xpressengine /
xe-core
@@ -9,12 +9,12 @@ |
||
| 9 | 9 | */ |
| 10 | 10 | class HTMLPurifier_ChildDef_Empty extends HTMLPurifier_ChildDef |
| 11 | 11 | { |
| 12 | - public $allow_empty = true; |
|
| 13 | - public $type = 'empty'; |
|
| 14 | - public function __construct() {} |
|
| 15 | - public function validateChildren($tokens_of_children, $config, $context) { |
|
| 16 | - return array(); |
|
| 17 | - } |
|
| 12 | + public $allow_empty = true; |
|
| 13 | + public $type = 'empty'; |
|
| 14 | + public function __construct() {} |
|
| 15 | + public function validateChildren($tokens_of_children, $config, $context) { |
|
| 16 | + return array(); |
|
| 17 | + } |
|
| 18 | 18 | } |
| 19 | 19 | |
| 20 | 20 | // vim: et sw=4 sts=4 |
@@ -5,116 +5,116 @@ |
||
| 5 | 5 | */ |
| 6 | 6 | class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef |
| 7 | 7 | { |
| 8 | - public $type = 'list'; |
|
| 9 | - // lying a little bit, so that we can handle ul and ol ourselves |
|
| 10 | - // XXX: This whole business with 'wrap' is all a bit unsatisfactory |
|
| 11 | - public $elements = array('li' => true, 'ul' => true, 'ol' => true); |
|
| 12 | - public function validateChildren($tokens_of_children, $config, $context) { |
|
| 13 | - // Flag for subclasses |
|
| 14 | - $this->whitespace = false; |
|
| 8 | + public $type = 'list'; |
|
| 9 | + // lying a little bit, so that we can handle ul and ol ourselves |
|
| 10 | + // XXX: This whole business with 'wrap' is all a bit unsatisfactory |
|
| 11 | + public $elements = array('li' => true, 'ul' => true, 'ol' => true); |
|
| 12 | + public function validateChildren($tokens_of_children, $config, $context) { |
|
| 13 | + // Flag for subclasses |
|
| 14 | + $this->whitespace = false; |
|
| 15 | 15 | |
| 16 | - // if there are no tokens, delete parent node |
|
| 17 | - if (empty($tokens_of_children)) return false; |
|
| 16 | + // if there are no tokens, delete parent node |
|
| 17 | + if (empty($tokens_of_children)) return false; |
|
| 18 | 18 | |
| 19 | - // the new set of children |
|
| 20 | - $result = array(); |
|
| 19 | + // the new set of children |
|
| 20 | + $result = array(); |
|
| 21 | 21 | |
| 22 | - // current depth into the nest |
|
| 23 | - $nesting = 0; |
|
| 22 | + // current depth into the nest |
|
| 23 | + $nesting = 0; |
|
| 24 | 24 | |
| 25 | - // a little sanity check to make sure it's not ALL whitespace |
|
| 26 | - $all_whitespace = true; |
|
| 25 | + // a little sanity check to make sure it's not ALL whitespace |
|
| 26 | + $all_whitespace = true; |
|
| 27 | 27 | |
| 28 | - $seen_li = false; |
|
| 29 | - $need_close_li = false; |
|
| 28 | + $seen_li = false; |
|
| 29 | + $need_close_li = false; |
|
| 30 | 30 | |
| 31 | - foreach ($tokens_of_children as $token) { |
|
| 32 | - if (!empty($token->is_whitespace)) { |
|
| 33 | - $result[] = $token; |
|
| 34 | - continue; |
|
| 35 | - } |
|
| 36 | - $all_whitespace = false; // phew, we're not talking about whitespace |
|
| 31 | + foreach ($tokens_of_children as $token) { |
|
| 32 | + if (!empty($token->is_whitespace)) { |
|
| 33 | + $result[] = $token; |
|
| 34 | + continue; |
|
| 35 | + } |
|
| 36 | + $all_whitespace = false; // phew, we're not talking about whitespace |
|
| 37 | 37 | |
| 38 | - if ($nesting == 1 && $need_close_li) { |
|
| 39 | - $result[] = new HTMLPurifier_Token_End('li'); |
|
| 40 | - $nesting--; |
|
| 41 | - $need_close_li = false; |
|
| 42 | - } |
|
| 38 | + if ($nesting == 1 && $need_close_li) { |
|
| 39 | + $result[] = new HTMLPurifier_Token_End('li'); |
|
| 40 | + $nesting--; |
|
| 41 | + $need_close_li = false; |
|
| 42 | + } |
|
| 43 | 43 | |
| 44 | - $is_child = ($nesting == 0); |
|
| 44 | + $is_child = ($nesting == 0); |
|
| 45 | 45 | |
| 46 | - if ($token instanceof HTMLPurifier_Token_Start) { |
|
| 47 | - $nesting++; |
|
| 48 | - } elseif ($token instanceof HTMLPurifier_Token_End) { |
|
| 49 | - $nesting--; |
|
| 50 | - } |
|
| 46 | + if ($token instanceof HTMLPurifier_Token_Start) { |
|
| 47 | + $nesting++; |
|
| 48 | + } elseif ($token instanceof HTMLPurifier_Token_End) { |
|
| 49 | + $nesting--; |
|
| 50 | + } |
|
| 51 | 51 | |
| 52 | - if ($is_child) { |
|
| 53 | - if ($token->name === 'li') { |
|
| 54 | - // good |
|
| 55 | - $seen_li = true; |
|
| 56 | - } elseif ($token->name === 'ul' || $token->name === 'ol') { |
|
| 57 | - // we want to tuck this into the previous li |
|
| 58 | - $need_close_li = true; |
|
| 59 | - $nesting++; |
|
| 60 | - if (!$seen_li) { |
|
| 61 | - // create a new li element |
|
| 62 | - $result[] = new HTMLPurifier_Token_Start('li'); |
|
| 63 | - } else { |
|
| 64 | - // backtrack until </li> found |
|
| 65 | - while(true) { |
|
| 66 | - $t = array_pop($result); |
|
| 67 | - if ($t instanceof HTMLPurifier_Token_End) { |
|
| 68 | - // XXX actually, these invariants could very plausibly be violated |
|
| 69 | - // if we are doing silly things with modifying the set of allowed elements. |
|
| 70 | - // FORTUNATELY, it doesn't make a difference, since the allowed |
|
| 71 | - // elements are hard-coded here! |
|
| 72 | - if ($t->name !== 'li') { |
|
| 73 | - trigger_error("Only li present invariant violated in List ChildDef", E_USER_ERROR); |
|
| 74 | - return false; |
|
| 75 | - } |
|
| 76 | - break; |
|
| 77 | - } elseif ($t instanceof HTMLPurifier_Token_Empty) { // bleagh |
|
| 78 | - if ($t->name !== 'li') { |
|
| 79 | - trigger_error("Only li present invariant violated in List ChildDef", E_USER_ERROR); |
|
| 80 | - return false; |
|
| 81 | - } |
|
| 82 | - // XXX this should have a helper for it... |
|
| 83 | - $result[] = new HTMLPurifier_Token_Start('li', $t->attr, $t->line, $t->col, $t->armor); |
|
| 84 | - break; |
|
| 85 | - } else { |
|
| 86 | - if (!$t->is_whitespace) { |
|
| 87 | - trigger_error("Only whitespace present invariant violated in List ChildDef", E_USER_ERROR); |
|
| 88 | - return false; |
|
| 89 | - } |
|
| 90 | - } |
|
| 91 | - } |
|
| 92 | - } |
|
| 93 | - } else { |
|
| 94 | - // start wrapping (this doesn't precisely mimic |
|
| 95 | - // browser behavior, but what browsers do is kind of |
|
| 96 | - // hard to mimic in a standards compliant way |
|
| 97 | - // XXX Actually, this has no impact in practice, |
|
| 98 | - // because this gets handled earlier. Arguably, |
|
| 99 | - // we should rip out all of that processing |
|
| 100 | - $result[] = new HTMLPurifier_Token_Start('li'); |
|
| 101 | - $nesting++; |
|
| 102 | - $seen_li = true; |
|
| 103 | - $need_close_li = true; |
|
| 104 | - } |
|
| 105 | - } |
|
| 106 | - $result[] = $token; |
|
| 107 | - } |
|
| 108 | - if ($need_close_li) { |
|
| 109 | - $result[] = new HTMLPurifier_Token_End('li'); |
|
| 110 | - } |
|
| 111 | - if (empty($result)) return false; |
|
| 112 | - if ($all_whitespace) { |
|
| 113 | - return false; |
|
| 114 | - } |
|
| 115 | - if ($tokens_of_children == $result) return true; |
|
| 116 | - return $result; |
|
| 117 | - } |
|
| 52 | + if ($is_child) { |
|
| 53 | + if ($token->name === 'li') { |
|
| 54 | + // good |
|
| 55 | + $seen_li = true; |
|
| 56 | + } elseif ($token->name === 'ul' || $token->name === 'ol') { |
|
| 57 | + // we want to tuck this into the previous li |
|
| 58 | + $need_close_li = true; |
|
| 59 | + $nesting++; |
|
| 60 | + if (!$seen_li) { |
|
| 61 | + // create a new li element |
|
| 62 | + $result[] = new HTMLPurifier_Token_Start('li'); |
|
| 63 | + } else { |
|
| 64 | + // backtrack until </li> found |
|
| 65 | + while(true) { |
|
| 66 | + $t = array_pop($result); |
|
| 67 | + if ($t instanceof HTMLPurifier_Token_End) { |
|
| 68 | + // XXX actually, these invariants could very plausibly be violated |
|
| 69 | + // if we are doing silly things with modifying the set of allowed elements. |
|
| 70 | + // FORTUNATELY, it doesn't make a difference, since the allowed |
|
| 71 | + // elements are hard-coded here! |
|
| 72 | + if ($t->name !== 'li') { |
|
| 73 | + trigger_error("Only li present invariant violated in List ChildDef", E_USER_ERROR); |
|
| 74 | + return false; |
|
| 75 | + } |
|
| 76 | + break; |
|
| 77 | + } elseif ($t instanceof HTMLPurifier_Token_Empty) { // bleagh |
|
| 78 | + if ($t->name !== 'li') { |
|
| 79 | + trigger_error("Only li present invariant violated in List ChildDef", E_USER_ERROR); |
|
| 80 | + return false; |
|
| 81 | + } |
|
| 82 | + // XXX this should have a helper for it... |
|
| 83 | + $result[] = new HTMLPurifier_Token_Start('li', $t->attr, $t->line, $t->col, $t->armor); |
|
| 84 | + break; |
|
| 85 | + } else { |
|
| 86 | + if (!$t->is_whitespace) { |
|
| 87 | + trigger_error("Only whitespace present invariant violated in List ChildDef", E_USER_ERROR); |
|
| 88 | + return false; |
|
| 89 | + } |
|
| 90 | + } |
|
| 91 | + } |
|
| 92 | + } |
|
| 93 | + } else { |
|
| 94 | + // start wrapping (this doesn't precisely mimic |
|
| 95 | + // browser behavior, but what browsers do is kind of |
|
| 96 | + // hard to mimic in a standards compliant way |
|
| 97 | + // XXX Actually, this has no impact in practice, |
|
| 98 | + // because this gets handled earlier. Arguably, |
|
| 99 | + // we should rip out all of that processing |
|
| 100 | + $result[] = new HTMLPurifier_Token_Start('li'); |
|
| 101 | + $nesting++; |
|
| 102 | + $seen_li = true; |
|
| 103 | + $need_close_li = true; |
|
| 104 | + } |
|
| 105 | + } |
|
| 106 | + $result[] = $token; |
|
| 107 | + } |
|
| 108 | + if ($need_close_li) { |
|
| 109 | + $result[] = new HTMLPurifier_Token_End('li'); |
|
| 110 | + } |
|
| 111 | + if (empty($result)) return false; |
|
| 112 | + if ($all_whitespace) { |
|
| 113 | + return false; |
|
| 114 | + } |
|
| 115 | + if ($tokens_of_children == $result) return true; |
|
| 116 | + return $result; |
|
| 117 | + } |
|
| 118 | 118 | } |
| 119 | 119 | |
| 120 | 120 | // vim: et sw=4 sts=4 |
@@ -62,7 +62,7 @@ |
||
| 62 | 62 | $result[] = new HTMLPurifier_Token_Start('li'); |
| 63 | 63 | } else { |
| 64 | 64 | // backtrack until </li> found |
| 65 | - while(true) { |
|
| 65 | + while (true) { |
|
| 66 | 66 | $t = array_pop($result); |
| 67 | 67 | if ($t instanceof HTMLPurifier_Token_End) { |
| 68 | 68 | // XXX actually, these invariants could very plausibly be violated |
@@ -14,7 +14,9 @@ discard block |
||
| 14 | 14 | $this->whitespace = false; |
| 15 | 15 | |
| 16 | 16 | // if there are no tokens, delete parent node |
| 17 | - if (empty($tokens_of_children)) return false; |
|
| 17 | + if (empty($tokens_of_children)) { |
|
| 18 | + return false; |
|
| 19 | + } |
|
| 18 | 20 | |
| 19 | 21 | // the new set of children |
| 20 | 22 | $result = array(); |
@@ -108,11 +110,15 @@ discard block |
||
| 108 | 110 | if ($need_close_li) { |
| 109 | 111 | $result[] = new HTMLPurifier_Token_End('li'); |
| 110 | 112 | } |
| 111 | - if (empty($result)) return false; |
|
| 113 | + if (empty($result)) { |
|
| 114 | + return false; |
|
| 115 | + } |
|
| 112 | 116 | if ($all_whitespace) { |
| 113 | 117 | return false; |
| 114 | 118 | } |
| 115 | - if ($tokens_of_children == $result) return true; |
|
| 119 | + if ($tokens_of_children == $result) { |
|
| 120 | + return true; |
|
| 121 | + } |
|
| 116 | 122 | return $result; |
| 117 | 123 | } |
| 118 | 124 | } |
@@ -9,18 +9,18 @@ |
||
| 9 | 9 | */ |
| 10 | 10 | class HTMLPurifier_ChildDef_Optional extends HTMLPurifier_ChildDef_Required |
| 11 | 11 | { |
| 12 | - public $allow_empty = true; |
|
| 13 | - public $type = 'optional'; |
|
| 14 | - public function validateChildren($tokens_of_children, $config, $context) { |
|
| 15 | - $result = parent::validateChildren($tokens_of_children, $config, $context); |
|
| 16 | - // we assume that $tokens_of_children is not modified |
|
| 17 | - if ($result === false) { |
|
| 18 | - if (empty($tokens_of_children)) return true; |
|
| 19 | - elseif ($this->whitespace) return $tokens_of_children; |
|
| 20 | - else return array(); |
|
| 21 | - } |
|
| 22 | - return $result; |
|
| 23 | - } |
|
| 12 | + public $allow_empty = true; |
|
| 13 | + public $type = 'optional'; |
|
| 14 | + public function validateChildren($tokens_of_children, $config, $context) { |
|
| 15 | + $result = parent::validateChildren($tokens_of_children, $config, $context); |
|
| 16 | + // we assume that $tokens_of_children is not modified |
|
| 17 | + if ($result === false) { |
|
| 18 | + if (empty($tokens_of_children)) return true; |
|
| 19 | + elseif ($this->whitespace) return $tokens_of_children; |
|
| 20 | + else return array(); |
|
| 21 | + } |
|
| 22 | + return $result; |
|
| 23 | + } |
|
| 24 | 24 | } |
| 25 | 25 | |
| 26 | 26 | // vim: et sw=4 sts=4 |
@@ -15,9 +15,13 @@ |
||
| 15 | 15 | $result = parent::validateChildren($tokens_of_children, $config, $context); |
| 16 | 16 | // we assume that $tokens_of_children is not modified |
| 17 | 17 | if ($result === false) { |
| 18 | - if (empty($tokens_of_children)) return true; |
|
| 19 | - elseif ($this->whitespace) return $tokens_of_children; |
|
| 20 | - else return array(); |
|
| 18 | + if (empty($tokens_of_children)) { |
|
| 19 | + return true; |
|
| 20 | + } elseif ($this->whitespace) { |
|
| 21 | + return $tokens_of_children; |
|
| 22 | + } else { |
|
| 23 | + return array(); |
|
| 24 | + } |
|
| 21 | 25 | } |
| 22 | 26 | return $result; |
| 23 | 27 | } |
@@ -5,113 +5,113 @@ |
||
| 5 | 5 | */ |
| 6 | 6 | class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef |
| 7 | 7 | { |
| 8 | - /** |
|
| 9 | - * Lookup table of allowed elements. |
|
| 10 | - * @public |
|
| 11 | - */ |
|
| 12 | - public $elements = array(); |
|
| 13 | - /** |
|
| 14 | - * Whether or not the last passed node was all whitespace. |
|
| 15 | - */ |
|
| 16 | - protected $whitespace = false; |
|
| 17 | - /** |
|
| 18 | - * @param $elements List of allowed element names (lowercase). |
|
| 19 | - */ |
|
| 20 | - public function __construct($elements) { |
|
| 21 | - if (is_string($elements)) { |
|
| 22 | - $elements = str_replace(' ', '', $elements); |
|
| 23 | - $elements = explode('|', $elements); |
|
| 24 | - } |
|
| 25 | - $keys = array_keys($elements); |
|
| 26 | - if ($keys == array_keys($keys)) { |
|
| 27 | - $elements = array_flip($elements); |
|
| 28 | - foreach ($elements as $i => $x) { |
|
| 29 | - $elements[$i] = true; |
|
| 30 | - if (empty($i)) unset($elements[$i]); // remove blank |
|
| 31 | - } |
|
| 32 | - } |
|
| 33 | - $this->elements = $elements; |
|
| 34 | - } |
|
| 35 | - public $allow_empty = false; |
|
| 36 | - public $type = 'required'; |
|
| 37 | - public function validateChildren($tokens_of_children, $config, $context) { |
|
| 38 | - // Flag for subclasses |
|
| 39 | - $this->whitespace = false; |
|
| 8 | + /** |
|
| 9 | + * Lookup table of allowed elements. |
|
| 10 | + * @public |
|
| 11 | + */ |
|
| 12 | + public $elements = array(); |
|
| 13 | + /** |
|
| 14 | + * Whether or not the last passed node was all whitespace. |
|
| 15 | + */ |
|
| 16 | + protected $whitespace = false; |
|
| 17 | + /** |
|
| 18 | + * @param $elements List of allowed element names (lowercase). |
|
| 19 | + */ |
|
| 20 | + public function __construct($elements) { |
|
| 21 | + if (is_string($elements)) { |
|
| 22 | + $elements = str_replace(' ', '', $elements); |
|
| 23 | + $elements = explode('|', $elements); |
|
| 24 | + } |
|
| 25 | + $keys = array_keys($elements); |
|
| 26 | + if ($keys == array_keys($keys)) { |
|
| 27 | + $elements = array_flip($elements); |
|
| 28 | + foreach ($elements as $i => $x) { |
|
| 29 | + $elements[$i] = true; |
|
| 30 | + if (empty($i)) unset($elements[$i]); // remove blank |
|
| 31 | + } |
|
| 32 | + } |
|
| 33 | + $this->elements = $elements; |
|
| 34 | + } |
|
| 35 | + public $allow_empty = false; |
|
| 36 | + public $type = 'required'; |
|
| 37 | + public function validateChildren($tokens_of_children, $config, $context) { |
|
| 38 | + // Flag for subclasses |
|
| 39 | + $this->whitespace = false; |
|
| 40 | 40 | |
| 41 | - // if there are no tokens, delete parent node |
|
| 42 | - if (empty($tokens_of_children)) return false; |
|
| 41 | + // if there are no tokens, delete parent node |
|
| 42 | + if (empty($tokens_of_children)) return false; |
|
| 43 | 43 | |
| 44 | - // the new set of children |
|
| 45 | - $result = array(); |
|
| 44 | + // the new set of children |
|
| 45 | + $result = array(); |
|
| 46 | 46 | |
| 47 | - // current depth into the nest |
|
| 48 | - $nesting = 0; |
|
| 47 | + // current depth into the nest |
|
| 48 | + $nesting = 0; |
|
| 49 | 49 | |
| 50 | - // whether or not we're deleting a node |
|
| 51 | - $is_deleting = false; |
|
| 50 | + // whether or not we're deleting a node |
|
| 51 | + $is_deleting = false; |
|
| 52 | 52 | |
| 53 | - // whether or not parsed character data is allowed |
|
| 54 | - // this controls whether or not we silently drop a tag |
|
| 55 | - // or generate escaped HTML from it |
|
| 56 | - $pcdata_allowed = isset($this->elements['#PCDATA']); |
|
| 53 | + // whether or not parsed character data is allowed |
|
| 54 | + // this controls whether or not we silently drop a tag |
|
| 55 | + // or generate escaped HTML from it |
|
| 56 | + $pcdata_allowed = isset($this->elements['#PCDATA']); |
|
| 57 | 57 | |
| 58 | - // a little sanity check to make sure it's not ALL whitespace |
|
| 59 | - $all_whitespace = true; |
|
| 58 | + // a little sanity check to make sure it's not ALL whitespace |
|
| 59 | + $all_whitespace = true; |
|
| 60 | 60 | |
| 61 | - // some configuration |
|
| 62 | - $escape_invalid_children = $config->get('Core.EscapeInvalidChildren'); |
|
| 61 | + // some configuration |
|
| 62 | + $escape_invalid_children = $config->get('Core.EscapeInvalidChildren'); |
|
| 63 | 63 | |
| 64 | - // generator |
|
| 65 | - $gen = new HTMLPurifier_Generator($config, $context); |
|
| 64 | + // generator |
|
| 65 | + $gen = new HTMLPurifier_Generator($config, $context); |
|
| 66 | 66 | |
| 67 | - foreach ($tokens_of_children as $token) { |
|
| 68 | - if (!empty($token->is_whitespace)) { |
|
| 69 | - $result[] = $token; |
|
| 70 | - continue; |
|
| 71 | - } |
|
| 72 | - $all_whitespace = false; // phew, we're not talking about whitespace |
|
| 67 | + foreach ($tokens_of_children as $token) { |
