7 +61,7 @@ class HTMLPurifier_ChildDef_Custom extends HTMLPurifier_ChildDef
|
|||||||
|
|
||||||
$this->_pcre_regex = $reg;
|
$this->_pcre_regex = $reg;
|
||||||
}
|
}
|
||||||
function validateChildren($tokens_of_children, $config, &$context) {
|
public function validateChildren($tokens_of_children, $config, &$context) {
|
||||||
$list_of_children = '';
|
$list_of_children = '';
|
||||||
$nesting = 0; // depth into the nest
|
$nesting = 0; // depth into the nest
|
||||||
foreach ($tokens_of_children as $token) {
|
foreach ($tokens_of_children as $token) {
|
||||||
|
@ -11,10 +11,10 @@ require_once 'HTMLPurifier/ChildDef.php';
|
|||||||
*/
|
*/
|
||||||
class HTMLPurifier_ChildDef_Empty extends HTMLPurifier_ChildDef
|
class HTMLPurifier_ChildDef_Empty extends HTMLPurifier_ChildDef
|
||||||
{
|
{
|
||||||
var $allow_empty = true;
|
public $allow_empty = true;
|
||||||
var $type = 'empty';
|
public $type = 'empty';
|
||||||
function HTMLPurifier_ChildDef_Empty() {}
|
public function HTMLPurifier_ChildDef_Empty() {}
|
||||||
function validateChildren($tokens_of_children, $config, &$context) {
|
public function validateChildren($tokens_of_children, $config, &$context) {
|
||||||
return array();
|
return array();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -11,9 +11,9 @@ require_once 'HTMLPurifier/ChildDef/Required.php';
|
|||||||
*/
|
*/
|
||||||
class HTMLPurifier_ChildDef_Optional extends HTMLPurifier_ChildDef_Required
|
class HTMLPurifier_ChildDef_Optional extends HTMLPurifier_ChildDef_Required
|
||||||
{
|
{
|
||||||
var $allow_empty = true;
|
public $allow_empty = true;
|
||||||
var $type = 'optional';
|
public $type = 'optional';
|
||||||
function validateChildren($tokens_of_children, $config, &$context) {
|
public function validateChildren($tokens_of_children, $config, &$context) {
|
||||||
$result = parent::validateChildren($tokens_of_children, $config, $context);
|
$result = parent::validateChildren($tokens_of_children, $config, $context);
|
||||||
if ($result === false) {
|
if ($result === false) {
|
||||||
if (empty($tokens_of_children)) return true;
|
if (empty($tokens_of_children)) return true;
|
||||||
|
@ -11,11 +11,11 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef
|
|||||||
* Lookup table of allowed elements.
|
* Lookup table of allowed elements.
|
||||||
* @public
|
* @public
|
||||||
*/
|
*/
|
||||||
var $elements = array();
|
public $elements = array();
|
||||||
/**
|
/**
|
||||||
* @param $elements List of allowed element names (lowercase).
|
* @param $elements List of allowed element names (lowercase).
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_ChildDef_Required($elements) {
|
public function HTMLPurifier_ChildDef_Required($elements) {
|
||||||
if (is_string($elements)) {
|
if (is_string($elements)) {
|
||||||
$elements = str_replace(' ', '', $elements);
|
$elements = str_replace(' ', '', $elements);
|
||||||
$elements = explode('|', $elements);
|
$elements = explode('|', $elements);
|
||||||
@ -30,9 +30,9 @@ class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef
|
|||||||
}
|
}
|
||||||
$this->elements = $elements;
|
$this->elements = $elements;
|
||||||
}
|
}
|
||||||
var $allow_empty = false;
|
public $allow_empty = false;
|
||||||
var $type = 'required';
|
public $type = 'required';
|
||||||
function validateChildren($tokens_of_children, $config, &$context) {
|
public function validateChildren($tokens_of_children, $config, &$context) {
|
||||||
// if there are no tokens, delete parent node
|
// if there are no tokens, delete parent node
|
||||||
if (empty($tokens_of_children)) return false;
|
if (empty($tokens_of_children)) return false;
|
||||||
|
|
||||||
|
@ -8,12 +8,12 @@ require_once 'HTMLPurifier/ChildDef/Required.php';
|
|||||||
class HTMLPurifier_ChildDef_StrictBlockquote
|
class HTMLPurifier_ChildDef_StrictBlockquote
|
||||||
extends HTMLPurifier_ChildDef_Required
|
extends HTMLPurifier_ChildDef_Required
|
||||||
{
|
{
|
||||||
var $real_elements;
|
protected $real_elements;
|
||||||
var $fake_elements;
|
protected $fake_elements;
|
||||||
var $allow_empty = true;
|
public $allow_empty = true;
|
||||||
var $type = 'strictblockquote';
|
public $type = 'strictblockquote';
|
||||||
var $init = false;
|
protected $init = false;
|
||||||
function validateChildren($tokens_of_children, $config, &$context) {
|
public function validateChildren($tokens_of_children, $config, &$context) {
|
||||||
|
|
||||||
$def = $config->getHTMLDefinition();
|
$def = $config->getHTMLDefinition();
|
||||||
if (!$this->init) {
|
if (!$this->init) {
|
||||||
|
@ -7,12 +7,12 @@ require_once 'HTMLPurifier/ChildDef.php';
|
|||||||
*/
|
*/
|
||||||
class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef
|
class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef
|
||||||
{
|
{
|
||||||
var $allow_empty = false;
|
public $allow_empty = false;
|
||||||
var $type = 'table';
|
public $type = 'table';
|
||||||
var $elements = array('tr' => true, 'tbody' => true, 'thead' => true,
|
public $elements = array('tr' => true, 'tbody' => true, 'thead' => true,
|
||||||
'tfoot' => true, 'caption' => true, 'colgroup' => true, 'col' => true);
|
'tfoot' => true, 'caption' => true, 'colgroup' => true, 'col' => true);
|
||||||
function HTMLPurifier_ChildDef_Table() {}
|
public function HTMLPurifier_ChildDef_Table() {}
|
||||||
function validateChildren($tokens_of_children, $config, &$context) {
|
public function validateChildren($tokens_of_children, $config, &$context) {
|
||||||
if (empty($tokens_of_children)) return false;
|
if (empty($tokens_of_children)) return false;
|
||||||
|
|
||||||
// this ensures that the loop gets run one last time before closing
|
// this ensures that the loop gets run one last time before closing
|
||||||
|
@ -35,6 +35,8 @@ if (!defined('PHP_EOL')) {
|
|||||||
* because a configuration object should always be forwarded,
|
* because a configuration object should always be forwarded,
|
||||||
* otherwise, you run the risk of missing a parameter and then
|
* otherwise, you run the risk of missing a parameter and then
|
||||||
* being stumped when a configuration directive doesn't work.
|
* being stumped when a configuration directive doesn't work.
|
||||||
|
*
|
||||||
|
* @todo Reconsider some of the public member variables
|
||||||
*/
|
*/
|
||||||
class HTMLPurifier_Config
|
class HTMLPurifier_Config
|
||||||
{
|
{
|
||||||
@ -42,65 +44,68 @@ class HTMLPurifier_Config
|
|||||||
/**
|
/**
|
||||||
* HTML Purifier's version
|
* HTML Purifier's version
|
||||||
*/
|
*/
|
||||||
var $version = '2.1.3';
|
public $version = '2.1.3';
|
||||||
|
|
||||||
/**
|
|
||||||
* Two-level associative array of configuration directives
|
|
||||||
*/
|
|
||||||
var $conf;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Reference HTMLPurifier_ConfigSchema for value checking
|
|
||||||
*/
|
|
||||||
var $def;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Indexed array of definitions
|
|
||||||
*/
|
|
||||||
var $definitions;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Bool indicator whether or not config is finalized
|
|
||||||
*/
|
|
||||||
var $finalized = false;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Bool indicator whether or not to automatically finalize
|
* Bool indicator whether or not to automatically finalize
|
||||||
* the object if a read operation is done
|
* the object if a read operation is done
|
||||||
*/
|
*/
|
||||||
var $autoFinalize = true;
|
public $autoFinalize = true;
|
||||||
|
|
||||||
|
// protected member variables
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Namespace indexed array of serials for specific namespaces (see
|
* Namespace indexed array of serials for specific namespaces (see
|
||||||
* getSerial for more info).
|
* getSerial() for more info).
|
||||||
*/
|
*/
|
||||||
var $serials = array();
|
protected $serials = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Serial for entire configuration object
|
* Serial for entire configuration object
|
||||||
*/
|
*/
|
||||||
var $serial;
|
protected $serial;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Two-level associative array of configuration directives
|
||||||
|
*/
|
||||||
|
protected $conf;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reference HTMLPurifier_ConfigSchema for value checking
|
||||||
|
* @note This is public for introspective purposes. Please don't
|
||||||
|
* abuse!
|
||||||
|
*/
|
||||||
|
public $def;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Indexed array of definitions
|
||||||
|
*/
|
||||||
|
protected $definitions;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Bool indicator whether or not config is finalized
|
||||||
|
*/
|
||||||
|
protected $finalized = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $definition HTMLPurifier_ConfigSchema that defines what directives
|
* @param $definition HTMLPurifier_ConfigSchema that defines what directives
|
||||||
* are allowed.
|
* are allowed.
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_Config(&$definition) {
|
public function HTMLPurifier_Config(&$definition) {
|
||||||
$this->conf = $definition->defaults; // set up, copy in defaults
|
$this->conf = $definition->defaults; // set up, copy in defaults
|
||||||
$this->def = $definition; // keep a copy around for checking
|
$this->def = $definition; // keep a copy around for checking
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Convenience constructor that creates a config object based on a mixed var
|
* Convenience constructor that creates a config object based on a mixed var
|
||||||
* @static
|
|
||||||
* @param mixed $config Variable that defines the state of the config
|
* @param mixed $config Variable that defines the state of the config
|
||||||
* object. Can be: a HTMLPurifier_Config() object,
|
* object. Can be: a HTMLPurifier_Config() object,
|
||||||
* an array of directives based on loadArray(),
|
* an array of directives based on loadArray(),
|
||||||
* or a string filename of an ini file.
|
* or a string filename of an ini file.
|
||||||
* @return Configured HTMLPurifier_Config object
|
* @return Configured HTMLPurifier_Config object
|
||||||
*/
|
*/
|
||||||
function create($config) {
|
public static function create($config) {
|
||||||
if (is_a($config, 'HTMLPurifier_Config')) {
|
if ($config instanceof HTMLPurifier_Config) {
|
||||||
// pass-through
|
// pass-through
|
||||||
return $config;
|
return $config;
|
||||||
}
|
}
|
||||||
@ -112,10 +117,9 @@ class HTMLPurifier_Config
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Convenience constructor that creates a default configuration object.
|
* Convenience constructor that creates a default configuration object.
|
||||||
* @static
|
|
||||||
* @return Default HTMLPurifier_Config object.
|
* @return Default HTMLPurifier_Config object.
|
||||||
*/
|
*/
|
||||||
function createDefault() {
|
public static function createDefault() {
|
||||||
$definition =& HTMLPurifier_ConfigSchema::instance();
|
$definition =& HTMLPurifier_ConfigSchema::instance();
|
||||||
$config = new HTMLPurifier_Config($definition);
|
$config = new HTMLPurifier_Config($definition);
|
||||||
return $config;
|
return $config;
|
||||||
@ -126,7 +130,7 @@ class HTMLPurifier_Config
|
|||||||
* @param $namespace String namespace
|
* @param $namespace String namespace
|
||||||
* @param $key String key
|
* @param $key String key
|
||||||
*/
|
*/
|
||||||
function get($namespace, $key, $from_alias = false) {
|
public function get($namespace, $key) {
|
||||||
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
||||||
if (!isset($this->def->info[$namespace][$key])) {
|
if (!isset($this->def->info[$namespace][$key])) {
|
||||||
// can't add % due to SimpleTest bug
|
// can't add % due to SimpleTest bug
|
||||||
@ -147,7 +151,7 @@ class HTMLPurifier_Config
|
|||||||
* Retreives an array of directives to values from a given namespace
|
* Retreives an array of directives to values from a given namespace
|
||||||
* @param $namespace String namespace
|
* @param $namespace String namespace
|
||||||
*/
|
*/
|
||||||
function getBatch($namespace) {
|
public function getBatch($namespace) {
|
||||||
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
||||||
if (!isset($this->def->info[$namespace])) {
|
if (!isset($this->def->info[$namespace])) {
|
||||||
trigger_error('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace),
|
trigger_error('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace),
|
||||||
@ -164,7 +168,7 @@ class HTMLPurifier_Config
|
|||||||
* before processing!
|
* before processing!
|
||||||
* @param $namespace Namespace to get serial for
|
* @param $namespace Namespace to get serial for
|
||||||
*/
|
*/
|
||||||
function getBatchSerial($namespace) {
|
public function getBatchSerial($namespace) {
|
||||||
if (empty($this->serials[$namespace])) {
|
if (empty($this->serials[$namespace])) {
|
||||||
$batch = $this->getBatch($namespace);
|
$batch = $this->getBatch($namespace);
|
||||||
unset($batch['DefinitionRev']);
|
unset($batch['DefinitionRev']);
|
||||||
@ -177,7 +181,7 @@ class HTMLPurifier_Config
|
|||||||
* Returns a md5 signature for the entire configuration object
|
* Returns a md5 signature for the entire configuration object
|
||||||
* that uniquely identifies that particular configuration
|
* that uniquely identifies that particular configuration
|
||||||
*/
|
*/
|
||||||
function getSerial() {
|
public function getSerial() {
|
||||||
if (empty($this->serial)) {
|
if (empty($this->serial)) {
|
||||||
$this->serial = md5(serialize($this->getAll()));
|
$this->serial = md5(serialize($this->getAll()));
|
||||||
}
|
}
|
||||||
@ -187,7 +191,7 @@ class HTMLPurifier_Config
|
|||||||
/**
|
/**
|
||||||
* Retrieves all directives, organized by namespace
|
* Retrieves all directives, organized by namespace
|
||||||
*/
|
*/
|
||||||
function getAll() {
|
public function getAll() {
|
||||||
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
||||||
return $this->conf;
|
return $this->conf;
|
||||||
}
|
}
|
||||||
@ -198,7 +202,7 @@ class HTMLPurifier_Config
|
|||||||
* @param $key String key
|
* @param $key String key
|
||||||
* @param $value Mixed value
|
* @param $value Mixed value
|
||||||
*/
|
*/
|
||||||
function set($namespace, $key, $value, $from_alias = false) {
|
public function set($namespace, $key, $value, $from_alias = false) {
|
||||||
if ($this->isFinalized('Cannot set directive after finalization')) return;
|
if ($this->isFinalized('Cannot set directive after finalization')) return;
|
||||||
if (!isset($this->def->info[$namespace][$key])) {
|
if (!isset($this->def->info[$namespace][$key])) {
|
||||||
trigger_error('Cannot set undefined directive ' . htmlspecialchars("$namespace.$key") . ' to value',
|
trigger_error('Cannot set undefined directive ' . htmlspecialchars("$namespace.$key") . ' to value',
|
||||||
@ -252,9 +256,8 @@ class HTMLPurifier_Config
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Convenience function for error reporting
|
* Convenience function for error reporting
|
||||||
* @private
|
|
||||||
*/
|
*/
|
||||||
function _listify($lookup) {
|
private function _listify($lookup) {
|
||||||
$list = array();
|
$list = array();
|
||||||
foreach ($lookup as $name => $b) $list[] = $name;
|
foreach ($lookup as $name => $b) $list[] = $name;
|
||||||
return implode(', ', $list);
|
return implode(', ', $list);
|
||||||
@ -265,7 +268,7 @@ class HTMLPurifier_Config
|
|||||||
* @param $raw Return a copy that has not been setup yet. Must be
|
* @param $raw Return a copy that has not been setup yet. Must be
|
||||||
* called before it's been setup, otherwise won't work.
|
* called before it's been setup, otherwise won't work.
