chamilo / chamilo-lms

main/inc/lib/image.lib.php

Indentation +120 added lines, -120 removed lines

@@ -47,7 +47,7 @@ 
             if ($height >= $max_size_for_picture) {
                 // scale width
                 $new_width = round($width * ($max_size_for_picture / $height));
-                 $this->image_wrapper->resize($new_width, $max_size_for_picture, 0);
+                    $this->image_wrapper->resize($new_width, $max_size_for_picture, 0);
             }
         }
     }
@@ -149,7 +149,7 @@ 
 
     public function __construct($path)
     {
-          parent::__construct($path);
+            parent::__construct($path);
     }
 
     public function set_image_wrapper()
@@ -184,19 +184,19 @@ 
         }
     }
 
-	public function get_image_size()
+    public function get_image_size()
     {
-		$imagesize = array('width'=>0,'height'=>0);
-	    if ($this->image_validated) {
+        $imagesize = array('width'=>0,'height'=>0);
+        if ($this->image_validated) {
             $imagesize = $this->image->getImageGeometry();
-	    }
-	    return $imagesize;
-	}
+        }
+        return $imagesize;
+    }
 
-	//@todo implement border logic case for Imagick
-	public function resize($thumbw, $thumbh, $border, $specific_size = false)
+    //@todo implement border logic case for Imagick
+    public function resize($thumbw, $thumbh, $border, $specific_size = false)
     {
-	    if (!$this->image_validated) return false;
+        if (!$this->image_validated) return false;
 
         if ($specific_size) {
             $width = $thumbw;
@@ -206,10 +206,10 @@ 
             $width  = (int)($this->width * $scale);
             $height = (int)($this->height * $scale);
         }
-		$result = $this->image->resizeImage($width, $height, $this->filter, 1);
-		$this->width  = $thumbw;
-		$this->height = $thumbh;
-	}
+        $result = $this->image->resizeImage($width, $height, $this->filter, 1);
+        $this->width  = $thumbw;
+        $this->height = $thumbh;
+    }
     
     /**
      * @author José Loguercio <jose.loguercio@beeznest.com>
@@ -224,8 +224,8 @@ 
     public function crop($x, $y, $width, $height, $src_width, $src_height) {
         if (!$this->image_validated) return false;
         $this->image->cropimage($width, $height, $x, $y);
-		$this->width  = $width;
-		$this->height = $height;
+        $this->width  = $width;
+        $this->height = $height;
     }
 
     public function send_image($file = '', $compress = -1, $convert_file_to = null)
@@ -235,35 +235,35 @@ 
         if (!empty($convert_file_to) && in_array($convert_file_to, $this->allowed_extensions)) {
             $type = $convert_file_to;
         }
-		switch ($type) {
-		    case 'jpeg':
-			case 'jpg':
-				if (!$file) header("Content-type: image/jpeg");
-				break;
-			case 'png':
-				if (!$file) header("Content-type: image/png");
-				break;
-			case 'gif':
-				if (!$file) header("Content-type: image/gif");
-				break;
-		}
-		$result = false;
-		try {
-		    $result = $this->image->writeImage($file);
-		} catch(ImagickException $e) {
+        switch ($type) {
+            case 'jpeg':
+            case 'jpg':
+                if (!$file) header("Content-type: image/jpeg");
+                break;
+            case 'png':
+                if (!$file) header("Content-type: image/png");
+                break;
+            case 'gif':
+                if (!$file) header("Content-type: image/gif");
+                break;
+        }
+        $result = false;
+        try {
+            $result = $this->image->writeImage($file);
+        } catch(ImagickException $e) {
             if ($this->debug) error_log($e->getMessage());
         }
 
-		if (!$file) {
-		    echo $this->image;
-		    $this->image->clear();
+        if (!$file) {
+            echo $this->image;
+            $this->image->clear();
             $this->image->destroy();
-		} else {
-		    $this->image->clear();
+        } else {
+            $this->image->clear();
             $this->image->destroy();
-		    return $result;
-		}
-	}
+            return $result;
+        }
+    }
 
 }
 
@@ -285,21 +285,21 @@ 
         $this->fill_image_info();
 
         switch ($this->type) {
-        	case 0:
-        		$handler = false;
-        		break;
-		    case 1 :
+            case 0:
+                $handler = false;
+                break;
+            case 1 :
                 $handler = @imagecreatefromgif($this->path);
                 $this->type = 'gif';
                 break;
-		    case 2 :
+            case 2 :
                 $handler = @imagecreatefromjpeg($this->path);
                 $this->type = 'jpg';
                 break;
-		    case 3 :
-		        $handler = @imagecreatefrompng($this->path);
-		        $this->type = 'png';
-		        break;
+            case 3 :
+                $handler = @imagecreatefrompng($this->path);
+                $this->type = 'png';
+                break;
         }
         if ($handler) {
             $this->image_validated = true;
@@ -313,29 +313,29 @@ 
     {
         $return_array = array('width'=>0,'height'=>0);
         if ($this->image_validated) {
-	        $return_array = array('width'=>$this->width,'height'=>$this->height);
+            $return_array = array('width'=>$this->width,'height'=>$this->height);
         }
         return $return_array;
-	}
+    }
 
     public function fill_image_info()
     {
-    	if (file_exists($this->path)) {
-	        $image_info     = getimagesize($this->path);
-			$this->width    = $image_info[0];
-			$this->height   = $image_info[1];
-			$this->type     = $image_info[2];
-    	} else {
-    		$this->width    = 0;
-    		$this->height   = 0;
-    		$this->type     = 0;
-    	}
+        if (file_exists($this->path)) {
+            $image_info     = getimagesize($this->path);
+            $this->width    = $image_info[0];
+            $this->height   = $image_info[1];
+            $this->type     = $image_info[2];
+        } else {
+            $this->width    = 0;
+            $this->height   = 0;
+            $this->type     = 0;
+        }
     }
 
     public function resize($thumbw, $thumbh, $border, $specific_size = false)
     {
         if (!$this->image_validated) return false;
-		if ($border == 1) {
+        if ($border == 1) {
             if ($specific_size) {
                 $width = $thumbw;
                 $height = $thumbh;
@@ -344,17 +344,17 @@ 
                 $width = (int)($this->width * $scale);
                 $height = (int)($this->height * $scale);
             }
-			$deltaw = (int)(($thumbw - $width) / 2);
-			$deltah = (int)(($thumbh - $height) / 2);
-			$dst_img = @ImageCreateTrueColor($thumbw, $thumbh);
-            		@imagealphablending($dst_img, false);
-		        @imagesavealpha($dst_img, true);
-			if (!empty($this->color)) {
-				@imagefill($dst_img, 0, 0, $this->color);
-			}
-			$this->width = $thumbw;
-			$this->height = $thumbh;
-		} elseif ($border == 0) {
+            $deltaw = (int)(($thumbw - $width) / 2);
+            $deltah = (int)(($thumbh - $height) / 2);
+            $dst_img = @ImageCreateTrueColor($thumbw, $thumbh);
+                    @imagealphablending($dst_img, false);
+                @imagesavealpha($dst_img, true);
+            if (!empty($this->color)) {
+                @imagefill($dst_img, 0, 0, $this->color);
+            }
+            $this->width = $thumbw;
+            $this->height = $thumbh;
+        } elseif ($border == 0) {
             if ($specific_size) {
                 $width = $thumbw;
                 $height = $thumbh;
@@ -363,19 +363,19 @@ 
                 $width  = (int)($this->width * $scale);
                 $height = (int)($this->height * $scale);
             }
-			$deltaw = 0;
-			$deltah = 0;
-			$dst_img = @ImageCreateTrueColor($width, $height);
-            		@imagealphablending($dst_img, false);
-		        @imagesavealpha($dst_img, true);
-			$this->width = $width;
-			$this->height = $height;
-		}
-		$src_img = $this->bg;
-		@ImageCopyResampled($dst_img, $src_img, $deltaw, $deltah, 0, 0, $width, $height, ImageSX($src_img), ImageSY($src_img));
-		$this->bg = $dst_img;
-		@imagedestroy($src_img);
-	}
+            $deltaw = 0;
+            $deltah = 0;
+            $dst_img = @ImageCreateTrueColor($width, $height);
+                    @imagealphablending($dst_img, false);
+                @imagesavealpha($dst_img, true);
+            $this->width = $width;
+            $this->height = $height;
+        }
+        $src_img = $this->bg;
+        @ImageCopyResampled($dst_img, $src_img, $deltaw, $deltah, 0, 0, $width, $height, ImageSX($src_img), ImageSY($src_img));
+        $this->bg = $dst_img;
+        @imagedestroy($src_img);
+    }
     
     /**
      * @author José Loguercio <jose.loguercio@beeznest.com>
@@ -389,7 +389,7 @@ 
     public function crop($x, $y, $width, $height, $src_width, $src_height) {
         if (!$this->image_validated) return false;
         $this->width = $width;
-		$this->height = $height;
+        $this->height = $height;
         $src = null;
         $dest = @imagecreatetruecolor($width, $height);
         $type = $this->type;
@@ -400,56 +400,56 @@ 
                 @imagecopy($dest, $src, 0, 0, $x, $y, $src_width, $src_height);
                 @imagejpeg($dest, $this->path);
                 break;
-		    case 'png' :
+            case 'png' :
                 $src = @imagecreatefrompng($this->path);
                 @imagecopy($dest, $src, 0, 0, $x, $y, $src_width, $src_height);
                 @imagepng($dest, $this->path);
                 break;
-		    case 'gif' :
-		        $src = @imagecreatefromgif($this->path);
+            case 'gif' :
+                $src = @imagecreatefromgif($this->path);
                 @imagecopy($dest, $src, 0, 0, $x, $y, $src_width, $src_height);
                 @imagegif($dest, $this->path);
-		        break;
+                break;
             default: return 0;
         }
         @imagedestroy($dest);
         @imagedestroy($src);
     }
 
-	public function send_image($file = '', $compress = -1, $convert_file_to = null)
+    public function send_image($file = '', $compress = -1, $convert_file_to = null)
     {
-	    if (!$this->image_validated) return false;
+        if (!$this->image_validated) return false;
         $compress = (int)$compress;
         $type = $this->type;
         if (!empty($convert_file_to) && in_array($convert_file_to, $this->allowed_extensions)) {
             $type = $convert_file_to;
         }
-		switch ($type) {
-		    case 'jpeg':
-			case 'jpg':
-				if (!$file) header("Content-type: image/jpeg");
-				if ($compress == -1) $compress = 100;
-				return imagejpeg($this->bg, $file, $compress);
-				break;
-			case 'png':
-				if (!$file) header("Content-type: image/png");
-				if ($compress != -1) {
-					@imagetruecolortopalette($this->bg, true, $compress);
-				}
-				return imagepng($this->bg, $file, $compress);
-				break;
-			case 'gif':
-				if (!$file) header("Content-type: image/gif");
-				if ($compress != -1) {
-					@imagetruecolortopalette($this->bg, true, $compress);
-				}
-				return imagegif($this->bg, $file, $compress);
-				break;
-			default: return 0;
-		}
-		// TODO: Occupied memory is not released, because the following fragment of code is actually dead.
-		@imagedestroy($this->bg);
-	}
+        switch ($type) {
+            case 'jpeg':
+            case 'jpg':
+                if (!$file) header("Content-type: image/jpeg");
+                if ($compress == -1) $compress = 100;
+                return imagejpeg($this->bg, $file, $compress);
+                break;
+            case 'png':
+                if (!$file) header("Content-type: image/png");
+                if ($compress != -1) {
+                    @imagetruecolortopalette($this->bg, true, $compress);
+                }
+                return imagepng($this->bg, $file, $compress);
+                break;
+            case 'gif':
+                if (!$file) header("Content-type: image/gif");
+                if ($compress != -1) {
+                    @imagetruecolortopalette($this->bg, true, $compress);
+                }
+                return imagegif($this->bg, $file, $compress);
+                break;
+            default: return 0;
+        }
+        // TODO: Occupied memory is not released, because the following fragment of code is actually dead.
+        @imagedestroy($this->bg);
+    }
 
     /**
      * Convert image to black & white

main/inc/lib/timeline.lib.php

Indentation +23 added lines, -23 removed lines

@@ -25,10 +25,10 @@ 
     );
     public $is_course_model = true;
 
-	public function __construct()
+    public function __construct()
     {
         $this->table =  Database::get_course_table(TABLE_TIMELINE);
-	}
+    }
 
     /**
      * Get the count of elements
@@ -52,16 +52,16 @@ 
     /**
      * Displays the title + grid
      */
-	public function listing()
+    public function listing()
     {
-		// action links
-		$html = '<div class="actions">';
+        // action links
+        $html = '<div class="actions">';
         //$html .= '<a href="career_dashboard.php">'.Display::return_icon('back.png',get_lang('Back'),'','32').'</a>';
-		$html .= '<a href="'.api_get_self().'?action=add">'.Display::return_icon('add.png', get_lang('Add'),'','32').'</a>';
-		$html .= '</div>';
+        $html .= '<a href="'.api_get_self().'?action=add">'.Display::return_icon('add.png', get_lang('Add'),'','32').'</a>';
+        $html .= '</div>';
         $html .= Display::grid_html('timelines');
         return $html;
-	}
+    }
 
     public function get_status_list()
     {
@@ -89,7 +89,7 @@ 
 
         $form->addElement('text', 'headline', get_lang('Name'), array('size' => '70'));
         //$form->addHtmlEditor('description', get_lang('Description'), false, false, array('ToolbarSet' => 'Careers','Width' => '100%', 'Height' => '250'));
-	    $status_list = $this->get_status_list();
+        $status_list = $this->get_status_list();
         $form->addElement('select', 'status', get_lang('Status'), $status_list);
         if ($action == 'edit') {
             //$form->addElement('text', 'created_at', get_lang('CreatedAt'));
@@ -173,7 +173,7 @@ 
 
         // Setting the rules
         $form->addRule('headline', get_lang('ThisFieldIsRequired'), 'required');
-		return $form;
+        return $form;
 
     }
 
@@ -184,11 +184,11 @@ 
     public function save_item($params)
     {
         $params['c_id'] = api_get_course_int_id();
-	    $id = parent::save($params);
-	    if (!empty($id)) {
-	    	//event_system(LOG_CAREER_CREATE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
-   		}
-   		return $id;
+        $id = parent::save($params);
+        if (!empty($id)) {
+            //event_system(LOG_CAREER_CREATE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
+            }
+            return $id;
     }
 
     /**
@@ -199,16 +199,16 @@ 
         $params['c_id'] = api_get_course_int_id();
         $params['parent_id'] = '0';
         $params['type'] = 'default';
-	    $id = parent::save($params);
-	    if (!empty($id)) {
-	    	//event_system(LOG_CAREER_CREATE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
-   		}
-   		return $id;
+        $id = parent::save($params);
+        if (!empty($id)) {
+            //event_system(LOG_CAREER_CREATE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
+            }
+            return $id;
     }
 
     public function delete($id) {
-	    parent::delete($id);
-	    //event_system(LOG_CAREER_DELETE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
+        parent::delete($id);
+        //event_system(LOG_CAREER_DELETE, LOG_CAREER_ID, $id, api_get_utc_datetime(), api_get_user_id());
     }
 
     public function get_url($id) {
@@ -247,7 +247,7 @@ 
         $item['asset'] = array( 'media'     => $item['media'],
                                 'credit'    => $item['media_credit'],
                                 'caption'   => $item['media_caption'],
-         );
+            );
 
         //Cleaning items
         unset($item['id']);

main/inc/lib/urlmanager.lib.php

Indentation +66 added lines, -66 removed lines

@@ -11,15 +11,15 @@ 
 class UrlManager
 {
     /**
-    * Creates a new url access
-    *
-    * @author Julio Montoya <gugli100@gmail.com>,
-    *
-    * @param	string	$url The URL of the site
-    * @param	string  $description The description of the site
-    * @param	int		$active is active or not
-    * @return boolean if success
-    */
+     * Creates a new url access
+     *
+     * @author Julio Montoya <gugli100@gmail.com>,
+     *
+     * @param	string	$url The URL of the site
+     * @param	string  $description The description of the site
+     * @param	int		$active is active or not
+     * @return boolean if success
+     */
     public static function add($url, $description, $active)
     {
         $tms = time();
@@ -36,15 +36,15 @@ 
     }
 
     /**
-    * Updates an URL access
-    * @author Julio Montoya <gugli100@gmail.com>,
-    *
-    * @param	int 	$url_id The url id
-    * @param	string 	$url
-    * @param	string  $description The description of the site
-    * @param	int		$active is active or not
-    * @return 	boolean if success
-    */
+     * Updates an URL access
+     * @author Julio Montoya <gugli100@gmail.com>,
+     *
+     * @param	int 	$url_id The url id
+     * @param	string 	$url
+     * @param	string  $description The description of the site
+     * @param	int		$active is active or not
+     * @return 	boolean if success
+     */
     public static function update($url_id, $url, $description, $active)
     {
         $url_id = intval($url_id);
@@ -63,12 +63,12 @@ 
     }
 
     /**
-    * Deletes an url
-    * @author Julio Montoya
-    * @param int $id url id
+     * Deletes an url
+     * @author Julio Montoya
+     * @param int $id url id
      *
-    * @return boolean true if success
-    * */
+     * @return boolean true if success
+     * */
     public static function delete($id)
     {
         $id = intval($id);
@@ -200,12 +200,12 @@ 
     }
 
     /**
-    * Gets the inner join of access_url and the course table
-    *
-    * @author Julio Montoya
-    * @param int  access url id
-    * @return array   Database::store_result of the result
-    **/
+     * Gets the inner join of access_url and the course table
+     *
+     * @author Julio Montoya
+     * @param int  access url id
+     * @return array   Database::store_result of the result
+     **/
     public static function get_url_rel_course_data($access_url_id = null)
     {
         $where = '';
@@ -362,12 +362,12 @@ 
     }
 
     /**
-    * Checks the relationship between an URL and a User (return the num_rows)
-    * @author Julio Montoya
-    * @param int user id
-    * @param int url id
-    * @return boolean true if success
-    * */
+     * Checks the relationship between an URL and a User (return the num_rows)
+     * @author Julio Montoya
+     * @param int user id
+     * @param int url id
+     * @return boolean true if success
+     * */
     public static function relation_url_user_exist($user_id, $url_id)
     {
         $table = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
@@ -377,15 +377,15 @@ 
         $num = Database::num_rows($result);
 
         return $num;
-	}
+    }
 
     /**
-    * Checks the relationship between an URL and a Course (return the num_rows)
-    * @author Julio Montoya
-    * @param int $courseId
-    * @param int $urlId
-    * @return boolean true if success
-    * */
+     * Checks the relationship between an URL and a Course (return the num_rows)
+     * @author Julio Montoya
+     * @param int $courseId
+     * @param int $urlId
+     * @return boolean true if success
+     * */
     public static function relation_url_course_exist($courseId, $urlId)
     {
         $table_url_rel_course = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
@@ -420,12 +420,12 @@ 
     }
 
     /**
-    * Checks the relationship between an URL and a Session (return the num_rows)
-    * @author Julio Montoya
-    * @param int user id
-    * @param int url id
-    * @return boolean true if success
-    * */
+     * Checks the relationship between an URL and a Session (return the num_rows)
+     * @author Julio Montoya
+     * @param int user id
+     * @param int url id
+     * @return boolean true if success
+     * */
     public static function relation_url_session_exist($session_id, $url_id)
     {
         $table_url_rel_session= Database::get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);
@@ -737,13 +737,13 @@ 
     }
 
     /**
-    * Deletes an url and user relationship
-    * @author Julio Montoya
-    * @param int user id
-    * @param int url id
+     * Deletes an url and user relationship
+     * @author Julio Montoya
+     * @param int user id
+     * @param int url id
      *
-    * @return boolean true if success
-    * */
+     * @return boolean true if success
+     * */
     public static function delete_url_rel_user($user_id, $url_id)
     {
         $table_url_rel_user = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_USER);
@@ -758,13 +758,13 @@ 
     }
 
     /**
-    * Deletes an url and course relationship
-    * @author Julio Montoya
-    * @param  int  $courseId
-    * @param  int  $urlId
+     * Deletes an url and course relationship
+     * @author Julio Montoya
+     * @param  int  $courseId
+     * @param  int  $urlId
      *
-    * @return boolean true if success
-    * */
+     * @return boolean true if success
+     * */
     public static function delete_url_rel_course($courseId, $urlId)
     {
         $table_url_rel_course= Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_COURSE);
@@ -814,13 +814,13 @@ 
     }
 
     /**
-    * Deletes an url and session relationship
-    * @author Julio Montoya
-    * @param  char  course code
-    * @param  int url id
+     * Deletes an url and session relationship
+     * @author Julio Montoya
+     * @param  char  course code
+     * @param  int url id
      *
-    * @return boolean true if success
-    * */
+     * @return boolean true if success
+     * */
     public static function delete_url_rel_session($session_id, $url_id)
     {
         $table_url_rel_session = Database :: get_main_table(TABLE_MAIN_ACCESS_URL_REL_SESSION);

main/inc/lib/kses-0.2.2/kses_original.php

Indentation +166 added lines, -166 removed lines

@@ -31,8 +31,8 @@ 
 
 
 function kses($string, $allowed_html, $allowed_protocols =
-               array('http', 'https', 'ftp', 'news', 'nntp', 'telnet',
-                     'gopher', 'mailto'))
+                array('http', 'https', 'ftp', 'news', 'nntp', 'telnet',
+                        'gopher', 'mailto'))
 ###############################################################################
 # This function makes sure that only the allowed HTML element names, attribute
 # names and attribute values plus only sane HTML entities will occur in
@@ -40,12 +40,12 @@ 
 # call this function.
 ###############################################################################
 {
-  $string = kses_no_null($string);
-  $string = kses_js_entities($string);
-  $string = kses_normalize_entities($string);
-  $string = kses_hook($string);
-  $allowed_html_fixed = kses_array_lc($allowed_html);
-  return kses_split($string, $allowed_html_fixed, $allowed_protocols);
+    $string = kses_no_null($string);
+    $string = kses_js_entities($string);
+    $string = kses_normalize_entities($string);
+    $string = kses_hook($string);
+    $allowed_html_fixed = kses_array_lc($allowed_html);
+    return kses_split($string, $allowed_html_fixed, $allowed_protocols);
 } # function kses
 
 
@@ -54,7 +54,7 @@ 
 # You add any kses hooks here.
 ###############################################################################
 {
-  return $string;
+    return $string;
 } # function kses_hook
 
 
@@ -63,7 +63,7 @@ 
 # This function returns kses' version number.
 ###############################################################################
 {
-  return '0.2.2';
+    return '0.2.2';
 } # function kses_version
 
 
@@ -73,13 +73,13 @@ 
 # matches stray ">" characters.
 ###############################################################################
 {
-  return preg_replace('%(<'.   # EITHER: <
-                      '[^>]*'. # things that aren't >
-                      '(>|$)'. # > or end of string
-                      '|>)%e', # OR: just a >
-                      "kses_split2('\\1', \$allowed_html, ".
-                      '$allowed_protocols)',
-                      $string);
+    return preg_replace('%(<'.   # EITHER: <
+                        '[^>]*'. # things that aren't >
+                        '(>|$)'. # > or end of string
+                        '|>)%e', # OR: just a >
+                        "kses_split2('\\1', \$allowed_html, ".
+                        '$allowed_protocols)',
+                        $string);
 } # function kses_split
 
 
@@ -91,30 +91,30 @@ 
 # attribute list.
 ###############################################################################
 {
-  $string = kses_stripslashes($string);
+    $string = kses_stripslashes($string);
 
-  if (substr($string, 0, 1) != '<')
+    if (substr($string, 0, 1) != '<')
     return '&gt;';
     # It matched a ">" character
 
-  if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
+    if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
     return '';
     # It's seriously malformed
 
-  $slash = trim($matches[1]);
-  $elem = $matches[2];
-  $attrlist = $matches[3];
+    $slash = trim($matches[1]);
+    $elem = $matches[2];
+    $attrlist = $matches[3];
 
-  if (!@isset($allowed_html[strtolower($elem)]))
+    if (!@isset($allowed_html[strtolower($elem)]))
     return '';
     # They are using a not allowed HTML element
 
-  if ($slash != '')
+    if ($slash != '')
     return "<$slash$elem>";
-  # No attributes are allowed for closing elements
+    # No attributes are allowed for closing elements
 
-  return kses_attr("$slash$elem", $attrlist, $allowed_html,
-                   $allowed_protocols);
+    return kses_attr("$slash$elem", $attrlist, $allowed_html,
+                    $allowed_protocols);
 } # function kses_split2
 
 
@@ -130,56 +130,56 @@ 
 {
 # Is there a closing XHTML slash at the end of the attributes?
 
