xpressengine /
xe-core
@@ -7,70 +7,70 @@ |
||
| 7 | 7 | class HTMLPurifier_AttrDef_URI extends HTMLPurifier_AttrDef |
| 8 | 8 | { |
| 9 | 9 | |
| 10 | - protected $parser; |
|
| 11 | - protected $embedsResource; |
|
| 10 | + protected $parser; |
|
| 11 | + protected $embedsResource; |
|
| 12 | 12 | |
| 13 | - /** |
|
| 14 | - * @param $embeds_resource_resource Does the URI here result in an extra HTTP request? |
|
| 15 | - */ |
|
| 16 | - public function __construct($embeds_resource = false) { |
|
| 17 | - $this->parser = new HTMLPurifier_URIParser(); |
|
| 18 | - $this->embedsResource = (bool) $embeds_resource; |
|
| 19 | - } |
|
| 13 | + /** |
|
| 14 | + * @param $embeds_resource_resource Does the URI here result in an extra HTTP request? |
|
| 15 | + */ |
|
| 16 | + public function __construct($embeds_resource = false) { |
|
| 17 | + $this->parser = new HTMLPurifier_URIParser(); |
|
| 18 | + $this->embedsResource = (bool) $embeds_resource; |
|
| 19 | + } |
|
| 20 | 20 | |
| 21 | - public function make($string) { |
|
| 22 | - $embeds = ($string === 'embedded'); |
|
| 23 | - return new HTMLPurifier_AttrDef_URI($embeds); |
|
| 24 | - } |
|
| 21 | + public function make($string) { |
|
| 22 | + $embeds = ($string === 'embedded'); |
|
| 23 | + return new HTMLPurifier_AttrDef_URI($embeds); |
|
| 24 | + } |
|
| 25 | 25 | |
| 26 | - public function validate($uri, $config, $context) { |
|
| 26 | + public function validate($uri, $config, $context) { |
|
| 27 | 27 | |
| 28 | - if ($config->get('URI.Disable')) return false; |
|
| 28 | + if ($config->get('URI.Disable')) return false; |
|
| 29 | 29 | |
| 30 | - $uri = $this->parseCDATA($uri); |
|
| 30 | + $uri = $this->parseCDATA($uri); |
|
| 31 | 31 | |
| 32 | - // parse the URI |
|
| 33 | - $uri = $this->parser->parse($uri); |
|
| 34 | - if ($uri === false) return false; |
|
| 32 | + // parse the URI |
|
| 33 | + $uri = $this->parser->parse($uri); |
|
| 34 | + if ($uri === false) return false; |
|
| 35 | 35 | |
| 36 | - // add embedded flag to context for validators |
|
| 37 | - $context->register('EmbeddedURI', $this->embedsResource); |
|
| 36 | + // add embedded flag to context for validators |
|
| 37 | + $context->register('EmbeddedURI', $this->embedsResource); |
|
| 38 | 38 | |
| 39 | - $ok = false; |
|
| 40 | - do { |
|
| 39 | + $ok = false; |
|
| 40 | + do { |
|
| 41 | 41 | |
| 42 | - // generic validation |
|
| 43 | - $result = $uri->validate($config, $context); |
|
| 44 | - if (!$result) break; |
|
| 42 | + // generic validation |
|
| 43 | + $result = $uri->validate($config, $context); |
|
| 44 | + if (!$result) break; |
|
| 45 | 45 | |
| 46 | - // chained filtering |
|
| 47 | - $uri_def = $config->getDefinition('URI'); |
|
| 48 | - $result = $uri_def->filter($uri, $config, $context); |
|
| 49 | - if (!$result) break; |
|
| 46 | + // chained filtering |
|
| 47 | + $uri_def = $config->getDefinition('URI'); |
|
| 48 | + $result = $uri_def->filter($uri, $config, $context); |
|
| 49 | + if (!$result) break; |
|
| 50 | 50 | |
| 51 | - // scheme-specific validation |
|
| 52 | - $scheme_obj = $uri->getSchemeObj($config, $context); |
|
| 53 | - if (!$scheme_obj) break; |
|
| 54 | - if ($this->embedsResource && !$scheme_obj->browsable) break; |
|
| 55 | - $result = $scheme_obj->validate($uri, $config, $context); |
|
| 56 | - if (!$result) break; |
|
| 51 | + // scheme-specific validation |
|
| 52 | + $scheme_obj = $uri->getSchemeObj($config, $context); |
|
| 53 | + if (!$scheme_obj) break; |
|
| 54 | + if ($this->embedsResource && !$scheme_obj->browsable) break; |
|