|
||||||
*/
|
*/
|
||||||
function &getHTMLDefinition($raw = false) {
|
public function &getHTMLDefinition($raw = false) {
|
||||||
$def =& $this->getDefinition('HTML', $raw);
|
$def =& $this->getDefinition('HTML', $raw);
|
||||||
return $def; // prevent PHP 4.4.0 from complaining
|
return $def; // prevent PHP 4.4.0 from complaining
|
||||||
}
|
}
|
||||||
@ -273,7 +276,7 @@ class HTMLPurifier_Config
|
|||||||
/**
|
/**
|
||||||
* Retrieves reference to the CSS definition
|
* Retrieves reference to the CSS definition
|
||||||
*/
|
*/
|
||||||
function &getCSSDefinition($raw = false) {
|
public function &getCSSDefinition($raw = false) {
|
||||||
$def =& $this->getDefinition('CSS', $raw);
|
$def =& $this->getDefinition('CSS', $raw);
|
||||||
return $def;
|
return $def;
|
||||||
}
|
}
|
||||||
@ -283,7 +286,7 @@ class HTMLPurifier_Config
|
|||||||
* @param $type Type of definition: HTML, CSS, etc
|
* @param $type Type of definition: HTML, CSS, etc
|
||||||
* @param $raw Whether or not definition should be returned raw
|
* @param $raw Whether or not definition should be returned raw
|
||||||
*/
|
*/
|
||||||
function &getDefinition($type, $raw = false) {
|
public function &getDefinition($type, $raw = false) {
|
||||||
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
||||||
$factory = HTMLPurifier_DefinitionCacheFactory::instance();
|
$factory = HTMLPurifier_DefinitionCacheFactory::instance();
|
||||||
$cache = $factory->create($type, $this);
|
$cache = $factory->create($type, $this);
|
||||||
@ -343,7 +346,7 @@ class HTMLPurifier_Config
|
|||||||
* Namespace.Directive => Value
|
* Namespace.Directive => Value
|
||||||
* @param $config_array Configuration associative array
|
* @param $config_array Configuration associative array
|
||||||
*/
|
*/
|
||||||
function loadArray($config_array) {
|
public function loadArray($config_array) {
|
||||||
if ($this->isFinalized('Cannot load directives after finalization')) return;
|
if ($this->isFinalized('Cannot load directives after finalization')) return;
|
||||||
foreach ($config_array as $key => $value) {
|
foreach ($config_array as $key => $value) {
|
||||||
$key = str_replace('_', '.', $key);
|
$key = str_replace('_', '.', $key);
|
||||||
@ -366,9 +369,8 @@ class HTMLPurifier_Config
|
|||||||
* that are allowed in a web-form context as per an allowed
|
* that are allowed in a web-form context as per an allowed
|
||||||
* namespaces/directives list.
|
* namespaces/directives list.
|
||||||
* @param $allowed List of allowed namespaces/directives
|
* @param $allowed List of allowed namespaces/directives
|
||||||
* @static
|
|
||||||
*/
|
*/
|
||||||
function getAllowedDirectivesForForm($allowed) {
|
public static function getAllowedDirectivesForForm($allowed) {
|
||||||
$schema = HTMLPurifier_ConfigSchema::instance();
|
$schema = HTMLPurifier_ConfigSchema::instance();
|
||||||
if ($allowed !== true) {
|
if ($allowed !== true) {
|
||||||
if (is_string($allowed)) $allowed = array($allowed);
|
if (is_string($allowed)) $allowed = array($allowed);
|
||||||
@ -411,9 +413,8 @@ class HTMLPurifier_Config
|
|||||||
* @param $index Index/name that the config variables are in
|
* @param $index Index/name that the config variables are in
|
||||||
* @param $allowed List of allowed namespaces/directives
|
* @param $allowed List of allowed namespaces/directives
|
||||||
* @param $mq_fix Boolean whether or not to enable magic quotes fix
|
* @param $mq_fix Boolean whether or not to enable magic quotes fix
|
||||||
* @static
|
|
||||||
*/
|
*/
|
||||||
function loadArrayFromForm($array, $index, $allowed = true, $mq_fix = true) {
|
public static function loadArrayFromForm($array, $index, $allowed = true, $mq_fix = true) {
|
||||||
$ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix);
|
$ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix);
|
||||||
$config = HTMLPurifier_Config::create($ret);
|
$config = HTMLPurifier_Config::create($ret);
|
||||||
return $config;
|
return $config;
|
||||||
@ -423,7 +424,7 @@ class HTMLPurifier_Config
|
|||||||
* Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
|
* Merges in configuration values from $_GET/$_POST to object. NOT STATIC.
|
||||||
* @note Same parameters as loadArrayFromForm
|
* @note Same parameters as loadArrayFromForm
|
||||||
*/
|
*/
|
||||||
function mergeArrayFromForm($array, $index, $allowed = true, $mq_fix = true) {
|
public function mergeArrayFromForm($array, $index, $allowed = true, $mq_fix = true) {
|
||||||
$ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix);
|
$ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix);
|
||||||
$this->loadArray($ret);
|
$this->loadArray($ret);
|
||||||
}
|
}
|
||||||
@ -431,9 +432,8 @@ class HTMLPurifier_Config
|
|||||||
/**
|
/**
|
||||||
* Prepares an array from a form into something usable for the more
|
* Prepares an array from a form into something usable for the more
|
||||||
* strict parts of HTMLPurifier_Config
|
* strict parts of HTMLPurifier_Config
|
||||||
* @static
|
|
||||||
*/
|
*/
|
||||||
function prepareArrayFromForm($array, $index, $allowed = true, $mq_fix = true) {
|
public static function prepareArrayFromForm($array, $index, $allowed = true, $mq_fix = true) {
|
||||||
$array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array();
|
$array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array();
|
||||||
$mq = get_magic_quotes_gpc() && $mq_fix;
|
$mq = get_magic_quotes_gpc() && $mq_fix;
|
||||||
|
|
||||||
@ -457,7 +457,7 @@ class HTMLPurifier_Config
|
|||||||
* Loads configuration values from an ini file
|
* Loads configuration values from an ini file
|
||||||
* @param $filename Name of ini file
|
* @param $filename Name of ini file
|
||||||
*/
|
*/
|
||||||
function loadIni($filename) {
|
public function loadIni($filename) {
|
||||||
if ($this->isFinalized('Cannot load directives after finalization')) return;
|
if ($this->isFinalized('Cannot load directives after finalization')) return;
|
||||||
$array = parse_ini_file($filename, true);
|
$array = parse_ini_file($filename, true);
|
||||||
$this->loadArray($array);
|
$this->loadArray($array);
|
||||||
@ -467,7 +467,7 @@ class HTMLPurifier_Config
|
|||||||
* Checks whether or not the configuration object is finalized.
|
* Checks whether or not the configuration object is finalized.
|
||||||
* @param $error String error message, or false for no error
|
* @param $error String error message, or false for no error
|
||||||
*/
|
*/
|
||||||
function isFinalized($error = false) {
|
public function isFinalized($error = false) {
|
||||||
if ($this->finalized && $error) {
|
if ($this->finalized && $error) {
|
||||||
trigger_error($error, E_USER_ERROR);
|
trigger_error($error, E_USER_ERROR);
|
||||||
}
|
}
|
||||||
@ -478,14 +478,14 @@ class HTMLPurifier_Config
|
|||||||
* Finalizes configuration only if auto finalize is on and not
|
* Finalizes configuration only if auto finalize is on and not
|
||||||
* already finalized
|
* already finalized
|
||||||
*/
|
*/
|
||||||
function autoFinalize() {
|
public function autoFinalize() {
|
||||||
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
if (!$this->finalized && $this->autoFinalize) $this->finalize();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Finalizes a configuration object, prohibiting further change
|
* Finalizes a configuration object, prohibiting further change
|
||||||
*/
|
*/
|
||||||
function finalize() {
|
public function finalize() {
|
||||||
$this->finalized = true;
|
$this->finalized = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4,6 +4,6 @@
|
|||||||
* Base class for configuration entity
|
* Base class for configuration entity
|
||||||
*/
|
*/
|
||||||
class HTMLPurifier_ConfigDef {
|
class HTMLPurifier_ConfigDef {
|
||||||
var $class = false;
|
public $class = false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -9,9 +9,9 @@ require_once 'HTMLPurifier/ConfigDef.php';
|
|||||||
class HTMLPurifier_ConfigDef_Directive extends HTMLPurifier_ConfigDef
|
class HTMLPurifier_ConfigDef_Directive extends HTMLPurifier_ConfigDef
|
||||||
{
|
{
|
||||||
|
|
||||||
var $class = 'directive';
|
public $class = 'directive';
|
||||||
|
|
||||||
function HTMLPurifier_ConfigDef_Directive(
|
public function HTMLPurifier_ConfigDef_Directive(
|
||||||
$type = null,
|
$type = null,
|
||||||
$descriptions = null,
|
$descriptions = null,
|
||||||
$allow_null = null,
|
$allow_null = null,
|
||||||
@ -37,40 +37,40 @@ class HTMLPurifier_ConfigDef_Directive extends HTMLPurifier_ConfigDef
|
|||||||
* - hash (array of key => value)
|
* - hash (array of key => value)
|
||||||
* - mixed (anything goes)
|
* - mixed (anything goes)
|
||||||
*/
|
*/
|
||||||
var $type = 'mixed';
|
public $type = 'mixed';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Plaintext descriptions of the configuration entity is. Organized by
|
* Plaintext descriptions of the configuration entity is. Organized by
|
||||||
* file and line number, so multiple descriptions are allowed.
|
* file and line number, so multiple descriptions are allowed.
|
||||||
*/
|
*/
|
||||||
var $descriptions = array();
|
public $descriptions = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Is null allowed? Has no effect for mixed type.
|
* Is null allowed? Has no effect for mixed type.
|
||||||
* @bool
|
* @bool
|
||||||
*/
|
*/
|
||||||
var $allow_null = false;
|
public $allow_null = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Lookup table of allowed values of the element, bool true if all allowed.
|
* Lookup table of allowed values of the element, bool true if all allowed.
|
||||||
*/
|
*/
|
||||||
var $allowed = true;
|
public $allowed = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Hash of value aliases, i.e. values that are equivalent.
|
* Hash of value aliases, i.e. values that are equivalent.
|
||||||
*/
|
*/
|
||||||
var $aliases = array();
|
public $aliases = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Advisory list of directive aliases, i.e. other directives that
|
* Advisory list of directive aliases, i.e. other directives that
|
||||||
* redirect here
|
* redirect here
|
||||||
*/
|
*/
|
||||||
var $directiveAliases = array();
|
public $directiveAliases = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Adds a description to the array
|
* Adds a description to the array
|
||||||
*/
|
*/
|
||||||
function addDescription($file, $line, $description) {
|
public function addDescription($file, $line, $description) {
|
||||||
if (!isset($this->descriptions[$file])) $this->descriptions[$file] = array();
|
if (!isset($this->descriptions[$file])) $this->descriptions[$file] = array();
|
||||||
$this->descriptions[$file][$line] = $description;
|
$this->descriptions[$file][$line] = $description;
|
||||||
}
|
}
|
||||||
|
@ -7,18 +7,18 @@ require_once 'HTMLPurifier/ConfigDef.php';
|
|||||||
*/
|
*/
|
||||||
class HTMLPurifier_ConfigDef_DirectiveAlias extends HTMLPurifier_ConfigDef
|
class HTMLPurifier_ConfigDef_DirectiveAlias extends HTMLPurifier_ConfigDef
|
||||||
{
|
{
|
||||||
var $class = 'alias';
|
public $class = 'alias';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Namespace being aliased to
|
* Namespace being aliased to
|
||||||
*/
|
*/
|
||||||
var $namespace;
|
public $namespace;
|
||||||
/**
|
/**
|
||||||
* Directive being aliased to
|
* Directive being aliased to
|
||||||
*/
|
*/
|
||||||
var $name;
|
public $name;
|
||||||
|
|
||||||
function HTMLPurifier_ConfigDef_DirectiveAlias($namespace, $name) {
|
public function HTMLPurifier_ConfigDef_DirectiveAlias($namespace, $name) {
|
||||||
$this->namespace = $namespace;
|
$this->namespace = $namespace;
|
||||||
$this->name = $name;
|
$this->name = $name;
|
||||||
}
|
}
|
||||||
|
@ -7,16 +7,16 @@ require_once 'HTMLPurifier/ConfigDef.php';
|
|||||||
*/
|
*/
|
||||||
class HTMLPurifier_ConfigDef_Namespace extends HTMLPurifier_ConfigDef {
|
class HTMLPurifier_ConfigDef_Namespace extends HTMLPurifier_ConfigDef {
|
||||||
|
|
||||||
function HTMLPurifier_ConfigDef_Namespace($description = null) {
|
public function HTMLPurifier_ConfigDef_Namespace($description = null) {
|
||||||
$this->description = $description;
|
$this->description = $description;
|
||||||
}
|
}
|
||||||
|
|
||||||
var $class = 'namespace';
|
public $class = 'namespace';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* String description of what kinds of directives go in this namespace.
|
* String description of what kinds of directives go in this namespace.
|
||||||
*/
|
*/
|
||||||
var $description;
|
public $description;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -33,22 +33,22 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
* Defaults of the directives and namespaces.
|
* Defaults of the directives and namespaces.
|
||||||
* @note This shares the exact same structure as HTMLPurifier_Config::$conf
|
* @note This shares the exact same structure as HTMLPurifier_Config::$conf
|
||||||
*/
|
*/
|
||||||
var $defaults = array();
|
public $defaults = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Definition of the directives.
|
* Definition of the directives.
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
public $info = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Definition of namespaces.
|
* Definition of namespaces.
|
||||||
*/
|
*/
|
||||||
var $info_namespace = array();
|
public $info_namespace = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Lookup table of allowed types.
|
* Lookup table of allowed types.
|
||||||
*/
|
*/
|
||||||
var $types = array(
|
public $types = array(
|
||||||
'string' => 'String',
|
'string' => 'String',
|
||||||
'istring' => 'Case-insensitive string',
|
'istring' => 'Case-insensitive string',
|
||||||
'text' => 'Text',
|
'text' => 'Text',
|
||||||
@ -65,7 +65,7 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
/**
|
/**
|
||||||
* Initializes the default namespaces.
|
* Initializes the default namespaces.
|
||||||
*/
|
*/
|
||||||
function initialize() {
|
public function initialize() {
|
||||||
$this->defineNamespace('Core', 'Core features that are always available.');
|
$this->defineNamespace('Core', 'Core features that are always available.');
|
||||||
$this->defineNamespace('Attr', 'Features regarding attribute validation.');
|
$this->defineNamespace('Attr', 'Features regarding attribute validation.');
|
||||||
$this->defineNamespace('URI', 'Features regarding Uniform Resource Identifiers.');
|
$this->defineNamespace('URI', 'Features regarding Uniform Resource Identifiers.');
|
||||||
@ -80,9 +80,8 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieves an instance of the application-wide configuration definition.
|
* Retrieves an instance of the application-wide configuration definition.
|
||||||
* @static
|
|
||||||
*/
|
*/
|
||||||
function &instance($prototype = null) {
|
public static function &instance($prototype = null) {
|
||||||
static $instance;
|
static $instance;
|
||||||
if ($prototype !== null) {
|
if ($prototype !== null) {
|
||||||
$instance = $prototype;
|
$instance = $prototype;
|
||||||
@ -95,7 +94,6 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Defines a directive for configuration
|
* Defines a directive for configuration
|
||||||
* @static
|
|
||||||
* @warning Will fail of directive's namespace is defined
|
* @warning Will fail of directive's namespace is defined
|
||||||
* @param $namespace Namespace the directive is in
|
* @param $namespace Namespace the directive is in
|
||||||
* @param $name Key of directive
|
* @param $name Key of directive
|
||||||
@ -104,7 +102,7 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
* HTMLPurifier_DirectiveDef::$type for allowed values
|
* HTMLPurifier_DirectiveDef::$type for allowed values
|
||||||
* @param $description Description of directive for documentation
|
* @param $description Description of directive for documentation
|
||||||
*/
|
*/
|
||||||
function define($namespace, $name, $default, $type, $description) {
|
public static function define($namespace, $name, $default, $type, $description) {
|
||||||
$def =& HTMLPurifier_ConfigSchema::instance();
|
$def =& HTMLPurifier_ConfigSchema::instance();
|
||||||
|
|
||||||
// basic sanity checks
|
// basic sanity checks
|
||||||
@ -173,11 +171,10 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Defines a namespace for directives to be put into.
|
* Defines a namespace for directives to be put into.