-  $xhtml_slash = '';
-  if (preg_match('%\s/\s*$%', $attr))
+    $xhtml_slash = '';
+    if (preg_match('%\s/\s*$%', $attr))
     $xhtml_slash = ' /';
 
 # Are any attributes allowed at all for this element?
 
-  if (@count($allowed_html[strtolower($element)]) == 0)
+    if (@count($allowed_html[strtolower($element)]) == 0)
     return "<$element$xhtml_slash>";
 
 # Split it
 
-  $attrarr = kses_hair($attr, $allowed_protocols);
+    $attrarr = kses_hair($attr, $allowed_protocols);
 
 # Go through $attrarr, and save the allowed attributes for this element
 # in $attr2
 
-  $attr2 = '';
+    $attr2 = '';
 
-  foreach ($attrarr as $arreach)
-  {
+    foreach ($attrarr as $arreach)
+    {
     if (!@isset($allowed_html[strtolower($element)]
                             [strtolower($arreach['name'])]))
-      continue; # the attribute is not allowed
+        continue; # the attribute is not allowed
 
     $current = $allowed_html[strtolower($element)]
                             [strtolower($arreach['name'])];
 
     if (!is_array($current))
-      $attr2 .= ' '.$arreach['whole'];
+        $attr2 .= ' '.$arreach['whole'];
     # there are no checks
 
     else
     {
     # there are some checks
-      $ok = true;
-      foreach ($current as $currkey => $currval)
+        $ok = true;
+        foreach ($current as $currkey => $currval)
         if (!kses_check_attr_val($arreach['value'], $arreach['vless'],
-                                 $currkey, $currval))
+                                    $currkey, $currval))
         { $ok = false; break; }
 
-      if ($ok)
+        if ($ok)
         $attr2 .= ' '.$arreach['whole']; # it passed them
     } # if !is_array($current)
-  } # foreach
+    } # foreach
 
 # Remove any "<" or ">" characters
 
-  $attr2 = preg_replace('/[<>]/', '', $attr2);
+    $attr2 = preg_replace('/[<>]/', '', $attr2);
 
-  return "<$element$attr2$xhtml_slash>";
+    return "<$element$attr2$xhtml_slash>";
 } # function kses_attr
 
 
@@ -193,96 +193,96 @@ 
 # from attribute values.
 ###############################################################################
 {
-  $attrarr = array();
-  $mode = 0;
-  $attrname = '';
+    $attrarr = array();
+    $mode = 0;
+    $attrname = '';
 
 # Loop through the whole attribute list
 
-  while (strlen($attr) != 0)
-  {
+    while (strlen($attr) != 0)
+    {
     $working = 0; # Was the last operation successful?
 
     switch ($mode)
     {
-      case 0: # attribute name, href for instance
+        case 0: # attribute name, href for instance
 
         if (preg_match('/^([-a-zA-Z]+)/', $attr, $match))
         {
-          $attrname = $match[1];
-          $working = $mode = 1;
-          $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
+            $attrname = $match[1];
+            $working = $mode = 1;
+            $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
         }
 
         break;
 
-      case 1: # equals sign or valueless ("selected")
+        case 1: # equals sign or valueless ("selected")
 
         if (preg_match('/^\s*=\s*/', $attr)) # equals sign
         {
-          $working = 1; $mode = 2;
-          $attr = preg_replace('/^\s*=\s*/', '', $attr);
-          break;
+            $working = 1; $mode = 2;
+            $attr = preg_replace('/^\s*=\s*/', '', $attr);
+            break;
         }
 
         if (preg_match('/^\s+/', $attr)) # valueless
         {
-          $working = 1; $mode = 0;
-          $attrarr[] = array
+            $working = 1; $mode = 0;
+            $attrarr[] = array
                         ('name'  => $attrname,
-                         'value' => '',
-                         'whole' => $attrname,
-                         'vless' => 'y');
-          $attr = preg_replace('/^\s+/', '', $attr);
+                            'value' => '',
+                            'whole' => $attrname,
+                            'vless' => 'y');
+            $attr = preg_replace('/^\s+/', '', $attr);
         }
 
         break;
 
-      case 2: # attribute value, a URL after href= for instance
+        case 2: # attribute value, a URL after href= for instance
 
         if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match))
-         # "value"
+            # "value"
         {
-          $thisval = kses_bad_protocol($match[1], $allowed_protocols);
+            $thisval = kses_bad_protocol($match[1], $allowed_protocols);
 
-          $attrarr[] = array
+            $attrarr[] = array
                         ('name'  => $attrname,
-                         'value' => $thisval,
-                         'whole' => "$attrname=\"$thisval\"",
-                         'vless' => 'n');
-          $working = 1; $mode = 0;
-          $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
-          break;
+                            'value' => $thisval,
+                            'whole' => "$attrname=\"$thisval\"",
+                            'vless' => 'n');
+            $working = 1; $mode = 0;
+            $attr = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
+            break;
         }
 
         if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match))
-         # 'value'
+            # 'value'
         {
-          $thisval = kses_bad_protocol($match[1], $allowed_protocols);
+            $thisval = kses_bad_protocol($match[1], $allowed_protocols);
 
-          $attrarr[] = array
+            $attrarr[] = array
                         ('name'  => $attrname,
-                         'value' => $thisval,
-                         'whole' => "$attrname='$thisval'",
-                         'vless' => 'n');
-          $working = 1; $mode = 0;
-          $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
-          break;
+                            'value' => $thisval,
+                            'whole' => "$attrname='$thisval'",
+                            'vless' => 'n');
+            $working = 1; $mode = 0;
+            $attr = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
+            break;
         }
 
         if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match))
-         # value
+            # value
         {
-          $thisval = kses_bad_protocol($match[1], $allowed_protocols);
+            $thisval = kses_bad_protocol($match[1], $allowed_protocols);
 
-          $attrarr[] = array
+            $attrarr[] = array
                         ('name'  => $attrname,
-                         'value' => $thisval,
-                         'whole' => "$attrname=\"$thisval\"",
-                         'vless' => 'n');
-                         # We add quotes to conform to W3C's HTML spec.
-          $working = 1; $mode = 0;
-          $attr = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr);
+                            'value' => $thisval,
+                            'whole' => "$attrname=\"$thisval\"",
+                            'vless' => 'n');
+                            # We add quotes to conform to W3C's HTML spec.
+            $working = 1; $mode = 0;
+            $attr = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr);
         }
 
         break;
@@ -290,21 +290,21 @@ 
 
     if ($working == 0) # not well formed, remove and try again
     {
-      $attr = kses_html_error($attr);
-      $mode = 0;
+        $attr = kses_html_error($attr);
+        $mode = 0;
     }
-  } # while
+    } # while
 
-  if ($mode == 1)
-  # special case, for when the attribute list ends with a valueless
-  # attribute like "selected"
+    if ($mode == 1)
+    # special case, for when the attribute list ends with a valueless
+    # attribute like "selected"
     $attrarr[] = array
-                  ('name'  => $attrname,
-                   'value' => '',
-                   'whole' => $attrname,
-                   'vless' => 'y');
+                    ('name'  => $attrname,
+                    'value' => '',
+                    'whole' => $attrname,
+                    'vless' => 'y');
 
-  return $attrarr;
+    return $attrarr;
 } # function kses_hair
 
 
@@ -315,10 +315,10 @@ 
 # with even more checks to come soon.
 ###############################################################################
 {
-  $ok = true;
+    $ok = true;
 
-  switch (strtolower($checkname))
-  {
+    switch (strtolower($checkname))
+    {
     case 'maxlen':
     # The maxlen check makes sure that the attribute value has a length not
     # greater than the given value. This can be used to avoid Buffer Overflows
@@ -326,7 +326,7 @@ 
 
       if (strlen($value) > $checkvalue)
         $ok = false;
-      break;
+        break;
 
     case 'minlen':
     # The minlen check makes sure that the attribute value has a length not
@@ -334,7 +334,7 @@ 
 
       if (strlen($value) < $checkvalue)
         $ok = false;
-      break;
+        break;
 
     case 'maxval':
     # The maxval check does two things: it checks that the attribute value is
@@ -345,9 +345,9 @@ 
 
       if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
         $ok = false;
-      if ($value > $checkvalue)
+        if ($value > $checkvalue)
         $ok = false;
-      break;
+        break;
 
     case 'minval':
     # The minval check checks that the attribute value is a positive integer,
@@ -355,9 +355,9 @@ 
 
       if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
         $ok = false;
-      if ($value < $checkvalue)
+        if ($value < $checkvalue)
         $ok = false;
-      break;
+        break;
 
     case 'valueless':
     # The valueless check checks if the attribute has a value
@@ -367,10 +367,10 @@ 
 
       if (strtolower($checkvalue) != $vless)
         $ok = false;
-      break;
-  } # switch
+        break;
+    } # switch
 
-  return $ok;
+    return $ok;
 } # function kses_check_attr_val
 
 
@@ -382,17 +382,17 @@ 
 # fooled by a string like "javascript:javascript:alert(57)".
 ###############################################################################
 {
-  $string = kses_no_null($string);
-  $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
-  $string2 = $string.'a';
+    $string = kses_no_null($string);
+    $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
+    $string2 = $string.'a';
 
-  while ($string != $string2)
-  {
+    while ($string != $string2)
+    {
     $string2 = $string;
     $string = kses_bad_protocol_once($string, $allowed_protocols);
-  } # while
+    } # while
 
-  return $string;
+    return $string;
 } # function kses_bad_protocol
 
 
@@ -401,10 +401,10 @@ 
 # This function removes any NULL characters in $string.
 ###############################################################################
 {
-  $string = preg_replace('/\0+/', '', $string);
-  $string = preg_replace('/(\\\\0)+/', '', $string);
+    $string = preg_replace('/\0+/', '', $string);
+    $string = preg_replace('/(\\\\0)+/', '', $string);
 
-  return $string;
+    return $string;
 } # function kses_no_null
 
 
@@ -415,7 +415,7 @@ 
 # preg_replace(//e) seems to require this.
 ###############################################################################
 {
-  return preg_replace('%\\\\"%', '"', $string);
+    return preg_replace('%\\\\"%', '"', $string);
 } # function kses_stripslashes
 
 
@@ -424,21 +424,21 @@ 
 # This function goes through an array, and changes the keys to all lower case.
 ###############################################################################
 {
-  $outarray = array();
+    $outarray = array();
 
-  foreach ($inarray as $inkey => $inval)
-  {
+    foreach ($inarray as $inkey => $inval)
+    {
     $outkey = strtolower($inkey);
     $outarray[$outkey] = array();
 
     foreach ($inval as $inkey2 => $inval2)
     {
-      $outkey2 = strtolower($inkey2);
-      $outarray[$outkey][$outkey2] = $inval2;
+        $outkey2 = strtolower($inkey2);
+        $outarray[$outkey][$outkey2] = $inval2;
     } # foreach $inval
-  } # foreach $inarray
+    } # foreach $inarray
 
-  return $outarray;
+    return $outarray;
 } # function kses_array_lc
 
 
@@ -448,7 +448,7 @@ 
 # Netscape 4.
 ###############################################################################
 {
-  return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
+    return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
 } # function kses_js_entities
 
 
@@ -459,7 +459,7 @@ 
 # quotes and apostrophes as well.
 ###############################################################################
 {
-  return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string);
+    return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string);
 } # function kses_html_error
 
 
@@ -469,12 +469,12 @@ 
 # handling whitespace and HTML entities.
 ###############################################################################
 {
-	$string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
-	if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
-	{
-		$string = kses_bad_protocol_once2($string2[0],$allowed_protocols).trim($string2[1]);
-	}
-	return $string;
+    $string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
+    if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
+    {
+        $string = kses_bad_protocol_once2($string2[0],$allowed_protocols).trim($string2[1]);
+    }
+    return $string;
 } # function kses_bad_protocol_once
 
 
@@ -484,24 +484,24 @@ 
 # list or not, and returns different data depending on the answer.
 ###############################################################################
 {
-  $string2 = kses_decode_entities($string);
-  $string2 = preg_replace('/\s/', '', $string2);
-  $string2 = kses_no_null($string2);
-  $string2 = preg_replace('/\xad+/', '', $string2);
-   # deals with Opera "feature"
-  $string2 = strtolower($string2);
-
-  $allowed = false;
-  foreach ($allowed_protocols as $one_protocol)
+    $string2 = kses_decode_entities($string);
+    $string2 = preg_replace('/\s/', '', $string2);
+    $string2 = kses_no_null($string2);
+    $string2 = preg_replace('/\xad+/', '', $string2);
+    # deals with Opera "feature"
+    $string2 = strtolower($string2);
+
+    $allowed = false;
+    foreach ($allowed_protocols as $one_protocol)
     if (strtolower($one_protocol) == $string2)
     {
-      $allowed = true;
-      break;
+        $allowed = true;
+        break;
     }
 
-  if ($allowed)
+    if ($allowed)
     return "$string2:";
-  else
+    else
     return '';
 } # function kses_bad_protocol_once2
 
@@ -514,18 +514,18 @@ 
 {
 # Disarm all entities by converting & to &amp;
 
-  $string = str_replace('&', '&amp;', $string);
+    $string = str_replace('&', '&amp;', $string);
 
 # Change back the allowed entities in our entity whitelist
 
-  $string = preg_replace('/&amp;([A-Za-z][A-Za-z0-9]{0,19});/',
-                         '&\\1;', $string);
-  $string = preg_replace('/&amp;#0*([0-9]{1,5});/e',
-                         'kses_normalize_entities2("\\1")', $string);
-  $string = preg_replace('/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/',
-                         '&#\\1\\2;', $string);
+    $string = preg_replace('/&amp;([A-Za-z][A-Za-z0-9]{0,19});/',
+                            '&\\1;', $string);
+    $string = preg_replace('/&amp;#0*([0-9]{1,5});/e',
+                            'kses_normalize_entities2("\\1")', $string);
+    $string = preg_replace('/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/',
+                            '&#\\1\\2;', $string);
 
-  return $string;
+    return $string;
 } # function kses_normalize_entities
 
 
@@ -535,7 +535,7 @@ 
 # and nothing more for &#number; entities.
 ###############################################################################
 {
-  return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
+    return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
 } # function kses_normalize_entities2
 
 
@@ -546,11 +546,11 @@ 
 # URL protocol whitelisting system anyway.
 ###############################################################################
 {
-  $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
-  $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))',
-                         $string);
+    $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
+    $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))',
+                            $string);
 
-  return $string;
+    return $string;
 } # function kses_decode_entities
 
 ?>

main/inc/lib/kses-0.2.2/kses.php

Indentation +6 added lines, -6 removed lines

@@ -97,8 +97,8 @@ 
  * @return string
  */
 function kses($string, $allowed_html, $allowed_protocols =
-               array('http', 'https', 'ftp', 'news', 'nntp', 'telnet',
-                     'gopher', 'mailto'))
+                array('http', 'https', 'ftp', 'news', 'nntp', 'telnet',
+                        'gopher', 'mailto'))
 {
     $string = kses_no_null($string);
     $string = kses_js_entities($string);
@@ -218,7 +218,7 @@ 
     // No attributes are allowed for closing elements
 
     return kses_attr("$slash$elem", $attrlist, $allowed_html,
-                   $allowed_protocols);
+                    $allowed_protocols);
 }
 
 /**
@@ -261,11 +261,11 @@ 
     foreach ($attrarr as $arreach)
     {
         if (!@isset($allowed_html[strtolower($element)]
-                              [strtolower($arreach['name'])]))
+                                [strtolower($arreach['name'])]))
             continue; // the attribute is not allowed
 
         $current = $allowed_html[strtolower($element)]
-                              [strtolower($arreach['name'])];
+                                [strtolower($arreach['name'])];
         if ($current == '')
             continue; // the attribute is not allowed
 
@@ -279,7 +279,7 @@ 
             $ok = true;
             foreach ($current as $currkey => $currval)
                 if (!kses_check_attr_val($arreach['value'], $arreach['vless'],
-                                 $currkey, $currval))
+                                    $currkey, $currval))
                 { $ok = false; break; }
 
             if ( strtolower($arreach['name']) == 'style' ) {

main/inc/lib/kses-0.2.2/oop/php5.class.kses.php

Indentation +1140 added lines, -1140 removed lines

@@ -1,6 +1,6 @@ 
 <?php
 
-	/*
+    /*
 	 * ==========================================================================================
 	 *
 	 * This program is free software and open source software; you can redistribute
@@ -21,1146 +21,1146 @@ 
 	 * ==========================================================================================
 	 */
 
