chamilo / chamilo-lms

main/inc/lib/kses-0.2.2/oop/test.oop.kses.php

Indentation +503 added lines, -503 removed lines

@@ -1,507 +1,507 @@
 <?php
 
-	//	This is a q&d program that shows some of the results of
-	//	running KSES.  If you have further questions, check the
-	//	current valid email address at http://chaos.org/contact/
-
-	//	Make sure we're in a usable PHP environment
-	if(substr(phpversion(), 0, 1) < 4)
-	{
-		define('KSESTEST_VER', 0);
-	}
-	elseif(substr(phpversion(), 0, 1) >= 5)
-	{
-		define('KSESTEST_VER', 5);
-	}
-	else
-	{
-		define('KSESTEST_VER', 4);
-	}
-
-	//	See if we're in command line or web
-	if($_SERVER["DOCUMENT_ROOT"] == "")
-	{
-		define('KSESTEST_ENV', 'CLI');
-	}
-	else
-	{
-		define('KSESTEST_ENV', 'WEB');
-	}
-
-	if(KSESTEST_VER == 0)
-	{
-		$message = array(
-			"Error: Not using a current version of PHP!",
-			"You are using PHP version " . phpversion() . ".",
-			"KSES Class version requires PHP4 or better.",
-			"KSES test program ending."
-			);
-
-		displayPage(
-			array("title" => "Error running KSES test", "message" => $message)
-		);
-
-		exit();
-	}
-
-	$include_file = "php" . KSESTEST_VER . ".class.kses.php";
-	if(file_exists($include_file) && is_readable($include_file))
-	{
-		include_once($include_file);
-	}
-	else
-	{
-		$message = array(
-			"Error:  Unable to find '" . $include_file . "'.",
-			"Please check your include path and make sure the file is available.",
-			"Path: " . ini_get('include_path')
-		);
-
-		displayPage(
-			array('title' => 'Unable to include ' . $include_file, 'message' => $message)
-		);
-
-		exit();
-	}
-
-	$kses_type = "kses" . KSESTEST_VER;
-	$myKses = new $kses_type;
-
-	$test_text = array();
-	$test_text = test1_protocols($myKses);
-	$test_text = array_merge($test_text, test1_html($myKses));
-	$test_text = array_merge($test_text, test1_kses($myKses));
-
-	displayPage(
-		array('title' => 'New Test', 'message' => $test_text)
-	);
-
-	function test1_kses(&$myKses)
-	{
-		$out = array(output_hr(), "Testing current configuration");
-
-		$test_tags = array(
-			'<a href="http://www.chaos.org/">www.chaos.org</a>',
-			'<a name="X">Short \'a name\' tag</a>',
-			'<td colspan="3" rowspan="5">Foo</td>',
-			'<td rowspan="2" class="mugwump" style="background-color: rgb(255, 204 204);">Bar</td>',
-			'<td nowrap>Very Long String running to 1000 characters...</td>',
-			'<td bgcolor="#00ff00" nowrap>Very Long String with a blue background</td>',
-			'<a href="proto1://www.foo.com">New protocol test</a>',
-			'<img src="proto2://www.foo.com" />',
-			'<a href="javascript:javascript:javascript:javascript:javascript:alert(\'Boo!\');">bleep</a>',
-			'<a href="proto4://abc.xyz.foo.com">Another new protocol</a>',
-			'<a href="proto9://foo.foo.foo.foo.foo.org/">Test of "proto9"</a>',
-			'<td width="75">Bar!</td>',
-			'<td width="200">Long Cell</td>'
-		);
-
-		$out_li = array();
-		// Keep only allowed HTML from the presumed 'form'.
-		foreach($test_tags as $tag)
-		{
-			$temp  = $myKses->Parse($tag);
-			$check = ($temp == $tag) ? true : false;
-			$text  = ($temp == $tag) ? 'pass' : 'fail';
-
-			$li_text  = output_testresult($check, $text) . output_newline();
-			$li_text .= "Input: &nbsp;" . output_translate($tag) . output_newline();
-			$li_text .= "Output: " . output_translate($temp);
-			if(KSESTEST_ENV == 'CLI')
-			{
-				$li_text .= output_newline();
-			}
-
-			array_push($out_li, output_code_wrap($li_text));
-		}
-
-		$out = array_merge($out, array(output_ul($out_li)));
-		array_push($out, output_hr());
-		array_push($out, "Testing is now finished.");
-		return $out;
-	}
-
-	function output_code_wrap($text)
-	{
-		if(KSESTEST_ENV == 'CLI')
-		{
-			return $text;
-		}
-		else
-		{
-			return "<code>\n$text<code>\n";
-		}
-	}
-
-	function output_translate($text)
-	{
-		if(KSESTEST_ENV == 'CLI')
-		{
-			return $text;
-		}
-		else
-		{
-			return htmlentities($text);
-		}
-	}
-
-	function output_testresult($pass = false, $text = "")
-	{
-		if(KSESTEST_ENV == 'CLI')
-		{
-			return '[' . $text . ']';
-		}
-		else
-		{
-			if($pass == true)
-			{
-				return '<span style="color: green;">[' . $text . ']</span>';
-			}
-			else
-			{
-				return '<span style="color: red;">[' . $text . ']</span>';
-			}
-		}
-	}
-
-	function output_spaces()
-	{
-		if(KSESTEST_ENV == 'WEB')
-		{
-			$out = "&nbsp;&nbsp;&nbsp;";
-		}
-		else
-		{
-			$out = "   ";
-		}
-
-		return $out;
-	}
-
-	function output_newline()
-	{
-		if(KSESTEST_ENV == 'WEB')
-		{
-			$out = "<br />\n";
-		}
-		else
-		{
-			$out = "\n";
-		}
-
-		return $out;
-	}
-
-	function displayPage($data = array())
-	{
-		$title   = ($data['title'] == '') ? 'No title' : $data['title'];
-		$message = ($data['message'] == '') ? array('No message') : $data['message'];
-
-		$out = "";
-
-		foreach($message as $text)
-		{
-			if(KSESTEST_ENV == 'WEB')
-			{
-				$header = "\t\t<h1>$title</h1>\n\t\t<hr />\n";
-				$out .= "\t\t<p>\n";
-				$out .= "\t\t\t$text\n";
-				$out .= "\t\t</p>\n";
-			}
-			else
-			{
-				$header = "$title\n" . str_repeat('-', 60) . "\n\n";
-				$out .= "\t$text\n\n";
-			}
-		}
-
-		if(KSESTEST_ENV == 'WEB')
-		{
-			echo "<html>\n";
-			echo "\t<head>\n";
-			echo "\t\t<title>$title</title>\n";
-			echo "\t</head>\n";
-			echo "\t<body>\n";
-			echo $header;
-			echo $out;
-			echo "\t</body>\n";
-			echo "</html>\n";
-		}
-		else
-		{
-			echo $header;
-			echo $out;
-		}
-	}
-
-	function output_hr()
-	{
-		if(KSESTEST_ENV == 'WEB')
-		{
-			return "\t\t\t<hr />\n";
-		}
-		else
-		{
-			return str_repeat(60, '-') . "\n";
-		}
-	}
-
-	function output_ul($data = array(), $padding = "")
-	{
-		if(!is_array($data) || count($data) < 1)
-		{
-			return "";
-		}
-
-		$text = "";
-		if(KSESTEST_ENV == 'WEB')
-		{
-			$text = "\t\t\t<ul>\n";
-			foreach($data as $li)
-			{
-				$text .= "\t\t\t\t<li>$li</li>\n";
-			}
-			$text .= "\t\t\t</ul>\n";
-		}
-		else
-		{
-			foreach($data as $li)
-			{
-				$text .= $padding . "   * $li\n";
-			}
-		}
-
-		return $text;
-	}
-
-	function test1_protocols(&$myKses)
-	{
-		$default_prots = $myKses->dumpProtocols();
-		$out_text = array();
-		if(count($default_prots) > 0)
-		{
-			array_push($out_text, "Initial protocols from KSES" . KSESTEST_VER . ":");
-			array_push($out_text, output_ul($default_prots));
-			array_push($out_text, output_hr());
-		}
-
-		$myKses->AddProtocols(array("proto1", "proto2:", "proto3"));   // Add a list of protocols
-		$myKses->AddProtocols("proto4:");  // Add a single protocol (Note ':' is optional at end)
-		$myKses->AddProtocol("proto9", "mystery:", "anarchy");
-		$myKses->AddProtocol("alpha", "beta", "gamma:");
-
-		$add_protocol  = "\t\t\t<ol>\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols(array("proto1", "proto2:", "proto3"));</li>' . "\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols("proto4:");</li>' . "\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols("proto4:");</li>' . "\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocol("proto9", "mystery:", "anarchy");</li>' . "\n";
-		$add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocol("alpha", "beta", "gamma:");</li>' . "\n";
-		$add_protocol .= "\t\t\t</ol>\n";
-
-		array_push($out_text, $add_protocol);
-
-		$new_prots = $myKses->dumpProtocols();
-		if(count($new_prots) > 0)
-		{
-			array_push($out_text, "New protocols from KSES" . KSESTEST_VER . " after using AddProtocol(s):");
-			array_push($out_text, output_ul($new_prots));
-			array_push($out_text, output_hr());
-		}
-
-		$myKses->RemoveProtocols(array("mystery", "anarchy:"));
-		$myKses->RemoveProtocols("alpha:");
-		$myKses->RemoveProtocol("beta:");
-		$myKses->RemoveProtocol("gamma");
-
-		$remove_protocol  = "\t\t\t<ol>\n";
-		$remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocols(array("mystery", "anarchy:"));</li>' . "\n";
-		$remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocols("alpha:");</li>' . "\n";
-		$remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocol("beta:");</li>' . "\n";
-		$remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocol("gamma");</li>' . "\n";
-		$remove_protocol .= "\t\t\t</ol>\n";
-		array_push($out_text, $remove_protocol);
-
-		$new_prots = $myKses->dumpProtocols();
-		if(count($new_prots) > 0)
-		{
-			array_push($out_text, "Resulting protocols from KSES" . KSESTEST_VER . " after using RemoveProtocol(s):");
-			array_push($out_text, output_ul($new_prots));
-			array_push($out_text, output_hr());
-		}
-
-		$myKses->SetProtocols(array("https", "gopher", "news"));
-		$set_protocol  = "\t\t\t<ol>\n";
-		$set_protocol .= "\t\t\t\t" . '<li>$myKses->SetProtocols(array("https", "gopher", "news"));</li>' . "\n";
-		$set_protocol .= "\t\t\t</ol>\n";
-		array_push($out_text, $set_protocol);
-
-		$new_prots = $myKses->dumpProtocols();
-		if(count($new_prots) > 0)
-		{
-			array_push($out_text, "Resulting protocols from KSES" . KSESTEST_VER . " after using SetProtocols:");
-			array_push($out_text, output_ul($new_prots));
-			array_push($out_text, output_hr());
-		}
-
-		//	Invisible reset
-		$myKses->SetProtocols(array("http", "proto1", "proto2", "proto9"));
-
-		return $out_text;
-	}
-
-	function test1_html(&$myKses)
-	{
-		$out = array();
-
-		//	Allows <p>|</p> tag
-		$myKses->AddHTML("p");
-
-		//	Allows 'a' tag with href|name attributes,
-		//	href has minlen of 10 chars, and maxlen of 25 chars
-		//	name has minlen of  2 chars
-		$myKses->AddHTML(
-			"a",
-			array(
-				"href" => array('maxlen' => 25, 'minlen' => 10),
-				"name" => array('minlen' => 2)
-			)
-		);
-
-		//	Allows 'td' tag with colspan|rowspan|class|style|width|nowrap attributes,
-		//		colspan has minval of   2       and maxval of 5
-		//		rowspan has minval of   3       and maxval of 6
-		//		class   has minlen of   1 char  and maxlen of   10 chars
-		//		style   has minlen of  10 chars and maxlen of 100 chars
-		//		width   has maxval of 100
-		//		nowrap  is valueless
-		$myKses->AddHTML(
-			"td",
-			array(
-				"colspan" => array('minval' =>   2, 'maxval' =>   5),
-				"rowspan" => array('minval' =>   3, 'maxval' =>   6),
-				"class"   => array("minlen" =>   1, 'maxlen' =>  10),
-				"width"   => array("maxval" => 100),
-				"style"   => array('minlen' =>  10, 'maxlen' => 100),
-				"nowrap"  => array('valueless' => 'y')
-			)
-		);
-
-		array_push($out, "Modifying HTML Tests:");
-		$code_text  = "<pre>\n";
-		$code_text .= "      //   Allows &lt;p&gt;|&lt;/p&gt; tag\n";
-		$code_text .= "      \$myKses-&gt;AddHTML(\"p\");\n";
-		$code_text .= "\n";
-		$code_text .= "      //   Allows 'a' tag with href|name attributes,\n";
-		$code_text .= "      //   href has minlen of 10 chars, and maxlen of 25 chars\n";
-		$code_text .= "      //   name has minlen of  2 chars\n";
-		$code_text .= "      \$myKses-&gt;AddHTML(\n";
-		$code_text .= "         \"a\",\n";
-		$code_text .= "         array(\n";
-		$code_text .= "            \"href\" =&gt; array('maxlen' =&gt; 25, 'minlen' =&gt; 10),\n";
-		$code_text .= "            \"name\" =&gt; array('minlen' =&gt; 2)\n";
-		$code_text .= "         )\n";
-		$code_text .= "      );\n";
-		$code_text .= "\n";
-		$code_text .= "      //   Allows 'td' tag with colspan|rowspan|class|style|width|nowrap attributes,\n";
-		$code_text .= "      //      colspan has minval of   2       and maxval of 5\n";
-		$code_text .= "      //      rowspan has minval of   3       and maxval of 6\n";
-		$code_text .= "      //      class   has minlen of   1 char  and maxlen of   10 chars\n";
-		$code_text .= "      //      style   has minlen of  10 chars and maxlen of 100 chars\n";
-		$code_text .= "      //      width   has maxval of 100\n";
-		$code_text .= "      //      nowrap  is valueless\n";
-		$code_text .= "      \$myKses-&gt;AddHTML(\n";
-		$code_text .= "         \"td\",\n";
-		$code_text .= "         array(\n";
-		$code_text .= "            \"colspan\" =&gt; array('minval' =&gt;   2, 'maxval' =&gt;   5),\n";
-		$code_text .= "            \"rowspan\" =&gt; array('minval' =&gt;   3, 'maxval' =&gt;   6),\n";
-		$code_text .= "            \"class\"   =&gt; array(\"minlen\" =&gt;   1, 'maxlen' =&gt;  10),\n";
-		$code_text .= "            \"width\"   =&gt; array(\"maxval\" =&gt; 100),\n";
-		$code_text .= "            \"style\"   =&gt; array('minlen' =&gt;  10, 'maxlen' =&gt; 100),\n";
-		$code_text .= "            \"nowrap\"  =&gt; array('valueless' =&gt; 'y')\n";
-		$code_text .= "         )\n";
-		$code_text .= "      );\n";
-		$code_text .= "</pre>\n";
-
-		array_push($out, $code_text);
-		array_push($out, output_hr());
-		array_push($out, "Net results:");
-
-		$out_elems = $myKses->DumpElements();
-		if(count($out_elems) > 0)
-		{
-			//array_push($out, "\t\t\t<ul>\n");
-			foreach($out_elems as $tag => $attr_data)
-			{
-				$out_li_elems = array();
-				$elem_text = "(X)HTML element $tag";
-				$allow = "";
-				if(isset($attr_data) && is_array($attr_data) && count($attr_data) > 0)
-				{
-					$allow = " allows attribute";
-					if(count($attr_data) > 1)
-					{
-						$allow .= "s";
-					}
-					$allow .= ":\n";
-				}
-
-				array_push($out_li_elems, "$elem_text$allow");
-
-				$attr_test_li = array();
-				if(isset($attr_data) && is_array($attr_data) && count($attr_data) > 0)
-				{
-					foreach($attr_data as $attr_name => $attr_tests)
-					{
-						$li_text = $attr_name;
-						if(isset($attr_tests) && count($attr_tests) > 0)
-						{
-							foreach($attr_tests as $test_name => $test_val)
-							{
-								switch($test_name)
-								{
-									case "maxlen":
-										$li_text .= " - maximum length of '" . $test_val . "' characters";
-										break;
-									case "minlen":
-										$li_text .= " - minimum length of '" . $test_val . "' characters";
-										break;
-									case "minval":
-										$li_text .= " - minimum value of '" . $test_val . "'";
-										break;
-									case "maxval":
-										$li_text .= " - maximum value of '" . $test_val . "'";
-										break;
-									case "valueless":
-										switch(strtolower($test_val))
-										{
-											case 'n':
-												$li_text .= " - must not be valueless";
-												break;
-											case 'y':
-												$li_text .= " - must be valueless";
-												break;
-											default:
-												break;
-										}
-										break;
-									default:
-										break;
-								}
-							}
-						}
-						array_push($attr_test_li, $li_text);
-					}
-					if(count($attr_test_li) > 0)
-					{
-						$attr_test_li = output_ul($attr_test_li, "   ");
-						$out_li_elems = array("$elem_text$allow$attr_test_li");
-					}
-				}
-				$out = array_merge($out, $out_li_elems);
-			}
-		}
-
-		return $out;
-	}
+    //	This is a q&d program that shows some of the results of
+    //	running KSES.  If you have further questions, check the
+    //	current valid email address at http://chaos.org/contact/
+
+    //	Make sure we're in a usable PHP environment
+    if(substr(phpversion(), 0, 1) < 4)
+    {
+        define('KSESTEST_VER', 0);
+    }
+    elseif(substr(phpversion(), 0, 1) >= 5)
+    {
+        define('KSESTEST_VER', 5);
+    }
+    else
+    {
+        define('KSESTEST_VER', 4);
+    }
+
+    //	See if we're in command line or web
+    if($_SERVER["DOCUMENT_ROOT"] == "")
+    {
+        define('KSESTEST_ENV', 'CLI');
+    }
+    else
+    {
+        define('KSESTEST_ENV', 'WEB');
+    }
+
+    if(KSESTEST_VER == 0)
+    {
+        $message = array(
+            "Error: Not using a current version of PHP!",
+            "You are using PHP version " . phpversion() . ".",
+            "KSES Class version requires PHP4 or better.",
+            "KSES test program ending."
+            );
+
+        displayPage(
+            array("title" => "Error running KSES test", "message" => $message)
+        );
+
+        exit();
+    }
+
+    $include_file = "php" . KSESTEST_VER . ".class.kses.php";
+    if(file_exists($include_file) && is_readable($include_file))
+    {
+        include_once($include_file);
+    }
+    else
+    {
+        $message = array(
+            "Error:  Unable to find '" . $include_file . "'.",
+            "Please check your include path and make sure the file is available.",
+            "Path: " . ini_get('include_path')
+        );
+
+        displayPage(
+            array('title' => 'Unable to include ' . $include_file, 'message' => $message)
+        );
+
+        exit();
+    }
+
+    $kses_type = "kses" . KSESTEST_VER;
+    $myKses = new $kses_type;
+
+    $test_text = array();
+    $test_text = test1_protocols($myKses);