|
||||||
* @static
|
|
||||||
* @param $namespace Namespace's name
|
* @param $namespace Namespace's name
|
||||||
* @param $description Description of the namespace
|
* @param $description Description of the namespace
|
||||||
*/
|
*/
|
||||||
function defineNamespace($namespace, $description) {
|
public static function defineNamespace($namespace, $description) {
|
||||||
$def =& HTMLPurifier_ConfigSchema::instance();
|
$def =& HTMLPurifier_ConfigSchema::instance();
|
||||||
if (HTMLPURIFIER_SCHEMA_STRICT) {
|
if (HTMLPURIFIER_SCHEMA_STRICT) {
|
||||||
if (isset($def->info[$namespace])) {
|
if (isset($def->info[$namespace])) {
|
||||||
@ -206,13 +203,12 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
*
|
*
|
||||||
* Directive value aliases are convenient for developers because it lets
|
* Directive value aliases are convenient for developers because it lets
|
||||||
* them set a directive to several values and get the same result.
|
* them set a directive to several values and get the same result.
|
||||||
* @static
|
|
||||||
* @param $namespace Directive's namespace
|
* @param $namespace Directive's namespace
|
||||||
* @param $name Name of Directive
|
* @param $name Name of Directive
|
||||||
* @param $alias Name of aliased value
|
* @param $alias Name of aliased value
|
||||||
* @param $real Value aliased value will be converted into
|
* @param $real Value aliased value will be converted into
|
||||||
*/
|
*/
|
||||||
function defineValueAliases($namespace, $name, $aliases) {
|
public static function defineValueAliases($namespace, $name, $aliases) {
|
||||||
$def =& HTMLPurifier_ConfigSchema::instance();
|
$def =& HTMLPurifier_ConfigSchema::instance();
|
||||||
if (HTMLPURIFIER_SCHEMA_STRICT && !isset($def->info[$namespace][$name])) {
|
if (HTMLPURIFIER_SCHEMA_STRICT && !isset($def->info[$namespace][$name])) {
|
||||||
trigger_error('Cannot set value alias for non-existant directive',
|
trigger_error('Cannot set value alias for non-existant directive',
|
||||||
@ -240,12 +236,11 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Defines a set of allowed values for a directive.
|
* Defines a set of allowed values for a directive.
|
||||||
* @static
|
|
||||||
* @param $namespace Namespace of directive
|
* @param $namespace Namespace of directive
|
||||||
* @param $name Name of directive
|
* @param $name Name of directive
|
||||||
* @param $allowed_values Arraylist of allowed values
|
* @param $allowed_values Arraylist of allowed values
|
||||||
*/
|
*/
|
||||||
function defineAllowedValues($namespace, $name, $allowed_values) {
|
public static function defineAllowedValues($namespace, $name, $allowed_values) {
|
||||||
$def =& HTMLPurifier_ConfigSchema::instance();
|
$def =& HTMLPurifier_ConfigSchema::instance();
|
||||||
if (HTMLPURIFIER_SCHEMA_STRICT && !isset($def->info[$namespace][$name])) {
|
if (HTMLPURIFIER_SCHEMA_STRICT && !isset($def->info[$namespace][$name])) {
|
||||||
trigger_error('Cannot define allowed values for undefined directive',
|
trigger_error('Cannot define allowed values for undefined directive',
|
||||||
@ -279,13 +274,12 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Defines a directive alias for backwards compatibility
|
* Defines a directive alias for backwards compatibility
|
||||||
* @static
|
|
||||||
* @param $namespace
|
* @param $namespace
|
||||||
* @param $name Directive that will be aliased
|
* @param $name Directive that will be aliased
|
||||||
* @param $new_namespace
|
* @param $new_namespace
|
||||||
* @param $new_name Directive that the alias will be to
|
* @param $new_name Directive that the alias will be to
|
||||||
*/
|
*/
|
||||||
function defineAlias($namespace, $name, $new_namespace, $new_name) {
|
public static function defineAlias($namespace, $name, $new_namespace, $new_name) {
|
||||||
$def =& HTMLPurifier_ConfigSchema::instance();
|
$def =& HTMLPurifier_ConfigSchema::instance();
|
||||||
if (HTMLPURIFIER_SCHEMA_STRICT) {
|
if (HTMLPURIFIER_SCHEMA_STRICT) {
|
||||||
if (!isset($def->info[$namespace])) {
|
if (!isset($def->info[$namespace])) {
|
||||||
@ -322,8 +316,9 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Validate a variable according to type. Return null if invalid.
|
* Validate a variable according to type. Return null if invalid.
|
||||||
|
* @todo Consider making protected
|
||||||
*/
|
*/
|
||||||
function validate($var, $type, $allow_null = false) {
|
public function validate($var, $type, $allow_null = false) {
|
||||||
if (!isset($this->types[$type])) {
|
if (!isset($this->types[$type])) {
|
||||||
trigger_error('Invalid type', E_USER_ERROR);
|
trigger_error('Invalid type', E_USER_ERROR);
|
||||||
return;
|
return;
|
||||||
@ -414,8 +409,11 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Takes an absolute path and munges it into a more manageable relative path
|
* Takes an absolute path and munges it into a more manageable relative path
|
||||||
|
* @todo Consider making protected
|
||||||
|
* @param $filename Filename to check
|
||||||
|
* @return string munged filename
|
||||||
*/
|
*/
|
||||||
function mungeFilename($filename) {
|
public function mungeFilename($filename) {
|
||||||
if (!HTMLPURIFIER_SCHEMA_STRICT) return $filename;
|
if (!HTMLPURIFIER_SCHEMA_STRICT) return $filename;
|
||||||
$offset = strrpos($filename, 'HTMLPurifier');
|
$offset = strrpos($filename, 'HTMLPurifier');
|
||||||
$filename = substr($filename, $offset);
|
$filename = substr($filename, $offset);
|
||||||
@ -425,10 +423,11 @@ class HTMLPurifier_ConfigSchema {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Checks if var is an HTMLPurifier_Error object
|
* Checks if var is an HTMLPurifier_Error object
|
||||||
|
* @todo Consider making protected
|
||||||
*/
|
*/
|
||||||
function isError($var) {
|
public function isError($var) {
|
||||||
if (!is_object($var)) return false;
|
if (!is_object($var)) return false;
|
||||||
if (!is_a($var, 'HTMLPurifier_Error')) return false;
|
if (!($var instanceof HTMLPurifier_Error)) return false;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -7,39 +7,38 @@ require_once 'HTMLPurifier/ChildDef/Required.php';
|
|||||||
require_once 'HTMLPurifier/ChildDef/Optional.php';
|
require_once 'HTMLPurifier/ChildDef/Optional.php';
|
||||||
require_once 'HTMLPurifier/ChildDef/Custom.php';
|
require_once 'HTMLPurifier/ChildDef/Custom.php';
|
||||||
|
|
||||||
// NOT UNIT TESTED!!!
|
/**
|
||||||
|
* @todo Unit test
|
||||||
|
*/
|
||||||
class HTMLPurifier_ContentSets
|
class HTMLPurifier_ContentSets
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of content set strings (pipe seperators) indexed by name.
|
* List of content set strings (pipe seperators) indexed by name.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
public $info = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of content set lookups (element => true) indexed by name.
|
* List of content set lookups (element => true) indexed by name.
|
||||||
* @note This is in HTMLPurifier_HTMLDefinition->info_content_sets
|
* @note This is in HTMLPurifier_HTMLDefinition->info_content_sets
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $lookup = array();
|
public $lookup = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Synchronized list of defined content sets (keys of info)
|
* Synchronized list of defined content sets (keys of info)
|
||||||
*/
|
*/
|
||||||
var $keys = array();
|
protected $keys = array();
|
||||||
/**
|
/**
|
||||||
* Synchronized list of defined content values (values of info)
|
* Synchronized list of defined content values (values of info)
|
||||||
*/
|
*/
|
||||||
var $values = array();
|
protected $values = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Merges in module's content sets, expands identifiers in the content
|
* Merges in module's content sets, expands identifiers in the content
|
||||||
* sets and populates the keys, values and lookup member variables.
|
* sets and populates the keys, values and lookup member variables.
|
||||||
* @param $modules List of HTMLPurifier_HTMLModule
|
* @param $modules List of HTMLPurifier_HTMLModule
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_ContentSets($modules) {
|
public function HTMLPurifier_ContentSets($modules) {
|
||||||
if (!is_array($modules)) $modules = array($modules);
|
if (!is_array($modules)) $modules = array($modules);
|
||||||
// populate content_sets based on module hints
|
// populate content_sets based on module hints
|
||||||
// sorry, no way of overloading
|
// sorry, no way of overloading
|
||||||
@ -79,7 +78,7 @@ class HTMLPurifier_ContentSets
|
|||||||
* @param $def HTMLPurifier_ElementDef reference
|
* @param $def HTMLPurifier_ElementDef reference
|
||||||
* @param $module Module that defined the ElementDef
|
* @param $module Module that defined the ElementDef
|
||||||
*/
|
*/
|
||||||
function generateChildDef(&$def, $module) {
|
public function generateChildDef(&$def, $module) {
|
||||||
if (!empty($def->child)) return; // already done!
|
if (!empty($def->child)) return; // already done!
|
||||||
$content_model = $def->content_model;
|
$content_model = $def->content_model;
|
||||||
if (is_string($content_model)) {
|
if (is_string($content_model)) {
|
||||||
@ -97,7 +96,7 @@ class HTMLPurifier_ContentSets
|
|||||||
* @param $def HTMLPurifier_ElementDef to have ChildDef extracted
|
* @param $def HTMLPurifier_ElementDef to have ChildDef extracted
|
||||||
* @return HTMLPurifier_ChildDef corresponding to ElementDef
|
* @return HTMLPurifier_ChildDef corresponding to ElementDef
|
||||||
*/
|
*/
|
||||||
function getChildDef($def, $module) {
|
public function getChildDef($def, $module) {
|
||||||
$value = $def->content_model;
|
$value = $def->content_model;
|
||||||
if (is_object($value)) {
|
if (is_object($value)) {
|
||||||
trigger_error(
|
trigger_error(
|
||||||
@ -137,7 +136,7 @@ class HTMLPurifier_ContentSets
|
|||||||
* @param $string List of elements
|
* @param $string List of elements
|
||||||
* @return Lookup array of elements
|
* @return Lookup array of elements
|
||||||
*/
|
*/
|
||||||
function convertToLookup($string) {
|
protected function convertToLookup($string) {
|
||||||
$array = explode('|', str_replace(' ', '', $string));
|
$array = explode('|', str_replace(' ', '', $string));
|
||||||
$ret = array();
|
$ret = array();
|
||||||
foreach ($array as $i => $k) {
|
foreach ($array as $i => $k) {
|
||||||
|
@ -10,16 +10,15 @@ class HTMLPurifier_Context
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Private array that stores the references.
|
* Private array that stores the references.
|
||||||
* @private
|
|
||||||
*/
|
*/
|
||||||
var $_storage = array();
|
private $_storage = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Registers a variable into the context.
|
* Registers a variable into the context.
|
||||||
* @param $name String name
|
* @param $name String name
|
||||||
* @param $ref Variable to be registered
|
* @param $ref Variable to be registered
|
||||||
*/
|
*/
|
||||||
function register($name, &$ref) {
|
public function register($name, &$ref) {
|
||||||
if (isset($this->_storage[$name])) {
|
if (isset($this->_storage[$name])) {
|
||||||
trigger_error("Name $name produces collision, cannot re-register",
|
trigger_error("Name $name produces collision, cannot re-register",
|
||||||
E_USER_ERROR);
|
E_USER_ERROR);
|
||||||
@ -33,7 +32,7 @@ class HTMLPurifier_Context
|
|||||||
* @param $name String name
|
* @param $name String name
|
||||||
* @param $ignore_error Boolean whether or not to ignore error
|
* @param $ignore_error Boolean whether or not to ignore error
|
||||||
*/
|
*/
|
||||||
function &get($name, $ignore_error = false) {
|
public function &get($name, $ignore_error = false) {
|
||||||
if (!isset($this->_storage[$name])) {
|
if (!isset($this->_storage[$name])) {
|
||||||
if (!$ignore_error) {
|
if (!$ignore_error) {
|
||||||
trigger_error("Attempted to retrieve non-existent variable $name",
|
trigger_error("Attempted to retrieve non-existent variable $name",
|
||||||
@ -49,7 +48,7 @@ class HTMLPurifier_Context
|
|||||||
* Destorys a variable in the context.
|
* Destorys a variable in the context.
|
||||||
* @param $name String name
|
* @param $name String name
|
||||||
*/
|
*/
|
||||||
function destroy($name) {
|
public function destroy($name) {
|
||||||
if (!isset($this->_storage[$name])) {
|
if (!isset($this->_storage[$name])) {
|
||||||
trigger_error("Attempted to destroy non-existent variable $name",
|
trigger_error("Attempted to destroy non-existent variable $name",
|
||||||
E_USER_ERROR);
|
E_USER_ERROR);
|
||||||
@ -62,7 +61,7 @@ class HTMLPurifier_Context
|
|||||||
* Checks whether or not the variable exists.
|
* Checks whether or not the variable exists.
|
||||||
* @param $name String name
|
* @param $name String name
|
||||||
*/
|
*/
|
||||||
function exists($name) {
|
public function exists($name) {
|
||||||
return isset($this->_storage[$name]);
|
return isset($this->_storage[$name]);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -70,7 +69,7 @@ class HTMLPurifier_Context
|
|||||||
* Loads a series of variables from an associative array
|
* Loads a series of variables from an associative array
|
||||||
* @param $context_array Assoc array of variables to load
|
* @param $context_array Assoc array of variables to load
|
||||||
*/
|
*/
|
||||||
function loadArray(&$context_array) {
|
public function loadArray(&$context_array) {
|
||||||
foreach ($context_array as $key => $discard) {
|
foreach ($context_array as $key => $discard) {
|
||||||
$this->register($key, $context_array[$key]);
|
$this->register($key, $context_array[$key]);
|
||||||
}
|
}
|
||||||
|
@ -4,33 +4,31 @@
|
|||||||
* Super-class for definition datatype objects, implements serialization
|
* Super-class for definition datatype objects, implements serialization
|
||||||
* functions for the class.
|
* functions for the class.
|
||||||
*/
|
*/
|
||||||
class HTMLPurifier_Definition
|
abstract class HTMLPurifier_Definition
|
||||||
{
|
{
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Has setup() been called yet?
|
* Has setup() been called yet?
|
||||||
*/
|
*/
|
||||||
var $setup = false;
|
public $setup = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* What type of definition is it?
|
* What type of definition is it?
|
||||||
*/
|
*/
|
||||||
var $type;
|
public $type;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets up the definition object into the final form, something
|
* Sets up the definition object into the final form, something
|
||||||
* not done by the constructor
|
* not done by the constructor
|
||||||
* @param $config HTMLPurifier_Config instance
|
* @param $config HTMLPurifier_Config instance
|
||||||
*/
|
*/
|
||||||
function doSetup($config) {
|
abstract protected function doSetup($config);
|
||||||
trigger_error('Cannot call abstract method', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Setup function that aborts if already setup
|
* Setup function that aborts if already setup
|
||||||
* @param $config HTMLPurifier_Config instance
|
* @param $config HTMLPurifier_Config instance
|
||||||
*/
|
*/
|
||||||
function setup($config) {
|
public function setup($config) {
|
||||||
if ($this->setup) return;
|
if ($this->setup) return;
|
||||||
$this->setup = true;
|
$this->setup = true;
|
||||||
$this->doSetup($config);
|
$this->doSetup($config);
|
||||||
|
@ -10,25 +10,21 @@ require_once 'HTMLPurifier/DefinitionCache/Decorator/Cleanup.php';
|
|||||||
/**
|
/**
|
||||||
* Abstract class representing Definition cache managers that implements
|
* Abstract class representing Definition cache managers that implements
|
||||||
* useful common methods and is a factory.
|
* useful common methods and is a factory.
|
||||||
* @todo Get some sort of versioning variable so the library can easily
|
|
||||||
* invalidate the cache with a new version
|
|
||||||
* @todo Make the test runner cache aware and allow the user to easily
|
|
||||||
* flush the cache
|
|
||||||
* @todo Create a separate maintenance file advanced users can use to
|
* @todo Create a separate maintenance file advanced users can use to
|
||||||
* cache their custom HTMLDefinition, which can be loaded
|
* cache their custom HTMLDefinition, which can be loaded
|
||||||
* via a configuration directive
|
* via a configuration directive
|
||||||
* @todo Implement memcached
|
* @todo Implement memcached
|
||||||
*/
|
*/
|
||||||
class HTMLPurifier_DefinitionCache
|
abstract class HTMLPurifier_DefinitionCache
|
||||||
{
|
{
|
||||||
|
|
||||||
var $type;
|
public $type;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $name Type of definition objects this instance of the
|
* @param $name Type of definition objects this instance of the
|
||||||
* cache will handle.
|
* cache will handle.