| 55 | + $result = $scheme_obj->validate($uri, $config, $context); |
|
| 56 | + if (!$result) break; |
|
| 57 | 57 | |
| 58 | - // Post chained filtering |
|
| 59 | - $result = $uri_def->postFilter($uri, $config, $context); |
|
| 60 | - if (!$result) break; |
|
| 58 | + // Post chained filtering |
|
| 59 | + $result = $uri_def->postFilter($uri, $config, $context); |
|
| 60 | + if (!$result) break; |
|
| 61 | 61 | |
| 62 | - // survived gauntlet |
|
| 63 | - $ok = true; |
|
| 62 | + // survived gauntlet |
|
| 63 | + $ok = true; |
|
| 64 | 64 | |
| 65 | - } while (false); |
|
| 65 | + } while (false); |
|
| 66 | 66 | |
| 67 | - $context->destroy('EmbeddedURI'); |
|
| 68 | - if (!$ok) return false; |
|
| 67 | + $context->destroy('EmbeddedURI'); |
|
| 68 | + if (!$ok) return false; |
|
| 69 | 69 | |
| 70 | - // back to string |
|
| 71 | - return $uri->toString(); |
|
| 70 | + // back to string |
|
| 71 | + return $uri->toString(); |
|
| 72 | 72 | |
| 73 | - } |
|
| 73 | + } |
|
| 74 | 74 | |
| 75 | 75 | } |
| 76 | 76 | |
@@ -25,13 +25,17 @@ discard block |
||
| 25 | 25 | |
| 26 | 26 | public function validate($uri, $config, $context) { |
| 27 | 27 | |
| 28 | - if ($config->get('URI.Disable')) return false; |
|
| 28 | + if ($config->get('URI.Disable')) { |
|
| 29 | + return false; |
|
| 30 | + } |
|
| 29 | 31 | |
| 30 | 32 | $uri = $this->parseCDATA($uri); |
| 31 | 33 | |
| 32 | 34 | // parse the URI |
| 33 | 35 | $uri = $this->parser->parse($uri); |
| 34 | - if ($uri === false) return false; |
|
| 36 | + if ($uri === false) { |
|
| 37 | + return false; |
|
| 38 | + } |
|
| 35 | 39 | |
| 36 | 40 | // add embedded flag to context for validators |
| 37 | 41 | $context->register('EmbeddedURI', $this->embedsResource); |
@@ -41,23 +45,35 @@ discard block |
||
| 41 | 45 | |
| 42 | 46 | // generic validation |
| 43 | 47 | $result = $uri->validate($config, $context); |
| 44 | - if (!$result) break; |
|
| 48 | + if (!$result) { |
|
| 49 | + break; |
|
| 50 | + } |
|
| 45 | 51 | |
| 46 | 52 | // chained filtering |
| 47 | 53 | $uri_def = $config->getDefinition('URI'); |
| 48 | 54 | $result = $uri_def->filter($uri, $config, $context); |
| 49 | - if (!$result) break; |
|
| 55 | + if (!$result) { |
|
| 56 | + break; |
|
| 57 | + } |
|
| 50 | 58 | |
| 51 | 59 | // scheme-specific validation |
| 52 | 60 | $scheme_obj = $uri->getSchemeObj($config, $context); |
| 53 | - if (!$scheme_obj) break; |
|
| 54 | - if ($this->embedsResource && !$scheme_obj->browsable) break; |
|
| 61 | + if (!$scheme_obj) { |
|
| 62 | + break; |
|
| 63 | + } |
|
| 64 | + if ($this->embedsResource && !$scheme_obj->browsable) { |
|
| 65 | + break; |
|
| 66 | + } |
|
| 55 | 67 | $result = $scheme_obj->validate($uri, $config, $context); |
| 56 | - if (!$result) break; |
|
| 68 | + if (!$result) { |
|
| 69 | + break; |
|
| 70 | + } |
|
| 57 | 71 | |
| 58 | 72 | // Post chained filtering |
| 59 | 73 | $result = $uri_def->postFilter($uri, $config, $context); |
| 60 | - if (!$result) break; |
|
| 74 | + if (!$result) { |
|
| 75 | + break; |
|
| 76 | + } |
|
| 61 | 77 | |
| 62 | 78 | // survived gauntlet |
| 63 | 79 | $ok = true; |
@@ -65,7 +81,9 @@ discard block |
||
| 65 | 81 | } while (false); |
| 66 | 82 | |
| 67 | 83 | $context->destroy('EmbeddedURI'); |
| 68 | - if (!$ok) return false; |
|
| 84 | + if (!$ok) { |
|
| 85 | + return false; |
|
| 86 | + } |
|
| 69 | 87 | |
| 70 | 88 | // back to string |
| 71 | 89 | return $uri->toString(); |
@@ -3,12 +3,12 @@ |
||
| 3 | 3 | abstract class HTMLPurifier_AttrDef_URI_Email extends HTMLPurifier_AttrDef |
| 4 | 4 | { |
| 5 | 5 | |
| 6 | - /** |
|