+    $test_text = array_merge($test_text, test1_html($myKses));
+    $test_text = array_merge($test_text, test1_kses($myKses));
+
+    displayPage(
+        array('title' => 'New Test', 'message' => $test_text)
+    );
+
+    function test1_kses(&$myKses)
+    {
+        $out = array(output_hr(), "Testing current configuration");
+
+        $test_tags = array(
+            '<a href="http://www.chaos.org/">www.chaos.org</a>',
+            '<a name="X">Short \'a name\' tag</a>',
+            '<td colspan="3" rowspan="5">Foo</td>',
+            '<td rowspan="2" class="mugwump" style="background-color: rgb(255, 204 204);">Bar</td>',
+            '<td nowrap>Very Long String running to 1000 characters...</td>',
+            '<td bgcolor="#00ff00" nowrap>Very Long String with a blue background</td>',
+            '<a href="proto1://www.foo.com">New protocol test</a>',
+            '<img src="proto2://www.foo.com" />',
+            '<a href="javascript:javascript:javascript:javascript:javascript:alert(\'Boo!\');">bleep</a>',
+            '<a href="proto4://abc.xyz.foo.com">Another new protocol</a>',
+            '<a href="proto9://foo.foo.foo.foo.foo.org/">Test of "proto9"</a>',
+            '<td width="75">Bar!</td>',
+            '<td width="200">Long Cell</td>'
+        );
+
+        $out_li = array();
+        // Keep only allowed HTML from the presumed 'form'.
+        foreach($test_tags as $tag)
+        {
+            $temp  = $myKses->Parse($tag);
+            $check = ($temp == $tag) ? true : false;
+            $text  = ($temp == $tag) ? 'pass' : 'fail';
+
+            $li_text  = output_testresult($check, $text) . output_newline();
+            $li_text .= "Input: &nbsp;" . output_translate($tag) . output_newline();
+            $li_text .= "Output: " . output_translate($temp);
+            if(KSESTEST_ENV == 'CLI')
+            {
+                $li_text .= output_newline();
+            }
+
+            array_push($out_li, output_code_wrap($li_text));
+        }
+
+        $out = array_merge($out, array(output_ul($out_li)));
+        array_push($out, output_hr());
+        array_push($out, "Testing is now finished.");
+        return $out;
+    }
+
+    function output_code_wrap($text)
+    {
+        if(KSESTEST_ENV == 'CLI')
+        {
+            return $text;
+        }
+        else
+        {
+            return "<code>\n$text<code>\n";
+        }
+    }
+
+    function output_translate($text)
+    {
+        if(KSESTEST_ENV == 'CLI')
+        {
+            return $text;
+        }
+        else
+        {
+            return htmlentities($text);
+        }
+    }
+
+    function output_testresult($pass = false, $text = "")
+    {
+        if(KSESTEST_ENV == 'CLI')
+        {
+            return '[' . $text . ']';
+        }
+        else
+        {
+            if($pass == true)
+            {
+                return '<span style="color: green;">[' . $text . ']</span>';
+            }
+            else
+            {
+                return '<span style="color: red;">[' . $text . ']</span>';
+            }
+        }
+    }
+
+    function output_spaces()
+    {
+        if(KSESTEST_ENV == 'WEB')
+        {
+            $out = "&nbsp;&nbsp;&nbsp;";
+        }
+        else
+        {
+            $out = "   ";
+        }
+
+        return $out;
+    }
+
+    function output_newline()
+    {
+        if(KSESTEST_ENV == 'WEB')
+        {
+            $out = "<br />\n";
+        }
+        else
+        {
+            $out = "\n";
+        }
+
+        return $out;
+    }
+
+    function displayPage($data = array())
+    {
+        $title   = ($data['title'] == '') ? 'No title' : $data['title'];
+        $message = ($data['message'] == '') ? array('No message') : $data['message'];
+
+        $out = "";
+
+        foreach($message as $text)
+        {
+            if(KSESTEST_ENV == 'WEB')
+            {
+                $header = "\t\t<h1>$title</h1>\n\t\t<hr />\n";
+                $out .= "\t\t<p>\n";
+                $out .= "\t\t\t$text\n";
+                $out .= "\t\t</p>\n";
+            }
+            else
+            {
+                $header = "$title\n" . str_repeat('-', 60) . "\n\n";
+                $out .= "\t$text\n\n";
+            }
+        }
+
+        if(KSESTEST_ENV == 'WEB')
+        {
+            echo "<html>\n";
+            echo "\t<head>\n";
+            echo "\t\t<title>$title</title>\n";
+            echo "\t</head>\n";
+            echo "\t<body>\n";
+            echo $header;
+            echo $out;
+            echo "\t</body>\n";
+            echo "</html>\n";
+        }
+        else
+        {
+            echo $header;
+            echo $out;
+        }
+    }
+
+    function output_hr()
+    {
+        if(KSESTEST_ENV == 'WEB')
+        {
+            return "\t\t\t<hr />\n";
+        }
+        else
+        {
+            return str_repeat(60, '-') . "\n";
+        }
+    }
+
+    function output_ul($data = array(), $padding = "")
+    {
+        if(!is_array($data) || count($data) < 1)
+        {
+            return "";
+        }
+
+        $text = "";
+        if(KSESTEST_ENV == 'WEB')
+        {
+            $text = "\t\t\t<ul>\n";
+            foreach($data as $li)
+            {
+                $text .= "\t\t\t\t<li>$li</li>\n";
+            }
+            $text .= "\t\t\t</ul>\n";
+        }
+        else
+        {
+            foreach($data as $li)
+            {
+                $text .= $padding . "   * $li\n";
+            }
+        }
+
+        return $text;
+    }
+
+    function test1_protocols(&$myKses)
+    {
+        $default_prots = $myKses->dumpProtocols();
+        $out_text = array();
+        if(count($default_prots) > 0)
+        {
+            array_push($out_text, "Initial protocols from KSES" . KSESTEST_VER . ":");
+            array_push($out_text, output_ul($default_prots));
+            array_push($out_text, output_hr());
+        }
+
+        $myKses->AddProtocols(array("proto1", "proto2:", "proto3"));   // Add a list of protocols
+        $myKses->AddProtocols("proto4:");  // Add a single protocol (Note ':' is optional at end)
+        $myKses->AddProtocol("proto9", "mystery:", "anarchy");
+        $myKses->AddProtocol("alpha", "beta", "gamma:");
+
+        $add_protocol  = "\t\t\t<ol>\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols(array("proto1", "proto2:", "proto3"));</li>' . "\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols("proto4:");</li>' . "\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocols("proto4:");</li>' . "\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocol("proto9", "mystery:", "anarchy");</li>' . "\n";
+        $add_protocol .= "\t\t\t\t" . '<li>$myKses->AddProtocol("alpha", "beta", "gamma:");</li>' . "\n";
+        $add_protocol .= "\t\t\t</ol>\n";
+
+        array_push($out_text, $add_protocol);
+
+        $new_prots = $myKses->dumpProtocols();
+        if(count($new_prots) > 0)
+        {
+            array_push($out_text, "New protocols from KSES" . KSESTEST_VER . " after using AddProtocol(s):");
+            array_push($out_text, output_ul($new_prots));
+            array_push($out_text, output_hr());
+        }
+
+        $myKses->RemoveProtocols(array("mystery", "anarchy:"));
+        $myKses->RemoveProtocols("alpha:");
+        $myKses->RemoveProtocol("beta:");
+        $myKses->RemoveProtocol("gamma");
+
+        $remove_protocol  = "\t\t\t<ol>\n";
+        $remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocols(array("mystery", "anarchy:"));</li>' . "\n";
+        $remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocols("alpha:");</li>' . "\n";
+        $remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocol("beta:");</li>' . "\n";
+        $remove_protocol .= "\t\t\t\t" . '<li>$myKses->RemoveProtocol("gamma");</li>' . "\n";
+        $remove_protocol .= "\t\t\t</ol>\n";
+        array_push($out_text, $remove_protocol);
+
+        $new_prots = $myKses->dumpProtocols();
+        if(count($new_prots) > 0)
+        {
+            array_push($out_text, "Resulting protocols from KSES" . KSESTEST_VER . " after using RemoveProtocol(s):");
+            array_push($out_text, output_ul($new_prots));
+            array_push($out_text, output_hr());
+        }
+
+        $myKses->SetProtocols(array("https", "gopher", "news"));
+        $set_protocol  = "\t\t\t<ol>\n";
+        $set_protocol .= "\t\t\t\t" . '<li>$myKses->SetProtocols(array("https", "gopher", "news"));</li>' . "\n";
+        $set_protocol .= "\t\t\t</ol>\n";
+        array_push($out_text, $set_protocol);
+
+        $new_prots = $myKses->dumpProtocols();
+        if(count($new_prots) > 0)
+        {
+            array_push($out_text, "Resulting protocols from KSES" . KSESTEST_VER . " after using SetProtocols:");
+            array_push($out_text, output_ul($new_prots));
+            array_push($out_text, output_hr());
+        }
+
+        //	Invisible reset
+        $myKses->SetProtocols(array("http", "proto1", "proto2", "proto9"));
+
+        return $out_text;
+    }
+
+    function test1_html(&$myKses)
+    {
+        $out = array();
+
+        //	Allows <p>|</p> tag
+        $myKses->AddHTML("p");
+
+        //	Allows 'a' tag with href|name attributes,
+        //	href has minlen of 10 chars, and maxlen of 25 chars
+        //	name has minlen of  2 chars
+        $myKses->AddHTML(
+            "a",
+            array(
+                "href" => array('maxlen' => 25, 'minlen' => 10),
+                "name" => array('minlen' => 2)
+            )
+        );
+
+        //	Allows 'td' tag with colspan|rowspan|class|style|width|nowrap attributes,
+        //		colspan has minval of   2       and maxval of 5
+        //		rowspan has minval of   3       and maxval of 6
+        //		class   has minlen of   1 char  and maxlen of   10 chars
+        //		style   has minlen of  10 chars and maxlen of 100 chars
+        //		width   has maxval of 100
+        //		nowrap  is valueless
+        $myKses->AddHTML(
+            "td",
+            array(
+                "colspan" => array('minval' =>   2, 'maxval' =>   5),
+                "rowspan" => array('minval' =>   3, 'maxval' =>   6),
+                "class"   => array("minlen" =>   1, 'maxlen' =>  10),
+                "width"   => array("maxval" => 100),
+                "style"   => array('minlen' =>  10, 'maxlen' => 100),
+                "nowrap"  => array('valueless' => 'y')
+            )
+        );
+
+        array_push($out, "Modifying HTML Tests:");
+        $code_text  = "<pre>\n";
+        $code_text .= "      //   Allows &lt;p&gt;|&lt;/p&gt; tag\n";
+        $code_text .= "      \$myKses-&gt;AddHTML(\"p\");\n";
+        $code_text .= "\n";
+        $code_text .= "      //   Allows 'a' tag with href|name attributes,\n";
+        $code_text .= "      //   href has minlen of 10 chars, and maxlen of 25 chars\n";
+        $code_text .= "      //   name has minlen of  2 chars\n";
+        $code_text .= "      \$myKses-&gt;AddHTML(\n";
+        $code_text .= "         \"a\",\n";
+        $code_text .= "         array(\n";
+        $code_text .= "            \"href\" =&gt; array('maxlen' =&gt; 25, 'minlen' =&gt; 10),\n";
+        $code_text .= "            \"name\" =&gt; array('minlen' =&gt; 2)\n";
+        $code_text .= "         )\n";
+        $code_text .= "      );\n";
+        $code_text .= "\n";
+        $code_text .= "      //   Allows 'td' tag with colspan|rowspan|class|style|width|nowrap attributes,\n";
+        $code_text .= "      //      colspan has minval of   2       and maxval of 5\n";
+        $code_text .= "      //      rowspan has minval of   3       and maxval of 6\n";
+        $code_text .= "      //      class   has minlen of   1 char  and maxlen of   10 chars\n";
+        $code_text .= "      //      style   has minlen of  10 chars and maxlen of 100 chars\n";
+        $code_text .= "      //      width   has maxval of 100\n";
+        $code_text .= "      //      nowrap  is valueless\n";
+        $code_text .= "      \$myKses-&gt;AddHTML(\n";
+        $code_text .= "         \"td\",\n";
+        $code_text .= "         array(\n";
+        $code_text .= "            \"colspan\" =&gt; array('minval' =&gt;   2, 'maxval' =&gt;   5),\n";
+        $code_text .= "            \"rowspan\" =&gt; array('minval' =&gt;   3, 'maxval' =&gt;   6),\n";
+        $code_text .= "            \"class\"   =&gt; array(\"minlen\" =&gt;   1, 'maxlen' =&gt;  10),\n";
+        $code_text .= "            \"width\"   =&gt; array(\"maxval\" =&gt; 100),\n";
+        $code_text .= "            \"style\"   =&gt; array('minlen' =&gt;  10, 'maxlen' =&gt; 100),\n";
+        $code_text .= "            \"nowrap\"  =&gt; array('valueless' =&gt; 'y')\n";
+        $code_text .= "         )\n";
+        $code_text .= "      );\n";
+        $code_text .= "</pre>\n";
+
+        array_push($out, $code_text);
+        array_push($out, output_hr());
+        array_push($out, "Net results:");
+
+        $out_elems = $myKses->DumpElements();
+        if(count($out_elems) > 0)
+        {
+            //array_push($out, "\t\t\t<ul>\n");
+            foreach($out_elems as $tag => $attr_data)
+            {
+                $out_li_elems = array();
+                $elem_text = "(X)HTML element $tag";
+                $allow = "";
+                if(isset($attr_data) && is_array($attr_data) && count($attr_data) > 0)
+                {
+                    $allow = " allows attribute";
+                    if(count($attr_data) > 1)
+                    {
+                        $allow .= "s";
+                    }
+                    $allow .= ":\n";
+                }
+
+                array_push($out_li_elems, "$elem_text$allow");
+
+                $attr_test_li = array();
+                if(isset($attr_data) && is_array($attr_data) && count($attr_data) > 0)
+                {
+                    foreach($attr_data as $attr_name => $attr_tests)
+                    {
+                        $li_text = $attr_name;
+                        if(isset($attr_tests) && count($attr_tests) > 0)
+                        {
+                            foreach($attr_tests as $test_name => $test_val)
+                            {
+                                switch($test_name)
+                                {
+                                    case "maxlen":
+                                        $li_text .= " - maximum length of '" . $test_val . "' characters";
+                                        break;
+                                    case "minlen":
+                                        $li_text .= " - minimum length of '" . $test_val . "' characters";
+                                        break;
+                                    case "minval":
+                                        $li_text .= " - minimum value of '" . $test_val . "'";
+                                        break;
+                                    case "maxval":
+                                        $li_text .= " - maximum value of '" . $test_val . "'";
+                                        break;
+                                    case "valueless":
+                                        switch(strtolower($test_val))
+                                        {
+                                            case 'n':
+                                                $li_text .= " - must not be valueless";
+                                                break;
+                                            case 'y':
+                                                $li_text .= " - must be valueless";
+                                                break;
+                                            default:
+                                                break;
+                                        }
+                                        break;
+                                    default:
+                                        break;
+                                }
+                            }
+                        }
+                        array_push($attr_test_li, $li_text);
+                    }
+                    if(count($attr_test_li) > 0)
+                    {
+                        $attr_test_li = output_ul($attr_test_li, "   ");
+                        $out_li_elems = array("$elem_text$allow$attr_test_li");
+                    }
+                }
+                $out = array_merge($out, $out_li_elems);
+            }
+        }
+
+        return $out;
+    }
 
