Configuration object that triggers customizable behavior. More...

Collaboration diagram for HTMLPurifier_Config:

Public Member Functions
	__construct ($definition, $parent=null)
	Constructor. More...

	get ($key, $a=null)
	Retrieves a value from the configuration. More...

	getBatch ($namespace)
	Retrieves an array of directives to values from a given namespace. More...

	getBatchSerial ($namespace)
	Returns a SHA-1 signature of a segment of the configuration object that uniquely identifies that particular configuration. More...

	getSerial ()
	Returns a SHA-1 signature for the entire configuration object that uniquely identifies that particular configuration. More...

	getAll ()
	Retrieves all directives, organized by namespace. More...

	set ($key, $value, $a=null)
	Sets a value to configuration. More...

	getHTMLDefinition ($raw=false, $optimized=false)
	Retrieves object reference to the HTML definition. More...

	getCSSDefinition ($raw=false, $optimized=false)
	Retrieves object reference to the CSS definition. More...

	getURIDefinition ($raw=false, $optimized=false)
	Retrieves object reference to the URI definition. More...

	getDefinition ($type, $raw=false, $optimized=false)
	Retrieves a definition. More...

	maybeGetRawDefinition ($name)

	maybeGetRawHTMLDefinition ()

	maybeGetRawCSSDefinition ()

	maybeGetRawURIDefinition ()

	loadArray ($config_array)
	Loads configuration values from an array with the following structure: Namespace.Directive => Value. More...

	mergeArrayFromForm ($array, $index=false, $allowed=true, $mq_fix=true)
	Merges in configuration values from $_GET/$_POST to object. More...

	loadIni ($filename)
	Loads configuration values from an ini file. More...

	isFinalized ($error=false)
	Checks whether or not the configuration object is finalized. More...

	autoFinalize ()
	Finalizes configuration only if auto finalize is on and not already finalized. More...

	finalize ()
	Finalizes a configuration object, prohibiting further change. More...

	serialize ()
	Returns a serialized form of the configuration object that can be reconstituted. More...

Static Public Member Functions
static	create ($config, $schema=null)
	Convenience constructor that creates a config object based on a mixed var. More...

static	inherit (HTMLPurifier_Config $config)
	Creates a new config object that inherits from a previous one. More...

static	createDefault ()
	Convenience constructor that creates a default configuration object. More...

static	getAllowedDirectivesForForm ($allowed, $schema=null)
	Returns a list of array(namespace, directive) for all directives that are allowed in a web-form context as per an allowed namespaces/directives list. More...

static	loadArrayFromForm ($array, $index=false, $allowed=true, $mq_fix=true, $schema=null)
	Loads configuration values from $_GET/$_POST that were posted via ConfigForm. More...

static	prepareArrayFromForm ($array, $index=false, $allowed=true, $mq_fix=true, $schema=null)
	Prepares an array from a form into something usable for the more strict parts of HTMLPurifier_Config. More...

Data Fields
	$version = '4.7.0'
	HTML Purifier's version string. More...

	$autoFinalize = true
	Whether or not to automatically finalize the object if a read operation is done. More...

	$def
	Reference HTMLPurifier_ConfigSchema for value checking. More...

	$chatty = true
	Set to false if you do not want line and file numbers in errors. More...

Protected Member Functions
	triggerError ($msg, $no)
	Produces a nicely formatted error message by supplying the stack frame information OUTSIDE of HTMLPurifier_Config. More...

Protected Attributes
	$serials = array()
	Namespace indexed array of serials for specific namespaces. More...

	$serial
	Serial for entire configuration object. More...

	$parser = null
	Parser for variables. More...

	$definitions
	Indexed array of definitions. More...

	$finalized = false
	Whether or not config is finalized. More...

	$plist
	Property list containing configuration directives. More...

Private Member Functions
	_listify ($lookup)
	Convenience function for error reporting. More...

	initDefinition ($type)
	Initialise definition. More...

Private Attributes
	$aliasMode
	Whether or not a set is taking place due to an alias lookup. More...

	$lock
	Current lock; only gets to this namespace are allowed. More...

Detailed Description

Configuration object that triggers customizable behavior.

Warning: This class is strongly defined: that means that the class will fail if an undefined directive is retrieved or set.

Note: Many classes that could (although many times don't) use the configuration object make it a mandatory parameter. This is because a configuration object should always be forwarded, otherwise, you run the risk of missing a parameter and then being stumped when a configuration directive doesn't work.

Todo:: Reconsider some of the public member variables

Definition at line 17 of file Config.php.

Constructor & Destructor Documentation

◆ __construct()

HTMLPurifier_Config::__construct	(	$definition,
		$parent = `null`
	)

Constructor.

Parameters

HTMLPurifier_ConfigSchema	$definition	ConfigSchema that defines what directives are allowed.
HTMLPurifier_PropertyList	$parent

Definition at line 106 of file Config.php.

