mirror of
https://github.com/ezyang/htmlpurifier.git
synced 2024-12-22 08:21:52 +00:00
[3.1.0] Split out VarParser from ConfigSchema
git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1601 48356398-32a2-884e-a903-53898d9a118a
This commit is contained in:
parent
b9eb44bf03
commit
7480e7b956
3
NEWS
3
NEWS
@ -68,7 +68,8 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
|
||||
. Smoketests now cleanup after magic quotes
|
||||
. Generator now can output comments (however, comments are still stripped
|
||||
from HTML Purifier output)
|
||||
. substr_count PHP4 compatibility cludge removed
|
||||
. HTMLPurifier_ConfigSchema->validate() deprecated in favor of
|
||||
HTMLPurifier_VarParser->parse()
|
||||
|
||||
3.0.0, released 2008-01-06
|
||||
# HTML Purifier is PHP 5 only! The 2.1.x branch will be maintained
|
||||
|
@ -66,6 +66,8 @@ require 'HTMLPurifier/URIFilter.php';
|
||||
require 'HTMLPurifier/URIParser.php';
|
||||
require 'HTMLPurifier/URIScheme.php';
|
||||
require 'HTMLPurifier/URISchemeRegistry.php';
|
||||
require 'HTMLPurifier/VarParser.php';
|
||||
require 'HTMLPurifier/VarParserException.php';
|
||||
require 'HTMLPurifier/AttrDef/CSS.php';
|
||||
require 'HTMLPurifier/AttrDef/Enum.php';
|
||||
require 'HTMLPurifier/AttrDef/Integer.php';
|
||||
|
@ -46,6 +46,11 @@ class HTMLPurifier_Config
|
||||
*/
|
||||
protected $conf;
|
||||
|
||||
/**
|
||||
* Parser for variables
|
||||
*/
|
||||
protected $parser;
|
||||
|
||||
/**
|
||||
* Reference HTMLPurifier_ConfigSchema for value checking
|
||||
* @note This is public for introspective purposes. Please don't
|
||||
@ -70,6 +75,7 @@ class HTMLPurifier_Config
|
||||
public function __construct(&$definition) {
|
||||
$this->conf = $definition->defaults; // set up, copy in defaults
|
||||
$this->def = $definition; // keep a copy around for checking
|
||||
$this->parser = new HTMLPurifier_VarParser();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -200,11 +206,16 @@ class HTMLPurifier_Config
|
||||
$value, true);
|
||||
return;
|
||||
}
|
||||
$value = $this->def->validate(
|
||||
$value,
|
||||
$type = $this->def->info[$namespace][$key]->type,
|
||||
$this->def->info[$namespace][$key]->allow_null
|
||||
);
|
||||
try {
|
||||
$value = $this->parser->parse(
|
||||
$value,
|
||||
$type = $this->def->info[$namespace][$key]->type,
|
||||
$this->def->info[$namespace][$key]->allow_null
|
||||
);
|
||||
} catch (HTMLPurifier_VarParserException $e) {
|
||||
trigger_error('Value for ' . "$namespace.$key" . ' is of invalid type, should be ' . $type, E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
if (is_string($value)) {
|
||||
// resolve value alias if defined
|
||||
if (isset($this->def->info[$namespace][$key]->aliases[$value])) {
|
||||
@ -219,10 +230,6 @@ class HTMLPurifier_Config
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($this->def->isError($value)) {
|
||||
trigger_error('Value for ' . "$namespace.$key" . ' is of invalid type, should be ' . $type, E_USER_WARNING);
|
||||
return;
|
||||
}
|
||||
$this->conf[$namespace][$key] = $value;
|
||||
|
||||
// reset definitions if the directives they depend on changed
|
||||
|
@ -28,6 +28,11 @@ class HTMLPurifier_ConfigSchema {
|
||||
*/
|
||||
static protected $singleton;
|
||||
|
||||
/**
|
||||
* Variable parser.
|
||||
*/
|
||||
protected $parser;
|
||||
|
||||
/**
|
||||
* Lookup table of allowed types.