 ?>
\ No newline at end of file

main/inc/lib/kses-0.2.2/oop/php4.class.kses.php

Indentation +1137 added lines, -1137 removed lines

@@ -1,5 +1,5 @@ 
 <?php
-	/*
+    /*
 	 * ==========================================================================================
 	 *
 	 * This program is free software and open source software; you can redistribute
@@ -20,1143 +20,1143 @@ 
 	 * ==========================================================================================
 	 */
 
-	/**
-	*	Class file for PHP4 OOP version of kses
-	*
-	*	This is an updated version of kses to work with PHP4 that works under E_STRICT.
-	*
-	*	This upgrade provides the following:
-	*	+ Version number synced to procedural version number
-	*	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
-	*	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
-	*	+ Kses4 now works in E_STRICT
-	*	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol() and RemoveProtocols()
-	*	+ Deprecated _hook(), Protocols()
-	*	+ Integrated code from kses 0.2.2 into class.
-	*	+ Added methods DumpProtocols(), DumpMethods()
-	*
-	*	@package    kses
-	*	@subpackage kses4
-	*/
-
-	if(substr(phpversion(), 0, 1) < 4)
-	{
-		die("Class kses requires PHP 4 or higher.");
-	}
-
-	/**
-	*	Only install KSES4 once
-	*/
-	if(!defined('KSES_CLASS_PHP4'))
-	{
-		define('KSES_CLASS_PHP4', true);
-
-	/**
-	*	Kses strips evil scripts!
-	*
-	*	This class provides the capability for removing unwanted HTML/XHTML, attributes from
-	*	tags, and protocols contained in links.  The net result is a much more powerful tool
-	*	than the PHP internal strip_tags()
-	*
-	*	This is a fork of a slick piece of procedural code called 'kses' written by Ulf Harnhammar
-	*	The entire set of functions was wrapped in a PHP object with some internal modifications
-	*	by Richard Vasquez (http://www.chaos.org/) 7/25/2003
-	*
-	*	This upgrade provides the following:
-	*	+ Version number synced to procedural version number
-	*	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
-	*	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
-	*	+ Kses4 now works in E_STRICT
-	*	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols()
-	*	+ Deprecated _hook(), Protocols()
-	*	+ Integrated code from kses 0.2.2 into class.
-	*
-	*	@author     Richard R. V�squez, Jr. (Original procedural code by Ulf H�rnhammar)
-	*	@link       http://sourceforge.net/projects/kses/ Home Page for Kses
-	*	@link       http://chaos.org/contact/ Contact page with current email address for Richard Vasquez
-	*	@copyright  Richard R. V�squez, Jr. 2003-2005
-	*	@version    PHP4 OOP 0.2.2
-	*	@license    http://www.gnu.org/licenses/gpl.html GNU Public License
-	*	@package    kses
-	*/
-		class kses4
-		{
-			/**#@+
+    /**
+     *	Class file for PHP4 OOP version of kses
+     *
+     *	This is an updated version of kses to work with PHP4 that works under E_STRICT.
+     *
+     *	This upgrade provides the following:
+     *	+ Version number synced to procedural version number
+     *	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
+     *	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
+     *	+ Kses4 now works in E_STRICT
+     *	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol() and RemoveProtocols()
+     *	+ Deprecated _hook(), Protocols()
+     *	+ Integrated code from kses 0.2.2 into class.
+     *	+ Added methods DumpProtocols(), DumpMethods()
+     *
+     *	@package    kses
+     *	@subpackage kses4
+     */
+
+    if(substr(phpversion(), 0, 1) < 4)
+    {
+        die("Class kses requires PHP 4 or higher.");
+    }
+
+    /**
+     *	Only install KSES4 once
+     */
+    if(!defined('KSES_CLASS_PHP4'))
+    {
+        define('KSES_CLASS_PHP4', true);
+
+    /**
+     *	Kses strips evil scripts!
+     *
+     *	This class provides the capability for removing unwanted HTML/XHTML, attributes from
+     *	tags, and protocols contained in links.  The net result is a much more powerful tool
+     *	than the PHP internal strip_tags()
+     *
+     *	This is a fork of a slick piece of procedural code called 'kses' written by Ulf Harnhammar
+     *	The entire set of functions was wrapped in a PHP object with some internal modifications
+     *	by Richard Vasquez (http://www.chaos.org/) 7/25/2003
+     *
+     *	This upgrade provides the following:
+     *	+ Version number synced to procedural version number
+     *	+ PHPdoc style documentation has been added to the class.  See http://www.phpdoc.org/ for more info.
+     *	+ Some methods are now deprecated due to nomenclature style change.  See method documentation for specifics.
+     *	+ Kses4 now works in E_STRICT
+     *	+ Addition of methods AddProtocols(), filterKsestextHook(), RemoveProtocol(), RemoveProtocols() and SetProtocols()
+     *	+ Deprecated _hook(), Protocols()
+     *	+ Integrated code from kses 0.2.2 into class.
+     *
+     *	@author     Richard R. V�squez, Jr. (Original procedural code by Ulf H�rnhammar)
+     *	@link       http://sourceforge.net/projects/kses/ Home Page for Kses
+     *	@link       http://chaos.org/contact/ Contact page with current email address for Richard Vasquez
+     *	@copyright  Richard R. V�squez, Jr. 2003-2005
+     *	@version    PHP4 OOP 0.2.2
+     *	@license    http://www.gnu.org/licenses/gpl.html GNU Public License
+     *	@package    kses
+     */
+        class kses4
+        {
+            /**#@+
 			 *	@access private
 			 *	@var array
 			 */
-			var $allowed_protocols = array();
-			var $allowed_html      = array();
-			/**#@-*/
-
-			/**
-			 *	Constructor for kses.
-			 *
-			 *	This sets a default collection of protocols allowed in links, and creates an
-			 *	empty set of allowed HTML tags.
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function kses4()
-			{
-				/**
-				 *	You could add protocols such as ftp, new, gopher, mailto, irc, etc.
-				 *
-				 *	The base values the original kses provided were:
-				 *		'http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto'
-				 */
-				$this->allowed_protocols = array('http', 'ftp', 'mailto');
-				$this->allowed_html      = array();
-			}
-
-			/**
-			 *	Basic task of kses - parses $string and strips it as required.
-			 *
-			 *	This method strips all the disallowed (X)HTML tags, attributes
-			 *	and protocols from the input $string.
-			 *
-			 *	@access public
-			 *	@param string $string String to be stripped of 'evil scripts'
-			 *	@return string The stripped string
-			 *	@since PHP4 OOP 0.2.1
-			 */
-			function Parse($string = "")
-			{
-				if (get_magic_quotes_gpc())
-				{
-					$string = stripslashes($string);
-				}
-				$string = $this->_no_null($string);
-				$string = $this->_js_entities($string);
-				$string = $this->_normalize_entities($string);
-				$string = $this->filterKsesTextHook($string);
-				return    $this->_split($string);
-			}
-
-			/**
-			 *	Allows for single/batch addition of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	The argument will be processed, and each string will be added
-			 *	via AddProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be added to the internal list of allowed protocols.
-			 *	@return bool Status of adding valid protocols.
-			 *	@see AddProtocol()
-			 *	@since PHP4 OOP 0.2.1
-			 */
-			function AddProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses4::AddProtocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					foreach($protocol_data as $protocol)
-					{
-						$this->AddProtocol($protocol);
-					}
-					return true;
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->AddProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses4::AddProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	Allows for single/batch addition of protocols
-			 *
-			 *	@deprecated Use AddProtocols()
-			 *	@see AddProtocols()
-			 *	@return bool
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function Protocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses4::Protocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				return $this->AddProtocols(func_get_arg(0));
-			}
-
-			/**
-			 *	Adds a single protocol to $this->allowed_protocols.
-			 *
-			 *	This method accepts a string argument and adds it to
-			 *	the list of allowed protocols to keep when performing
-			 *	Parse().
-			 *
-			 *	@access public
-			 *	@param string $protocol The name of the protocol to be added.
-			 *	@return bool Status of adding valid protocol.
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function AddProtocol($protocol = "")
-			{
-				if(!is_string($protocol))
-				{
-					trigger_error("kses4::AddProtocol() requires a string.", E_USER_WARNING);
-					return false;
-				}
-
-				$protocol = strtolower(trim($protocol));
-				if($protocol == "")
-				{
-					trigger_error("kses4::AddProtocol() tried to add an empty/NULL protocol.", E_USER_WARNING);
-					return false;
-				}
-
-				// Remove any inadvertent ':' at the end of the protocol.
-				if(substr($protocol, strlen($protocol) - 1, 1) == ":")
-				{
-					$protocol = substr($protocol, 0, strlen($protocol) - 1);
-				}
-
-				if(!in_array($protocol, $this->allowed_protocols))
-				{
-					array_push($this->allowed_protocols, $protocol);
-					sort($this->allowed_protocols);
-				}
-				return true;
-			}
-
-			/**
-			 *	Allows for single/batch replacement of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	Existing protocols will be removed, then the argument will be
-			 *	processed, and each string will be added via AddProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be the new internal list of allowed protocols.
-			 *	@return bool Status of replacing valid protocols.
-			 *	@since PHP4 OOP 0.2.2
-			 *	@see AddProtocol()
-			 */
-			function SetProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					trigger_error("kses4::SetProtocols() did not receive an argument.", E_USER_WARNING);
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					$this->allowed_protocols = array();
-					foreach($protocol_data as $protocol)
-					{
-						$this->AddProtocol($protocol);
-					}
-					return true;
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->allowed_protocols = array();
-					$this->AddProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses4::SetProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	Raw dump of allowed protocols
-			 *
-			 *	This returns an indexed array of allowed protocols for a particular KSES
-			 *	instantiation.
-			 *
-			 *	@access public
-			 *	@return array The list of allowed protocols.
-			 *	@since PHP4 OOP 0.2.2
-			 */
-			function DumpProtocols()
-			{
-				return $this->allowed_protocols;
-			}
-
-			/**
-			 *	Raw dump of allowed (X)HTML elements
-			 *
-			 *	This returns an indexed array of allowed (X)HTML elements and attributes
-			 *	for a particular KSES instantiation.
-			 *
-			 *	@access public
-			 *	@return array The list of allowed elements.
-			 *	@since PHP4 OOP 0.2.2
-			 */
-			function DumpElements()
-			{
-				return $this->allowed_html;
-			}
-
-			/**
-			 *	Adds valid (X)HTML with corresponding attributes that will be kept when stripping 'evil scripts'.
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	@access public
-			 *	@param string $tag (X)HTML tag that will be allowed after stripping text.
-			 *	@param array $attribs Associative array of allowed attributes - key => attribute name - value => attribute parameter
-			 *	@return bool Status of Adding (X)HTML and attributes.
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function AddHTML($tag = "", $attribs = array())
-			{
-				if(!is_string($tag))
-				{
-					trigger_error("kses4::AddHTML() requires the tag to be a string", E_USER_WARNING);
-					return false;
-				}
-
-				$tag = strtolower(trim($tag));
-				if($tag == "")
-				{
-					trigger_error("kses4::AddHTML() tried to add an empty/NULL tag", E_USER_WARNING);
-					return false;
-				}
-
-				if(!is_array($attribs))
-				{
-					trigger_error("kses4::AddHTML() requires an array (even an empty one) of attributes for '$tag'", E_USER_WARNING);
-					return false;
-				}
-
-				$new_attribs = array();
-				if(is_array($attribs) && count($attribs) > 0)
-				{
-					foreach($attribs as $idx1 => $val1)
-					{
-						$new_idx1 = strtolower($idx1);
-						$new_val1 = $attribs[$idx1];
-
-						if(is_array($new_val1) && count($new_val1) > 0)
-						{
-							$tmp_val = array();
-							foreach($new_val1 as $idx2 => $val2)
-							{
-								$new_idx2 = strtolower($idx2);
-								$tmp_val[$new_idx2] = $val2;
-							}
-							$new_val1 = $tmp_val;
-						}
-
-						$new_attribs[$new_idx1] = $new_val1;
-					}
-				}
-
-				$this->allowed_html[$tag] = $new_attribs;
-				return true;
-			}
-
-			/**
-			 *	Removes a single protocol from $this->allowed_protocols.
-			 *
-			 *	This method accepts a string argument and removes it from
-			 *	the list of allowed protocols to keep when performing
-			 *	Parse().
-			 *
-			 *	@access public
-			 *	@param string $protocol The name of the protocol to be removed.
-			 *	@return bool Status of removing valid protocol.
-			 *	@since PHP4 OOP 0.2.1
-			 */
-			function RemoveProtocol($protocol = "")
-			{
-				if(!is_string($protocol))
-				{
-					trigger_error("kses4::RemoveProtocol() requires a string.", E_USER_WARNING);
-					return false;
-				}
-
-				// Remove any inadvertent ':' at the end of the protocol.
-				if(substr($protocol, strlen($protocol) - 1, 1) == ":")
-				{
-					$protocol = substr($protocol, 0, strlen($protocol) - 1);
-				}
-
-				$protocol = strtolower(trim($protocol));
-				if($protocol == "")
-				{
-					trigger_error("kses4::RemoveProtocol() tried to remove an empty/NULL protocol.", E_USER_WARNING);
-					return false;
-				}
-
-				//	Ensures that the protocol exists before removing it.
-				if(in_array($protocol, $this->allowed_protocols))
-				{
-					$this->allowed_protocols = array_diff($this->allowed_protocols, array($protocol));
-					sort($this->allowed_protocols);
-				}
-
-				return true;
-			}
-
-			/**
-			 *	Allows for single/batch removal of protocols
-			 *
-			 *	This method accepts one argument that can be either a string
-			 *	or an array of strings.  Invalid data will be ignored.
-			 *
-			 *	The argument will be processed, and each string will be removed
-			 *	via RemoveProtocol().
-			 *
-			 *	@access public
-			 *	@param mixed , A string or array of protocols that will be removed from the internal list of allowed protocols.
-			 *	@return bool Status of removing valid protocols.
-			 *	@see RemoveProtocol()
-			 *	@since PHP5 OOP 0.2.1
-			 */
-			function RemoveProtocols()
-			{
-				$c_args = func_num_args();
-				if($c_args != 1)
-				{
-					return false;
-				}
-
-				$protocol_data = func_get_arg(0);
-
-				if(is_array($protocol_data) && count($protocol_data) > 0)
-				{
-					foreach($protocol_data as $protocol)
-					{
-						$this->RemoveProtocol($protocol);
-					}
-				}
-				elseif(is_string($protocol_data))
-				{
-					$this->RemoveProtocol($protocol_data);
-					return true;
-				}
-				else
-				{
-					trigger_error("kses4::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING);
-					return false;
-				}
-			}
-
-			/**
-			 *	This method removes any NULL or characters in $string.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string String without any NULL/chr(173)
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _no_null($string)
-			{
-				$string = preg_replace('/\0+/', '', $string);
-				$string = preg_replace('/(\\\\0)+/', '', $string);
-				return $string;
-			}
-
-			/**
-			 *	This function removes the HTML JavaScript entities found in early versions of
-			 *	Netscape 4.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string String without any NULL/chr(173)
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _js_entities($string)
-			{
-			  return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
-			}
-
-			/**
-			 *	Normalizes HTML entities
-			 *
-			 *	This function normalizes HTML entities. It will convert "AT&T" to the correct
-			 *	"AT&amp;T", "&#00058;" to "&#58;", "&#XYZZY;" to "&amp;#XYZZY;" and so on.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string String with normalized entities
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _normalize_entities($string)
-			{
-				# Disarm all entities by converting & to &amp;
-			  $string = str_replace('&', '&amp;', $string);
-
-				# Change back the allowed entities in our entity white list
-
-			  $string = preg_replace('/&amp;([A-Za-z][A-Za-z0-9]{0,19});/', '&\\1;', $string);
-			  $string = preg_replace('/&amp;#0*([0-9]{1,5});/e', '\$this->_normalize_entities2("\\1")', $string);
-			  $string = preg_replace('/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', '&#\\1\\2;', $string);
-
-			  return $string;
-			}
-
-			/**
-			 *	Helper method used by normalizeEntites()
-			 *
-			 *	This method helps normalizeEntities() to only accept 16 bit values
-			 *	and nothing more for &#number; entities.
-			 *
-			 *	This method helps normalize_entities() during a preg_replace()
-			 *	where a &#(0)*XXXXX; occurs.  The '(0)*XXXXXX' value is converted to
-			 *	a number and the result is returned as a numeric entity if the number
-			 *	is less than 65536.  Otherwise, the value is returned 'as is'.
-			 *
-			 *	@access private
-			 *	@param string $i
-			 *	@return string Normalized numeric entity
-			 *	@see _normalize_entities()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _normalize_entities2($i)
-			{
-			  return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
-			}
-
-			/**
-			 *	Allows for additional user defined modifications to text.
-			 *
-			 *	@deprecated use filterKsesTextHook()
-			 *	@param string $string
-			 *	@see filterKsesTextHook()
-			 *	@return string
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _hook($string)
-			{
-			  return $this->filterKsesTextHook($string);
-			}
-
-			/**
-			 *	Allows for additional user defined modifications to text.
-			 *
-			 *	This method allows for additional modifications to be performed on
-			 *	a string that's being run through Parse().  Currently, it returns the
-			 *	input string 'as is'.
-			 *
-			 *	This method is provided for users to extend the kses class for their own
-			 *	requirements.
-			 *
-			 *	@access public
-			 *	@param string $string String to perfrom additional modifications on.
-			 *	@return string User modified string.
-			 *	@see Parse()
-			 *	@since PHP5 OOP 1.0.0
-			 */
-			function filterKsesTextHook($string)
-			{
-			  return $string;
-			}
-
-			/**
-			 *	This method goes through an array, and changes the keys to all lower case.
-			 *
-			 *	@access private
-			 *	@param array $in_array Associative array
-			 *	@return array Modified array
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _array_lc($inarray)
-			{
-			  $outarray = array();
-