| 7 | - * Unpacks a mailbox into its display-name and address |
|
| 8 | - */ |
|
| 9 | - function unpack($string) { |
|
| 10 | - // needs to be implemented |
|
| 11 | - } |
|
| 6 | + /** |
|
| 7 | + * Unpacks a mailbox into its display-name and address |
|
| 8 | + */ |
|
| 9 | + function unpack($string) { |
|
| 10 | + // needs to be implemented |
|
| 11 | + } |
|
| 12 | 12 | |
| 13 | 13 | } |
| 14 | 14 | |
@@ -7,14 +7,14 @@ |
||
| 7 | 7 | class HTMLPurifier_AttrDef_URI_Email_SimpleCheck extends HTMLPurifier_AttrDef_URI_Email |
| 8 | 8 | { |
| 9 | 9 | |
| 10 | - public function validate($string, $config, $context) { |
|
| 11 | - // no support for named mailboxes i.e. "Bob <[email protected]>" |
|
| 12 | - // that needs more percent encoding to be done |
|
| 13 | - if ($string == '') return false; |
|
| 14 | - $string = trim($string); |
|
| 15 | - $result = preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i', $string); |
|
| 16 | - return $result ? $string : false; |
|
| 17 | - } |
|
| 10 | + public function validate($string, $config, $context) { |
|
| 11 | + // no support for named mailboxes i.e. "Bob <[email protected]>" |
|
| 12 | + // that needs more percent encoding to be done |
|
| 13 | + if ($string == '') return false; |
|
| 14 | + $string = trim($string); |
|
| 15 | + $result = preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i', $string); |
|
| 16 | + return $result ? $string : false; |
|
| 17 | + } |
|
| 18 | 18 | |
| 19 | 19 | } |
| 20 | 20 | |
@@ -10,7 +10,9 @@ |
||
| 10 | 10 | public function validate($string, $config, $context) { |
| 11 | 11 | // no support for named mailboxes i.e. "Bob <[email protected]>" |
| 12 | 12 | // that needs more percent encoding to be done |
| 13 | - if ($string == '') return false; |
|
| 13 | + if ($string == '') { |
|
| 14 | + return false; |
|
| 15 | + } |
|
| 14 | 16 | $string = trim($string); |
| 15 | 17 | $result = preg_match('/^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$/i', $string); |
| 16 | 18 | return $result ? $string : false; |
@@ -6,95 +6,95 @@ |
||
| 6 | 6 | class HTMLPurifier_AttrDef_URI_Host extends HTMLPurifier_AttrDef |
| 7 | 7 | { |
| 8 | 8 | |
| 9 | - /** |
|
| 10 | - * Instance of HTMLPurifier_AttrDef_URI_IPv4 sub-validator |
|
| 11 | - */ |
|
| 12 | - protected $ipv4; |
|
| 9 | + /** |
|
| 10 | + * Instance of HTMLPurifier_AttrDef_URI_IPv4 sub-validator |
|
| 11 | + */ |
|
| 12 | + protected $ipv4; |
|
| 13 | 13 | |
| 14 | - /** |
|
| 15 | - * Instance of HTMLPurifier_AttrDef_URI_IPv6 sub-validator |
|
| 16 | - */ |
|
| 17 | - protected $ipv6; |
|
| 14 | + /** |
|
| 15 | + * Instance of HTMLPurifier_AttrDef_URI_IPv6 sub-validator |
|
| 16 | + */ |
|
| 17 | + protected $ipv6; |
|
| 18 | 18 | |
| 19 | - public function __construct() { |
|
| 20 | - $this->ipv4 = new HTMLPurifier_AttrDef_URI_IPv4(); |
|
| 21 | - $this->ipv6 = new HTMLPurifier_AttrDef_URI_IPv6(); |
|
| 22 | - } |
|
| 19 | + public function __construct() { |
|
| 20 | + $this->ipv4 = new HTMLPurifier_AttrDef_URI_IPv4(); |
|
| 21 | + $this->ipv6 = new HTMLPurifier_AttrDef_URI_IPv6(); |
|
| 22 | + } |
|
| 23 | 23 | |
| 24 | - public function validate($string, $config, $context) { |
|
| 25 | - $length = strlen($string); |
|
| 26 | - // empty hostname is OK; it's usually semantically equivalent: |
|
| 27 | - // the default host as defined by a URI scheme is used: |
|
| 28 | - // |
|
| 29 | - // If the URI scheme defines a default for host, then that |
|
| 30 | - // default applies when the host subcomponent is undefined |
|
| 31 | - // or when the registered name is empty (zero length). |
|
| 32 | - if ($string === '') return ''; |