|
| 68 | + if (!empty($token->is_whitespace)) { |
|
| 69 | + $result[] = $token; |
|
| 70 | + continue; |
|
| 71 | + } |
|
| 72 | + $all_whitespace = false; // phew, we're not talking about whitespace |
|
| 73 | 73 | |
| 74 | - $is_child = ($nesting == 0); |
|
| 74 | + $is_child = ($nesting == 0); |
|
| 75 | 75 | |
| 76 | - if ($token instanceof HTMLPurifier_Token_Start) { |
|
| 77 | - $nesting++; |
|
| 78 | - } elseif ($token instanceof HTMLPurifier_Token_End) { |
|
| 79 | - $nesting--; |
|
| 80 | - } |
|
| 76 | + if ($token instanceof HTMLPurifier_Token_Start) { |
|
| 77 | + $nesting++; |
|
| 78 | + } elseif ($token instanceof HTMLPurifier_Token_End) { |
|
| 79 | + $nesting--; |
|
| 80 | + } |
|
| 81 | 81 | |
| 82 | - if ($is_child) { |
|
| 83 | - $is_deleting = false; |
|
| 84 | - if (!isset($this->elements[$token->name])) { |
|
| 85 | - $is_deleting = true; |
|
| 86 | - if ($pcdata_allowed && $token instanceof HTMLPurifier_Token_Text) { |
|
| 87 | - $result[] = $token; |
|
| 88 | - } elseif ($pcdata_allowed && $escape_invalid_children) { |
|
| 89 | - $result[] = new HTMLPurifier_Token_Text( |
|
| 90 | - $gen->generateFromToken($token) |
|
| 91 | - ); |
|
| 92 | - } |
|
| 93 | - continue; |
|
| 94 | - } |
|
| 95 | - } |
|
| 96 | - if (!$is_deleting || ($pcdata_allowed && $token instanceof HTMLPurifier_Token_Text)) { |
|
| 97 | - $result[] = $token; |
|
| 98 | - } elseif ($pcdata_allowed && $escape_invalid_children) { |
|
| 99 | - $result[] = |
|
| 100 | - new HTMLPurifier_Token_Text( |
|
| 101 | - $gen->generateFromToken($token) |
|
| 102 | - ); |
|
| 103 | - } else { |
|
| 104 | - // drop silently |
|
| 105 | - } |
|
| 106 | - } |
|
| 107 | - if (empty($result)) return false; |
|
| 108 | - if ($all_whitespace) { |
|
| 109 | - $this->whitespace = true; |
|
| 110 | - return false; |
|
| 111 | - } |
|
| 112 | - if ($tokens_of_children == $result) return true; |
|
| 113 | - return $result; |
|
| 114 | - } |
|
| 82 | + if ($is_child) { |
|
| 83 | + $is_deleting = false; |
|
| 84 | + if (!isset($this->elements[$token->name])) { |
|
| 85 | + $is_deleting = true; |
|
| 86 | + if ($pcdata_allowed && $token instanceof HTMLPurifier_Token_Text) { |
|
| 87 | + $result[] = $token; |
|
| 88 | + } elseif ($pcdata_allowed && $escape_invalid_children) { |
|
| 89 | + $result[] = new HTMLPurifier_Token_Text( |
|
| 90 | + $gen->generateFromToken($token) |
|
| 91 | + ); |
|
| 92 | + } |
|
| 93 | + continue; |
|
| 94 | + } |
|
| 95 | + } |
|
| 96 | + if (!$is_deleting || ($pcdata_allowed && $token instanceof HTMLPurifier_Token_Text)) { |
|
| 97 | + $result[] = $token; |
|
| 98 | + } elseif ($pcdata_allowed && $escape_invalid_children) { |
|
| 99 | + $result[] = |
|
| 100 | + new HTMLPurifier_Token_Text( |
|
| 101 | + $gen->generateFromToken($token) |
|
| 102 | + ); |
|
| 103 | + } else { |
|
| 104 | + // drop silently |
|
| 105 | + } |
|
| 106 | + } |
|
| 107 | + if (empty($result)) return false; |
|
| 108 | + if ($all_whitespace) { |
|
| 109 | + $this->whitespace = true; |
|
| 110 | + return false; |
|
| 111 | + } |
|
| 112 | + if ($tokens_of_children == $result) return true; |
|
| 113 | + return $result; |
|
| 114 | + } |
|
| 115 | 115 | } |
| 116 | 116 | |
| 117 | 117 | // vim: et sw=4 sts=4 |
@@ -27,7 +27,10 @@ discard block |
||
| 27 | 27 | $elements = array_flip($elements); |
| 28 | 28 | foreach ($elements as $i => $x) { |
| 29 | 29 | $elements[$i] = true; |
| 30 | - if (empty($i)) unset($elements[$i]); // remove blank |
|
| 30 | + if (empty($i)) { |
|
| 31 | + unset($elements[$i]); |
|
| 32 | + } |
|
| 33 | + // remove blank |
|
| 31 | 34 | } |
| 32 | 35 | } |
| 33 | 36 | $this->elements = $elements; |
@@ -39,7 +42,9 @@ discard block |
||
| 39 | 42 | $this->whitespace = false; |
| 40 | 43 | |
| 41 | 44 | // if there are no tokens, delete parent node |
| 42 | - if (empty($tokens_of_children)) return false; |
|
| 45 | + if (empty($tokens_of_children)) { |
|
| 46 | + return false; |
|
| 47 | + } |
|
| 43 | 48 | |
| 44 | 49 | // the new set of children |
| 45 | 50 | $result = array(); |
@@ -104,12 +109,16 @@ discard block |
||
| 104 | 109 | // drop silently |
| 105 | 110 | } |
| 106 | 111 | } |
| 107 | - if (empty($result)) return false; |
|
| 112 | + if (empty($result)) { |
|
| 113 | + return false; |
|
| 114 | + } |
|
| 108 | 115 | if ($all_whitespace) { |
| 109 | 116 | $this->whitespace = true; |
| 110 | 117 | return false; |
| 111 | 118 | } |
| 112 | - if ($tokens_of_children == $result) return true; |
|
| 119 | + if ($tokens_of_children == $result) { |
|
| 120 | + return true; |
|
| 121 | + } |
|
| 113 | 122 | return $result; |
| 114 | 123 | } |
| 115 | 124 | } |
@@ -5,84 +5,84 @@ |
||
| 5 | 5 | */ |
| 6 | 6 | class HTMLPurifier_ChildDef_StrictBlockquote extends HTMLPurifier_ChildDef_Required |
| 7 | 7 | { |
| 8 | - protected $real_elements; |
|
| 9 | - protected $fake_elements; |
|
| 10 | - public $allow_empty = true; |
|
| 11 | - public $type = 'strictblockquote'; |
|
| 12 | - protected $init = false; |
|
| 8 | + protected $real_elements; |
|
| 9 | + protected $fake_elements; |
|
| 10 | + public $allow_empty = true; |
|
| 11 | + public $type = 'strictblockquote'; |
|
| 12 | + protected $init = false; |
|
| 13 | 13 | |
| 14 | - /** |
|
| 15 | - * @note We don't want MakeWellFormed to auto-close inline elements since |
|
| 16 | - * they might be allowed. |
|
| 17 | - */ |
|
| 18 | - public function getAllowedElements($config) { |
|
| 19 | - $this->init($config); |
|
| 20 | - return $this->fake_elements; |
|
| 21 | - } |
|
| 14 | + /** |
|
| 15 | + * @note We don't want MakeWellFormed to auto-close inline elements since |
|
| 16 | + * they might be allowed. |
|
| 17 | + */ |
|
| 18 | + public function getAllowedElements($config) { |
|
| 19 | + $this->init($config); |
|
| 20 | + return $this->fake_elements; |
|
| 21 | + } |
|
| 22 | 22 | |
| 23 | - public function validateChildren($tokens_of_children, $config, $context) { |
|
| 23 | + public function validateChildren($tokens_of_children, $config, $context) { |
|
| 24 | 24 | |
| 25 | - $this->init($config); |
|
| 25 | + $this->init($config); |
|
| 26 | 26 | |
| 27 | - // trick the parent class into thinking it allows more |
|
| 28 | - $this->elements = $this->fake_elements; |
|
| 29 | - $result = parent::validateChildren($tokens_of_children, $config, $context); |
|
| 30 | - $this->elements = $this->real_elements; |
|
| 27 | + // trick the parent class into thinking it allows more |
|
| 28 | + $this->elements = $this->fake_elements; |
|
| 29 | + $result = parent::validateChildren($tokens_of_children, $config, $context); |
|
| 30 | + $this->elements = $this->real_elements; |
|
| 31 | 31 | |
| 32 | - if ($result === false) return array(); |
|
| 33 | - if ($result === true) $result = $tokens_of_children; |
|
| 32 | + if ($result === false) return array(); |
|
| 33 | + if ($result === true) $result = $tokens_of_children; |
|
| 34 | 34 | |
| 35 | - $def = $config->getHTMLDefinition(); |
|
| 36 | - $block_wrap_start = new HTMLPurifier_Token_Start($def->info_block_wrapper); |
|
| 37 | - $block_wrap_end = new HTMLPurifier_Token_End( $def->info_block_wrapper); |
|
| 38 | - $is_inline = false; |
|
| 39 | - $depth = 0; |
|
| 40 | - $ret = array(); |
|
| 35 | + $def = $config->getHTMLDefinition(); |
|
| 36 | + $block_wrap_start = new HTMLPurifier_Token_Start($def->info_block_wrapper); |
|
| 37 | + $block_wrap_end = new HTMLPurifier_Token_End( $def->info_block_wrapper); |
|
| 38 | + $is_inline = false; |
|
| 39 | + $depth = 0; |
|
| 40 | + $ret = array(); |
|
| 41 | 41 | |
| 42 | - // assuming that there are no comment tokens |
|
| 43 | - foreach ($result as $i => $token) { |
|
| 44 | - $token = $result[$i]; |
|
| 45 | - // ifs are nested for readability |
|
| 46 | - if (!$is_inline) { |
|
| 47 | - if (!$depth) { |
|
| 48 | - if ( |
|
| 49 | - ($token instanceof HTMLPurifier_Token_Text && !$token->is_whitespace) || |
|
| 50 | - (!$token instanceof HTMLPurifier_Token_Text && !isset($this->elements[$token->name])) |
|
| 51 | - ) { |
|
| 52 | - $is_inline = true; |
|
| 53 | - $ret[] = $block_wrap_start; |
|
| 54 | - } |
|
| 55 | - } |
|
| 56 | - } else { |
|
| 57 | - if (!$depth) { |
|
| 58 | - // starting tokens have been inline text / empty |
|
| 59 | - if ($token instanceof HTMLPurifier_Token_Start || $token instanceof HTMLPurifier_Token_Empty) { |
|
| 60 | - if (isset($this->elements[$token->name])) { |
|
| 61 | - // ended |
|
| 62 | - $ret[] = $block_wrap_end; |
|
| 63 | - $is_inline = false; |
|
| 64 | - } |
|
| 65 | - } |
|
| 66 | - } |
|
| 67 | - } |
|
| 68 | - $ret[] = $token; |
|
| 69 | - if ($token instanceof HTMLPurifier_Token_Start) $depth++; |
|
| 70 | - if ($token instanceof HTMLPurifier_Token_End) $depth--; |
|
| 71 | - } |
|
| 72 | - if ($is_inline) $ret[] = $block_wrap_end; |
|
| 73 | - return $ret; |
|
| 74 | - } |
|
| 42 | + // assuming that there are no comment tokens |
|
| 43 | + foreach ($result as $i => $token) { |
|
| 44 | + $token = $result[$i]; |
|
| 45 | + // ifs are nested for readability |
|
| 46 | + if (!$is_inline) { |
|
| 47 | + if (!$depth) { |
|
| 48 | + if ( |
|
| 49 | + ($token instanceof HTMLPurifier_Token_Text && !$token->is_whitespace) || |
|
| 50 | + (!$token instanceof HTMLPurifier_Token_Text && !isset($this->elements[$token->name])) |
|
| 51 | + ) { |
|
| 52 | + $is_inline = true; |
|
| 53 | + $ret[] = $block_wrap_start; |
|
| 54 | + } |
|
| 55 | + } |
|
| 56 | + } else { |
|
| 57 | + if (!$depth) { |
|
| 58 | + // starting tokens have been inline text / empty |
|
| 59 | + if ($token instanceof HTMLPurifier_Token_Start || $token instanceof HTMLPurifier_Token_Empty) { |
|
| 60 | + if (isset($this->elements[$token->name])) { |
|
| 61 | + // ended |
|
| 62 | + $ret[] = $block_wrap_end; |
|
| 63 | + $is_inline = false; |
|
| 64 | + } |
|
| 65 | + } |
|
| 66 | + } |
|
| 67 | + } |
|
| 68 | + $ret[] = $token; |
|
| 69 | + if ($token instanceof HTMLPurifier_Token_Start) $depth++; |
|
| 70 | + if ($token instanceof HTMLPurifier_Token_End) $depth--; |
|
| 71 | + } |
|
| 72 | + if ($is_inline) $ret[] = $block_wrap_end; |
|
| 73 | + return $ret; |
|
| 74 | + } |
|
| 75 | 75 | |
| 76 | - private function init($config) { |
|
| 77 | - if (!$this->init) { |
|
| 78 | - $def = $config->getHTMLDefinition(); |
|
| 79 | - // allow all inline elements |
|
| 80 | - $this->real_elements = $this->elements; |
|
| 81 | - $this->fake_elements = $def->info_content_sets['Flow']; |
|
| 82 | - $this->fake_elements['#PCDATA'] = true; |
|
| 83 | - $this->init = true; |
|
| 84 | - } |
|
| 85 | - } |
|
| 76 | + private function init($config) { |
|
| 77 | + if (!$this->init) { |
|
| 78 | + $def = $config->getHTMLDefinition(); |
|
| 79 | + // allow all inline elements |
|
| 80 | + $this->real_elements = $this->elements; |
|
| 81 | + $this->fake_elements = $def->info_content_sets['Flow']; |
|
| 82 | + $this->fake_elements['#PCDATA'] = true; |
|
| 83 | + $this->init = true; |
|
| 84 | + } |
|
| 85 | + } |
|
| 86 | 86 | } |
| 87 | 87 | |
| 88 | 88 | // vim: et sw=4 sts=4 |
@@ -34,7 +34,7 @@ |
||
| 34 | 34 | |
| 35 | 35 | $def = $config->getHTMLDefinition(); |
| 36 | 36 | $block_wrap_start = new HTMLPurifier_Token_Start($def->info_block_wrapper); |
| 37 | - $block_wrap_end = new HTMLPurifier_Token_End( $def->info_block_wrapper); |
|
| 37 | + $block_wrap_end = new HTMLPurifier_Token_End($def->info_block_wrapper); |
|
| 38 | 38 | $is_inline = false; |
| 39 | 39 | $depth = 0; |
| 40 | 40 | $ret = array(); |
@@ -29,8 +29,12 @@ discard block |
||
| 29 | 29 | $result = parent::validateChildren($tokens_of_children, $config, $context); |
| 30 | 30 | $this->elements = $this->real_elements; |
| 31 | 31 | |
| 32 | - if ($result === false) return array(); |
|
| 33 | - if ($result === true) $result = $tokens_of_children; |
|
| 32 | + if ($result === false) { |
|
| 33 | + return array(); |
|
| 34 | + } |
|
| 35 | + if ($result === true) { |
|
| 36 | + $result = $tokens_of_children; |
|
| 37 | + } |
|
| 34 | 38 | |
| 35 | 39 | $def = $config->getHTMLDefinition(); |
| 36 | 40 | $block_wrap_start = new HTMLPurifier_Token_Start($def->info_block_wrapper); |
@@ -66,10 +70,16 @@ discard block |
||
| 66 | 70 | } |
| 67 | 71 | } |
| 68 | 72 | $ret[] = $token; |
| 69 | - if ($token instanceof HTMLPurifier_Token_Start) $depth++; |
|
| 70 | - if ($token instanceof HTMLPurifier_Token_End) $depth--; |
|
| 73 | + if ($token instanceof HTMLPurifier_Token_Start) { |
|
| 74 | + $depth++; |
|
| 75 | + } |
|
| 76 | + if ($token instanceof HTMLPurifier_Token_End) { |
|
| 77 | + $depth--; |
|
| 78 | + } |
|
| 79 | + } |
|
| 80 | + if ($is_inline) { |
|
| 81 | + $ret[] = $block_wrap_end; |
|
| 71 | 82 | } |
| 72 | - if ($is_inline) $ret[] = $block_wrap_end; |
|
| 73 | 83 | return $ret; |
| 74 | 84 | } |
| 75 | 85 | |
@@ -31,197 +31,197 @@ |
||
| 31 | 31 | */ |
| 32 | 32 | class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef |
| 33 | 33 | { |
| 34 | - public $allow_empty = false; |
|
| 35 | - public $type = 'table'; |
|
| 36 | - public $elements = array('tr' => true, 'tbody' => true, 'thead' => true, |
|
| 37 | - 'tfoot' => true, 'caption' => true, 'colgroup' => true, 'col' => true); |
|
| 38 | - public function __construct() {} |
|
| 39 | - public function validateChildren($tokens_of_children, $config, $context) { |
|
| 40 | - if (empty($tokens_of_children)) return false; |
|
| 41 | - |
|
| 42 | - // this ensures that the loop gets run one last time before closing |
|
| 43 | - // up. It's a little bit of a hack, but it works! Just make sure you |
|
| 44 | - // get rid of the token later. |
|
| 45 | - $tokens_of_children[] = false; |
|
| 46 | - |
|
| 47 | - // only one of these elements is allowed in a table |
|
| 48 | - $caption = false; |
|
| 49 | - $thead = false; |
|
| 50 | - $tfoot = false; |
|
| 51 | - |
|
| 52 | - // as many of these as you want |
|
| 53 | - $cols = array(); |
|
| 54 | - $content = array(); |
|
| 55 | - |
|
| 56 | - $nesting = 0; // current depth so we can determine nodes |
|
| 57 | - $is_collecting = false; // are we globbing together tokens to package |
|
| 58 | - // into one of the collectors? |
|
| 59 | - $collection = array(); // collected nodes |
|
| 60 | - $tag_index = 0; // the first node might be whitespace, |
|
| 61 | - // so this tells us where the start tag is |
|
| 62 | - $tbody_mode = false; // if true, then we need to wrap any stray |
|
| 63 | - // <tr>s with a <tbody>. |
|
| 64 | - |
|
| 65 | - foreach ($tokens_of_children as $token) { |
|
| 66 | - $is_child = ($nesting == 0); |
|
| 67 | - |
|
| 68 | - if ($token === false) { |
|
| 69 | - // terminating sequence started |
|
| 70 | - } elseif ($token instanceof HTMLPurifier_Token_Start) { |
|
| 71 | - $nesting++; |
|
| 72 | - } elseif ($token instanceof HTMLPurifier_Token_End) { |
|
| 73 | - $nesting--; |
|
| 74 | - } |
|
| 75 | - |
|
| 76 | - // handle node collection |
|
| 77 | - if ($is_collecting) { |
|
| 78 | - if ($is_child) { |
|
| 79 | - // okay, let's stash the tokens away |
|
| 80 | - // first token tells us the type of the collection |
|
| 81 | - switch ($collection[$tag_index]->name) { |
|
| 82 | - case 'tbody': |
|
| 83 | - $tbody_mode = true; |
|
| 84 | - case 'tr': |
|
| 85 | - $content[] = $collection; |
|
| 86 | - break; |
|
| 87 | - case 'caption': |
|
| 88 | - if ($caption !== false) break; |
|
| 89 | - $caption = $collection; |
|
| 90 | - break; |
|
| 91 | - case 'thead': |
|
| 92 | - case 'tfoot': |
|
| 93 | - $tbody_mode = true; |
|
| 94 | - // XXX This breaks rendering properties with |
|
| 95 | - // Firefox, which never floats a <thead> to |
|
| 96 | - // the top. Ever. (Our scheme will float the |
|
| 97 | - // first <thead> to the top.) So maybe |
|
| 98 | - // <thead>s that are not first should be |
|
| 99 | - // turned into <tbody>? Very tricky, indeed. |
|
| 100 | - |
|
| 101 | - // access the appropriate variable, $thead or $tfoot |
|
| 102 | - $var = $collection[$tag_index]->name; |
|
| 103 | - if ($$var === false) { |
|
| 104 | - $$var = $collection; |
|
| 105 | - } else { |
|
| 106 | - // Oops, there's a second one! What |
|
| 107 | - // should we do? Current behavior is to |
|
| 108 | - // transmutate the first and last entries into |
|
| 109 | - // tbody tags, and then put into content. |
|
| 110 | - // Maybe a better idea is to *attach |
|
| 111 | - // it* to the existing thead or tfoot? |
|
| 112 | - // We don't do this, because Firefox |
|
| 113 | - // doesn't float an extra tfoot to the |
|
| 114 | - // bottom like it does for the first one. |
|
| 115 | - $collection[$tag_index]->name = 'tbody'; |
|
| 116 | - $collection[count($collection)-1]->name = 'tbody'; |
|
| 117 | - $content[] = $collection; |
|
| 118 | - } |
|
| 119 | - break; |
|
| 120 | - case 'colgroup': |
|
| 121 | - $cols[] = $collection; |
|
| 122 | - break; |
|
| 123 | - } |
|
| 124 | - $collection = array(); |
|
| 125 | - $is_collecting = false; |
|
| 126 | - $tag_index = 0; |
|
| 127 | - } else { |
|
| 128 | - // add the node to the collection |
|
| 129 | - $collection[] = $token; |
|
| 130 | - } |
|
| 131 | - } |
|
| 132 | - |
|
| 133 | - // terminate |
|
| 134 | - if ($token === false) break; |
|
| 135 | - |
|
| 136 | - if ($is_child) { |
|
| 137 | - // determine what we're dealing with |
|
| 138 | - if ($token->name == 'col') { |
|
| 139 | - // the only empty tag in the possie, we can handle it |
|
| 140 | - // immediately |
|
| 141 | - $cols[] = array_merge($collection, array($token)); |
|
| 142 | - $collection = array(); |
|
| 143 | - $tag_index = 0; |
|
| 144 | - continue; |
|
| 145 | - } |
|
| 146 | - switch($token->name) { |
|
| 147 | - case 'caption': |
|
| 148 | - case 'colgroup': |
|
| 149 | - case 'thead': |
|
| 150 | - case 'tfoot': |
|
| 151 | - case 'tbody': |
|
| 152 | - case 'tr': |
|
| 153 | - $is_collecting = true; |
|
| 154 | - $collection[] = $token; |
|
| 155 | - continue; |
|
| 156 | - default: |
|
| 157 | - if (!empty($token->is_whitespace)) { |
|
| 158 | - $collection[] = $token; |
|
| 159 | - $tag_index++; |
|
| 160 | - } |
|
| 161 | - continue; |
|
| 162 | - } |
