ILIAS  release_4-4 Revision
All Data Structures Namespaces Files Functions Variables Modules Pages
HTMLPurifier.php
Go to the documentation of this file.
1 <?php
2 
21 /*
22  HTML Purifier 4.5.0 - Standards Compliant HTML Filtering
23  Copyright (C) 2006-2008 Edward Z. Yang
24 
25  This library is free software; you can redistribute it and/or
26  modify it under the terms of the GNU Lesser General Public
27  License as published by the Free Software Foundation; either
28  version 2.1 of the License, or (at your option) any later version.
29 
30  This library is distributed in the hope that it will be useful,
31  but WITHOUT ANY WARRANTY; without even the implied warranty of
32  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
33  Lesser General Public License for more details.
34 
35  You should have received a copy of the GNU Lesser General Public
36  License along with this library; if not, write to the Free Software
37  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
38  */
39 
54 class HTMLPurifier
55 {
56 
58  public $version = '4.5.0';
59 
61  const VERSION = '4.5.0';
62 
64  public $config;
65 
67  private $filters = array();
68 
70  private static $instance;
71 
72  protected $strategy, $generator;
73 
78  public $context;
79 
88  public function __construct($config = null) {
89 
90  $this->config = HTMLPurifier_Config::create($config);
91 
92  $this->strategy = new HTMLPurifier_Strategy_Core();
93 
94  }
95 
100  public function addFilter($filter) {
101  trigger_error('HTMLPurifier->addFilter() is deprecated, use configuration directives in the Filter namespace or Filter.Custom', E_USER_WARNING);
102  $this->filters[] = $filter;
103  }
104 
115  public function purify($html, $config = null) {
116 
117  // :TODO: make the config merge in, instead of replace
118  $config = $config ? HTMLPurifier_Config::create($config) : $this->config;
119 
120  // implementation is partially environment dependant, partially
121  // configuration dependant
122  $lexer = HTMLPurifier_Lexer::create($config);
123 
124  $context = new HTMLPurifier_Context();
125 
126  // setup HTML generator
127  $this->generator = new HTMLPurifier_Generator($config, $context);
128  $context->register('Generator', $this->generator);
129 
130  // set up global context variables
131  if ($config->get('Core.CollectErrors')) {
132  // may get moved out if other facilities use it
133  $language_factory = HTMLPurifier_LanguageFactory::instance();
134  $language = $language_factory->create($config, $context);
135  $context->register('Locale', $language);
136 
137  $error_collector = new HTMLPurifier_ErrorCollector($context);
138  $context->register('ErrorCollector', $error_collector);
139  }
140 
141  // setup id_accumulator context, necessary due to the fact that
142  // AttrValidator can be called from many places
143  $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context);
144  $context->register('IDAccumulator', $id_accumulator);
145 
146  $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context);
147 
148  // setup filters
149  $filter_flags = $config->getBatch('Filter');
150  $custom_filters = $filter_flags['Custom'];
151  unset($filter_flags['Custom']);
152  $filters = array();
153  foreach ($filter_flags as $filter => $flag) {
154  if (!$flag) continue;
155  if (strpos($filter, '.') !== false) continue;
156  $class = "HTMLPurifier_Filter_$filter";
157  $filters[] = new $class;
158  }
159  foreach ($custom_filters as $filter) {
160  // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat
161  $filters[] = $filter;
162  }
163  $filters = array_merge($filters, $this->filters);
164  // maybe prepare(), but later
165 
166  for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) {
167  $html = $filters[$i]->preFilter($html, $config, $context);
168  }
169 
170  // purified HTML
171  $html =
172  $this->generator->generateFromTokens(
173  // list of tokens
174  $this->strategy->execute(
175  // list of un-purified tokens
176  $lexer->tokenizeHTML(
177  // un-purified HTML
178  $html, $config, $context
179  ),
180  $config, $context
181  )
182  );
183 
184  for ($i = $filter_size - 1; $i >= 0; $i--) {
185  $html = $filters[$i]->postFilter($html, $config, $context);
186  }
187 
188  $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context);
189  $this->context =& $context;
190  return $html;
191  }
192 
199  public function purifyArray($array_of_html, $config = null) {
200  $context_array = array();
201  foreach ($array_of_html as $key => $html) {
202  $array_of_html[$key] = $this->purify($html, $config);
203  $context_array[$key] = $this->context;
204  }
205  $this->context = $context_array;
206  return $array_of_html;
207  }
208 
215  public static function instance($prototype = null) {
216  if (!self::$instance || $prototype) {
217  if ($prototype instanceof HTMLPurifier) {
218  self::$instance = $prototype;
219  } elseif ($prototype) {
220  self::$instance = new HTMLPurifier($prototype);
221  } else {
222  self::$instance = new HTMLPurifier();
223  }
224  }
225  return self::$instance;
226  }
227 
231  public static function getInstance($prototype = null) {
232  return HTMLPurifier::instance($prototype);
233  }
234 
235 }
236 
237 // vim: et sw=4 sts=4
HTMLPurifier\$context
$context
Resultant HTMLPurifier_Context of last run purification.