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_DefinitionCache($type) {
|
public function HTMLPurifier_DefinitionCache($type) {
|
||||||
$this->type = $type;
|
$this->type = $type;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -36,7 +32,7 @@ class HTMLPurifier_DefinitionCache
|
|||||||
* Generates a unique identifier for a particular configuration
|
* Generates a unique identifier for a particular configuration
|
||||||
* @param Instance of HTMLPurifier_Config
|
* @param Instance of HTMLPurifier_Config
|
||||||
*/
|
*/
|
||||||
function generateKey($config) {
|
public function generateKey($config) {
|
||||||
return $config->version . '-' . // possibly replace with function calls
|
return $config->version . '-' . // possibly replace with function calls
|
||||||
$config->getBatchSerial($this->type) . '-' .
|
$config->getBatchSerial($this->type) . '-' .
|
||||||
$config->get($this->type, 'DefinitionRev');
|
$config->get($this->type, 'DefinitionRev');
|
||||||
@ -48,7 +44,7 @@ class HTMLPurifier_DefinitionCache
|
|||||||
* @param $key Key to test
|
* @param $key Key to test
|
||||||
* @param $config Instance of HTMLPurifier_Config to test against
|
* @param $config Instance of HTMLPurifier_Config to test against
|
||||||
*/
|
*/
|
||||||
function isOld($key, $config) {
|
public function isOld($key, $config) {
|
||||||
if (substr_count($key, '-') < 2) return true;
|
if (substr_count($key, '-') < 2) return true;
|
||||||
list($version, $hash, $revision) = explode('-', $key, 3);
|
list($version, $hash, $revision) = explode('-', $key, 3);
|
||||||
$compare = version_compare($version, $config->version);
|
$compare = version_compare($version, $config->version);
|
||||||
@ -68,7 +64,7 @@ class HTMLPurifier_DefinitionCache
|
|||||||
* @param $def Definition object to check
|
* @param $def Definition object to check
|
||||||
* @return Boolean true if good, false if not
|
* @return Boolean true if good, false if not
|
||||||
*/
|
*/
|
||||||
function checkDefType($def) {
|
public function checkDefType($def) {
|
||||||
if ($def->type !== $this->type) {
|
if ($def->type !== $this->type) {
|
||||||
trigger_error("Cannot use definition of type {$def->type} in cache for {$this->type}");
|
trigger_error("Cannot use definition of type {$def->type} in cache for {$this->type}");
|
||||||
return false;
|
return false;
|
||||||
@ -79,50 +75,37 @@ class HTMLPurifier_DefinitionCache
|
|||||||
/**
|
/**
|
||||||
* Adds a definition object to the cache
|
* Adds a definition object to the cache
|
||||||
*/
|
*/
|
||||||
function add($def, $config) {
|
abstract public function add($def, $config);
|
||||||
trigger_error('Cannot call abstract method', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Unconditionally saves a definition object to the cache
|
* Unconditionally saves a definition object to the cache
|
||||||
*/
|
*/
|
||||||
function set($def, $config) {
|
abstract public function set($def, $config);
|
||||||
trigger_error('Cannot call abstract method', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Replace an object in the cache
|
* Replace an object in the cache
|
||||||
*/
|
*/
|
||||||
function replace($def, $config) {
|
abstract public function replace($def, $config);
|
||||||
trigger_error('Cannot call abstract method', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieves a definition object from the cache
|
* Retrieves a definition object from the cache
|
||||||
*/
|
*/
|
||||||
function get($config) {
|
abstract public function get($config);
|
||||||
trigger_error('Cannot call abstract method', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Removes a definition object to the cache
|
* Removes a definition object to the cache
|
||||||
*/
|
*/
|
||||||
function remove($config) {
|
abstract public function remove($config);
|
||||||
trigger_error('Cannot call abstract method', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Clears all objects from cache
|
* Clears all objects from cache
|
||||||
*/
|
*/
|
||||||
function flush($config) {
|
abstract public function flush($config);
|
||||||
trigger_error('Cannot call abstract method', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Clears all expired (older version or revision) objects from cache
|
* Clears all expired (older version or revision) objects from cache
|
||||||
*/
|
*/
|
||||||
function cleanup($config) {
|
abstract public function cleanup($config);
|
||||||
trigger_error('Cannot call abstract method', E_USER_ERROR);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -8,15 +8,15 @@ class HTMLPurifier_DefinitionCache_Decorator extends HTMLPurifier_DefinitionCach
|
|||||||
/**
|
/**
|
||||||
* Cache object we are decorating
|
* Cache object we are decorating
|
||||||
*/
|
*/
|
||||||
var $cache;
|
public $cache;
|
||||||
|
|
||||||
function HTMLPurifier_DefinitionCache_Decorator() {}
|
public function HTMLPurifier_DefinitionCache_Decorator() {}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Lazy decorator function
|
* Lazy decorator function
|
||||||
* @param $cache Reference to cache object to decorate
|
* @param $cache Reference to cache object to decorate
|
||||||
*/
|
*/
|
||||||
function decorate(&$cache) {
|
public function decorate(&$cache) {
|
||||||
$decorator = $this->copy();
|
$decorator = $this->copy();
|
||||||
// reference is necessary for mocks in PHP 4
|
// reference is necessary for mocks in PHP 4
|
||||||
$decorator->cache =& $cache;
|
$decorator->cache =& $cache;
|
||||||
@ -27,31 +27,35 @@ class HTMLPurifier_DefinitionCache_Decorator extends HTMLPurifier_DefinitionCach
|
|||||||
/**
|
/**
|
||||||
* Cross-compatible clone substitute
|
* Cross-compatible clone substitute
|
||||||
*/
|
*/
|
||||||
function copy() {
|
public function copy() {
|
||||||
return new HTMLPurifier_DefinitionCache_Decorator();
|
return new HTMLPurifier_DefinitionCache_Decorator();
|
||||||
}
|
}
|
||||||
|
|
||||||
function add($def, $config) {
|
public function add($def, $config) {
|
||||||
return $this->cache->add($def, $config);
|
return $this->cache->add($def, $config);
|
||||||
}
|
}
|
||||||
|
|
||||||
function set($def, $config) {
|
public function set($def, $config) {
|
||||||
return $this->cache->set($def, $config);
|
return $this->cache->set($def, $config);
|
||||||
}
|
}
|
||||||
|
|
||||||
function replace($def, $config) {
|
public function replace($def, $config) {
|
||||||
return $this->cache->replace($def, $config);
|
return $this->cache->replace($def, $config);
|
||||||
}
|
}
|
||||||
|
|
||||||
function get($config) {
|
public function get($config) {
|
||||||
return $this->cache->get($config);
|
return $this->cache->get($config);
|
||||||
}
|
}
|
||||||
|
|
||||||
function flush($config) {
|
public function remove($config) {
|
||||||
|
return $this->cache->remove($config);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function flush($config) {
|
||||||
return $this->cache->flush($config);
|
return $this->cache->flush($config);
|
||||||
}
|
}
|
||||||
|
|
||||||
function cleanup($config) {
|
public function cleanup($config) {
|
||||||
return $this->cache->cleanup($config);
|
return $this->cache->cleanup($config);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -10,31 +10,31 @@ class HTMLPurifier_DefinitionCache_Decorator_Cleanup extends
|
|||||||
HTMLPurifier_DefinitionCache_Decorator
|
HTMLPurifier_DefinitionCache_Decorator
|
||||||
{
|
{
|
||||||
|
|
||||||
var $name = 'Cleanup';
|
public $name = 'Cleanup';
|
||||||
|
|
||||||
function copy() {
|
public function copy() {
|
||||||
return new HTMLPurifier_DefinitionCache_Decorator_Cleanup();
|
return new HTMLPurifier_DefinitionCache_Decorator_Cleanup();
|
||||||
}
|
}
|
||||||
|
|
||||||
function add($def, $config) {
|
public function add($def, $config) {
|
||||||
$status = parent::add($def, $config);
|
$status = parent::add($def, $config);
|
||||||
if (!$status) parent::cleanup($config);
|
if (!$status) parent::cleanup($config);
|
||||||
return $status;
|
return $status;
|
||||||
}
|
}
|
||||||
|
|
||||||
function set($def, $config) {
|
public function set($def, $config) {
|
||||||
$status = parent::set($def, $config);
|
$status = parent::set($def, $config);
|
||||||
if (!$status) parent::cleanup($config);
|
if (!$status) parent::cleanup($config);
|
||||||
return $status;
|
return $status;
|
||||||
}
|
}
|
||||||
|
|
||||||
function replace($def, $config) {
|
public function replace($def, $config) {
|
||||||
$status = parent::replace($def, $config);
|
$status = parent::replace($def, $config);
|
||||||
if (!$status) parent::cleanup($config);
|
if (!$status) parent::cleanup($config);
|
||||||
return $status;
|
return $status;
|
||||||
}
|
}
|
||||||
|
|
||||||
function get($config) {
|
public function get($config) {
|
||||||
$ret = parent::get($config);
|
$ret = parent::get($config);
|
||||||
if (!$ret) parent::cleanup($config);
|
if (!$ret) parent::cleanup($config);
|
||||||
return $ret;
|
return $ret;
|
||||||
|
@ -11,32 +11,32 @@ class HTMLPurifier_DefinitionCache_Decorator_Memory extends
|
|||||||
HTMLPurifier_DefinitionCache_Decorator
|
HTMLPurifier_DefinitionCache_Decorator
|
||||||
{
|
{
|
||||||
|
|
||||||
var $definitions;
|
protected $definitions;
|
||||||
var $name = 'Memory';
|
public $name = 'Memory';
|
||||||
|
|
||||||
function copy() {
|
public function copy() {
|
||||||
return new HTMLPurifier_DefinitionCache_Decorator_Memory();
|
return new HTMLPurifier_DefinitionCache_Decorator_Memory();
|
||||||
}
|
}
|
||||||
|
|
||||||
function add($def, $config) {
|
public function add($def, $config) {
|
||||||
$status = parent::add($def, $config);
|
$status = parent::add($def, $config);
|
||||||
if ($status) $this->definitions[$this->generateKey($config)] = $def;
|
if ($status) $this->definitions[$this->generateKey($config)] = $def;
|
||||||
return $status;
|
return $status;
|
||||||
}
|
}
|
||||||
|
|
||||||
function set($def, $config) {
|
public function set($def, $config) {
|
||||||
$status = parent::set($def, $config);
|
$status = parent::set($def, $config);
|
||||||
if ($status) $this->definitions[$this->generateKey($config)] = $def;
|
if ($status) $this->definitions[$this->generateKey($config)] = $def;
|
||||||
return $status;
|
return $status;
|
||||||
}
|
}
|
||||||
|
|
||||||
function replace($def, $config) {
|
public function replace($def, $config) {
|
||||||
$status = parent::replace($def, $config);
|
$status = parent::replace($def, $config);
|
||||||
if ($status) $this->definitions[$this->generateKey($config)] = $def;
|
if ($status) $this->definitions[$this->generateKey($config)] = $def;
|
||||||
return $status;
|
return $status;
|
||||||
}
|
}
|
||||||
|
|
||||||
function get($config) {
|
public function get($config) {
|
||||||
$key = $this->generateKey($config);
|
$key = $this->generateKey($config);
|
||||||
if (isset($this->definitions[$key])) return $this->definitions[$key];
|
if (isset($this->definitions[$key])) return $this->definitions[$key];
|
||||||
$this->definitions[$key] = parent::get($config);
|
$this->definitions[$key] = parent::get($config);
|
||||||
|
@ -8,27 +8,31 @@ require_once 'HTMLPurifier/DefinitionCache.php';
|
|||||||
class HTMLPurifier_DefinitionCache_Null extends HTMLPurifier_DefinitionCache
|
class HTMLPurifier_DefinitionCache_Null extends HTMLPurifier_DefinitionCache
|
||||||
{
|
{
|
||||||
|
|
||||||
function add($def, $config) {
|
public function add($def, $config) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function set($def, $config) {
|
public function set($def, $config) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function replace($def, $config) {
|
public function replace($def, $config) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function get($config) {
|
public function remove($config) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function flush($config) {
|
public function get($config) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
function cleanup($config) {
|
public function flush($config) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function cleanup($config) {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -17,7 +17,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
HTMLPurifier_DefinitionCache
|
HTMLPurifier_DefinitionCache
|
||||||
{
|
{
|
||||||
|
|
||||||
function add($def, $config) {
|
public function add($def, $config) {
|
||||||
if (!$this->checkDefType($def)) return;
|
if (!$this->checkDefType($def)) return;
|
||||||
$file = $this->generateFilePath($config);
|
$file = $this->generateFilePath($config);
|
||||||
if (file_exists($file)) return false;
|
if (file_exists($file)) return false;
|
||||||
@ -25,14 +25,14 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
return $this->_write($file, serialize($def));
|
return $this->_write($file, serialize($def));
|
||||||
}
|
}
|
||||||
|
|
||||||
function set($def, $config) {
|
public function set($def, $config) {
|
||||||
if (!$this->checkDefType($def)) return;
|
if (!$this->checkDefType($def)) return;
|
||||||
$file = $this->generateFilePath($config);
|
$file = $this->generateFilePath($config);
|
||||||
if (!$this->_prepareDir($config)) return false;
|
if (!$this->_prepareDir($config)) return false;
|
||||||
return $this->_write($file, serialize($def));
|
return $this->_write($file, serialize($def));
|
||||||
}
|
}
|
||||||
|
|
||||||
function replace($def, $config) {
|
public function replace($def, $config) {
|
||||||
if (!$this->checkDefType($def)) return;
|
if (!$this->checkDefType($def)) return;
|
||||||
$file = $this->generateFilePath($config);
|
$file = $this->generateFilePath($config);
|
||||||
if (!file_exists($file)) return false;
|
if (!file_exists($file)) return false;
|
||||||
@ -40,19 +40,19 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
return $this->_write($file, serialize($def));
|
return $this->_write($file, serialize($def));
|
||||||
}
|
}
|
||||||
|
|
||||||
function get($config) {
|
public function get($config) {
|
||||||
$file = $this->generateFilePath($config);
|
$file = $this->generateFilePath($config);
|
||||||
if (!file_exists($file)) return false;
|
if (!file_exists($file)) return false;
|
||||||
return unserialize(file_get_contents($file));
|
return unserialize(file_get_contents($file));
|
||||||
}
|
}
|
||||||
|
|
||||||
function remove($config) {
|
public function remove($config) {
|
||||||
$file = $this->generateFilePath($config);
|
$file = $this->generateFilePath($config);
|
||||||
if (!file_exists($file)) return false;
|
if (!file_exists($file)) return false;
|
||||||
return unlink($file);
|
return unlink($file);
|
||||||
}
|
}
|
||||||
|
|
||||||
function flush($config) {
|
public function flush($config) {
|
||||||
if (!$this->_prepareDir($config)) return false;
|
if (!$this->_prepareDir($config)) return false;
|
||||||
$dir = $this->generateDirectoryPath($config);
|
$dir = $this->generateDirectoryPath($config);
|
||||||
$dh = opendir($dir);
|
$dh = opendir($dir);
|
||||||
@ -63,7 +63,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
function cleanup($config) {
|
public function cleanup($config) {
|
||||||
if (!$this->_prepareDir($config)) return false;
|
if (!$this->_prepareDir($config)) return false;
|
||||||
$dir = $this->generateDirectoryPath($config);
|
$dir = $this->generateDirectoryPath($config);
|
||||||
$dh = opendir($dir);
|
$dh = opendir($dir);
|
||||||
@ -78,8 +78,9 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
/**
|
/**
|
||||||
* Generates the file path to the serial file corresponding to
|
* Generates the file path to the serial file corresponding to
|
||||||
* the configuration and definition name
|
* the configuration and definition name
|
||||||
|
* @todo Make protected
|
||||||
*/
|
*/
|
||||||
function generateFilePath($config) {
|
public function generateFilePath($config) {
|
||||||
$key = $this->generateKey($config);
|
$key = $this->generateKey($config);
|
||||||
return $this->generateDirectoryPath($config) . '/' . $key . '.ser';
|
return $this->generateDirectoryPath($config) . '/' . $key . '.ser';
|
||||||
}
|
}
|
||||||
@ -87,8 +88,9 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
/**
|
/**
|
||||||
* Generates the path to the directory contain this cache's serial files
|
* Generates the path to the directory contain this cache's serial files
|
||||||
* @note No trailing slash
|
* @note No trailing slash
|
||||||
|
* @todo Make protected
|
||||||
*/
|
*/
|
||||||
function generateDirectoryPath($config) {
|
public function generateDirectoryPath($config) {
|
||||||
$base = $this->generateBaseDirectoryPath($config);
|
$base = $this->generateBaseDirectoryPath($config);
|
||||||
return $base . '/' . $this->type;
|
return $base . '/' . $this->type;
|
||||||
}
|
}
|
||||||
@ -96,8 +98,9 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
/**
|
/**
|
||||||
* Generates path to base directory that contains all definition type
|
* Generates path to base directory that contains all definition type
|
||||||
* serials
|
* serials
|
||||||
|
* @todo Make protected
|
||||||
*/
|
*/
|
||||||
function generateBaseDirectoryPath($config) {
|
public function generateBaseDirectoryPath($config) {
|
||||||
$base = $config->get('Cache', 'SerializerPath');
|
$base = $config->get('Cache', 'SerializerPath');
|
||||||
$base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
|
$base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
|
||||||
return $base;
|
return $base;
|
||||||
@ -109,7 +112,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
* @param $data Data to write into file
|
* @param $data Data to write into file
|
||||||
* @return Number of bytes written if success, or false if failure.
