Issues in ImageRenderer.php - New Issues - Inspection of "Merge pull request #293 from thephpleague/escape-h..." - thephpleague/commonmark - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 7a6aee...e5c914 )

by Colin

created 2017-10-30 23:21 UTC

src/Inline/Renderer/ImageRenderer.php (1 issue)

Labels

Deprecated Code 1

Severity

Minor 1

Martin Hasoň 1

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php

/*
 * This file is part of the league/commonmark package.
 *
 * (c) Colin O'Dell <[email protected]>
 *
 * Original code based on the CommonMark JS reference parser (https://bitly.com/commonmark-js)
 *  - (c) John MacFarlane
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

namespace League\CommonMark\Inline\Renderer;

use League\CommonMark\ElementRendererInterface;
use League\CommonMark\HtmlElement;
use League\CommonMark\Inline\Element\AbstractInline;
use League\CommonMark\Inline\Element\Image;
use League\CommonMark\Util\Configuration;
use League\CommonMark\Util\ConfigurationAwareInterface;
use League\CommonMark\Util\RegexHelper;

class ImageRenderer implements InlineRendererInterface, ConfigurationAwareInterface
{
    /**
     * @var Configuration
     */
    protected $config;

    /**
     * @param Image                    $inline
     * @param ElementRendererInterface $htmlRenderer
     *
     * @return HtmlElement
     */
    public function render(AbstractInline $inline, ElementRendererInterface $htmlRenderer)
    {
        if (!($inline instanceof Image)) {
            throw new \InvalidArgumentException('Incompatible inline type: ' . get_class($inline));
        }

        $attrs = [];
        foreach ($inline->getData('attributes', []) as $key => $value) {
            $attrs[$key] = $htmlRenderer->escape($value, true);

        }

        $forbidUnsafeLinks = $this->config->getConfig('safe') || !$this->config->getConfig('allow_unsafe_links');
        if ($forbidUnsafeLinks && RegexHelper::isLinkPotentiallyUnsafe($inline->getUrl())) {
            $attrs['src'] = '';
        } else {
            $attrs['src'] = $htmlRenderer->escape($inline->getUrl(), true);
        }

        $alt = $htmlRenderer->renderInlines($inline->children());
        $alt = preg_replace('/\<[^>]*alt="([^"]*)"[^>]*\>/', '$1', $alt);
        $attrs['alt'] = preg_replace('/\<[^>]*\>/', '', $alt);

        if (isset($inline->data['title'])) {
            $attrs['title'] = $htmlRenderer->escape($inline->data['title'], true);
        }

        return new HtmlElement('img', $attrs, '', true);
    }

    /**
     * @param Configuration $configuration
     */
    public function setConfiguration(Configuration $configuration)
    {
        $this->config = $configuration;
    }
}


1		<?php
2
3		/*
4		* This file is part of the league/commonmark package.
5		*
6		* (c) Colin O'Dell <[email protected]>
7		*
8		* Original code based on the CommonMark JS reference parser (https://bitly.com/commonmark-js)
9		* - (c) John MacFarlane
10		*
11		* For the full copyright and license information, please view the LICENSE
12		* file that was distributed with this source code.
13		*/
14
15		namespace League\CommonMark\Inline\Renderer;
16
17		use League\CommonMark\ElementRendererInterface;
18		use League\CommonMark\HtmlElement;
19		use League\CommonMark\Inline\Element\AbstractInline;
20		use League\CommonMark\Inline\Element\Image;
21		use League\CommonMark\Util\Configuration;
22		use League\CommonMark\Util\ConfigurationAwareInterface;
23		use League\CommonMark\Util\RegexHelper;
24
25		class ImageRenderer implements InlineRendererInterface, ConfigurationAwareInterface
26		{
27		/**
28		* @var Configuration
29		*/
30		protected $config;
31
32		/**
33		* @param Image $inline
34		* @param ElementRendererInterface $htmlRenderer
35		*
36		* @return HtmlElement
37		*/
38	96	public function render(AbstractInline $inline, ElementRendererInterface $htmlRenderer)
39		{
40	96	if (!($inline instanceof Image)) {
41	3	throw new \InvalidArgumentException('Incompatible inline type: ' . get_class($inline));
42		}
43
44	93	$attrs = [];
45	93	foreach ($inline->getData('attributes', []) as $key => $value) {
46	3	$attrs[$key] = $htmlRenderer->escape($value, true);
		0 ignored issues – show Deprecated Code introduced 2017-10-30 23:23 UTC by Report Bug Copy Issue Report Show Similar Issues like this The method `League\CommonMark\Elemen...ererInterface::escape()` has been deprecated. This method has been deprecated. Loading history...
47	62	}
48
49	93	$forbidUnsafeLinks = $this->config->getConfig('safe') \|\| !$this->config->getConfig('allow_unsafe_links');
50	93	if ($forbidUnsafeLinks && RegexHelper::isLinkPotentiallyUnsafe($inline->getUrl())) {
51	6	$attrs['src'] = '';
52	4	} else {
53	87	$attrs['src'] = $htmlRenderer->escape($inline->getUrl(), true);
54		}
55
56	93	$alt = $htmlRenderer->renderInlines($inline->children());
57	93	$alt = preg_replace('/\<[^>]alt="([^"])"[^>]*\>/', '$1', $alt);
58	93	$attrs['alt'] = preg_replace('/\<[^>]*\>/', '', $alt);
59
60	93	if (isset($inline->data['title'])) {
61	39	$attrs['title'] = $htmlRenderer->escape($inline->data['title'], true);
62	26	}
63
64	93	return new HtmlElement('img', $attrs, '', true);
65		}
66
67		/**
68		* @param Configuration $configuration
69		*/
70	1953	public function setConfiguration(Configuration $configuration)
71		{
72	1953	$this->config = $configuration;
73	1953	}
74		}
75

thephpleague / commonmark

Push — master ( 7a6aee...e5c914 )

src/Inline/Renderer/ImageRenderer.php (1 issue)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like