-				if(is_array($inarray) && count($inarray) > 0)
-				{
-					foreach ($inarray as $inkey => $inval)
-					{
-						$outkey = strtolower($inkey);
-						$outarray[$outkey] = array();
-
-						if(is_array($inval) && count($inval) > 0)
-						{
-							foreach ($inval as $inkey2 => $inval2)
-							{
-								$outkey2 = strtolower($inkey2);
-								$outarray[$outkey][$outkey2] = $inval2;
-							}
-						}
-					}
-				}
-
-			  return $outarray;
-			}
-
-			/**
-			 *	This method searched for HTML tags, no matter how malformed.  It also
-			 *	matches stray ">" characters.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string HTML tags
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _split($string)
-			{
-				return preg_replace(
-					'%(<'.   # EITHER: <
-					'[^>]*'. # things that aren't >
-					'(>|$)'. # > or end of string
-					'|>)%e', # OR: just a >
-					"\$this->_split2('\\1')",
-					$string);
-			}
-
-			/**
-			 *	This method strips out disallowed and/or mangled (X)HTML tags along with assigned attributes.
-			 *
-			 *	This method does a lot of work. It rejects some very malformed things
-			 *	like <:::>. It returns an empty string if the element isn't allowed (look
-			 *	ma, no strip_tags()!). Otherwise it splits the tag into an element and an
-			 *	allowed attribute list.
-			 *
-			 *	@access private
-			 *	@param string $string
-			 *	@return string Modified string minus disallowed/mangled (X)HTML and attributes
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _split2($string)
-			{
-				$string = $this->_stripslashes($string);
-
-				if (substr($string, 0, 1) != '<')
-				{
-					# It matched a ">" character
-					return '&gt;';
-				}
-
-				if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
-				{
-					# It's seriously malformed
-					return '';
-				}
-
-				$slash    = trim($matches[1]);
-				$elem     = $matches[2];
-				$attrlist = $matches[3];
-
-				if (
-					!isset($this->allowed_html[strtolower($elem)]) ||
-					!is_array($this->allowed_html[strtolower($elem)])
-				)
-				{
-					# They are using a not allowed HTML element
-					return '';
-				}
-
-				if ($slash != '')
-				{
-					return "<$slash$elem>";
-				}
-				# No attributes are allowed for closing elements
-
-				return $this->_attr("$slash$elem", $attrlist);
-			}
-
-			/**
-			 *	This method strips out disallowed attributes for (X)HTML tags.
-			 *
-			 *	This method removes all attributes if none are allowed for this element.
-			 *	If some are allowed it calls $this->_hair() to split them further, and then it
-			 *	builds up new HTML code from the data that $this->_hair() returns. It also
-			 *	removes "<" and ">" characters, if there are any left. One more thing it
-			 *	does is to check if the tag has a closing XHTML slash, and if it does,
-			 *	it puts one in the returned code as well.
-			 *
-			 *	@access private
-			 *	@param string $element (X)HTML tag to check
-			 *	@param string $attr Text containing attributes to check for validity.
-			 *	@return string Resulting valid (X)HTML or ''
-			 *	@see _hair()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _attr($element, $attr)
-			{
-				# Is there a closing XHTML slash at the end of the attributes?
-				$xhtml_slash = '';
-				if (preg_match('%\s/\s*$%', $attr))
-				{
-					$xhtml_slash = ' /';
-				}
-
-				# Are any attributes allowed at all for this element?
-				if (
-					!isset($this->allowed_html[strtolower($element)]) ||
-					count($this->allowed_html[strtolower($element)]) == 0
-				)
-				{
-					return "<$element$xhtml_slash>";
-				}
-
-				# Split it
-				$attrarr = $this->_hair($attr);
-
-				# Go through $attrarr, and save the allowed attributes for this element
-				# in $attr2
-				$attr2 = '';
-				if(is_array($attrarr) && count($attrarr) > 0)
-				{
-					foreach ($attrarr as $arreach)
-					{
-						if(!isset($this->allowed_html[strtolower($element)][strtolower($arreach['name'])]))
-						{
-							continue;
-						}
-
-						$current = $this->allowed_html[strtolower($element)][strtolower($arreach['name'])];
-						if ($current == '')
-						{
-							# the attribute is not allowed
-							continue;
-						}
-
-						if (!is_array($current))
-						{
-							# there are no checks
-							$attr2 .= ' '.$arreach['whole'];
-						}
-						else
-						{
-							# there are some checks
-							$ok = true;
-							if(is_array($current) && count($current) > 0)
-							{
-								foreach ($current as $currkey => $currval)
-								{
-									if (!$this->_check_attr_val($arreach['value'], $arreach['vless'], $currkey, $currval))
-									{
-										$ok = false;
-										break;
-									}
-								}
-
-								if ($ok)
-								{
-									# it passed them
-									$attr2 .= ' '.$arreach['whole'];
-								}
-							}
-						}
-					}
-				}
-
-				# Remove any "<" or ">" characters
-				$attr2 = preg_replace('/[<>]/', '', $attr2);
-				return "<$element$attr2$xhtml_slash>";
-			}
-
-			/**
-			 *	This method combs through an attribute list string and returns an associative array of attributes and values.
-			 *
-			 *	This method does a lot of work. It parses an attribute list into an array
-			 *	with attribute data, and tries to do the right thing even if it gets weird
-			 *	input. It will add quotes around attribute values that don't have any quotes
-			 *	or apostrophes around them, to make it easier to produce HTML code that will
-			 *	conform to W3C's HTML specification. It will also remove bad URL protocols
-			 *	from attribute values.
-			 *
-			 *	@access private
-			 *	@param string $attr Text containing tag attributes for parsing
-			 *	@return array Associative array containing data on attribute and value
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _hair($attr)
-			{
-				$attrarr  = array();
-				$mode     = 0;
-				$attrname = '';
-
-				# Loop through the whole attribute list
-
-				while (strlen($attr) != 0)
-				{
-					# Was the last operation successful?
-					$working = 0;
-
-					switch ($mode)
-					{
-						case 0:	# attribute name, href for instance
-							if (preg_match('/^([-a-zA-Z]+)/', $attr, $match))
-							{
-								$attrname = $match[1];
-								$working = $mode = 1;
-								$attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
-							}
-							break;
-						case 1:	# equals sign or valueless ("selected")
-							if (preg_match('/^\s*=\s*/', $attr)) # equals sign
-							{
-								$working = 1;
-								$mode    = 2;
-								$attr    = preg_replace('/^\s*=\s*/', '', $attr);
-								break;
-							}
-							if (preg_match('/^\s+/', $attr)) # valueless
-							{
-								$working   = 1;
-								$mode      = 0;
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => '',
-									'whole' => $attrname,
-									'vless' => 'y'
-								);
-								$attr      = preg_replace('/^\s+/', '', $attr);
-							}
-							break;
-						case 2: # attribute value, a URL after href= for instance
-							if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value"
-							{
-								$thisval   = $this->_bad_protocol($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => "$attrname=\"$thisval\"",
-									'vless' => 'n'
-								);
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
-								break;
-							}
-							if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value'
-							{
-								$thisval   = $this->_bad_protocol($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => "$attrname='$thisval'",
-									'vless' => 'n'
-								);
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
-								break;
-							}
-							if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value
-							{
-								$thisval   = $this->_bad_protocol($match[1]);
-								$attrarr[] = array(
-									'name'  => $attrname,
-									'value' => $thisval,
-									'whole' => "$attrname=\"$thisval\"",
-									'vless' => 'n'
-								);
-								# We add quotes to conform to W3C's HTML spec.
-								$working   = 1;
-								$mode      = 0;
-								$attr      = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr);
-							}
-							break;
-					}
-
-					if ($working == 0) # not well formed, remove and try again
-					{
-						$attr = $this->_html_error($attr);
-						$mode = 0;
-					}
-				}
-
-				# special case, for when the attribute list ends with a valueless
-				# attribute like "selected"
-				if ($mode == 1)
-				{
-					$attrarr[] = array(
-						'name'  => $attrname,
-						'value' => '',
-						'whole' => $attrname,
-						'vless' => 'y'
-					);
-				}
-
-				return $attrarr;
-			}
-
-			/**
-			 *	This method removes disallowed protocols.
-			 *
-			 *	This method removes all non-allowed protocols from the beginning of
-			 *	$string. It ignores whitespace and the case of the letters, and it does
-			 *	understand HTML entities. It does its work in a while loop, so it won't be
-			 *	fooled by a string like "javascript:javascript:alert(57)".
-			 *
-			 *	@access private
-			 *	@param string $string String to check for protocols
-			 *	@return string String with removed protocols
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _bad_protocol($string)
-			{
-				$string  = $this->_no_null($string);
-				$string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
-				$string2 = $string.'a';
-
-				while ($string != $string2)
-				{
-					$string2 = $string;
-					$string  = $this->_bad_protocol_once($string);
-				} # while
-
-				return $string;
-			}
-
-			/**
-			 *	Helper method used by _bad_protocol()
-			 *
-			 *	This function searches for URL protocols at the beginning of $string, while
-			 *	handling whitespace and HTML entities.
-			 *  Function updated to fix security vulnerability (see http://projects.dokeos.com/index.php?do=details&task_id=2312)
-			 *
-			 *	@access private
-			 *	@param string $string String to check for protocols
-			 *	@return string String with removed protocols
-			 *	@see _bad_protocol()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _bad_protocol_once($string)
-			{
-				$string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
-				if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
-				{
-					$string = $this->_bad_protocol_once2($string2[0]).trim($string2[1]);
-				}
-				return $string;
-			}
-			/**
-			 *	Helper method used by _bad_protocol_once() regex
-			 *
-			 *	This function processes URL protocols, checks to see if they're in the white-
-			 *	list or not, and returns different data depending on the answer.
-			 *
-			 *	@access private
-			 *	@param string $string String to check for protocols
-			 *	@return string String with removed protocols
-			 *	@see _bad_protocol()
-			 *	@see _bad_protocol_once()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _bad_protocol_once2($string)
-			{
-				$string = $this->_decode_entities($string);
-				$string = preg_replace('/\s/', '', $string);
-				$string = $this->_no_null($string);
-				$string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
-				$string = strtolower($string);
-
-				$allowed = false;
-				if(is_array($this->allowed_protocols) && count($this->allowed_protocols) > 0)
-				{
-					foreach ($this->allowed_protocols as $one_protocol)
-					{
-						if (strtolower($one_protocol) == $string)
-						{
-							$allowed = true;
-							break;
-						}
-					}
-				}
-
-				if ($allowed)
-				{
-					return "$string:";
-				}
-				else
-				{
-					return '';
-				}
-			}
-
-			/**
-			 *	This function performs different checks for attribute values.
-			 *
-			 *	The currently implemented checks are "maxlen", "minlen", "maxval",
-			 *	"minval" and "valueless" with even more checks to come soon.
-			 *
-			 *	@access private
-			 *	@param string $value The value of the attribute to be checked.
-			 *	@param string $vless Indicates whether the the value is supposed to be valueless
-			 *	@param string $checkname The check to be performed
-			 *	@param string $checkvalue The value that is to be checked against
-			 *	@return bool Indicates whether the check passed or not
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _check_attr_val($value, $vless, $checkname, $checkvalue)
-			{
-				$ok = true;
-
-				switch (strtolower($checkname))
-				{
-					/**
-					*	The maxlen check makes sure that the attribute value has a length not
-					*	greater than the given value. This can be used to avoid Buffer Overflows
-					*	in WWW clients and various Internet servers.
-					*/
-					case 'maxlen':
-						if (strlen($value) > $checkvalue)
-						{
-							$ok = false;
-						}
-						break;
-
-					/**
-					*	The minlen check makes sure that the attribute value has a length not
-					*	smaller than the given value.
-					*/
-					case 'minlen':
-						if (strlen($value) < $checkvalue)
-						{
-							$ok = false;
-						}
-						break;
-
-					/**
-					*	The maxval check does two things: it checks that the attribute value is
-					*	an integer from 0 and up, without an excessive amount of zeroes or
-					*	whitespace (to avoid Buffer Overflows). It also checks that the attribute
-					*	value is not greater than the given value.
-					*	This check can be used to avoid Denial of Service attacks.
-					*/
-					case 'maxval':
-						if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
-						{
-							$ok = false;
-						}
-						if ($value > $checkvalue)
-						{
-							$ok = false;
-						}
-						break;
-
-					/**
-					*	The minval check checks that the attribute value is a positive integer,
-					*	and that it is not smaller than the given value.
-					*/
-					case 'minval':
-						if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
-						{
-							$ok = false;
-						}
-						if ($value < $checkvalue)
-						{
-							$ok = false;
-						}
-						break;
-
-					/**
-					*	The valueless check checks if the attribute has a value
-					*	(like <a href="blah">) or not (<option selected>). If the given value
-					*	is a "y" or a "Y", the attribute must not have a value.
-					*	If the given value is an "n" or an "N", the attribute must have one.
-					*/
-					case 'valueless':
-					if (strtolower($checkvalue) != $vless)
-					{
-						$ok = false;
-					}
-					break;
-
-				}
-
-				return $ok;
-			}
-
-			/**
-			 *	Changes \" to "
-			 *
-			 *	This function changes the character sequence  \"  to just  "
-			 *	It leaves all other slashes alone. It's really weird, but the quoting from
-			 *	preg_replace(//e) seems to require this.
-			 *
-			 *	@access private
-			 *	@param string $string The string to be stripped.
-			 *	@return string string stripped of \"
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _stripslashes($string)
-			{
-				return preg_replace('%\\\\"%', '"', $string);
-			}
-
-			/**
-			 *	helper method for _hair()
-			 *
-			 *	This function deals with parsing errors in _hair(). The general plan is
-			 *	to remove everything to and including some whitespace, but it deals with
-			 *	quotes and apostrophes as well.
-			 *
-			 *	@access private
-			 *	@param string $string The string to be stripped.
-			 *	@return string string stripped of whitespace
-			 *	@see _hair()
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _html_error($string)
-			{
-				return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string);
-			}
-
-			/**
-			 *	Decodes numeric HTML entities
-			 *
-			 *	This method decodes numeric HTML entities (&#65; and &#x41;). It doesn't
-			 *	do anything with other entities like &auml;, but we don't need them in the
-			 *	URL protocol white listing system anyway.
-			 *
-			 *	@access private
-			 *	@param string $value The entitiy to be decoded.
-			 *	@return string Decoded entity
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _decode_entities($string)
-			{
-				$string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
-				$string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string);
-				return $string;
-			}
-
-			/**
-			 *	Returns PHP4 OOP version # of kses.
-			 *
-			 *	Since this class has been refactored and documented and proven to work,
-			 *	I'm syncing the version number to procedural kses.
-			 *
-			 *	@access public
-			 *	@return string Version number
-			 *	@since PHP4 OOP 0.0.1
-			 */
-			function _version()
-			{
-				return 'PHP4 0.2.2 (OOP fork of procedural kses 0.2.2)';
-			}
-		}
-
-
-
-	}
+            var $allowed_protocols = array();
+            var $allowed_html      = array();
+            /**#@-*/
+
+            /**
+             *	Constructor for kses.
+             *
+             *	This sets a default collection of protocols allowed in links, and creates an
+             *	empty set of allowed HTML tags.
+             *	@since PHP4 OOP 0.0.1
+             */
+            function kses4()
+            {
+                /**
+                 *	You could add protocols such as ftp, new, gopher, mailto, irc, etc.
+                 *
+                 *	The base values the original kses provided were:
+                 *		'http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto'
+                 */
+                $this->allowed_protocols = array('http', 'ftp', 'mailto');
+                $this->allowed_html      = array();
+            }
+
+            /**
+             *	Basic task of kses - parses $string and strips it as required.
+             *
+             *	This method strips all the disallowed (X)HTML tags, attributes
+             *	and protocols from the input $string.
+             *
+             *	@access public
+             *	@param string $string String to be stripped of 'evil scripts'
+             *	@return string The stripped string
+             *	@since PHP4 OOP 0.2.1
+             */
+            function Parse($string = "")
+            {
+                if (get_magic_quotes_gpc())
+                {
+                    $string = stripslashes($string);
+                }
+                $string = $this->_no_null($string);
+                $string = $this->_js_entities($string);
+                $string = $this->_normalize_entities($string);
+                $string = $this->filterKsesTextHook($string);
+                return    $this->_split($string);
+            }
+
+            /**
+             *	Allows for single/batch addition of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	The argument will be processed, and each string will be added
+             *	via AddProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be added to the internal list of allowed protocols.
+             *	@return bool Status of adding valid protocols.
+             *	@see AddProtocol()
+             *	@since PHP4 OOP 0.2.1
+             */
+            function AddProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses4::AddProtocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->AddProtocol($protocol);
+                    }
+                    return true;