|
* @return Number of bytes written if success, or false if failure.
|
||||||
*/
|
*/
|
||||||
function _write($file, $data) {
|
private function _write($file, $data) {
|
||||||
static $file_put_contents;
|
static $file_put_contents;
|
||||||
if ($file_put_contents === null) {
|
if ($file_put_contents === null) {
|
||||||
$file_put_contents = function_exists('file_put_contents');
|
$file_put_contents = function_exists('file_put_contents');
|
||||||
@ -128,7 +131,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
* Prepares the directory that this type stores the serials in
|
* Prepares the directory that this type stores the serials in
|
||||||
* @return True if successful
|
* @return True if successful
|
||||||
*/
|
*/
|
||||||
function _prepareDir($config) {
|
private function _prepareDir($config) {
|
||||||
$directory = $this->generateDirectoryPath($config);
|
$directory = $this->generateDirectoryPath($config);
|
||||||
if (!is_dir($directory)) {
|
if (!is_dir($directory)) {
|
||||||
$base = $this->generateBaseDirectoryPath($config);
|
$base = $this->generateBaseDirectoryPath($config);
|
||||||
@ -151,7 +154,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
|
|||||||
* Tests permissions on a directory and throws out friendly
|
* Tests permissions on a directory and throws out friendly
|
||||||
* error messages and attempts to chmod it itself if possible
|
* error messages and attempts to chmod it itself if possible
|
||||||
*/
|
*/
|
||||||
function _testPermissions($dir) {
|
private function _testPermissions($dir) {
|
||||||
// early abort, if it is writable, everything is hunky-dory
|
// early abort, if it is writable, everything is hunky-dory
|
||||||
if (is_writable($dir)) return true;
|
if (is_writable($dir)) return true;
|
||||||
if (!is_dir($dir)) {
|
if (!is_dir($dir)) {
|
||||||
|
@ -26,21 +26,20 @@ HTMLPurifier_ConfigSchema::defineAlias(
|
|||||||
class HTMLPurifier_DefinitionCacheFactory
|
class HTMLPurifier_DefinitionCacheFactory
|
||||||
{
|
{
|
||||||
|
|
||||||
var $caches = array('Serializer' => array());
|
protected $caches = array('Serializer' => array());
|
||||||
var $decorators = array();
|
protected $decorators = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Initialize default decorators
|
* Initialize default decorators
|
||||||
*/
|
*/
|
||||||
function setup() {
|
public function setup() {
|
||||||
$this->addDecorator('Cleanup');
|
$this->addDecorator('Cleanup');
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieves an instance of global definition cache factory.
|
* Retrieves an instance of global definition cache factory.
|
||||||
* @static
|
|
||||||
*/
|
*/
|
||||||
function &instance($prototype = null) {
|
public static function &instance($prototype = null) {
|
||||||
static $instance;
|
static $instance;
|
||||||
if ($prototype !== null) {
|
if ($prototype !== null) {
|
||||||
$instance = $prototype;
|
$instance = $prototype;
|
||||||
@ -56,7 +55,7 @@ class HTMLPurifier_DefinitionCacheFactory
|
|||||||
* @param $name Name of definitions handled by cache
|
* @param $name Name of definitions handled by cache
|
||||||
* @param $config Instance of HTMLPurifier_Config
|
* @param $config Instance of HTMLPurifier_Config
|
||||||
*/
|
*/
|
||||||
function &create($type, $config) {
|
public function &create($type, $config) {
|
||||||
// only one implementation as for right now, $config will
|
// only one implementation as for right now, $config will
|
||||||
// be used to determine implementation
|
// be used to determine implementation
|
||||||
$method = $config->get('Cache', 'DefinitionImpl');
|
$method = $config->get('Cache', 'DefinitionImpl');
|
||||||
@ -82,7 +81,7 @@ class HTMLPurifier_DefinitionCacheFactory
|
|||||||
* Registers a decorator to add to all new cache objects
|
* Registers a decorator to add to all new cache objects
|
||||||
* @param
|
* @param
|
||||||
*/
|
*/
|
||||||
function addDecorator($decorator) {
|
public function addDecorator($decorator) {
|
||||||
if (is_string($decorator)) {
|
if (is_string($decorator)) {
|
||||||
$class = "HTMLPurifier_DefinitionCache_Decorator_$decorator";
|
$class = "HTMLPurifier_DefinitionCache_Decorator_$decorator";
|
||||||
$decorator = new $class;
|
$decorator = new $class;
|
||||||
|
@ -11,40 +11,40 @@ class HTMLPurifier_Doctype
|
|||||||
/**
|
/**
|
||||||
* Full name of doctype
|
* Full name of doctype
|
||||||
*/
|
*/
|
||||||
var $name;
|
public $name;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of standard modules (string identifiers or literal objects)
|
* List of standard modules (string identifiers or literal objects)
|
||||||
* that this doctype uses
|
* that this doctype uses
|
||||||
*/
|
*/
|
||||||
var $modules = array();
|
public $modules = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of modules to use for tidying up code
|
* List of modules to use for tidying up code
|
||||||
*/
|
*/
|
||||||
var $tidyModules = array();
|
public $tidyModules = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Is the language derived from XML (i.e. XHTML)?
|
* Is the language derived from XML (i.e. XHTML)?
|
||||||
*/
|
*/
|
||||||
var $xml = true;
|
public $xml = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of aliases for this doctype
|
* List of aliases for this doctype
|
||||||
*/
|
*/
|
||||||
var $aliases = array();
|
public $aliases = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Public DTD identifier
|
* Public DTD identifier
|
||||||
*/
|
*/
|
||||||
var $dtdPublic;
|
public $dtdPublic;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* System DTD identifier
|
* System DTD identifier
|
||||||
*/
|
*/
|
||||||
var $dtdSystem;
|
public $dtdSystem;
|
||||||
|
|
||||||
function HTMLPurifier_Doctype($name = null, $xml = true, $modules = array(),
|
public function HTMLPurifier_Doctype($name = null, $xml = true, $modules = array(),
|
||||||
$tidyModules = array(), $aliases = array(), $dtd_public = null, $dtd_system = null
|
$tidyModules = array(), $aliases = array(), $dtd_public = null, $dtd_system = null
|
||||||
) {
|
) {
|
||||||
$this->name = $name;
|
$this->name = $name;
|
||||||
@ -59,7 +59,7 @@ class HTMLPurifier_Doctype
|
|||||||
/**
|
/**
|
||||||
* Clones the doctype, use before resolving modes and the like
|
* Clones the doctype, use before resolving modes and the like
|
||||||
*/
|
*/
|
||||||
function copy() {
|
public function copy() {
|
||||||
return unserialize(serialize($this));
|
return unserialize(serialize($this));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -23,15 +23,13 @@ class HTMLPurifier_DoctypeRegistry
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Hash of doctype names to doctype objects
|
* Hash of doctype names to doctype objects
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $doctypes;
|
protected $doctypes;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Lookup table of aliases to real doctype names
|
* Lookup table of aliases to real doctype names
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $aliases;
|
protected $aliases;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Registers a doctype to the registry
|
* Registers a doctype to the registry
|
||||||
@ -43,7 +41,7 @@ class HTMLPurifier_DoctypeRegistry
|
|||||||
* @param $aliases Alias names for doctype
|
* @param $aliases Alias names for doctype
|
||||||
* @return Reference to registered doctype (usable for further editing)
|
* @return Reference to registered doctype (usable for further editing)
|
||||||
*/
|
*/
|
||||||
function ®ister($doctype, $xml = true, $modules = array(),
|
public function ®ister($doctype, $xml = true, $modules = array(),
|
||||||
$tidy_modules = array(), $aliases = array(), $dtd_public = null, $dtd_system = null
|
$tidy_modules = array(), $aliases = array(), $dtd_public = null, $dtd_system = null
|
||||||
) {
|
) {
|
||||||
if (!is_array($modules)) $modules = array($modules);
|
if (!is_array($modules)) $modules = array($modules);
|
||||||
@ -73,7 +71,7 @@ class HTMLPurifier_DoctypeRegistry
|
|||||||
* @param $doctype Name of doctype
|
* @param $doctype Name of doctype
|
||||||
* @return Reference to doctype object
|
* @return Reference to doctype object
|
||||||
*/
|
*/
|
||||||
function &get($doctype) {
|
public function &get($doctype) {
|
||||||
if (isset($this->aliases[$doctype])) $doctype = $this->aliases[$doctype];
|
if (isset($this->aliases[$doctype])) $doctype = $this->aliases[$doctype];
|
||||||
if (!isset($this->doctypes[$doctype])) {
|
if (!isset($this->doctypes[$doctype])) {
|
||||||
trigger_error('Doctype ' . htmlspecialchars($doctype) . ' does not exist', E_USER_ERROR);
|
trigger_error('Doctype ' . htmlspecialchars($doctype) . ' does not exist', E_USER_ERROR);
|
||||||
@ -91,7 +89,7 @@ class HTMLPurifier_DoctypeRegistry
|
|||||||
* Generator whether or not the current document is XML
|
* Generator whether or not the current document is XML
|
||||||
* based or not).
|
* based or not).
|
||||||
*/
|
*/
|
||||||
function make($config) {
|
public function make($config) {
|
||||||
$original_doctype = $this->get($this->getDoctypeFromConfig($config));
|
$original_doctype = $this->get($this->getDoctypeFromConfig($config));
|
||||||
$doctype = $original_doctype->copy();
|
$doctype = $original_doctype->copy();
|
||||||
return $doctype;
|
return $doctype;
|
||||||
@ -100,7 +98,7 @@ class HTMLPurifier_DoctypeRegistry
|
|||||||
/**
|
/**
|
||||||
* Retrieves the doctype from the configuration object
|
* Retrieves the doctype from the configuration object
|
||||||
*/
|
*/
|
||||||
function getDoctypeFromConfig($config) {
|
public function getDoctypeFromConfig($config) {
|
||||||
// recommended test
|
// recommended test
|
||||||
$doctype = $config->get('HTML', 'Doctype');
|
$doctype = $config->get('HTML', 'Doctype');
|
||||||
if (!empty($doctype)) return $doctype;
|
if (!empty($doctype)) return $doctype;
|
||||||
|
@ -13,7 +13,7 @@ class HTMLPurifier_ElementDef
|
|||||||
* Does the definition work by itself, or is it created solely
|
* Does the definition work by itself, or is it created solely
|
||||||
* for the purpose of merging into another definition?
|
* for the purpose of merging into another definition?
|
||||||
*/
|
*/
|
||||||
var $standalone = true;
|
public $standalone = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Associative array of attribute name to HTMLPurifier_AttrDef
|
* Associative array of attribute name to HTMLPurifier_AttrDef
|
||||||
@ -25,29 +25,23 @@ class HTMLPurifier_ElementDef
|
|||||||
* contain string indentifiers in lieu of HTMLPurifier_AttrDef,
|
* contain string indentifiers in lieu of HTMLPurifier_AttrDef,
|
||||||
* see HTMLPurifier_AttrTypes on how they are expanded during
|
* see HTMLPurifier_AttrTypes on how they are expanded during
|
||||||
* HTMLPurifier_HTMLDefinition->setup() processing.
|
* HTMLPurifier_HTMLDefinition->setup() processing.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $attr = array();
|
public $attr = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Indexed list of tag's HTMLPurifier_AttrTransform to be done before validation
|
* Indexed list of tag's HTMLPurifier_AttrTransform to be done before validation
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $attr_transform_pre = array();
|
public $attr_transform_pre = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Indexed list of tag's HTMLPurifier_AttrTransform to be done after validation
|
* Indexed list of tag's HTMLPurifier_AttrTransform to be done after validation
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $attr_transform_post = array();
|
public $attr_transform_post = array();
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* HTMLPurifier_ChildDef of this tag.
|
* HTMLPurifier_ChildDef of this tag.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $child;
|
public $child;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Abstract string representation of internal ChildDef rules. See
|
* Abstract string representation of internal ChildDef rules. See
|
||||||
@ -55,9 +49,8 @@ class HTMLPurifier_ElementDef
|
|||||||
* into an HTMLPurifier_ChildDef.
|
* into an HTMLPurifier_ChildDef.
|
||||||
* @warning This is a temporary variable that is not available after
|
* @warning This is a temporary variable that is not available after
|
||||||
* being processed by HTMLDefinition
|
* being processed by HTMLDefinition
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $content_model;
|
public $content_model;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Value of $child->type, used to determine which ChildDef to use,
|
* Value of $child->type, used to determine which ChildDef to use,
|
||||||
@ -65,9 +58,8 @@ class HTMLPurifier_ElementDef
|
|||||||
* @warning This must be lowercase
|
* @warning This must be lowercase
|
||||||
* @warning This is a temporary variable that is not available after
|
* @warning This is a temporary variable that is not available after
|
||||||
* being processed by HTMLDefinition
|
* being processed by HTMLDefinition
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $content_model_type;
|
public $content_model_type;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -76,16 +68,14 @@ class HTMLPurifier_ElementDef
|
|||||||
* is important for chameleon ins and del processing in
|
* is important for chameleon ins and del processing in
|
||||||
* HTMLPurifier_ChildDef_Chameleon. Dynamically set: modules don't
|
* HTMLPurifier_ChildDef_Chameleon. Dynamically set: modules don't
|
||||||
* have to worry about this one.
|
* have to worry about this one.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $descendants_are_inline = false;
|
public $descendants_are_inline = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of the names of required attributes this element has. Dynamically
|
* List of the names of required attributes this element has. Dynamically
|
||||||
* populated by HTMLPurifier_HTMLDefinition::getElement
|
* populated by HTMLPurifier_HTMLDefinition::getElement
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $required_attr = array();
|
public $required_attr = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Lookup table of tags excluded from all descendants of this tag.
|
* Lookup table of tags excluded from all descendants of this tag.
|
||||||
@ -97,20 +87,18 @@ class HTMLPurifier_ElementDef
|
|||||||
* all descendants and not just children. Note that the XHTML
|
* all descendants and not just children. Note that the XHTML
|
||||||
* Modularization Abstract Modules are blithely unaware of such
|
* Modularization Abstract Modules are blithely unaware of such
|
||||||
* distinctions.
|
* distinctions.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $excludes = array();
|
public $excludes = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Is this element safe for untrusted users to use?
|
* Is this element safe for untrusted users to use?