-	/**
-	*	Class file for PHP5 OOP version of kses
-	*
-	*	This is an updated version of kses to work with PHP5 that works under E_STRICT.
-	*
-	*	This version is a bit of a rewrite to match my own coding style and use some of the
-	*	capabilities allowed in PHP5.  Since this was a significant rewrite, but it still
-	*	maintains backward compatibility syntax-wise, the version number is now 1.0.0.  Any
-	*	minor changes that do not break compatibility will be indicated in the second or third
-	*	digits.  Anything that breaks compatibility will change the major version number.
-	*
-	*	PHP5 specific changes:
-	*	+ Private methods are now in place
-	*	+ __construct() is now used rather then the standard class name 'kses()'
-	*	+ Kses will not load in any version less that PHP5
-	*	Other modifications:
-	*	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
-	*	+ Method names have been changed to reflect status as verbs
-	*	+ One line methods have been folded into the code
-	*	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
-	*	+ Kses5 now works in E_STRICT
-	*	+ Version number is 1.0.0 to reflect serious code changes
-	*	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols()
-	*	+ Deprecated _hook(), Protocols()
-	*
-	*	@package    kses
-	*	@subpackage kses5
-	*/
-
-	if(substr(phpversion(), 0, 1) < 5)
-	{
-		die("Class kses requires PHP 5 or higher.");
-	}
-
-	/**
-	*	Only install KSES5 once
-	*/
-	if(!defined('KSES_CLASS_PHP5'))
-	{
-		define('KSES_CLASS_PHP5', true);
-
-	/**
-	*	Kses strips evil scripts!
-	*
-	*	This class provides the capability for removing unwanted HTML/XHTML, attributes from
-	*	tags, and protocols contained in links.  The net result is a much more powerful tool
-	*	than the PHP internal strip_tags()
-	*
-	*	This is a fork of a slick piece of procedural code called 'kses' written by Ulf Harnhammar.
-	*
-	*	The original class for PHP4 was basically a wrapper around all of the functions in
-	*	the procedural code written by Ulf, and was released 7/25/2003.
-	*
-	*	This version is a bit of a rewrite to match my own coding style and use some of the
-	*	capabilities allowed in PHP5.  Since this was a significant rewrite, but it still
-	*	maintains backward compatibility syntax-wise, the version number is now 1.0.0.  Any
-	*	minor changes that do not break compatibility will be indicated in the second or third
-	*	digits.  Anything that breaks compatibility will change the major version number.
-	*
-	*	PHP5 specific changes:
-	*	+ Private methods are now in place
-	*	+ __construct() is now used rather then the standard class name 'kses()'
-	*	+ Kses5 will not load in any version less that PHP5
-	*	Other modifications:
-	*	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
-	*	+ Method names have been changed to reflect status as verbs
-	*	+ One line methods have been folded into the code
-	*	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
-	*	+ Kses now works in E_STRICT
-	*	+ Initial Version number set to 1.0.0 to reflect serious code changes
-	*	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols()
-	*	+ Deprecated _hook(), Protocols()
-	*	+ Integrated code from kses 0.2.2 into class.
-	*	+ Added methods DumpProtocols(), DumpMethods()
-	*
-	*	@author     Richard R. V�squez, Jr. (Original procedural code by Ulf H�rnhammar)
-	*	@link       http://sourceforge.net/projects/kses/ Home Page for Kses
-	*	@link       http://chaos.org/contact/ Contact page with current email address for Richard Vasquez
-	*	@copyright  Richard R. V�squez, Jr. 2005
-	*	@version    PHP5 OOP 1.0.2
-	*	@license    http://www.gnu.org/licenses/gpl.html GNU Public License
-	*	@package    kses
-	*/
-		class kses5
-		{
-			/**#@+
+    /**
+     *	Class file for PHP5 OOP version of kses
+     *
+     *	This is an updated version of kses to work with PHP5 that works under E_STRICT.
+     *
+     *	This version is a bit of a rewrite to match my own coding style and use some of the
+     *	capabilities allowed in PHP5.  Since this was a significant rewrite, but it still
+     *	maintains backward compatibility syntax-wise, the version number is now 1.0.0.  Any
+     *	minor changes that do not break compatibility will be indicated in the second or third
+     *	digits.  Anything that breaks compatibility will change the major version number.
+     *
+     *	PHP5 specific changes:
+     *	+ Private methods are now in place
+     *	+ __construct() is now used rather then the standard class name 'kses()'
+     *	+ Kses will not load in any version less that PHP5
+     *	Other modifications:
+     *	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
+     *	+ Method names have been changed to reflect status as verbs
+     *	+ One line methods have been folded into the code
+     *	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
+     *	+ Kses5 now works in E_STRICT
+     *	+ Version number is 1.0.0 to reflect serious code changes
+     *	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols()
+     *	+ Deprecated _hook(), Protocols()
+     *
+     *	@package    kses
+     *	@subpackage kses5
+     */
+
+    if(substr(phpversion(), 0, 1) < 5)
+    {
+        die("Class kses requires PHP 5 or higher.");
+    }
+
+    /**
+     *	Only install KSES5 once
+     */
+    if(!defined('KSES_CLASS_PHP5'))
+    {
+        define('KSES_CLASS_PHP5', true);
+
+    /**
+     *	Kses strips evil scripts!
+     *
+     *	This class provides the capability for removing unwanted HTML/XHTML, attributes from
+     *	tags, and protocols contained in links.  The net result is a much more powerful tool
+     *	than the PHP internal strip_tags()
+     *
+     *	This is a fork of a slick piece of procedural code called 'kses' written by Ulf Harnhammar.
+     *
+     *	The original class for PHP4 was basically a wrapper around all of the functions in
+     *	the procedural code written by Ulf, and was released 7/25/2003.
+     *
+     *	This version is a bit of a rewrite to match my own coding style and use some of the
+     *	capabilities allowed in PHP5.  Since this was a significant rewrite, but it still
+     *	maintains backward compatibility syntax-wise, the version number is now 1.0.0.  Any
+     *	minor changes that do not break compatibility will be indicated in the second or third
+     *	digits.  Anything that breaks compatibility will change the major version number.
+     *
+     *	PHP5 specific changes:
+     *	+ Private methods are now in place
+     *	+ __construct() is now used rather then the standard class name 'kses()'
+     *	+ Kses5 will not load in any version less that PHP5
+     *	Other modifications:
+     *	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
+     *	+ Method names have been changed to reflect status as verbs
+     *	+ One line methods have been folded into the code
+     *	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
+     *	+ Kses now works in E_STRICT
+     *	+ Initial Version number set to 1.0.0 to reflect serious code changes
+     *	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols()
+     *	+ Deprecated _hook(), Protocols()
+     *	+ Integrated code from kses 0.2.2 into class.
+     *	+ Added methods DumpProtocols(), DumpMethods()
+     *
+     *	@author     Richard R. V�squez, Jr. (Original procedural code by Ulf H�rnhammar)
+     *	@link       http://sourceforge.net/projects/kses/ Home Page for Kses
+     *	@link       http://chaos.org/contact/ Contact page with current email address for Richard Vasquez
+     *	@copyright  Richard R. V�squez, Jr. 2005
+     *	@version    PHP5 OOP 1.0.2
+     *	@license    http://www.gnu.org/licenses/gpl.html GNU Public License
+     *	@package    kses
+     */
+        class kses5
+        {
+            /**#@+
 			 *	@access private
 			 *	@var array
 			 */
-			private $allowed_protocols;
-			private $allowed_html;
-			/**#@-*/
-
-			/**
-			 *	Constructor for kses.
-			 *
-			 *	This sets a default collection of protocols allowed in links, and creates an
-			 *	empty set of allowed HTML tags.
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			public function __construct()
-			{
-				/**
-				 *	You could add protocols such as ftp, new, gopher, mailto, irc, etc.
-				 *
-				 *	The base values the original kses provided were:
-				 *		'http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto'
-				 */
-				$this->allowed_protocols = array('http', 'ftp', 'mailto');
-				$this->allowed_html      = array();
-			}
-
-			/**
-			 *	Basic task of kses - parses $string and strips it as required.
-			 *
-			 *	This method strips all the disallowed (X)HTML tags, attributes
-			 *	and protocols from the input $string.
-			 *
-			 *	@access public
-			 *	@param string $string String to be stripped of 'evil scripts'
-			 *	@return string The stripped string
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			public function Parse($string = "")
-			{
-				if (get_magic_quotes_gpc())
-				{
-					$string = stripslashes($string);
-				}
-				$string = $this->removeNulls($string);
-				//	Remove JavaScript entities from early Netscape 4 versions
-				$string = preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
-				$string = $this->normalizeEntities($string);
-				$string = $this->filterKsesTextHook($string);
-				$string = preg_replace('%(<' . '[^>]*' . '(>|$)' . '|>)%e', "\$this->stripTags('\\1')", $string);
-				return $string;
-			}
-
-			/**
-			 *	Allows for single/batch addition of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	The argument will be processed, and each string will be added
-			 *	via AddProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be added to the internal list of allowed protocols.
-			 *	@return bool Status of adding valid protocols.
-			 *	@see AddProtocol()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			public function AddProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses5::AddProtocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					foreach($protocol_data as $protocol)
-					{
-						$this->AddProtocol($protocol);
-					}
-					return true;
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->AddProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses5::AddProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	Allows for single/batch addition of protocols
-			 *
-			 *	@deprecated Use AddProtocols()
-			 *	@see AddProtocols()
-			 *	@return bool
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			public function Protocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses5::Protocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				return $this->AddProtocols(func_get_arg(0));
-			}
-
-			/**
-			 *	Adds a single protocol to $this->allowed_protocols.
-			 *
-			 *	This method accepts a string argument and adds it to
-			 *	the list of allowed protocols to keep when performing
-			 *	Parse().
-			 *
-			 *	@access public
-			 *	@param string $protocol The name of the protocol to be added.
-			 *	@return bool Status of adding valid protocol.
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			public function AddProtocol($protocol = "")
-			{
-				if(!is_string($protocol))
-				{
-					trigger_error("kses5::AddProtocol() requires a string.", E_USER_WARNING);
-					return false;
-				}
-
-				// Remove any inadvertent ':' at the end of the protocol.
-				if(substr($protocol, strlen($protocol) - 1, 1) == ":")
-				{
-					$protocol = substr($protocol, 0, strlen($protocol) - 1);
-				}
-
-				$protocol = strtolower(trim($protocol));
-				if($protocol == "")
-				{
-					trigger_error("kses5::AddProtocol() tried to add an empty/NULL protocol.", E_USER_WARNING);
-					return false;
-				}
-
-				//	prevent duplicate protocols from being added.
-				if(!in_array($protocol, $this->allowed_protocols))
-				{
-					array_push($this->allowed_protocols, $protocol);
-					sort($this->allowed_protocols);
-				}
-				return true;
-			}
-
-			/**
-			 *	Removes a single protocol from $this->allowed_protocols.
-			 *
-			 *	This method accepts a string argument and removes it from
-			 *	the list of allowed protocols to keep when performing
-			 *	Parse().
-			 *
-			 *	@access public
-			 *	@param string $protocol The name of the protocol to be removed.
-			 *	@return bool Status of removing valid protocol.
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			public function RemoveProtocol($protocol = "")
-			{
-				if(!is_string($protocol))
-				{
-					trigger_error("kses5::RemoveProtocol() requires a string.", E_USER_WARNING);
-					return false;
-				}
-
-				// Remove any inadvertent ':' at the end of the protocol.
-				if(substr($protocol, strlen($protocol) - 1, 1) == ":")
-				{
-					$protocol = substr($protocol, 0, strlen($protocol) - 1);
-				}
-
-				$protocol = strtolower(trim($protocol));
-				if($protocol == "")
-				{
-					trigger_error("kses5::RemoveProtocol() tried to remove an empty/NULL protocol.", E_USER_WARNING);
-					return false;
-				}
-
-				//	Ensures that the protocol exists before removing it.
-				if(in_array($protocol, $this->allowed_protocols))
-				{
-					$this->allowed_protocols = array_diff($this->allowed_protocols, array($protocol));
-					sort($this->allowed_protocols);
-				}
-
-				return true;
-			}
-
-			/**
-			 *	Allows for single/batch removal of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	The argument will be processed, and each string will be removed
-			 *	via RemoveProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be removed from the internal list of allowed protocols.
-			 *	@return bool Status of removing valid protocols.
-			 *	@see RemoveProtocol()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			public function RemoveProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					foreach($protocol_data as $protocol)
-					{
-						$this->RemoveProtocol($protocol);
-					}
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->RemoveProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses5::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	Allows for single/batch replacement of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	Existing protocols will be removed, then the argument will be
-			 *	processed, and each string will be added via AddProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be the new internal list of allowed protocols.
-			 *	@return bool Status of replacing valid protocols.
-			 *	@since PHP5 OOP 1.0.1
-			 *	@see AddProtocol()
-			 */
-			public function SetProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses5::SetProtocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					$this->allowed_protocols = array();
-					foreach($protocol_data as $protocol)
-					{
-						$this->AddProtocol($protocol);
-					}
-					return true;
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->allowed_protocols = array();
-					$this->AddProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses5::SetProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	Raw dump of allowed protocols
-			 *
-			 *	This returns an indexed array of allowed protocols for a particular KSES
-			 *	instantiation.
-			 *
-			 *	@access public
-			 *	@return array The list of allowed protocols.
-			 *	@since PHP5 OOP 1.0.2
-			 */
-			public function DumpProtocols()
-			{
-				return $this->allowed_protocols;
-			}
-
-			/**
-			 *	Raw dump of allowed (X)HTML elements
-			 *
-			 *	This returns an indexed array of allowed (X)HTML elements and attributes
-			 *	for a particular KSES instantiation.
-			 *
-			 *	@access public
-			 *	@return array The list of allowed elements.
-			 *	@since PHP5 OOP 1.0.2
-			 */
-			public function DumpElements()
-			{
-				return $this->allowed_html;
-			}
-
-
-			/**
-			 *	Adds valid (X)HTML with corresponding attributes that will be kept when stripping 'evil scripts'.
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	@access public
-			 *	@param string $tag (X)HTML tag that will be allowed after stripping text.
-			 *	@param array $attribs Associative array of allowed attributes - key => attribute name - value => attribute parameter
-			 *	@return bool Status of Adding (X)HTML and attributes.
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			public function AddHTML($tag = "", $attribs = array())
-			{
-				if(!is_string($tag))
-				{
-					trigger_error("kses5::AddHTML() requires the tag to be a string", E_USER_WARNING);
-					return false;
-				}
-
-				$tag = strtolower(trim($tag));
-				if($tag == "")
-				{
-					trigger_error("kses5::AddHTML() tried to add an empty/NULL tag", E_USER_WARNING);
-					return false;
-				}
-
-				if(!is_array($attribs))
-				{
-					trigger_error("kses5::AddHTML() requires an array (even an empty one) of attributes for '$tag'", E_USER_WARNING);
-					return false;
-				}
-
-				$new_attribs = array();
-				if(is_array($attribs) && count($attribs) > 0)
-				{
-					foreach($attribs as $idx1 => $val1)
-					{
-						$new_idx1 = strtolower($idx1);
-						$new_val1 = $attribs[$idx1];
-
-						if(is_array($new_val1) && count($attribs) > 0)
-						{
-							$tmp_val = array();
-							foreach($new_val1 as $idx2 => $val2)
-							{
-								$new_idx2 = strtolower($idx2);
-								$tmp_val[$new_idx2] = $val2;
-							}
-							$new_val1 = $tmp_val;
-						}
-
-						$new_attribs[$new_idx1] = $new_val1;
-					}
-				}
-
-				$this->allowed_html[$tag] = $new_attribs;
-				return true;
-			}
-
-			/**
-			 *	This method removes any NULL characters in $string.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string String without any NULL/chr(173)
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function removeNulls($string)
-			{
-				$string = preg_replace('/\0+/', '', $string);
-				$string = preg_replace('/(\\\\0)+/', '', $string);
-				return $string;
-			}
-
-			/**
-			 *	Normalizes HTML entities
-			 *
-			 *	This function normalizes HTML entities. It will convert "AT&T" to the correct
-			 *	"AT&amp;T", "&#00058;" to "&#58;", "&#XYZZY;" to "&amp;#XYZZY;" and so on.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string String with normalized entities
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function normalizeEntities($string)
-			{
-				# Disarm all entities by converting & to &amp;
-				$string = str_replace('&', '&amp;', $string);
-
-				#	TODO: Change back (Keep?) the allowed entities in our entity white list
-
-				#	Keeps entities that start with [A-Za-z]
-				$string = preg_replace(
-					'/&amp;([A-Za-z][A-Za-z0-9]{0,19});/',
-					'&\\1;',
-					$string
-				);
-
-				#	Change numeric entities to valid 16 bit values
-
-				$string = preg_replace(
-					'/&amp;#0*([0-9]{1,5});/e',
-					'\$this->normalizeEntities16bit("\\1")',
-					$string
-				);
-
-				#	Change &XHHHHHHH (Hex digits) to 16 bit hex values
-				$string = preg_replace(
-					'/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/',
-					'&#\\1\\2;',
-					$string
-				);
-
-				return $string;
-			}
-
-			/**
-			 *	Helper method used by normalizeEntites()
-			 *
-			 *	This method helps normalizeEntities() to only accept 16 bit values
-			 *	and nothing more for &#number; entities.
-			 *
-			 *	This method helps normalize_entities() during a preg_replace()
-			 *	where a &#(0)*XXXXX; occurs.  The '(0)*XXXXXX' value is converted to
-			 *	a number and the result is returned as a numeric entity if the number
-			 *	is less than 65536.  Otherwise, the value is returned 'as is'.
-			 *
-			 *	@access private
-			 *	@param string $i
-			 *	@return string Normalized numeric entity
-			 *	@see normalizeEntities()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function normalizeEntities16bit($i)
-			{
-			  return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
-			}
-
-			/**
-			 *	Allows for additional user defined modifications to text.
-			 *
-			 *	This method allows for additional modifications to be performed on
-			 *	a string that's being run through Parse().  Currently, it returns the
-			 *	input string 'as is'.
-			 *
-			 *	This method is provided for users to extend the kses class for their own
-			 *	requirements.
-			 *
-			 *	@access public
-			 *	@param string $string String to perfrom additional modifications on.
-			 *	@return string User modified string.
-			 *	@see Parse()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			private function filterKsesTextHook($string)
-			{
-			  return $string;
-			}
-
-			/**
-			 *	Allows for additional user defined modifications to text.
-			 *
-			 *	@deprecated use filterKsesTextHook()
-			 *	@param string $string
-			 *	@return string
-			 *	@see filterKsesTextHook()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function _hook($string)
-			{
-				return $this->filterKsesTextHook($string);
-			}
-
-			/**
-			 *	This method goes through an array, and changes the keys to all lower case.
-			 *
-			 *	@access private
-			 *	@param array $in_array Associative array
-			 *	@return array Modified array
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function makeArrayKeysLowerCase($in_array)
-			{
-				$out_array = array();
-
-				if(is_array($in_array) && count($in_array) > 0)
-				{
-					foreach ($in_array as $in_key => $in_val)
-					{
-						$out_key = strtolower($in_key);
-						$out_array[$out_key] = array();
-
-						if(is_array($in_val) && count($in_val) > 0)
-						{
-							foreach ($in_val as $in_key2 => $in_val2)
-							{
-								$out_key2 = strtolower($in_key2);
-								$out_array[$out_key][$out_key2] = $in_val2;
-							}
-						}
-					}
-				}
-
-				return $out_array;
-			}
-
-			/**
-			 *	This method strips out disallowed and/or mangled (X)HTML tags along with assigned attributes.
-			 *
-			 *	This method does a lot of work. It rejects some very malformed things
-			 *	like <:::>. It returns an empty string if the element isn't allowed (look
-			 *	ma, no strip_tags()!). Otherwise it splits the tag into an element and an
-			 *	allowed attribute list.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string Modified string minus disallowed/mangled (X)HTML and attributes
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function stripTags($string)
-			{
-				$string = preg_replace('%\\\\"%', '"', $string);
-
-				if (substr($string, 0, 1) != '<')
-				{
-					# It matched a ">" character
-					return '&gt;';
-				}
-
-				if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
-				{
-					# It's seriously malformed
-					return '';
-				}
-
-				$slash    = trim($matches[1]);
-				$elem     = $matches[2];
-				$attrlist = $matches[3];
-
-				if (
-					!isset($this->allowed_html[strtolower($elem)]) ||
-					!is_array($this->allowed_html[strtolower($elem)]))
-				{
-					#	Found an HTML element not in the white list
-					return '';
-				}
-
-				if ($slash != '')
-				{
-					return "<$slash$elem>";
-				}
-				# No attributes are allowed for closing elements
-
-				return $this->stripAttributes("$slash$elem", $attrlist);
-			}
-
-			/**
-			 *	This method strips out disallowed attributes for (X)HTML tags.
-			 *
-			 *	This method removes all attributes if none are allowed for this element.
-			 *	If some are allowed it calls combAttributes() to split them further, and then it
-			 *	builds up new HTML code from the data that combAttributes() returns. It also
-			 *	removes "<" and ">" characters, if there are any left. One more thing it
-			 *	does is to check if the tag has a closing XHTML slash, and if it does,
-			 *	it puts one in the returned code as well.
-			 *
-			 *	@access private
-			 *	@param string $element (X)HTML tag to check
-			 *	@param string $attr Text containing attributes to check for validity.
-			 *	@return string Resulting valid (X)HTML or ''
-			 *	@see combAttributes()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function stripAttributes($element, $attr)
-			{
-				# Is there a closing XHTML slash at the end of the attributes?
-				$xhtml_slash = '';
-				if (preg_match('%\s/\s*$%', $attr))
-				{
-					$xhtml_slash = ' /';
-				}
-
-				# Are any attributes allowed at all for this element?
-				if (
-					!isset($this->allowed_html[strtolower($element)]) ||
-					count($this->allowed_html[strtolower($element)]) == 0
-				)
-				{
-					return "<$element$xhtml_slash>";
-				}
-
-				# Split it
-				$attrarr = $this->combAttributes($attr);
-
-				# Go through $attrarr, and save the allowed attributes for this element
-				# in $attr2
-				$attr2 = '';
-				if(is_array($attrarr) && count($attrarr) > 0)
-				{
-					foreach ($attrarr as $arreach)
-					{
-						if(!isset($this->allowed_html[strtolower($element)][strtolower($arreach['name'])]))
-						{
-							continue;
-						}
-
-						$current = $this->allowed_html[strtolower($element)][strtolower($arreach['name'])];
-
-						if (!is_array($current))
-						{
-							# there are no checks
-							$attr2 .= ' '.$arreach['whole'];
-						}
-						else
-						{
-							# there are some checks
-							$ok = true;
-							if(is_array($current) && count($current) > 0)
-							{
-								foreach ($current as $currkey => $currval)
-								{
-									if (!$this->checkAttributeValue($arreach['value'], $arreach['vless'], $currkey, $currval))
-									{
-										$ok = false;
-										break;
-									}
-								}
-							}
-
-							if ($ok)
-							{
-								# it passed them
-								$attr2 .= ' '.$arreach['whole'];
-							}
-						}
-					}
-				}
-
-				# Remove any "<" or ">" characters
-				$attr2 = preg_replace('/[<>]/', '', $attr2);
-				return "<$element$attr2$xhtml_slash>";
-			}
-
-			/**
-			 *	This method combs through an attribute list string and returns an associative array of attributes and values.
-			 *
-			 *	This method does a lot of work. It parses an attribute list into an array
-			 *	with attribute data, and tries to do the right thing even if it gets weird
-			 *	input. It will add quotes around attribute values that don't have any quotes
-			 *	or apostrophes around them, to make it easier to produce HTML code that will
-			 *	conform to W3C's HTML specification. It will also remove bad URL protocols
-			 *	from attribute values.
-			 *
-			 *	@access private
-			 *	@param string $attr Text containing tag attributes for parsing
-			 *	@return array Associative array containing data on attribute and value
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function combAttributes($attr)
-			{
-				$attrarr  = array();
-				$mode     = 0;
-				$attrname = '';
-
-				# Loop through the whole attribute list
-
-				while (strlen($attr) != 0)
-				{
-					# Was the last operation successful?
-					$working = 0;
-
-					switch ($mode)
-					{
-						case 0:	# attribute name, href for instance
-							if (preg_match('/^([-a-zA-Z]+)/', $attr, $match))
-							{
-								$attrname = $match[1];
-								$working = $mode = 1;
-								$attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
-							}
-							break;
-						case 1:	# equals sign or valueless ("selected")
-							if (preg_match('/^\s*=\s*/', $attr)) # equals sign
-							{
-								$working = 1;
-								$mode    = 2;
-								$attr    = preg_replace('/^\s*=\s*/', '', $attr);
-								break;
-							}
-							if (preg_match('/^\s+/', $attr)) # valueless
-							{
-								$working   = 1;
-								$mode      = 0;
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => '',
-									'whole' => $attrname,
-									'vless' => 'y'
-								);
-								$attr      = preg_replace('/^\s+/', '', $attr);
-							}
-							break;
-						case 2: # attribute value, a URL after href= for instance
-							if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value"
-							{
-								$thisval   = $this->removeBadProtocols($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => $attrname . '="' . $thisval . '"',
-									'vless' => 'n'
-								);
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
-								break;
-							}
-							if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value'
-							{
-								$thisval   = $this->removeBadProtocols($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => "$attrname='$thisval'",
-									'vless' => 'n'
-								);
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
-								break;
-							}
-							if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value
-							{
-								$thisval   = $this->removeBadProtocols($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => $attrname . '="' . $thisval . '"',
-									'vless' => 'n'
-								);
-								# We add quotes to conform to W3C's HTML spec.
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr);
-							}
-							break;
-					}
-
-					if ($working == 0) # not well formed, remove and try again
-					{
-						$attr = preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $attr);
-						$mode = 0;
-					}
-				}
-
-				# special case, for when the attribute list ends with a valueless
-				# attribute like "selected"
-				if ($mode == 1)
-				{
-					$attrarr[] = array(
-						'name'  => $attrname,
-						'value' => '',
-						'whole' => $attrname,
-						'vless' => 'y'
-					);
-				}
-
-				return $attrarr;
-			}
-
-			/**
-			 *	This method removes disallowed protocols.
-			 *
-			 *	This method removes all non-allowed protocols from the beginning of
-			 *	$string. It ignores whitespace and the case of the letters, and it does
-			 *	understand HTML entities. It does its work in a while loop, so it won't be
-			 *	fooled by a string like "javascript:javascript:alert(57)".
-			 *
-			 *	@access private
-			 *	@param string $string String to check for protocols
-			 *	@return string String with removed protocols
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function removeBadProtocols($string)
-			{
-				$string  = $this->RemoveNulls($string);
-				$string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
-				$string2 = $string . 'a';
-
-				$string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
-				if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
-				{
-					$string = $this->filterProtocols($string2[0]).trim($string2[1]);
-				}
-				return $string;
-			}
-
-			/**
-			 *	Helper method used by removeBadProtocols()
-			 *
-			 *	This function processes URL protocols, checks to see if they're in the white-
-			 *	list or not, and returns different data depending on the answer.
-			 *
-			 *	@access private
-			 *	@param string $string String to check for protocols
-			 *	@return string String with removed protocols
-			 *	@see removeBadProtocols()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function filterProtocols($string)
-			{
-				$string = $this->decodeEntities($string);
-				$string = preg_replace('/\s/', '', $string);
-				$string = $this->removeNulls($string);
-				$string = preg_replace('/\xad+/', '', $string2); # deals with Opera "feature"
-				$string = strtolower($string);
-
-				if(is_array($this->allowed_protocols) && count($this->allowed_protocols) > 0)
-				{
-					foreach ($this->allowed_protocols as $one_protocol)
-					{
-						if (strtolower($one_protocol) == $string)
-						{
-							return "$string:";
-						}
-					}
-				}
-
-				return '';
-			}
-
-			/**
-			 *	Controller method for performing checks on attribute values.
-			 *
-			 *	This method calls the appropriate method as specified by $checkname with
-			 *	the parameters $value, $vless, and $checkvalue, and returns the result
-			 *	of the call.
-			 *
-			 *	This method's functionality can be expanded by creating new methods
-			 *	that would match checkAttributeValue[$checkname].
-			 *
-			 *	Current checks implemented are: "maxlen", "minlen", "maxval", "minval" and "valueless"
-			 *
-			 *	@access private
-			 *	@param string $value The value of the attribute to be checked.
-			 *	@param string $vless Indicates whether the the value is supposed to be valueless
-			 *	@param string $checkname The check to be performed
-			 *	@param string $checkvalue The value that is to be checked against
-			 *	@return bool Indicates whether the check passed or not
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			private function checkAttributeValue($value, $vless, $checkname, $checkvalue)
-			{
-				$ok = true;
-				$check_attribute_method_name  = 'checkAttributeValue' . ucfirst(strtolower($checkname));
-				if(method_exists($this, $check_attribute_method_name))
-				{
-					$ok = $this->$check_attribute_method_name($value, $checkvalue, $vless);
-				}
-
-				return $ok;
-			}
-
-			/**
-			 *	Helper method invoked by checkAttributeValue().
-			 *
-			 *	The maxlen check makes sure that the attribute value has a length not
-			 *	greater than the given value. This can be used to avoid Buffer Overflows
-			 *	in WWW clients and various Internet servers.
-			 *
-			 *	@access private
-			 *	@param string $value The value of the attribute to be checked.
-			 *	@param int $checkvalue The maximum value allowed
-			 *	@return bool Indicates whether the check passed or not
-			 *	@see checkAttributeValue()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			private function checkAttributeValueMaxlen($value, $checkvalue)
-			{
-				if (strlen($value) > intval($checkvalue))
-				{
-					return false;
-				}
-				return true;
-			}
-
-			/**
-			 *	Helper method invoked by checkAttributeValue().
-			 *
-			 *	The minlen check makes sure that the attribute value has a length not
-			 *	smaller than the given value.
-			 *
-			 *	@access private
-			 *	@param string $value The value of the attribute to be checked.
-			 *	@param int $checkvalue The minimum value allowed
-			 *	@return bool Indicates whether the check passed or not
-			 *	@see checkAttributeValue()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			private function checkAttributeValueMinlen($value, $checkvalue)
-			{
-				if (strlen($value) < intval($checkvalue))
-				{
-					return false;
-				}
-				return true;
-			}
-
-			/**
-			 *	Helper method invoked by checkAttributeValue().
-			 *
-			 *	The maxval check does two things: it checks that the attribute value is
-			 *	an integer from 0 and up, without an excessive amount of zeroes or
-			 *	whitespace (to avoid Buffer Overflows). It also checks that the attribute
-			 *	value is not greater than the given value.
-			 *
-			 *	This check can be used to avoid Denial of Service attacks.
-			 *
-			 *	@access private
-			 *	@param int $value The value of the attribute to be checked.
-			 *	@param int $checkvalue The maximum numeric value allowed
-			 *	@return bool Indicates whether the check passed or not
-			 *	@see checkAttributeValue()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			private function checkAttributeValueMaxval($value, $checkvalue)
-			{
-				if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
-				{
-					return false;
-				}
-				if (intval($value) > intval($checkvalue))
-				{
-					return false;
-				}
-				return true;
-			}
-
-			/**
-			 *	Helper method invoked by checkAttributeValue().
-			 *
-			 *	The minval check checks that the attribute value is a positive integer,
-			 *	and that it is not smaller than the given value.
-			 *
-			 *	@access private
-			 *	@param int $value The value of the attribute to be checked.
-			 *	@param int $checkvalue The minimum numeric value allowed
-			 *	@return bool Indicates whether the check passed or not
-			 *	@see checkAttributeValue()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			private function checkAttributeValueMinval($value, $checkvalue)
-			{
-				if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
-				{
-					return false;
-				}
-				if (intval($value) < ($checkvalue))
-				{
-					return false;
-				}
-				return true;
-			}
-
-			/**
-			 *	Helper method invoked by checkAttributeValue().
-			 *
-			 *	The valueless check checks if the attribute has a value
-			 *	(like <a href="blah">) or not (<option selected>). If the given value
-			 *	is a "y" or a "Y", the attribute must not have a value.
-			 *
-			 *	If the given value is an "n" or an "N", the attribute must have one.
-			 *
-			 *	@access private
-			 *	@param int $value The value of the attribute to be checked.
-			 *	@param mixed $checkvalue This variable is ignored for this test
-			 *	@param string $vless Flag indicating if this attribute is not supposed to have an attribute
-			 *	@return bool Indicates whether the check passed or not
-			 *	@see checkAttributeValue()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			private function checkAttributeValueValueless($value, $checkvalue, $vless)
-			{
-				if (strtolower($checkvalue) != $vless)
-				{
-					return false;
-				}
-				return true;
-			}
-
-			/**
-			 *	Decodes numeric HTML entities
-			 *
-			 *	This method decodes numeric HTML entities (&#65; and &#x41;). It doesn't
-			 *	do anything with other entities like &auml;, but we don't need them in the
-			 *	URL protocol white listing system anyway.
-			 *
-			 *	@access private
-			 *	@param string $value The entitiy to be decoded.
-			 *	@return string Decoded entity
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			private function decodeEntities($string)
-			{
-				$string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
-				$string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string);
-				return $string;
-			}
-
-			/**
-			 *	Returns PHP5 OOP version # of kses.
-			 *
-			 *	Since this class has been refactored and documented and proven to work,
-			 *	I'm fixing the version number at 1.0.0.
-			 *
-			 *	This version is syntax compatible with the PHP4 OOP version 0.0.2.  Future
-			 *	versions may not be syntax compatible.
-			 *
-			 *	@access public
-			 *	@return string Version number
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			public function Version()
-			{
-				return 'PHP5 OOP 1.0.2';
-			}
-		}
-	}
+            private $allowed_protocols;
+            private $allowed_html;
+            /**#@-*/
+
+            /**
+             *	Constructor for kses.
+             *
+             *	This sets a default collection of protocols allowed in links, and creates an
+             *	empty set of allowed HTML tags.
+             *	@since PHP5 OOP 1.0.0
+             */
+            public function __construct()
+            {
+                /**
+                 *	You could add protocols such as ftp, new, gopher, mailto, irc, etc.
+                 *
+                 *	The base values the original kses provided were:
+                 *		'http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto'