|
||||
*/
|
||||
@ -45,6 +50,10 @@ class HTMLPurifier_ConfigSchema {
|
||||
'mixed' => 'Mixed'
|
||||
);
|
||||
|
||||
public function __construct() {
|
||||
$this->parser = new HTMLPurifier_VarParser();
|
||||
}
|
||||
|
||||
/**
|
||||
* Unserializes the default ConfigSchema.
|
||||
*/
|
||||
@ -127,8 +136,9 @@ class HTMLPurifier_ConfigSchema {
|
||||
E_USER_ERROR);
|
||||
return;
|
||||
}
|
||||
$default = $this->validate($default, $type, $allow_null);
|
||||
if ($this->isError($default)) {
|
||||
try {
|
||||
$default = $this->parser->parse($default, $type, $allow_null);
|
||||
} catch (HTMLPurifier_VarParserException $e) {
|
||||
trigger_error('Default value does not match directive type',
|
||||
E_USER_ERROR);
|
||||
return;
|
||||
@ -298,99 +308,6 @@ class HTMLPurifier_ConfigSchema {
|
||||
$this->info[$new_namespace][$new_name]->directiveAliases[] = "$namespace.$name";
|
||||
}
|
||||
|
||||
/**
|
||||
* Validate a variable according to type. Return null if invalid.
|
||||
* @todo Consider making protected
|
||||
*/
|
||||
public function validate($var, $type, $allow_null = false) {
|
||||
if (!isset($this->types[$type])) {
|
||||
trigger_error('Invalid type', E_USER_ERROR);
|
||||
return;
|
||||
}
|
||||
if ($allow_null && $var === null) return null;
|
||||
switch ($type) {
|
||||
case 'mixed':
|
||||
//if (is_string($var)) $var = unserialize($var);
|
||||
return $var;
|
||||
case 'istring':
|
||||
case 'string':
|
||||
case 'text': // no difference, just is longer/multiple line string
|
||||
case 'itext':
|
||||
if (!is_string($var)) break;
|
||||
if ($type === 'istring' || $type === 'itext') $var = strtolower($var);
|
||||
return $var;
|
||||
case 'int':
|
||||
if (is_string($var) && ctype_digit($var)) $var = (int) $var;
|
||||
elseif (!is_int($var)) break;
|
||||
return $var;
|
||||
case 'float':
|
||||
if (is_string($var) && is_numeric($var)) $var = (float) $var;
|
||||
elseif (!is_float($var)) break;
|
||||
return $var;
|
||||
case 'bool':
|
||||
if (is_int($var) && ($var === 0 || $var === 1)) {
|
||||
$var = (bool) $var;
|
||||
} elseif (is_string($var)) {
|
||||
if ($var == 'on' || $var == 'true' || $var == '1') {
|
||||
$var = true;
|
||||
} elseif ($var == 'off' || $var == 'false' || $var == '0') {
|
||||
$var = false;
|
||||
} else {
|
||||
break;
|
||||
}
|
||||
} elseif (!is_bool($var)) break;
|
||||
return $var;
|
||||
case 'list':
|
||||
case 'hash':
|
||||
case 'lookup':
|
||||
if (is_string($var)) {
|
||||
// special case: technically, this is an array with
|
||||
// a single empty string item, but having an empty
|
||||
// array is more intuitive
|
||||
if ($var == '') return array();
|
||||
if (strpos($var, "\n") === false && strpos($var, "\r") === false) {
|
||||
// simplistic string to array method that only works
|
||||
// for simple lists of tag names or alphanumeric characters
|
||||
$var = explode(',',$var);
|
||||
} else {
|
||||