Definition: HTMLPurifier.php:78
HTMLPurifier\purifyArray
purifyArray($array_of_html, $config=null)
Filters an array of HTML snippets.
Definition: HTMLPurifier.php:199
HTMLPurifier_Generator
Generates HTML from tokens.
Definition: Generator.php:10
HTMLPurifier
Facade that coordinates HTML Purifier&#39;s subsystems in order to purify HTML.
Definition: HTMLPurifier.php:54
HTMLPurifier_Lexer\create
static create($config)
Retrieves or sets the default Lexer as a Prototype Factory.
Definition: Lexer.php:68
HTMLPurifier_Encoder\convertFromUTF8
static convertFromUTF8($str, $config, $context)
Converts a string from UTF-8 based on configuration.
Definition: Encoder.php:371
HTMLPurifier_IDAccumulator\build
static build($config, $context)
Builds an IDAccumulator, also initializing the default blacklist.
Definition: IDAccumulator.php:24
HTMLPurifier\instance
static instance($prototype=null)
Singleton for enforcing just one HTML Purifier in your system.
Definition: HTMLPurifier.php:215
HTMLPurifier\getInstance
static getInstance($prototype=null)
Definition: HTMLPurifier.php:231
HTMLPurifier_Config\create
static create($config, $schema=null)
Convenience constructor that creates a config object based on a mixed var.
Definition: Config.php:109
HTMLPurifier_Encoder\convertToUTF8
static convertToUTF8($str, $config, $context)
Converts a string to UTF-8 based on configuration.
Definition: Encoder.php:336
HTMLPurifier\__construct
__construct($config=null)
Initializes the purifier.
Definition: HTMLPurifier.php:88
HTMLPurifier_LanguageFactory\instance
static instance($prototype=null)
Retrieve sole instance of the factory.
Definition: LanguageFactory.php:57
HTMLPurifier_ErrorCollector
Error collection class that enables HTML Purifier to report HTML problems back to the user...
Definition: ErrorCollector.php:7
HTMLPurifier\$version
$version
Version of HTML Purifier.
Definition: HTMLPurifier.php:58
HTMLPurifier\purify
purify($html, $config=null)
Filters an HTML snippet/document to be XSS-free and standards-compliant.
Definition: HTMLPurifier.php:115
HTMLPurifier\$config
$config
Global configuration object.
Definition: HTMLPurifier.php:64
HTMLPurifier\$instance
static $instance
Single instance of HTML Purifier.
Definition: HTMLPurifier.php:70
HTMLPurifier_Context
Registry object that contains information about the current context.
Definition: Context.php:10
HTMLPurifier
HTMLPurifier($html, $config=null)
Purify HTML.
Definition: HTMLPurifier.func.php:15
HTMLPurifier_Strategy_Core
Core strategy composed of the big four strategies.
Definition: Core.php:6
HTMLPurifier\$filters
$filters
Array of extra HTMLPurifier_Filter objects to run on HTML, for backwards compatibility.
Definition: HTMLPurifier.php:67
HTMLPurifier\VERSION
const VERSION
Constant with version of HTML Purifier.
Definition: HTMLPurifier.php:61
HTMLPurifier\addFilter
addFilter($filter)
Adds a filter to process the output.
Definition: HTMLPurifier.php:100