+                 */
+                $this->allowed_protocols = array('http', 'ftp', 'mailto');
+                $this->allowed_html      = array();
+            }
+
+            /**
+             *	Basic task of kses - parses $string and strips it as required.
+             *
+             *	This method strips all the disallowed (X)HTML tags, attributes
+             *	and protocols from the input $string.
+             *
+             *	@access public
+             *	@param string $string String to be stripped of 'evil scripts'
+             *	@return string The stripped string
+             *	@since PHP4 OOP 0.0.1
+             */
+            public function Parse($string = "")
+            {
+                if (get_magic_quotes_gpc())
+                {
+                    $string = stripslashes($string);
+                }
+                $string = $this->removeNulls($string);
+                //	Remove JavaScript entities from early Netscape 4 versions
+                $string = preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
+                $string = $this->normalizeEntities($string);
+                $string = $this->filterKsesTextHook($string);
+                $string = preg_replace('%(<' . '[^>]*' . '(>|$)' . '|>)%e', "\$this->stripTags('\\1')", $string);
+                return $string;
+            }
+
+            /**
+             *	Allows for single/batch addition of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	The argument will be processed, and each string will be added
+             *	via AddProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be added to the internal list of allowed protocols.
+             *	@return bool Status of adding valid protocols.
+             *	@see AddProtocol()
+             *	@since PHP5 OOP 1.0.0
+             */
+            public function AddProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses5::AddProtocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->AddProtocol($protocol);
+                    }
+                    return true;
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->AddProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses5::AddProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	Allows for single/batch addition of protocols
+             *
+             *	@deprecated Use AddProtocols()
+             *	@see AddProtocols()
+             *	@return bool
+             *	@since PHP4 OOP 0.0.1
+             */
+            public function Protocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses5::Protocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                return $this->AddProtocols(func_get_arg(0));
+            }
+
+            /**
+             *	Adds a single protocol to $this->allowed_protocols.
+             *
+             *	This method accepts a string argument and adds it to
+             *	the list of allowed protocols to keep when performing
+             *	Parse().
+             *
+             *	@access public
+             *	@param string $protocol The name of the protocol to be added.
+             *	@return bool Status of adding valid protocol.
+             *	@since PHP4 OOP 0.0.1
+             */
+            public function AddProtocol($protocol = "")
+            {
+                if(!is_string($protocol))
+                {
+                    trigger_error("kses5::AddProtocol() requires a string.", E_USER_WARNING);
+                    return false;
+                }
+
+                // Remove any inadvertent ':' at the end of the protocol.
+                if(substr($protocol, strlen($protocol) - 1, 1) == ":")
+                {
+                    $protocol = substr($protocol, 0, strlen($protocol) - 1);
+                }
+
+                $protocol = strtolower(trim($protocol));
+                if($protocol == "")
+                {
+                    trigger_error("kses5::AddProtocol() tried to add an empty/NULL protocol.", E_USER_WARNING);
+                    return false;
+                }
+
+                //	prevent duplicate protocols from being added.
+                if(!in_array($protocol, $this->allowed_protocols))
+                {
+                    array_push($this->allowed_protocols, $protocol);
+                    sort($this->allowed_protocols);
+                }
+                return true;
+            }
+
+            /**
+             *	Removes a single protocol from $this->allowed_protocols.
+             *
+             *	This method accepts a string argument and removes it from
+             *	the list of allowed protocols to keep when performing
+             *	Parse().
+             *
+             *	@access public
+             *	@param string $protocol The name of the protocol to be removed.
+             *	@return bool Status of removing valid protocol.
+             *	@since PHP5 OOP 1.0.0
+             */
+            public function RemoveProtocol($protocol = "")
+            {
+                if(!is_string($protocol))
+                {
+                    trigger_error("kses5::RemoveProtocol() requires a string.", E_USER_WARNING);
+                    return false;
+                }
+
+                // Remove any inadvertent ':' at the end of the protocol.
+                if(substr($protocol, strlen($protocol) - 1, 1) == ":")
+                {
+                    $protocol = substr($protocol, 0, strlen($protocol) - 1);
+                }
+
+                $protocol = strtolower(trim($protocol));
+                if($protocol == "")
+                {
+                    trigger_error("kses5::RemoveProtocol() tried to remove an empty/NULL protocol.", E_USER_WARNING);
+                    return false;
+                }
+
+                //	Ensures that the protocol exists before removing it.
+                if(in_array($protocol, $this->allowed_protocols))
+                {
+                    $this->allowed_protocols = array_diff($this->allowed_protocols, array($protocol));
+                    sort($this->allowed_protocols);
+                }
+
+                return true;
+            }
+
+            /**
+             *	Allows for single/batch removal of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	The argument will be processed, and each string will be removed
+             *	via RemoveProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be removed from the internal list of allowed protocols.
+             *	@return bool Status of removing valid protocols.
+             *	@see RemoveProtocol()
+             *	@since PHP5 OOP 1.0.0
+             */
+            public function RemoveProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->RemoveProtocol($protocol);
+                    }
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->RemoveProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses5::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	Allows for single/batch replacement of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	Existing protocols will be removed, then the argument will be
+             *	processed, and each string will be added via AddProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be the new internal list of allowed protocols.
+             *	@return bool Status of replacing valid protocols.
+             *	@since PHP5 OOP 1.0.1
+             *	@see AddProtocol()
+             */
+            public function SetProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses5::SetProtocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    $this->allowed_protocols = array();
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->AddProtocol($protocol);
+                    }
+                    return true;
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->allowed_protocols = array();
+                    $this->AddProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses5::SetProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	Raw dump of allowed protocols
+             *
+             *	This returns an indexed array of allowed protocols for a particular KSES
+             *	instantiation.
+             *
+             *	@access public
+             *	@return array The list of allowed protocols.
+             *	@since PHP5 OOP 1.0.2
+             */
+            public function DumpProtocols()
+            {
+                return $this->allowed_protocols;
+            }
+
+            /**
+             *	Raw dump of allowed (X)HTML elements
+             *
+             *	This returns an indexed array of allowed (X)HTML elements and attributes
+             *	for a particular KSES instantiation.
+             *
+             *	@access public
+             *	@return array The list of allowed elements.
+             *	@since PHP5 OOP 1.0.2
+             */
+            public function DumpElements()
+            {
+                return $this->allowed_html;
+            }
+
+
+            /**
+             *	Adds valid (X)HTML with corresponding attributes that will be kept when stripping 'evil scripts'.
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	@access public
+             *	@param string $tag (X)HTML tag that will be allowed after stripping text.
+             *	@param array $attribs Associative array of allowed attributes - key => attribute name - value => attribute parameter
+             *	@return bool Status of Adding (X)HTML and attributes.
+             *	@since PHP4 OOP 0.0.1
+             */
+            public function AddHTML($tag = "", $attribs = array())
+            {
+                if(!is_string($tag))
+                {
+                    trigger_error("kses5::AddHTML() requires the tag to be a string", E_USER_WARNING);
+                    return false;
+                }
+
+                $tag = strtolower(trim($tag));
+                if($tag == "")
+                {
+                    trigger_error("kses5::AddHTML() tried to add an empty/NULL tag", E_USER_WARNING);
+                    return false;
+                }
+
+                if(!is_array($attribs))
+                {
+                    trigger_error("kses5::AddHTML() requires an array (even an empty one) of attributes for '$tag'", E_USER_WARNING);
+                    return false;
+                }
+
+                $new_attribs = array();
+                if(is_array($attribs) && count($attribs) > 0)
+                {
+                    foreach($attribs as $idx1 => $val1)
+                    {
+                        $new_idx1 = strtolower($idx1);
+                        $new_val1 = $attribs[$idx1];
+
+                        if(is_array($new_val1) && count($attribs) > 0)
+                        {
+                            $tmp_val = array();
+                            foreach($new_val1 as $idx2 => $val2)
+                            {
+                                $new_idx2 = strtolower($idx2);
+                                $tmp_val[$new_idx2] = $val2;
+                            }
+                            $new_val1 = $tmp_val;
+                        }
+
+                        $new_attribs[$new_idx1] = $new_val1;
+                    }
+                }
+
+                $this->allowed_html[$tag] = $new_attribs;
+                return true;
+            }
+
+            /**
+             *	This method removes any NULL characters in $string.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string String without any NULL/chr(173)
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function removeNulls($string)
+            {
+                $string = preg_replace('/\0+/', '', $string);
+                $string = preg_replace('/(\\\\0)+/', '', $string);
+                return $string;
+            }
+
+            /**
+             *	Normalizes HTML entities
+             *
+             *	This function normalizes HTML entities. It will convert "AT&T" to the correct
+             *	"AT&amp;T", "&#00058;" to "&#58;", "&#XYZZY;" to "&amp;#XYZZY;" and so on.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string String with normalized entities
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function normalizeEntities($string)
+            {
+                # Disarm all entities by converting & to &amp;
+                $string = str_replace('&', '&amp;', $string);
+
+                #	TODO: Change back (Keep?) the allowed entities in our entity white list
+
+                #	Keeps entities that start with [A-Za-z]
+                $string = preg_replace(
+                    '/&amp;([A-Za-z][A-Za-z0-9]{0,19});/',
+                    '&\\1;',
+                    $string
+                );
+
+                #	Change numeric entities to valid 16 bit values
+
+                $string = preg_replace(
+                    '/&amp;#0*([0-9]{1,5});/e',
+                    '\$this->normalizeEntities16bit("\\1")',
+                    $string
+                );
+
+                #	Change &XHHHHHHH (Hex digits) to 16 bit hex values
+                $string = preg_replace(
+                    '/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/',
+                    '&#\\1\\2;',
+                    $string
+                );
+
+                return $string;
+            }
+
+            /**
+             *	Helper method used by normalizeEntites()
+             *
+             *	This method helps normalizeEntities() to only accept 16 bit values
+             *	and nothing more for &#number; entities.
+             *
+             *	This method helps normalize_entities() during a preg_replace()
+             *	where a &#(0)*XXXXX; occurs.  The '(0)*XXXXXX' value is converted to
+             *	a number and the result is returned as a numeric entity if the number
+             *	is less than 65536.  Otherwise, the value is returned 'as is'.
+             *
+             *	@access private
+             *	@param string $i
+             *	@return string Normalized numeric entity
+             *	@see normalizeEntities()
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function normalizeEntities16bit($i)
+            {
+                return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
+            }
+
+            /**
+             *	Allows for additional user defined modifications to text.
+             *
+             *	This method allows for additional modifications to be performed on
+             *	a string that's being run through Parse().  Currently, it returns the
+             *	input string 'as is'.
+             *
+             *	This method is provided for users to extend the kses class for their own
+             *	requirements.
+             *
+             *	@access public
+             *	@param string $string String to perfrom additional modifications on.
+             *	@return string User modified string.
+             *	@see Parse()
+             *	@since PHP5 OOP 1.0.0
+             */
+            private function filterKsesTextHook($string)
+            {
+                return $string;
+            }
+
+            /**
+             *	Allows for additional user defined modifications to text.
+             *
+             *	@deprecated use filterKsesTextHook()
+             *	@param string $string
+             *	@return string
+             *	@see filterKsesTextHook()
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function _hook($string)
+            {
+                return $this->filterKsesTextHook($string);
+            }
+
+            /**
+             *	This method goes through an array, and changes the keys to all lower case.
+             *
+             *	@access private
+             *	@param array $in_array Associative array
+             *	@return array Modified array
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function makeArrayKeysLowerCase($in_array)
+            {
+                $out_array = array();
+
+                if(is_array($in_array) && count($in_array) > 0)
+                {
+                    foreach ($in_array as $in_key => $in_val)
+                    {
+                        $out_key = strtolower($in_key);
+                        $out_array[$out_key] = array();
+
+                        if(is_array($in_val) && count($in_val) > 0)
+                        {
+                            foreach ($in_val as $in_key2 => $in_val2)
+                            {
+                                $out_key2 = strtolower($in_key2);
+                                $out_array[$out_key][$out_key2] = $in_val2;
+                            }
+                        }
+                    }
+                }
+
+                return $out_array;
+            }
+
+            /**
+             *	This method strips out disallowed and/or mangled (X)HTML tags along with assigned attributes.
+             *
+             *	This method does a lot of work. It rejects some very malformed things
+             *	like <:::>. It returns an empty string if the element isn't allowed (look
+             *	ma, no strip_tags()!). Otherwise it splits the tag into an element and an
+             *	allowed attribute list.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string Modified string minus disallowed/mangled (X)HTML and attributes
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function stripTags($string)
+            {
+                $string = preg_replace('%\\\\"%', '"', $string);
+
+                if (substr($string, 0, 1) != '<')
+                {
+                    # It matched a ">" character
+                    return '&gt;';
+                }
+
+                if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
+                {
+                    # It's seriously malformed
+                    return '';
+                }
+
+                $slash    = trim($matches[1]);
+                $elem     = $matches[2];
+                $attrlist = $matches[3];
+
+                if (
+                    !isset($this->allowed_html[strtolower($elem)]) ||
+                    !is_array($this->allowed_html[strtolower($elem)]))
+                {
+                    #	Found an HTML element not in the white list
+                    return '';
+                }
+
+                if ($slash != '')
+                {
+                    return "<$slash$elem>";
+                }
+                # No attributes are allowed for closing elements
+
+                return $this->stripAttributes("$slash$elem", $attrlist);
+            }
+
+            /**
+             *	This method strips out disallowed attributes for (X)HTML tags.
+             *
+             *	This method removes all attributes if none are allowed for this element.
+             *	If some are allowed it calls combAttributes() to split them further, and then it
+             *	builds up new HTML code from the data that combAttributes() returns. It also
+             *	removes "<" and ">" characters, if there are any left. One more thing it
+             *	does is to check if the tag has a closing XHTML slash, and if it does,
+             *	it puts one in the returned code as well.
+             *
+             *	@access private
+             *	@param string $element (X)HTML tag to check
+             *	@param string $attr Text containing attributes to check for validity.
+             *	@return string Resulting valid (X)HTML or ''
+             *	@see combAttributes()
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function stripAttributes($element, $attr)
+            {
+                # Is there a closing XHTML slash at the end of the attributes?
+                $xhtml_slash = '';
+                if (preg_match('%\s/\s*$%', $attr))
+                {
+                    $xhtml_slash = ' /';
+                }
+
+                # Are any attributes allowed at all for this element?
+                if (
+                    !isset($this->allowed_html[strtolower($element)]) ||
+                    count($this->allowed_html[strtolower($element)]) == 0
+                )
+                {
+                    return "<$element$xhtml_slash>";
+                }
+
+                # Split it
+                $attrarr = $this->combAttributes($attr);
+
+                # Go through $attrarr, and save the allowed attributes for this element
+                # in $attr2
+                $attr2 = '';
+                if(is_array($attrarr) && count($attrarr) > 0)
+                {
+                    foreach ($attrarr as $arreach)
+                    {
+                        if(!isset($this->allowed_html[strtolower($element)][strtolower($arreach['name'])]))
+                        {
+                            continue;
+                        }
+
+                        $current = $this->allowed_html[strtolower($element)][strtolower($arreach['name'])];
+
+                        if (!is_array($current))
+                        {
+                            # there are no checks
+                            $attr2 .= ' '.$arreach['whole'];
+                        }
+                        else
+                        {
+                            # there are some checks
+                            $ok = true;
+                            if(is_array($current) && count($current) > 0)
+                            {
+                                foreach ($current as $currkey => $currval)
+                                {
+                                    if (!$this->checkAttributeValue($arreach['value'], $arreach['vless'], $currkey, $currval))
+                                    {
+                                        $ok = false;
+                                        break;
+                                    }
+                                }
+                            }
+
+                            if ($ok)
+                            {
+                                # it passed them
+                                $attr2 .= ' '.$arreach['whole'];
+                            }
+                        }
+                    }
+                }
+
+                # Remove any "<" or ">" characters
+                $attr2 = preg_replace('/[<>]/', '', $attr2);
+                return "<$element$attr2$xhtml_slash>";
+            }
+
+            /**
+             *	This method combs through an attribute list string and returns an associative array of attributes and values.
+             *
+             *	This method does a lot of work. It parses an attribute list into an array
+             *	with attribute data, and tries to do the right thing even if it gets weird
+             *	input. It will add quotes around attribute values that don't have any quotes
+             *	or apostrophes around them, to make it easier to produce HTML code that will
+             *	conform to W3C's HTML specification. It will also remove bad URL protocols
+             *	from attribute values.
+             *
+             *	@access private
+             *	@param string $attr Text containing tag attributes for parsing
+             *	@return array Associative array containing data on attribute and value
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function combAttributes($attr)
+            {
+                $attrarr  = array();
+                $mode     = 0;
+                $attrname = '';
+
+                # Loop through the whole attribute list
+
+                while (strlen($attr) != 0)
+                {
+                    # Was the last operation successful?
+                    $working = 0;
+
+                    switch ($mode)
+                    {
+                        case 0:	# attribute name, href for instance
+                            if (preg_match('/^([-a-zA-Z]+)/', $attr, $match))
+                            {
+                                $attrname = $match[1];
+                                $working = $mode = 1;
+                                $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
+                            }
+                            break;
+                        case 1:	# equals sign or valueless ("selected")
+                            if (preg_match('/^\s*=\s*/', $attr)) # equals sign
+                            {
+                                $working = 1;
+                                $mode    = 2;
+                                $attr    = preg_replace('/^\s*=\s*/', '', $attr);
+                                break;
+                            }
+                            if (preg_match('/^\s+/', $attr)) # valueless
+                            {
+                                $working   = 1;
+                                $mode      = 0;
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => '',
+                                    'whole' => $attrname,
+                                    'vless' => 'y'
+                                );
+                                $attr      = preg_replace('/^\s+/', '', $attr);
+                            }
+                            break;
+                        case 2: # attribute value, a URL after href= for instance
+                            if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value"
+                            {
+                                $thisval   = $this->removeBadProtocols($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => $attrname . '="' . $thisval . '"',
+                                    'vless' => 'n'
+                                );
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
+                                break;
+                            }
+                            if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value'
+                            {
+                                $thisval   = $this->removeBadProtocols($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => "$attrname='$thisval'",
+                                    'vless' => 'n'
+                                );
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
+                                break;
+                            }
+                            if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value
+                            {
+                                $thisval   = $this->removeBadProtocols($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => $attrname . '="' . $thisval . '"',
+                                    'vless' => 'n'
+                                );
+                                # We add quotes to conform to W3C's HTML spec.
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr);
+                            }
+                            break;
+                    }
+
+                    if ($working == 0) # not well formed, remove and try again
+                    {
+                        $attr = preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $attr);
+                        $mode = 0;
+                    }
+                }
+
+                # special case, for when the attribute list ends with a valueless
+                # attribute like "selected"
+                if ($mode == 1)
+                {
+                    $attrarr[] = array(
+                        'name'  => $attrname,
+                        'value' => '',
+                        'whole' => $attrname,
+                        'vless' => 'y'
+                    );
+                }
+
+                return $attrarr;
+            }
+
+            /**
+             *	This method removes disallowed protocols.
+             *
+             *	This method removes all non-allowed protocols from the beginning of
+             *	$string. It ignores whitespace and the case of the letters, and it does
+             *	understand HTML entities. It does its work in a while loop, so it won't be
+             *	fooled by a string like "javascript:javascript:alert(57)".
+             *
+             *	@access private
+             *	@param string $string String to check for protocols
+             *	@return string String with removed protocols
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function removeBadProtocols($string)
+            {
+                $string  = $this->RemoveNulls($string);
+                $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
+                $string2 = $string . 'a';
+
+                $string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
+                if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
+                {
+                    $string = $this->filterProtocols($string2[0]).trim($string2[1]);
+                }
+                return $string;
+            }
+
+            /**
+             *	Helper method used by removeBadProtocols()
+             *
+             *	This function processes URL protocols, checks to see if they're in the white-
+             *	list or not, and returns different data depending on the answer.
+             *
+             *	@access private
+             *	@param string $string String to check for protocols
+             *	@return string String with removed protocols
+             *	@see removeBadProtocols()
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function filterProtocols($string)
+            {
+                $string = $this->decodeEntities($string);
+                $string = preg_replace('/\s/', '', $string);
+                $string = $this->removeNulls($string);
+                $string = preg_replace('/\xad+/', '', $string2); # deals with Opera "feature"
+                $string = strtolower($string);
+
+                if(is_array($this->allowed_protocols) && count($this->allowed_protocols) > 0)
+                {
+                    foreach ($this->allowed_protocols as $one_protocol)
+                    {
+                        if (strtolower($one_protocol) == $string)
+                        {
+                            return "$string:";
+                        }
+                    }
+                }
+
+                return '';
+            }
+
+            /**
+             *	Controller method for performing checks on attribute values.
+             *
+             *	This method calls the appropriate method as specified by $checkname with
+             *	the parameters $value, $vless, and $checkvalue, and returns the result
+             *	of the call.
+             *
+             *	This method's functionality can be expanded by creating new methods
+             *	that would match checkAttributeValue[$checkname].
+             *
+             *	Current checks implemented are: "maxlen", "minlen", "maxval", "minval" and "valueless"
+             *
+             *	@access private
+             *	@param string $value The value of the attribute to be checked.
+             *	@param string $vless Indicates whether the the value is supposed to be valueless
+             *	@param string $checkname The check to be performed
+             *	@param string $checkvalue The value that is to be checked against
+             *	@return bool Indicates whether the check passed or not
+             *	@since PHP5 OOP 1.0.0
+             */
+            private function checkAttributeValue($value, $vless, $checkname, $checkvalue)
+            {
+                $ok = true;
+                $check_attribute_method_name  = 'checkAttributeValue' . ucfirst(strtolower($checkname));
+                if(method_exists($this, $check_attribute_method_name))
+                {
+                    $ok = $this->$check_attribute_method_name($value, $checkvalue, $vless);
+                }
+
+                return $ok;
+            }
+
+            /**
+             *	Helper method invoked by checkAttributeValue().
+             *
+             *	The maxlen check makes sure that the attribute value has a length not
+             *	greater than the given value. This can be used to avoid Buffer Overflows
+             *	in WWW clients and various Internet servers.
+             *
+             *	@access private
+             *	@param string $value The value of the attribute to be checked.
+             *	@param int $checkvalue The maximum value allowed
+             *	@return bool Indicates whether the check passed or not
+             *	@see checkAttributeValue()
+             *	@since PHP5 OOP 1.0.0
+             */
+            private function checkAttributeValueMaxlen($value, $checkvalue)
+            {
+                if (strlen($value) > intval($checkvalue))
+                {
+                    return false;
+                }
+                return true;
+            }
+
+            /**
+             *	Helper method invoked by checkAttributeValue().
+             *
+             *	The minlen check makes sure that the attribute value has a length not
+             *	smaller than the given value.
+             *
+             *	@access private
+             *	@param string $value The value of the attribute to be checked.
+             *	@param int $checkvalue The minimum value allowed
+             *	@return bool Indicates whether the check passed or not
+             *	@see checkAttributeValue()
+             *	@since PHP5 OOP 1.0.0
+             */
+            private function checkAttributeValueMinlen($value, $checkvalue)
+            {
+                if (strlen($value) < intval($checkvalue))
+                {
+                    return false;
+                }
+                return true;
+            }
+
+            /**
+             *	Helper method invoked by checkAttributeValue().
+             *
+             *	The maxval check does two things: it checks that the attribute value is
+             *	an integer from 0 and up, without an excessive amount of zeroes or
+             *	whitespace (to avoid Buffer Overflows). It also checks that the attribute
+             *	value is not greater than the given value.
+             *
+             *	This check can be used to avoid Denial of Service attacks.
+             *
+             *	@access private
+             *	@param int $value The value of the attribute to be checked.
+             *	@param int $checkvalue The maximum numeric value allowed
+             *	@return bool Indicates whether the check passed or not
+             *	@see checkAttributeValue()
+             *	@since PHP5 OOP 1.0.0
+             */
+            private function checkAttributeValueMaxval($value, $checkvalue)
+            {
+                if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
+                {
+                    return false;
+                }
+                if (intval($value) > intval($checkvalue))
+                {
+                    return false;
+                }
+                return true;
+            }
+
+            /**
+             *	Helper method invoked by checkAttributeValue().
+             *
+             *	The minval check checks that the attribute value is a positive integer,
+             *	and that it is not smaller than the given value.
+             *
+             *	@access private
+             *	@param int $value The value of the attribute to be checked.
+             *	@param int $checkvalue The minimum numeric value allowed
+             *	@return bool Indicates whether the check passed or not
+             *	@see checkAttributeValue()
+             *	@since PHP5 OOP 1.0.0
+             */
+            private function checkAttributeValueMinval($value, $checkvalue)
+            {
+                if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
+                {
+                    return false;
+                }
+                if (intval($value) < ($checkvalue))
+                {
+                    return false;
+                }
+                return true;
+            }
+
+            /**
+             *	Helper method invoked by checkAttributeValue().
+             *
+             *	The valueless check checks if the attribute has a value
+             *	(like <a href="blah">) or not (<option selected>). If the given value
+             *	is a "y" or a "Y", the attribute must not have a value.
+             *
+             *	If the given value is an "n" or an "N", the attribute must have one.
+             *
+             *	@access private
+             *	@param int $value The value of the attribute to be checked.
+             *	@param mixed $checkvalue This variable is ignored for this test
+             *	@param string $vless Flag indicating if this attribute is not supposed to have an attribute
+             *	@return bool Indicates whether the check passed or not
+             *	@see checkAttributeValue()
+             *	@since PHP5 OOP 1.0.0
+             */
+            private function checkAttributeValueValueless($value, $checkvalue, $vless)
+            {
+                if (strtolower($checkvalue) != $vless)
+                {
+                    return false;
+                }
+                return true;
+            }
+
+            /**
+             *	Decodes numeric HTML entities
+             *
+             *	This method decodes numeric HTML entities (&#65; and &#x41;). It doesn't
+             *	do anything with other entities like &auml;, but we don't need them in the
+             *	URL protocol white listing system anyway.
+             *
+             *	@access private
+             *	@param string $value The entitiy to be decoded.
+             *	@return string Decoded entity
+             *	@since PHP4 OOP 0.0.1
+             */
+            private function decodeEntities($string)
+            {
+                $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
+                $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string);
+                return $string;
+            }
+
+            /**
+             *	Returns PHP5 OOP version # of kses.
+             *
+             *	Since this class has been refactored and documented and proven to work,
+             *	I'm fixing the version number at 1.0.0.
+             *
+             *	This version is syntax compatible with the PHP4 OOP version 0.0.2.  Future
+             *	versions may not be syntax compatible.
+             *
+             *	@access public
+             *	@return string Version number
+             *	@since PHP4 OOP 0.0.1
+             */
+            public function Version()
+            {
+                return 'PHP5 OOP 1.0.2';
+            }
+        }
+    }
 ?>
\ No newline at end of file