     {
         $parent = $parent ? $parent : $definition->defaultPlist;
         $this->plist = new HTMLPurifier_PropertyList($parent);
         $this->def = $definition; // keep a copy around for checking
         $this->parser = new HTMLPurifier_VarParser_Flexible();
     }

Member Function Documentation

◆ _listify()

HTMLPurifier_Config::_listify ( $lookup )

private

Convenience function for error reporting.

Parameters

array $lookup

Returns: string

Definition at line 390 of file Config.php.

Referenced by set().

     {
         $list = array();
         foreach ($lookup as $name => $b) {
             $list[] = $name;
         }
         return implode(', ', $list);
     }

Here is the caller graph for this function:

◆ autoFinalize()

HTMLPurifier_Config::autoFinalize ( )

Finalizes configuration only if auto finalize is on and not already finalized.

Definition at line 859 of file Config.php.

References finalize().

Referenced by get(), getAll(), getBatch(), and getDefinition().

     {
         if ($this->autoFinalize) {
             $this->finalize();
         } else {
             $this->plist->squash(true);
         }
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ create()

static HTMLPurifier_Config::create	(	$config,
		$schema = `null`
	)

static

Convenience constructor that creates a config object based on a mixed var.

Parameters

mixed	$config	Variable that defines the state of the config object. Can be: a HTMLPurifier_Config() object, an array of directives based on loadArray(), or a string filename of an ini file.
HTMLPurifier_ConfigSchema	$schema	Schema object

Returns: HTMLPurifier_Config Configured object

Definition at line 123 of file Config.php.

References $ret, and createDefault().

Referenced by HTMLPurifier\__construct(), loadArrayFromForm(), and HTMLPurifier\purify().

     {
         if ($config instanceof HTMLPurifier_Config) {
             // pass-through
             return $config;
         }
         if (!$schema) {
             $ret = HTMLPurifier_Config::createDefault();
         } else {
             $ret = new HTMLPurifier_Config($schema);
         }
         if (is_string($config)) {
             $ret->loadIni($config);
         } elseif (is_array($config)) $ret->loadArray($config);
         return $ret;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ createDefault()

static HTMLPurifier_Config::createDefault ( )

static

Convenience constructor that creates a default configuration object.

Returns: HTMLPurifier_Config default object.

Definition at line 154 of file Config.php.

References HTMLPurifier_ConfigSchema\instance().

Referenced by create(), ilAssHtmlPurifier\getPurifierConfigInstance(), ilHtmlForumPostPurifier\getPurifierConfigInstance(), HTMLPurifier_URISchemeRegistry\getScheme(), and kses().

     {
         $definition = HTMLPurifier_ConfigSchema::instance();
         $config = new HTMLPurifier_Config($definition);
         return $config;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ finalize()

HTMLPurifier_Config::finalize ( )

Finalizes a configuration object, prohibiting further change.

Definition at line 871 of file Config.php.

Referenced by autoFinalize().

     {
         $this->finalized = true;
         $this->parser = null;
     }

Here is the caller graph for this function:

◆ get()

HTMLPurifier_Config::get	(	$key,
		$a = `null`
	)

Retrieves a value from the configuration.

Parameters

string	$key	String key
mixed	$a

Returns: mixed

Definition at line 169 of file Config.php.

References $d, autoFinalize(), and triggerError().

     {
         if ($a !== null) {
             $this->triggerError(
                 "Using deprecated API: use \$config->get('$key.$a') instead",
                 E_USER_WARNING
             );
             $key = "$key.$a";
         }
         if (!$this->finalized) {
             $this->autoFinalize();
         }
         if (!isset($this->def->info[$key])) {
             // can't add % due to SimpleTest bug
             $this->triggerError(
                 'Cannot retrieve value of undefined directive ' . htmlspecialchars($key),
                 E_USER_WARNING
             );
             return;
         }
         if (isset($this->def->info[$key]->isAlias)) {
             $d = $this->def->info[$key];
             $this->triggerError(
                 'Cannot get value from aliased directive, use real name ' . $d->key,
                 E_USER_ERROR
             );
             return;
         }
         if ($this->lock) {
             list($ns) = explode('.', $key);
             if ($ns !== $this->lock) {
                 $this->triggerError(
                     'Cannot get value of namespace ' . $ns . ' when lock for ' .
                     $this->lock .
                     ' is active, this probably indicates a Definition setup method ' .
                     'is accessing directives that are not within its namespace',
                     E_USER_ERROR
                 );
                 return;
             }
         }
         return $this->plist->get($key);
     }

Here is the call graph for this function:

◆ getAll()

HTMLPurifier_Config::getAll ( )

Retrieves all directives, organized by namespace.

Warning: This is a pretty inefficient function, avoid if you can

Definition at line 276 of file Config.php.

References $ret, and autoFinalize().

Referenced by getBatch(), and getSerial().