|
||||||
*/
|
*/
|
||||||
var $safe;
|
public $safe;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Low-level factory constructor for creating new standalone element defs
|
* Low-level factory constructor for creating new standalone element defs
|
||||||
* @static
|
|
||||||
*/
|
*/
|
||||||
function create($safe, $content_model, $content_model_type, $attr) {
|
public static function create($safe, $content_model, $content_model_type, $attr) {
|
||||||
$def = new HTMLPurifier_ElementDef();
|
$def = new HTMLPurifier_ElementDef();
|
||||||
$def->safe = (bool) $safe;
|
$def->safe = (bool) $safe;
|
||||||
$def->content_model = $content_model;
|
$def->content_model = $content_model;
|
||||||
@ -124,7 +112,7 @@ class HTMLPurifier_ElementDef
|
|||||||
* Values from the new element def take precedence if a value is
|
* Values from the new element def take precedence if a value is
|
||||||
* not mergeable.
|
* not mergeable.
|
||||||
*/
|
*/
|
||||||
function mergeIn($def) {
|
public function mergeIn($def) {
|
||||||
|
|
||||||
// later keys takes precedence
|
// later keys takes precedence
|
||||||
foreach($def->attr as $k => $v) {
|
foreach($def->attr as $k => $v) {
|
||||||
@ -165,7 +153,7 @@ class HTMLPurifier_ElementDef
|
|||||||
* @param $a1 Array by reference that is merged into
|
* @param $a1 Array by reference that is merged into
|
||||||
* @param $a2 Array that merges into $a1
|
* @param $a2 Array that merges into $a1
|
||||||
*/
|
*/
|
||||||
function _mergeAssocArray(&$a1, $a2) {
|
private function _mergeAssocArray(&$a1, $a2) {
|
||||||
foreach ($a2 as $k => $v) {
|
foreach ($a2 as $k => $v) {
|
||||||
if ($v === false) {
|
if ($v === false) {
|
||||||
if (isset($a1[$k])) unset($a1[$k]);
|
if (isset($a1[$k])) unset($a1[$k]);
|
||||||
@ -178,7 +166,7 @@ class HTMLPurifier_ElementDef
|
|||||||
/**
|
/**
|
||||||
* Retrieves a copy of the element definition
|
* Retrieves a copy of the element definition
|
||||||
*/
|
*/
|
||||||
function copy() {
|
public function copy() {
|
||||||
return unserialize(serialize($this));
|
return unserialize(serialize($this));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -58,7 +58,7 @@ class HTMLPurifier_Encoder
|
|||||||
/**
|
/**
|
||||||
* Constructor throws fatal error if you attempt to instantiate class
|
* Constructor throws fatal error if you attempt to instantiate class
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_Encoder() {
|
private function HTMLPurifier_Encoder() {
|
||||||
trigger_error('Cannot instantiate encoder, call methods statically', E_USER_ERROR);
|
trigger_error('Cannot instantiate encoder, call methods statically', E_USER_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -68,7 +68,6 @@ class HTMLPurifier_Encoder
|
|||||||
* It will parse according to UTF-8 and return a valid UTF8 string, with
|
* It will parse according to UTF-8 and return a valid UTF8 string, with
|
||||||
* non-SGML codepoints excluded.
|
* non-SGML codepoints excluded.
|
||||||
*
|
*
|
||||||
* @static
|
|
||||||
* @note Just for reference, the non-SGML code points are 0 to 31 and
|
* @note Just for reference, the non-SGML code points are 0 to 31 and
|
||||||
* 127 to 159, inclusive. However, we allow code points 9, 10
|
* 127 to 159, inclusive. However, we allow code points 9, 10
|
||||||
* and 13, which are the tab, line feed and carriage return
|
* and 13, which are the tab, line feed and carriage return
|
||||||
@ -88,7 +87,7 @@ class HTMLPurifier_Encoder
|
|||||||
* would need that, and I'm probably not going to implement them.
|
* would need that, and I'm probably not going to implement them.
|
||||||
* Once again, PHP 6 should solve all our problems.
|
* Once again, PHP 6 should solve all our problems.
|
||||||
*/
|
*/
|
||||||
function cleanUTF8($str, $force_php = false) {
|
public static function cleanUTF8($str, $force_php = false) {
|
||||||
|
|
||||||
static $non_sgml_chars = array();
|
static $non_sgml_chars = array();
|
||||||
if (empty($non_sgml_chars)) {
|
if (empty($non_sgml_chars)) {
|
||||||
@ -246,7 +245,6 @@ class HTMLPurifier_Encoder
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Translates a Unicode codepoint into its corresponding UTF-8 character.
|
* Translates a Unicode codepoint into its corresponding UTF-8 character.
|
||||||
* @static
|
|
||||||
* @note Based on Feyd's function at
|
* @note Based on Feyd's function at
|
||||||
* <http://forums.devnetwork.net/viewtopic.php?p=191404#191404>,
|
* <http://forums.devnetwork.net/viewtopic.php?p=191404#191404>,
|
||||||
* which is in public domain.
|
* which is in public domain.
|
||||||
@ -271,7 +269,7 @@ class HTMLPurifier_Encoder
|
|||||||
// | 00000000 | 00010000 | 11111111 | 11111111 | Defined upper limit of legal scalar codes
|
// | 00000000 | 00010000 | 11111111 | 11111111 | Defined upper limit of legal scalar codes
|
||||||
// +----------+----------+----------+----------+
|
// +----------+----------+----------+----------+
|
||||||
|
|
||||||
function unichr($code) {
|
public static function unichr($code) {
|
||||||
if($code > 1114111 or $code < 0 or
|
if($code > 1114111 or $code < 0 or
|
||||||
($code >= 55296 and $code <= 57343) ) {
|
($code >= 55296 and $code <= 57343) ) {
|
||||||
// bits are set outside the "valid" range as defined
|
// bits are set outside the "valid" range as defined
|
||||||
@ -310,9 +308,8 @@ class HTMLPurifier_Encoder
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Converts a string to UTF-8 based on configuration.
|
* Converts a string to UTF-8 based on configuration.
|
||||||
* @static
|
|
||||||
*/
|
*/
|
||||||
function convertToUTF8($str, $config, &$context) {
|
public static function convertToUTF8($str, $config, &$context) {
|
||||||
static $iconv = null;
|
static $iconv = null;
|
||||||
if ($iconv === null) $iconv = function_exists('iconv');
|
if ($iconv === null) $iconv = function_exists('iconv');
|
||||||
$encoding = $config->get('Core', 'Encoding');
|
$encoding = $config->get('Core', 'Encoding');
|
||||||
@ -327,11 +324,10 @@ class HTMLPurifier_Encoder
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Converts a string from UTF-8 based on configuration.
|
* Converts a string from UTF-8 based on configuration.
|
||||||
* @static
|
|
||||||
* @note Currently, this is a lossy conversion, with unexpressable
|
* @note Currently, this is a lossy conversion, with unexpressable
|
||||||
* characters being omitted.
|
* characters being omitted.
|
||||||
*/
|
*/
|
||||||
function convertFromUTF8($str, $config, &$context) {
|
public static function convertFromUTF8($str, $config, &$context) {
|
||||||
static $iconv = null;
|
static $iconv = null;
|
||||||
if ($iconv === null) $iconv = function_exists('iconv');
|
if ($iconv === null) $iconv = function_exists('iconv');
|
||||||
$encoding = $config->get('Core', 'Encoding');
|
$encoding = $config->get('Core', 'Encoding');
|
||||||
@ -349,7 +345,6 @@ class HTMLPurifier_Encoder
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Lossless (character-wise) conversion of HTML to ASCII
|
* Lossless (character-wise) conversion of HTML to ASCII
|
||||||
* @static
|
|
||||||
* @param $str UTF-8 string to be converted to ASCII
|
* @param $str UTF-8 string to be converted to ASCII
|
||||||
* @returns ASCII encoded string with non-ASCII character entity-ized
|
* @returns ASCII encoded string with non-ASCII character entity-ized
|
||||||
* @warning Adapted from MediaWiki, claiming fair use: this is a common
|
* @warning Adapted from MediaWiki, claiming fair use: this is a common
|
||||||
@ -364,7 +359,7 @@ class HTMLPurifier_Encoder
|
|||||||
* @note Sort of with cleanUTF8() but it assumes that $str is
|
* @note Sort of with cleanUTF8() but it assumes that $str is
|
||||||
* well-formed UTF-8
|
* well-formed UTF-8
|
||||||
*/
|
*/
|
||||||
function convertToASCIIDumbLossless($str) {
|
public static function convertToASCIIDumbLossless($str) {
|
||||||
$bytesleft = 0;
|
$bytesleft = 0;
|
||||||
$result = '';
|
$result = '';
|
||||||
$working = 0;
|
$working = 0;
|
||||||
|
@ -7,9 +7,8 @@ class HTMLPurifier_EntityLookup {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Assoc array of entity name to character represented.
|
* Assoc array of entity name to character represented.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $table;
|
public $table;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Sets up the entity lookup table from the serialized file contents.
|
* Sets up the entity lookup table from the serialized file contents.
|
||||||
@ -17,7 +16,7 @@ class HTMLPurifier_EntityLookup {
|
|||||||
* using the maintenance script generate_entity_file.php
|
* using the maintenance script generate_entity_file.php
|
||||||
* @warning This is not in constructor to help enforce the Singleton
|
* @warning This is not in constructor to help enforce the Singleton
|
||||||
*/
|
*/
|
||||||
function setup($file = false) {
|
public function setup($file = false) {
|
||||||
if (!$file) {
|
if (!$file) {
|
||||||
$file = HTMLPURIFIER_PREFIX . '/HTMLPurifier/EntityLookup/entities.ser';
|
$file = HTMLPURIFIER_PREFIX . '/HTMLPurifier/EntityLookup/entities.ser';
|
||||||
}
|
}
|
||||||
@ -26,10 +25,9 @@ class HTMLPurifier_EntityLookup {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieves sole instance of the object.
|
* Retrieves sole instance of the object.
|
||||||
* @static
|
|
||||||
* @param Optional prototype of custom lookup table to overload with.
|
* @param Optional prototype of custom lookup table to overload with.
|
||||||
*/
|
*/
|
||||||
function instance($prototype = false) {
|
public static function instance($prototype = false) {
|
||||||
// no references, since PHP doesn't copy unless modified
|
// no references, since PHP doesn't copy unless modified
|
||||||
static $instance = null;
|
static $instance = null;
|
||||||
if ($prototype) {
|
if ($prototype) {
|
||||||
|
@ -15,24 +15,21 @@ class HTMLPurifier_EntityParser
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Reference to entity lookup table.
|
* Reference to entity lookup table.
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $_entity_lookup;
|
protected $_entity_lookup;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Callback regex string for parsing entities.
|
* Callback regex string for parsing entities.
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $_substituteEntitiesRegex =
|
protected $_substituteEntitiesRegex =
|
||||||
'/&(?:[#]x([a-fA-F0-9]+)|[#]0*(\d+)|([A-Za-z_:][A-Za-z0-9.\-_:]*));?/';
|
'/&(?:[#]x([a-fA-F0-9]+)|[#]0*(\d+)|([A-Za-z_:][A-Za-z0-9.\-_:]*));?/';
|
||||||
// 1. hex 2. dec 3. string (XML style)
|
// 1. hex 2. dec 3. string (XML style)
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Decimal to parsed string conversion table for special entities.
|
* Decimal to parsed string conversion table for special entities.
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $_special_dec2str =
|
protected $_special_dec2str =
|
||||||
array(
|
array(
|
||||||
34 => '"',
|
34 => '"',
|
||||||
38 => '&',
|
38 => '&',
|
||||||
@ -43,9 +40,8 @@ class HTMLPurifier_EntityParser
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Stripped entity names to decimal conversion table for special entities.
|
* Stripped entity names to decimal conversion table for special entities.
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $_special_ent2dec =
|
protected $_special_ent2dec =
|
||||||
array(
|
array(
|
||||||
'quot' => 34,
|
'quot' => 34,
|
||||||
'amp' => 38,
|
'amp' => 38,
|
||||||
@ -58,11 +54,10 @@ class HTMLPurifier_EntityParser
|
|||||||
* running this whenever you have parsed character is t3h 5uck, we run
|
* running this whenever you have parsed character is t3h 5uck, we run
|
||||||
* it before everything else.
|
* it before everything else.
|
||||||
*
|
*
|
||||||
* @protected
|
|
||||||
* @param $string String to have non-special entities parsed.
|
* @param $string String to have non-special entities parsed.
|
||||||
* @returns Parsed string.
|
* @returns Parsed string.
|
||||||
*/
|
*/
|
||||||
function substituteNonSpecialEntities($string) {
|
public function substituteNonSpecialEntities($string) {
|
||||||
// it will try to detect missing semicolons, but don't rely on it
|
// it will try to detect missing semicolons, but don't rely on it
|
||||||
return preg_replace_callback(
|
return preg_replace_callback(
|
||||||
$this->_substituteEntitiesRegex,
|
$this->_substituteEntitiesRegex,
|
||||||
@ -74,15 +69,13 @@ class HTMLPurifier_EntityParser
|
|||||||
/**
|
/**
|
||||||
* Callback function for substituteNonSpecialEntities() that does the work.
|
* Callback function for substituteNonSpecialEntities() that does the work.
|
||||||
*
|
*
|
||||||
* @warning Though this is public in order to let the callback happen,
|
|
||||||
* calling it directly is not recommended.
|
|
||||||
* @param $matches PCRE matches array, with 0 the entire match, and
|
* @param $matches PCRE matches array, with 0 the entire match, and
|
||||||
* either index 1, 2 or 3 set with a hex value, dec value,
|
* either index 1, 2 or 3 set with a hex value, dec value,
|
||||||
* or string (respectively).
|
* or string (respectively).
|
||||||
* @returns Replacement string.
|
* @returns Replacement string.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
function nonSpecialEntityCallback($matches) {
|
protected function nonSpecialEntityCallback($matches) {
|
||||||
// replaces all but big five
|
// replaces all but big five
|
||||||
$entity = $matches[0];
|
$entity = $matches[0];
|
||||||
$is_num = (@$matches[0][1] === '#');
|
$is_num = (@$matches[0][1] === '#');
|
||||||
@ -113,11 +106,10 @@ class HTMLPurifier_EntityParser
|
|||||||
* @notice We try to avoid calling this function because otherwise, it
|
* @notice We try to avoid calling this function because otherwise, it
|
||||||
* would have to be called a lot (for every parsed section).
|
* would have to be called a lot (for every parsed section).
|
||||||
*
|
*
|
||||||
* @protected
|
|
||||||
* @param $string String to have non-special entities parsed.
|
* @param $string String to have non-special entities parsed.
|
||||||
* @returns Parsed string.
|
* @returns Parsed string.
|
||||||
*/
|
*/
|
||||||
function substituteSpecialEntities($string) {
|
public function substituteSpecialEntities($string) {
|
||||||
return preg_replace_callback(
|
return preg_replace_callback(
|
||||||
$this->_substituteEntitiesRegex,
|
$this->_substituteEntitiesRegex,
|
||||||
array($this, 'specialEntityCallback'),
|
array($this, 'specialEntityCallback'),
|
||||||
@ -129,14 +121,12 @@ class HTMLPurifier_EntityParser
|
|||||||
*
|
*
|
||||||
* This callback has same syntax as nonSpecialEntityCallback().
|
* This callback has same syntax as nonSpecialEntityCallback().
|
||||||
*
|
*
|
||||||
* @warning Though this is public in order to let the callback happen,
|
|
||||||
* calling it directly is not recommended.
|
|
||||||
* @param $matches PCRE-style matches array, with 0 the entire match, and
|
* @param $matches PCRE-style matches array, with 0 the entire match, and
|
||||||
* either index 1, 2 or 3 set with a hex value, dec value,
|
* either index 1, 2 or 3 set with a hex value, dec value,
|
||||||
* or string (respectively).
|
* or string (respectively).
|
||||||
* @returns Replacement string.
|
* @returns Replacement string.