main/inc/lib/kses-0.2.2/oop/test.oop.kses.php

Indentation +503 added lines, -503 removed lines

@@ -1,507 +1,507 @@
 <?php
 
-	//	This is a q&d program that shows some of the results of
-	//	running KSES.  If you have further questions, check the
-	//	current valid email address at http://chaos.org/contact/
-
-	//	Make sure we're in a usable PHP environment
-	if(substr(phpversion(), 0, 1) < 4)
-	{
-		define('KSESTEST_VER', 0);
-	}
-	elseif(substr(phpversion(), 0, 1) >= 5)
-	{
-		define('KSESTEST_VER', 5);
-	}
-	else
-	{
-		define('KSESTEST_VER', 4);
-	}
-
-	//	See if we're in command line or web
-	if($_SERVER["DOCUMENT_ROOT"] == "")
-	{
-		define('KSESTEST_ENV', 'CLI');
-	}
-	else
-	{
-		define('KSESTEST_ENV', 'WEB');
-	}
-
-	if(KSESTEST_VER == 0)
-	{
-		$message = array(
-			"Error: Not using a current version of PHP!",
-			"You are using PHP version " . phpversion() . ".",
-			"KSES Class version requires PHP4 or better.",
-			"KSES test program ending."
-			);
-
-		displayPage(
-			array("title" => "Error running KSES test", "message" => $message)
-		);
-
-		exit();
-	}
-
-	$include_file = "php" . KSESTEST_VER . ".class.kses.php";
-	if(file_exists($include_file) && is_readable($include_file))
-	{
-		include_once($include_file);
-	}
-	else
-	{
-		$message = array(
-			"Error:  Unable to find '" . $include_file . "'.",
-			"Please check your include path and make sure the file is available.",
-			"Path: " . ini_get('include_path')
-		);
-
-		displayPage(
-			array('title' => 'Unable to include ' . $include_file, 'message' => $message)
-		);
-
-		exit();
-	}
-
-	$kses_type = "kses" . KSESTEST_VER;
-	$myKses = new $kses_type;
-
-	$test_text = array();
-	$test_text = test1_protocols($myKses);
-	$test_text = array_merge($test_text, test1_html($myKses));
-	$test_text = array_merge($test_text, test1_kses($myKses));
-
-	displayPage(
-		array('title' => 'New Test', 'message' => $test_text)
-	);
-
-	function test1_kses(&$myKses)
-	{
-		$out = array(output_hr(), "Testing current configuration");
-
-		$test_tags = array(
-			'<a href="http://www.chaos.org/">www.chaos.org</a>',
-			'<a name="X">Short \'a name\' tag</a>',
-			'<td colspan="3" rowspan="5">Foo</td>',
-			'<td rowspan="2" class="mugwump" style="background-color: rgb(255, 204 204);">Bar</td>',
-			'<td nowrap>Very Long String running to 1000 characters...</td>',
-			'<td bgcolor="#00ff00" nowrap>Very Long String with a blue background</td>',
-			'<a href="proto1://www.foo.com">New protocol test</a>',
-			'<img src="proto2://www.foo.com" />',
-			'<a href="javascript:javascript:javascript:javascript:javascript:alert(\'Boo!\');">bleep</a>',
-			'<a href="proto4://abc.xyz.foo.com">Another new protocol</a>',
-			'<a href="proto9://foo.foo.foo.foo.foo.org/">Test of "proto9"</a>',
-			'<td width="75">Bar!</td>',
-			'<td width="200">Long Cell</td>'
-		);
-
-		$out_li = array();
-		// Keep only allowed HTML from the presumed 'form'.
-		foreach($test_tags as $tag)
-		{
-			$temp  = $myKses->Parse($tag);
-			$check = ($temp == $tag) ? true : false;
-			$text  = ($temp == $tag) ? 'pass' : 'fail';
-
-			$li_text  = output_testresult($check, $text) . output_newline();
-			$li_text .= "Input: &nbsp;" . output_translate($tag) . output_newline();
-			$li_text .= "Output: " . output_translate($temp);
-			if(KSESTEST_ENV == 'CLI')
-			{
-				$li_text .= output_newline();
-			}
-
-			array_push($out_li, output_code_wrap($li_text));
-		}
-
-		$out = array_merge($out, array(output_ul($out_li)));
-		array_push($out, output_hr());
-		array_push($out, "Testing is now finished.");
-		return $out;
-	}
-
-	function output_code_wrap($text)
-	{
-		if(KSESTEST_ENV == 'CLI')
-		{
-			return $text;
-		}
-		else
-		{
-			return "<code>\n$text<code>\n";
-		}
-	}
-
-	function output_translate($text)
-	{
-		if(KSESTEST_ENV == 'CLI')
-		{
-			return $text;
-		}
-		else
-		{
-			return htmlentities($text);
-		}
-	}
-
-	function output_testresult($pass = false, $text = "")
-	{
-		if(KSESTEST_ENV == 'CLI')
-		{
-			return '[' . $text . ']';
-		}
-		else
-		{
-			if($pass == true)
-			{
-				return '<span style="color: green;">[' . $text . ']</span>';
-			}
-			else
-			{
-				return '<span style="color: red;">[' . $text . ']</span>';
-			}
-		}
-	}
-
-	function output_spaces()
-	{
-		if(KSESTEST_ENV == 'WEB')
-		{
-			$out = "&nbsp;&nbsp;&nbsp;";
-		}
-		else
-		{
-			$out = "   ";
-		}
-
-		return $out;
-	}
-
-	function output_newline()
-	{
-		if(KSESTEST_ENV == 'WEB')
-		{
-			$out = "<br />\n";
-		}
-		else
-		{
-			$out = "\n";
-		}
-
-		return $out;
-	}
-
-	function displayPage($data = array())
-	{
-		$title   = ($data['title'] == '') ? 'No title' : $data['title'];
-		$message = ($data['message'] == '') ? array('No message') : $data['message'];
-
-		$out = "";
-
-		foreach($message as $text)
-		{
-			if(KSESTEST_ENV == 'WEB')
-			{
-				$header = "\t\t<h1>$title</h1>\n\t\t<hr />\n";
-				$out .= "\t\t<p>\n";
-				$out .= "\t\t\t$text\n";
-				$out .= "\t\t</p>\n";
-			}
-			else
-			{
-				$header = "$title\n" . str_repeat('-', 60) . "\n\n";
-				$out .= "\t$text\n\n";
-			}
-		}
-
-		if(KSESTEST_ENV == 'WEB')
-		{
-			echo "<html>\n";
-			echo "\t<head>\n";
-			echo "\t\t<title>$title</title>\n";
-			echo "\t</head>\n";
-			echo "\t<body>\n";
-			echo $header;
-			echo $out;
-			echo "\t</body>\n";
-			echo "</html>\n";
-		}
-		else
-		{
-			echo $header;
-			echo $out;
-		}
-	}
-
-	function output_hr()
-	{
-		if(KSESTEST_ENV == 'WEB')
-		{
-			return "\t\t\t<hr />\n";
-		}
-		else
-		{
-			return str_repeat(60, '-') . "\n";
-		}
-	}
-
-	function output_ul($data = array(), $padding = "")
-	{
-		if(!is_array($data) || count($data) < 1)
-		{
-			return "";
-		}
-
-		$text = "";
-		if(KSESTEST_ENV == 'WEB')
-		{
-			$text = "\t\t\t<ul>\n";
-			foreach($data as $li)
-			{
-				$text .= "\t\t\t\t<li>$li</li>\n";
-			}
-			$text .= "\t\t\t</ul>\n";
-		}
-		else
-		{
-			foreach($data as $li)
-			{
-				$text .= $padding . "   * $li\n";
-			}
-		}
-
-		return $text;
-	}
-
-	function test1_protocols(&$myKses)
-	{
-		$default_prots = $myKses->dumpProtocols();
-		$out_text = array();
-		if(count($default_prots) > 0)
-		{
-			array_push($out_text, "Initial protocols from KSES" . KSESTEST_VER . ":");
-			array_push($out_text, output_ul($default_prots));
-			array_push($out_text, output_hr());
-		}
-
-		$myKses->AddProtocols(array("proto1", "proto2:", "proto3"));   // Add a list of protocols
-		$myKses->AddProtocols("proto4:");  // Add a single protocol (Note ':' is optional at end)
-		$myKses->AddProtocol("proto9", "mystery:", "anarchy");
-		$myKses->AddProtocol("alpha", "beta", "gamma:");
-
-		$add_protocol  = "\t\t\t<ol>\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols(array("proto1", "proto2:", "proto3"));</li>' . "\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols("proto4:");</li>' . "\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols("proto4:");</li>' . "\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocol("proto9", "mystery:", "anarchy");</li>' . "\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocol("alpha", "beta", "gamma:");</li>' . "\n";
-		$add_protocol .= "\t\t\t</ol>\n";
-
-		array_push($out_text, $add_protocol);
-
-		$new_prots = $myKses->dumpProtocols();
-		if(count($new_prots) > 0)
-		{
-			array_push($out_text, "New protocols from KSES" . KSESTEST_VER . " after using AddProtocol(s):");
-			array_push($out_text, output_ul($new_prots));
-			array_push($out_text, output_hr());
-		}
-
-		$myKses->RemoveProtocols(array("mystery", "anarchy:"));
-		$myKses->RemoveProtocols("alpha:");
-		$myKses->RemoveProtocol("beta:");
-		$myKses->RemoveProtocol("gamma");
-
-		$remove_protocol  = "\t\t\t<ol>\n";
-		$remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocols(array("mystery", "anarchy:"));</li>' . "\n";
-		$remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocols("alpha:");</li>' . "\n";
-		$remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocol("beta:");</li>' . "\n";
-		$remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocol("gamma");</li>' . "\n";
-		$remove_protocol .= "\t\t\t</ol>\n";
-		array_push($out_text, $remove_protocol);
-
-		$new_prots = $myKses->dumpProtocols();
-		if(count($new_prots) > 0)
-		{
-			array_push($out_text, "Resulting protocols from KSES" . KSESTEST_VER . " after using RemoveProtocol(s):");
-			array_push($out_text, output_ul($new_prots));
-			array_push($out_text, output_hr());
-		}
-
-		$myKses->SetProtocols(array("https", "gopher", "news"));
-		$set_protocol  = "\t\t\t<ol>\n";
-		$set_protocol .= "\t\t\t\t" . '<li>$myKses->SetProtocols(array("https", "gopher", "news"));</li>' . "\n";
-		$set_protocol .= "\t\t\t</ol>\n";
-		array_push($out_text, $set_protocol);
-
-		$new_prots = $myKses->dumpProtocols();
-		if(count($new_prots) > 0)
-		{
-			array_push($out_text, "Resulting protocols from KSES" . KSESTEST_VER . " after using SetProtocols:");
-			array_push($out_text, output_ul($new_prots));
-			array_push($out_text, output_hr());
-		}
-
-		//	Invisible reset
-		$myKses->SetProtocols(array("http", "proto1", "proto2", "proto9"));
-
-		return $out_text;
-	}
-
-	function test1_html(&$myKses)
-	{
-		$out = array();
-
-		//	Allows <p>|</p> tag
-		$myKses->AddHTML("p");
-
-		//	Allows 'a' tag with href|name attributes,
-		//	href has minlen of 10 chars, and maxlen of 25 chars
-		//	name has minlen of  2 chars
-		$myKses->AddHTML(
-			"a",
-			array(
-				"href" => array('maxlen' => 25, 'minlen' => 10),
-				"name" => array('minlen' => 2)
-			)
-		);
-
-		//	Allows 'td' tag with colspan|rowspan|class|style|width|nowrap attributes,
-		//		colspan has minval of   2       and maxval of 5
-		//		rowspan has minval of   3       and maxval of 6
-		//		class   has minlen of   1 char  and maxlen of   10 chars
-		//		style   has minlen of  10 chars and maxlen of 100 chars
-		//		width   has maxval of 100
-		//		nowrap  is valueless
-		$myKses->AddHTML(
-			"td",
-			array(
-				"colspan" => array('minval' =>   2, 'maxval' =>   5),
-				"rowspan" => array('minval' =>   3, 'maxval' =>   6),
-				"class"   => array("minlen" =>   1, 'maxlen' =>  10),
-				"width"   => array("maxval" => 100),
-				"style"   => array('minlen' =>  10, 'maxlen' => 100),
-				"nowrap"  => array('valueless' => 'y')
-			)
-		);
-
-		array_push($out, "Modifying HTML Tests:");
-		$code_text  = "<pre>\n";
-		$code_text .= "      //   Allows &lt;p&gt;|&lt;/p&gt; tag\n";
-		$code_text .= "      \$myKses-&gt;AddHTML(\"p\");\n";
-		$code_text .= "\n";
-		$code_text .= "      //   Allows 'a' tag with href|name attributes,\n";
-		$code_text .= "      //   href has minlen of 10 chars, and maxlen of 25 chars\n";
-		$code_text .= "      //   name has minlen of  2 chars\n";
-		$code_text .= "      \$myKses-&gt;AddHTML(\n";
-		$code_text .= "         \"a\",\n";
-		$code_text .= "         array(\n";
-		$code_text .= "            \"href\" =&gt; array('maxlen' =&gt; 25, 'minlen' =&gt; 10),\n";
-		$code_text .= "            \"name\" =&gt; array('minlen' =&gt; 2)\n";
-		$code_text .= "         )\n";
-		$code_text .= "      );\n";
-		$code_text .= "\n";
-		$code_text .= "      //   Allows 'td' tag with colspan|rowspan|class|style|width|nowrap attributes,\n";
-		$code_text .= "      //      colspan has minval of   2       and maxval of 5\n";
-		$code_text .= "      //      rowspan has minval of   3       and maxval of 6\n";
-		$code_text .= "      //      class   has minlen of   1 char  and maxlen of   10 chars\n";
-		$code_text .= "      //      style   has minlen of  10 chars and maxlen of 100 chars\n";
-		$code_text .= "      //      width   has maxval of 100\n";
-		$code_text .= "      //      nowrap  is valueless\n";
-		$code_text .= "      \$myKses-&gt;AddHTML(\n";
-		$code_text .= "         \"td\",\n";
-		$code_text .= "         array(\n";
-		$code_text .= "            \"colspan\" =&gt; array('minval' =&gt;   2, 'maxval' =&gt;   5),\n";
-		$code_text .= "            \"rowspan\" =&gt; array('minval' =&gt;   3, 'maxval' =&gt;   6),\n";
-		$code_text .= "            \"class\"   =&gt; array(\"minlen\" =&gt;   1, 'maxlen' =&gt;  10),\n";
-		$code_text .= "            \"width\"   =&gt; array(\"maxval\" =&gt; 100),\n";
-		$code_text .= "            \"style\"   =&gt; array('minlen' =&gt;  10, 'maxlen' =&gt; 100),\n";
-		$code_text .= "            \"nowrap\"  =&gt; array('valueless' =&gt; 'y')\n";
-		$code_text .= "         )\n";
-		$code_text .= "      );\n";
-		$code_text .= "</pre>\n";
-
-		array_push($out, $code_text);
-		array_push($out, output_hr());
-		array_push($out, "Net results:");
-
-		$out_elems = $myKses->DumpElements();
-		if(count($out_elems) > 0)
-		{
-			//array_push($out, "\t\t\t<ul>\n");
-			foreach($out_elems as $tag => $attr_data)
-			{
-				$out_li_elems = array();
-				$elem_text = "(X)HTML element $tag";
-				$allow = "";
-				if(isset($attr_data) && is_array($attr_data) && count($attr_data) > 0)
-				{
-					$allow = " allows attribute";
-					if(count($attr_data) > 1)
-					{
-						$allow .= "s";
-					}
-					$allow .= ":\n";
-				}
-
-				array_push($out_li_elems, "$elem_text$allow");
-
-				$attr_test_li = array();
-				if(isset($attr_data) && is_array($attr_data) && count($attr_data) > 0)
-				{
-					foreach($attr_data as $attr_name => $attr_tests)
-					{
-						$li_text = $attr_name;
-						if(isset($attr_tests) && count($attr_tests) > 0)
-						{
-							foreach($attr_tests as $test_name => $test_val)
-							{
-								switch($test_name)
-								{
-									case "maxlen":
-										$li_text .= " - maximum length of '" . $test_val . "' characters";
-										break;
-									case "minlen":
-										$li_text .= " - minimum length of '" . $test_val . "' characters";
-										break;
-									case "minval":
-										$li_text .= " - minimum value of '" . $test_val . "'";
-										break;
-									case "maxval":
-										$li_text .= " - maximum value of '" . $test_val . "'";
-										break;
-									case "valueless":
-										switch(strtolower($test_val))
-										{
-											case 'n':
-												$li_text .= " - must not be valueless";
-												break;
-											case 'y':
-												$li_text .= " - must be valueless";
-												break;
-											default:
-												break;
-										}
-										break;
-									default:
-										break;
-								}
-							}
-						}
-						array_push($attr_test_li, $li_text);
-					}
-					if(count($attr_test_li) > 0)
-					{
-						$attr_test_li = output_ul($attr_test_li, "   ");
-						$out_li_elems = array("$elem_text$allow$attr_test_li");
-					}
-				}
-				$out = array_merge($out, $out_li_elems);
-			}
-		}
-
-		return $out;
-	}
+    //	This is a q&d program that shows some of the results of
+    //	running KSES.  If you have further questions, check the
+    //	current valid email address at http://chaos.org/contact/
+
+    //	Make sure we're in a usable PHP environment
+    if(substr(phpversion(), 0, 1) < 4)
+    {
+        define('KSESTEST_VER', 0);
+    }
+    elseif(substr(phpversion(), 0, 1) >= 5)
+    {
+        define('KSESTEST_VER', 5);
+    }
+    else
+    {
+        define('KSESTEST_VER', 4);
+    }
+
+    //	See if we're in command line or web
+    if($_SERVER["DOCUMENT_ROOT"] == "")
+    {
+        define('KSESTEST_ENV', 'CLI');
+    }
+    else
+    {
+        define('KSESTEST_ENV', 'WEB');
+    }
+
+    if(KSESTEST_VER == 0)
+    {
+        $message = array(
+            "Error: Not using a current version of PHP!",
+            "You are using PHP version " . phpversion() . ".",
+            "KSES Class version requires PHP4 or better.",
+            "KSES test program ending."
+            );
+
+        displayPage(
+            array("title" => "Error running KSES test", "message" => $message)
+        );
+
+        exit();
+    }
+
+    $include_file = "php" . KSESTEST_VER . ".class.kses.php";
+    if(file_exists($include_file) && is_readable($include_file))
+    {
+        include_once($include_file);
+    }
+    else
+    {
+        $message = array(
+            "Error:  Unable to find '" . $include_file . "'.",
+            "Please check your include path and make sure the file is available.",
+            "Path: " . ini_get('include_path')
+        );
+
+        displayPage(
+            array('title' => 'Unable to include ' . $include_file, 'message' => $message)
+        );
+
+        exit();
+    }
+
+    $kses_type = "kses" . KSESTEST_VER;
+    $myKses = new $kses_type;
+
+    $test_text = array();
+    $test_text = test1_protocols($myKses);
+    $test_text = array_merge($test_text, test1_html($myKses));
+    $test_text = array_merge($test_text, test1_kses($myKses));
+
+    displayPage(
+        array('title' => 'New Test', 'message' => $test_text)
+    );
+
+    function test1_kses(&$myKses)
+    {
+        $out = array(output_hr(), "Testing current configuration");
+
+        $test_tags = array(
+            '<a href="http://www.chaos.org/">www.chaos.org</a>',
+            '<a name="X">Short \'a name\' tag</a>',
+            '<td colspan="3" rowspan="5">Foo</td>',
+            '<td rowspan="2" class="mugwump" style="background-color: rgb(255, 204 204);">Bar</td>',
+            '<td nowrap>Very Long String running to 1000 characters...</td>',
+            '<td bgcolor="#00ff00" nowrap>Very Long String with a blue background</td>',
+            '<a href="proto1://www.foo.com">New protocol test</a>',
+            '<img src="proto2://www.foo.com" />',
+            '<a href="javascript:javascript:javascript:javascript:javascript:alert(\'Boo!\');">bleep</a>',
+            '<a href="proto4://abc.xyz.foo.com">Another new protocol</a>',
+            '<a href="proto9://foo.foo.foo.foo.foo.org/">Test of "proto9"</a>',
+            '<td width="75">Bar!</td>',
+            '<td width="200">Long Cell</td>'
+        );
+
+        $out_li = array();
+        // Keep only allowed HTML from the presumed 'form'.
+        foreach($test_tags as $tag)
+        {
+            $temp  = $myKses->Parse($tag);
+            $check = ($temp == $tag) ? true : false;
+            $text  = ($temp == $tag) ? 'pass' : 'fail';
+
+            $li_text  = output_testresult($check, $text) . output_newline();
+            $li_text .= "Input: &nbsp;" . output_translate($tag) . output_newline();
+            $li_text .= "Output: " . output_translate($temp);
+            if(KSESTEST_ENV == 'CLI')
+            {
+                $li_text .= output_newline();
+            }
+
+            array_push($out_li, output_code_wrap($li_text));
+        }
+
+        $out = array_merge($out, array(output_ul($out_li)));
+        array_push($out, output_hr());
+        array_push($out, "Testing is now finished.");
+        return $out;
+    }
+
+    function output_code_wrap($text)
+    {
+        if(KSESTEST_ENV == 'CLI')
+        {
+            return $text;
+        }
+        else
+        {
+            return "<code>\n$text<code>\n";
+        }
+    }
+
+    function output_translate($text)
+    {
+        if(KSESTEST_ENV == 'CLI')
+        {
+            return $text;
+        }
+        else
+        {
+            return htmlentities($text);
+        }
+    }
+
+    function output_testresult($pass = false, $text = "")
+    {
+        if(KSESTEST_ENV == 'CLI')
+        {
+            return '[' . $text . ']';
+        }
+        else
+        {
+            if($pass == true)
+            {
+                return '<span style="color: green;">[' . $text . ']</span>';
+            }
+            else
+            {
+                return '<span style="color: red;">[' . $text . ']</span>';
+            }
+        }
+    }
+
+    function output_spaces()
+    {
+        if(KSESTEST_ENV == 'WEB')
+        {
+            $out = "&nbsp;&nbsp;&nbsp;";
+        }
+        else
+        {
+            $out = "   ";
+        }
+
+        return $out;
+    }
+
+    function output_newline()
+    {
+        if(KSESTEST_ENV == 'WEB')
+        {
+            $out = "<br />\n";
+        }
+        else
+        {
+            $out = "\n";
+        }
+
+        return $out;
+    }
+
+    function displayPage($data = array())
+    {
+        $title   = ($data['title'] == '') ? 'No title' : $data['title'];
+        $message = ($data['message'] == '') ? array('No message') : $data['message'];
+
+        $out = "";
+
+        foreach($message as $text)
+        {
+            if(KSESTEST_ENV == 'WEB')
+            {
+                $header = "\t\t<h1>$title</h1>\n\t\t<hr />\n";
+                $out .= "\t\t<p>\n";
+                $out .= "\t\t\t$text\n";
+                $out .= "\t\t</p>\n";
+            }
+            else
+            {
+                $header = "$title\n" . str_repeat('-', 60) . "\n\n";
+                $out .= "\t$text\n\n";
+            }
+        }
+
+        if(KSESTEST_ENV == 'WEB')
+        {
+            echo "<html>\n";
+            echo "\t<head>\n";
+            echo "\t\t<title>$title</title>\n";
+            echo "\t</head>\n";
+            echo "\t<body>\n";
+            echo $header;
+            echo $out;
+            echo "\t</body>\n";
+            echo "</html>\n";
+        }
+        else
+        {
+            echo $header;
+            echo $out;
+        }
+    }
+
+    function output_hr()
+    {
+        if(KSESTEST_ENV == 'WEB')
+        {
+            return "\t\t\t<hr />\n";
+        }
+        else
+        {
+            return str_repeat(60, '-') . "\n";
+        }
+    }
+
+    function output_ul($data = array(), $padding = "")
+    {
+        if(!is_array($data) || count($data) < 1)
+        {
+            return "";
+        }
+
+        $text = "";
+        if(KSESTEST_ENV == 'WEB')
+        {
+            $text = "\t\t\t<ul>\n";
+            foreach($data as $li)
+            {
+                $text .= "\t\t\t\t<li>$li</li>\n";
+            }
+            $text .= "\t\t\t</ul>\n";
+        }
+        else
+        {
+            foreach($data as $li)
+            {
+                $text .= $padding . "   * $li\n";
+            }
+        }
+
+        return $text;
+    }
+
+    function test1_protocols(&$myKses)
+    {
+        $default_prots = $myKses->dumpProtocols();
+        $out_text = array();
+        if(count($default_prots) > 0)
+        {
+            array_push($out_text, "Initial protocols from KSES" . KSESTEST_VER . ":");
+            array_push($out_text, output_ul($default_prots));
+            array_push($out_text, output_hr());
+        }
+
+        $myKses->AddProtocols(array("proto1", "proto2:", "proto3"));   // Add a list of protocols
+        $myKses->AddProtocols("proto4:");  // Add a single protocol (Note ':' is optional at end)
+        $myKses->AddProtocol("proto9", "mystery:", "anarchy");
+        $myKses->AddProtocol("alpha", "beta", "gamma:");
+
+        $add_protocol  = "\t\t\t<ol>\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols(array("proto1", "proto2:", "proto3"));</li>' . "\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols("proto4:");</li>' . "\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols("proto4:");</li>' . "\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocol("proto9", "mystery:", "anarchy");</li>' . "\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocol("alpha", "beta", "gamma:");</li>' . "\n";
+        $add_protocol .= "\t\t\t</ol>\n";
+
+        array_push($out_text, $add_protocol);
+
+        $new_prots = $myKses->dumpProtocols();
+        if(count($new_prots) > 0)
+        {
+            array_push($out_text, "New protocols from KSES" . KSESTEST_VER . " after using AddProtocol(s):");
+            array_push($out_text, output_ul($new_prots));
+            array_push($out_text, output_hr());
+        }
+
+        $myKses->RemoveProtocols(array("mystery", "anarchy:"));
+        $myKses->RemoveProtocols("alpha:");
+        $myKses->RemoveProtocol("beta:");
+        $myKses->RemoveProtocol("gamma");
+
+        $remove_protocol  = "\t\t\t<ol>\n";
+        $remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocols(array("mystery", "anarchy:"));</li>' . "\n";
+        $remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocols("alpha:");</li>' . "\n";
+        $remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocol("beta:");</li>' . "\n";
+        $remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocol("gamma");</li>' . "\n";
+        $remove_protocol .= "\t\t\t</ol>\n";
+        array_push($out_text, $remove_protocol);
+
+        $new_prots = $myKses->dumpProtocols();
+        if(count($new_prots) > 0)
+        {
+            array_push($out_text, "Resulting protocols from KSES" . KSESTEST_VER . " after using RemoveProtocol(s):");
+            array_push($out_text, output_ul($new_prots));
+            array_push($out_text, output_hr());
+        }
+
+        $myKses->SetProtocols(array("https", "gopher", "news"));
+        $set_protocol  = "\t\t\t<ol>\n";
+        $set_protocol .= "\t\t\t\t" . '<li>$myKses->SetProtocols(array("https", "gopher", "news"));</li>' . "\n";
+        $set_protocol .= "\t\t\t</ol>\n";
+        array_push($out_text, $set_protocol);
+
+        $new_prots = $myKses->dumpProtocols();
+        if(count($new_prots) > 0)
+        {
+            array_push($out_text, "Resulting protocols from KSES" . KSESTEST_VER . " after using SetProtocols:");
+            array_push($out_text, output_ul($new_prots));
+            array_push($out_text, output_hr());
+        }
+
+        //	Invisible reset
+        $myKses->SetProtocols(array("http", "proto1", "proto2", "proto9"));
+
+        return $out_text;
+    }
+
+    function test1_html(&$myKses)
+    {
+        $out = array();
+
+        //	Allows <p>|</p> tag
+        $myKses->AddHTML("p");
+
+        //	Allows 'a' tag with href|name attributes,
+        //	href has minlen of 10 chars, and maxlen of 25 chars
+        //	name has minlen of  2 chars
+        $myKses->AddHTML(
+            "a",
+            array(
+                "href" => array('maxlen' => 25, 'minlen' => 10),
+                "name" => array('minlen' => 2)
+            )
+        );
+
+        //	Allows 'td' tag with colspan|rowspan|class|style|width|nowrap attributes,
+        //		colspan has minval of   2       and maxval of 5
+        //		rowspan has minval of   3       and maxval of 6
+        //		class   has minlen of   1 char  and maxlen of   10 chars
+        //		style   has minlen of  10 chars and maxlen of 100 chars
+        //		width   has maxval of 100
+        //		nowrap  is valueless
+        $myKses->AddHTML(
+            "td",
+            array(
+                "colspan" => array('minval' =>   2, 'maxval' =>   5),
+                "rowspan" => array('minval' =>   3, 'maxval' =>   6),
+                "class"   => array("minlen" =>   1, 'maxlen' =>  10),
+                "width"   => array("maxval" => 100),
+                "style"   => array('minlen' =>  10, 'maxlen' => 100),
+                "nowrap"  => array('valueless' => 'y')
+            )
+        );
+
+        array_push($out, "Modifying HTML Tests:");
+        $code_text  = "<pre>\n";
+        $code_text .= "      //   Allows &lt;p&gt;|&lt;/p&gt; tag\n";
+        $code_text .= "      \$myKses-&gt;AddHTML(\"p\");\n";
+        $code_text .= "\n";
+        $code_text .= "      //   Allows 'a' tag with href|name attributes,\n";
+        $code_text .= "      //   href has minlen of 10 chars, and maxlen of 25 chars\n";
+        $code_text .= "      //   name has minlen of  2 chars\n";
+        $code_text .= "      \$myKses-&gt;AddHTML(\n";
+        $code_text .= "         \"a\",\n";
+        $code_text .= "         array(\n";
+        $code_text .= "            \"href\" =&gt; array('maxlen' =&gt; 25, 'minlen' =&gt; 10),\n";
+        $code_text .= "            \"name\" =&gt; array('minlen' =&gt; 2)\n";
+        $code_text .= "         )\n";
+        $code_text .= "      );\n";
+        $code_text .= "\n";
+        $code_text .= "      //   Allows 'td' tag with colspan|rowspan|class|style|width|nowrap attributes,\n";
+        $code_text .= "      //      colspan has minval of   2       and maxval of 5\n";
+        $code_text .= "      //      rowspan has minval of   3       and maxval of 6\n";
+        $code_text .= "      //      class   has minlen of   1 char  and maxlen of   10 chars\n";
+        $code_text .= "      //      style   has minlen of  10 chars and maxlen of 100 chars\n";
+        $code_text .= "      //      width   has maxval of 100\n";
+        $code_text .= "      //      nowrap  is valueless\n";
+        $code_text .= "      \$myKses-&gt;AddHTML(\n";
+        $code_text .= "         \"td\",\n";
+        $code_text .= "         array(\n";
+        $code_text .= "            \"colspan\" =&gt; array('minval' =&gt;   2, 'maxval' =&gt;   5),\n";
+        $code_text .= "            \"rowspan\" =&gt; array('minval' =&gt;   3, 'maxval' =&gt;   6),\n";
+        $code_text .= "            \"class\"   =&gt; array(\"minlen\" =&gt;   1, 'maxlen' =&gt;  10),\n";
+        $code_text .= "            \"width\"   =&gt; array(\"maxval\" =&gt; 100),\n";
+        $code_text .= "            \"style\"   =&gt; array('minlen' =&gt;  10, 'maxlen' =&gt; 100),\n";
+        $code_text .= "            \"nowrap\"  =&gt; array('valueless' =&gt; 'y')\n";
+        $code_text .= "         )\n";
+        $code_text .= "      );\n";
+        $code_text .= "</pre>\n";
+
+        array_push($out, $code_text);
+        array_push($out, output_hr());
+        array_push($out, "Net results:");
+
+        $out_elems = $myKses->DumpElements();
+        if(count($out_elems) > 0)
+        {
+            //array_push($out, "\t\t\t<ul>\n");
+            foreach($out_elems as $tag => $attr_data)
+            {
+                $out_li_elems = array();
+                $elem_text = "(X)HTML element $tag";
+                $allow = "";
+                if(isset($attr_data) && is_array($attr_data) && count($attr_data) > 0)
+                {
+                    $allow = " allows attribute";
+                    if(count($attr_data) > 1)
+                    {
+                        $allow .= "s";
+                    }
+                    $allow .= ":\n";
+                }
+
+                array_push($out_li_elems, "$elem_text$allow");
+
+                $attr_test_li = array();
+                if(isset($attr_data) && is_array($attr_data) && count($attr_data) > 0)
+                {
+                    foreach($attr_data as $attr_name => $attr_tests)
+                    {
+                        $li_text = $attr_name;
+                        if(isset($attr_tests) && count($attr_tests) > 0)
+                        {
+                            foreach($attr_tests as $test_name => $test_val)
+                            {
+                                switch($test_name)
+                                {
+                                    case "maxlen":
+                                        $li_text .= " - maximum length of '" . $test_val . "' characters";
+                                        break;
+                                    case "minlen":
+                                        $li_text .= " - minimum length of '" . $test_val . "' characters";
+                                        break;
+                                    case "minval":
+                                        $li_text .= " - minimum value of '" . $test_val . "'";
+                                        break;
+                                    case "maxval":
+                                        $li_text .= " - maximum value of '" . $test_val . "'";
+                                        break;
+                                    case "valueless":
+                                        switch(strtolower($test_val))
+                                        {
+                                            case 'n':
+                                                $li_text .= " - must not be valueless";
+                                                break;
+                                            case 'y':
+                                                $li_text .= " - must be valueless";
+                                                break;
+                                            default:
+                                                break;
+                                        }
+                                        break;
+                                    default:
+                                        break;
+                                }
+                            }
+                        }
+                        array_push($attr_test_li, $li_text);
+                    }
+                    if(count($attr_test_li) > 0)
+                    {
+                        $attr_test_li = output_ul($attr_test_li, "   ");
+                        $out_li_elems = array("$elem_text$allow$attr_test_li");
+                    }
+                }
+                $out = array_merge($out, $out_li_elems);
+            }
+        }
+
+        return $out;
+    }
 