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->AddProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses4::AddProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	Allows for single/batch addition of protocols
+             *
+             *	@deprecated Use AddProtocols()
+             *	@see AddProtocols()
+             *	@return bool
+             *	@since PHP4 OOP 0.0.1
+             */
+            function Protocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses4::Protocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                return $this->AddProtocols(func_get_arg(0));
+            }
+
+            /**
+             *	Adds a single protocol to $this->allowed_protocols.
+             *
+             *	This method accepts a string argument and adds it to
+             *	the list of allowed protocols to keep when performing
+             *	Parse().
+             *
+             *	@access public
+             *	@param string $protocol The name of the protocol to be added.
+             *	@return bool Status of adding valid protocol.
+             *	@since PHP4 OOP 0.0.1
+             */
+            function AddProtocol($protocol = "")
+            {
+                if(!is_string($protocol))
+                {
+                    trigger_error("kses4::AddProtocol() requires a string.", E_USER_WARNING);
+                    return false;
+                }
+
+                $protocol = strtolower(trim($protocol));
+                if($protocol == "")
+                {
+                    trigger_error("kses4::AddProtocol() tried to add an empty/NULL protocol.", E_USER_WARNING);
+                    return false;
+                }
+
+                // Remove any inadvertent ':' at the end of the protocol.
+                if(substr($protocol, strlen($protocol) - 1, 1) == ":")
+                {
+                    $protocol = substr($protocol, 0, strlen($protocol) - 1);
+                }
+
+                if(!in_array($protocol, $this->allowed_protocols))
+                {
+                    array_push($this->allowed_protocols, $protocol);
+                    sort($this->allowed_protocols);
+                }
+                return true;
+            }
+
+            /**
+             *	Allows for single/batch replacement of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	Existing protocols will be removed, then the argument will be
+             *	processed, and each string will be added via AddProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be the new internal list of allowed protocols.
+             *	@return bool Status of replacing valid protocols.
+             *	@since PHP4 OOP 0.2.2
+             *	@see AddProtocol()
+             */
+            function SetProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    trigger_error("kses4::SetProtocols() did not receive an argument.", E_USER_WARNING);
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    $this->allowed_protocols = array();
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->AddProtocol($protocol);
+                    }
+                    return true;
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->allowed_protocols = array();
+                    $this->AddProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses4::SetProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	Raw dump of allowed protocols
+             *
+             *	This returns an indexed array of allowed protocols for a particular KSES
+             *	instantiation.
+             *
+             *	@access public
+             *	@return array The list of allowed protocols.
+             *	@since PHP4 OOP 0.2.2
+             */
+            function DumpProtocols()
+            {
+                return $this->allowed_protocols;
+            }
+
+            /**
+             *	Raw dump of allowed (X)HTML elements
+             *
+             *	This returns an indexed array of allowed (X)HTML elements and attributes
+             *	for a particular KSES instantiation.
+             *
+             *	@access public
+             *	@return array The list of allowed elements.
+             *	@since PHP4 OOP 0.2.2
+             */
+            function DumpElements()
+            {
+                return $this->allowed_html;
+            }
+
+            /**
+             *	Adds valid (X)HTML with corresponding attributes that will be kept when stripping 'evil scripts'.
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	@access public
+             *	@param string $tag (X)HTML tag that will be allowed after stripping text.
+             *	@param array $attribs Associative array of allowed attributes - key => attribute name - value => attribute parameter
+             *	@return bool Status of Adding (X)HTML and attributes.
+             *	@since PHP4 OOP 0.0.1
+             */
+            function AddHTML($tag = "", $attribs = array())
+            {
+                if(!is_string($tag))
+                {
+                    trigger_error("kses4::AddHTML() requires the tag to be a string", E_USER_WARNING);
+                    return false;
+                }
+
+                $tag = strtolower(trim($tag));
+                if($tag == "")
+                {
+                    trigger_error("kses4::AddHTML() tried to add an empty/NULL tag", E_USER_WARNING);
+                    return false;
+                }
+
+                if(!is_array($attribs))
+                {
+                    trigger_error("kses4::AddHTML() requires an array (even an empty one) of attributes for '$tag'", E_USER_WARNING);
+                    return false;
+                }
+
+                $new_attribs = array();
+                if(is_array($attribs) && count($attribs) > 0)
+                {
+                    foreach($attribs as $idx1 => $val1)
+                    {
+                        $new_idx1 = strtolower($idx1);
+                        $new_val1 = $attribs[$idx1];
+
+                        if(is_array($new_val1) && count($new_val1) > 0)
+                        {
+                            $tmp_val = array();
+                            foreach($new_val1 as $idx2 => $val2)
+                            {
+                                $new_idx2 = strtolower($idx2);
+                                $tmp_val[$new_idx2] = $val2;
+                            }
+                            $new_val1 = $tmp_val;
+                        }
+
+                        $new_attribs[$new_idx1] = $new_val1;
+                    }
+                }
+
+                $this->allowed_html[$tag] = $new_attribs;
+                return true;
+            }
+
+            /**
+             *	Removes a single protocol from $this->allowed_protocols.
+             *
+             *	This method accepts a string argument and removes it from
+             *	the list of allowed protocols to keep when performing
+             *	Parse().
+             *
+             *	@access public
+             *	@param string $protocol The name of the protocol to be removed.
+             *	@return bool Status of removing valid protocol.
+             *	@since PHP4 OOP 0.2.1
+             */
+            function RemoveProtocol($protocol = "")
+            {
+                if(!is_string($protocol))
+                {
+                    trigger_error("kses4::RemoveProtocol() requires a string.", E_USER_WARNING);
+                    return false;
+                }
+
+                // Remove any inadvertent ':' at the end of the protocol.
+                if(substr($protocol, strlen($protocol) - 1, 1) == ":")
+                {
+                    $protocol = substr($protocol, 0, strlen($protocol) - 1);
+                }
+
+                $protocol = strtolower(trim($protocol));
+                if($protocol == "")
+                {
+                    trigger_error("kses4::RemoveProtocol() tried to remove an empty/NULL protocol.", E_USER_WARNING);
+                    return false;
+                }
+
+                //	Ensures that the protocol exists before removing it.
+                if(in_array($protocol, $this->allowed_protocols))
+                {
+                    $this->allowed_protocols = array_diff($this->allowed_protocols, array($protocol));
+                    sort($this->allowed_protocols);
+                }
+
+                return true;
+            }
+
+            /**
+             *	Allows for single/batch removal of protocols
+             *
+             *	This method accepts one argument that can be either a string
+             *	or an array of strings.  Invalid data will be ignored.
+             *
+             *	The argument will be processed, and each string will be removed
+             *	via RemoveProtocol().
+             *
+             *	@access public
+             *	@param mixed , A string or array of protocols that will be removed from the internal list of allowed protocols.
+             *	@return bool Status of removing valid protocols.
+             *	@see RemoveProtocol()
+             *	@since PHP5 OOP 0.2.1
+             */
+            function RemoveProtocols()
+            {
+                $c_args = func_num_args();
+                if($c_args != 1)
+                {
+                    return false;
+                }
+
+                $protocol_data = func_get_arg(0);
+
+                if(is_array($protocol_data) && count($protocol_data) > 0)
+                {
+                    foreach($protocol_data as $protocol)
+                    {
+                        $this->RemoveProtocol($protocol);
+                    }
+                }
+                elseif(is_string($protocol_data))
+                {
+                    $this->RemoveProtocol($protocol_data);
+                    return true;
+                }
+                else
+                {
+                    trigger_error("kses4::RemoveProtocols() did not receive a string or an array.", E_USER_WARNING);
+                    return false;
+                }
+            }
+
+            /**
+             *	This method removes any NULL or characters in $string.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string String without any NULL/chr(173)
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _no_null($string)
+            {
+                $string = preg_replace('/\0+/', '', $string);
+                $string = preg_replace('/(\\\\0)+/', '', $string);
+                return $string;
+            }
+
+            /**
+             *	This function removes the HTML JavaScript entities found in early versions of
+             *	Netscape 4.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string String without any NULL/chr(173)
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _js_entities($string)
+            {
+                return preg_replace('%&\s*\{[^}]*(\}\s*;?|$)%', '', $string);
+            }
+
+            /**
+             *	Normalizes HTML entities
+             *
+             *	This function normalizes HTML entities. It will convert "AT&T" to the correct
+             *	"AT&amp;T", "&#00058;" to "&#58;", "&#XYZZY;" to "&amp;#XYZZY;" and so on.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string String with normalized entities
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _normalize_entities($string)
+            {
+                # Disarm all entities by converting & to &amp;
+                $string = str_replace('&', '&amp;', $string);
+
+                # Change back the allowed entities in our entity white list
+
+                $string = preg_replace('/&amp;([A-Za-z][A-Za-z0-9]{0,19});/', '&\\1;', $string);
+                $string = preg_replace('/&amp;#0*([0-9]{1,5});/e', '\$this->_normalize_entities2("\\1")', $string);
+                $string = preg_replace('/&amp;#([Xx])0*(([0-9A-Fa-f]{2}){1,2});/', '&#\\1\\2;', $string);
+
+                return $string;
+            }
+
+            /**
+             *	Helper method used by normalizeEntites()
+             *
+             *	This method helps normalizeEntities() to only accept 16 bit values
+             *	and nothing more for &#number; entities.
+             *
+             *	This method helps normalize_entities() during a preg_replace()
+             *	where a &#(0)*XXXXX; occurs.  The '(0)*XXXXXX' value is converted to
+             *	a number and the result is returned as a numeric entity if the number
+             *	is less than 65536.  Otherwise, the value is returned 'as is'.
+             *
+             *	@access private
+             *	@param string $i
+             *	@return string Normalized numeric entity
+             *	@see _normalize_entities()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _normalize_entities2($i)
+            {
+                return (($i > 65535) ? "&amp;#$i;" : "&#$i;");
+            }
+
+            /**
+             *	Allows for additional user defined modifications to text.
+             *
+             *	@deprecated use filterKsesTextHook()
+             *	@param string $string
+             *	@see filterKsesTextHook()
+             *	@return string
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _hook($string)
+            {
+                return $this->filterKsesTextHook($string);
+            }
+
+            /**
+             *	Allows for additional user defined modifications to text.
+             *
+             *	This method allows for additional modifications to be performed on
+             *	a string that's being run through Parse().  Currently, it returns the
+             *	input string 'as is'.
+             *
+             *	This method is provided for users to extend the kses class for their own
+             *	requirements.
+             *
+             *	@access public
+             *	@param string $string String to perfrom additional modifications on.
+             *	@return string User modified string.
+             *	@see Parse()
+             *	@since PHP5 OOP 1.0.0
+             */
+            function filterKsesTextHook($string)
+            {
+                return $string;
+            }
+
+            /**
+             *	This method goes through an array, and changes the keys to all lower case.
+             *
+             *	@access private
+             *	@param array $in_array Associative array
+             *	@return array Modified array
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _array_lc($inarray)
+            {
+                $outarray = array();
+
+                if(is_array($inarray) && count($inarray) > 0)
+                {
+                    foreach ($inarray as $inkey => $inval)
+                    {
+                        $outkey = strtolower($inkey);
+                        $outarray[$outkey] = array();
+
+                        if(is_array($inval) && count($inval) > 0)
+                        {
+                            foreach ($inval as $inkey2 => $inval2)
+                            {
+                                $outkey2 = strtolower($inkey2);
+                                $outarray[$outkey][$outkey2] = $inval2;
+                            }
+                        }
+                    }
+                }
+
+                return $outarray;
+            }
+
+            /**
+             *	This method searched for HTML tags, no matter how malformed.  It also
+             *	matches stray ">" characters.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string HTML tags
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _split($string)
+            {
+                return preg_replace(
+                    '%(<'.   # EITHER: <
+                    '[^>]*'. # things that aren't >
+                    '(>|$)'. # > or end of string
+                    '|>)%e', # OR: just a >
+                    "\$this->_split2('\\1')",
+                    $string);
+            }
+
+            /**
+             *	This method strips out disallowed and/or mangled (X)HTML tags along with assigned attributes.
+             *
+             *	This method does a lot of work. It rejects some very malformed things
+             *	like <:::>. It returns an empty string if the element isn't allowed (look
+             *	ma, no strip_tags()!). Otherwise it splits the tag into an element and an
+             *	allowed attribute list.
+             *
+             *	@access private
+             *	@param string $string
+             *	@return string Modified string minus disallowed/mangled (X)HTML and attributes
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _split2($string)
+            {
+                $string = $this->_stripslashes($string);
+
+                if (substr($string, 0, 1) != '<')
+                {
+                    # It matched a ">" character
+                    return '&gt;';
+                }
+
+                if (!preg_match('%^<\s*(/\s*)?([a-zA-Z0-9]+)([^>]*)>?$%', $string, $matches))
+                {
+                    # It's seriously malformed
+                    return '';
+                }
+
+                $slash    = trim($matches[1]);
+                $elem     = $matches[2];
+                $attrlist = $matches[3];
+
+                if (
+                    !isset($this->allowed_html[strtolower($elem)]) ||
+                    !is_array($this->allowed_html[strtolower($elem)])
+                )
+                {
+                    # They are using a not allowed HTML element
+                    return '';
+                }
+
+                if ($slash != '')
+                {
+                    return "<$slash$elem>";
+                }
+                # No attributes are allowed for closing elements
+
+                return $this->_attr("$slash$elem", $attrlist);
+            }
+
+            /**
+             *	This method strips out disallowed attributes for (X)HTML tags.
+             *
+             *	This method removes all attributes if none are allowed for this element.
+             *	If some are allowed it calls $this->_hair() to split them further, and then it
+             *	builds up new HTML code from the data that $this->_hair() returns. It also
+             *	removes "<" and ">" characters, if there are any left. One more thing it
+             *	does is to check if the tag has a closing XHTML slash, and if it does,
+             *	it puts one in the returned code as well.
+             *
+             *	@access private
+             *	@param string $element (X)HTML tag to check
+             *	@param string $attr Text containing attributes to check for validity.
+             *	@return string Resulting valid (X)HTML or ''
+             *	@see _hair()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _attr($element, $attr)
+            {
+                # Is there a closing XHTML slash at the end of the attributes?
+                $xhtml_slash = '';