|
||||||
*/
|
*/
|
||||||
function specialEntityCallback($matches) {
|
protected function specialEntityCallback($matches) {
|
||||||
$entity = $matches[0];
|
$entity = $matches[0];
|
||||||
$is_num = (@$matches[0][1] === '#');
|
$is_num = (@$matches[0][1] === '#');
|
||||||
if ($is_num) {
|
if ($is_num) {
|
||||||
|
@ -9,15 +9,15 @@ require_once 'HTMLPurifier/Generator.php';
|
|||||||
class HTMLPurifier_ErrorCollector
|
class HTMLPurifier_ErrorCollector
|
||||||
{
|
{
|
||||||
|
|
||||||
var $errors = array();
|
protected $errors = array();
|
||||||
var $locale;
|
protected $locale;
|
||||||
var $generator;
|
protected $generator;
|
||||||
var $context;
|
protected $context;
|
||||||
|
|
||||||
function HTMLPurifier_ErrorCollector(&$context) {
|
public function HTMLPurifier_ErrorCollector(&$context) {
|
||||||
$this->locale =& $context->get('Locale');
|
$this->locale =& $context->get('Locale');
|
||||||
$this->generator =& $context->get('Generator');
|
$this->generator =& $context->get('Generator');
|
||||||
$this->context =& $context;
|
$this->context =& $context;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -26,7 +26,7 @@ class HTMLPurifier_ErrorCollector
|
|||||||
* @param $severity int Error severity, PHP error style (don't use E_USER_)
|
* @param $severity int Error severity, PHP error style (don't use E_USER_)
|
||||||
* @param $msg string Error message text
|
* @param $msg string Error message text
|
||||||
*/
|
*/
|
||||||
function send($severity, $msg) {
|
public function send($severity, $msg) {
|
||||||
|
|
||||||
$args = array();
|
$args = array();
|
||||||
if (func_num_args() > 2) {
|
if (func_num_args() > 2) {
|
||||||
@ -65,7 +65,7 @@ class HTMLPurifier_ErrorCollector
|
|||||||
* @param List of arrays in format of array(Error message text,
|
* @param List of arrays in format of array(Error message text,
|
||||||
* token that caused error, tokens surrounding token)
|
* token that caused error, tokens surrounding token)
|
||||||
*/
|
*/
|
||||||
function getRaw() {
|
public function getRaw() {
|
||||||
return $this->errors;
|
return $this->errors;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -73,7 +73,7 @@ class HTMLPurifier_ErrorCollector
|
|||||||
* Default HTML formatting implementation for error messages
|
* Default HTML formatting implementation for error messages
|
||||||
* @param $config Configuration array, vital for HTML output nature
|
* @param $config Configuration array, vital for HTML output nature
|
||||||
*/
|
*/
|
||||||
function getHTMLFormatted($config) {
|
public function getHTMLFormatted($config) {
|
||||||
$ret = array();
|
$ret = array();
|
||||||
|
|
||||||
$errors = $this->errors;
|
$errors = $this->errors;
|
||||||
|
@ -14,6 +14,9 @@
|
|||||||
* named 1, 2 and 3, the order of execution should go 1->preFilter,
|
* named 1, 2 and 3, the order of execution should go 1->preFilter,
|
||||||
* 2->preFilter, 3->preFilter, purify, 3->postFilter, 2->postFilter,
|
* 2->preFilter, 3->preFilter, purify, 3->postFilter, 2->postFilter,
|
||||||
* 1->postFilter.
|
* 1->postFilter.
|
||||||
|
*
|
||||||
|
* @note Methods are not declared abstract as it is perfectly legitimate
|
||||||
|
* for an implementation not to want anything to happen on a step
|
||||||
*/
|
*/
|
||||||
|
|
||||||
class HTMLPurifier_Filter
|
class HTMLPurifier_Filter
|
||||||
@ -22,17 +25,21 @@ class HTMLPurifier_Filter
|
|||||||
/**
|
/**
|
||||||
* Name of the filter for identification purposes
|
* Name of the filter for identification purposes
|
||||||
*/
|
*/
|
||||||
var $name;
|
public $name;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Pre-processor function, handles HTML before HTML Purifier
|
* Pre-processor function, handles HTML before HTML Purifier
|
||||||
*/
|
*/
|
||||||
function preFilter($html, $config, &$context) {}
|
public function preFilter($html, $config, &$context) {
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Post-processor function, handles HTML after HTML Purifier
|
* Post-processor function, handles HTML after HTML Purifier
|
||||||
*/
|
*/
|
||||||
function postFilter($html, $config, &$context) {}
|
public function postFilter($html, $config, &$context) {
|
||||||
|
return $html;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -5,16 +5,16 @@ require_once 'HTMLPurifier/Filter.php';
|
|||||||
class HTMLPurifier_Filter_YouTube extends HTMLPurifier_Filter
|
class HTMLPurifier_Filter_YouTube extends HTMLPurifier_Filter
|
||||||
{
|
{
|
||||||
|
|
||||||
var $name = 'YouTube preservation';
|
public $name = 'YouTube preservation';
|
||||||
|
|
||||||
function preFilter($html, $config, &$context) {
|
public function preFilter($html, $config, &$context) {
|
||||||
$pre_regex = '#<object[^>]+>.+?'.
|
$pre_regex = '#<object[^>]+>.+?'.
|
||||||
'http://www.youtube.com/v/([A-Za-z0-9\-_]+).+?</object>#s';
|
'http://www.youtube.com/v/([A-Za-z0-9\-_]+).+?</object>#s';
|
||||||
$pre_replace = '<span class="youtube-embed">\1</span>';
|
$pre_replace = '<span class="youtube-embed">\1</span>';
|
||||||
return preg_replace($pre_regex, $pre_replace, $html);
|
return preg_replace($pre_regex, $pre_replace, $html);
|
||||||
}
|
}
|
||||||
|
|
||||||
function postFilter($html, $config, &$context) {
|
public function postFilter($html, $config, &$context) {
|
||||||
$post_regex = '#<span class="youtube-embed">([A-Za-z0-9\-_]+)</span>#';
|
$post_regex = '#<span class="youtube-embed">([A-Za-z0-9\-_]+)</span>#';
|
||||||
$post_replace = '<object width="425" height="350" '.
|
$post_replace = '<object width="425" height="350" '.
|
||||||
'data="http://www.youtube.com/v/\1">'.
|
'data="http://www.youtube.com/v/\1">'.
|
||||||
|
@ -47,7 +47,9 @@ HTMLPurifier_ConfigSchema::define('Output', 'Newline', null, 'string/null', '
|
|||||||
/**
|
/**
|
||||||
* Generates HTML from tokens.
|
* Generates HTML from tokens.
|
||||||
* @todo Refactor interface so that configuration/context is determined
|
* @todo Refactor interface so that configuration/context is determined
|
||||||
* upon instantiation, no need for messy generateFromTokens() calls
|
* upon instantiation, no need for messy generateFromTokens() calls
|
||||||
|
* @todo Make some of the more internal functions protected, and have
|
||||||
|
* unit tests work around that
|
||||||
*/
|
*/
|
||||||
class HTMLPurifier_Generator
|
class HTMLPurifier_Generator
|
||||||
{
|
{
|
||||||
@ -56,19 +58,19 @@ class HTMLPurifier_Generator
|
|||||||
* Bool cache of %HTML.XHTML
|
* Bool cache of %HTML.XHTML
|
||||||
* @private
|
* @private
|
||||||
*/
|
*/
|
||||||
var $_xhtml = true;
|
private $_xhtml = true;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Bool cache of %Output.CommentScriptContents
|
* Bool cache of %Output.CommentScriptContents
|
||||||
* @private
|
* @private
|
||||||
*/
|
*/
|
||||||
var $_scriptFix = false;
|
private $_scriptFix = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Cache of HTMLDefinition
|
* Cache of HTMLDefinition
|
||||||
* @private
|
* @private
|
||||||
*/
|
*/
|
||||||
var $_def;
|
private $_def;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Generates HTML from an array of tokens.
|
* Generates HTML from an array of tokens.
|
||||||
@ -76,7 +78,7 @@ class HTMLPurifier_Generator
|
|||||||
* @param $config HTMLPurifier_Config object
|
* @param $config HTMLPurifier_Config object
|
||||||
* @return Generated HTML
|
* @return Generated HTML
|
||||||
*/
|
*/
|
||||||
function generateFromTokens($tokens, $config, &$context) {
|
public function generateFromTokens($tokens, $config, &$context) {
|
||||||
$html = '';
|
$html = '';
|
||||||
if (!$config) $config = HTMLPurifier_Config::createDefault();
|
if (!$config) $config = HTMLPurifier_Config::createDefault();
|
||||||
$this->_scriptFix = $config->get('Output', 'CommentScriptContents');
|
$this->_scriptFix = $config->get('Output', 'CommentScriptContents');
|
||||||
@ -136,7 +138,7 @@ class HTMLPurifier_Generator
|
|||||||
* @param $token HTMLPurifier_Token object.
|
* @param $token HTMLPurifier_Token object.
|
||||||
* @return Generated HTML
|
* @return Generated HTML
|
||||||
*/
|
*/
|
||||||
function generateFromToken($token) {
|
public function generateFromToken($token) {
|
||||||
if (!isset($token->type)) return '';
|
if (!isset($token->type)) return '';
|
||||||
if ($token->type == 'start') {
|
if ($token->type == 'start') {
|
||||||
$attr = $this->generateAttributes($token->attr, $token->name);
|
$attr = $this->generateAttributes($token->attr, $token->name);
|
||||||
@ -165,7 +167,7 @@ class HTMLPurifier_Generator
|
|||||||
* @warning This runs into problems if there's already a literal
|
* @warning This runs into problems if there's already a literal
|
||||||
* --> somewhere inside the script contents.
|
* --> somewhere inside the script contents.
|
||||||
*/
|
*/
|
||||||
function generateScriptFromToken($token) {
|
public function generateScriptFromToken($token) {
|
||||||
if ($token->type != 'text') return $this->generateFromToken($token);
|
if ($token->type != 'text') return $this->generateFromToken($token);
|
||||||
// return '<!--' . "\n" . trim($token->data) . "\n" . '// -->';
|
// return '<!--' . "\n" . trim($token->data) . "\n" . '// -->';
|
||||||
// more advanced version:
|
// more advanced version:
|
||||||
@ -179,7 +181,7 @@ class HTMLPurifier_Generator
|
|||||||
* @param $assoc_array_of_attributes Attribute array
|
* @param $assoc_array_of_attributes Attribute array
|
||||||
* @return Generate HTML fragment for insertion.
|
* @return Generate HTML fragment for insertion.
|
||||||
*/
|
*/
|
||||||
function generateAttributes($assoc_array_of_attributes, $element) {
|
public function generateAttributes($assoc_array_of_attributes, $element) {
|
||||||
$html = '';
|
$html = '';
|
||||||
foreach ($assoc_array_of_attributes as $key => $value) {
|
foreach ($assoc_array_of_attributes as $key => $value) {
|
||||||
if (!$this->_xhtml) {
|
if (!$this->_xhtml) {
|
||||||
@ -200,7 +202,7 @@ class HTMLPurifier_Generator
|
|||||||
* @param $string String data to escape for HTML.
|
* @param $string String data to escape for HTML.
|
||||||
* @return String escaped data.
|
* @return String escaped data.
|
||||||
*/
|
*/
|
||||||
function escape($string) {
|
public function escape($string) {
|
||||||
return htmlspecialchars($string, ENT_COMPAT, 'UTF-8');
|
return htmlspecialchars($string, ENT_COMPAT, 'UTF-8');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -156,65 +156,56 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* Associative array of element names to HTMLPurifier_ElementDef
|
* Associative array of element names to HTMLPurifier_ElementDef
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
public $info = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Associative array of global attribute name to attribute definition.
|
* Associative array of global attribute name to attribute definition.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_global_attr = array();
|
public $info_global_attr = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* String name of parent element HTML will be going into.
|
* String name of parent element HTML will be going into.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_parent = 'div';
|
public $info_parent = 'div';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Definition for parent element, allows parent element to be a
|
* Definition for parent element, allows parent element to be a
|
||||||
* tag that's not allowed inside the HTML fragment.
|
* tag that's not allowed inside the HTML fragment.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_parent_def;
|
public $info_parent_def;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* String name of element used to wrap inline elements in block context
|
* String name of element used to wrap inline elements in block context
|
||||||
* @note This is rarely used except for BLOCKQUOTEs in strict mode
|
* @note This is rarely used except for BLOCKQUOTEs in strict mode
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_block_wrapper = 'p';
|
public $info_block_wrapper = 'p';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Associative array of deprecated tag name to HTMLPurifier_TagTransform
|
* Associative array of deprecated tag name to HTMLPurifier_TagTransform
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_tag_transform = array();
|
public $info_tag_transform = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Indexed list of HTMLPurifier_AttrTransform to be performed before validation.
|
* Indexed list of HTMLPurifier_AttrTransform to be performed before validation.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_attr_transform_pre = array();
|
public $info_attr_transform_pre = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Indexed list of HTMLPurifier_AttrTransform to be performed after validation.
|
* Indexed list of HTMLPurifier_AttrTransform to be performed after validation.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_attr_transform_post = array();
|
public $info_attr_transform_post = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Nested lookup array of content set name (Block, Inline) to
|
* Nested lookup array of content set name (Block, Inline) to
|
||||||
* element name to whether or not it belongs in that content set.
|
* element name to whether or not it belongs in that content set.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_content_sets = array();
|
public $info_content_sets = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Doctype object
|
* Doctype object
|
||||||
*/
|
*/
|
||||||
var $doctype;
|
public $doctype;
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@ -227,7 +218,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
* @param $def Attribute definition, can be string or object, see
|
* @param $def Attribute definition, can be string or object, see
|
||||||
* HTMLPurifier_AttrTypes for details
|
* HTMLPurifier_AttrTypes for details
|
||||||
*/
|
*/
|
||||||
function addAttribute($element_name, $attr_name, $def) {
|
public function addAttribute($element_name, $attr_name, $def) {
|
||||||
$module =& $this->getAnonymousModule();
|
$module =& $this->getAnonymousModule();
|
||||||
$element =& $module->addBlankElement($element_name);
|
$element =& $module->addBlankElement($element_name);
|
||||||
$element->attr[$attr_name] = $def;
|
$element->attr[$attr_name] = $def;
|
||||||
@ -238,7 +229,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
* @note See HTMLPurifier_HTMLModule::addElement for detailed
|
* @note See HTMLPurifier_HTMLModule::addElement for detailed
|
||||||
* parameter and return value descriptions.
|
* parameter and return value descriptions.
|
||||||
*/
|
*/
|
||||||
function &addElement($element_name, $type, $contents, $attr_collections, $attributes) {
|
public function &addElement($element_name, $type, $contents, $attr_collections, $attributes) {
|
||||||
$module =& $this->getAnonymousModule();
|
$module =& $this->getAnonymousModule();
|
||||||
// assume that if the user is calling this, the element
|
// assume that if the user is calling this, the element
|
||||||
// is safe. This may not be a good idea
|
// is safe. This may not be a good idea
|
||||||
@ -252,7 +243,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
* @note See HTMLPurifier_HTMLModule::addBlankElement for detailed
|
* @note See HTMLPurifier_HTMLModule::addBlankElement for detailed
|
||||||
* parameter and return value descriptions.
|
* parameter and return value descriptions.
|
||||||
*/
|
*/
|
||||||
function &addBlankElement($element_name) {
|
public function &addBlankElement($element_name) {
|
||||||
$module =& $this->getAnonymousModule();
|
$module =& $this->getAnonymousModule();
|
||||||
$element =& $module->addBlankElement($element_name);
|
$element =& $module->addBlankElement($element_name);
|
||||||
return $element;
|
return $element;
|
||||||
@ -263,7 +254,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
* bust out advanced features without having to make your own
|
* bust out advanced features without having to make your own
|
||||||
* module.
|
* module.
|
||||||
*/
|
*/
|
||||||
function &getAnonymousModule() {
|
public function &getAnonymousModule() {
|
||||||
if (!$this->_anonModule) {
|
if (!$this->_anonModule) {
|
||||||
$this->_anonModule = new HTMLPurifier_HTMLModule();
|
$this->_anonModule = new HTMLPurifier_HTMLModule();
|
||||||
$this->_anonModule->name = 'Anonymous';
|
$this->_anonModule->name = 'Anonymous';
|
||||||
@ -271,22 +262,22 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
return $this->_anonModule;
|
return $this->_anonModule;
|
||||||
}
|
}
|
||||||
|
|
||||||
var $_anonModule;
|
private $_anonModule;
|
||||||
|
|
||||||
|
|
||||||
// PUBLIC BUT INTERNAL VARIABLES --------------------------------------
|
// PUBLIC BUT INTERNAL VARIABLES --------------------------------------
|
||||||
|
|
||||||
var $type = 'HTML';
|
public $type = 'HTML';
|
||||||
var $manager; /**< Instance of HTMLPurifier_HTMLModuleManager */
|
public $manager; /**< Instance of HTMLPurifier_HTMLModuleManager */
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Performs low-cost, preliminary initialization.