 ?>
\ No newline at end of file

main/inc/lib/kses-0.2.2/oop/php4.class.kses.php

Indentation +1137 added lines, -1137 removed lines

@@ -1,5 +1,5 @@ 
 <?php
-	/*
+    /*
 	 * ==========================================================================================
 	 *
 	 * This program is free software and open source software; you can redistribute
@@ -20,1143 +20,1143 @@ 
 	 * ==========================================================================================
 	 */
 
-	/**
-	*	Class file for PHP4 OOP version of kses
-	*
-	*	This is an updated version of kses to work with PHP4 that works under E_STRICT.
-	*
-	*	This upgrade provides the following:
-	*	+ Version number synced to procedural version number
-	*	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
-	*	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
-	*	+ Kses4 now works in E_STRICT
-	*	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol() and RemoveProtocols()
-	*	+ Deprecated _hook(), Protocols()
-	*	+ Integrated code from kses 0.2.2 into class.
-	*	+ Added methods DumpProtocols(), DumpMethods()
-	*
-	*	@package    kses
-	*	@subpackage kses4
-	*/
-
-	if(substr(phpversion(), 0, 1) < 4)
-	{
-		die("Class kses requires PHP 4 or higher.");
-	}
-
-	/**
-	*	Only install KSES4 once
-	*/
-	if(!defined('KSES_CLASS_PHP4'))
-	{
-		define('KSES_CLASS_PHP4', true);
-
-	/**
-	*	Kses strips evil scripts!
-	*
-	*	This class provides the capability for removing unwanted HTML/XHTML, attributes from
-	*	tags, and protocols contained in links.  The net result is a much more powerful tool
-	*	than the PHP internal strip_tags()
-	*
-	*	This is a fork of a slick piece of procedural code called 'kses' written by Ulf Harnhammar
-	*	The entire set of functions was wrapped in a PHP object with some internal modifications
-	*	by Richard Vasquez (http://www.chaos.org/) 7/25/2003
-	*
-	*	This upgrade provides the following:
-	*	+ Version number synced to procedural version number
-	*	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
-	*	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
-	*	+ Kses4 now works in E_STRICT
-	*	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols()
-	*	+ Deprecated _hook(), Protocols()
-	*	+ Integrated code from kses 0.2.2 into class.
-	*
-	*	@author     Richard R. V�squez, Jr. (Original procedural code by Ulf H�rnhammar)
-	*	@link       http://sourceforge.net/projects/kses/ Home Page for Kses
-	*	@link       http://chaos.org/contact/ Contact page with current email address for Richard Vasquez
-	*	@copyright  Richard R. V�squez, Jr. 2003-2005
-	*	@version    PHP4 OOP 0.2.2
-	*	@license    http://www.gnu.org/licenses/gpl.html GNU Public License
-	*	@package    kses
-	*/
-		class kses4
-		{
-			/**#@+
+    /**
+     *	Class file for PHP4 OOP version of kses
+     *
+     *	This is an updated version of kses to work with PHP4 that works under E_STRICT.
+     *
+     *	This upgrade provides the following:
+     *	+ Version number synced to procedural version number
+     *	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
+     *	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
+     *	+ Kses4 now works in E_STRICT
+     *	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol() and RemoveProtocols()
+     *	+ Deprecated _hook(), Protocols()
+     *	+ Integrated code from kses 0.2.2 into class.
+     *	+ Added methods DumpProtocols(), DumpMethods()
+     *
+     *	@package    kses
+     *	@subpackage kses4
+     */
+
+    if(substr(phpversion(), 0, 1) < 4)
+    {
+        die("Class kses requires PHP 4 or higher.");
+    }
+
+    /**
+     *	Only install KSES4 once
+     */
+    if(!defined('KSES_CLASS_PHP4'))
+    {
+        define('KSES_CLASS_PHP4', true);
+
+    /**
+     *	Kses strips evil scripts!
+     *
+     *	This class provides the capability for removing unwanted HTML/XHTML, attributes from
+     *	tags, and protocols contained in links.  The net result is a much more powerful tool
+     *	than the PHP internal strip_tags()
+     *
+     *	This is a fork of a slick piece of procedural code called 'kses' written by Ulf Harnhammar
+     *	The entire set of functions was wrapped in a PHP object with some internal modifications
+     *	by Richard Vasquez (http://www.chaos.org/) 7/25/2003
+     *
+     *	This upgrade provides the following:
+     *	+ Version number synced to procedural version number
+     *	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
+     *	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
+     *	+ Kses4 now works in E_STRICT
+     *	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols()
+     *	+ Deprecated _hook(), Protocols()
+     *	+ Integrated code from kses 0.2.2 into class.
+     *
+     *	@author     Richard R. V�squez, Jr. (Original procedural code by Ulf H�rnhammar)
+     *	@link       http://sourceforge.net/projects/kses/ Home Page for Kses
+     *	@link       http://chaos.org/contact/ Contact page with current email address for Richard Vasquez
+     *	@copyright  Richard R. V�squez, Jr. 2003-2005
+     *	@version    PHP4 OOP 0.2.2
+     *	@license    http://www.gnu.org/licenses/gpl.html GNU Public License
+     *	@package    kses
+     */
+        class kses4
+        {
+            /**#@+
 			 *	@access private
 			 *	@var array
 			 */
-			var $allowed_protocols = array();
-			var $allowed_html      = array();
-			/**#@-*/
-
-			/**
-			 *	Constructor for kses.
-			 *
-			 *	This sets a default collection of protocols allowed in links, and creates an
-			 *	empty set of allowed HTML tags.
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function kses4()
-			{
-				/**
-				 *	You could add protocols such as ftp, new, gopher, mailto, irc, etc.
-				 *
-				 *	The base values the original kses provided were:
-				 *		'http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto'
-				 */
-				$this->allowed_protocols = array('http', 'ftp', 'mailto');
-				$this->allowed_html      = array();
-			}
-
-			/**
-			 *	Basic task of kses - parses $string and strips it as required.
-			 *
-			 *	This method strips all the disallowed (X)HTML tags, attributes
-			 *	and protocols from the input $string.
-			 *
-			 *	@access public
-			 *	@param string $string String to be stripped of 'evil scripts'
-			 *	@return string The stripped string
-			 *	@since PHP4 OOP 0.2.1
-			 */
-			function Parse($string = "")
-			{
-				if (get_magic_quotes_gpc())
-				{
-					$string = stripslashes($string);
-				}
-				$string = $this->_no_null($string);
-				$string = $this->_js_entities($string);
-				$string = $this->_normalize_entities($string);
-				$string = $this->filterKsesTextHook($string);
-				return    $this->_split($string);
-			}
-
-			/**
-			 *	Allows for single/batch addition of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	The argument will be processed, and each string will be added
-			 *	via AddProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be added to the internal list of allowed protocols.
-			 *	@return bool Status of adding valid protocols.
-			 *	@see AddProtocol()
-			 *	@since PHP4 OOP 0.2.1
-			 */
-			function AddProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses4::AddProtocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					foreach($protocol_data as $protocol)
-					{
-						$this->AddProtocol($protocol);
-					}
-					return true;
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->AddProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses4::AddProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	Allows for single/batch addition of protocols
-			 *
-			 *	@deprecated Use AddProtocols()
-			 *	@see AddProtocols()
-			 *	@return bool
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function Protocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses4::Protocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				return $this->AddProtocols(func_get_arg(0));
-			}
-
-			/**
-			 *	Adds a single protocol to $this->allowed_protocols.
-			 *
-			 *	This method accepts a string argument and adds it to
-			 *	the list of allowed protocols to keep when performing
-			 *	Parse().
-			 *
-			 *	@access public
-			 *	@param string $protocol The name of the protocol to be added.
-			 *	@return bool Status of adding valid protocol.
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function AddProtocol($protocol = "")
-			{
-				if(!is_string($protocol))
-				{
-					trigger_error("kses4::AddProtocol() requires a string.", E_USER_WARNING);
-					return false;
-				}
-
-				$protocol = strtolower(trim($protocol));
-				if($protocol == "")
-				{
-					trigger_error("kses4::AddProtocol() tried to add an empty/NULL protocol.", E_USER_WARNING);
-					return false;
-				}
-
-				// Remove any inadvertent ':' at the end of the protocol.
-				if(substr($protocol, strlen($protocol) - 1, 1) == ":")
-				{
-					$protocol = substr($protocol, 0, strlen($protocol) - 1);
-				}
-
-				if(!in_array($protocol, $this->allowed_protocols))
-				{
-					array_push($this->allowed_protocols, $protocol);
-					sort($this->allowed_protocols);
-				}
-				return true;
-			}
-
-			/**
-			 *	Allows for single/batch replacement of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	Existing protocols will be removed, then the argument will be
-			 *	processed, and each string will be added via AddProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be the new internal list of allowed protocols.
-			 *	@return bool Status of replacing valid protocols.
-			 *	@since PHP4 OOP 0.2.2
-			 *	@see AddProtocol()
-			 */
-			function SetProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses4::SetProtocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					$this->allowed_protocols = array();
-					foreach($protocol_data as $protocol)
-					{
-						$this->AddProtocol($protocol);
-					}
-					return true;
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->allowed_protocols = array();
-					$this->AddProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses4::SetProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	Raw dump of allowed protocols
-			 *
-			 *	This returns an indexed array of allowed protocols for a particular KSES
-			 *	instantiation.
-			 *
-			 *	@access public
-			 *	@return array The list of allowed protocols.
-			 *	@since PHP4 OOP 0.2.2
-			 */
-			function DumpProtocols()
-			{
-				return $this->allowed_protocols;
-			}
-
-			/**
-			 *	Raw dump of allowed (X)HTML elements
-			 *
-			 *	This returns an indexed array of allowed (X)HTML elements and attributes
-			 *	for a particular KSES instantiation.
-			 *
-			 *	@access public
-			 *	@return array The list of allowed elements.
-			 *	@since PHP4 OOP 0.2.2
-			 */
-			function DumpElements()
-			{
-				return $this->allowed_html;
-			}
-
-			/**
-			 *	Adds valid (X)HTML with corresponding attributes that will be kept when stripping 'evil scripts'.
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	@access public
-			 *	@param string $tag (X)HTML tag that will be allowed after stripping text.
-			 *	@param array $attribs Associative array of allowed attributes - key => attribute name - value => attribute parameter
-			 *	@return bool Status of Adding (X)HTML and attributes.
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function AddHTML($tag = "", $attribs = array())
-			{
-				if(!is_string($tag))
-				{
-					trigger_error("kses4::AddHTML() requires the tag to be a string", E_USER_WARNING);
-					return false;
-				}
-
-				$tag = strtolower(trim($tag));
-				if($tag == "")
-				{
-					trigger_error("kses4::AddHTML() tried to add an empty/NULL tag", E_USER_WARNING);
-					return false;
-				}
-
-				if(!is_array($attribs))
-				{
-					trigger_error("kses4::AddHTML() requires an array (even an empty one) of attributes for '$tag'", E_USER_WARNING);
-					return false;
-				}
-
-				$new_attribs = array();
-				if(is_array($attribs) && count($attribs) > 0)
-				{
-					foreach($attribs as $idx1 => $val1)
-					{
-						$new_idx1 = strtolower($idx1);
-						$new_val1 = $attribs[$idx1];
-
-						if(is_array($new_val1) && count($new_val1) > 0)
-						{
-							$tmp_val = array();
-							foreach($new_val1 as $idx2 => $val2)
-							{
-								$new_idx2 = strtolower($idx2);
-								$tmp_val[$new_idx2] = $val2;
-							}
-							$new_val1 = $tmp_val;
-						}
-
-						$new_attribs[$new_idx1] = $new_val1;
-					}
-				}
-
-				$this->allowed_html[$tag] = $new_attribs;
-				return true;
-			}
-
-			/**
-			 *	Removes a single protocol from $this->allowed_protocols.
-			 *
-			 *	This method accepts a string argument and removes it from
-			 *	the list of allowed protocols to keep when performing
-			 *	Parse().
-			 *
-			 *	@access public
-			 *	@param string $protocol The name of the protocol to be removed.
-			 *	@return bool Status of removing valid protocol.
-			 *	@since PHP4 OOP 0.2.1
-			 */
-			function RemoveProtocol($protocol = "")
-			{
-				if(!is_string($protocol))
-				{
-					trigger_error("kses4::RemoveProtocol() requires a string.", E_USER_WARNING);
-					return false;
-				}
-
-				// Remove any inadvertent ':' at the end of the protocol.
-				if(substr($protocol, strlen($protocol) - 1, 1) == ":")
-				{
-					$protocol = substr($protocol, 0, strlen($protocol) - 1);
-				}
-
-				$protocol = strtolower(trim($protocol));
-				if($protocol == "")
-				{
-					trigger_error("kses4::RemoveProtocol() tried to remove an empty/NULL protocol.", E_USER_WARNING);
-					return false;
-				}
-
-				//	Ensures that the protocol exists before removing it.
-				if(in_array($protocol, $this->allowed_protocols))
-				{
-					$this->allowed_protocols = array_diff($this->allowed_protocols, array($protocol));
-					sort($this->allowed_protocols);
-				}
-
-				return true;
-			}
-
-			/**
-			 *	Allows for single/batch removal of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	The argument will be processed, and each string will be removed
-			 *	via RemoveProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be removed from the internal list of allowed protocols.
-			 *	@return bool Status of removing valid protocols.
-			 *	@see RemoveProtocol()
-			 *	@since PHP5 OOP 0.2.1
-			 */
-			function RemoveProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					foreach($protocol_data as $protocol)
-					{
-						$this->RemoveProtocol($protocol);
-					}
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->RemoveProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses4::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	This method removes any NULL or characters in $string.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string String without any NULL/chr(173)
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _no_null($string)
-			{
-				$string = preg_replace('/\0+/', '', $string);
-				$string = preg_replace('/(\\\\0)+/', '', $string);
-				return $string;
-			}
-
-			/**
-			 *	This function removes the HTML JavaScript entities found in early versions of
-			 *	Netscape 4.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string String without any NULL/chr(173)
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _js_entities($string)
-			{
-			  return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
-			}
-
-			/**
-			 *	Normalizes HTML entities
-			 *
-			 *	This function normalizes HTML entities. It will convert "AT&T" to the correct
-			 *	"AT&amp;T", "&#00058;" to "&#58;", "&#XYZZY;" to "&amp;#XYZZY;" and so on.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string String with normalized entities
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _normalize_entities($string)
-			{
-				# Disarm all entities by converting & to &amp;
-			  $string = str_replace('&', '&amp;', $string);
-
-				# Change back the allowed entities in our entity white list
-
-			  $string = preg_replace('/&amp;([A-Za-z][A-Za-z0-9]{0,19});/', '&\\1;', $string);
-			  $string = preg_replace('/&amp;#0*([0-9]{1,5});/e', '\$this->_normalize_entities2("\\1")', $string);
-			  $string = preg_replace('/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', '&#\\1\\2;', $string);
-
-			  return $string;
-			}
-
-			/**
-			 *	Helper method used by normalizeEntites()
-			 *
-			 *	This method helps normalizeEntities() to only accept 16 bit values
-			 *	and nothing more for &#number; entities.
-			 *
-			 *	This method helps normalize_entities() during a preg_replace()
-			 *	where a &#(0)*XXXXX; occurs.  The '(0)*XXXXXX' value is converted to
-			 *	a number and the result is returned as a numeric entity if the number
-			 *	is less than 65536.  Otherwise, the value is returned 'as is'.
-			 *
-			 *	@access private
-			 *	@param string $i
-			 *	@return string Normalized numeric entity
-			 *	@see _normalize_entities()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _normalize_entities2($i)
-			{
-			  return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
-			}
-
-			/**
-			 *	Allows for additional user defined modifications to text.
-			 *
-			 *	@deprecated use filterKsesTextHook()
-			 *	@param string $string
-			 *	@see filterKsesTextHook()
-			 *	@return string
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _hook($string)
-			{
-			  return $this->filterKsesTextHook($string);
-			}
-
-			/**
-			 *	Allows for additional user defined modifications to text.
-			 *
-			 *	This method allows for additional modifications to be performed on
-			 *	a string that's being run through Parse().  Currently, it returns the
-			 *	input string 'as is'.
-			 *
-			 *	This method is provided for users to extend the kses class for their own
-			 *	requirements.
-			 *
-			 *	@access public
-			 *	@param string $string String to perfrom additional modifications on.
-			 *	@return string User modified string.
-			 *	@see Parse()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			function filterKsesTextHook($string)
-			{
-			  return $string;
-			}
-
-			/**
-			 *	This method goes through an array, and changes the keys to all lower case.
-			 *
-			 *	@access private
-			 *	@param array $in_array Associative array
-			 *	@return array Modified array
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _array_lc($inarray)
-			{
-			  $outarray = array();
-
-				if(is_array($inarray) && count($inarray) > 0)
-				{
-					foreach ($inarray as $inkey => $inval)
-					{
-						$outkey = strtolower($inkey);
-						$outarray[$outkey] = array();
-
-						if(is_array($inval) && count($inval) > 0)
-						{
-							foreach ($inval as $inkey2 => $inval2)
-							{
-								$outkey2 = strtolower($inkey2);
-								$outarray[$outkey][$outkey2] = $inval2;
-							}
-						}
-					}
-				}
-
-			  return $outarray;
-			}
-
-			/**
-			 *	This method searched for HTML tags, no matter how malformed.  It also
-			 *	matches stray ">" characters.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string HTML tags
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _split($string)
-			{
-				return preg_replace(
-					'%(<'.   # EITHER: <
-					'[^>]*'. # things that aren't >
-					'(>|$)'. # > or end of string
-					'|>)%e', # OR: just a >
-					"\$this->_split2('\\1')",
-					$string);
-			}
-
-			/**
-			 *	This method strips out disallowed and/or mangled (X)HTML tags along with assigned attributes.
-			 *
-			 *	This method does a lot of work. It rejects some very malformed things
-			 *	like <:::>. It returns an empty string if the element isn't allowed (look
-			 *	ma, no strip_tags()!). Otherwise it splits the tag into an element and an
-			 *	allowed attribute list.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string Modified string minus disallowed/mangled (X)HTML and attributes
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _split2($string)
-			{
-				$string = $this->_stripslashes($string);
-
-				if (substr($string, 0, 1) != '<')
-				{
-					# It matched a ">" character
-					return '&gt;';
-				}
-
-				if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
-				{
-					# It's seriously malformed
-					return '';
-				}
-
-				$slash    = trim($matches[1]);
-				$elem     = $matches[2];
-				$attrlist = $matches[3];
-
-				if (
-					!isset($this->allowed_html[strtolower($elem)]) ||
-					!is_array($this->allowed_html[strtolower($elem)])
-				)
-				{
-					# They are using a not allowed HTML element
-					return '';
-				}
-
-				if ($slash != '')
-				{
-					return "<$slash$elem>";
-				}
-				# No attributes are allowed for closing elements
-
-				return $this->_attr("$slash$elem", $attrlist);
-			}
-
-			/**
-			 *	This method strips out disallowed attributes for (X)HTML tags.
-			 *
-			 *	This method removes all attributes if none are allowed for this element.
-			 *	If some are allowed it calls $this->_hair() to split them further, and then it
-			 *	builds up new HTML code from the data that $this->_hair() returns. It also
-			 *	removes "<" and ">" characters, if there are any left. One more thing it
-			 *	does is to check if the tag has a closing XHTML slash, and if it does,
-			 *	it puts one in the returned code as well.
-			 *
-			 *	@access private
-			 *	@param string $element (X)HTML tag to check
-			 *	@param string $attr Text containing attributes to check for validity.
-			 *	@return string Resulting valid (X)HTML or ''
-			 *	@see _hair()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _attr($element, $attr)
-			{
-				# Is there a closing XHTML slash at the end of the attributes?
-				$xhtml_slash = '';
-				if (preg_match('%\s/\s*$%', $attr))
-				{
-					$xhtml_slash = ' /';
-				}
-
-				# Are any attributes allowed at all for this element?
-				if (
-					!isset($this->allowed_html[strtolower($element)]) ||
-					count($this->allowed_html[strtolower($element)]) == 0
-				)
-				{
-					return "<$element$xhtml_slash>";
-				}
-
-				# Split it
-				$attrarr = $this->_hair($attr);
-
-				# Go through $attrarr, and save the allowed attributes for this element
-				# in $attr2
-				$attr2 = '';
-				if(is_array($attrarr) && count($attrarr) > 0)
-				{
-					foreach ($attrarr as $arreach)
-					{
-						if(!isset($this->allowed_html[strtolower($element)][strtolower($arreach['name'])]))
-						{
-							continue;
-						}
-
-						$current = $this->allowed_html[strtolower($element)][strtolower($arreach['name'])];
-						if ($current == '')
-						{
-							# the attribute is not allowed
-							continue;
-						}
-
-						if (!is_array($current))
-						{
-							# there are no checks
-							$attr2 .= ' '.$arreach['whole'];
-						}
-						else
-						{
-							# there are some checks
-							$ok = true;
-							if(is_array($current) && count($current) > 0)
-							{
-								foreach ($current as $currkey => $currval)
-								{
-									if (!$this->_check_attr_val($arreach['value'], $arreach['vless'], $currkey, $currval))
-									{
-										$ok = false;
-										break;
-									}
-								}
-
-								if ($ok)
-								{
-									# it passed them
-									$attr2 .= ' '.$arreach['whole'];
-								}
-							}
-						}
-					}
-				}
-
-				# Remove any "<" or ">" characters
-				$attr2 = preg_replace('/[<>]/', '', $attr2);
-				return "<$element$attr2$xhtml_slash>";
-			}
-
-			/**
-			 *	This method combs through an attribute list string and returns an associative array of attributes and values.
-			 *
-			 *	This method does a lot of work. It parses an attribute list into an array
-			 *	with attribute data, and tries to do the right thing even if it gets weird
-			 *	input. It will add quotes around attribute values that don't have any quotes
-			 *	or apostrophes around them, to make it easier to produce HTML code that will
-			 *	conform to W3C's HTML specification. It will also remove bad URL protocols
-			 *	from attribute values.
-			 *
-			 *	@access private
-			 *	@param string $attr Text containing tag attributes for parsing
-			 *	@return array Associative array containing data on attribute and value
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _hair($attr)
-			{
-				$attrarr  = array();
-				$mode     = 0;
-				$attrname = '';
-
-				# Loop through the whole attribute list
-
-				while (strlen($attr) != 0)
-				{
-					# Was the last operation successful?
-					$working = 0;
-
-					switch ($mode)
-					{
-						case 0:	# attribute name, href for instance
-							if (preg_match('/^([-a-zA-Z]+)/', $attr, $match))
-							{
-								$attrname = $match[1];
-								$working = $mode = 1;
-								$attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
-							}
-							break;
-						case 1:	# equals sign or valueless ("selected")
-							if (preg_match('/^\s*=\s*/', $attr)) # equals sign
-							{
-								$working = 1;
-								$mode    = 2;
-								$attr    = preg_replace('/^\s*=\s*/', '', $attr);
-								break;
-							}
-							if (preg_match('/^\s+/', $attr)) # valueless
-							{
-								$working   = 1;
-								$mode      = 0;
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => '',
-									'whole' => $attrname,
-									'vless' => 'y'
-								);
-								$attr      = preg_replace('/^\s+/', '', $attr);
-							}
-							break;
-						case 2: # attribute value, a URL after href= for instance
-							if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value"
-							{
-								$thisval   = $this->_bad_protocol($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => "$attrname=\"$thisval\"",
-									'vless' => 'n'
-								);
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
-								break;
-							}
-							if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value'
-							{
-								$thisval   = $this->_bad_protocol($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => "$attrname='$thisval'",
-									'vless' => 'n'
-								);
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
-								break;
-							}
-							if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value
-							{
-								$thisval   = $this->_bad_protocol($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => "$attrname=\"$thisval\"",
-									'vless' => 'n'
-								);
-								# We add quotes to conform to W3C's HTML spec.
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr);
-							}
-							break;
-					}
-
-					if ($working == 0) # not well formed, remove and try again
-					{
-						$attr = $this->_html_error($attr);
-						$mode = 0;
-					}
-				}
-
-				# special case, for when the attribute list ends with a valueless
-				# attribute like "selected"
-				if ($mode == 1)
-				{
-					$attrarr[] = array(
-						'name'  => $attrname,
-						'value' => '',
-						'whole' => $attrname,
-						'vless' => 'y'
-					);
-				}
-
-				return $attrarr;
-			}
-
-			/**
-			 *	This method removes disallowed protocols.
-			 *
-			 *	This method removes all non-allowed protocols from the beginning of
-			 *	$string. It ignores whitespace and the case of the letters, and it does
-			 *	understand HTML entities. It does its work in a while loop, so it won't be
-			 *	fooled by a string like "javascript:javascript:alert(57)".
-			 *
-			 *	@access private
-			 *	@param string $string String to check for protocols
-			 *	@return string String with removed protocols
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _bad_protocol($string)
-			{
-				$string  = $this->_no_null($string);
-				$string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
-				$string2 = $string.'a';
-
-				while ($string != $string2)
-				{
-					$string2 = $string;
-					$string  = $this->_bad_protocol_once($string);
-				} # while
-
-				return $string;
-			}
-
-			/**
-			 *	Helper method used by _bad_protocol()
-			 *
-			 *	This function searches for URL protocols at the beginning of $string, while
-			 *	handling whitespace and HTML entities.
-			 *  Function updated to fix security vulnerability (see http://projects.dokeos.com/index.php?do=details&task_id=2312)
-			 *
-			 *	@access private
-			 *	@param string $string String to check for protocols
-			 *	@return string String with removed protocols
-			 *	@see _bad_protocol()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _bad_protocol_once($string)
-			{
-				$string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
-				if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
-				{
-					$string = $this->_bad_protocol_once2($string2[0]).trim($string2[1]);
-				}
-				return $string;
-			}
-			/**
-			 *	Helper method used by _bad_protocol_once() regex
-			 *
-			 *	This function processes URL protocols, checks to see if they're in the white-
-			 *	list or not, and returns different data depending on the answer.
-			 *
-			 *	@access private
-			 *	@param string $string String to check for protocols
-			 *	@return string String with removed protocols
-			 *	@see _bad_protocol()
-			 *	@see _bad_protocol_once()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _bad_protocol_once2($string)
-			{
-				$string = $this->_decode_entities($string);
-				$string = preg_replace('/\s/', '', $string);
-				$string = $this->_no_null($string);
-				$string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
-				$string = strtolower($string);
-
-				$allowed = false;
-				if(is_array($this->allowed_protocols) && count($this->allowed_protocols) > 0)
-				{
-					foreach ($this->allowed_protocols as $one_protocol)
-					{
-						if (strtolower($one_protocol) == $string)
-						{
-							$allowed = true;
-							break;
-						}
-					}
-				}
-
-				if ($allowed)
-				{
-					return "$string:";
-				}
-				else
-				{
-					return '';
-				}
-			}
-
-			/**
-			 *	This function performs different checks for attribute values.
-			 *
-			 *	The currently implemented checks are "maxlen", "minlen", "maxval",
-			 *	"minval" and "valueless" with even more checks to come soon.
-			 *
-			 *	@access private
-			 *	@param string $value The value of the attribute to be checked.
-			 *	@param string $vless Indicates whether the the value is supposed to be valueless
-			 *	@param string $checkname The check to be performed
-			 *	@param string $checkvalue The value that is to be checked against
-			 *	@return bool Indicates whether the check passed or not
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _check_attr_val($value, $vless, $checkname, $checkvalue)
-			{
-				$ok = true;
-
-				switch (strtolower($checkname))
-				{
-					/**
-					*	The maxlen check makes sure that the attribute value has a length not
-					*	greater than the given value. This can be used to avoid Buffer Overflows
-					*	in WWW clients and various Internet servers.
-					*/
-					case 'maxlen':
-						if (strlen($value) > $checkvalue)
-						{
-							$ok = false;
-						}
-						break;
-
-					/**
-					*	The minlen check makes sure that the attribute value has a length not
-					*	smaller than the given value.
-					*/
-					case 'minlen':
-						if (strlen($value) < $checkvalue)
-						{
-							$ok = false;
-						}
-						break;
-
-					/**
-					*	The maxval check does two things: it checks that the attribute value is
-					*	an integer from 0 and up, without an excessive amount of zeroes or
-					*	whitespace (to avoid Buffer Overflows). It also checks that the attribute
-					*	value is not greater than the given value.
-					*	This check can be used to avoid Denial of Service attacks.
-					*/
-					case 'maxval':
-						if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
-						{
-							$ok = false;
-						}
-						if ($value > $checkvalue)
-						{
-							$ok = false;
-						}
-						break;
-
-					/**
-					*	The minval check checks that the attribute value is a positive integer,
-					*	and that it is not smaller than the given value.
-					*/
-					case 'minval':
-						if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
-						{
-							$ok = false;
-						}
-						if ($value < $checkvalue)
-						{
-							$ok = false;
-						}
-						break;
-
-					/**
-					*	The valueless check checks if the attribute has a value
-					*	(like <a href="blah">) or not (<option selected>). If the given value
-					*	is a "y" or a "Y", the attribute must not have a value.
-					*	If the given value is an "n" or an "N", the attribute must have one.
-					*/
-					case 'valueless':
-					if (strtolower($checkvalue) != $vless)
-					{
-						$ok = false;
-					}
-					break;
-
-				}
-
-				return $ok;
-			}
-
-			/**
-			 *	Changes \" to "
-			 *
-			 *	This function changes the character sequence  \"  to just  "
-			 *	It leaves all other slashes alone. It's really weird, but the quoting from
-			 *	preg_replace(//e) seems to require this.
-			 *
-			 *	@access private
-			 *	@param string $string The string to be stripped.
-			 *	@return string string stripped of \"
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _stripslashes($string)
-			{
-				return preg_replace('%\\\\"%', '"', $string);
-			}
-
-			/**
-			 *	helper method for _hair()
-			 *
-			 *	This function deals with parsing errors in _hair(). The general plan is
-			 *	to remove everything to and including some whitespace, but it deals with
-			 *	quotes and apostrophes as well.
-			 *
-			 *	@access private
-			 *	@param string $string The string to be stripped.
-			 *	@return string string stripped of whitespace
-			 *	@see _hair()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _html_error($string)
-			{
-				return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string);
-			}
-
-			/**
-			 *	Decodes numeric HTML entities
-			 *
-			 *	This method decodes numeric HTML entities (&#65; and &#x41;). It doesn't
-			 *	do anything with other entities like &auml;, but we don't need them in the
-			 *	URL protocol white listing system anyway.
-			 *
-			 *	@access private
-			 *	@param string $value The entitiy to be decoded.
-			 *	@return string Decoded entity
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _decode_entities($string)
-			{
-				$string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
-				$string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string);
-				return $string;
-			}
-
-			/**
-			 *	Returns PHP4 OOP version # of kses.
-			 *
-			 *	Since this class has been refactored and documented and proven to work,
-			 *	I'm syncing the version number to procedural kses.
-			 *
-			 *	@access public
-			 *	@return string Version number
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _version()
-			{
-				return 'PHP4 0.2.2 (OOP fork of procedural kses 0.2.2)';
-			}
-		}
-
-
-
-	}
+            var $allowed_protocols = array();
+            var $allowed_html      = array();
+            /**#@-*/
+
+            /**
+             *	Constructor for kses.
+             *
+             *	This sets a default collection of protocols allowed in links, and creates an
+             *	empty set of allowed HTML tags.
+             *	@since PHP4 OOP 0.0.1
+             */
+            function kses4()
+            {
+                /**
+                 *	You could add protocols such as ftp, new, gopher, mailto, irc, etc.
+                 *
+                 *	The base values the original kses provided were:
+                 *		'http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto'
+                 */
+                $this->allowed_protocols = array('http', 'ftp', 'mailto');
+                $this->allowed_html      = array();
+            }
+
+            /**
+             *	Basic task of kses - parses $string and strips it as required.
+             *
+             *	This method strips all the disallowed (X)HTML tags, attributes
+             *	and protocols from the input $string.
+             *
+             *	@access public
+             *	@param string $string String to be stripped of 'evil scripts'
+             *	@return string The stripped string
+             *	@since PHP4 OOP 0.2.1
+             */
+            function Parse($string = "")
+            {
+                if (get_magic_quotes_gpc())
+                {
+                    $string = stripslashes($string);
+                }
+                $string = $this->_no_null($string);
+                $string = $this->_js_entities($string);
+                $string = $this->_normalize_entities($string);
+                $string = $this->filterKsesTextHook($string);
+                return    $this->_split($string);
+            }
+
+            /**
+             *	Allows for single/batch addition of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	The argument will be processed, and each string will be added
+             *	via AddProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be added to the internal list of allowed protocols.
+             *	@return bool Status of adding valid protocols.