|
| 163 | - } |
|
| 164 | - } |
|
| 165 | - |
|
| 166 | - if (empty($content)) return false; |
|
| 167 | - |
|
| 168 | - $ret = array(); |
|
| 169 | - if ($caption !== false) $ret = array_merge($ret, $caption); |
|
| 170 | - if ($cols !== false) foreach ($cols as $token_array) $ret = array_merge($ret, $token_array); |
|
| 171 | - if ($thead !== false) $ret = array_merge($ret, $thead); |
|
| 172 | - if ($tfoot !== false) $ret = array_merge($ret, $tfoot); |
|
| 173 | - |
|
| 174 | - if ($tbody_mode) { |
|
| 175 | - // a little tricky, since the start of the collection may be |
|
| 176 | - // whitespace |
|
| 177 | - $inside_tbody = false; |
|
| 178 | - foreach ($content as $token_array) { |
|
| 179 | - // find the starting token |
|
| 180 | - foreach ($token_array as $t) { |
|
| 181 | - if ($t->name === 'tr' || $t->name === 'tbody') { |
|
| 182 | - break; |
|
| 183 | - } |
|
| 184 | - } // iterator variable carries over |
|
| 185 | - if ($t->name === 'tr') { |
|
| 186 | - if ($inside_tbody) { |
|
| 187 | - $ret = array_merge($ret, $token_array); |
|
| 188 | - } else { |
|
| 189 | - $ret[] = new HTMLPurifier_Token_Start('tbody'); |
|
| 190 | - $ret = array_merge($ret, $token_array); |
|
| 191 | - $inside_tbody = true; |
|
| 192 | - } |
|
| 193 | - } elseif ($t->name === 'tbody') { |
|
| 194 | - if ($inside_tbody) { |
|
| 195 | - $ret[] = new HTMLPurifier_Token_End('tbody'); |
|
| 196 | - $inside_tbody = false; |
|
| 197 | - $ret = array_merge($ret, $token_array); |
|
| 198 | - } else { |
|
| 199 | - $ret = array_merge($ret, $token_array); |
|
| 200 | - } |
|
| 201 | - } else { |
|
| 202 | - trigger_error("tr/tbody in content invariant failed in Table ChildDef", E_USER_ERROR); |
|
| 203 | - } |
|
| 204 | - } |
|
| 205 | - if ($inside_tbody) { |
|
| 206 | - $ret[] = new HTMLPurifier_Token_End('tbody'); |
|
| 207 | - } |
|
| 208 | - } else { |
|
| 209 | - foreach ($content as $token_array) { |
|
| 210 | - // invariant: everything in here is <tr>s |
|
| 211 | - $ret = array_merge($ret, $token_array); |
|
| 212 | - } |
|
| 213 | - } |
|
| 214 | - |
|
| 215 | - if (!empty($collection) && $is_collecting == false){ |
|
| 216 | - // grab the trailing space |
|
| 217 | - $ret = array_merge($ret, $collection); |
|
| 218 | - } |
|
| 219 | - |
|
| 220 | - array_pop($tokens_of_children); // remove phantom token |
|
| 221 | - |
|
| 222 | - return ($ret === $tokens_of_children) ? true : $ret; |
|
| 223 | - |
|
| 224 | - } |
|
| 34 | + public $allow_empty = false; |
|
| 35 | + public $type = 'table'; |
|
| 36 | + public $elements = array('tr' => true, 'tbody' => true, 'thead' => true, |
|
| 37 | + 'tfoot' => true, 'caption' => true, 'colgroup' => true, 'col' => true); |
|
| 38 | + public function __construct() {} |
|
| 39 | + public function validateChildren($tokens_of_children, $config, $context) { |
|
| 40 | + if (empty($tokens_of_children)) return false; |
|
| 41 | + |
|
| 42 | + // this ensures that the loop gets run one last time before closing |
|
| 43 | + // up. It's a little bit of a hack, but it works! Just make sure you |
|
| 44 | + // get rid of the token later. |
|
| 45 | + $tokens_of_children[] = false; |
|
| 46 | + |
|
| 47 | + // only one of these elements is allowed in a table |
|
| 48 | + $caption = false; |
|
| 49 | + $thead = false; |
|
| 50 | + $tfoot = false; |
|
| 51 | + |
|
| 52 | + // as many of these as you want |
|
| 53 | + $cols = array(); |
|
| 54 | + $content = array(); |
|
| 55 | + |
|
| 56 | + $nesting = 0; // current depth so we can determine nodes |
|
| 57 | + $is_collecting = false; // are we globbing together tokens to package |
|
| 58 | + // into one of the collectors? |
|
| 59 | + $collection = array(); // collected nodes |
|
| 60 | + $tag_index = 0; // the first node might be whitespace, |
|
| 61 | + // so this tells us where the start tag is |
|
| 62 | + $tbody_mode = false; // if true, then we need to wrap any stray |
|
| 63 | + // <tr>s with a <tbody>. |
|
| 64 | + |
|
| 65 | + foreach ($tokens_of_children as $token) { |
|
| 66 | + $is_child = ($nesting == 0); |
|
| 67 | + |
|
| 68 | + if ($token === false) { |
|
| 69 | + // terminating sequence started |
|
| 70 | + } elseif ($token instanceof HTMLPurifier_Token_Start) { |
|
| 71 | + $nesting++; |
|
| 72 | + } elseif ($token instanceof HTMLPurifier_Token_End) { |
|
| 73 | + $nesting--; |
|
| 74 | + } |
|
| 75 | + |
|
| 76 | + // handle node collection |
|
| 77 | + if ($is_collecting) { |
|
| 78 | + if ($is_child) { |
|
| 79 | + // okay, let's stash the tokens away |
|
| 80 | + // first token tells us the type of the collection |
|
| 81 | + switch ($collection[$tag_index]->name) { |
|
| 82 | + case 'tbody': |
|
| 83 | + $tbody_mode = true; |
|
| 84 | + case 'tr': |
|
| 85 | + $content[] = $collection; |
|
| 86 | + break; |
|
| 87 | + case 'caption': |
|
| 88 | + if ($caption !== false) break; |
|
| 89 | + $caption = $collection; |
|
| 90 | + break; |
|
| 91 | + case 'thead': |
|
| 92 | + case 'tfoot': |
|
| 93 | + $tbody_mode = true; |
|
| 94 | + // XXX This breaks rendering properties with |
|
| 95 | + // Firefox, which never floats a <thead> to |
|
| 96 | + // the top. Ever. (Our scheme will float the |
|
| 97 | + // first <thead> to the top.) So maybe |
|
| 98 | + // <thead>s that are not first should be |
|
| 99 | + // turned into <tbody>? Very tricky, indeed. |
|
| 100 | + |
|
| 101 | + // access the appropriate variable, $thead or $tfoot |
|
| 102 | + $var = $collection[$tag_index]->name; |
|
| 103 | + if ($$var === false) { |
|
| 104 | + $$var = $collection; |
|
| 105 | + } else { |
|
| 106 | + // Oops, there's a second one! What |
|
| 107 | + // should we do? Current behavior is to |
|
| 108 | + // transmutate the first and last entries into |
|
| 109 | + // tbody tags, and then put into content. |
|
| 110 | + // Maybe a better idea is to *attach |
|
| 111 | + // it* to the existing thead or tfoot? |
|
| 112 | + // We don't do this, because Firefox |
|
| 113 | + // doesn't float an extra tfoot to the |
|
| 114 | + // bottom like it does for the first one. |
|
| 115 | + $collection[$tag_index]->name = 'tbody'; |
|
| 116 | + $collection[count($collection)-1]->name = 'tbody'; |
|
| 117 | + $content[] = $collection; |
|
| 118 | + } |
|
| 119 | + break; |
|
| 120 | + case 'colgroup': |
|
| 121 | + $cols[] = $collection; |
|
| 122 | + break; |
|
| 123 | + } |
|
| 124 | + $collection = array(); |
|
| 125 | + $is_collecting = false; |
|
| 126 | + $tag_index = 0; |
|
| 127 | + } else { |
|
| 128 | + // add the node to the collection |
|
| 129 | + $collection[] = $token; |
|
| 130 | + } |
|
| 131 | + } |
|
| 132 | + |
|
| 133 | + // terminate |
|
| 134 | + if ($token === false) break; |
|
| 135 | + |
|
| 136 | + if ($is_child) { |
|
| 137 | + // determine what we're dealing with |
|
| 138 | + if ($token->name == 'col') { |
|
| 139 | + // the only empty tag in the possie, we can handle it |
|
| 140 | + // immediately |
|
| 141 | + $cols[] = array_merge($collection, array($token)); |
|
| 142 | + $collection = array(); |
|
| 143 | + $tag_index = 0; |
|
| 144 | + continue; |
|
| 145 | + } |
|
| 146 | + switch($token->name) { |
|
| 147 | + case 'caption': |
|
| 148 | + case 'colgroup': |
|
| 149 | + case 'thead': |
|
| 150 | + case 'tfoot': |
|
| 151 | + case 'tbody': |
|
| 152 | + case 'tr': |
|
| 153 | + $is_collecting = true; |
|
| 154 | + $collection[] = $token; |
|
| 155 | + continue; |
|
| 156 | + default: |
|
| 157 | + if (!empty($token->is_whitespace)) { |
|
| 158 | + $collection[] = $token; |
|
| 159 | + $tag_index++; |
|
| 160 | + } |
|
| 161 | + continue; |
|
| 162 | + } |
|
| 163 | + } |
|
| 164 | + } |
|
| 165 | + |
|
| 166 | + if (empty($content)) return false; |
|
| 167 | + |
|
| 168 | + $ret = array(); |
|
| 169 | + if ($caption !== false) $ret = array_merge($ret, $caption); |
|
| 170 | + if ($cols !== false) foreach ($cols as $token_array) $ret = array_merge($ret, $token_array); |
|
| 171 | + if ($thead !== false) $ret = array_merge($ret, $thead); |
|
| 172 | + if ($tfoot !== false) $ret = array_merge($ret, $tfoot); |
|
| 173 | + |
|
| 174 | + if ($tbody_mode) { |
|
| 175 | + // a little tricky, since the start of the collection may be |
|
| 176 | + // whitespace |
|
| 177 | + $inside_tbody = false; |
|
| 178 | + foreach ($content as $token_array) { |
|
| 179 | + // find the starting token |
|
| 180 | + foreach ($token_array as $t) { |
|
| 181 | + if ($t->name === 'tr' || $t->name === 'tbody') { |
|
| 182 | + break; |
|
| 183 | + } |
|
| 184 | + } // iterator variable carries over |
|
| 185 | + if ($t->name === 'tr') { |
|
| 186 | + if ($inside_tbody) { |
|
| 187 | + $ret = array_merge($ret, $token_array); |
|
| 188 | + } else { |
|
| 189 | + $ret[] = new HTMLPurifier_Token_Start('tbody'); |
|
| 190 | + $ret = array_merge($ret, $token_array); |
|
| 191 | + $inside_tbody = true; |
|
| 192 | + } |
|
| 193 | + } elseif ($t->name === 'tbody') { |
|
| 194 | + if ($inside_tbody) { |
|
| 195 | + $ret[] = new HTMLPurifier_Token_End('tbody'); |
|
| 196 | + $inside_tbody = false; |
|
| 197 | + $ret = array_merge($ret, $token_array); |
|
| 198 | + } else { |
|
| 199 | + $ret = array_merge($ret, $token_array); |
|
| 200 | + } |
|
| 201 | + } else { |
|
| 202 | + trigger_error("tr/tbody in content invariant failed in Table ChildDef", E_USER_ERROR); |
|
| 203 | + } |
|
| 204 | + } |
|
| 205 | + if ($inside_tbody) { |
|
| 206 | + $ret[] = new HTMLPurifier_Token_End('tbody'); |
|
| 207 | + } |
|
| 208 | + } else { |
|
| 209 | + foreach ($content as $token_array) { |
|
| 210 | + // invariant: everything in here is <tr>s |
|
| 211 | + $ret = array_merge($ret, $token_array); |
|
| 212 | + } |
|
| 213 | + } |
|
| 214 | + |
|
| 215 | + if (!empty($collection) && $is_collecting == false){ |
|
| 216 | + // grab the trailing space |
|
| 217 | + $ret = array_merge($ret, $collection); |
|
| 218 | + } |
|
| 219 | + |
|
| 220 | + array_pop($tokens_of_children); // remove phantom token |
|
| 221 | + |
|
| 222 | + return ($ret === $tokens_of_children) ? true : $ret; |
|
| 223 | + |
|
| 224 | + } |
|
| 225 | 225 | } |
| 226 | 226 | |
| 227 | 227 | // vim: et sw=4 sts=4 |
@@ -113,7 +113,7 @@ discard block |
||
| 113 | 113 | // doesn't float an extra tfoot to the |
| 114 | 114 | // bottom like it does for the first one. |
| 115 | 115 | $collection[$tag_index]->name = 'tbody'; |
| 116 | - $collection[count($collection)-1]->name = 'tbody'; |
|
| 116 | + $collection[count($collection) - 1]->name = 'tbody'; |
|
| 117 | 117 | $content[] = $collection; |
| 118 | 118 | } |
| 119 | 119 | break; |
@@ -143,7 +143,7 @@ discard block |
||
| 143 | 143 | $tag_index = 0; |
| 144 | 144 | continue; |
| 145 | 145 | } |
| 146 | - switch($token->name) { |
|
| 146 | + switch ($token->name) { |
|
| 147 | 147 | case 'caption': |
| 148 | 148 | case 'colgroup': |
| 149 | 149 | case 'thead': |
@@ -212,7 +212,7 @@ discard block |
||
| 212 | 212 | } |
| 213 | 213 | } |
| 214 | 214 | |
| 215 | - if (!empty($collection) && $is_collecting == false){ |
|
| 215 | + if (!empty($collection) && $is_collecting == false) { |
|
| 216 | 216 | // grab the trailing space |
| 217 | 217 | $ret = array_merge($ret, $collection); |
| 218 | 218 | } |
@@ -37,7 +37,9 @@ discard block |
||
| 37 | 37 | 'tfoot' => true, 'caption' => true, 'colgroup' => true, 'col' => true); |
| 38 | 38 | public function __construct() {} |
| 39 | 39 | public function validateChildren($tokens_of_children, $config, $context) { |
| 40 | - if (empty($tokens_of_children)) return false; |
|
| 40 | + if (empty($tokens_of_children)) { |
|
| 41 | + return false; |
|
| 42 | + } |
|
| 41 | 43 | |
| 42 | 44 | // this ensures that the loop gets run one last time before closing |
| 43 | 45 | // up. It's a little bit of a hack, but it works! Just make sure you |
@@ -85,7 +87,9 @@ discard block |
||
| 85 | 87 | $content[] = $collection; |
| 86 | 88 | break; |
| 87 | 89 | case 'caption': |
| 88 | - if ($caption !== false) break; |
|
| 90 | + if ($caption !== false) { |
|
| 91 | + break; |
|
| 92 | + } |
|
| 89 | 93 | $caption = $collection; |
| 90 | 94 | break; |
| 91 | 95 | case 'thead': |
@@ -131,7 +135,9 @@ discard block |
||
| 131 | 135 | } |
| 132 | 136 | |
| 133 | 137 | // terminate |
| 134 | - if ($token === false) break; |
|
| 138 | + if ($token === false) { |
|
| 139 | + break; |
|
| 140 | + } |
|
| 135 | 141 | |
| 136 | 142 | if ($is_child) { |
| 137 | 143 | // determine what we're dealing with |
@@ -163,13 +169,23 @@ discard block |
||
| 163 | 169 | } |
| 164 | 170 | } |
| 165 | 171 | |
| 166 | - if (empty($content)) return false; |
|
| 172 | + if (empty($content)) { |
|
| 173 | + return false; |
|
| 174 | + } |
|
| 167 | 175 | |
| 168 | 176 | $ret = array(); |
| 169 | - if ($caption !== false) $ret = array_merge($ret, $caption); |
|
| 170 | - if ($cols !== false) foreach ($cols as $token_array) $ret = array_merge($ret, $token_array); |
|
| 171 | - if ($thead !== false) $ret = array_merge($ret, $thead); |
|
| 172 | - if ($tfoot !== false) $ret = array_merge($ret, $tfoot); |
|
| 177 | + if ($caption !== false) { |
|
| 178 | + $ret = array_merge($ret, $caption); |
|
| 179 | + } |
|
| 180 | + if ($cols !== false) { |
|
| 181 | + foreach ($cols as $token_array) $ret = array_merge($ret, $token_array); |
|
| 182 | + } |
|
| 183 | + if ($thead !== false) { |
|
| 184 | + $ret = array_merge($ret, $thead); |
|
| 185 | + } |
|
| 186 | + if ($tfoot !== false) { |
|
| 187 | + $ret = array_merge($ret, $tfoot); |
|
| 188 | + } |
|
| 173 | 189 | |
| 174 | 190 | if ($tbody_mode) { |
| 175 | 191 | // a little tricky, since the start of the collection may be |
@@ -17,692 +17,692 @@ |
||
| 17 | 17 | class HTMLPurifier_Config |
| 18 | 18 | { |
| 19 | 19 | |
| 20 | - /** |
|
| 21 | - * HTML Purifier's version |
|
| 22 | - */ |
|
| 23 | - public $version = '4.4.0'; |
|
| 24 | - |
|
| 25 | - /** |
|
| 26 | - * Bool indicator whether or not to automatically finalize |
|
| 27 | - * the object if a read operation is done |
|
| 28 | - */ |
|
| 29 | - public $autoFinalize = true; |
|
| 30 | - |
|
| 31 | - // protected member variables |
|
| 32 | - |
|
| 33 | - /** |
|
| 34 | - * Namespace indexed array of serials for specific namespaces (see |
|
| 35 | - * getSerial() for more info). |
|
| 36 | - */ |
|
| 37 | - protected $serials = array(); |
|
| 38 | - |
|
| 39 | - /** |
|
| 40 | - * Serial for entire configuration object |
|
| 41 | - */ |
|
| 42 | - protected $serial; |
|
| 43 | - |
|
| 44 | - /** |
|
| 45 | - * Parser for variables |
|
| 46 | - */ |
|
| 47 | - protected $parser = null; |
|
| 48 | - |
|
| 49 | - /** |
|
| 50 | - * Reference HTMLPurifier_ConfigSchema for value checking |
|
| 51 | - * @note This is public for introspective purposes. Please don't |
|
| 52 | - * abuse! |
|
| 53 | - */ |
|
| 54 | - public $def; |
|
| 55 | - |
|
| 56 | - /** |
|
| 57 | - * Indexed array of definitions |
|
| 58 | - */ |
|
| 59 | - protected $definitions; |
|
| 60 | - |
|
| 61 | - /** |
|
| 62 | - * Bool indicator whether or not config is finalized |
|
| 63 | - */ |
|
| 64 | - protected $finalized = false; |
|
| 65 | - |
|
| 66 | - /** |
|
| 67 | - * Property list containing configuration directives. |
|
| 68 | - */ |
|
| 69 | - protected $plist; |
|
| 70 | - |
|
| 71 | - /** |
|
| 72 | - * Whether or not a set is taking place due to an |
|
| 73 | - * alias lookup. |
|
| 74 | - */ |
|
| 75 | - private $aliasMode; |
|
| 76 | - |
|
| 77 | - /** |
|
| 78 | - * Set to false if you do not want line and file numbers in errors |
|
| 79 | - * (useful when unit testing). This will also compress some errors |
|
| 80 | - * and exceptions. |
|
| 81 | - */ |
|
| 82 | - public $chatty = true; |
|
| 83 | - |
|
| 84 | - /** |
|
| 85 | - * Current lock; only gets to this namespace are allowed. |
|
| 86 | - */ |
|
| 87 | - private $lock; |
|
| 88 | - |
|
| 89 | - /** |
|
| 90 | - * @param $definition HTMLPurifier_ConfigSchema that defines what directives |
|
| 91 | - * are allowed. |
|
| 92 | - */ |
|
| 93 | - public function __construct($definition, $parent = null) { |
|
| 94 | - $parent = $parent ? $parent : $definition->defaultPlist; |
|
| 95 | - $this->plist = new HTMLPurifier_PropertyList($parent); |
|
| 96 | - $this->def = $definition; // keep a copy around for checking |
|
| 97 | - $this->parser = new HTMLPurifier_VarParser_Flexible(); |
|
| 98 | - } |
|
| 99 | - |
|
| 100 | - /** |
|
| 101 | - * Convenience constructor that creates a config object based on a mixed var |
|
| 102 | - * @param mixed $config Variable that defines the state of the config |
|
| 103 | - * object. Can be: a HTMLPurifier_Config() object, |
|
| 104 | - * an array of directives based on loadArray(), |
|
| 105 | - * or a string filename of an ini file. |
|
| 106 | - * @param HTMLPurifier_ConfigSchema Schema object |
|
| 107 | - * @return Configured HTMLPurifier_Config object |
|
| 108 | - */ |
|
| 109 | - public static function create($config, $schema = null) { |
|
| 110 | - if ($config instanceof HTMLPurifier_Config) { |
|
| 111 | - // pass-through |
|
| 112 | - return $config; |
|
| 113 | - } |
|
| 114 | - if (!$schema) { |
|
| 115 | - $ret = HTMLPurifier_Config::createDefault(); |
|
| 116 | - } else { |
|
| 117 | - $ret = new HTMLPurifier_Config($schema); |
|
| 118 | - } |
|
| 119 | - if (is_string($config)) $ret->loadIni($config); |
|
| 120 | - elseif (is_array($config)) $ret->loadArray($config); |
|
| 121 | - return $ret; |
|
| 122 | - } |
|
| 123 | - |
|
| 124 | - /** |
|
| 125 | - * Creates a new config object that inherits from a previous one. |
|
| 126 | - * @param HTMLPurifier_Config $config Configuration object to inherit |
|
| 127 | - * from. |
|
| 128 | - * @return HTMLPurifier_Config object with $config as its parent. |
|
| 129 | - */ |
|
| 130 | - public static function inherit(HTMLPurifier_Config $config) { |
|
| 131 | - return new HTMLPurifier_Config($config->def, $config->plist); |
|
| 132 | - } |
|
| 133 | - |
|
| 134 | - /** |
|
| 135 | - * Convenience constructor that creates a default configuration object. |
|
| 136 | - * @return Default HTMLPurifier_Config object. |