|
| 33 | - if ($length > 1 && $string[0] === '[' && $string[$length-1] === ']') { |
|
| 34 | - //IPv6 |
|
| 35 | - $ip = substr($string, 1, $length - 2); |
|
| 36 | - $valid = $this->ipv6->validate($ip, $config, $context); |
|
| 37 | - if ($valid === false) return false; |
|
| 38 | - return '['. $valid . ']'; |
|
| 39 | - } |
|
| 24 | + public function validate($string, $config, $context) { |
|
| 25 | + $length = strlen($string); |
|
| 26 | + // empty hostname is OK; it's usually semantically equivalent: |
|
| 27 | + // the default host as defined by a URI scheme is used: |
|
| 28 | + // |
|
| 29 | + // If the URI scheme defines a default for host, then that |
|
| 30 | + // default applies when the host subcomponent is undefined |
|
| 31 | + // or when the registered name is empty (zero length). |
|
| 32 | + if ($string === '') return ''; |
|
| 33 | + if ($length > 1 && $string[0] === '[' && $string[$length-1] === ']') { |
|
| 34 | + //IPv6 |
|
| 35 | + $ip = substr($string, 1, $length - 2); |
|
| 36 | + $valid = $this->ipv6->validate($ip, $config, $context); |
|
| 37 | + if ($valid === false) return false; |
|
| 38 | + return '['. $valid . ']'; |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | - // need to do checks on unusual encodings too |
|
| 42 | - $ipv4 = $this->ipv4->validate($string, $config, $context); |
|
| 43 | - if ($ipv4 !== false) return $ipv4; |
|
| 41 | + // need to do checks on unusual encodings too |
|
| 42 | + $ipv4 = $this->ipv4->validate($string, $config, $context); |
|
| 43 | + if ($ipv4 !== false) return $ipv4; |
|
| 44 | 44 | |
| 45 | - // A regular domain name. |
|
| 45 | + // A regular domain name. |
|
| 46 | 46 | |
| 47 | - // This doesn't match I18N domain names, but we don't have proper IRI support, |
|
| 48 | - // so force users to insert Punycode. |
|
| 47 | + // This doesn't match I18N domain names, but we don't have proper IRI support, |
|
| 48 | + // so force users to insert Punycode. |
|
| 49 | 49 | |
| 50 | - // The productions describing this are: |
|
| 51 | - $a = '[a-z]'; // alpha |
|
| 52 | - $an = '[a-z0-9]'; // alphanum |
|
| 53 | - $and = '[a-z0-9-]'; // alphanum | "-" |
|
| 54 | - // domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum |
|
| 55 | - $domainlabel = "$an($and*$an)?"; |
|
| 56 | - // toplabel = alpha | alpha *( alphanum | "-" ) alphanum |
|
| 57 | - $toplabel = "$a($and*$an)?"; |
|
| 58 | - // hostname = *( domainlabel "." ) toplabel [ "." ] |
|
| 59 | - if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) { |
|
| 60 | - return $string; |
|
| 61 | - } |
|
| 50 | + // The productions describing this are: |
|
| 51 | + $a = '[a-z]'; // alpha |
|
| 52 | + $an = '[a-z0-9]'; // alphanum |
|
| 53 | + $and = '[a-z0-9-]'; // alphanum | "-" |
|
| 54 | + // domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum |
|
| 55 | + $domainlabel = "$an($and*$an)?"; |
|
| 56 | + // toplabel = alpha | alpha *( alphanum | "-" ) alphanum |
|
| 57 | + $toplabel = "$a($and*$an)?"; |
|
| 58 | + // hostname = *( domainlabel "." ) toplabel [ "." ] |
|
| 59 | + if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) { |
|
| 60 | + return $string; |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - // If we have Net_IDNA2 support, we can support IRIs by |
|
| 64 | - // punycoding them. (This is the most portable thing to do, |
|
| 65 | - // since otherwise we have to assume browsers support |
|
| 63 | + // If we have Net_IDNA2 support, we can support IRIs by |
|
| 64 | + // punycoding them. (This is the most portable thing to do, |
|
| 65 | + // since otherwise we have to assume browsers support |