+             *	@see AddProtocol()
+             *	@since PHP4 OOP 0.2.1
+             */
+            function AddProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses4::AddProtocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->AddProtocol($protocol);
+                    }
+                    return true;
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->AddProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses4::AddProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	Allows for single/batch addition of protocols
+             *
+             *	@deprecated Use AddProtocols()
+             *	@see AddProtocols()
+             *	@return bool
+             *	@since PHP4 OOP 0.0.1
+             */
+            function Protocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses4::Protocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                return $this->AddProtocols(func_get_arg(0));
+            }
+
+            /**
+             *	Adds a single protocol to $this->allowed_protocols.
+             *
+             *	This method accepts a string argument and adds it to
+             *	the list of allowed protocols to keep when performing
+             *	Parse().
+             *
+             *	@access public
+             *	@param string $protocol The name of the protocol to be added.
+             *	@return bool Status of adding valid protocol.
+             *	@since PHP4 OOP 0.0.1
+             */
+            function AddProtocol($protocol = "")
+            {
+                if(!is_string($protocol))
+                {
+                    trigger_error("kses4::AddProtocol() requires a string.", E_USER_WARNING);
+                    return false;
+                }
+
+                $protocol = strtolower(trim($protocol));
+                if($protocol == "")
+                {
+                    trigger_error("kses4::AddProtocol() tried to add an empty/NULL protocol.", E_USER_WARNING);
+                    return false;
+                }
+
+                // Remove any inadvertent ':' at the end of the protocol.
+                if(substr($protocol, strlen($protocol) - 1, 1) == ":")
+                {
+                    $protocol = substr($protocol, 0, strlen($protocol) - 1);
+                }
+
+                if(!in_array($protocol, $this->allowed_protocols))
+                {
+                    array_push($this->allowed_protocols, $protocol);
+                    sort($this->allowed_protocols);
+                }
+                return true;
+            }
+
+            /**
+             *	Allows for single/batch replacement of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	Existing protocols will be removed, then the argument will be
+             *	processed, and each string will be added via AddProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be the new internal list of allowed protocols.
+             *	@return bool Status of replacing valid protocols.
+             *	@since PHP4 OOP 0.2.2
+             *	@see AddProtocol()
+             */
+            function SetProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses4::SetProtocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    $this->allowed_protocols = array();
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->AddProtocol($protocol);
+                    }
+                    return true;
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->allowed_protocols = array();
+                    $this->AddProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses4::SetProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	Raw dump of allowed protocols
+             *
+             *	This returns an indexed array of allowed protocols for a particular KSES
+             *	instantiation.
+             *
+             *	@access public
+             *	@return array The list of allowed protocols.
+             *	@since PHP4 OOP 0.2.2
+             */
+            function DumpProtocols()
+            {
+                return $this->allowed_protocols;
+            }
+
+            /**
+             *	Raw dump of allowed (X)HTML elements
+             *
+             *	This returns an indexed array of allowed (X)HTML elements and attributes
+             *	for a particular KSES instantiation.
+             *
+             *	@access public
+             *	@return array The list of allowed elements.
+             *	@since PHP4 OOP 0.2.2
+             */
+            function DumpElements()
+            {
+                return $this->allowed_html;
+            }
+
+            /**
+             *	Adds valid (X)HTML with corresponding attributes that will be kept when stripping 'evil scripts'.
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	@access public
+             *	@param string $tag (X)HTML tag that will be allowed after stripping text.
+             *	@param array $attribs Associative array of allowed attributes - key => attribute name - value => attribute parameter
+             *	@return bool Status of Adding (X)HTML and attributes.
+             *	@since PHP4 OOP 0.0.1
+             */
+            function AddHTML($tag = "", $attribs = array())
+            {
+                if(!is_string($tag))
+                {
+                    trigger_error("kses4::AddHTML() requires the tag to be a string", E_USER_WARNING);
+                    return false;
+                }
+
+                $tag = strtolower(trim($tag));
+                if($tag == "")
+                {
+                    trigger_error("kses4::AddHTML() tried to add an empty/NULL tag", E_USER_WARNING);
+                    return false;
+                }
+
+                if(!is_array($attribs))
+                {
+                    trigger_error("kses4::AddHTML() requires an array (even an empty one) of attributes for '$tag'", E_USER_WARNING);
+                    return false;
+                }
+
+                $new_attribs = array();
+                if(is_array($attribs) && count($attribs) > 0)
+                {
+                    foreach($attribs as $idx1 => $val1)
+                    {
+                        $new_idx1 = strtolower($idx1);
+                        $new_val1 = $attribs[$idx1];
+
+                        if(is_array($new_val1) && count($new_val1) > 0)
+                        {
+                            $tmp_val = array();
+                            foreach($new_val1 as $idx2 => $val2)
+                            {
+                                $new_idx2 = strtolower($idx2);
+                                $tmp_val[$new_idx2] = $val2;
+                            }
+                            $new_val1 = $tmp_val;
+                        }
+
+                        $new_attribs[$new_idx1] = $new_val1;
+                    }
+                }
+
+                $this->allowed_html[$tag] = $new_attribs;
+                return true;
+            }
+
+            /**
+             *	Removes a single protocol from $this->allowed_protocols.
+             *
+             *	This method accepts a string argument and removes it from
+             *	the list of allowed protocols to keep when performing
+             *	Parse().
+             *
+             *	@access public
+             *	@param string $protocol The name of the protocol to be removed.
+             *	@return bool Status of removing valid protocol.
+             *	@since PHP4 OOP 0.2.1
+             */
+            function RemoveProtocol($protocol = "")
+            {
+                if(!is_string($protocol))
+                {
+                    trigger_error("kses4::RemoveProtocol() requires a string.", E_USER_WARNING);
+                    return false;
+                }
+
+                // Remove any inadvertent ':' at the end of the protocol.
+                if(substr($protocol, strlen($protocol) - 1, 1) == ":")
+                {
+                    $protocol = substr($protocol, 0, strlen($protocol) - 1);
+                }
+
+                $protocol = strtolower(trim($protocol));
+                if($protocol == "")
+                {
+                    trigger_error("kses4::RemoveProtocol() tried to remove an empty/NULL protocol.", E_USER_WARNING);
+                    return false;
+                }
+
+                //	Ensures that the protocol exists before removing it.
+                if(in_array($protocol, $this->allowed_protocols))
+                {
+                    $this->allowed_protocols = array_diff($this->allowed_protocols, array($protocol));
+                    sort($this->allowed_protocols);
+                }
+
+                return true;
+            }
+
+            /**
+             *	Allows for single/batch removal of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	The argument will be processed, and each string will be removed
+             *	via RemoveProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be removed from the internal list of allowed protocols.
+             *	@return bool Status of removing valid protocols.
+             *	@see RemoveProtocol()
+             *	@since PHP5 OOP 0.2.1
+             */
+            function RemoveProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->RemoveProtocol($protocol);
+                    }
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->RemoveProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses4::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	This method removes any NULL or characters in $string.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string String without any NULL/chr(173)
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _no_null($string)
+            {
+                $string = preg_replace('/\0+/', '', $string);
+                $string = preg_replace('/(\\\\0)+/', '', $string);
+                return $string;
+            }
+
+            /**
+             *	This function removes the HTML JavaScript entities found in early versions of
+             *	Netscape 4.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string String without any NULL/chr(173)
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _js_entities($string)
+            {
+                return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
+            }
+
+            /**
+             *	Normalizes HTML entities
+             *
+             *	This function normalizes HTML entities. It will convert "AT&T" to the correct
+             *	"AT&amp;T", "&#00058;" to "&#58;", "&#XYZZY;" to "&amp;#XYZZY;" and so on.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string String with normalized entities
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _normalize_entities($string)
+            {
+                # Disarm all entities by converting & to &amp;
+                $string = str_replace('&', '&amp;', $string);
+
+                # Change back the allowed entities in our entity white list
+
+                $string = preg_replace('/&amp;([A-Za-z][A-Za-z0-9]{0,19});/', '&\\1;', $string);
+                $string = preg_replace('/&amp;#0*([0-9]{1,5});/e', '\$this->_normalize_entities2("\\1")', $string);
+                $string = preg_replace('/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', '&#\\1\\2;', $string);
+
+                return $string;
+            }
+
+            /**
+             *	Helper method used by normalizeEntites()
+             *
+             *	This method helps normalizeEntities() to only accept 16 bit values
+             *	and nothing more for &#number; entities.
+             *
+             *	This method helps normalize_entities() during a preg_replace()
+             *	where a &#(0)*XXXXX; occurs.  The '(0)*XXXXXX' value is converted to
+             *	a number and the result is returned as a numeric entity if the number
+             *	is less than 65536.  Otherwise, the value is returned 'as is'.
+             *
+             *	@access private
+             *	@param string $i
+             *	@return string Normalized numeric entity
+             *	@see _normalize_entities()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _normalize_entities2($i)
+            {
+                return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
+            }
+
+            /**
+             *	Allows for additional user defined modifications to text.
+             *
+             *	@deprecated use filterKsesTextHook()
+             *	@param string $string
+             *	@see filterKsesTextHook()
+             *	@return string
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _hook($string)
+            {
+                return $this->filterKsesTextHook($string);
+            }
+
+            /**
+             *	Allows for additional user defined modifications to text.
+             *
+             *	This method allows for additional modifications to be performed on
+             *	a string that's being run through Parse().  Currently, it returns the
+             *	input string 'as is'.
+             *
+             *	This method is provided for users to extend the kses class for their own
+             *	requirements.
+             *
+             *	@access public
+             *	@param string $string String to perfrom additional modifications on.
+             *	@return string User modified string.
+             *	@see Parse()
+             *	@since PHP5 OOP 1.0.0
+             */
+            function filterKsesTextHook($string)
+            {
+                return $string;
+            }
+
+            /**
+             *	This method goes through an array, and changes the keys to all lower case.
+             *
+             *	@access private
+             *	@param array $in_array Associative array
+             *	@return array Modified array
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _array_lc($inarray)
+            {
+                $outarray = array();
+
+                if(is_array($inarray) && count($inarray) > 0)
+                {
+                    foreach ($inarray as $inkey => $inval)
+                    {
+                        $outkey = strtolower($inkey);
+                        $outarray[$outkey] = array();
+
+                        if(is_array($inval) && count($inval) > 0)
+                        {
+                            foreach ($inval as $inkey2 => $inval2)
+                            {
+                                $outkey2 = strtolower($inkey2);
+                                $outarray[$outkey][$outkey2] = $inval2;
+                            }
+                        }
+                    }
+                }
+
+                return $outarray;
+            }
+
+            /**
+             *	This method searched for HTML tags, no matter how malformed.  It also
+             *	matches stray ">" characters.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string HTML tags
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _split($string)
+            {
+                return preg_replace(
+                    '%(<'.   # EITHER: <
+                    '[^>]*'. # things that aren't >
+                    '(>|$)'. # > or end of string
+                    '|>)%e', # OR: just a >
+                    "\$this->_split2('\\1')",
+                    $string);
+            }
+
+            /**
+             *	This method strips out disallowed and/or mangled (X)HTML tags along with assigned attributes.
+             *
+             *	This method does a lot of work. It rejects some very malformed things
+             *	like <:::>. It returns an empty string if the element isn't allowed (look
+             *	ma, no strip_tags()!). Otherwise it splits the tag into an element and an
+             *	allowed attribute list.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string Modified string minus disallowed/mangled (X)HTML and attributes
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _split2($string)
+            {
+                $string = $this->_stripslashes($string);
+
+                if (substr($string, 0, 1) != '<')
+                {
+                    # It matched a ">" character
+                    return '&gt;';
+                }
+
+                if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
+                {
+                    # It's seriously malformed
+                    return '';
+                }
+
+                $slash    = trim($matches[1]);
+                $elem     = $matches[2];
+                $attrlist = $matches[3];
+
+                if (
+                    !isset($this->allowed_html[strtolower($elem)]) ||
+                    !is_array($this->allowed_html[strtolower($elem)])
+                )
+                {
+                    # They are using a not allowed HTML element
+                    return '';
+                }
+
+                if ($slash != '')
+                {
+                    return "<$slash$elem>";
+                }
+                # No attributes are allowed for closing elements
+
+                return $this->_attr("$slash$elem", $attrlist);
+            }
+
+            /**
+             *	This method strips out disallowed attributes for (X)HTML tags.
+             *
+             *	This method removes all attributes if none are allowed for this element.
+             *	If some are allowed it calls $this->_hair() to split them further, and then it
+             *	builds up new HTML code from the data that $this->_hair() returns. It also
+             *	removes "<" and ">" characters, if there are any left. One more thing it
+             *	does is to check if the tag has a closing XHTML slash, and if it does,
+             *	it puts one in the returned code as well.
+             *
+             *	@access private
+             *	@param string $element (X)HTML tag to check
+             *	@param string $attr Text containing attributes to check for validity.
+             *	@return string Resulting valid (X)HTML or ''
+             *	@see _hair()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _attr($element, $attr)
+            {
+                # Is there a closing XHTML slash at the end of the attributes?
+                $xhtml_slash = '';
+                if (preg_match('%\s/\s*$%', $attr))
+                {
+                    $xhtml_slash = ' /';
+                }
+
+                # Are any attributes allowed at all for this element?
+                if (
+                    !isset($this->allowed_html[strtolower($element)]) ||
+                    count($this->allowed_html[strtolower($element)]) == 0
+                )
+                {
+                    return "<$element$xhtml_slash>";
+                }
+
+                # Split it
+                $attrarr = $this->_hair($attr);
+
+                # Go through $attrarr, and save the allowed attributes for this element
+                # in $attr2
+                $attr2 = '';
+                if(is_array($attrarr) && count($attrarr) > 0)
+                {
+                    foreach ($attrarr as $arreach)
+                    {
+                        if(!isset($this->allowed_html[strtolower($element)][strtolower($arreach['name'])]))
+                        {
+                            continue;
+                        }
+
+                        $current = $this->allowed_html[strtolower($element)][strtolower($arreach['name'])];
+                        if ($current == '')
+                        {
+                            # the attribute is not allowed
+                            continue;
+                        }
+
+                        if (!is_array($current))
+                        {
+                            # there are no checks
+                            $attr2 .= ' '.$arreach['whole'];
+                        }
+                        else
+                        {
+                            # there are some checks
+                            $ok = true;
+                            if(is_array($current) && count($current) > 0)
+                            {
+                                foreach ($current as $currkey => $currval)
+                                {
+                                    if (!$this->_check_attr_val($arreach['value'], $arreach['vless'], $currkey, $currval))
+                                    {
+                                        $ok = false;
+                                        break;
+                                    }
+                                }
+
+                                if ($ok)
+                                {
+                                    # it passed them
+                                    $attr2 .= ' '.$arreach['whole'];
+                                }
+                            }
+                        }
+                    }
+                }
+
+                # Remove any "<" or ">" characters
+                $attr2 = preg_replace('/[<>]/', '', $attr2);
+                return "<$element$attr2$xhtml_slash>";
+            }
+
+            /**
+             *	This method combs through an attribute list string and returns an associative array of attributes and values.
+             *
+             *	This method does a lot of work. It parses an attribute list into an array
+             *	with attribute data, and tries to do the right thing even if it gets weird
+             *	input. It will add quotes around attribute values that don't have any quotes
+             *	or apostrophes around them, to make it easier to produce HTML code that will
+             *	conform to W3C's HTML specification. It will also remove bad URL protocols
+             *	from attribute values.
+             *
+             *	@access private
+             *	@param string $attr Text containing tag attributes for parsing
+             *	@return array Associative array containing data on attribute and value
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _hair($attr)
+            {
+                $attrarr  = array();
+                $mode     = 0;
+                $attrname = '';
+
+                # Loop through the whole attribute list
+
+                while (strlen($attr) != 0)
+                {
+                    # Was the last operation successful?
+                    $working = 0;
+
+                    switch ($mode)
+                    {
+                        case 0:	# attribute name, href for instance
+                            if (preg_match('/^([-a-zA-Z]+)/', $attr, $match))
+                            {
+                                $attrname = $match[1];
+                                $working = $mode = 1;
+                                $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
+                            }
+                            break;
+                        case 1:	# equals sign or valueless ("selected")
+                            if (preg_match('/^\s*=\s*/', $attr)) # equals sign
+                            {
+                                $working = 1;
+                                $mode    = 2;
+                                $attr    = preg_replace('/^\s*=\s*/', '', $attr);
+                                break;
+                            }
+                            if (preg_match('/^\s+/', $attr)) # valueless
+                            {
+                                $working   = 1;
+                                $mode      = 0;
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => '',
+                                    'whole' => $attrname,
+                                    'vless' => 'y'
+                                );
+                                $attr      = preg_replace('/^\s+/', '', $attr);
+                            }
+                            break;
+                        case 2: # attribute value, a URL after href= for instance
+                            if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value"
+                            {
+                                $thisval   = $this->_bad_protocol($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => "$attrname=\"$thisval\"",
+                                    'vless' => 'n'
+                                );
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
+                                break;
+                            }
+                            if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value'
+                            {
+                                $thisval   = $this->_bad_protocol($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => "$attrname='$thisval'",
+                                    'vless' => 'n'
+                                );
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
+                                break;
+                            }
+                            if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value
+                            {
+                                $thisval   = $this->_bad_protocol($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => "$attrname=\"$thisval\"",
+                                    'vless' => 'n'
+                                );
+                                # We add quotes to conform to W3C's HTML spec.
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr);
+                            }
+                            break;
+                    }
+
+                    if ($working == 0) # not well formed, remove and try again
+                    {
+                        $attr = $this->_html_error($attr);
+                        $mode = 0;
+                    }
+                }
+
+                # special case, for when the attribute list ends with a valueless
+                # attribute like "selected"
+                if ($mode == 1)
+                {
+                    $attrarr[] = array(
+                        'name'  => $attrname,
+                        'value' => '',
+                        'whole' => $attrname,
+                        'vless' => 'y'
+                    );
+                }
+
+                return $attrarr;
+            }
+
+            /**
+             *	This method removes disallowed protocols.
+             *
+             *	This method removes all non-allowed protocols from the beginning of
+             *	$string. It ignores whitespace and the case of the letters, and it does
+             *	understand HTML entities. It does its work in a while loop, so it won't be
+             *	fooled by a string like "javascript:javascript:alert(57)".
+             *
+             *	@access private
+             *	@param string $string String to check for protocols
+             *	@return string String with removed protocols
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _bad_protocol($string)
+            {
+                $string  = $this->_no_null($string);
+                $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
+                $string2 = $string.'a';
+
+                while ($string != $string2)
+                {
+                    $string2 = $string;
+                    $string  = $this->_bad_protocol_once($string);
+                } # while
+
+                return $string;
+            }
+
+            /**
+             *	Helper method used by _bad_protocol()
+             *
+             *	This function searches for URL protocols at the beginning of $string, while
+             *	handling whitespace and HTML entities.
+             *  Function updated to fix security vulnerability (see http://projects.dokeos.com/index.php?do=details&task_id=2312)
+             *
+             *	@access private
+             *	@param string $string String to check for protocols
+             *	@return string String with removed protocols
+             *	@see _bad_protocol()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _bad_protocol_once($string)
+            {
+                $string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
+                if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
+                {
+                    $string = $this->_bad_protocol_once2($string2[0]).trim($string2[1]);
+                }
+                return $string;
+            }
+            /**
+             *	Helper method used by _bad_protocol_once() regex
+             *
+             *	This function processes URL protocols, checks to see if they're in the white-
+             *	list or not, and returns different data depending on the answer.
+             *
+             *	@access private
+             *	@param string $string String to check for protocols
+             *	@return string String with removed protocols
+             *	@see _bad_protocol()
+             *	@see _bad_protocol_once()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _bad_protocol_once2($string)
+            {
+                $string = $this->_decode_entities($string);
+                $string = preg_replace('/\s/', '', $string);
+                $string = $this->_no_null($string);
+                $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
+                $string = strtolower($string);
+
+                $allowed = false;
+                if(is_array($this->allowed_protocols) && count($this->allowed_protocols) > 0)
+                {
+                    foreach ($this->allowed_protocols as $one_protocol)
+                    {
+                        if (strtolower($one_protocol) == $string)
+                        {
+                            $allowed = true;
+                            break;
+                        }
+                    }
+                }
+
+                if ($allowed)
+                {
+                    return "$string:";
+                }
+                else
+                {
+                    return '';
+                }
+            }
+
+            /**
+             *	This function performs different checks for attribute values.
+             *
+             *	The currently implemented checks are "maxlen", "minlen", "maxval",
+             *	"minval" and "valueless" with even more checks to come soon.
+             *
+             *	@access private
+             *	@param string $value The value of the attribute to be checked.
+             *	@param string $vless Indicates whether the the value is supposed to be valueless
+             *	@param string $checkname The check to be performed
+             *	@param string $checkvalue The value that is to be checked against
+             *	@return bool Indicates whether the check passed or not
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _check_attr_val($value, $vless, $checkname, $checkvalue)
+            {
+                $ok = true;
+
+                switch (strtolower($checkname))
+                {
+                    /**
+                     *	The maxlen check makes sure that the attribute value has a length not
+                     *	greater than the given value. This can be used to avoid Buffer Overflows
+                     *	in WWW clients and various Internet servers.
+                     */
+                    case 'maxlen':
+                        if (strlen($value) > $checkvalue)
+                        {
+                            $ok = false;
+                        }
+                        break;
+
+                    /**
+                     *	The minlen check makes sure that the attribute value has a length not
+                     *	smaller than the given value.
+                     */
+                    case 'minlen':
+                        if (strlen($value) < $checkvalue)
+                        {
+                            $ok = false;
+                        }
+                        break;
+
+                    /**
+                     *	The maxval check does two things: it checks that the attribute value is
+                     *	an integer from 0 and up, without an excessive amount of zeroes or
+                     *	whitespace (to avoid Buffer Overflows). It also checks that the attribute
+                     *	value is not greater than the given value.
+                     *	This check can be used to avoid Denial of Service attacks.
+                     */
+                    case 'maxval':
+                        if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
+                        {
+                            $ok = false;
+                        }
+                        if ($value > $checkvalue)
+                        {
+                            $ok = false;
+                        }
+                        break;
+
+                    /**
+                     *	The minval check checks that the attribute value is a positive integer,
+                     *	and that it is not smaller than the given value.
+                     */
+                    case 'minval':
+                        if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
+                        {
+                            $ok = false;
+                        }
+                        if ($value < $checkvalue)
+                        {
+                            $ok = false;
+                        }
+                        break;
+
+                    /**
+                     *	The valueless check checks if the attribute has a value
+                     *	(like <a href="blah">) or not (<option selected>). If the given value
+                     *	is a "y" or a "Y", the attribute must not have a value.
+                     *	If the given value is an "n" or an "N", the attribute must have one.
+                     */
+                    case 'valueless':
+                    if (strtolower($checkvalue) != $vless)
+                    {
+                        $ok = false;
+                    }
+                    break;
+
+                }
+
+                return $ok;
+            }
+
+            /**
+             *	Changes \" to "
+             *
+             *	This function changes the character sequence  \"  to just  "
+             *	It leaves all other slashes alone. It's really weird, but the quoting from
+             *	preg_replace(//e) seems to require this.
+             *
+             *	@access private
+             *	@param string $string The string to be stripped.
+             *	@return string string stripped of \"
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _stripslashes($string)
+            {
+                return preg_replace('%\\\\"%', '"', $string);
+            }
+
+            /**
+             *	helper method for _hair()
+             *
+             *	This function deals with parsing errors in _hair(). The general plan is
+             *	to remove everything to and including some whitespace, but it deals with
+             *	quotes and apostrophes as well.
+             *
+             *	@access private
+             *	@param string $string The string to be stripped.
+             *	@return string string stripped of whitespace
+             *	@see _hair()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _html_error($string)
+            {
+                return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string);
+            }
+
+            /**
+             *	Decodes numeric HTML entities
+             *
+             *	This method decodes numeric HTML entities (&#65; and &#x41;). It doesn't
+             *	do anything with other entities like &auml;, but we don't need them in the
+             *	URL protocol white listing system anyway.
+             *
+             *	@access private
+             *	@param string $value The entitiy to be decoded.
+             *	@return string Decoded entity
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _decode_entities($string)
+            {
+                $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
+                $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string);
+                return $string;
+            }
+
+            /**
+             *	Returns PHP4 OOP version # of kses.
+             *
+             *	Since this class has been refactored and documented and proven to work,
+             *	I'm syncing the version number to procedural kses.
+             *
+             *	@access public
+             *	@return string Version number
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _version()
+            {
+                return 'PHP4 0.2.2 (OOP fork of procedural kses 0.2.2)';
+            }
+        }
+
+
+
+    }
 ?>
\ No newline at end of file