|
| 137 | - */ |
|
| 138 | - public static function createDefault() { |
|
| 139 | - $definition = HTMLPurifier_ConfigSchema::instance(); |
|
| 140 | - $config = new HTMLPurifier_Config($definition); |
|
| 141 | - return $config; |
|
| 142 | - } |
|
| 143 | - |
|
| 144 | - /** |
|
| 145 | - * Retreives a value from the configuration. |
|
| 146 | - * @param $key String key |
|
| 147 | - */ |
|
| 148 | - public function get($key, $a = null) { |
|
| 149 | - if ($a !== null) { |
|
| 150 | - $this->triggerError("Using deprecated API: use \$config->get('$key.$a') instead", E_USER_WARNING); |
|
| 151 | - $key = "$key.$a"; |
|
| 152 | - } |
|
| 153 | - if (!$this->finalized) $this->autoFinalize(); |
|
| 154 | - if (!isset($this->def->info[$key])) { |
|
| 155 | - // can't add % due to SimpleTest bug |
|
| 156 | - $this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
|
| 157 | - E_USER_WARNING); |
|
| 158 | - return; |
|
| 159 | - } |
|
| 160 | - if (isset($this->def->info[$key]->isAlias)) { |
|
| 161 | - $d = $this->def->info[$key]; |
|
| 162 | - $this->triggerError('Cannot get value from aliased directive, use real name ' . $d->key, |
|
| 163 | - E_USER_ERROR); |
|
| 164 | - return; |
|
| 165 | - } |
|
| 166 | - if ($this->lock) { |
|
| 167 | - list($ns) = explode('.', $key); |
|
| 168 | - if ($ns !== $this->lock) { |
|
| 169 | - $this->triggerError('Cannot get value of namespace ' . $ns . ' when lock for ' . $this->lock . ' is active, this probably indicates a Definition setup method is accessing directives that are not within its namespace', E_USER_ERROR); |
|
| 170 | - return; |
|
| 171 | - } |
|
| 172 | - } |
|
| 173 | - return $this->plist->get($key); |
|
| 174 | - } |
|
| 175 | - |
|
| 176 | - /** |
|
| 177 | - * Retreives an array of directives to values from a given namespace |
|
| 178 | - * @param $namespace String namespace |
|
| 179 | - */ |
|
| 180 | - public function getBatch($namespace) { |
|
| 181 | - if (!$this->finalized) $this->autoFinalize(); |
|
| 182 | - $full = $this->getAll(); |
|
| 183 | - if (!isset($full[$namespace])) { |
|
| 184 | - $this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
|
| 185 | - E_USER_WARNING); |
|
| 186 | - return; |
|
| 187 | - } |
|
| 188 | - return $full[$namespace]; |
|
| 189 | - } |
|
| 190 | - |
|
| 191 | - /** |
|
| 192 | - * Returns a md5 signature of a segment of the configuration object |
|
| 193 | - * that uniquely identifies that particular configuration |
|
| 194 | - * @note Revision is handled specially and is removed from the batch |
|
| 195 | - * before processing! |
|
| 196 | - * @param $namespace Namespace to get serial for |
|
| 197 | - */ |
|
| 198 | - public function getBatchSerial($namespace) { |
|
| 199 | - if (empty($this->serials[$namespace])) { |
|
| 200 | - $batch = $this->getBatch($namespace); |
|
| 201 | - unset($batch['DefinitionRev']); |
|
| 202 | - $this->serials[$namespace] = md5(serialize($batch)); |
|
| 203 | - } |
|
| 204 | - return $this->serials[$namespace]; |
|
| 205 | - } |
|
| 206 | - |
|
| 207 | - /** |
|
| 208 | - * Returns a md5 signature for the entire configuration object |
|
| 209 | - * that uniquely identifies that particular configuration |
|
| 210 | - */ |
|
| 211 | - public function getSerial() { |
|
| 212 | - if (empty($this->serial)) { |
|
| 213 | - $this->serial = md5(serialize($this->getAll())); |
|
| 214 | - } |
|
| 215 | - return $this->serial; |
|
| 216 | - } |
|
| 217 | - |
|
| 218 | - /** |
|
| 219 | - * Retrieves all directives, organized by namespace |
|
| 220 | - * @warning This is a pretty inefficient function, avoid if you can |
|
| 221 | - */ |
|
| 222 | - public function getAll() { |
|
| 223 | - if (!$this->finalized) $this->autoFinalize(); |
|
| 224 | - $ret = array(); |
|
| 225 | - foreach ($this->plist->squash() as $name => $value) { |
|
| 226 | - list($ns, $key) = explode('.', $name, 2); |
|
| 227 | - $ret[$ns][$key] = $value; |
|
| 228 | - } |
|
| 229 | - return $ret; |
|
| 230 | - } |
|
| 231 | - |
|
| 232 | - /** |
|
| 233 | - * Sets a value to configuration. |
|
| 234 | - * @param $key String key |
|
| 235 | - * @param $value Mixed value |
|
| 236 | - */ |
|
| 237 | - public function set($key, $value, $a = null) { |
|
| 238 | - if (strpos($key, '.') === false) { |
|
| 239 | - $namespace = $key; |
|
| 240 | - $directive = $value; |
|
| 241 | - $value = $a; |
|
| 242 | - $key = "$key.$directive"; |
|
| 243 | - $this->triggerError("Using deprecated API: use \$config->set('$key', ...) instead", E_USER_NOTICE); |
|
| 244 | - } else { |
|
| 245 | - list($namespace) = explode('.', $key); |
|
| 246 | - } |
|
| 247 | - if ($this->isFinalized('Cannot set directive after finalization')) return; |
|
| 248 | - if (!isset($this->def->info[$key])) { |
|
| 249 | - $this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false) . ' to value', |
|
| 250 | - E_USER_WARNING); |
|
| 251 | - return; |
|
| 252 | - } |
|
| 253 | - $def = $this->def->info[$key]; |
|
| 254 | - |
|
| 255 | - if (isset($def->isAlias)) { |
|
| 256 | - if ($this->aliasMode) { |
|
| 257 | - $this->triggerError('Double-aliases not allowed, please fix '. |
|
| 258 | - 'ConfigSchema bug with' . $key, E_USER_ERROR); |
|
| 259 | - return; |
|
| 260 | - } |
|
| 261 | - $this->aliasMode = true; |
|
| 262 | - $this->set($def->key, $value); |
|
| 263 | - $this->aliasMode = false; |
|
| 264 | - $this->triggerError("$key is an alias, preferred directive name is {$def->key}", E_USER_NOTICE); |
|
| 265 | - return; |
|
| 266 | - } |
|
| 267 | - |
|
| 268 | - // Raw type might be negative when using the fully optimized form |
|
| 269 | - // of stdclass, which indicates allow_null == true |
|
| 270 | - $rtype = is_int($def) ? $def : $def->type; |
|
| 271 | - if ($rtype < 0) { |
|
| 272 | - $type = -$rtype; |
|
| 273 | - $allow_null = true; |
|
| 274 | - } else { |
|
| 275 | - $type = $rtype; |
|
| 276 | - $allow_null = isset($def->allow_null); |
|
| 277 | - } |
|
| 278 | - |
|
| 279 | - try { |
|
| 280 | - $value = $this->parser->parse($value, $type, $allow_null); |
|
| 281 | - } catch (HTMLPurifier_VarParserException $e) { |
|
| 282 | - $this->triggerError('Value for ' . $key . ' is of invalid type, should be ' . HTMLPurifier_VarParser::getTypeName($type), E_USER_WARNING); |
|
| 283 | - return; |
|
| 284 | - } |
|
| 285 | - if (is_string($value) && is_object($def)) { |
|
| 286 | - // resolve value alias if defined |
|
| 287 | - if (isset($def->aliases[$value])) { |
|
| 288 | - $value = $def->aliases[$value]; |
|
| 289 | - } |
|
| 290 | - // check to see if the value is allowed |
|
| 291 | - if (isset($def->allowed) && !isset($def->allowed[$value])) { |
|
| 292 | - $this->triggerError('Value not supported, valid values are: ' . |
|
| 293 | - $this->_listify($def->allowed), E_USER_WARNING); |
|
| 294 | - return; |
|
| 295 | - } |
|
| 296 | - } |
|
| 297 | - $this->plist->set($key, $value); |
|
| 298 | - |
|
| 299 | - // reset definitions if the directives they depend on changed |
|
| 300 | - // this is a very costly process, so it's discouraged |
|
| 301 | - // with finalization |
|
| 302 | - if ($namespace == 'HTML' || $namespace == 'CSS' || $namespace == 'URI') { |
|
| 303 | - $this->definitions[$namespace] = null; |
|
| 304 | - } |
|
| 305 | - |
|
| 306 | - $this->serials[$namespace] = false; |
|
| 307 | - } |
|
| 308 | - |
|
| 309 | - /** |
|
| 310 | - * Convenience function for error reporting |
|
| 311 | - */ |
|
| 312 | - private function _listify($lookup) { |
|
| 313 | - $list = array(); |
|
| 314 | - foreach ($lookup as $name => $b) $list[] = $name; |
|
| 315 | - return implode(', ', $list); |
|
| 316 | - } |
|
| 317 | - |
|
| 318 | - /** |
|
| 319 | - * Retrieves object reference to the HTML definition. |
|
| 320 | - * @param $raw Return a copy that has not been setup yet. Must be |
|
| 321 | - * called before it's been setup, otherwise won't work. |
|
| 322 | - * @param $optimized If true, this method may return null, to |
|
| 323 | - * indicate that a cached version of the modified |
|
| 324 | - * definition object is available and no further edits |
|
| 325 | - * are necessary. Consider using |
|
| 326 | - * maybeGetRawHTMLDefinition, which is more explicitly |
|
| 327 | - * named, instead. |
|
| 328 | - */ |
|
| 329 | - public function getHTMLDefinition($raw = false, $optimized = false) { |
|
| 330 | - return $this->getDefinition('HTML', $raw, $optimized); |
|
| 331 | - } |
|
| 332 | - |
|
| 333 | - /** |
|
| 334 | - * Retrieves object reference to the CSS definition |
|
| 335 | - * @param $raw Return a copy that has not been setup yet. Must be |
|
| 336 | - * called before it's been setup, otherwise won't work. |
|
| 337 | - * @param $optimized If true, this method may return null, to |
|
| 338 | - * indicate that a cached version of the modified |
|
| 339 | - * definition object is available and no further edits |
|
| 340 | - * are necessary. Consider using |
|
| 341 | - * maybeGetRawCSSDefinition, which is more explicitly |
|
| 342 | - * named, instead. |
|
| 343 | - */ |
|
| 344 | - public function getCSSDefinition($raw = false, $optimized = false) { |
|
| 345 | - return $this->getDefinition('CSS', $raw, $optimized); |
|
| 346 | - } |
|
| 347 | - |
|
| 348 | - /** |
|
| 349 | - * Retrieves object reference to the URI definition |
|
| 350 | - * @param $raw Return a copy that has not been setup yet. Must be |
|
| 351 | - * called before it's been setup, otherwise won't work. |
|
| 352 | - * @param $optimized If true, this method may return null, to |
|
| 353 | - * indicate that a cached version of the modified |
|
| 354 | - * definition object is available and no further edits |
|
| 355 | - * are necessary. Consider using |
|
| 356 | - * maybeGetRawURIDefinition, which is more explicitly |
|
| 357 | - * named, instead. |
|
| 358 | - */ |
|
| 359 | - public function getURIDefinition($raw = false, $optimized = false) { |
|
| 360 | - return $this->getDefinition('URI', $raw, $optimized); |
|
| 361 | - } |
|
| 362 | - |
|
| 363 | - /** |
|
| 364 | - * Retrieves a definition |
|
| 365 | - * @param $type Type of definition: HTML, CSS, etc |
|
| 366 | - * @param $raw Whether or not definition should be returned raw |
|
| 367 | - * @param $optimized Only has an effect when $raw is true. Whether |
|
| 368 | - * or not to return null if the result is already present in |
|
| 369 | - * the cache. This is off by default for backwards |
|
| 370 | - * compatibility reasons, but you need to do things this |
|
| 371 | - * way in order to ensure that caching is done properly. |
|
| 372 | - * Check out enduser-customize.html for more details. |
|
| 373 | - * We probably won't ever change this default, as much as the |
|
| 374 | - * maybe semantics is the "right thing to do." |
|
| 375 | - */ |
|
| 376 | - public function getDefinition($type, $raw = false, $optimized = false) { |
|
| 377 | - if ($optimized && !$raw) { |
|
| 378 | - throw new HTMLPurifier_Exception("Cannot set optimized = true when raw = false"); |
|
| 379 | - } |
|
| 380 | - if (!$this->finalized) $this->autoFinalize(); |
|
| 381 | - // temporarily suspend locks, so we can handle recursive definition calls |
|
| 382 | - $lock = $this->lock; |
|
| 383 | - $this->lock = null; |
|
| 384 | - $factory = HTMLPurifier_DefinitionCacheFactory::instance(); |
|
| 385 | - $cache = $factory->create($type, $this); |
|
| 386 | - $this->lock = $lock; |
|
| 387 | - if (!$raw) { |
|
| 388 | - // full definition |
|
| 389 | - // --------------- |
|
| 390 | - // check if definition is in memory |
|
| 391 | - if (!empty($this->definitions[$type])) { |
|
| 392 | - $def = $this->definitions[$type]; |
|
| 393 | - // check if the definition is setup |
|
| 394 | - if ($def->setup) { |
|
| 395 | - return $def; |
|
| 396 | - } else { |
|
| 397 | - $def->setup($this); |
|
| 398 | - if ($def->optimized) $cache->add($def, $this); |
|
| 399 | - return $def; |
|
| 400 | - } |
|
| 401 | - } |
|
| 402 | - // check if definition is in cache |
|
| 403 | - $def = $cache->get($this); |
|
| 404 | - if ($def) { |
|
| 405 | - // definition in cache, save to memory and return it |
|
| 406 | - $this->definitions[$type] = $def; |
|
| 407 | - return $def; |
|
| 408 | - } |
|
| 409 | - // initialize it |
|
| 410 | - $def = $this->initDefinition($type); |
|
| 411 | - // set it up |
|
| 412 | - $this->lock = $type; |
|
| 413 | - $def->setup($this); |
|
| 414 | - $this->lock = null; |
|
| 415 | - // save in cache |
|
| 416 | - $cache->add($def, $this); |
|
| 417 | - // return it |
|
| 418 | - return $def; |
|
| 419 | - } else { |
|
| 420 | - // raw definition |
|
| 421 | - // -------------- |
|
| 422 | - // check preconditions |
|
| 423 | - $def = null; |
|
| 424 | - if ($optimized) { |
|
| 425 | - if (is_null($this->get($type . '.DefinitionID'))) { |
|
| 426 | - // fatally error out if definition ID not set |
|
| 427 | - throw new HTMLPurifier_Exception("Cannot retrieve raw version without specifying %$type.DefinitionID"); |
|
| 428 | - } |
|
| 429 | - } |
|
| 430 | - if (!empty($this->definitions[$type])) { |
|
| 431 | - $def = $this->definitions[$type]; |
|
| 432 | - if ($def->setup && !$optimized) { |
|
| 433 | - $extra = $this->chatty ? " (try moving this code block earlier in your initialization)" : ""; |
|
| 434 | - throw new HTMLPurifier_Exception("Cannot retrieve raw definition after it has already been setup" . $extra); |
|
| 435 | - } |
|
| 436 | - if ($def->optimized === null) { |
|
| 437 | - $extra = $this->chatty ? " (try flushing your cache)" : ""; |
|
| 438 | - throw new HTMLPurifier_Exception("Optimization status of definition is unknown" . $extra); |
|
| 439 | - } |
|
| 440 | - if ($def->optimized !== $optimized) { |
|
| 441 | - $msg = $optimized ? "optimized" : "unoptimized"; |
|
| 442 | - $extra = $this->chatty ? " (this backtrace is for the first inconsistent call, which was for a $msg raw definition)" : ""; |
|
| 443 | - throw new HTMLPurifier_Exception("Inconsistent use of optimized and unoptimized raw definition retrievals" . $extra); |
|
| 444 | - } |
|
| 445 | - } |
|
| 446 | - // check if definition was in memory |
|
| 447 | - if ($def) { |
|
| 448 | - if ($def->setup) { |
|
| 449 | - // invariant: $optimized === true (checked above) |
|
| 450 | - return null; |
|
| 451 | - } else { |
|
| 452 | - return $def; |
|
| 453 | - } |
|
| 454 | - } |
|
| 455 | - // if optimized, check if definition was in cache |
|
| 456 | - // (because we do the memory check first, this formulation |
|
| 457 | - // is prone to cache slamming, but I think |
|
| 458 | - // guaranteeing that either /all/ of the raw |
|
| 459 | - // setup code or /none/ of it is run is more important.) |
|
| 460 | - if ($optimized) { |
|
| 461 | - // This code path only gets run once; once we put |
|
| 462 | - // something in $definitions (which is guaranteed by the |
|
| 463 | - // trailing code), we always short-circuit above. |
|
| 464 | - $def = $cache->get($this); |
|
| 465 | - if ($def) { |
|
| 466 | - // save the full definition for later, but don't |
|
| 467 | - // return it yet |
|
| 468 | - $this->definitions[$type] = $def; |
|
| 469 | - return null; |
|
| 470 | - } |
|
| 471 | - } |
|
| 472 | - // check invariants for creation |
|
| 473 | - if (!$optimized) { |
|
| 474 | - if (!is_null($this->get($type . '.DefinitionID'))) { |
|
| 475 | - if ($this->chatty) { |
|
| 476 | - $this->triggerError("Due to a documentation error in previous version of HTML Purifier, your definitions are not being cached. If this is OK, you can remove the %$type.DefinitionRev and %$type.DefinitionID declaration. Otherwise, modify your code to use maybeGetRawDefinition, and test if the returned value is null before making any edits (if it is null, that means that a cached version is available, and no raw operations are necessary). See <a href='http://htmlpurifier.org/docs/enduser-customize.html#optimized'>Customize</a> for more details", E_USER_WARNING); |
|
| 477 | - } else { |
|
| 478 | - $this->triggerError("Useless DefinitionID declaration", E_USER_WARNING); |
|
| 479 | - } |
|
| 480 | - } |
|
| 481 | - } |
|
| 482 | - // initialize it |
|
| 483 | - $def = $this->initDefinition($type); |
|
| 484 | - $def->optimized = $optimized; |
|
| 485 | - return $def; |
|
| 486 | - } |
|
| 487 | - throw new HTMLPurifier_Exception("The impossible happened!"); |
|
| 488 | - } |
|
| 489 | - |
|
| 490 | - private function initDefinition($type) { |
|
| 491 | - // quick checks failed, let's create the object |
|
| 492 | - if ($type == 'HTML') { |
|
| 493 | - $def = new HTMLPurifier_HTMLDefinition(); |
|
| 494 | - } elseif ($type == 'CSS') { |
|
| 495 | - $def = new HTMLPurifier_CSSDefinition(); |
|
| 496 | - } elseif ($type == 'URI') { |
|
| 497 | - $def = new HTMLPurifier_URIDefinition(); |
|
| 498 | - } else { |
|
| 499 | - throw new HTMLPurifier_Exception("Definition of $type type not supported"); |
|
| 500 | - } |
|
| 501 | - $this->definitions[$type] = $def; |
|
| 502 | - return $def; |
|
| 503 | - } |
|
| 504 | - |
|
| 505 | - public function maybeGetRawDefinition($name) { |
|
| 506 | - return $this->getDefinition($name, true, true); |
|
| 507 | - } |
|
| 508 | - |
|
| 509 | - public function maybeGetRawHTMLDefinition() { |
|
| 510 | - return $this->getDefinition('HTML', true, true); |
|
| 511 | - } |
|
| 512 | - |
|
| 513 | - public function maybeGetRawCSSDefinition() { |
|
| 514 | - return $this->getDefinition('CSS', true, true); |
|
| 515 | - } |
|
| 516 | - |
|
| 517 | - public function maybeGetRawURIDefinition() { |
|
| 518 | - return $this->getDefinition('URI', true, true); |
|
| 519 | - } |
|
| 520 | - |
|
| 521 | - /** |
|
| 522 | - * Loads configuration values from an array with the following structure: |
|
| 523 | - * Namespace.Directive => Value |
|
| 524 | - * @param $config_array Configuration associative array |
|
| 525 | - */ |
|
| 526 | - public function loadArray($config_array) { |
|
| 527 | - if ($this->isFinalized('Cannot load directives after finalization')) return; |
|
| 528 | - foreach ($config_array as $key => $value) { |
|