|
| 66 | 66 | |
| 67 | - if ($config->get('Core.EnableIDNA')) { |
|
| 68 | - $idna = new Net_IDNA2(array('encoding' => 'utf8', 'overlong' => false, 'strict' => true)); |
|
| 69 | - // we need to encode each period separately |
|
| 70 | - $parts = explode('.', $string); |
|
| 71 | - try { |
|
| 72 | - $new_parts = array(); |
|
| 73 | - foreach ($parts as $part) { |
|
| 74 | - $encodable = false; |
|
| 75 | - for ($i = 0, $c = strlen($part); $i < $c; $i++) { |
|
| 76 | - if (ord($part[$i]) > 0x7a) { |
|
| 77 | - $encodable = true; |
|
| 78 | - break; |
|
| 79 | - } |
|
| 80 | - } |
|
| 81 | - if (!$encodable) { |
|
| 82 | - $new_parts[] = $part; |
|
| 83 | - } else { |
|
| 84 | - $new_parts[] = $idna->encode($part); |
|
| 85 | - } |
|
| 86 | - } |
|
| 87 | - $string = implode('.', $new_parts); |
|
| 88 | - if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) { |
|
| 89 | - return $string; |
|
| 90 | - } |
|
| 91 | - } catch (Exception $e) { |
|
| 92 | - // XXX error reporting |
|
| 93 | - } |
|
| 94 | - } |
|
| 67 | + if ($config->get('Core.EnableIDNA')) { |
|
| 68 | + $idna = new Net_IDNA2(array('encoding' => 'utf8', 'overlong' => false, 'strict' => true)); |
|
| 69 | + // we need to encode each period separately |
|
| 70 | + $parts = explode('.', $string); |
|
| 71 | + try { |
|
| 72 | + $new_parts = array(); |
|
| 73 | + foreach ($parts as $part) { |
|
| 74 | + $encodable = false; |
|
| 75 | + for ($i = 0, $c = strlen($part); $i < $c; $i++) { |
|
| 76 | + if (ord($part[$i]) > 0x7a) { |
|
| 77 | + $encodable = true; |
|
| 78 | + break; |
|
| 79 | + } |
|
| 80 | + } |
|
| 81 | + if (!$encodable) { |
|
| 82 | + $new_parts[] = $part; |
|
| 83 | + } else { |
|
| 84 | + $new_parts[] = $idna->encode($part); |
|
| 85 | + } |
|
| 86 | + } |
|
| 87 | + $string = implode('.', $new_parts); |
|
| 88 | + if (preg_match("/^($domainlabel\.)*$toplabel\.?$/i", $string)) { |
|
| 89 | + return $string; |
|
| 90 | + } |
|
| 91 | + } catch (Exception $e) { |
|
| 92 | + // XXX error reporting |
|
| 93 | + } |
|
| 94 | + } |
|
| 95 | 95 | |
| 96 | - return false; |
|
| 97 | - } |
|
| 96 | + return false; |
|
| 97 | + } |
|
| 98 | 98 | |
| 99 | 99 | } |
| 100 | 100 | |
@@ -29,18 +29,24 @@ |
||
| 29 | 29 | // If the URI scheme defines a default for host, then that |
| 30 | 30 | // default applies when the host subcomponent is undefined |
| 31 | 31 | // or when the registered name is empty (zero length). |
| 32 | - if ($string === '') return ''; |
|
| 32 | + if ($string === '') { |
|
| 33 | + return ''; |
|
| 34 | + } |
|
| 33 | 35 | if ($length > 1 && $string[0] === '[' && $string[$length-1] === ']') { |
| 34 | 36 | //IPv6 |
| 35 | 37 | $ip = substr($string, 1, $length - 2); |
| 36 | 38 | $valid = $this->ipv6->validate($ip, $config, $context); |
| 37 | - if ($valid === false) return false; |
|
| 39 | + if ($valid === false) { |
|
| 40 | + return false; |
|
| 41 | + } |
|
| 38 | 42 | return '['. $valid . ']'; |
| 39 | 43 | } |
| 40 | 44 | |
| 41 | 45 | // need to do checks on unusual encodings too |
| 42 | 46 | $ipv4 = $this->ipv4->validate($string, $config, $context); |
| 43 | - if ($ipv4 !== false) return $ipv4; |
|
| 47 | + if ($ipv4 !== false) { |
|
| 48 | + return $ipv4; |
|
| 49 | + } |
|
| 44 | 50 | |
| 45 | 51 | // A regular domain name. |
| 46 | 52 | |
@@ -30,12 +30,12 @@ discard block |
||
| 30 | 30 | // default applies when the host subcomponent is undefined |
| 31 | 31 | // or when the registered name is empty (zero length). |
| 32 | 32 | if ($string === '') return ''; |
| 33 | - if ($length > 1 && $string[0] === '[' && $string[$length-1] === ']') { |