main/inc/lib/xajax/xajaxCompress.php

Indentation +136 added lines, -136 removed lines

@@ -42,141 +42,141 @@
  */
 function xajaxCompressJavascript($sJS)
 {
-	//remove windows cariage returns
-	$sJS = str_replace("\r","",$sJS);
-
-	//array to store replaced literal strings
-	$literal_strings = array();
-
-	//explode the string into lines
-	$lines = explode("\n",$sJS);
-	//loop through all the lines, building a new string at the same time as removing literal strings
-	$clean = "";
-	$inComment = false;
-	$literal = "";
-	$inQuote = false;
-	$escaped = false;
-	$quoteChar = "";
-
-	for($i=0;$i<count($lines);$i++)
-	{
-		$line = $lines[$i];
-		$inNormalComment = false;
-
-		//loop through line's characters and take out any literal strings, replace them with ___i___ where i is the index of this string
-		for($j=0;$j<strlen($line);$j++)
-		{
-			$c = substr($line,$j,1);
-			$d = substr($line,$j,2);
-
-			//look for start of quote
-			if(!$inQuote && !$inComment)
-			{
-				//is this character a quote or a comment
-				if(($c=="\"" || $c=="'") && !$inComment && !$inNormalComment)
-				{
-					$inQuote = true;
-					$inComment = false;
-					$escaped = false;
-					$quoteChar = $c;
-					$literal = $c;
-				}
-				else if($d=="/*" && !$inNormalComment)
-				{
-					$inQuote = false;
-					$inComment = true;
-					$escaped = false;
-					$quoteChar = $d;
-					$literal = $d;
-					$j++;
-				}
-				else if($d=="//") //ignore string markers that are found inside comments
-				{
-					$inNormalComment = true;
-					$clean .= $c;
-				}
-				else
-				{
-					$clean .= $c;
-				}
-			}
-			else //allready in a string so find end quote
-			{
-				if($c == $quoteChar && !$escaped && !$inComment)
-				{
-					$inQuote = false;
-					$literal .= $c;
-
-					//subsitute in a marker for the string
-					$clean .= "___" . count($literal_strings) . "___";
-
-					//push the string onto our array
-					array_push($literal_strings,$literal);
-
-				}
-				else if($inComment && $d=="*/")
-				{
-					$inComment = false;
-					$literal .= $d;
-
-					//subsitute in a marker for the string
-					$clean .= "___" . count($literal_strings) . "___";
-
-					//push the string onto our array
-					array_push($literal_strings,$literal);
-
-					$j++;
-				}
-				else if($c == "\\" && !$escaped)
-					$escaped = true;
-				else
-					$escaped = false;
-
-				$literal .= $c;
-			}
-		}
-		if($inComment) $literal .= "\n";
-		$clean .= "\n";
-	}
-	//explode the clean string into lines again
-	$lines = explode("\n",$clean);
-
-	//now process each line at a time
-	for($i=0;$i<count($lines);$i++)
-	{
-		$line = $lines[$i];
-
-		//remove comments
-		$line = preg_replace("/\/\/(.*)/","",$line);
-
-		//strip leading and trailing whitespace
-		$line = trim($line);
-
-		//remove all whitespace with a single space
-		$line = preg_replace("/\s+/"," ",$line);
-
-		//remove any whitespace that occurs after/before an operator
-		$line = preg_replace("/\s*([!\}\{;,&=\|\-\+\*\/\)\(:])\s*/","\\1",$line);
-
-		$lines[$i] = $line;
-	}
-
-	//implode the lines
-	$sJS = implode("\n",$lines);
-
-	//make sure there is a max of 1 \n after each line
-	$sJS = preg_replace("/[\n]+/","\n",$sJS);
-
-	//strip out line breaks that immediately follow a semi-colon
-	$sJS = preg_replace("/;\n/",";",$sJS);
-
-	//curly brackets aren't on their own
-	$sJS = preg_replace("/[\n]*\{[\n]*/","{",$sJS);
-
-	//finally loop through and replace all the literal strings:
-	for($i=0;$i<count($literal_strings);$i++)
-		$sJS = str_replace("___".$i."___",$literal_strings[$i],$sJS);
-
-	return $sJS;
+    //remove windows cariage returns
+    $sJS = str_replace("\r","",$sJS);
+
+    //array to store replaced literal strings
+    $literal_strings = array();
+
+    //explode the string into lines
+    $lines = explode("\n",$sJS);
+    //loop through all the lines, building a new string at the same time as removing literal strings
+    $clean = "";
+    $inComment = false;
+    $literal = "";
+    $inQuote = false;
+    $escaped = false;
+    $quoteChar = "";
+
+    for($i=0;$i<count($lines);$i++)
+    {
+        $line = $lines[$i];
+        $inNormalComment = false;
+
+        //loop through line's characters and take out any literal strings, replace them with ___i___ where i is the index of this string
+        for($j=0;$j<strlen($line);$j++)
+        {
+            $c = substr($line,$j,1);
+            $d = substr($line,$j,2);
+
+            //look for start of quote
+            if(!$inQuote && !$inComment)
+            {
+                //is this character a quote or a comment
+                if(($c=="\"" || $c=="'") && !$inComment && !$inNormalComment)
+                {
+                    $inQuote = true;
+                    $inComment = false;
+                    $escaped = false;
+                    $quoteChar = $c;
+                    $literal = $c;
+                }
+                else if($d=="/*" && !$inNormalComment)
+                {
+                    $inQuote = false;
+                    $inComment = true;
+                    $escaped = false;
+                    $quoteChar = $d;
+                    $literal = $d;
+                    $j++;
+                }
+                else if($d=="//") //ignore string markers that are found inside comments
+                {
+                    $inNormalComment = true;
+                    $clean .= $c;
+                }
+                else
+                {
+                    $clean .= $c;
+                }
+            }
+            else //allready in a string so find end quote
+            {
+                if($c == $quoteChar && !$escaped && !$inComment)
+                {
+                    $inQuote = false;
+                    $literal .= $c;
+
+                    //subsitute in a marker for the string
+                    $clean .= "___" . count($literal_strings) . "___";
+
+                    //push the string onto our array
+                    array_push($literal_strings,$literal);
+
+                }
+                else if($inComment && $d=="*/")
+                {
+                    $inComment = false;
+                    $literal .= $d;
+
+                    //subsitute in a marker for the string
+                    $clean .= "___" . count($literal_strings) . "___";
+
+                    //push the string onto our array
+                    array_push($literal_strings,$literal);
+
+                    $j++;
+                }
+                else if($c == "\\" && !$escaped)
+                    $escaped = true;
+                else
+                    $escaped = false;
+
+                $literal .= $c;
+            }
+        }
+        if($inComment) $literal .= "\n";
+        $clean .= "\n";
+    }
+    //explode the clean string into lines again
+    $lines = explode("\n",$clean);
+
+    //now process each line at a time
+    for($i=0;$i<count($lines);$i++)
+    {
+        $line = $lines[$i];
+
+        //remove comments
+        $line = preg_replace("/\/\/(.*)/","",$line);
+
+        //strip leading and trailing whitespace
+        $line = trim($line);
+
+        //remove all whitespace with a single space
+        $line = preg_replace("/\s+/"," ",$line);
+
+        //remove any whitespace that occurs after/before an operator
+        $line = preg_replace("/\s*([!\}\{;,&=\|\-\+\*\/\)\(:])\s*/","\\1",$line);
+
+        $lines[$i] = $line;
+    }
+
+    //implode the lines
+    $sJS = implode("\n",$lines);
+
+    //make sure there is a max of 1 \n after each line
+    $sJS = preg_replace("/[\n]+/","\n",$sJS);
+
+    //strip out line breaks that immediately follow a semi-colon
+    $sJS = preg_replace("/;\n/",";",$sJS);
+
+    //curly brackets aren't on their own
+    $sJS = preg_replace("/[\n]*\{[\n]*/","{",$sJS);
+
+    //finally loop through and replace all the literal strings:
+    for($i=0;$i<count($literal_strings);$i++)
+        $sJS = str_replace("___".$i."___",$literal_strings[$i],$sJS);
+
+    return $sJS;
 }
 ?>