|
* Performs low-cost, preliminary initialization.
|
||||||
*/
|
*/
|
||||||
function HTMLPurifier_HTMLDefinition() {
|
public function HTMLPurifier_HTMLDefinition() {
|
||||||
$this->manager = new HTMLPurifier_HTMLModuleManager();
|
$this->manager = new HTMLPurifier_HTMLModuleManager();
|
||||||
}
|
}
|
||||||
|
|
||||||
function doSetup($config) {
|
protected function doSetup($config) {
|
||||||
$this->processModules($config);
|
$this->processModules($config);
|
||||||
$this->setupConfigStuff($config);
|
$this->setupConfigStuff($config);
|
||||||
unset($this->manager);
|
unset($this->manager);
|
||||||
@ -301,7 +292,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
/**
|
/**
|
||||||
* Extract out the information from the manager
|
* Extract out the information from the manager
|
||||||
*/
|
*/
|
||||||
function processModules($config) {
|
protected function processModules($config) {
|
||||||
|
|
||||||
if ($this->_anonModule) {
|
if ($this->_anonModule) {
|
||||||
// for user specific changes
|
// for user specific changes
|
||||||
@ -337,7 +328,7 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
/**
|
/**
|
||||||
* Sets up stuff based on config. We need a better way of doing this.
|
* Sets up stuff based on config. We need a better way of doing this.
|
||||||
*/
|
*/
|
||||||
function setupConfigStuff($config) {
|
protected function setupConfigStuff($config) {
|
||||||
|
|
||||||
$block_wrapper = $config->get('HTML', 'BlockWrapper');
|
$block_wrapper = $config->get('HTML', 'BlockWrapper');
|
||||||
if (isset($this->info_content_sets['Block'][$block_wrapper])) {
|
if (isset($this->info_content_sets['Block'][$block_wrapper])) {
|
||||||
@ -434,8 +425,9 @@ class HTMLPurifier_HTMLDefinition extends HTMLPurifier_Definition
|
|||||||
* it is different, and you'll probably have to modify your lists
|
* it is different, and you'll probably have to modify your lists
|
||||||
* @param $list String list to parse
|
* @param $list String list to parse
|
||||||
* @param array($allowed_elements, $allowed_attributes)
|
* @param array($allowed_elements, $allowed_attributes)
|
||||||
|
* @todo Give this its own class, probably static interface
|
||||||
*/
|
*/
|
||||||
function parseTinyMCEAllowedList($list) {
|
public function parseTinyMCEAllowedList($list) {
|
||||||
|
|
||||||
$elements = array();
|
$elements = array();
|
||||||
$attributes = array();
|
$attributes = array();
|
||||||
|
@ -12,6 +12,7 @@
|
|||||||
* correspond to the variables in HTMLPurifier_HTMLDefinition.
|
* correspond to the variables in HTMLPurifier_HTMLDefinition.
|
||||||
* However, the prefix info carries no special meaning in these
|
* However, the prefix info carries no special meaning in these
|
||||||
* objects (include it anyway if that's the correspondence though).
|
* objects (include it anyway if that's the correspondence though).
|
||||||
|
* @todo Consider making some member functions protected
|
||||||
*/
|
*/
|
||||||
|
|
||||||
class HTMLPurifier_HTMLModule
|
class HTMLPurifier_HTMLModule
|
||||||
@ -22,31 +23,28 @@ class HTMLPurifier_HTMLModule
|
|||||||
/**
|
/**
|
||||||
* Short unique string identifier of the module
|
* Short unique string identifier of the module
|
||||||
*/
|
*/
|
||||||
var $name;
|
public $name;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Informally, a list of elements this module changes. Not used in
|
* Informally, a list of elements this module changes. Not used in
|
||||||
* any significant way.
|
* any significant way.
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
var $elements = array();
|
public $elements = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Associative array of element names to element definitions.
|
* Associative array of element names to element definitions.
|
||||||
* Some definitions may be incomplete, to be merged in later
|
* Some definitions may be incomplete, to be merged in later
|
||||||
* with the full definition.
|
* with the full definition.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info = array();
|
public $info = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Associative array of content set names to content set additions.
|
* Associative array of content set names to content set additions.
|
||||||
* This is commonly used to, say, add an A element to the Inline
|
* This is commonly used to, say, add an A element to the Inline
|
||||||
* content set. This corresponds to an internal variable $content_sets
|
* content set. This corresponds to an internal variable $content_sets
|
||||||
* and NOT info_content_sets member variable of HTMLDefinition.
|
* and NOT info_content_sets member variable of HTMLDefinition.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $content_sets = array();
|
public $content_sets = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Associative array of attribute collection names to attribute
|
* Associative array of attribute collection names to attribute
|
||||||
@ -55,36 +53,31 @@ class HTMLPurifier_HTMLModule
|
|||||||
* the style attribute to the Core. Corresponds to HTMLDefinition's
|
* the style attribute to the Core. Corresponds to HTMLDefinition's
|
||||||
* attr_collections->info, since the object's data is only info,
|
* attr_collections->info, since the object's data is only info,
|
||||||
* with extra behavior associated with it.
|
* with extra behavior associated with it.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $attr_collections = array();
|
public $attr_collections = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Associative array of deprecated tag name to HTMLPurifier_TagTransform
|
* Associative array of deprecated tag name to HTMLPurifier_TagTransform
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_tag_transform = array();
|
public $info_tag_transform = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of HTMLPurifier_AttrTransform to be performed before validation.
|
* List of HTMLPurifier_AttrTransform to be performed before validation.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_attr_transform_pre = array();
|
public $info_attr_transform_pre = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List of HTMLPurifier_AttrTransform to be performed after validation.
|
* List of HTMLPurifier_AttrTransform to be performed after validation.
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $info_attr_transform_post = array();
|
public $info_attr_transform_post = array();
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Boolean flag that indicates whether or not getChildDef is implemented.
|
* Boolean flag that indicates whether or not getChildDef is implemented.
|
||||||
* For optimization reasons: may save a call to a function. Be sure
|
* For optimization reasons: may save a call to a function. Be sure
|
||||||
* to set it if you do implement getChildDef(), otherwise it will have
|
* to set it if you do implement getChildDef(), otherwise it will have
|
||||||
* no effect!
|
* no effect!
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
var $defines_child_def = false;
|
public $defines_child_def = false;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Retrieves a proper HTMLPurifier_ChildDef subclass based on
|
* Retrieves a proper HTMLPurifier_ChildDef subclass based on
|
||||||
@ -93,9 +86,8 @@ class HTMLPurifier_HTMLModule
|
|||||||
* in HTMLPurifier_HTMLDefinition.
|
* in HTMLPurifier_HTMLDefinition.
|
||||||
* @param $def HTMLPurifier_ElementDef instance
|
* @param $def HTMLPurifier_ElementDef instance
|
||||||
* @return HTMLPurifier_ChildDef subclass
|
* @return HTMLPurifier_ChildDef subclass
|
||||||
* @public
|
|
||||||
*/
|
*/
|
||||||
function getChildDef($def) {return false;}
|
public function getChildDef($def) {return false;}
|
||||||
|
|
||||||
// -- Convenience -----------------------------------------------------
|
// -- Convenience -----------------------------------------------------
|
||||||
|
|
||||||
@ -113,9 +105,8 @@ class HTMLPurifier_HTMLModule
|
|||||||
* @note See ElementDef for in-depth descriptions of these parameters.
|
* @note See ElementDef for in-depth descriptions of these parameters.
|
||||||
* @return Reference to created element definition object, so you
|
* @return Reference to created element definition object, so you
|
||||||
* can set advanced parameters
|
* can set advanced parameters
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
function &addElement($element, $safe, $type, $contents, $attr_includes = array(), $attr = array()) {
|
public function &addElement($element, $safe, $type, $contents, $attr_includes = array(), $attr = array()) {
|
||||||
$this->elements[] = $element;
|
$this->elements[] = $element;
|
||||||
// parse content_model
|
// parse content_model
|
||||||
list($content_model_type, $content_model) = $this->parseContents($contents);
|
list($content_model_type, $content_model) = $this->parseContents($contents);
|
||||||
@ -138,7 +129,7 @@ class HTMLPurifier_HTMLModule
|
|||||||
* @param $element Name of element to create
|
* @param $element Name of element to create
|
||||||
* @return Reference to created element
|
* @return Reference to created element
|
||||||
*/
|
*/
|
||||||
function &addBlankElement($element) {
|
public function &addBlankElement($element) {
|
||||||
if (!isset($this->info[$element])) {
|
if (!isset($this->info[$element])) {
|
||||||
$this->elements[] = $element;
|
$this->elements[] = $element;
|
||||||
$this->info[$element] = new HTMLPurifier_ElementDef();
|
$this->info[$element] = new HTMLPurifier_ElementDef();
|
||||||
@ -154,9 +145,8 @@ class HTMLPurifier_HTMLModule
|
|||||||
* @param Element to register
|
* @param Element to register
|
||||||
* @param Name content set (warning: case sensitive, usually upper-case
|
* @param Name content set (warning: case sensitive, usually upper-case
|
||||||
* first letter)
|
* first letter)
|
||||||
* @protected
|
|
||||||
*/
|
*/
|
||||||
function addElementToContentSet($element, $type) {
|
public function addElementToContentSet($element, $type) {
|
||||||
if (!isset($this->content_sets[$type])) $this->content_sets[$type] = '';
|
if (!isset($this->content_sets[$type])) $this->content_sets[$type] = '';
|
||||||
else $this->content_sets[$type] .= ' | ';
|
else $this->content_sets[$type] .= ' | ';
|
||||||
$this->content_sets[$type] .= $element;
|
$this->content_sets[$type] .= $element;
|
||||||
@ -171,7 +161,7 @@ class HTMLPurifier_HTMLModule
|
|||||||
* returned, and the callee needs to take the original $contents
|
* returned, and the callee needs to take the original $contents
|
||||||
* and use it directly.
|
* and use it directly.
|
||||||
*/
|
*/
|
||||||
function parseContents($contents) {
|
public function parseContents($contents) {
|
||||||
if (!is_string($contents)) return array(null, null); // defer
|
if (!is_string($contents)) return array(null, null); // defer
|
||||||
switch ($contents) {
|
switch ($contents) {
|
||||||
// check for shorthand content model forms
|
// check for shorthand content model forms
|
||||||
@ -194,7 +184,7 @@ class HTMLPurifier_HTMLModule
|
|||||||
* @param $attr Reference to attr array to modify
|
* @param $attr Reference to attr array to modify
|
||||||
* @param $attr_includes Array of includes / string include to merge in
|
* @param $attr_includes Array of includes / string include to merge in
|
||||||
*/
|
*/
|
||||||
function mergeInAttrIncludes(&$attr, $attr_includes) {
|
public function mergeInAttrIncludes(&$attr, $attr_includes) {
|
||||||
if (!is_array($attr_includes)) {
|
if (!is_array($attr_includes)) {
|
||||||
if (empty($attr_includes)) $attr_includes = array();
|
if (empty($attr_includes)) $attr_includes = array();
|
||||||
else $attr_includes = array($attr_includes);
|
else $attr_includes = array($attr_includes);
|
||||||
@ -210,7 +200,7 @@ class HTMLPurifier_HTMLModule
|
|||||||
* place of the regular argument
|
* place of the regular argument
|
||||||
* @return Lookup array equivalent of list
|
* @return Lookup array equivalent of list
|
||||||
*/
|
*/
|
||||||
function makeLookup($list) {
|
public function makeLookup($list) {
|
||||||
if (is_string($list)) $list = func_get_args();
|
if (is_string($list)) $list = func_get_args();
|
||||||
$ret = array();
|
$ret = array();
|
||||||
foreach ($list as $value) {
|
foreach ($list as $value) {
|
||||||
|
@ -10,12 +10,12 @@ require_once 'HTMLPurifier/AttrTransform/BdoDir.php';
|
|||||||
class HTMLPurifier_HTMLModule_Bdo extends HTMLPurifier_HTMLModule
|
class HTMLPurifier_HTMLModule_Bdo extends HTMLPurifier_HTMLModule
|
||||||
{
|
{
|
||||||
|
|
||||||
var $name = 'Bdo';
|
public $name = 'Bdo';
|
||||||
var $attr_collections = array(
|
public $attr_collections = array(
|
||||||
'I18N' => array('dir' => false)
|
'I18N' => array('dir' => false)
|
||||||
);
|
);
|
||||||
|
|
||||||
function HTMLPurifier_HTMLModule_Bdo() {
|
public function HTMLPurifier_HTMLModule_Bdo() {
|
||||||
$bdo =& $this->addElement(
|
$bdo =& $this->addElement(
|
||||||
'bdo', true, 'Inline', 'Inline', array('Core', 'Lang'),
|
'bdo', true, 'Inline', 'Inline', array('Core', 'Lang'),
|
||||||
array(
|
array(
|
||||||
|
@ -4,9 +4,9 @@ require_once 'HTMLPurifier/HTMLModule.php';
|
|||||||
|
|
||||||
class HTMLPurifier_HTMLModule_CommonAttributes extends HTMLPurifier_HTMLModule
|
class HTMLPurifier_HTMLModule_CommonAttributes extends HTMLPurifier_HTMLModule
|
||||||
{
|
{
|
||||||
var $name = 'CommonAttributes';
|
public $name = 'CommonAttributes';
|
||||||
|
|
||||||
var $attr_collections = array(
|
public $attr_collections = array(
|
||||||
'Core' => array(
|
'Core' => array(
|
||||||
0 => array('Style'),
|
0 => array('Style'),
|
||||||
// 'xml:space' => false,
|
// 'xml:space' => false,
|
||||||
|
@ -10,9 +10,9 @@ require_once 'HTMLPurifier/ChildDef/Chameleon.php';
|
|||||||
class HTMLPurifier_HTMLModule_Edit extends HTMLPurifier_HTMLModule
|
class HTMLPurifier_HTMLModule_Edit extends HTMLPurifier_HTMLModule
|
||||||
{
|
{
|
||||||
|
|
||||||
var $name = 'Edit';
|
public $name = 'Edit';
|
||||||
|
|
||||||
function HTMLPurifier_HTMLModule_Edit() {
|
public function HTMLPurifier_HTMLModule_Edit() {
|
||||||
$contents = 'Chameleon: #PCDATA | Inline ! #PCDATA | Flow';
|
$contents = 'Chameleon: #PCDATA | Inline ! #PCDATA | Flow';
|
||||||
$attr = array(
|
$attr = array(
|
||||||
'cite' => 'URI',
|
'cite' => 'URI',
|
||||||
@ -29,8 +29,8 @@ class HTMLPurifier_HTMLModule_Edit extends HTMLPurifier_HTMLModule
|
|||||||
// Inline context ! Block context (exclamation mark is
|
// Inline context ! Block context (exclamation mark is
|
||||||
// separator, see getChildDef for parsing)
|
// separator, see getChildDef for parsing)
|
||||||
|
|
||||||
var $defines_child_def = true;
|
public $defines_child_def = true;
|
||||||
function getChildDef($def) {
|
public function getChildDef($def) {
|
||||||
if ($def->content_model_type != 'chameleon') return false;
|
if ($def->content_model_type != 'chameleon') return false;
|
||||||
$value = explode('!', $def->content_model);
|
$value = explode('!', $def->content_model);
|
||||||
return new HTMLPurifier_ChildDef_Chameleon($value[0], $value[1]);
|
return new HTMLPurifier_ChildDef_Chameleon($value[0], $value[1]);
|
||||||
|
@ -9,9 +9,9 @@ require_once 'HTMLPurifier/AttrDef/HTML/LinkTypes.php';
|
|||||||
class HTMLPurifier_HTMLModule_Hypertext extends HTMLPurifier_HTMLModule
|
class HTMLPurifier_HTMLModule_Hypertext extends HTMLPurifier_HTMLModule
|
||||||
{
|
{
|
||||||
|
|
||||||
var $name = 'Hypertext';
|
public $name = 'Hypertext';
|
||||||
|
|
||||||
function HTMLPurifier_HTMLModule_Hypertext() {
|
public function HTMLPurifier_HTMLModule_Hypertext() {
|
||||||
$a =& $this->addElement(
|
$a =& $this->addElement(
|
||||||
'a', true, 'Inline', 'Inline', 'Common',
|
'a', true, 'Inline', 'Inline', 'Common',
|
||||||
array(
|
array(
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user