| 529 | - $key = str_replace('_', '.', $key); |
|
| 530 | - if (strpos($key, '.') !== false) { |
|
| 531 | - $this->set($key, $value); |
|
| 532 | - } else { |
|
| 533 | - $namespace = $key; |
|
| 534 | - $namespace_values = $value; |
|
| 535 | - foreach ($namespace_values as $directive => $value) { |
|
| 536 | - $this->set($namespace .'.'. $directive, $value); |
|
| 537 | - } |
|
| 538 | - } |
|
| 539 | - } |
|
| 540 | - } |
|
| 541 | - |
|
| 542 | - /** |
|
| 543 | - * Returns a list of array(namespace, directive) for all directives |
|
| 544 | - * that are allowed in a web-form context as per an allowed |
|
| 545 | - * namespaces/directives list. |
|
| 546 | - * @param $allowed List of allowed namespaces/directives |
|
| 547 | - */ |
|
| 548 | - public static function getAllowedDirectivesForForm($allowed, $schema = null) { |
|
| 549 | - if (!$schema) { |
|
| 550 | - $schema = HTMLPurifier_ConfigSchema::instance(); |
|
| 551 | - } |
|
| 552 | - if ($allowed !== true) { |
|
| 553 | - if (is_string($allowed)) $allowed = array($allowed); |
|
| 554 | - $allowed_ns = array(); |
|
| 555 | - $allowed_directives = array(); |
|
| 556 | - $blacklisted_directives = array(); |
|
| 557 | - foreach ($allowed as $ns_or_directive) { |
|
| 558 | - if (strpos($ns_or_directive, '.') !== false) { |
|
| 559 | - // directive |
|
| 560 | - if ($ns_or_directive[0] == '-') { |
|
| 561 | - $blacklisted_directives[substr($ns_or_directive, 1)] = true; |
|
| 562 | - } else { |
|
| 563 | - $allowed_directives[$ns_or_directive] = true; |
|
| 564 | - } |
|
| 565 | - } else { |
|
| 566 | - // namespace |
|
| 567 | - $allowed_ns[$ns_or_directive] = true; |
|
| 568 | - } |
|
| 569 | - } |
|
| 570 | - } |
|
| 571 | - $ret = array(); |
|
| 572 | - foreach ($schema->info as $key => $def) { |
|
| 573 | - list($ns, $directive) = explode('.', $key, 2); |
|
| 574 | - if ($allowed !== true) { |
|
| 575 | - if (isset($blacklisted_directives["$ns.$directive"])) continue; |
|
| 576 | - if (!isset($allowed_directives["$ns.$directive"]) && !isset($allowed_ns[$ns])) continue; |
|
| 577 | - } |
|
| 578 | - if (isset($def->isAlias)) continue; |
|
| 579 | - if ($directive == 'DefinitionID' || $directive == 'DefinitionRev') continue; |
|
| 580 | - $ret[] = array($ns, $directive); |
|
| 581 | - } |
|
| 582 | - return $ret; |
|
| 583 | - } |
|
| 584 | - |
|
| 585 | - /** |
|
| 586 | - * Loads configuration values from $_GET/$_POST that were posted |
|
| 587 | - * via ConfigForm |
|
| 588 | - * @param $array $_GET or $_POST array to import |
|
| 589 | - * @param $index Index/name that the config variables are in |
|
| 590 | - * @param $allowed List of allowed namespaces/directives |
|
| 591 | - * @param $mq_fix Boolean whether or not to enable magic quotes fix |
|
| 592 | - * @param $schema Instance of HTMLPurifier_ConfigSchema to use, if not global copy |
|
| 593 | - */ |
|
| 594 | - public static function loadArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { |
|
| 595 | - $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $schema); |
|
| 596 | - $config = HTMLPurifier_Config::create($ret, $schema); |
|
| 597 | - return $config; |
|
| 598 | - } |
|
| 599 | - |
|
| 600 | - /** |
|
| 601 | - * Merges in configuration values from $_GET/$_POST to object. NOT STATIC. |
|
| 602 | - * @note Same parameters as loadArrayFromForm |
|
| 603 | - */ |
|
| 604 | - public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) { |
|
| 605 | - $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $this->def); |
|
| 606 | - $this->loadArray($ret); |
|
| 607 | - } |
|
| 608 | - |
|
| 609 | - /** |
|
| 610 | - * Prepares an array from a form into something usable for the more |
|
| 611 | - * strict parts of HTMLPurifier_Config |
|
| 612 | - */ |
|
| 613 | - public static function prepareArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { |
|
| 614 | - if ($index !== false) $array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array(); |
|
| 615 | - $mq = $mq_fix && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc(); |
|
| 616 | - |
|
| 617 | - $allowed = HTMLPurifier_Config::getAllowedDirectivesForForm($allowed, $schema); |
|
| 618 | - $ret = array(); |
|
| 619 | - foreach ($allowed as $key) { |
|
| 620 | - list($ns, $directive) = $key; |
|
| 621 | - $skey = "$ns.$directive"; |
|
| 622 | - if (!empty($array["Null_$skey"])) { |
|
| 623 | - $ret[$ns][$directive] = null; |
|
| 624 | - continue; |
|
| 625 | - } |
|
| 626 | - if (!isset($array[$skey])) continue; |
|
| 627 | - $value = $mq ? stripslashes($array[$skey]) : $array[$skey]; |
|
| 628 | - $ret[$ns][$directive] = $value; |
|
| 629 | - } |
|
| 630 | - return $ret; |
|
| 631 | - } |
|
| 632 | - |
|
| 633 | - /** |
|
| 634 | - * Loads configuration values from an ini file |
|
| 635 | - * @param $filename Name of ini file |
|
| 636 | - */ |
|
| 637 | - public function loadIni($filename) { |
|
| 638 | - if ($this->isFinalized('Cannot load directives after finalization')) return; |
|
| 639 | - $array = parse_ini_file($filename, true); |
|
| 640 | - $this->loadArray($array); |
|
| 641 | - } |
|
| 642 | - |
|
| 643 | - /** |
|
| 644 | - * Checks whether or not the configuration object is finalized. |
|
| 645 | - * @param $error String error message, or false for no error |
|
| 646 | - */ |
|
| 647 | - public function isFinalized($error = false) { |
|
| 648 | - if ($this->finalized && $error) { |
|
| 649 | - $this->triggerError($error, E_USER_ERROR); |
|
| 650 | - } |
|
| 651 | - return $this->finalized; |
|
| 652 | - } |
|
| 653 | - |
|
| 654 | - /** |
|
| 655 | - * Finalizes configuration only if auto finalize is on and not |
|
| 656 | - * already finalized |
|
| 657 | - */ |
|
| 658 | - public function autoFinalize() { |
|
| 659 | - if ($this->autoFinalize) { |
|
| 660 | - $this->finalize(); |
|
| 661 | - } else { |
|
| 662 | - $this->plist->squash(true); |
|
| 663 | - } |
|
| 664 | - } |
|
| 665 | - |
|
| 666 | - /** |
|
| 667 | - * Finalizes a configuration object, prohibiting further change |
|
| 668 | - */ |
|
| 669 | - public function finalize() { |
|
| 670 | - $this->finalized = true; |
|
| 671 | - $this->parser = null; |
|
| 672 | - } |
|
| 673 | - |
|
| 674 | - /** |
|
| 675 | - * Produces a nicely formatted error message by supplying the |
|
| 676 | - * stack frame information OUTSIDE of HTMLPurifier_Config. |
|
| 677 | - */ |
|
| 678 | - protected function triggerError($msg, $no) { |
|
| 679 | - // determine previous stack frame |
|
| 680 | - $extra = ''; |
|
| 681 | - if ($this->chatty) { |
|
| 682 | - $trace = debug_backtrace(); |
|
| 683 | - // zip(tail(trace), trace) -- but PHP is not Haskell har har |
|
| 684 | - for ($i = 0, $c = count($trace); $i < $c - 1; $i++) { |
|
| 685 | - if ($trace[$i + 1]['class'] === 'HTMLPurifier_Config') { |
|
| 686 | - continue; |
|
| 687 | - } |
|
| 688 | - $frame = $trace[$i]; |
|
| 689 | - $extra = " invoked on line {$frame['line']} in file {$frame['file']}"; |
|
| 690 | - break; |
|
| 691 | - } |
|
| 692 | - } |
|
| 693 | - trigger_error($msg . $extra, $no); |
|
| 694 | - } |
|
| 695 | - |
|
| 696 | - /** |
|
| 697 | - * Returns a serialized form of the configuration object that can |
|
| 698 | - * be reconstituted. |
|
| 699 | - */ |
|
| 700 | - public function serialize() { |
|
| 701 | - $this->getDefinition('HTML'); |
|
| 702 | - $this->getDefinition('CSS'); |
|
| 703 | - $this->getDefinition('URI'); |
|
| 704 | - return serialize($this); |
|
| 705 | - } |
|
| 20 | + /** |
|
| 21 | + * HTML Purifier's version |
|
| 22 | + */ |
|
| 23 | + public $version = '4.4.0'; |
|
| 24 | + |
|
| 25 | + /** |
|
| 26 | + * Bool indicator whether or not to automatically finalize |
|
| 27 | + * the object if a read operation is done |
|
| 28 | + */ |
|
| 29 | + public $autoFinalize = true; |
|
| 30 | + |
|
| 31 | + // protected member variables |
|
| 32 | + |
|
| 33 | + /** |
|
| 34 | + * Namespace indexed array of serials for specific namespaces (see |
|
| 35 | + * getSerial() for more info). |
|
| 36 | + */ |
|
| 37 | + protected $serials = array(); |
|
| 38 | + |
|
| 39 | + /** |
|
| 40 | + * Serial for entire configuration object |
|
| 41 | + */ |
|
| 42 | + protected $serial; |
|
| 43 | + |
|
| 44 | + /** |
|
| 45 | + * Parser for variables |
|
| 46 | + */ |
|
| 47 | + protected $parser = null; |
|
| 48 | + |
|
| 49 | + /** |
|
| 50 | + * Reference HTMLPurifier_ConfigSchema for value checking |
|
| 51 | + * @note This is public for introspective purposes. Please don't |
|
| 52 | + * abuse! |
|
| 53 | + */ |
|
| 54 | + public $def; |
|
| 55 | + |
|
| 56 | + /** |
|
| 57 | + * Indexed array of definitions |
|
| 58 | + */ |
|
| 59 | + protected $definitions; |
|
| 60 | + |
|
| 61 | + /** |
|
| 62 | + * Bool indicator whether or not config is finalized |
|
| 63 | + */ |
|
| 64 | + protected $finalized = false; |
|
| 65 | + |
|
| 66 | + /** |
|
| 67 | + * Property list containing configuration directives. |
|
| 68 | + */ |
|
| 69 | + protected $plist; |
|
| 70 | + |
|
| 71 | + /** |
|
| 72 | + * Whether or not a set is taking place due to an |
|
| 73 | + * alias lookup. |
|
| 74 | + */ |
|
| 75 | + private $aliasMode; |
|
| 76 | + |
|
| 77 | + /** |
|
| 78 | + * Set to false if you do not want line and file numbers in errors |
|
| 79 | + * (useful when unit testing). This will also compress some errors |
|
| 80 | + * and exceptions. |
|
| 81 | + */ |
|
| 82 | + public $chatty = true; |
|
| 83 | + |
|
| 84 | + /** |
|
| 85 | + * Current lock; only gets to this namespace are allowed. |
|
| 86 | + */ |
|
| 87 | + private $lock; |
|
| 88 | + |
|
| 89 | + /** |
|
| 90 | + * @param $definition HTMLPurifier_ConfigSchema that defines what directives |
|
| 91 | + * are allowed. |
|
| 92 | + */ |
|
| 93 | + public function __construct($definition, $parent = null) { |
|
| 94 | + $parent = $parent ? $parent : $definition->defaultPlist; |
|
| 95 | + $this->plist = new HTMLPurifier_PropertyList($parent); |
|
| 96 | + $this->def = $definition; // keep a copy around for checking |
|
| 97 | + $this->parser = new HTMLPurifier_VarParser_Flexible(); |
|
| 98 | + } |
|
| 99 | + |
|
| 100 | + /** |
|
| 101 | + * Convenience constructor that creates a config object based on a mixed var |
|
| 102 | + * @param mixed $config Variable that defines the state of the config |
|
| 103 | + * object. Can be: a HTMLPurifier_Config() object, |
|
| 104 | + * an array of directives based on loadArray(), |
|
| 105 | + * or a string filename of an ini file. |
|
| 106 | + * @param HTMLPurifier_ConfigSchema Schema object |
|
| 107 | + * @return Configured HTMLPurifier_Config object |
|
| 108 | + */ |
|
| 109 | + public static function create($config, $schema = null) { |
|
| 110 | + if ($config instanceof HTMLPurifier_Config) { |
|
| 111 | + // pass-through |
|
| 112 | + return $config; |
|
| 113 | + } |
|
| 114 | + if (!$schema) { |
|
| 115 | + $ret = HTMLPurifier_Config::createDefault(); |
|
| 116 | + } else { |
|
| 117 | + $ret = new HTMLPurifier_Config($schema); |
|
| 118 | + } |
|
| 119 | + if (is_string($config)) $ret->loadIni($config); |
|
| 120 | + elseif (is_array($config)) $ret->loadArray($config); |
|
| 121 | + return $ret; |
|
| 122 | + } |
|
| 123 | + |
|
| 124 | + /** |
|
| 125 | + * Creates a new config object that inherits from a previous one. |
|
| 126 | + * @param HTMLPurifier_Config $config Configuration object to inherit |
|
| 127 | + * from. |
|
| 128 | + * @return HTMLPurifier_Config object with $config as its parent. |
|
| 129 | + */ |
|
| 130 | + public static function inherit(HTMLPurifier_Config $config) { |
|
| 131 | + return new HTMLPurifier_Config($config->def, $config->plist); |
|
| 132 | + } |
|
| 133 | + |
|
| 134 | + /** |
|
| 135 | + * Convenience constructor that creates a default configuration object. |
|
| 136 | + * @return Default HTMLPurifier_Config object. |
|
| 137 | + */ |
|
| 138 | + public static function createDefault() { |
|
| 139 | + $definition = HTMLPurifier_ConfigSchema::instance(); |
|
| 140 | + $config = new HTMLPurifier_Config($definition); |
|
| 141 | + return $config; |
|
| 142 | + } |
|
| 143 | + |
|
| 144 | + /** |
|
| 145 | + * Retreives a value from the configuration. |
|
| 146 | + * @param $key String key |
|
| 147 | + */ |
|
| 148 | + public function get($key, $a = null) { |
|
| 149 | + if ($a !== null) { |
|
| 150 | + $this->triggerError("Using deprecated API: use \$config->get('$key.$a') instead", E_USER_WARNING); |
|
| 151 | + $key = "$key.$a"; |
|
| 152 | + } |
|
| 153 | + if (!$this->finalized) $this->autoFinalize(); |
|
| 154 | + if (!isset($this->def->info[$key])) { |
|
| 155 | + // can't add % due to SimpleTest bug |
|
| 156 | + $this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
|
| 157 | + E_USER_WARNING); |
|
| 158 | + return; |
|
| 159 | + } |
|
| 160 | + if (isset($this->def->info[$key]->isAlias)) { |
|
| 161 | + $d = $this->def->info[$key]; |
|
| 162 | + $this->triggerError('Cannot get value from aliased directive, use real name ' . $d->key, |
|
| 163 | + E_USER_ERROR); |
|
| 164 | + return; |
|
| 165 | + } |
|
| 166 | + if ($this->lock) { |
|
| 167 | + list($ns) = explode('.', $key); |
|
| 168 | + if ($ns !== $this->lock) { |
|
| 169 | + $this->triggerError('Cannot get value of namespace ' . $ns . ' when lock for ' . $this->lock . ' is active, this probably indicates a Definition setup method is accessing directives that are not within its namespace', E_USER_ERROR); |
|
| 170 | + return; |
|
| 171 | + } |
|
| 172 | + } |
|
| 173 | + return $this->plist->get($key); |
|
| 174 | + } |
|
| 175 | + |
|
| 176 | + /** |
|
| 177 | + * Retreives an array of directives to values from a given namespace |
|
| 178 | + * @param $namespace String namespace |
|
| 179 | + */ |
|
| 180 | + public function getBatch($namespace) { |
|
| 181 | + if (!$this->finalized) $this->autoFinalize(); |
|
| 182 | + $full = $this->getAll(); |
|
| 183 | + if (!isset($full[$namespace])) { |
|
| 184 | + $this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
|
| 185 | + E_USER_WARNING); |
|
| 186 | + return; |
|
| 187 | + } |
|
| 188 | + return $full[$namespace]; |
|
| 189 | + } |
|
| 190 | + |
|
| 191 | + /** |
|
| 192 | + * Returns a md5 signature of a segment of the configuration object |
|
| 193 | + * that uniquely identifies that particular configuration |
|
| 194 | + * @note Revision is handled specially and is removed from the batch |
|
| 195 | + * before processing! |
|
| 196 | + * @param $namespace Namespace to get serial for |
|
| 197 | + */ |
|
| 198 | + public function getBatchSerial($namespace) { |
|
| 199 | + if (empty($this->serials[$namespace])) { |
|
| 200 | + $batch = $this->getBatch($namespace); |
|
| 201 | + unset($batch['DefinitionRev']); |
|
| 202 | + $this->serials[$namespace] = md5(serialize($batch)); |
|
| 203 | + } |
|
| 204 | + return $this->serials[$namespace]; |
|
| 205 | + } |
|
| 206 | + |
|
| 207 | + /** |
|
| 208 | + * Returns a md5 signature for the entire configuration object |
|
| 209 | + * that uniquely identifies that particular configuration |
|
| 210 | + */ |
|
| 211 | + public function getSerial() { |
|
| 212 | + if (empty($this->serial)) { |
|
| 213 | + $this->serial = md5(serialize($this->getAll())); |
|
| 214 | + } |
|
| 215 | + return $this->serial; |
|
| 216 | + } |
|
| 217 | + |
|
| 218 | + /** |
|
| 219 | + * Retrieves all directives, organized by namespace |
|
| 220 | + * @warning This is a pretty inefficient function, avoid if you can |
|
| 221 | + */ |
|
| 222 | + public function getAll() { |
|
| 223 | + if (!$this->finalized) $this->autoFinalize(); |
|
| 224 | + $ret = array(); |
|
| 225 | + foreach ($this->plist->squash() as $name => $value) { |
|
| 226 | + list($ns, $key) = explode('.', $name, 2); |
|
| 227 | + $ret[$ns][$key] = $value; |
|
| 228 | + } |
|
| 229 | + return $ret; |
|
| 230 | + } |
|
| 231 | + |
|
| 232 | + /** |
|
| 233 | + * Sets a value to configuration. |
|
| 234 | + * @param $key String key |
|
| 235 | + * @param $value Mixed value |
|
| 236 | + */ |
|
| 237 | + public function set($key, $value, $a = null) { |
|
| 238 | + if (strpos($key, '.') === false) { |
|
| 239 | + $namespace = $key; |
|
| 240 | + $directive = $value; |
|
| 241 | + $value = $a; |
|
| 242 | + $key = "$key.$directive"; |
|
| 243 | + $this->triggerError("Using deprecated API: use \$config->set('$key', ...) instead", E_USER_NOTICE); |
|
| 244 | + } else { |
|
| 245 | + list($namespace) = explode('.', $key); |
|
| 246 | + } |
|
| 247 | + if ($this->isFinalized('Cannot set directive after finalization')) return; |
|
| 248 | + if (!isset($this->def->info[$key])) { |
|
| 249 | + $this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false) . ' to value', |
|
| 250 | + E_USER_WARNING); |
|
| 251 | + return; |
|
| 252 | + } |
|
| 253 | + $def = $this->def->info[$key]; |
|
| 254 | + |
|
| 255 | + if (isset($def->isAlias)) { |
|
| 256 | + if ($this->aliasMode) { |
|
| 257 | + $this->triggerError('Double-aliases not allowed, please fix '. |
|
| 258 | + 'ConfigSchema bug with' . $key, E_USER_ERROR); |
|
| 259 | + return; |
|
| 260 | + } |
|
| 261 | + $this->aliasMode = true; |
|
| 262 | + $this->set($def->key, $value); |
|
| 263 | + $this->aliasMode = false; |
|
| 264 | + $this->triggerError("$key is an alias, preferred directive name is {$def->key}", E_USER_NOTICE); |
|
| 265 | + return; |
|
| 266 | + } |
|
| 267 | + |
|
| 268 | + // Raw type might be negative when using the fully optimized form |
|
| 269 | + // of stdclass, which indicates allow_null == true |
|
| 270 | + $rtype = is_int($def) ? $def : $def->type; |
|
| 271 | + if ($rtype < 0) { |
|
| 272 | + $type = -$rtype; |
|
| 273 | + $allow_null = true; |
|
| 274 | + } else { |
|
| 275 | + $type = $rtype; |
|
| 276 | + $allow_null = isset($def->allow_null); |
|
| 277 | + } |
|
| 278 | + |
|
| 279 | + try { |
|
| 280 | + $value = $this->parser->parse($value, $type, $allow_null); |
|
| 281 | + } catch (HTMLPurifier_VarParserException $e) { |
|
| 282 | + $this->triggerError('Value for ' . $key . ' is of invalid type, should be ' . HTMLPurifier_VarParser::getTypeName($type), E_USER_WARNING); |