|
| 33 | + if ($length > 1 && $string[0] === '[' && $string[$length - 1] === ']') { |
|
| 34 | 34 | //IPv6 |
| 35 | 35 | $ip = substr($string, 1, $length - 2); |
| 36 | 36 | $valid = $this->ipv6->validate($ip, $config, $context); |
| 37 | 37 | if ($valid === false) return false; |
| 38 | - return '['. $valid . ']'; |
|
| 38 | + return '['.$valid.']'; |
|
| 39 | 39 | } |
| 40 | 40 | |
| 41 | 41 | // need to do checks on unusual encodings too |
@@ -48,8 +48,8 @@ discard block |
||
| 48 | 48 | // so force users to insert Punycode. |
| 49 | 49 | |
| 50 | 50 | // The productions describing this are: |
| 51 | - $a = '[a-z]'; // alpha |
|
| 52 | - $an = '[a-z0-9]'; // alphanum |
|
| 51 | + $a = '[a-z]'; // alpha |
|
| 52 | + $an = '[a-z0-9]'; // alphanum |
|
| 53 | 53 | $and = '[a-z0-9-]'; // alphanum | "-" |
| 54 | 54 | // domainlabel = alphanum | alphanum *( alphanum | "-" ) alphanum |
| 55 | 55 | $domainlabel = "$an($and*$an)?"; |
@@ -7,32 +7,32 @@ |
||
| 7 | 7 | class HTMLPurifier_AttrDef_URI_IPv4 extends HTMLPurifier_AttrDef |
| 8 | 8 | { |
| 9 | 9 | |
| 10 | - /** |
|
| 11 | - * IPv4 regex, protected so that IPv6 can reuse it |
|
| 12 | - */ |
|
| 13 | - protected $ip4; |
|
| 10 | + /** |
|
| 11 | + * IPv4 regex, protected so that IPv6 can reuse it |
|
| 12 | + */ |
|
| 13 | + protected $ip4; |
|
| 14 | 14 | |
| 15 | - public function validate($aIP, $config, $context) { |
|
| 15 | + public function validate($aIP, $config, $context) { |
|
| 16 | 16 | |
| 17 | - if (!$this->ip4) $this->_loadRegex(); |
|
| 17 | + if (!$this->ip4) $this->_loadRegex(); |
|
| 18 | 18 | |
| 19 | - if (preg_match('#^' . $this->ip4 . '$#s', $aIP)) |
|
| 20 | - { |
|
| 21 | - return $aIP; |
|
| 22 | - } |
|
| 19 | + if (preg_match('#^' . $this->ip4 . '$#s', $aIP)) |
|
| 20 | + { |
|
| 21 | + return $aIP; |
|
| 22 | + } |
|
| 23 | 23 | |
| 24 | - return false; |
|
| 24 | + return false; |
|
| 25 | 25 | |
| 26 | - } |
|
| 26 | + } |
|
| 27 | 27 | |
| 28 | - /** |
|
| 29 | - * Lazy load function to prevent regex from being stuffed in |
|
| 30 | - * cache. |
|
| 31 | - */ |
|
| 32 | - protected function _loadRegex() { |
|
| 33 | - $oct = '(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])'; // 0-255 |
|
| 34 | - $this->ip4 = "(?:{$oct}\\.{$oct}\\.{$oct}\\.{$oct})"; |
|
| 35 | - } |
|
| 28 | + /** |
|
| 29 | + * Lazy load function to prevent regex from being stuffed in |
|
| 30 | + * cache. |
|
| 31 | + */ |
|
| 32 | + protected function _loadRegex() { |
|
| 33 | + $oct = '(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])'; // 0-255 |
|
| 34 | + $this->ip4 = "(?:{$oct}\\.{$oct}\\.{$oct}\\.{$oct})"; |
|
| 35 | + } |
|
| 36 | 36 | |
| 37 | 37 | } |
| 38 | 38 | |
@@ -14,7 +14,9 @@ |
||
| 14 | 14 | |
| 15 | 15 | public function validate($aIP, $config, $context) { |
| 16 | 16 | |
| 17 | - if (!$this->ip4) $this->_loadRegex(); |
|
| 17 | + if (!$this->ip4) { |
|
| 18 | + $this->_loadRegex(); |
|
| 19 | + } |
|
| 18 | 20 | |
| 19 | 21 | if (preg_match('#^' . $this->ip4 . '$#s', $aIP)) |
| 20 | 22 | { |
@@ -16,7 +16,7 @@ |
||
| 16 | 16 | |
| 17 | 17 | if (!$this->ip4) $this->_loadRegex(); |
| 18 | 18 | |
| 19 | - if (preg_match('#^' . $this->ip4 . '$#s', $aIP)) |
|
| 19 | + if (preg_match('#^'.$this->ip4.'$#s', $aIP)) |
|
| 20 | 20 | { |
| 21 | 21 | return $aIP; |
| 22 | 22 | } |
@@ -17,39 +17,39 @@ |
||
| 17 | 17 | abstract class HTMLPurifier_AttrTransform |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - /** |
|
| 21 | - * Abstract: makes changes to the attributes dependent on multiple values. |
|
| 22 | - * |
|