$var = preg_split('/(,|[\n\r]+)/', $var);
|
||||
}
|
||||
// remove spaces
|
||||
foreach ($var as $i => $j) $var[$i] = trim($j);
|
||||
if ($type === 'hash') {
|
||||
// key:value,key2:value2
|
||||
$nvar = array();
|
||||
foreach ($var as $keypair) {
|
||||
$c = explode(':', $keypair, 2);
|
||||
if (!isset($c[1])) continue;
|
||||
$nvar[$c[0]] = $c[1];
|
||||
}
|
||||
$var = $nvar;
|
||||
}
|
||||
}
|
||||
if (!is_array($var)) break;
|
||||
$keys = array_keys($var);
|
||||
if ($keys === array_keys($keys)) {
|
||||
if ($type == 'list') return $var;
|
||||
elseif ($type == 'lookup') {
|
||||
$new = array();
|
||||
foreach ($var as $key) {
|
||||
$new[$key] = true;
|
||||
}
|
||||
return $new;
|
||||
} else break;
|
||||
}
|
||||
if ($type === 'lookup') {
|
||||
foreach ($var as $key => $value) {
|
||||
$var[$key] = true;
|
||||
}
|
||||
}
|
||||
return $var;
|
||||
}
|
||||
$error = new HTMLPurifier_Error();
|
||||
return $error;
|
||||
}
|
||||
|
||||
/**
|
||||
* Takes an absolute path and munges it into a more manageable relative path
|
||||
* @todo Consider making protected
|
||||
@ -414,6 +331,13 @@ class HTMLPurifier_ConfigSchema {
|
||||
if (!($var instanceof HTMLPurifier_Error)) return false;
|
||||
return true;
|
||||
}
|
||||
|
||||
/** @deprecated, use HTMLPurifier_VarParser->parse() */
|
||||
public function validate($a, $b, $c = false) {
|
||||
trigger_error("HTMLPurifier_ConfigSchema->validate deprecated, use HTMLPurifier_VarParser->parse instead", E_USER_NOTICE);
|
||||
return $this->parser->parse($a, $b, $c);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
|
File diff suppressed because one or more lines are too long
124
library/HTMLPurifier/VarParser.php
Normal file
124
library/HTMLPurifier/VarParser.php
Normal file
@ -0,0 +1,124 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Parses string representations into their corresponding native PHP
|
||||
* variable type.
|
||||
*/
|
||||
class HTMLPurifier_VarParser
|
||||
{
|
||||
|
||||
/**
|
||||
* Lookup table of allowed types.
|
||||
*/
|
||||
public $types = array(
|
||||
'string' => true,
|
||||
'istring' => true,
|
||||
'text' => true,
|
||||
'itext' => true,
|
||||
'int' => true,
|
||||
'float' => true,
|
||||
'bool' => true,
|
||||
'lookup' => true,
|
||||
'list' => true,
|
||||
'hash' => true,
|
||||
'mixed' => true
|
||||
);
|
||||
|
||||
/**
|
||||
* Validate a variable according to type. Throws exception if invalid.
|
||||
* It may return NULL as a valid type.
|
||||
*/
|
||||
public function parse($var, $type, $allow_null = false) {
|
||||
if (!isset($this->types[$type])) {
|
||||
throw new HTMLPurifier_VarParserException("Invalid type $type");
|
||||
}
|
||||
if ($allow_null && $var === null) return null;
|
||||
switch ($type) {
|
||||
// Note: if code "breaks" from the switch, it triggers a generic
|
||||
// exception to be thrown. Specific errors can be specifically
|
||||
// done here.