+                if (preg_match('%\s/\s*$%', $attr))
+                {
+                    $xhtml_slash = ' /';
+                }
+
+                # Are any attributes allowed at all for this element?
+                if (
+                    !isset($this->allowed_html[strtolower($element)]) ||
+                    count($this->allowed_html[strtolower($element)]) == 0
+                )
+                {
+                    return "<$element$xhtml_slash>";
+                }
+
+                # Split it
+                $attrarr = $this->_hair($attr);
+
+                # Go through $attrarr, and save the allowed attributes for this element
+                # in $attr2
+                $attr2 = '';
+                if(is_array($attrarr) && count($attrarr) > 0)
+                {
+                    foreach ($attrarr as $arreach)
+                    {
+                        if(!isset($this->allowed_html[strtolower($element)][strtolower($arreach['name'])]))
+                        {
+                            continue;
+                        }
+
+                        $current = $this->allowed_html[strtolower($element)][strtolower($arreach['name'])];
+                        if ($current == '')
+                        {
+                            # the attribute is not allowed
+                            continue;
+                        }
+
+                        if (!is_array($current))
+                        {
+                            # there are no checks
+                            $attr2 .= ' '.$arreach['whole'];
+                        }
+                        else
+                        {
+                            # there are some checks
+                            $ok = true;
+                            if(is_array($current) && count($current) > 0)
+                            {
+                                foreach ($current as $currkey => $currval)
+                                {
+                                    if (!$this->_check_attr_val($arreach['value'], $arreach['vless'], $currkey, $currval))
+                                    {
+                                        $ok = false;
+                                        break;
+                                    }
+                                }
+
+                                if ($ok)
+                                {
+                                    # it passed them
+                                    $attr2 .= ' '.$arreach['whole'];
+                                }
+                            }
+                        }
+                    }
+                }
+
+                # Remove any "<" or ">" characters
+                $attr2 = preg_replace('/[<>]/', '', $attr2);
+                return "<$element$attr2$xhtml_slash>";
+            }
+
+            /**
+             *	This method combs through an attribute list string and returns an associative array of attributes and values.
+             *
+             *	This method does a lot of work. It parses an attribute list into an array
+             *	with attribute data, and tries to do the right thing even if it gets weird
+             *	input. It will add quotes around attribute values that don't have any quotes
+             *	or apostrophes around them, to make it easier to produce HTML code that will
+             *	conform to W3C's HTML specification. It will also remove bad URL protocols
+             *	from attribute values.
+             *
+             *	@access private
+             *	@param string $attr Text containing tag attributes for parsing
+             *	@return array Associative array containing data on attribute and value
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _hair($attr)
+            {
+                $attrarr  = array();
+                $mode     = 0;
+                $attrname = '';
+
+                # Loop through the whole attribute list
+
+                while (strlen($attr) != 0)
+                {
+                    # Was the last operation successful?
+                    $working = 0;
+
+                    switch ($mode)
+                    {
+                        case 0:	# attribute name, href for instance
+                            if (preg_match('/^([-a-zA-Z]+)/', $attr, $match))
+                            {
+                                $attrname = $match[1];
+                                $working = $mode = 1;
+                                $attr = preg_replace('/^[-a-zA-Z]+/', '', $attr);
+                            }
+                            break;
+                        case 1:	# equals sign or valueless ("selected")
+                            if (preg_match('/^\s*=\s*/', $attr)) # equals sign
+                            {
+                                $working = 1;
+                                $mode    = 2;
+                                $attr    = preg_replace('/^\s*=\s*/', '', $attr);
+                                break;
+                            }
+                            if (preg_match('/^\s+/', $attr)) # valueless
+                            {
+                                $working   = 1;
+                                $mode      = 0;
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => '',
+                                    'whole' => $attrname,
+                                    'vless' => 'y'
+                                );
+                                $attr      = preg_replace('/^\s+/', '', $attr);
+                            }
+                            break;
+                        case 2: # attribute value, a URL after href= for instance
+                            if (preg_match('/^"([^"]*)"(\s+|$)/', $attr, $match)) # "value"
+                            {
+                                $thisval   = $this->_bad_protocol($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => "$attrname=\"$thisval\"",
+                                    'vless' => 'n'
+                                );
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace('/^"[^"]*"(\s+|$)/', '', $attr);
+                                break;
+                            }
+                            if (preg_match("/^'([^']*)'(\s+|$)/", $attr, $match)) # 'value'
+                            {
+                                $thisval   = $this->_bad_protocol($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => "$attrname='$thisval'",
+                                    'vless' => 'n'
+                                );
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace("/^'[^']*'(\s+|$)/", '', $attr);
+                                break;
+                            }
+                            if (preg_match("%^([^\s\"']+)(\s+|$)%", $attr, $match)) # value
+                            {
+                                $thisval   = $this->_bad_protocol($match[1]);
+                                $attrarr[] = array(
+                                    'name'  => $attrname,
+                                    'value' => $thisval,
+                                    'whole' => "$attrname=\"$thisval\"",
+                                    'vless' => 'n'
+                                );
+                                # We add quotes to conform to W3C's HTML spec.
+                                $working   = 1;
+                                $mode      = 0;
+                                $attr      = preg_replace("%^[^\s\"']+(\s+|$)%", '', $attr);
+                            }
+                            break;
+                    }
+
+                    if ($working == 0) # not well formed, remove and try again
+                    {
+                        $attr = $this->_html_error($attr);
+                        $mode = 0;
+                    }
+                }
+
+                # special case, for when the attribute list ends with a valueless
+                # attribute like "selected"
+                if ($mode == 1)
+                {
+                    $attrarr[] = array(
+                        'name'  => $attrname,
+                        'value' => '',
+                        'whole' => $attrname,
+                        'vless' => 'y'
+                    );
+                }
+
+                return $attrarr;
+            }
+
+            /**
+             *	This method removes disallowed protocols.
+             *
+             *	This method removes all non-allowed protocols from the beginning of
+             *	$string. It ignores whitespace and the case of the letters, and it does
+             *	understand HTML entities. It does its work in a while loop, so it won't be
+             *	fooled by a string like "javascript:javascript:alert(57)".
+             *
+             *	@access private
+             *	@param string $string String to check for protocols
+             *	@return string String with removed protocols
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _bad_protocol($string)
+            {
+                $string  = $this->_no_null($string);
+                $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
+                $string2 = $string.'a';
+
+                while ($string != $string2)
+                {
+                    $string2 = $string;
+                    $string  = $this->_bad_protocol_once($string);
+                } # while
+
+                return $string;
+            }
+
+            /**
+             *	Helper method used by _bad_protocol()
+             *
+             *	This function searches for URL protocols at the beginning of $string, while
+             *	handling whitespace and HTML entities.
+             *  Function updated to fix security vulnerability (see http://projects.dokeos.com/index.php?do=details&task_id=2312)
+             *
+             *	@access private
+             *	@param string $string String to check for protocols
+             *	@return string String with removed protocols
+             *	@see _bad_protocol()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _bad_protocol_once($string)
+            {
+                $string2 = preg_split('/:|&#58;|&#x3a;/i', $string, 2);
+                if(isset($string2[1]) && !preg_match('%/\?%',$string2[0]))
+                {
+                    $string = $this->_bad_protocol_once2($string2[0]).trim($string2[1]);
+                }
+                return $string;
+            }
+            /**
+             *	Helper method used by _bad_protocol_once() regex
+             *
+             *	This function processes URL protocols, checks to see if they're in the white-
+             *	list or not, and returns different data depending on the answer.
+             *
+             *	@access private
+             *	@param string $string String to check for protocols
+             *	@return string String with removed protocols
+             *	@see _bad_protocol()
+             *	@see _bad_protocol_once()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _bad_protocol_once2($string)
+            {
+                $string = $this->_decode_entities($string);
+                $string = preg_replace('/\s/', '', $string);
+                $string = $this->_no_null($string);
+                $string = preg_replace('/\xad+/', '', $string); # deals with Opera "feature"
+                $string = strtolower($string);
+
+                $allowed = false;
+                if(is_array($this->allowed_protocols) && count($this->allowed_protocols) > 0)
+                {
+                    foreach ($this->allowed_protocols as $one_protocol)
+                    {
+                        if (strtolower($one_protocol) == $string)
+                        {
+                            $allowed = true;
+                            break;
+                        }
+                    }
+                }
+
+                if ($allowed)
+                {
+                    return "$string:";
+                }
+                else
+                {
+                    return '';
+                }
+            }
+
+            /**
+             *	This function performs different checks for attribute values.
+             *
+             *	The currently implemented checks are "maxlen", "minlen", "maxval",
+             *	"minval" and "valueless" with even more checks to come soon.
+             *
+             *	@access private
+             *	@param string $value The value of the attribute to be checked.
+             *	@param string $vless Indicates whether the the value is supposed to be valueless
+             *	@param string $checkname The check to be performed
+             *	@param string $checkvalue The value that is to be checked against
+             *	@return bool Indicates whether the check passed or not
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _check_attr_val($value, $vless, $checkname, $checkvalue)
+            {
+                $ok = true;
+
+                switch (strtolower($checkname))
+                {
+                    /**
+                     *	The maxlen check makes sure that the attribute value has a length not
+                     *	greater than the given value. This can be used to avoid Buffer Overflows
+                     *	in WWW clients and various Internet servers.
+                     */
+                    case 'maxlen':
+                        if (strlen($value) > $checkvalue)
+                        {
+                            $ok = false;
+                        }
+                        break;
+
+                    /**
+                     *	The minlen check makes sure that the attribute value has a length not
+                     *	smaller than the given value.
+                     */
+                    case 'minlen':
+                        if (strlen($value) < $checkvalue)
+                        {
+                            $ok = false;
+                        }
+                        break;
+
+                    /**
+                     *	The maxval check does two things: it checks that the attribute value is
+                     *	an integer from 0 and up, without an excessive amount of zeroes or
+                     *	whitespace (to avoid Buffer Overflows). It also checks that the attribute
+                     *	value is not greater than the given value.
+                     *	This check can be used to avoid Denial of Service attacks.
+                     */
+                    case 'maxval':
+                        if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
+                        {
+                            $ok = false;
+                        }
+                        if ($value > $checkvalue)
+                        {
+                            $ok = false;
+                        }
+                        break;
+
+                    /**
+                     *	The minval check checks that the attribute value is a positive integer,
+                     *	and that it is not smaller than the given value.
+                     */
+                    case 'minval':
+                        if (!preg_match('/^\s{0,6}[0-9]{1,6}\s{0,6}$/', $value))
+                        {
+                            $ok = false;
+                        }
+                        if ($value < $checkvalue)
+                        {
+                            $ok = false;
+                        }
+                        break;
+
+                    /**
+                     *	The valueless check checks if the attribute has a value
+                     *	(like <a href="blah">) or not (<option selected>). If the given value
+                     *	is a "y" or a "Y", the attribute must not have a value.
+                     *	If the given value is an "n" or an "N", the attribute must have one.
+                     */
+                    case 'valueless':
+                    if (strtolower($checkvalue) != $vless)
+                    {
+                        $ok = false;
+                    }
+                    break;
+
+                }
+
+                return $ok;
+            }
+
+            /**
+             *	Changes \" to "
+             *
+             *	This function changes the character sequence  \"  to just  "
+             *	It leaves all other slashes alone. It's really weird, but the quoting from
+             *	preg_replace(//e) seems to require this.
+             *
+             *	@access private
+             *	@param string $string The string to be stripped.
+             *	@return string string stripped of \"
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _stripslashes($string)
+            {
+                return preg_replace('%\\\\"%', '"', $string);
+            }
+
+            /**
+             *	helper method for _hair()
+             *
+             *	This function deals with parsing errors in _hair(). The general plan is
+             *	to remove everything to and including some whitespace, but it deals with
+             *	quotes and apostrophes as well.
+             *
+             *	@access private
+             *	@param string $string The string to be stripped.
+             *	@return string string stripped of whitespace
+             *	@see _hair()
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _html_error($string)
+            {
+                return preg_replace('/^("[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*/', '', $string);
+            }
+
+            /**
+             *	Decodes numeric HTML entities
+             *
+             *	This method decodes numeric HTML entities (&#65; and &#x41;). It doesn't
+             *	do anything with other entities like &auml;, but we don't need them in the
+             *	URL protocol white listing system anyway.
+             *
+             *	@access private
+             *	@param string $value The entitiy to be decoded.
+             *	@return string Decoded entity
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _decode_entities($string)
+            {
+                $string = preg_replace('/&#([0-9]+);/e', 'chr("\\1")', $string);
+                $string = preg_replace('/&#[Xx]([0-9A-Fa-f]+);/e', 'chr(hexdec("\\1"))', $string);
+                return $string;
+            }
+
+            /**
+             *	Returns PHP4 OOP version # of kses.
+             *
+             *	Since this class has been refactored and documented and proven to work,
+             *	I'm syncing the version number to procedural kses.
+             *
+             *	@access public
+             *	@return string Version number
+             *	@since PHP4 OOP 0.0.1
+             */
+            function _version()
+            {
+                return 'PHP4 0.2.2 (OOP fork of procedural kses 0.2.2)';
+            }
+        }
+
+
+
+    }
 ?>
\ No newline at end of file