|
| 283 | + return; |
|
| 284 | + } |
|
| 285 | + if (is_string($value) && is_object($def)) { |
|
| 286 | + // resolve value alias if defined |
|
| 287 | + if (isset($def->aliases[$value])) { |
|
| 288 | + $value = $def->aliases[$value]; |
|
| 289 | + } |
|
| 290 | + // check to see if the value is allowed |
|
| 291 | + if (isset($def->allowed) && !isset($def->allowed[$value])) { |
|
| 292 | + $this->triggerError('Value not supported, valid values are: ' . |
|
| 293 | + $this->_listify($def->allowed), E_USER_WARNING); |
|
| 294 | + return; |
|
| 295 | + } |
|
| 296 | + } |
|
| 297 | + $this->plist->set($key, $value); |
|
| 298 | + |
|
| 299 | + // reset definitions if the directives they depend on changed |
|
| 300 | + // this is a very costly process, so it's discouraged |
|
| 301 | + // with finalization |
|
| 302 | + if ($namespace == 'HTML' || $namespace == 'CSS' || $namespace == 'URI') { |
|
| 303 | + $this->definitions[$namespace] = null; |
|
| 304 | + } |
|
| 305 | + |
|
| 306 | + $this->serials[$namespace] = false; |
|
| 307 | + } |
|
| 308 | + |
|
| 309 | + /** |
|
| 310 | + * Convenience function for error reporting |
|
| 311 | + */ |
|
| 312 | + private function _listify($lookup) { |
|
| 313 | + $list = array(); |
|
| 314 | + foreach ($lookup as $name => $b) $list[] = $name; |
|
| 315 | + return implode(', ', $list); |
|
| 316 | + } |
|
| 317 | + |
|
| 318 | + /** |
|
| 319 | + * Retrieves object reference to the HTML definition. |
|
| 320 | + * @param $raw Return a copy that has not been setup yet. Must be |
|
| 321 | + * called before it's been setup, otherwise won't work. |
|
| 322 | + * @param $optimized If true, this method may return null, to |
|
| 323 | + * indicate that a cached version of the modified |
|
| 324 | + * definition object is available and no further edits |
|
| 325 | + * are necessary. Consider using |
|
| 326 | + * maybeGetRawHTMLDefinition, which is more explicitly |
|
| 327 | + * named, instead. |
|
| 328 | + */ |
|
| 329 | + public function getHTMLDefinition($raw = false, $optimized = false) { |
|
| 330 | + return $this->getDefinition('HTML', $raw, $optimized); |
|
| 331 | + } |
|
| 332 | + |
|
| 333 | + /** |
|
| 334 | + * Retrieves object reference to the CSS definition |
|
| 335 | + * @param $raw Return a copy that has not been setup yet. Must be |
|
| 336 | + * called before it's been setup, otherwise won't work. |
|
| 337 | + * @param $optimized If true, this method may return null, to |
|
| 338 | + * indicate that a cached version of the modified |
|
| 339 | + * definition object is available and no further edits |
|
| 340 | + * are necessary. Consider using |
|
| 341 | + * maybeGetRawCSSDefinition, which is more explicitly |
|
| 342 | + * named, instead. |
|
| 343 | + */ |
|
| 344 | + public function getCSSDefinition($raw = false, $optimized = false) { |
|
| 345 | + return $this->getDefinition('CSS', $raw, $optimized); |
|
| 346 | + } |
|
| 347 | + |
|
| 348 | + /** |
|
| 349 | + * Retrieves object reference to the URI definition |
|
| 350 | + * @param $raw Return a copy that has not been setup yet. Must be |
|
| 351 | + * called before it's been setup, otherwise won't work. |
|
| 352 | + * @param $optimized If true, this method may return null, to |
|
| 353 | + * indicate that a cached version of the modified |
|
| 354 | + * definition object is available and no further edits |
|
| 355 | + * are necessary. Consider using |
|
| 356 | + * maybeGetRawURIDefinition, which is more explicitly |
|
| 357 | + * named, instead. |
|
| 358 | + */ |
|
| 359 | + public function getURIDefinition($raw = false, $optimized = false) { |
|
| 360 | + return $this->getDefinition('URI', $raw, $optimized); |
|
| 361 | + } |
|
| 362 | + |
|
| 363 | + /** |
|
| 364 | + * Retrieves a definition |
|
| 365 | + * @param $type Type of definition: HTML, CSS, etc |
|
| 366 | + * @param $raw Whether or not definition should be returned raw |
|
| 367 | + * @param $optimized Only has an effect when $raw is true. Whether |
|
| 368 | + * or not to return null if the result is already present in |
|
| 369 | + * the cache. This is off by default for backwards |
|
| 370 | + * compatibility reasons, but you need to do things this |
|
| 371 | + * way in order to ensure that caching is done properly. |
|
| 372 | + * Check out enduser-customize.html for more details. |
|
| 373 | + * We probably won't ever change this default, as much as the |
|
| 374 | + * maybe semantics is the "right thing to do." |
|
| 375 | + */ |
|
| 376 | + public function getDefinition($type, $raw = false, $optimized = false) { |
|
| 377 | + if ($optimized && !$raw) { |
|
| 378 | + throw new HTMLPurifier_Exception("Cannot set optimized = true when raw = false"); |
|
| 379 | + } |
|
| 380 | + if (!$this->finalized) $this->autoFinalize(); |
|
| 381 | + // temporarily suspend locks, so we can handle recursive definition calls |
|
| 382 | + $lock = $this->lock; |
|
| 383 | + $this->lock = null; |
|
| 384 | + $factory = HTMLPurifier_DefinitionCacheFactory::instance(); |
|
| 385 | + $cache = $factory->create($type, $this); |
|
| 386 | + $this->lock = $lock; |
|
| 387 | + if (!$raw) { |
|
| 388 | + // full definition |
|
| 389 | + // --------------- |
|
| 390 | + // check if definition is in memory |
|
| 391 | + if (!empty($this->definitions[$type])) { |
|
| 392 | + $def = $this->definitions[$type]; |
|
| 393 | + // check if the definition is setup |
|
| 394 | + if ($def->setup) { |
|
| 395 | + return $def; |
|
| 396 | + } else { |
|
| 397 | + $def->setup($this); |
|
| 398 | + if ($def->optimized) $cache->add($def, $this); |
|
| 399 | + return $def; |
|
| 400 | + } |
|
| 401 | + } |
|
| 402 | + // check if definition is in cache |
|
| 403 | + $def = $cache->get($this); |
|
| 404 | + if ($def) { |
|
| 405 | + // definition in cache, save to memory and return it |
|
| 406 | + $this->definitions[$type] = $def; |
|
| 407 | + return $def; |
|
| 408 | + } |
|
| 409 | + // initialize it |
|
| 410 | + $def = $this->initDefinition($type); |
|
| 411 | + // set it up |
|
| 412 | + $this->lock = $type; |
|
| 413 | + $def->setup($this); |
|
| 414 | + $this->lock = null; |
|
| 415 | + // save in cache |
|
| 416 | + $cache->add($def, $this); |
|
| 417 | + // return it |
|
| 418 | + return $def; |
|
| 419 | + } else { |
|
| 420 | + // raw definition |
|
| 421 | + // -------------- |
|
| 422 | + // check preconditions |
|
| 423 | + $def = null; |
|
| 424 | + if ($optimized) { |
|
| 425 | + if (is_null($this->get($type . '.DefinitionID'))) { |
|
| 426 | + // fatally error out if definition ID not set |
|
| 427 | + throw new HTMLPurifier_Exception("Cannot retrieve raw version without specifying %$type.DefinitionID"); |
|
| 428 | + } |
|
| 429 | + } |
|
| 430 | + if (!empty($this->definitions[$type])) { |
|
| 431 | + $def = $this->definitions[$type]; |
|
| 432 | + if ($def->setup && !$optimized) { |
|
| 433 | + $extra = $this->chatty ? " (try moving this code block earlier in your initialization)" : ""; |
|
| 434 | + throw new HTMLPurifier_Exception("Cannot retrieve raw definition after it has already been setup" . $extra); |
|
| 435 | + } |
|
| 436 | + if ($def->optimized === null) { |
|
| 437 | + $extra = $this->chatty ? " (try flushing your cache)" : ""; |
|
| 438 | + throw new HTMLPurifier_Exception("Optimization status of definition is unknown" . $extra); |
|
| 439 | + } |
|
| 440 | + if ($def->optimized !== $optimized) { |
|
| 441 | + $msg = $optimized ? "optimized" : "unoptimized"; |
|
| 442 | + $extra = $this->chatty ? " (this backtrace is for the first inconsistent call, which was for a $msg raw definition)" : ""; |
|
| 443 | + throw new HTMLPurifier_Exception("Inconsistent use of optimized and unoptimized raw definition retrievals" . $extra); |
|
| 444 | + } |
|
| 445 | + } |
|
| 446 | + // check if definition was in memory |
|
| 447 | + if ($def) { |
|
| 448 | + if ($def->setup) { |
|
| 449 | + // invariant: $optimized === true (checked above) |
|
| 450 | + return null; |
|
| 451 | + } else { |
|
| 452 | + return $def; |
|
| 453 | + } |
|
| 454 | + } |
|
| 455 | + // if optimized, check if definition was in cache |
|
| 456 | + // (because we do the memory check first, this formulation |
|
| 457 | + // is prone to cache slamming, but I think |
|
| 458 | + // guaranteeing that either /all/ of the raw |
|
| 459 | + // setup code or /none/ of it is run is more important.) |
|
| 460 | + if ($optimized) { |
|
| 461 | + // This code path only gets run once; once we put |
|
| 462 | + // something in $definitions (which is guaranteed by the |
|
| 463 | + // trailing code), we always short-circuit above. |
|
| 464 | + $def = $cache->get($this); |
|
| 465 | + if ($def) { |
|
| 466 | + // save the full definition for later, but don't |
|
| 467 | + // return it yet |
|
| 468 | + $this->definitions[$type] = $def; |
|
| 469 | + return null; |
|
| 470 | + } |
|
| 471 | + } |
|
| 472 | + // check invariants for creation |
|
| 473 | + if (!$optimized) { |
|
| 474 | + if (!is_null($this->get($type . '.DefinitionID'))) { |
|
| 475 | + if ($this->chatty) { |
|
| 476 | + $this->triggerError("Due to a documentation error in previous version of HTML Purifier, your definitions are not being cached. If this is OK, you can remove the %$type.DefinitionRev and %$type.DefinitionID declaration. Otherwise, modify your code to use maybeGetRawDefinition, and test if the returned value is null before making any edits (if it is null, that means that a cached version is available, and no raw operations are necessary). See <a href='http://htmlpurifier.org/docs/enduser-customize.html#optimized'>Customize</a> for more details", E_USER_WARNING); |
|
| 477 | + } else { |
|
| 478 | + $this->triggerError("Useless DefinitionID declaration", E_USER_WARNING); |
|
| 479 | + } |
|
| 480 | + } |
|
| 481 | + } |
|
| 482 | + // initialize it |
|
| 483 | + $def = $this->initDefinition($type); |
|
| 484 | + $def->optimized = $optimized; |
|
| 485 | + return $def; |
|
| 486 | + } |
|
| 487 | + throw new HTMLPurifier_Exception("The impossible happened!"); |
|
| 488 | + } |
|
| 489 | + |
|
| 490 | + private function initDefinition($type) { |
|
| 491 | + // quick checks failed, let's create the object |
|
| 492 | + if ($type == 'HTML') { |
|
| 493 | + $def = new HTMLPurifier_HTMLDefinition(); |
|
| 494 | + } elseif ($type == 'CSS') { |
|
| 495 | + $def = new HTMLPurifier_CSSDefinition(); |
|
| 496 | + } elseif ($type == 'URI') { |
|
| 497 | + $def = new HTMLPurifier_URIDefinition(); |
|
| 498 | + } else { |
|
| 499 | + throw new HTMLPurifier_Exception("Definition of $type type not supported"); |
|
| 500 | + } |
|
| 501 | + $this->definitions[$type] = $def; |
|
| 502 | + return $def; |
|
| 503 | + } |
|
| 504 | + |
|
| 505 | + public function maybeGetRawDefinition($name) { |
|
| 506 | + return $this->getDefinition($name, true, true); |
|
| 507 | + } |
|
| 508 | + |
|
| 509 | + public function maybeGetRawHTMLDefinition() { |
|
| 510 | + return $this->getDefinition('HTML', true, true); |
|
| 511 | + } |
|
| 512 | + |
|
| 513 | + public function maybeGetRawCSSDefinition() { |
|
| 514 | + return $this->getDefinition('CSS', true, true); |
|
| 515 | + } |
|
| 516 | + |
|
| 517 | + public function maybeGetRawURIDefinition() { |
|
| 518 | + return $this->getDefinition('URI', true, true); |
|
| 519 | + } |
|
| 520 | + |
|
| 521 | + /** |
|
| 522 | + * Loads configuration values from an array with the following structure: |
|
| 523 | + * Namespace.Directive => Value |
|
| 524 | + * @param $config_array Configuration associative array |
|
| 525 | + */ |
|
| 526 | + public function loadArray($config_array) { |
|
| 527 | + if ($this->isFinalized('Cannot load directives after finalization')) return; |
|
| 528 | + foreach ($config_array as $key => $value) { |
|
| 529 | + $key = str_replace('_', '.', $key); |
|
| 530 | + if (strpos($key, '.') !== false) { |
|
| 531 | + $this->set($key, $value); |
|
| 532 | + } else { |
|
| 533 | + $namespace = $key; |
|
| 534 | + $namespace_values = $value; |
|
| 535 | + foreach ($namespace_values as $directive => $value) { |
|
| 536 | + $this->set($namespace .'.'. $directive, $value); |
|
| 537 | + } |
|
| 538 | + } |
|
| 539 | + } |
|
| 540 | + } |
|
| 541 | + |
|
| 542 | + /** |
|
| 543 | + * Returns a list of array(namespace, directive) for all directives |
|
| 544 | + * that are allowed in a web-form context as per an allowed |
|
| 545 | + * namespaces/directives list. |
|
| 546 | + * @param $allowed List of allowed namespaces/directives |
|
| 547 | + */ |
|
| 548 | + public static function getAllowedDirectivesForForm($allowed, $schema = null) { |
|
| 549 | + if (!$schema) { |
|
| 550 | + $schema = HTMLPurifier_ConfigSchema::instance(); |
|
| 551 | + } |
|
| 552 | + if ($allowed !== true) { |
|
| 553 | + if (is_string($allowed)) $allowed = array($allowed); |
|
| 554 | + $allowed_ns = array(); |
|
| 555 | + $allowed_directives = array(); |
|
| 556 | + $blacklisted_directives = array(); |
|
| 557 | + foreach ($allowed as $ns_or_directive) { |
|
| 558 | + if (strpos($ns_or_directive, '.') !== false) { |
|
| 559 | + // directive |
|
| 560 | + if ($ns_or_directive[0] == '-') { |
|
| 561 | + $blacklisted_directives[substr($ns_or_directive, 1)] = true; |
|
| 562 | + } else { |
|
| 563 | + $allowed_directives[$ns_or_directive] = true; |
|
| 564 | + } |
|
| 565 | + } else { |
|
| 566 | + // namespace |
|
| 567 | + $allowed_ns[$ns_or_directive] = true; |
|
| 568 | + } |
|
| 569 | + } |
|
| 570 | + } |
|
| 571 | + $ret = array(); |
|
| 572 | + foreach ($schema->info as $key => $def) { |
|
| 573 | + list($ns, $directive) = explode('.', $key, 2); |
|
| 574 | + if ($allowed !== true) { |
|
| 575 | + if (isset($blacklisted_directives["$ns.$directive"])) continue; |
|
| 576 | + if (!isset($allowed_directives["$ns.$directive"]) && !isset($allowed_ns[$ns])) continue; |
|
| 577 | + } |
|
| 578 | + if (isset($def->isAlias)) continue; |
|
| 579 | + if ($directive == 'DefinitionID' || $directive == 'DefinitionRev') continue; |
|
| 580 | + $ret[] = array($ns, $directive); |
|
| 581 | + } |
|
| 582 | + return $ret; |
|
| 583 | + } |
|
| 584 | + |
|
| 585 | + /** |
|
| 586 | + * Loads configuration values from $_GET/$_POST that were posted |
|
| 587 | + * via ConfigForm |
|
| 588 | + * @param $array $_GET or $_POST array to import |
|
| 589 | + * @param $index Index/name that the config variables are in |
|
| 590 | + * @param $allowed List of allowed namespaces/directives |
|
| 591 | + * @param $mq_fix Boolean whether or not to enable magic quotes fix |
|
| 592 | + * @param $schema Instance of HTMLPurifier_ConfigSchema to use, if not global copy |
|
| 593 | + */ |
|
| 594 | + public static function loadArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { |
|
| 595 | + $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $schema); |
|
| 596 | + $config = HTMLPurifier_Config::create($ret, $schema); |
|
| 597 | + return $config; |
|
| 598 | + } |
|
| 599 | + |
|
| 600 | + /** |
|
| 601 | + * Merges in configuration values from $_GET/$_POST to object. NOT STATIC. |
|
| 602 | + * @note Same parameters as loadArrayFromForm |
|
| 603 | + */ |
|
| 604 | + public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) { |
|
| 605 | + $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $this->def); |
|
| 606 | + $this->loadArray($ret); |
|
| 607 | + } |
|
| 608 | + |
|
| 609 | + /** |
|
| 610 | + * Prepares an array from a form into something usable for the more |
|
| 611 | + * strict parts of HTMLPurifier_Config |
|
| 612 | + */ |
|
| 613 | + public static function prepareArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { |
|
| 614 | + if ($index !== false) $array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array(); |
|
| 615 | + $mq = $mq_fix && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc(); |
|
| 616 | + |
|
| 617 | + $allowed = HTMLPurifier_Config::getAllowedDirectivesForForm($allowed, $schema); |
|
| 618 | + $ret = array(); |
|
| 619 | + foreach ($allowed as $key) { |
|
| 620 | + list($ns, $directive) = $key; |
|
| 621 | + $skey = "$ns.$directive"; |
|
| 622 | + if (!empty($array["Null_$skey"])) { |
|
| 623 | + $ret[$ns][$directive] = null; |
|
| 624 | + continue; |
|
| 625 | + } |
|
| 626 | + if (!isset($array[$skey])) continue; |
|
| 627 | + $value = $mq ? stripslashes($array[$skey]) : $array[$skey]; |
|
| 628 | + $ret[$ns][$directive] = $value; |
|
| 629 | + } |
|
| 630 | + return $ret; |
|
| 631 | + } |
|
| 632 | + |
|
| 633 | + /** |
|
| 634 | + * Loads configuration values from an ini file |
|
| 635 | + * @param $filename Name of ini file |
|
| 636 | + */ |
|
| 637 | + public function loadIni($filename) { |
|
| 638 | + if ($this->isFinalized('Cannot load directives after finalization')) return; |
|
| 639 | + $array = parse_ini_file($filename, true); |
|
| 640 | + $this->loadArray($array); |
|
| 641 | + } |
|
| 642 | + |
|
| 643 | + /** |
|
| 644 | + * Checks whether or not the configuration object is finalized. |
|
| 645 | + * @param $error String error message, or false for no error |
|
| 646 | + */ |
|
| 647 | + public function isFinalized($error = false) { |
|
| 648 | + if ($this->finalized && $error) { |
|
| 649 | + $this->triggerError($error, E_USER_ERROR); |
|
| 650 | + } |
|
| 651 | + return $this->finalized; |
|
| 652 | + } |
|
| 653 | + |
|
| 654 | + /** |
|
| 655 | + * Finalizes configuration only if auto finalize is on and not |
|
| 656 | + * already finalized |
|
| 657 | + */ |
|
| 658 | + public function autoFinalize() { |
|
| 659 | + if ($this->autoFinalize) { |
|
| 660 | + $this->finalize(); |
|
| 661 | + } else { |
|
| 662 | + $this->plist->squash(true); |
|
| 663 | + } |
|
| 664 | + } |
|
| 665 | + |
|
| 666 | + /** |
|
| 667 | + * Finalizes a configuration object, prohibiting further change |
|
| 668 | + */ |
|
| 669 | + public function finalize() { |
|
| 670 | + $this->finalized = true; |
|
| 671 | + $this->parser = null; |
|
| 672 | + } |
|
| 673 | + |
|
| 674 | + /** |
|
| 675 | + * Produces a nicely formatted error message by supplying the |