|
||||
case 'mixed':
|
||||
//if (is_string($var)) $var = unserialize($var);
|
||||
return $var;
|
||||
case 'istring':
|
||||
case 'string':
|
||||
case 'text': // no difference, just is longer/multiple line string
|
||||
case 'itext':
|
||||
if (!is_string($var)) break;
|
||||
if ($type === 'istring' || $type === 'itext') $var = strtolower($var);
|
||||
return $var;
|
||||
case 'int':
|
||||
if (is_string($var) && ctype_digit($var)) $var = (int) $var;
|
||||
elseif (!is_int($var)) break;
|
||||
return $var;
|
||||
case 'float':
|
||||
if (is_string($var) && is_numeric($var)) $var = (float) $var;
|
||||
elseif (!is_float($var)) break;
|
||||
return $var;
|
||||
case 'bool':
|
||||
if (is_int($var) && ($var === 0 || $var === 1)) {
|
||||
$var = (bool) $var;
|
||||
} elseif (is_string($var)) {
|
||||
if ($var == 'on' || $var == 'true' || $var == '1') {
|
||||
$var = true;
|
||||
} elseif ($var == 'off' || $var == 'false' || $var == '0') {
|
||||
$var = false;
|
||||
} else {
|
||||
throw new HTMLPurifier_VarParserException("Unrecognized value '$var' for $type");
|
||||
}
|
||||
} elseif (!is_bool($var)) break;
|
||||
return $var;
|
||||
case 'list':
|
||||
case 'hash':
|
||||
case 'lookup':
|
||||
if (is_string($var)) {
|
||||
// special case: technically, this is an array with
|
||||
// a single empty string item, but having an empty
|
||||
// array is more intuitive
|
||||
if ($var == '') return array();
|
||||
if (strpos($var, "\n") === false && strpos($var, "\r") === false) {
|
||||
// simplistic string to array method that only works
|
||||
// for simple lists of tag names or alphanumeric characters
|
||||
$var = explode(',',$var);
|
||||
} else {
|
||||
$var = preg_split('/(,|[\n\r]+)/', $var);
|
||||
}
|
||||
// remove spaces
|
||||
foreach ($var as $i => $j) $var[$i] = trim($j);
|
||||
if ($type === 'hash') {
|
||||
// key:value,key2:value2
|
||||
$nvar = array();
|
||||
foreach ($var as $keypair) {
|
||||
$c = explode(':', $keypair, 2);
|
||||
if (!isset($c[1])) continue;
|
||||
$nvar[$c[0]] = $c[1];
|
||||
}
|
||||
$var = $nvar;
|
||||
}
|
||||
}
|
||||
if (!is_array($var)) break;
|
||||
$keys = array_keys($var);
|
||||
if ($keys === array_keys($keys)) {
|
||||
if ($type == 'list') return $var;
|
||||
elseif ($type == 'lookup') {
|
||||
$new = array();
|
||||
foreach ($var as $key) {
|
||||
$new[$key] = true;
|
||||
}
|
||||
return $new;
|
||||
} else break;
|
||||
}
|
||||
if ($type === 'lookup') {
|
||||
foreach ($var as $key => $value) {
|
||||
$var[$key] = true;
|
||||
}
|
||||
}
|
||||
return $var;
|
||||
default:
|
||||
// This should not happen!
|
||||
throw new HTMLPurifier_Exception("Inconsistency in HTMLPurifier_VarParser: $type is not implemented");
|
||||
}
|
||||
throw new HTMLPurifier_VarParserException("Invalid input for type $type");
|
||||
}
|
||||
|
||||
}
|
9
library/HTMLPurifier/VarParserException.php
Normal file
9
library/HTMLPurifier/VarParserException.php
Normal file
@ -0,0 +1,9 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Exception type for HTMLPurifier_VarParser
|
||||
*/
|
||||
class HTMLPurifier_VarParserException extends HTMLPurifier_Exception
|
||||
{
|
||||
|
||||
}
|
@ -180,82 +180,5 @@ class HTMLPurifier_ConfigSchemaTest extends HTMLPurifier_Harness
|
||||
$this->schema->addAlias('Home', 'Rug2', 'Home', 'Carpet');
|
||||
}
|
||||