main/inc/lib/xajax/xajaxCompress.php

Indentation +136 added lines, -136 removed lines

@@ -42,141 +42,141 @@
  */
 function xajaxCompressJavascript($sJS)
 {
-	//remove windows cariage returns
-	$sJS = str_replace("\r","",$sJS);
-
-	//array to store replaced literal strings
-	$literal_strings = array();
-
-	//explode the string into lines
-	$lines = explode("\n",$sJS);
-	//loop through all the lines, building a new string at the same time as removing literal strings
-	$clean = "";
-	$inComment = false;
-	$literal = "";
-	$inQuote = false;
-	$escaped = false;
-	$quoteChar = "";
-
-	for($i=0;$i<count($lines);$i++)
-	{
-		$line = $lines[$i];
-		$inNormalComment = false;
-
-		//loop through line's characters and take out any literal strings, replace them with ___i___ where i is the index of this string
-		for($j=0;$j<strlen($line);$j++)
-		{
-			$c = substr($line,$j,1);
-			$d = substr($line,$j,2);
-
-			//look for start of quote
-			if(!$inQuote && !$inComment)
-			{
-				//is this character a quote or a comment
-				if(($c=="\"" || $c=="'") && !$inComment && !$inNormalComment)
-				{
-					$inQuote = true;
-					$inComment = false;
-					$escaped = false;
-					$quoteChar = $c;
-					$literal = $c;
-				}
-				else if($d=="/*" && !$inNormalComment)
-				{
-					$inQuote = false;
-					$inComment = true;
-					$escaped = false;
-					$quoteChar = $d;
-					$literal = $d;
-					$j++;
-				}
-				else if($d=="//") //ignore string markers that are found inside comments
-				{
-					$inNormalComment = true;
-					$clean .= $c;
-				}
-				else
-				{
-					$clean .= $c;
-				}
-			}
-			else //allready in a string so find end quote
-			{
-				if($c == $quoteChar && !$escaped && !$inComment)
-				{
-					$inQuote = false;
-					$literal .= $c;
-
-					//subsitute in a marker for the string
-					$clean .= "___" . count($literal_strings) . "___";
-
-					//push the string onto our array
-					array_push($literal_strings,$literal);
-
-				}
-				else if($inComment && $d=="*/")
-				{
-					$inComment = false;
-					$literal .= $d;
-
-					//subsitute in a marker for the string
-					$clean .= "___" . count($literal_strings) . "___";
-
-					//push the string onto our array
-					array_push($literal_strings,$literal);
-
-					$j++;
-				}
-				else if($c == "\\" && !$escaped)
-					$escaped = true;
-				else
-					$escaped = false;
-
-				$literal .= $c;
-			}
-		}
-		if($inComment) $literal .= "\n";
-		$clean .= "\n";
-	}
-	//explode the clean string into lines again
-	$lines = explode("\n",$clean);
-
-	//now process each line at a time
-	for($i=0;$i<count($lines);$i++)
-	{
-		$line = $lines[$i];
-
-		//remove comments
-		$line = preg_replace("/\/\/(.*)/","",$line);
-
-		//strip leading and trailing whitespace
-		$line = trim($line);
-
-		//remove all whitespace with a single space
-		$line = preg_replace("/\s+/"," ",$line);
-
-		//remove any whitespace that occurs after/before an operator
-		$line = preg_replace("/\s*([!\}\{;,&=\|\-\+\*\/\)\(:])\s*/","\\1",$line);
-
-		$lines[$i] = $line;
-	}
-
-	//implode the lines
-	$sJS = implode("\n",$lines);
-
-	//make sure there is a max of 1 \n after each line
-	$sJS = preg_replace("/[\n]+/","\n",$sJS);
-
-	//strip out line breaks that immediately follow a semi-colon
-	$sJS = preg_replace("/;\n/",";",$sJS);
-
-	//curly brackets aren't on their own
-	$sJS = preg_replace("/[\n]*\{[\n]*/","{",$sJS);
-
-	//finally loop through and replace all the literal strings:
-	for($i=0;$i<count($literal_strings);$i++)
-		$sJS = str_replace("___".$i."___",$literal_strings[$i],$sJS);
-
-	return $sJS;
+    //remove windows cariage returns
+    $sJS = str_replace("\r","",$sJS);
+
+    //array to store replaced literal strings
+    $literal_strings = array();
+
+    //explode the string into lines
+    $lines = explode("\n",$sJS);
+    //loop through all the lines, building a new string at the same time as removing literal strings
+    $clean = "";
+    $inComment = false;
+    $literal = "";
+    $inQuote = false;
+    $escaped = false;
+    $quoteChar = "";
+
+    for($i=0;$i<count($lines);$i++)
+    {
+        $line = $lines[$i];
+        $inNormalComment = false;
+
+        //loop through line's characters and take out any literal strings, replace them with ___i___ where i is the index of this string
+        for($j=0;$j<strlen($line);$j++)
+        {
+            $c = substr($line,$j,1);
+            $d = substr($line,$j,2);
+
+            //look for start of quote
+            if(!$inQuote && !$inComment)
+            {
+                //is this character a quote or a comment
+                if(($c=="\"" || $c=="'") && !$inComment && !$inNormalComment)
+                {
+                    $inQuote = true;
+                    $inComment = false;
+                    $escaped = false;
+                    $quoteChar = $c;
+                    $literal = $c;
+                }
+                else if($d=="/*" && !$inNormalComment)
+                {
+                    $inQuote = false;
+                    $inComment = true;
+                    $escaped = false;
+                    $quoteChar = $d;
+                    $literal = $d;
+                    $j++;
+                }
+                else if($d=="//") //ignore string markers that are found inside comments
+                {
+                    $inNormalComment = true;
+                    $clean .= $c;
+                }
+                else
+                {
+                    $clean .= $c;
+                }
+            }
+            else //allready in a string so find end quote
+            {
+                if($c == $quoteChar && !$escaped && !$inComment)
+                {
+                    $inQuote = false;
+                    $literal .= $c;
+
+                    //subsitute in a marker for the string
+                    $clean .= "___" . count($literal_strings) . "___";
+
+                    //push the string onto our array
+                    array_push($literal_strings,$literal);
+
+                }
+                else if($inComment && $d=="*/")
+                {
+                    $inComment = false;
+                    $literal .= $d;
+
+                    //subsitute in a marker for the string
+                    $clean .= "___" . count($literal_strings) . "___";
+
+                    //push the string onto our array
+                    array_push($literal_strings,$literal);
+
+                    $j++;
+                }
+                else if($c == "\\" && !$escaped)
+                    $escaped = true;
+                else
+                    $escaped = false;
+
+                $literal .= $c;
+            }
+        }
+        if($inComment) $literal .= "\n";
+        $clean .= "\n";
+    }
+    //explode the clean string into lines again
+    $lines = explode("\n",$clean);
+
+    //now process each line at a time
+    for($i=0;$i<count($lines);$i++)
+    {
+        $line = $lines[$i];
+
+        //remove comments
+        $line = preg_replace("/\/\/(.*)/","",$line);
+
+        //strip leading and trailing whitespace
+        $line = trim($line);
+
+        //remove all whitespace with a single space
+        $line = preg_replace("/\s+/"," ",$line);
+
+        //remove any whitespace that occurs after/before an operator
+        $line = preg_replace("/\s*([!\}\{;,&=\|\-\+\*\/\)\(:])\s*/","\\1",$line);
+
+        $lines[$i] = $line;
+    }
+
+    //implode the lines
+    $sJS = implode("\n",$lines);
+
+    //make sure there is a max of 1 \n after each line
+    $sJS = preg_replace("/[\n]+/","\n",$sJS);
+
+    //strip out line breaks that immediately follow a semi-colon
+    $sJS = preg_replace("/;\n/",";",$sJS);
+
+    //curly brackets aren't on their own
+    $sJS = preg_replace("/[\n]*\{[\n]*/","{",$sJS);
+
+    //finally loop through and replace all the literal strings:
+    for($i=0;$i<count($literal_strings);$i++)
+        $sJS = str_replace("___".$i."___",$literal_strings[$i],$sJS);
+
+    return $sJS;
 }
 ?>

main/inc/lib/userportal.lib.php

Indentation +17 added lines, -17 removed lines

@@ -248,17 +248,17 @@ 
                 }
             }
 
-			if (trim($home_top_temp) == '' && api_is_platform_admin()) {
-				$home_top_temp = '<div class="welcome-mascot">' . get_lang('PortalHomepageDefaultIntroduction') . '</div>';
-			} else {
-				$home_top_temp = '<div class="welcome-home-top-temp">' . $home_top_temp . '</div>';
-			}
-			$open = str_replace('{rel_path}', api_get_path(REL_PATH), $home_top_temp);
-			$html = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
-		}
-
-		return $html;
-	}
+            if (trim($home_top_temp) == '' && api_is_platform_admin()) {
+                $home_top_temp = '<div class="welcome-mascot">' . get_lang('PortalHomepageDefaultIntroduction') . '</div>';
+            } else {
+                $home_top_temp = '<div class="welcome-home-top-temp">' . $home_top_temp . '</div>';
+            }
+            $open = str_replace('{rel_path}', api_get_path(REL_PATH), $home_top_temp);
+            $html = api_to_system_encoding($open, api_detect_encoding(strip_tags($open)));
+        }
+
+        return $html;
+    }
 
     function return_notice()
     {
@@ -509,7 +509,7 @@ 
                     $thereIsSubCat = true;
                 } elseif (api_get_setting('show_empty_course_categories') == 'true') {
                     /* End changed code to eliminate the (0 courses) after empty categories. */
-                      $htmlListCat .= '<li>';
+                        $htmlListCat .= '<li>';
                     $htmlListCat .= $catLine['name'];
                     $htmlListCat .= "</li>";
                     $thereIsSubCat = true;
@@ -639,11 +639,11 @@ 
     }
 
     /**
-    * retrieves all the courses that the user has already subscribed to
-    * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University, Belgium
-    * @param int $user_id: the id of the user
-    * @return array an array containing all the information of the courses of the given user
-    */
+     * retrieves all the courses that the user has already subscribed to
+     * @author Patrick Cool <patrick.cool@UGent.be>, Ghent University, Belgium
+     * @param int $user_id: the id of the user
+     * @return array an array containing all the information of the courses of the given user
+     */
     public function get_courses_of_user($user_id)
     {
         $table_course = Database::get_main_table(TABLE_MAIN_COURSE);

main/tracking/course_log_tools.php

Indentation +2 added lines, -2 removed lines

@@ -78,7 +78,7 @@ 
 
 // getting all the students of the course
 if (empty($session_id)) {
-	// Registered students in a course outside session.
+    // Registered students in a course outside session.
     $a_students = CourseManager:: get_student_list_from_course_code(
         api_get_course_id(),
         false,
@@ -89,7 +89,7 @@ 
         api_get_group_id()
     );
 } else {
-	// Registered students in session.
+    // Registered students in session.
     $a_students = CourseManager:: get_student_list_from_course_code(
         api_get_course_id(),
         true,

main/tracking/courseLog.php

Indentation +1 added lines, -1 removed lines

@@ -111,7 +111,7 @@
                             get_lang('HideColumn'),
                             array('align' => 'absmiddle', 'hspace' => '3px'),
                             ICON_SIZE_SMALL
-                         ) . "</div>'
+                            ) . "</div>'
                     );
                 }
             );

main/tracking/course_session_report.php

Indentation +122 added lines, -122 removed lines

@@ -14,23 +14,23 @@ 
 $is_allowedToTrack = $is_courseAdmin || $is_platformAdmin || $is_courseCoach || $is_sessionAdmin;
 
 if (!$is_allowedToTrack) {
-	api_not_allowed(true);
+    api_not_allowed(true);
 }
 
 $export_to_xls = false;
 if (isset($_GET['export'])) {
-	$export_to_xls = true;
+    $export_to_xls = true;
 }
 if (api_is_platform_admin() ) {
-	$global = true;
+    $global = true;
 } else {
-	$global = false;
+    $global = false;
 }
 $global = true;
 
 $session_id = isset($_GET['session_id']) ? intval($_GET['session_id']) : null;
 if (empty($session_id)) {
-	$session_id  = 1;
+    $session_id  = 1;
 }
 
 $form = new FormValidator('search_simple','POST','','',null,false);
@@ -39,10 +39,10 @@ 
 $session_list = SessionManager::get_sessions_list(array(), array('name'));
 $my_session_list = array();
 foreach($session_list as $sesion_item) {
-	$my_session_list[$sesion_item['id']] = $sesion_item['name'];
+    $my_session_list[$sesion_item['id']] = $sesion_item['name'];
 }
 if (count($session_list) == 0) {
-	$my_session_list[0] = get_lang('None');
+    $my_session_list[0] = get_lang('None');
 }
 $form->addElement('select', 'session_id', get_lang('Sessions'), $my_session_list);
 $form->addButtonFilter(get_lang('Filter'));
@@ -51,32 +51,32 @@ 
 if (!empty($_REQUEST['session_id'])) $session_id = intval($_REQUEST['session_id']); else $session_id = 0;
 
 if (empty($session_id)) {
-	$session_id = key($my_session_list);
+    $session_id = key($my_session_list);
 }
 $form->setDefaults(array('session_id'=>$session_id));
 $course_list = SessionManager::get_course_list_by_session_id($session_id);
 
 if (!$export_to_xls) {
-	Display :: display_header(get_lang("MySpace"));
-	echo '<div class="actions">';
+    Display :: display_header(get_lang("MySpace"));
+    echo '<div class="actions">';
 
-	if ($global) {
-		echo MySpace::getTopMenu();
-	} else {
-		echo '<div style="float:left; clear:left">
+    if ($global) {
+        echo MySpace::getTopMenu();
+    } else {
+        echo '<div style="float:left; clear:left">
 				<a href="courseLog.php?'.api_get_cidreq().'&studentlist=true">'.get_lang('StudentsTracking').'</a>&nbsp;|
 				<a href="courseLog.php?'.api_get_cidreq().'&studentlist=false">'.get_lang('CourseTracking').'</a>&nbsp;';
-		echo '</div>';
-	}
-	echo '</div>';
+        echo '</div>';
+    }
+    echo '</div>';
 
-	if  (api_is_platform_admin()) {
-		echo MySpace::getAdminActions();
-	}
+    if  (api_is_platform_admin()) {
+        echo MySpace::getAdminActions();
+    }
 
-	echo '<h2>'.get_lang('LPExerciseResultsBySession').'</h2>';
-	$form->display();
-	Display::display_normal_message(get_lang('StudentScoreAverageIsCalculatedBaseInAllLPsAndAllAttempts'));
+    echo '<h2>'.get_lang('LPExerciseResultsBySession').'</h2>';
+    $form->display();
+    Display::display_normal_message(get_lang('StudentScoreAverageIsCalculatedBaseInAllLPsAndAllAttempts'));
 }
 
 $users = SessionManager::get_users_by_session($session_id);
@@ -86,15 +86,15 @@ 
 $main_result = array();
 //Getting course list
 foreach ($course_list  as $current_course ) {
-	$course_info = api_get_course_info($current_course['code']);
-	$_course = $course_info;
-	$attempt_result = array();
+    $course_info = api_get_course_info($current_course['code']);
+    $_course = $course_info;
+    $attempt_result = array();
 
-	//Getting LP list
-	$list = new LearnpathList('', $current_course['code'], $session_id);
-	$lp_list = $list->get_flat_list();
+    //Getting LP list
+    $list = new LearnpathList('', $current_course['code'], $session_id);
+    $lp_list = $list->get_flat_list();
 
-	// Looping LPs
+    // Looping LPs
     foreach ($lp_list as $lp_id =>$lp) {
         $exercise_list = Event::get_all_exercises_from_lp($lp_id, $course_info['real_id']);
         // Looping Chamilo Exercises in LP
@@ -111,7 +111,7 @@ 
             }
         }
     }
-	$main_result[$current_course['code']] = $attempt_result;
+    $main_result[$current_course['code']] = $attempt_result;
 }
 
 $total_average_score = 0;
@@ -119,102 +119,102 @@ 
 $html_result = '';
 if (!empty($users) && is_array($users)) {
 