|
| 676 | + * stack frame information OUTSIDE of HTMLPurifier_Config. |
|
| 677 | + */ |
|
| 678 | + protected function triggerError($msg, $no) { |
|
| 679 | + // determine previous stack frame |
|
| 680 | + $extra = ''; |
|
| 681 | + if ($this->chatty) { |
|
| 682 | + $trace = debug_backtrace(); |
|
| 683 | + // zip(tail(trace), trace) -- but PHP is not Haskell har har |
|
| 684 | + for ($i = 0, $c = count($trace); $i < $c - 1; $i++) { |
|
| 685 | + if ($trace[$i + 1]['class'] === 'HTMLPurifier_Config') { |
|
| 686 | + continue; |
|
| 687 | + } |
|
| 688 | + $frame = $trace[$i]; |
|
| 689 | + $extra = " invoked on line {$frame['line']} in file {$frame['file']}"; |
|
| 690 | + break; |
|
| 691 | + } |
|
| 692 | + } |
|
| 693 | + trigger_error($msg . $extra, $no); |
|
| 694 | + } |
|
| 695 | + |
|
| 696 | + /** |
|
| 697 | + * Returns a serialized form of the configuration object that can |
|
| 698 | + * be reconstituted. |
|
| 699 | + */ |
|
| 700 | + public function serialize() { |
|
| 701 | + $this->getDefinition('HTML'); |
|
| 702 | + $this->getDefinition('CSS'); |
|
| 703 | + $this->getDefinition('URI'); |
|
| 704 | + return serialize($this); |
|
| 705 | + } |
|
| 706 | 706 | |
| 707 | 707 | } |
| 708 | 708 | |
@@ -116,8 +116,11 @@ discard block |
||
| 116 | 116 | } else { |
| 117 | 117 | $ret = new HTMLPurifier_Config($schema); |
| 118 | 118 | } |
| 119 | - if (is_string($config)) $ret->loadIni($config); |
|
| 120 | - elseif (is_array($config)) $ret->loadArray($config); |
|
| 119 | + if (is_string($config)) { |
|
| 120 | + $ret->loadIni($config); |
|
| 121 | + } elseif (is_array($config)) { |
|
| 122 | + $ret->loadArray($config); |
|
| 123 | + } |
|
| 121 | 124 | return $ret; |
| 122 | 125 | } |
| 123 | 126 | |
@@ -150,7 +153,9 @@ discard block |
||
| 150 | 153 | $this->triggerError("Using deprecated API: use \$config->get('$key.$a') instead", E_USER_WARNING); |
| 151 | 154 | $key = "$key.$a"; |
| 152 | 155 | } |
| 153 | - if (!$this->finalized) $this->autoFinalize(); |
|
| 156 | + if (!$this->finalized) { |
|
| 157 | + $this->autoFinalize(); |
|
| 158 | + } |
|
| 154 | 159 | if (!isset($this->def->info[$key])) { |
| 155 | 160 | // can't add % due to SimpleTest bug |
| 156 | 161 | $this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
@@ -178,7 +183,9 @@ discard block |
||
| 178 | 183 | * @param $namespace String namespace |
| 179 | 184 | */ |
| 180 | 185 | public function getBatch($namespace) { |
| 181 | - if (!$this->finalized) $this->autoFinalize(); |
|
| 186 | + if (!$this->finalized) { |
|
| 187 | + $this->autoFinalize(); |
|
| 188 | + } |
|
| 182 | 189 | $full = $this->getAll(); |
| 183 | 190 | if (!isset($full[$namespace])) { |
| 184 | 191 | $this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
@@ -220,7 +227,9 @@ discard block |
||
| 220 | 227 | * @warning This is a pretty inefficient function, avoid if you can |
| 221 | 228 | */ |
| 222 | 229 | public function getAll() { |
| 223 | - if (!$this->finalized) $this->autoFinalize(); |
|
| 230 | + if (!$this->finalized) { |
|
| 231 | + $this->autoFinalize(); |
|
| 232 | + } |
|
| 224 | 233 | $ret = array(); |
| 225 | 234 | foreach ($this->plist->squash() as $name => $value) { |
| 226 | 235 | list($ns, $key) = explode('.', $name, 2); |
@@ -244,7 +253,9 @@ discard block |
||
| 244 | 253 | } else { |
| 245 | 254 | list($namespace) = explode('.', $key); |
| 246 | 255 | } |
| 247 | - if ($this->isFinalized('Cannot set directive after finalization')) return; |
|
| 256 | + if ($this->isFinalized('Cannot set directive after finalization')) { |
|
| 257 | + return; |
|
| 258 | + } |
|
| 248 | 259 | if (!isset($this->def->info[$key])) { |
| 249 | 260 | $this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false) . ' to value', |
| 250 | 261 | E_USER_WARNING); |
@@ -311,7 +322,9 @@ discard block |
||
| 311 | 322 | */ |
| 312 | 323 | private function _listify($lookup) { |
| 313 | 324 | $list = array(); |
| 314 | - foreach ($lookup as $name => $b) $list[] = $name; |
|
| 325 | + foreach ($lookup as $name => $b) { |
|
| 326 | + $list[] = $name; |
|
| 327 | + } |
|
| 315 | 328 | return implode(', ', $list); |
| 316 | 329 | } |
| 317 | 330 | |
@@ -377,7 +390,9 @@ discard block |
||
| 377 | 390 | if ($optimized && !$raw) { |
| 378 | 391 | throw new HTMLPurifier_Exception("Cannot set optimized = true when raw = false"); |
| 379 | 392 | } |
| 380 | - if (!$this->finalized) $this->autoFinalize(); |
|
| 393 | + if (!$this->finalized) { |
|
| 394 | + $this->autoFinalize(); |
|
| 395 | + } |
|
| 381 | 396 | // temporarily suspend locks, so we can handle recursive definition calls |
| 382 | 397 | $lock = $this->lock; |
| 383 | 398 | $this->lock = null; |
@@ -395,7 +410,9 @@ discard block |
||
| 395 | 410 | return $def; |
| 396 | 411 | } else { |
| 397 | 412 | $def->setup($this); |
| 398 | - if ($def->optimized) $cache->add($def, $this); |
|
| 413 | + if ($def->optimized) { |
|
| 414 | + $cache->add($def, $this); |
|
| 415 | + } |
|
| 399 | 416 | return $def; |
| 400 | 417 | } |
| 401 | 418 | } |
@@ -524,7 +541,9 @@ discard block |
||
| 524 | 541 | * @param $config_array Configuration associative array |
| 525 | 542 | */ |
| 526 | 543 | public function loadArray($config_array) { |
| 527 | - if ($this->isFinalized('Cannot load directives after finalization')) return; |
|
| 544 | + if ($this->isFinalized('Cannot load directives after finalization')) { |
|
| 545 | + return; |
|
| 546 | + } |
|
| 528 | 547 | foreach ($config_array as $key => $value) { |
| 529 | 548 | $key = str_replace('_', '.', $key); |
| 530 | 549 | if (strpos($key, '.') !== false) { |
@@ -550,7 +569,9 @@ discard block |
||
| 550 | 569 | $schema = HTMLPurifier_ConfigSchema::instance(); |
| 551 | 570 | } |
| 552 | 571 | if ($allowed !== true) { |
| 553 | - if (is_string($allowed)) $allowed = array($allowed); |
|
| 572 | + if (is_string($allowed)) { |
|
| 573 | + $allowed = array($allowed); |
|
| 574 | + } |
|
| 554 | 575 | $allowed_ns = array(); |
| 555 | 576 | $allowed_directives = array(); |
| 556 | 577 | $blacklisted_directives = array(); |
@@ -572,11 +593,19 @@ discard block |
||
| 572 | 593 | foreach ($schema->info as $key => $def) { |
| 573 | 594 | list($ns, $directive) = explode('.', $key, 2); |
| 574 | 595 | if ($allowed !== true) { |
| 575 | - if (isset($blacklisted_directives["$ns.$directive"])) continue; |
|
| 576 | - if (!isset($allowed_directives["$ns.$directive"]) && !isset($allowed_ns[$ns])) continue; |
|
| 596 | + if (isset($blacklisted_directives["$ns.$directive"])) { |
|
| 597 | + continue; |
|
| 598 | + } |
|
| 599 | + if (!isset($allowed_directives["$ns.$directive"]) && !isset($allowed_ns[$ns])) { |
|
| 600 | + continue; |
|
| 601 | + } |
|
| 602 | + } |
|
| 603 | + if (isset($def->isAlias)) { |
|
| 604 | + continue; |
|
| 605 | + } |
|
| 606 | + if ($directive == 'DefinitionID' || $directive == 'DefinitionRev') { |
|
| 607 | + continue; |
|
| 577 | 608 | } |
| 578 | - if (isset($def->isAlias)) continue; |
|
| 579 | - if ($directive == 'DefinitionID' || $directive == 'DefinitionRev') continue; |
|
| 580 | 609 | $ret[] = array($ns, $directive); |
| 581 | 610 | } |
| 582 | 611 | return $ret; |
@@ -611,7 +640,9 @@ discard block |
||
| 611 | 640 | * strict parts of HTMLPurifier_Config |
| 612 | 641 | */ |
| 613 | 642 | public static function prepareArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { |
| 614 | - if ($index !== false) $array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array(); |
|
| 643 | + if ($index !== false) { |
|
| 644 | + $array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array(); |
|
| 645 | + } |
|
| 615 | 646 | $mq = $mq_fix && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc(); |
| 616 | 647 | |
| 617 | 648 | $allowed = HTMLPurifier_Config::getAllowedDirectivesForForm($allowed, $schema); |
@@ -623,7 +654,9 @@ discard block |
||
| 623 | 654 | $ret[$ns][$directive] = null; |
| 624 | 655 | continue; |
| 625 | 656 | } |
| 626 | - if (!isset($array[$skey])) continue; |
|
| 657 | + if (!isset($array[$skey])) { |
|
| 658 | + continue; |
|
| 659 | + } |
|
| 627 | 660 | $value = $mq ? stripslashes($array[$skey]) : $array[$skey]; |
| 628 | 661 | $ret[$ns][$directive] = $value; |
| 629 | 662 | } |
@@ -635,7 +668,9 @@ discard block |
||
| 635 | 668 | * @param $filename Name of ini file |
| 636 | 669 | */ |
| 637 | 670 | public function loadIni($filename) { |
| 638 | - if ($this->isFinalized('Cannot load directives after finalization')) return; |
|
| 671 | + if ($this->isFinalized('Cannot load directives after finalization')) { |
|
| 672 | + return; |
|
| 673 | + } |
|
| 639 | 674 | $array = parse_ini_file($filename, true); |
| 640 | 675 | $this->loadArray($array); |
| 641 | 676 | } |
@@ -153,20 +153,20 @@ discard block |
||
| 153 | 153 | if (!$this->finalized) $this->autoFinalize(); |
| 154 | 154 | if (!isset($this->def->info[$key])) { |
| 155 | 155 | // can't add % due to SimpleTest bug |
| 156 | - $this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
|
| 156 | + $this->triggerError('Cannot retrieve value of undefined directive '.htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
|
| 157 | 157 | E_USER_WARNING); |
| 158 | 158 | return; |
| 159 | 159 | } |
| 160 | 160 | if (isset($this->def->info[$key]->isAlias)) { |
| 161 | 161 | $d = $this->def->info[$key]; |
| 162 | - $this->triggerError('Cannot get value from aliased directive, use real name ' . $d->key, |
|
| 162 | + $this->triggerError('Cannot get value from aliased directive, use real name '.$d->key, |
|
| 163 | 163 | E_USER_ERROR); |
| 164 | 164 | return; |
| 165 | 165 | } |
| 166 | 166 | if ($this->lock) { |
| 167 | 167 | list($ns) = explode('.', $key); |
| 168 | 168 | if ($ns !== $this->lock) { |
| 169 | - $this->triggerError('Cannot get value of namespace ' . $ns . ' when lock for ' . $this->lock . ' is active, this probably indicates a Definition setup method is accessing directives that are not within its namespace', E_USER_ERROR); |
|
| 169 | + $this->triggerError('Cannot get value of namespace '.$ns.' when lock for '.$this->lock.' is active, this probably indicates a Definition setup method is accessing directives that are not within its namespace', E_USER_ERROR); |
|
| 170 | 170 | return; |
| 171 | 171 | } |
| 172 | 172 | } |
@@ -181,7 +181,7 @@ discard block |
||
| 181 | 181 | if (!$this->finalized) $this->autoFinalize(); |
| 182 | 182 | $full = $this->getAll(); |
| 183 | 183 | if (!isset($full[$namespace])) { |
| 184 | - $this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
|
| 184 | + $this->triggerError('Cannot retrieve undefined namespace '.htmlspecialchars($namespace, ENT_COMPAT | ENT_HTML401, 'UTF-8', false), |
|
| 185 | 185 | E_USER_WARNING); |
| 186 | 186 | return; |
| 187 | 187 | } |
@@ -246,7 +246,7 @@ discard block |
||
| 246 | 246 | } |
| 247 | 247 | if ($this->isFinalized('Cannot set directive after finalization')) return; |
| 248 | 248 | if (!isset($this->def->info[$key])) { |
| 249 | - $this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false) . ' to value', |
|
| 249 | + $this->triggerError('Cannot set undefined directive '.htmlspecialchars($key, ENT_COMPAT | ENT_HTML401, 'UTF-8', false).' to value', |
|
| 250 | 250 | E_USER_WARNING); |
| 251 | 251 | return; |
| 252 | 252 | } |
@@ -255,7 +255,7 @@ discard block |
||
| 255 | 255 | if (isset($def->isAlias)) { |
| 256 | 256 | if ($this->aliasMode) { |
| 257 | 257 | $this->triggerError('Double-aliases not allowed, please fix '. |
| 258 | - 'ConfigSchema bug with' . $key, E_USER_ERROR); |
|
| 258 | + 'ConfigSchema bug with'.$key, E_USER_ERROR); |
|
| 259 | 259 | return; |
| 260 | 260 | } |
| 261 | 261 | $this->aliasMode = true; |
@@ -279,7 +279,7 @@ discard block |
||
| 279 | 279 | try { |
| 280 | 280 | $value = $this->parser->parse($value, $type, $allow_null); |
| 281 | 281 | } catch (HTMLPurifier_VarParserException $e) { |
| 282 | - $this->triggerError('Value for ' . $key . ' is of invalid type, should be ' . HTMLPurifier_VarParser::getTypeName($type), E_USER_WARNING); |
|
| 282 | + $this->triggerError('Value for '.$key.' is of invalid type, should be '.HTMLPurifier_VarParser::getTypeName($type), E_USER_WARNING); |
|
| 283 | 283 | return; |
| 284 | 284 | } |
| 285 | 285 | if (is_string($value) && is_object($def)) { |
@@ -289,7 +289,7 @@ discard block |
||
| 289 | 289 | } |
| 290 | 290 | // check to see if the value is allowed |
| 291 | 291 | if (isset($def->allowed) && !isset($def->allowed[$value])) { |
| 292 | - $this->triggerError('Value not supported, valid values are: ' . |
|
| 292 | + $this->triggerError('Value not supported, valid values are: '. |
|
| 293 | 293 | $this->_listify($def->allowed), E_USER_WARNING); |
| 294 | 294 | return; |
| 295 | 295 | } |
@@ -422,7 +422,7 @@ discard block |
||
| 422 | 422 | // check preconditions |
| 423 | 423 | $def = null; |
| 424 | 424 | if ($optimized) { |
| 425 | - if (is_null($this->get($type . '.DefinitionID'))) { |
|
| 425 | + if (is_null($this->get($type.'.DefinitionID'))) { |
|
| 426 | 426 | // fatally error out if definition ID not set |
| 427 | 427 | throw new HTMLPurifier_Exception("Cannot retrieve raw version without specifying %$type.DefinitionID"); |
| 428 | 428 | } |
@@ -431,16 +431,16 @@ discard block |
||
| 431 | 431 | $def = $this->definitions[$type]; |
| 432 | 432 | if ($def->setup && !$optimized) { |
| 433 | 433 | $extra = $this->chatty ? " (try moving this code block earlier in your initialization)" : ""; |
| 434 | - throw new HTMLPurifier_Exception("Cannot retrieve raw definition after it has already been setup" . $extra); |
|
| 434 | + throw new HTMLPurifier_Exception("Cannot retrieve raw definition after it has already been setup".$extra); |
|
| 435 | 435 | } |
| 436 | 436 | if ($def->optimized === null) { |
| 437 | 437 | $extra = $this->chatty ? " (try flushing your cache)" : ""; |
| 438 | - throw new HTMLPurifier_Exception("Optimization status of definition is unknown" . $extra); |
|
| 438 | + throw new HTMLPurifier_Exception("Optimization status of definition is unknown".$extra); |
|
| 439 | 439 | } |
| 440 | 440 | if ($def->optimized !== $optimized) { |
| 441 | 441 | $msg = $optimized ? "optimized" : "unoptimized"; |
| 442 | 442 | $extra = $this->chatty ? " (this backtrace is for the first inconsistent call, which was for a $msg raw definition)" : ""; |
| 443 | - throw new HTMLPurifier_Exception("Inconsistent use of optimized and unoptimized raw definition retrievals" . $extra); |
|
| 443 | + throw new HTMLPurifier_Exception("Inconsistent use of optimized and unoptimized raw definition retrievals".$extra); |
|
| 444 | 444 | } |
| 445 | 445 | } |
| 446 | 446 | // check if definition was in memory |
@@ -471,7 +471,7 @@ discard block |
||
| 471 | 471 | } |
| 472 | 472 | // check invariants for creation |
| 473 | 473 | if (!$optimized) { |
| 474 | - if (!is_null($this->get($type . '.DefinitionID'))) { |
|
| 474 | + if (!is_null($this->get($type.'.DefinitionID'))) { |
|
| 475 | 475 | if ($this->chatty) { |
| 476 | 476 | $this->triggerError("Due to a documentation error in previous version of HTML Purifier, your definitions are not being cached. If this is OK, you can remove the %$type.DefinitionRev and %$type.DefinitionID declaration. Otherwise, modify your code to use maybeGetRawDefinition, and test if the returned value is null before making any edits (if it is null, that means that a cached version is available, and no raw operations are necessary). See <a href='http://htmlpurifier.org/docs/enduser-customize.html#optimized'>Customize</a> for more details", E_USER_WARNING); |
| 477 | 477 | } else { |
@@ -533,7 +533,7 @@ discard block |
||
| 533 | 533 | $namespace = $key; |
| 534 | 534 | $namespace_values = $value; |
| 535 | 535 | foreach ($namespace_values as $directive => $value) { |
| 536 | - $this->set($namespace .'.'. $directive, $value); |
|
| 536 | + $this->set($namespace.'.'.$directive, $value); |
|
| 537 | 537 | } |
| 538 | 538 | } |
| 539 | 539 | } |
@@ -690,7 +690,7 @@ discard block |
||
| 690 | 690 | break; |
| 691 | 691 | } |
| 692 | 692 | } |
| 693 | - trigger_error($msg . $extra, $no); |
|
| 693 | + trigger_error($msg.$extra, $no); |
|
| 694 | 694 | } |
| 695 | 695 | |
| 696 | 696 | /** |
@@ -89,6 +89,7 @@ discard block |
||
| 89 | 89 | /** |
| 90 | 90 | * @param $definition HTMLPurifier_ConfigSchema that defines what directives |
| 91 | 91 | * are allowed. |
| 92 | + * @param HTMLPurifier_PropertyList $parent |
|
| 92 | 93 | */ |
| 93 | 94 | public function __construct($definition, $parent = null) { |
| 94 | 95 | $parent = $parent ? $parent : $definition->defaultPlist; |
@@ -104,7 +105,7 @@ discard block |
||
| 104 | 105 | * an array of directives based on loadArray(), |
| 105 | 106 | * or a string filename of an ini file. |
| 106 | 107 | * @param HTMLPurifier_ConfigSchema Schema object |
| 107 | - * @return Configured HTMLPurifier_Config object |
|
| 108 | + * @return HTMLPurifier_Config HTMLPurifier_Config object |
|
| 108 | 109 | */ |
| 109 | 110 | public static function create($config, $schema = null) { |
| 110 | 111 | if ($config instanceof HTMLPurifier_Config) { |
@@ -133,7 +134,7 @@ discard block |
||
| 133 | 134 | |
| 134 | 135 | /** |
| 135 | 136 | * Convenience constructor that creates a default configuration object. |
| 136 | - * @return Default HTMLPurifier_Config object. |
|
| 137 | + * @return HTMLPurifier_Config HTMLPurifier_Config object. |
|
| 137 | 138 | */ |
| 138 | 139 | public static function createDefault() { |
| 139 | 140 | $definition = HTMLPurifier_ConfigSchema::instance(); |
@@ -143,7 +144,7 @@ discard block |
||
| 143 | 144 | |
| 144 | 145 | /** |
| 145 | 146 | * Retreives a value from the configuration. |
| 146 | - * @param $key String key |
|
| 147 | + * @param string $key String key |
|
| 147 | 148 | */ |
| 148 | 149 | public function get($key, $a = null) { |
| 149 | 150 | if ($a !== null) { |
@@ -543,7 +544,7 @@ discard block |
||
| 543 | 544 | * Returns a list of array(namespace, directive) for all directives |