| 23 | - * @param $attr Assoc array of attributes, usually from |
|
| 24 | - * HTMLPurifier_Token_Tag::$attr |
|
| 25 | - * @param $config Mandatory HTMLPurifier_Config object. |
|
| 26 | - * @param $context Mandatory HTMLPurifier_Context object |
|
| 27 | - * @returns Processed attribute array. |
|
| 28 | - */ |
|
| 29 | - abstract public function transform($attr, $config, $context); |
|
| 20 | + /** |
|
| 21 | + * Abstract: makes changes to the attributes dependent on multiple values. |
|
| 22 | + * |
|
| 23 | + * @param $attr Assoc array of attributes, usually from |
|
| 24 | + * HTMLPurifier_Token_Tag::$attr |
|
| 25 | + * @param $config Mandatory HTMLPurifier_Config object. |
|
| 26 | + * @param $context Mandatory HTMLPurifier_Context object |
|
| 27 | + * @returns Processed attribute array. |
|
| 28 | + */ |
|
| 29 | + abstract public function transform($attr, $config, $context); |
|
| 30 | 30 | |
| 31 | - /** |
|
| 32 | - * Prepends CSS properties to the style attribute, creating the |
|
| 33 | - * attribute if it doesn't exist. |
|
| 34 | - * @param $attr Attribute array to process (passed by reference) |
|
| 35 | - * @param $css CSS to prepend |
|
| 36 | - */ |
|
| 37 | - public function prependCSS(&$attr, $css) { |
|
| 38 | - $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; |
|
| 39 | - $attr['style'] = $css . $attr['style']; |
|
| 40 | - } |
|
| 31 | + /** |
|
| 32 | + * Prepends CSS properties to the style attribute, creating the |
|
| 33 | + * attribute if it doesn't exist. |
|
| 34 | + * @param $attr Attribute array to process (passed by reference) |
|
| 35 | + * @param $css CSS to prepend |
|
| 36 | + */ |
|
| 37 | + public function prependCSS(&$attr, $css) { |
|
| 38 | + $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; |
|
| 39 | + $attr['style'] = $css . $attr['style']; |
|
| 40 | + } |
|
| 41 | 41 | |
| 42 | - /** |
|
| 43 | - * Retrieves and removes an attribute |
|
| 44 | - * @param $attr Attribute array to process (passed by reference) |
|
| 45 | - * @param $key Key of attribute to confiscate |
|
| 46 | - */ |
|
| 47 | - public function confiscateAttr(&$attr, $key) { |
|
| 48 | - if (!isset($attr[$key])) return null; |
|
| 49 | - $value = $attr[$key]; |
|
| 50 | - unset($attr[$key]); |
|
| 51 | - return $value; |
|
| 52 | - } |
|
| 42 | + /** |
|
| 43 | + * Retrieves and removes an attribute |
|
| 44 | + * @param $attr Attribute array to process (passed by reference) |
|
| 45 | + * @param $key Key of attribute to confiscate |
|
| 46 | + */ |
|
| 47 | + public function confiscateAttr(&$attr, $key) { |
|
| 48 | + if (!isset($attr[$key])) return null; |
|
| 49 | + $value = $attr[$key]; |
|
| 50 | + unset($attr[$key]); |
|
| 51 | + return $value; |
|
| 52 | + } |
|
| 53 | 53 | |
| 54 | 54 | } |
| 55 | 55 | |
@@ -45,7 +45,9 @@ |
||
| 45 | 45 | * @param $key Key of attribute to confiscate |
| 46 | 46 | */ |
| 47 | 47 | public function confiscateAttr(&$attr, $key) { |
| 48 | - if (!isset($attr[$key])) return null; |
|
| 48 | + if (!isset($attr[$key])) { |
|
| 49 | + return null; |
|
| 50 | + } |
|
| 49 | 51 | $value = $attr[$key]; |
| 50 | 52 | unset($attr[$key]); |
| 51 | 53 | return $value; |
@@ -36,7 +36,7 @@ |
||
| 36 | 36 | */ |
| 37 | 37 | public function prependCSS(&$attr, $css) { |
| 38 | 38 | $attr['style'] = isset($attr['style']) ? $attr['style'] : ''; |
| 39 | - $attr['style'] = $css . $attr['style']; |
|
| 39 | + $attr['style'] = $css.$attr['style']; |
|
| 40 | 40 | } |
| 41 | 41 | |
| 42 | 42 | /** |
@@ -5,18 +5,18 @@ |
||
| 5 | 5 | */ |
| 6 | 6 | class HTMLPurifier_AttrTransform_Background extends HTMLPurifier_AttrTransform { |