|
||||
function assertValid($var, $type, $ret = null) {
|
||||
$ret = ($ret === null) ? $var : $ret;
|
||||
$this->assertIdentical($this->schema->validate($var, $type), $ret);
|
||||
}
|
||||
|
||||
function assertInvalid($var, $type) {
|
||||
$this->assertTrue(
|
||||
$this->schema->isError(
|
||||
$this->schema->validate($var, $type)
|
||||
)
|
||||
);
|
||||
}
|
||||
|
||||
function testValidate() {
|
||||
|
||||
$this->assertValid('foobar', 'string');
|
||||
$this->assertValid('foobar', 'text'); // aliases, lstring = long string
|
||||
$this->assertValid('FOOBAR', 'istring', 'foobar');
|
||||
$this->assertValid('FOOBAR', 'itext', 'foobar');
|
||||
|
||||
$this->assertValid(34, 'int');
|
||||
|
||||
$this->assertValid(3.34, 'float');
|
||||
|
||||
$this->assertValid(false, 'bool');
|
||||
$this->assertValid(0, 'bool', false);
|
||||
$this->assertValid(1, 'bool', true);
|
||||
$this->assertValid('true', 'bool', true);
|
||||
$this->assertValid('false', 'bool', false);
|
||||
$this->assertValid('1', 'bool', true);
|
||||
$this->assertInvalid(34, 'bool');
|
||||
$this->assertInvalid(null, 'bool');
|
||||
|
||||
$this->assertValid(array('1', '2', '3'), 'list');
|
||||
$this->assertValid('foo,bar, cow', 'list', array('foo', 'bar', 'cow'));
|
||||
$this->assertValid('', 'list', array());
|
||||
$this->assertValid("foo\nbar", 'list', array('foo', 'bar'));
|
||||
$this->assertValid("foo\nbar,baz", 'list', array('foo', 'bar', 'baz'));
|
||||
|
||||
$this->assertValid(array('1' => true, '2' => true), 'lookup');
|
||||
$this->assertValid(array('1', '2'), 'lookup', array('1' => true, '2' => true));
|
||||
$this->assertValid('foo,bar', 'lookup', array('foo' => true, 'bar' => true));
|
||||
$this->assertValid("foo\nbar", 'lookup', array('foo' => true, 'bar' => true));
|
||||
$this->assertValid("foo\nbar,baz", 'lookup', array('foo' => true, 'bar' => true, 'baz' => true));
|
||||
$this->assertValid('', 'lookup', array());
|
||||
$this->assertValid(array(), 'lookup');
|
||||
|
||||
$this->assertValid(array('foo' => 'bar'), 'hash');
|
||||
$this->assertValid(array(1 => 'moo'), 'hash');
|
||||
$this->assertInvalid(array(0 => 'moo'), 'hash');
|
||||
$this->assertValid('', 'hash', array());
|
||||
$this->assertValid('foo:bar,too:two', 'hash', array('foo' => 'bar', 'too' => 'two'));
|
||||
$this->assertValid("foo:bar\ntoo:two,three:free", 'hash', array('foo' => 'bar', 'too' => 'two', 'three' => 'free'));
|
||||
$this->assertValid('foo:bar,too', 'hash', array('foo' => 'bar'));
|
||||
$this->assertValid('foo:bar,', 'hash', array('foo' => 'bar'));
|
||||
$this->assertValid('foo:bar:baz', 'hash', array('foo' => 'bar:baz'));
|
||||
|
||||
$this->assertValid(23, 'mixed');
|
||||
|
||||
}
|
||||
|
||||
function testValidate_null() {
|
||||
|
||||
$this->assertTrue(
|
||||
$this->schema->isError(
|
||||
$this->schema->validate(null, 'string', false)
|
||||
)
|
||||
);
|
||||
|
||||
$this->assertFalse(
|
||||
$this->schema->isError(
|
||||
$this->schema->validate(null, 'string', true)
|
||||
)
|
||||
);
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
84
tests/HTMLPurifier/VarParserTest.php
Normal file
84
tests/HTMLPurifier/VarParserTest.php
Normal file
@ -0,0 +1,84 @@
|
||||
<?php
|
||||
|
||||
class HTMLPurifier_VarParserTest extends UnitTestCase
|
||||
{
|
||||
|
||||
protected $parser;
|
||||
|