| 544 | 545 | * that are allowed in a web-form context as per an allowed |
| 545 | 546 | * namespaces/directives list. |
| 546 | - * @param $allowed List of allowed namespaces/directives |
|
| 547 | + * @param boolean $allowed List of allowed namespaces/directives |
|
| 547 | 548 | */ |
| 548 | 549 | public static function getAllowedDirectivesForForm($allowed, $schema = null) { |
| 549 | 550 | if (!$schema) { |
@@ -585,7 +586,6 @@ discard block |
||
| 585 | 586 | /** |
| 586 | 587 | * Loads configuration values from $_GET/$_POST that were posted |
| 587 | 588 | * via ConfigForm |
| 588 | - * @param $array $_GET or $_POST array to import |
|
| 589 | 589 | * @param $index Index/name that the config variables are in |
| 590 | 590 | * @param $allowed List of allowed namespaces/directives |
| 591 | 591 | * @param $mq_fix Boolean whether or not to enable magic quotes fix |
@@ -632,7 +632,7 @@ discard block |
||
| 632 | 632 | |
| 633 | 633 | /** |
| 634 | 634 | * Loads configuration values from an ini file |
| 635 | - * @param $filename Name of ini file |
|
| 635 | + * @param string $filename Name of ini file |
|
| 636 | 636 | */ |
| 637 | 637 | public function loadIni($filename) { |
| 638 | 638 | if ($this->isFinalized('Cannot load directives after finalization')) return; |
@@ -674,6 +674,7 @@ discard block |
||
| 674 | 674 | /** |
| 675 | 675 | * Produces a nicely formatted error message by supplying the |
| 676 | 676 | * stack frame information OUTSIDE of HTMLPurifier_Config. |
| 677 | + * @param integer $no |
|
| 677 | 678 | */ |
| 678 | 679 | protected function triggerError($msg, $no) { |
| 679 | 680 | // determine previous stack frame |
@@ -5,159 +5,159 @@ |
||
| 5 | 5 | */ |
| 6 | 6 | class HTMLPurifier_ConfigSchema { |
| 7 | 7 | |
| 8 | - /** |
|
| 9 | - * Defaults of the directives and namespaces. |
|
| 10 | - * @note This shares the exact same structure as HTMLPurifier_Config::$conf |
|
| 11 | - */ |
|
| 12 | - public $defaults = array(); |
|
| 8 | + /** |
|
| 9 | + * Defaults of the directives and namespaces. |
|
| 10 | + * @note This shares the exact same structure as HTMLPurifier_Config::$conf |
|
| 11 | + */ |
|
| 12 | + public $defaults = array(); |
|
| 13 | 13 | |
| 14 | - /** |
|
| 15 | - * The default property list. Do not edit this property list. |
|
| 16 | - */ |
|
| 17 | - public $defaultPlist; |
|
| 14 | + /** |
|
| 15 | + * The default property list. Do not edit this property list. |
|
| 16 | + */ |
|
| 17 | + public $defaultPlist; |
|
| 18 | 18 | |
| 19 | - /** |
|
| 20 | - * Definition of the directives. The structure of this is: |
|
| 21 | - * |
|
| 22 | - * array( |
|
| 23 | - * 'Namespace' => array( |
|
| 24 | - * 'Directive' => new stdclass(), |
|
| 25 | - * ) |
|
| 26 | - * ) |
|
| 27 | - * |
|
| 28 | - * The stdclass may have the following properties: |
|
| 29 | - * |
|
| 30 | - * - If isAlias isn't set: |
|
| 31 | - * - type: Integer type of directive, see HTMLPurifier_VarParser for definitions |
|
| 32 | - * - allow_null: If set, this directive allows null values |
|
| 33 | - * - aliases: If set, an associative array of value aliases to real values |
|
| 34 | - * - allowed: If set, a lookup array of allowed (string) values |
|
| 35 | - * - If isAlias is set: |
|
| 36 | - * - namespace: Namespace this directive aliases to |
|
| 37 | - * - name: Directive name this directive aliases to |
|
| 38 | - * |
|
| 39 | - * In certain degenerate cases, stdclass will actually be an integer. In |
|
| 40 | - * that case, the value is equivalent to an stdclass with the type |
|
| 41 | - * property set to the integer. If the integer is negative, type is |
|
| 42 | - * equal to the absolute value of integer, and allow_null is true. |
|
| 43 | - * |
|
| 44 | - * This class is friendly with HTMLPurifier_Config. If you need introspection |
|
| 45 | - * about the schema, you're better of using the ConfigSchema_Interchange, |
|
| 46 | - * which uses more memory but has much richer information. |
|
| 47 | - */ |
|
| 48 | - public $info = array(); |
|
| 19 | + /** |
|
| 20 | + * Definition of the directives. The structure of this is: |
|
| 21 | + * |
|
| 22 | + * array( |
|
| 23 | + * 'Namespace' => array( |
|
| 24 | + * 'Directive' => new stdclass(), |
|
| 25 | + * ) |
|
| 26 | + * ) |
|
| 27 | + * |
|
| 28 | + * The stdclass may have the following properties: |
|
| 29 | + * |
|
| 30 | + * - If isAlias isn't set: |
|
| 31 | + * - type: Integer type of directive, see HTMLPurifier_VarParser for definitions |
|
| 32 | + * - allow_null: If set, this directive allows null values |
|
| 33 | + * - aliases: If set, an associative array of value aliases to real values |
|
| 34 | + * - allowed: If set, a lookup array of allowed (string) values |
|
| 35 | + * - If isAlias is set: |
|
| 36 | + * - namespace: Namespace this directive aliases to |
|
| 37 | + * - name: Directive name this directive aliases to |
|
| 38 | + * |
|
| 39 | + * In certain degenerate cases, stdclass will actually be an integer. In |
|
| 40 | + * that case, the value is equivalent to an stdclass with the type |
|
| 41 | + * property set to the integer. If the integer is negative, type is |
|
| 42 | + * equal to the absolute value of integer, and allow_null is true. |
|
| 43 | + * |
|
| 44 | + * This class is friendly with HTMLPurifier_Config. If you need introspection |
|
| 45 | + * about the schema, you're better of using the ConfigSchema_Interchange, |
|
| 46 | + * which uses more memory but has much richer information. |
|
| 47 | + */ |
|
| 48 | + public $info = array(); |
|
| 49 | 49 | |
| 50 | - /** |
|
| 51 | - * Application-wide singleton |
|
| 52 | - */ |
|
| 53 | - static protected $singleton; |
|
| 50 | + /** |
|
| 51 | + * Application-wide singleton |
|
| 52 | + */ |
|
| 53 | + static protected $singleton; |
|
| 54 | 54 | |
| 55 | - public function __construct() { |
|
| 56 | - $this->defaultPlist = new HTMLPurifier_PropertyList(); |
|
| 57 | - } |
|
| 55 | + public function __construct() { |
|
| 56 | + $this->defaultPlist = new HTMLPurifier_PropertyList(); |
|
| 57 | + } |
|
| 58 | 58 | |
| 59 | - /** |
|
| 60 | - * Unserializes the default ConfigSchema. |
|
| 61 | - */ |
|
| 62 | - public static function makeFromSerial() { |
|
| 63 | - $contents = file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema.ser'); |
|
| 64 | - $r = unserialize($contents); |
|
| 65 | - if (!$r) { |
|
| 66 | - $hash = sha1($contents); |
|
| 67 | - trigger_error("Unserialization of configuration schema failed, sha1 of file was $hash", E_USER_ERROR); |
|
| 68 | - } |
|
| 69 | - return $r; |
|
| 70 | - } |
|
| 59 | + /** |
|
| 60 | + * Unserializes the default ConfigSchema. |
|
| 61 | + */ |
|
| 62 | + public static function makeFromSerial() { |
|
| 63 | + $contents = file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema.ser'); |
|
| 64 | + $r = unserialize($contents); |
|
| 65 | + if (!$r) { |
|
| 66 | + $hash = sha1($contents); |
|
| 67 | + trigger_error("Unserialization of configuration schema failed, sha1 of file was $hash", E_USER_ERROR); |
|
| 68 | + } |
|
| 69 | + return $r; |
|
| 70 | + } |
|
| 71 | 71 | |
| 72 | - /** |
|
| 73 | - * Retrieves an instance of the application-wide configuration definition. |
|
| 74 | - */ |
|
| 75 | - public static function instance($prototype = null) { |
|
| 76 | - if ($prototype !== null) { |
|
| 77 | - HTMLPurifier_ConfigSchema::$singleton = $prototype; |
|
| 78 | - } elseif (HTMLPurifier_ConfigSchema::$singleton === null || $prototype === true) { |
|
| 79 | - HTMLPurifier_ConfigSchema::$singleton = HTMLPurifier_ConfigSchema::makeFromSerial(); |
|
| 80 | - } |
|
| 81 | - return HTMLPurifier_ConfigSchema::$singleton; |
|
| 82 | - } |
|
| 72 | + /** |
|
| 73 | + * Retrieves an instance of the application-wide configuration definition. |
|
| 74 | + */ |
|
| 75 | + public static function instance($prototype = null) { |
|
| 76 | + if ($prototype !== null) { |
|
| 77 | + HTMLPurifier_ConfigSchema::$singleton = $prototype; |
|
| 78 | + } elseif (HTMLPurifier_ConfigSchema::$singleton === null || $prototype === true) { |
|
| 79 | + HTMLPurifier_ConfigSchema::$singleton = HTMLPurifier_ConfigSchema::makeFromSerial(); |
|
| 80 | + } |
|
| 81 | + return HTMLPurifier_ConfigSchema::$singleton; |
|
| 82 | + } |
|
| 83 | 83 | |
| 84 | - /** |
|
| 85 | - * Defines a directive for configuration |
|
| 86 | - * @warning Will fail of directive's namespace is defined. |
|
| 87 | - * @warning This method's signature is slightly different from the legacy |
|
| 88 | - * define() static method! Beware! |
|
| 89 | - * @param $namespace Namespace the directive is in |
|
| 90 | - * @param $name Key of directive |
|
| 91 | - * @param $default Default value of directive |
|
| 92 | - * @param $type Allowed type of the directive. See |
|
| 93 | - * HTMLPurifier_DirectiveDef::$type for allowed values |
|
| 94 | - * @param $allow_null Whether or not to allow null values |
|
| 95 | - */ |
|
| 96 | - public function add($key, $default, $type, $allow_null) { |
|
| 97 | - $obj = new stdclass(); |
|
| 98 | - $obj->type = is_int($type) ? $type : HTMLPurifier_VarParser::$types[$type]; |
|
| 99 | - if ($allow_null) $obj->allow_null = true; |
|
| 100 | - $this->info[$key] = $obj; |
|
| 101 | - $this->defaults[$key] = $default; |
|
| 102 | - $this->defaultPlist->set($key, $default); |
|
| 103 | - } |
|
| 84 | + /** |
|
| 85 | + * Defines a directive for configuration |
|
| 86 | + * @warning Will fail of directive's namespace is defined. |
|
| 87 | + * @warning This method's signature is slightly different from the legacy |
|
| 88 | + * define() static method! Beware! |
|
| 89 | + * @param $namespace Namespace the directive is in |
|
| 90 | + * @param $name Key of directive |
|
| 91 | + * @param $default Default value of directive |
|
| 92 | + * @param $type Allowed type of the directive. See |
|
| 93 | + * HTMLPurifier_DirectiveDef::$type for allowed values |
|
| 94 | + * @param $allow_null Whether or not to allow null values |
|
| 95 | + */ |
|
| 96 | + public function add($key, $default, $type, $allow_null) { |
|
| 97 | + $obj = new stdclass(); |
|
| 98 | + $obj->type = is_int($type) ? $type : HTMLPurifier_VarParser::$types[$type]; |
|
| 99 | + if ($allow_null) $obj->allow_null = true; |
|
| 100 | + $this->info[$key] = $obj; |
|
| 101 | + $this->defaults[$key] = $default; |
|
| 102 | + $this->defaultPlist->set($key, $default); |
|
| 103 | + } |
|
| 104 | 104 | |
| 105 | - /** |
|
| 106 | - * Defines a directive value alias. |
|
| 107 | - * |
|
| 108 | - * Directive value aliases are convenient for developers because it lets |
|
| 109 | - * them set a directive to several values and get the same result. |
|
| 110 | - * @param $namespace Directive's namespace |
|
| 111 | - * @param $name Name of Directive |
|
| 112 | - * @param $aliases Hash of aliased values to the real alias |
|
| 113 | - */ |
|
| 114 | - public function addValueAliases($key, $aliases) { |
|
| 115 | - if (!isset($this->info[$key]->aliases)) { |
|
| 116 | - $this->info[$key]->aliases = array(); |
|
| 117 | - } |
|
| 118 | - foreach ($aliases as $alias => $real) { |
|
| 119 | - $this->info[$key]->aliases[$alias] = $real; |
|
| 120 | - } |
|
| 121 | - } |
|
| 105 | + /** |
|
| 106 | + * Defines a directive value alias. |
|
| 107 | + * |
|
| 108 | + * Directive value aliases are convenient for developers because it lets |
|
| 109 | + * them set a directive to several values and get the same result. |
|
| 110 | + * @param $namespace Directive's namespace |
|
| 111 | + * @param $name Name of Directive |
|
| 112 | + * @param $aliases Hash of aliased values to the real alias |
|
| 113 | + */ |
|
| 114 | + public function addValueAliases($key, $aliases) { |
|
| 115 | + if (!isset($this->info[$key]->aliases)) { |
|
| 116 | + $this->info[$key]->aliases = array(); |
|
| 117 | + } |
|
| 118 | + foreach ($aliases as $alias => $real) { |
|
| 119 | + $this->info[$key]->aliases[$alias] = $real; |
|
| 120 | + } |
|
| 121 | + } |
|
| 122 | 122 | |
| 123 | - /** |
|
| 124 | - * Defines a set of allowed values for a directive. |
|
| 125 | - * @warning This is slightly different from the corresponding static |
|
| 126 | - * method definition. |
|
| 127 | - * @param $namespace Namespace of directive |
|
| 128 | - * @param $name Name of directive |
|
| 129 | - * @param $allowed Lookup array of allowed values |
|
| 130 | - */ |
|
| 131 | - public function addAllowedValues($key, $allowed) { |
|
| 132 | - $this->info[$key]->allowed = $allowed; |
|
| 133 | - } |
|
| 123 | + /** |
|
| 124 | + * Defines a set of allowed values for a directive. |
|
| 125 | + * @warning This is slightly different from the corresponding static |
|
| 126 | + * method definition. |
|
| 127 | + * @param $namespace Namespace of directive |
|
| 128 | + * @param $name Name of directive |
|
| 129 | + * @param $allowed Lookup array of allowed values |
|
| 130 | + */ |
|
| 131 | + public function addAllowedValues($key, $allowed) { |
|
| 132 | + $this->info[$key]->allowed = $allowed; |
|
| 133 | + } |
|
| 134 | 134 | |
| 135 | - /** |
|
| 136 | - * Defines a directive alias for backwards compatibility |
|
| 137 | - * @param $namespace |
|
| 138 | - * @param $name Directive that will be aliased |
|
| 139 | - * @param $new_namespace |
|
| 140 | - * @param $new_name Directive that the alias will be to |
|
| 141 | - */ |
|
| 142 | - public function addAlias($key, $new_key) { |
|
| 143 | - $obj = new stdclass; |
|
| 144 | - $obj->key = $new_key; |
|
| 145 | - $obj->isAlias = true; |
|
| 146 | - $this->info[$key] = $obj; |
|
| 147 | - } |
|
| 135 | + /** |
|
| 136 | + * Defines a directive alias for backwards compatibility |
|
| 137 | + * @param $namespace |
|
| 138 | + * @param $name Directive that will be aliased |
|
| 139 | + * @param $new_namespace |
|
| 140 | + * @param $new_name Directive that the alias will be to |
|
| 141 | + */ |
|
| 142 | + public function addAlias($key, $new_key) { |
|
| 143 | + $obj = new stdclass; |
|
| 144 | + $obj->key = $new_key; |
|
| 145 | + $obj->isAlias = true; |
|
| 146 | + $this->info[$key] = $obj; |
|
| 147 | + } |
|
| 148 | 148 | |
| 149 | - /** |
|
| 150 | - * Replaces any stdclass that only has the type property with type integer. |
|
| 151 | - */ |
|
| 152 | - public function postProcess() { |
|
| 153 | - foreach ($this->info as $key => $v) { |
|
| 154 | - if (count((array) $v) == 1) { |
|
| 155 | - $this->info[$key] = $v->type; |
|
| 156 | - } elseif (count((array) $v) == 2 && isset($v->allow_null)) { |
|
| 157 | - $this->info[$key] = -$v->type; |
|
| 158 | - } |
|
| 159 | - } |
|
| 160 | - } |
|
| 149 | + /** |
|
| 150 | + * Replaces any stdclass that only has the type property with type integer. |
|
| 151 | + */ |
|
| 152 | + public function postProcess() { |
|
| 153 | + foreach ($this->info as $key => $v) { |
|
| 154 | + if (count((array) $v) == 1) { |
|
| 155 | + $this->info[$key] = $v->type; |
|
| 156 | + } elseif (count((array) $v) == 2 && isset($v->allow_null)) { |
|
| 157 | + $this->info[$key] = -$v->type; |
|
| 158 | + } |
|
| 159 | + } |
|
| 160 | + } |
|
| 161 | 161 | |
| 162 | 162 | } |
| 163 | 163 | |
@@ -96,7 +96,9 @@ |
||
| 96 | 96 | public function add($key, $default, $type, $allow_null) { |
| 97 | 97 | $obj = new stdclass(); |
| 98 | 98 | $obj->type = is_int($type) ? $type : HTMLPurifier_VarParser::$types[$type]; |
| 99 | - if ($allow_null) $obj->allow_null = true; |
|
| 99 | + if ($allow_null) { |
|
| 100 | + $obj->allow_null = true; |
|
| 101 | + } |
|
| 100 | 102 | $this->info[$key] = $obj; |
| 101 | 103 | $this->defaults[$key] = $default; |
| 102 | 104 | $this->defaultPlist->set($key, $default); |
@@ -60,7 +60,7 @@ |
||
| 60 | 60 | * Unserializes the default ConfigSchema. |
| 61 | 61 | */ |
| 62 | 62 | public static function makeFromSerial() { |
| 63 | - $contents = file_get_contents(HTMLPURIFIER_PREFIX . '/HTMLPurifier/ConfigSchema/schema.ser'); |
|
| 63 | + $contents = file_get_contents(HTMLPURIFIER_PREFIX.'/HTMLPurifier/ConfigSchema/schema.ser'); |
|
| 64 | 64 | $r = unserialize($contents); |
| 65 | 65 | if (!$r) { |
| 66 | 66 | $hash = sha1($contents); |
@@ -7,37 +7,37 @@ |
||
| 7 | 7 | class HTMLPurifier_ConfigSchema_Builder_ConfigSchema |
| 8 | 8 | { |
| 9 | 9 | |
| 10 | - public function build($interchange) { |
|
| 11 | - $schema = new HTMLPurifier_ConfigSchema(); |
|
| 12 | - foreach ($interchange->directives as $d) { |
|
| 13 | - $schema->add( |
|
| 14 | - $d->id->key, |
|
| 15 | - $d->default, |
|
| 16 | - $d->type, |
|
| 17 | - $d->typeAllowsNull |
|
| 18 | - ); |
|
| 19 | - if ($d->allowed !== null) { |
|
| 20 | - $schema->addAllowedValues( |
|
| 21 | - $d->id->key, |
|
| 22 | - $d->allowed |
|
| 23 | - ); |
|
| 24 | - } |
|
| 25 | - foreach ($d->aliases as $alias) { |
|
| 26 | - $schema->addAlias( |
|
| 27 | - $alias->key, |
|
| 28 | - $d->id->key |
|
| 29 | - ); |
|
| 30 | - } |
|
| 31 | - if ($d->valueAliases !== null) { |
|
| 32 | - $schema->addValueAliases( |
|
| 33 | - $d->id->key, |
|
| 34 | - $d->valueAliases |
|
| 35 | - ); |
|
| 36 | - } |
|
| 37 | - } |
|
| 38 | - $schema->postProcess(); |
|
| 39 | - return $schema; |
|
| 40 | - } |
|
| 10 | + public function build($interchange) { |
|
| 11 | + $schema = new HTMLPurifier_ConfigSchema(); |
|
| 12 | + foreach ($interchange->directives as $d) { |
|
| 13 | + $schema->add( |
|
| 14 | + $d->id->key, |
|
| 15 | + $d->default, |
|
| 16 | + $d->type, |
|
| 17 | + $d->typeAllowsNull |
|
| 18 | + ); |
|
| 19 | + if ($d->allowed !== null) { |
|
| 20 | + $schema->addAllowedValues( |
|
| 21 | + $d->id->key, |
|
| 22 | + $d->allowed |
|
| 23 | + ); |
|
| 24 | + } |
|
| 25 | + foreach ($d->aliases as $alias) { |
|
| 26 | + $schema->addAlias( |
|
| 27 | + $alias->key, |
|
| 28 | + $d->id->key |
|
| 29 | + ); |
|
| 30 | + } |
|
| 31 | + if ($d->valueAliases !== null) { |
|
| 32 | + $schema->addValueAliases( |
|
| 33 | + $d->id->key, |
|
| 34 | + $d->valueAliases |
|
| 35 | + ); |
|
| 36 | + } |
|
| 37 | + } |
|
| 38 | + $schema->postProcess(); |
|
| 39 | + return $schema; |
|
| 40 | + } |
|
| 41 | 41 | |
| 42 | 42 | } |
| 43 | 43 | |