-	$html_result .= '<table  class="data_table">';
-	$html_result .= '<tr><th>'.get_lang('User').'</th>';
-	foreach($course_list as $item ) {
-		$html_result .= '<th>'.$item['title'].'<br /> '.get_lang('AverageScore').' %</th>';
-	}
-	$html_result .= '<th>'.get_lang('AverageScore').' %</th>';
-	$html_result .= '<th>'.get_lang('LastConnexionDate').'</th></tr>';
-
-	foreach ($users  as $user) {
-		$total_student = 0;
-		$counter ++;
-		$s_css_class = 'row_even';
-		if ($counter % 2 ==0 ) {
-			$s_css_class = 'row_odd';
-		}
-		$html_result .= "<tr class='$s_css_class'>
+    $html_result .= '<table  class="data_table">';
+    $html_result .= '<tr><th>'.get_lang('User').'</th>';
+    foreach($course_list as $item ) {
+        $html_result .= '<th>'.$item['title'].'<br /> '.get_lang('AverageScore').' %</th>';
+    }
+    $html_result .= '<th>'.get_lang('AverageScore').' %</th>';
+    $html_result .= '<th>'.get_lang('LastConnexionDate').'</th></tr>';
+
+    foreach ($users  as $user) {
+        $total_student = 0;
+        $counter ++;
+        $s_css_class = 'row_even';
+        if ($counter % 2 ==0 ) {
+            $s_css_class = 'row_odd';
+        }
+        $html_result .= "<tr class='$s_css_class'>
 							<td >";
-		$html_result .= $user['firstname'].' '.$user['lastname'];
-		$html_result .= "</td>";
-
-		// Getting course list
-
-		$counter = 0;
-		$total_result_by_user = 0;
-		foreach ($course_list  as $current_course ) {
-			$total_course = 0;
-			$html_result .= "<td>";
-
-
-			$result  = '-';
-			if (isset($main_result[$current_course['code']][$user['user_id']])) {
-				$user_info_stat = $main_result[$current_course['code']][$user['user_id']];
-				if (!empty($user_info_stat['result']) && !empty($user_info_stat['attempts'])) {
-					$result = round(
-						$user_info_stat['result'] / $user_info_stat['attempts'] * 100,
-						2
-					);
-					$total_course += $result;
-					$total_result_by_user += $result;
-					$course_average[$current_course['code']] += $total_course;
-					$course_average_counter[$current_course['code']]++;
-					$result = $result . ' (' . $user_info_stat['attempts'] . ' ' . get_lang(
-							'Attempts'
-						) . ')';
-					$counter++;
-				}
-			}
-
-			$html_result .= $result;
-			$html_result .= "</td>";
-		}
-		if (empty($counter)) {
-			$total_student = '-';
-		} else {
-			$total_student = $total_result_by_user/$counter;
-			$total_average_score+=$total_student;
-			$total_average_score_count++;
-		}
-		$string_date=Tracking :: get_last_connection_date($user['user_id'],true);
-		$html_result .="<td>$total_student</td><td>$string_date</td></tr>";
-	}
-
-	$html_result .="<tr><th>".get_lang('AverageScore')."</th>";
-	$total_average = 0;
-	$counter = 0;
-	foreach($course_list as $course_item) {
-		if (!empty($course_average_counter[$course_item['code']])) {
-			$average_per_course = round(
-				$course_average[$course_item['code']]/($course_average_counter[$course_item['code']]*100)*100,
-				2
-			);
-		} else {
-			$average_per_course = '-';
-		}
-		if (!empty($average_per_course)) {
-			$counter++;
-		}
-		$total_average = $total_average + $average_per_course;
-		$html_result .="<td>$average_per_course</td>";
-	}
-	if (!empty($total_average_score_count)) {
-		$total_average = round($total_average_score/($total_average_score_count*100)*100,2);
-	} else {
-		$total_average = '-';
-	}
-
-	$html_result .='<td>'.$total_average.'</td>';
-	$html_result .="<td>-</td>";
-	$html_result .="</tr>";
-	$html_result .= '</table>';
+        $html_result .= $user['firstname'].' '.$user['lastname'];
+        $html_result .= "</td>";
+
+        // Getting course list
+
+        $counter = 0;
+        $total_result_by_user = 0;
+        foreach ($course_list  as $current_course ) {
+            $total_course = 0;
+            $html_result .= "<td>";
+
+
+            $result  = '-';
+            if (isset($main_result[$current_course['code']][$user['user_id']])) {
+                $user_info_stat = $main_result[$current_course['code']][$user['user_id']];
+                if (!empty($user_info_stat['result']) && !empty($user_info_stat['attempts'])) {
+                    $result = round(
+                        $user_info_stat['result'] / $user_info_stat['attempts'] * 100,
+                        2
+                    );
+                    $total_course += $result;
+                    $total_result_by_user += $result;
+                    $course_average[$current_course['code']] += $total_course;
+                    $course_average_counter[$current_course['code']]++;
+                    $result = $result . ' (' . $user_info_stat['attempts'] . ' ' . get_lang(
+                            'Attempts'
+                        ) . ')';
+                    $counter++;
+                }
+            }
+
+            $html_result .= $result;
+            $html_result .= "</td>";
+        }
+        if (empty($counter)) {
+            $total_student = '-';
+        } else {
+            $total_student = $total_result_by_user/$counter;
+            $total_average_score+=$total_student;
+            $total_average_score_count++;
+        }
+        $string_date=Tracking :: get_last_connection_date($user['user_id'],true);
+        $html_result .="<td>$total_student</td><td>$string_date</td></tr>";
+    }
+
+    $html_result .="<tr><th>".get_lang('AverageScore')."</th>";
+    $total_average = 0;
+    $counter = 0;
+    foreach($course_list as $course_item) {
+        if (!empty($course_average_counter[$course_item['code']])) {
+            $average_per_course = round(
+                $course_average[$course_item['code']]/($course_average_counter[$course_item['code']]*100)*100,
+                2
+            );
+        } else {
+            $average_per_course = '-';
+        }
+        if (!empty($average_per_course)) {
+            $counter++;
+        }
+        $total_average = $total_average + $average_per_course;
+        $html_result .="<td>$average_per_course</td>";
+    }
+    if (!empty($total_average_score_count)) {
+        $total_average = round($total_average_score/($total_average_score_count*100)*100,2);
+    } else {
+        $total_average = '-';
+    }
+
+    $html_result .='<td>'.$total_average.'</td>';
+    $html_result .="<td>-</td>";
+    $html_result .="</tr>";
+    $html_result .= '</table>';
 } else {
-	Display::display_warning_message(get_lang('NoResults'));
+    Display::display_warning_message(get_lang('NoResults'));
 }
 
 if (!$export_to_xls) {
-	echo $html_result;
+    echo $html_result;
 }
 
 Display :: display_footer();

main/tracking/question_course_report.php

Indentation +107 added lines, -107 removed lines

@@ -14,20 +14,20 @@ 
 $is_allowedToTrack = $is_courseAdmin || $is_platformAdmin || $is_courseCoach || $is_sessionAdmin;
 
 if (!$is_allowedToTrack) {
-	Display :: display_header(null);
-	api_not_allowed();
-	Display :: display_footer();
+    Display :: display_header(null);
+    api_not_allowed();
+    Display :: display_footer();
 }
 
 $export_to_xls = false;
 if (isset($_GET['export'])) {
-	$export_to_xls = true;
+    $export_to_xls = true;
 }
 
 if (api_is_platform_admin() ) {
-	$global = true;
+    $global = true;
 } else {
-	$global = false;
+    $global = false;
 }
 $global = true;
 
@@ -45,14 +45,14 @@ 
 $session_id = isset($_REQUEST['session_id']) ? intval($_REQUEST['session_id']) : null;
 
 if (empty($session_id)) {
-	$temp_course_list = CourseManager :: get_courses_list();
+    $temp_course_list = CourseManager :: get_courses_list();
 } else {
-	$temp_course_list = SessionManager::get_course_list_by_session_id($session_id);
+    $temp_course_list = SessionManager::get_course_list_by_session_id($session_id);
 }
 
 foreach ($temp_course_list  as $temp_course_item) {
-	$course_item = CourseManager ::get_course_information($temp_course_item['code']);
-	$course_select_list[$temp_course_item['code']]	= $course_item['title'];
+    $course_item = CourseManager ::get_course_information($temp_course_item['code']);
+    $course_select_list[$temp_course_item['code']]	= $course_item['title'];
 }
 
 //Get session list
@@ -95,132 +95,132 @@ 
 $course_info = api_get_course_info($course_code);
 
 if (!empty($course_info)) {
-	$list = new LearnpathList('', $course_code);
-	$lp_list = $list->get_flat_list();
+    $list = new LearnpathList('', $course_code);
+    $lp_list = $list->get_flat_list();
 
-	$main_question_list = array();
+    $main_question_list = array();
 
-	foreach ($lp_list as $lp_id => $lp) {
+    foreach ($lp_list as $lp_id => $lp) {
         $exercise_list = Event::get_all_exercises_from_lp(
             $lp_id,
             $course_info['real_id']
         );
 
-		foreach ($exercise_list as $exercise) {
-			$my_exercise = new Exercise($course_info['real_id']);
-			$my_exercise->read($exercise['path']);
-			$question_list = $my_exercise->selectQuestionList();
-
-			$exercise_stats = Event::get_all_exercise_event_from_lp(
-				$exercise['path'],
-				$course_info['real_id'],
-				$session_id
-			);
-
-			foreach ($question_list as $question_id) {
-				$question_data = Question::read($question_id);
-				$main_question_list[$question_id] = $question_data;
-				$quantity_exercises = 0;
-				$question_result = 0;
-
-				foreach ($exercise_stats as $stats) {
-					if (!empty($stats['question_list'])) {
-						foreach($stats['question_list'] as $my_question_stat) {
-							if ($question_id == $my_question_stat['question_id']) {
-								$question_result =  $question_result + $my_question_stat['marks'];
-								$quantity_exercises++;
-							}
-						}
-					}
-				}
-
-				if (!empty($quantity_exercises)) {
-					// Score % average
-					$main_question_list[$question_id]->results = ($question_result / ($quantity_exercises));
-				} else {
-					$main_question_list[$question_id]->results = 0;
-				}
-
-				$main_question_list[$question_id]->quantity = $quantity_exercises;
-			}
-		}
-	}
+        foreach ($exercise_list as $exercise) {
+            $my_exercise = new Exercise($course_info['real_id']);
+            $my_exercise->read($exercise['path']);
+            $question_list = $my_exercise->selectQuestionList();
+
+            $exercise_stats = Event::get_all_exercise_event_from_lp(
+                $exercise['path'],
+                $course_info['real_id'],
+                $session_id
+            );
+
+            foreach ($question_list as $question_id) {
+                $question_data = Question::read($question_id);
+                $main_question_list[$question_id] = $question_data;
+                $quantity_exercises = 0;
+                $question_result = 0;
+
+                foreach ($exercise_stats as $stats) {
+                    if (!empty($stats['question_list'])) {
+                        foreach($stats['question_list'] as $my_question_stat) {
+                            if ($question_id == $my_question_stat['question_id']) {
+                                $question_result =  $question_result + $my_question_stat['marks'];
+                                $quantity_exercises++;
+                            }
+                        }
+                    }
+                }
+
+                if (!empty($quantity_exercises)) {
+                    // Score % average
+                    $main_question_list[$question_id]->results = ($question_result / ($quantity_exercises));
+                } else {
+                    $main_question_list[$question_id]->results = 0;
+                }
+
+                $main_question_list[$question_id]->quantity = $quantity_exercises;
+            }
+        }
+    }
 }
 
 if (!$export_to_xls) {
-	Display :: display_header(get_lang("MySpace"));
-	echo '<div class="actions">';
-	if ($global) {
-		echo MySpace::getTopMenu();
-	} else {
-		echo '<div style="float:left; clear:left">
+    Display :: display_header(get_lang("MySpace"));
+    echo '<div class="actions">';
+    if ($global) {
+        echo MySpace::getTopMenu();
+    } else {
+        echo '<div style="float:left; clear:left">
 				<a href="courseLog.php?'.api_get_cidreq().'&studentlist=true">'.
                     get_lang('StudentsTracking').'</a>&nbsp;|
 				<a href="courseLog.php?'.api_get_cidreq().'&studentlist=false">'.
                     get_lang('CourseTracking').'</a>&nbsp;';
-		echo '</div>';
-	}
-	echo '</div>';
+        echo '</div>';
+    }
+    echo '</div>';
 
-	if (api_is_platform_admin()) {
-		echo MySpace::getAdminActions();
-	}
-	echo '<br />';
-	echo '<h2>'.get_lang('LPQuestionListResults').'</h2>';
+    if (api_is_platform_admin()) {
+        echo MySpace::getAdminActions();
+    }
+    echo '<br />';
+    echo '<h2>'.get_lang('LPQuestionListResults').'</h2>';
 
-	$form->display();
+    $form->display();
 
-	if (empty($course_code)) {
-		Display::display_warning_message(get_lang('PleaseSelectACourse'));
-	}
+    if (empty($course_code)) {
+        Display::display_warning_message(get_lang('PleaseSelectACourse'));
+    }
 }
 
 $course_average = array();
 $counter = 0;
 
 if (!empty($main_question_list) && is_array($main_question_list)) {
-	$html_result .= '<table  class="data_table">';
-	$html_result .= '<tr><th>'.get_lang('Question').
+    $html_result .= '<table  class="data_table">';
+    $html_result .= '<tr><th>'.get_lang('Question').
                     Display :: return_icon('info3.gif', get_lang('QuestionsAreTakenFromLPExercises'), array('align' => 'absmiddle', 'hspace' => '3px')).'</th>';
-	$html_result .= '<th>'.$course_info['visual_code'].' '.get_lang('AverageScore').Display :: return_icon('info3.gif', get_lang('AllStudentsAttemptsAreConsidered'), array('align' => 'absmiddle', 'hspace' => '3px')).' </th>';
-	$html_result .= '<th>'.get_lang('Quantity').'</th>';
-
-	foreach ($main_question_list as $question) {
-		$total_student = 0;
-		$counter ++;
-		$s_css_class = 'row_even';
-		if ($counter % 2 ==0 ) {
-			$s_css_class = 'row_odd';
-		}
-		$html_result .= "<tr class='$s_css_class'>
+    $html_result .= '<th>'.$course_info['visual_code'].' '.get_lang('AverageScore').Display :: return_icon('info3.gif', get_lang('AllStudentsAttemptsAreConsidered'), array('align' => 'absmiddle', 'hspace' => '3px')).' </th>';
+    $html_result .= '<th>'.get_lang('Quantity').'</th>';
+
+    foreach ($main_question_list as $question) {
+        $total_student = 0;
+        $counter ++;
+        $s_css_class = 'row_even';
+        if ($counter % 2 ==0 ) {
+            $s_css_class = 'row_odd';
+        }
+        $html_result .= "<tr class='$s_css_class'>
 							<td >";
-		$question_title = trim($question->question);
-		if (empty($question_title)) {
-			$html_result .= get_lang('Untitled').' '.get_lang('Question').' #'.$question->id;
-		} else {
-			$html_result .= $question->question;
-		}
-
-		$html_result .= "</td>";
-		$html_result .= "<td>";
-		$html_result .= round($question->results, 2).' / '.$question->weighting;
-		$html_result .= "</td>";
-
-		$html_result .= "<td>";
-		$html_result .= $question->quantity;
-		$html_result .= "</td>";
-	}
-
-	$html_result .="</tr>";
-	$html_result .= '</table>';
+        $question_title = trim($question->question);
+        if (empty($question_title)) {
+            $html_result .= get_lang('Untitled').' '.get_lang('Question').' #'.$question->id;
+        } else {
+            $html_result .= $question->question;
+        }
+
+        $html_result .= "</td>";
+        $html_result .= "<td>";
+        $html_result .= round($question->results, 2).' / '.$question->weighting;
+        $html_result .= "</td>";
+
+        $html_result .= "<td>";
+        $html_result .= $question->quantity;
+        $html_result .= "</td>";
+    }
+
+    $html_result .="</tr>";
+    $html_result .= '</table>';
 } else {
-	if (!empty($course_code)) {
-		Display::display_warning_message(get_lang('NoResults'));
-	}
+    if (!empty($course_code)) {
+        Display::display_warning_message(get_lang('NoResults'));
+    }
 }
 
 if (!$export_to_xls) {
-	echo $html_result;
+    echo $html_result;
 }
 
 Display :: display_footer();

main/install/update-configuration.inc.php

Indentation +1 added lines, -1 removed lines

@@ -38,7 +38,7 @@
         if (stripos($line, '$_configuration[\'system_version\']') !== false) {
             $found_version = true;
             $line = '$_configuration[\'system_version\'] = \'' . $new_version . '\';' . "\r\n";
-       } elseif (stripos($line, '$_configuration[\'system_stable\']') !== false) {
+        } elseif (stripos($line, '$_configuration[\'system_stable\']') !== false) {
             $found_stable = true;
             $line = '$_configuration[\'system_stable\'] = ' . ($new_version_stable ? 'true' : 'false') . ';' . "\r\n";
         } elseif (stripos($line, '$_configuration[\'software_name\']') !== false) {