||||
public function setup() {
|
||||
$this->parser = new HTMLPurifier_VarParser();
|
||||
}
|
||||
|
||||
function assertValid($var, $type, $ret = null) {
|
||||
$ret = ($ret === null) ? $var : $ret;
|
||||
$this->assertIdentical($this->parser->parse($var, $type), $ret);
|
||||
}
|
||||
|
||||
function assertInvalid($var, $type, $msg = null) {
|
||||
$caught = false;
|
||||
try {
|
||||
$this->parser->parse($var, $type);
|
||||
} catch (HTMLPurifier_VarParserException $e) {
|
||||
$caught = true;
|
||||
if ($msg !== null) $this->assertIdentical($e->getMessage(), $msg);
|
||||
}
|
||||
if (!$caught) {
|
||||
$this->fail('Did not catch expected error');
|
||||
}
|
||||
}
|
||||
|
||||
function testValidate() {
|
||||
|
||||
$this->assertValid('foobar', 'string');
|
||||
$this->assertValid('foobar', 'text'); // aliases, lstring = long string
|
||||
$this->assertValid('FOOBAR', 'istring', 'foobar');
|
||||
$this->assertValid('FOOBAR', 'itext', 'foobar');
|
||||
|
||||
$this->assertValid(34, 'int');
|
||||
|
||||
$this->assertValid(3.34, 'float');
|
||||
|
||||
$this->assertValid(false, 'bool');
|
||||
$this->assertValid(0, 'bool', false);
|
||||
$this->assertValid(1, 'bool', true);
|
||||
$this->assertValid('true', 'bool', true);
|
||||
$this->assertValid('false', 'bool', false);
|
||||
$this->assertValid('1', 'bool', true);
|
||||
$this->assertInvalid(34, 'bool');
|
||||
$this->assertInvalid(null, 'bool');
|
||||
|
||||
$this->assertValid(array('1', '2', '3'), 'list');
|
||||
$this->assertValid('foo,bar, cow', 'list', array('foo', 'bar', 'cow'));
|
||||
$this->assertValid('', 'list', array());
|
||||
$this->assertValid("foo\nbar", 'list', array('foo', 'bar'));
|
||||
$this->assertValid("foo\nbar,baz", 'list', array('foo', 'bar', 'baz'));
|
||||
|
||||
$this->assertValid(array('1' => true, '2' => true), 'lookup');
|
||||
$this->assertValid(array('1', '2'), 'lookup', array('1' => true, '2' => true));
|
||||
$this->assertValid('foo,bar', 'lookup', array('foo' => true, 'bar' => true));
|
||||
$this->assertValid("foo\nbar", 'lookup', array('foo' => true, 'bar' => true));
|
||||
$this->assertValid("foo\nbar,baz", 'lookup', array('foo' => true, 'bar' => true, 'baz' => true));
|
||||
$this->assertValid('', 'lookup', array());
|
||||
$this->assertValid(array(), 'lookup');
|
||||
|
||||
$this->assertValid(array('foo' => 'bar'), 'hash');
|
||||
$this->assertValid(array(1 => 'moo'), 'hash');
|
||||
$this->assertInvalid(array(0 => 'moo'), 'hash');
|
||||
$this->assertValid('', 'hash', array());
|
||||
$this->assertValid('foo:bar,too:two', 'hash', array('foo' => 'bar', 'too' => 'two'));
|
||||
$this->assertValid("foo:bar\ntoo:two,three:free", 'hash', array('foo' => 'bar', 'too' => 'two', 'three' => 'free'));
|
||||
$this->assertValid('foo:bar,too', 'hash', array('foo' => 'bar'));
|
||||
$this->assertValid('foo:bar,', 'hash', array('foo' => 'bar'));
|
||||
$this->assertValid('foo:bar:baz', 'hash', array('foo' => 'bar:baz'));
|
||||
|
||||
$this->assertValid(23, 'mixed');
|
||||
|
||||
}
|
||||
|
||||
function testValidate_null() {
|
||||
$this->assertIdentical($this->parser->parse(null, 'string', true), null);
|
||||
$this->expectException('HTMLPurifier_VarParserException');
|
||||
$this->parser->parse(null, 'string', false);
|
||||
}
|
||||
|
||||
}
|
Loading…
Reference in New Issue
Block a user