| 7 | 7 | |
| 8 | - public function transform($attr, $config, $context) { |
|
| 8 | + public function transform($attr, $config, $context) { |
|
| 9 | 9 | |
| 10 | - if (!isset($attr['background'])) return $attr; |
|
| 10 | + if (!isset($attr['background'])) return $attr; |
|
| 11 | 11 | |
| 12 | - $background = $this->confiscateAttr($attr, 'background'); |
|
| 13 | - // some validation should happen here |
|
| 12 | + $background = $this->confiscateAttr($attr, 'background'); |
|
| 13 | + // some validation should happen here |
|
| 14 | 14 | |
| 15 | - $this->prependCSS($attr, "background-image:url($background);"); |
|
| 15 | + $this->prependCSS($attr, "background-image:url($background);"); |
|
| 16 | 16 | |
| 17 | - return $attr; |
|
| 17 | + return $attr; |
|
| 18 | 18 | |
| 19 | - } |
|
| 19 | + } |
|
| 20 | 20 | |
| 21 | 21 | } |
| 22 | 22 | |
@@ -7,7 +7,9 @@ |
||
| 7 | 7 | |
| 8 | 8 | public function transform($attr, $config, $context) { |
| 9 | 9 | |
| 10 | - if (!isset($attr['background'])) return $attr; |
|
| 10 | + if (!isset($attr['background'])) { |
|
| 11 | + return $attr; |
|
| 12 | + } |
|
| 11 | 13 | |
| 12 | 14 | $background = $this->confiscateAttr($attr, 'background'); |
| 13 | 15 | // some validation should happen here |
@@ -8,11 +8,11 @@ |
||
| 8 | 8 | class HTMLPurifier_AttrTransform_BdoDir extends HTMLPurifier_AttrTransform |
| 9 | 9 | { |
| 10 | 10 | |
| 11 | - public function transform($attr, $config, $context) { |
|
| 12 | - if (isset($attr['dir'])) return $attr; |
|
| 13 | - $attr['dir'] = $config->get('Attr.DefaultTextDir'); |
|
| 14 | - return $attr; |
|
| 15 | - } |
|
| 11 | + public function transform($attr, $config, $context) { |
|
| 12 | + if (isset($attr['dir'])) return $attr; |
|
| 13 | + $attr['dir'] = $config->get('Attr.DefaultTextDir'); |
|
| 14 | + return $attr; |
|
| 15 | + } |
|
| 16 | 16 | |
| 17 | 17 | } |
| 18 | 18 | |
@@ -9,7 +9,9 @@ |
||
| 9 | 9 | { |
| 10 | 10 | |
| 11 | 11 | public function transform($attr, $config, $context) { |
| 12 | - if (isset($attr['dir'])) return $attr; |
|
| 12 | + if (isset($attr['dir'])) { |
|
| 13 | + return $attr; |
|
| 14 | + } |
|
| 13 | 15 | $attr['dir'] = $config->get('Attr.DefaultTextDir'); |
| 14 | 16 | return $attr; |
| 15 | 17 | } |
@@ -5,18 +5,18 @@ |
||
| 5 | 5 | */ |
| 6 | 6 | class HTMLPurifier_AttrTransform_BgColor extends HTMLPurifier_AttrTransform { |
| 7 | 7 | |
| 8 | - public function transform($attr, $config, $context) { |
|
| 8 | + public function transform($attr, $config, $context) { |
|
| 9 | 9 | |
| 10 | - if (!isset($attr['bgcolor'])) return $attr; |
|
| 10 | + if (!isset($attr['bgcolor'])) return $attr; |
|
| 11 | 11 | |
| 12 | - $bgcolor = $this->confiscateAttr($attr, 'bgcolor'); |
|
| 13 | - // some validation should happen here |
|
| 12 | + $bgcolor = $this->confiscateAttr($attr, 'bgcolor'); |
|
| 13 | + // some validation should happen here |
|
| 14 | 14 | |
| 15 | - $this->prependCSS($attr, "background-color:$bgcolor;"); |
|
| 15 | + $this->prependCSS($attr, "background-color:$bgcolor;"); |
|
| 16 | 16 | |
| 17 | - return $attr; |
|
| 17 | + return $attr; |
|
| 18 | 18 | |
| 19 | - } |
|
| 19 | + } |
|
| 20 | 20 | |
| 21 | 21 | } |
| 22 | 22 | |
@@ -7,7 +7,9 @@ |
||
| 7 | 7 | |
| 8 | 8 | public function transform($attr, $config, $context) { |
| 9 | 9 | |
| 10 | - if (!isset($attr['bgcolor'])) return $attr; |
|
| 10 | + if (!isset($attr['bgcolor'])) { |
|
| 11 | + return $attr; |
|
| 12 | + } |
|
| 11 | 13 | |
| 12 | 14 | $bgcolor = $this->confiscateAttr($attr, 'bgcolor'); |
| 13 | 15 | // some validation should happen here |