     {
         if (!$this->finalized) {
             $this->autoFinalize();
         }
         $ret = array();
         foreach ($this->plist->squash() as $name => $value) {
             list($ns, $key) = explode('.', $name, 2);
             $ret[$ns][$key] = $value;
         }
         return $ret;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ getAllowedDirectivesForForm()

static HTMLPurifier_Config::getAllowedDirectivesForForm	(	$allowed,
		$schema = `null`
	)

static

Returns a list of array(namespace, directive) for all directives that are allowed in a web-form context as per an allowed namespaces/directives list.

Parameters

array	$allowed	List of allowed namespaces/directives
HTMLPurifier_ConfigSchema	$schema	Schema to use, if not global copy

Returns: array

Definition at line 708 of file Config.php.

References $def, $ret, and HTMLPurifier_ConfigSchema\instance().

Referenced by prepareArrayFromForm(), and HTMLPurifier_Printer_ConfigForm\render().

     {
         if (!$schema) {
             $schema = HTMLPurifier_ConfigSchema::instance();
         }
         if ($allowed !== true) {
             if (is_string($allowed)) {
                 $allowed = array($allowed);
             }
             $allowed_ns = array();
             $allowed_directives = array();
             $blacklisted_directives = array();
             foreach ($allowed as $ns_or_directive) {
                 if (strpos($ns_or_directive, '.') !== false) {
                     // directive
                     if ($ns_or_directive[0] == '-') {
                         $blacklisted_directives[substr($ns_or_directive, 1)] = true;
                     } else {
                         $allowed_directives[$ns_or_directive] = true;
                     }
                 } else {
                     // namespace
                     $allowed_ns[$ns_or_directive] = true;
                 }
             }
         }
         $ret = array();
         foreach ($schema->info as $key => $def) {
             list($ns, $directive) = explode('.', $key, 2);
             if ($allowed !== true) {
                 if (isset($blacklisted_directives["$ns.$directive"])) {
                     continue;
                 }
                 if (!isset($allowed_directives["$ns.$directive"]) && !isset($allowed_ns[$ns])) {
                     continue;
                 }
             }
             if (isset($def->isAlias)) {
                 continue;
             }
             if ($directive == 'DefinitionID' || $directive == 'DefinitionRev') {
                 continue;
             }
             $ret[] = array($ns, $directive);
         }
         return $ret;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ getBatch()

HTMLPurifier_Config::getBatch ( $namespace )

Retrieves an array of directives to values from a given namespace.

Parameters

string $namespace String namespace

Returns: array

Definition at line 220 of file Config.php.

References $namespace, autoFinalize(), getAll(), and triggerError().

Referenced by getBatchSerial().

     {
         if (!$this->finalized) {
             $this->autoFinalize();
         }
         $full = $this->getAll();
         if (!isset($full[$namespace])) {
             $this->triggerError(
                 'Cannot retrieve undefined namespace ' .
                 htmlspecialchars($namespace),
                 E_USER_WARNING
             );
             return;
         }
         return $full[$namespace];
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ getBatchSerial()

HTMLPurifier_Config::getBatchSerial ( $namespace )

Returns a SHA-1 signature of a segment of the configuration object that uniquely identifies that particular configuration.

Parameters

string $namespace Namespace to get serial for

Returns: string

Note: Revision is handled specially and is removed from the batch before processing!

Definition at line 247 of file Config.php.

References $namespace, getBatch(), and serialize().

     {
         if (empty($this->serials[$namespace])) {
             $batch = $this->getBatch($namespace);
             unset($batch['DefinitionRev']);
             $this->serials[$namespace] = sha1(serialize($batch));
         }
         return $this->serials[$namespace];
     }

Here is the call graph for this function:

◆ getCSSDefinition()

HTMLPurifier_Config::getCSSDefinition	(	$raw = `false`,
		$optimized = `false`
	)

Retrieves object reference to the CSS definition.

Parameters

bool	$raw	Return a copy that has not been setup yet. Must be called before it's been setup, otherwise won't work.
bool	$optimized	If true, this method may return null, to indicate that a cached version of the modified definition object is available and no further edits are necessary. Consider using maybeGetRawCSSDefinition, which is more explicitly named, instead.

Returns: HTMLPurifier_CSSDefinition

Definition at line 432 of file Config.php.

References getDefinition().

     {
         return $this->getDefinition('CSS', $raw, $optimized);
     }

Here is the call graph for this function:

◆ getDefinition()

HTMLPurifier_Config::getDefinition	(	$type,
		$raw = `false`,
		$optimized = `false`
	)

Retrieves a definition.

Parameters

string	$type	Type of definition: HTML, CSS, etc
bool	$raw	Whether or not definition should be returned raw
bool	$optimized	Only has an effect when $raw is true. Whether or not to return null if the result is already present in the cache. This is off by default for backwards compatibility reasons, but you need to do things this way in order to ensure that caching is done properly. Check out enduser-customize.html for more details. We probably won't ever change this default, as much as the maybe semantics is the "right thing to do."

Exceptions

HTMLPurifier_Exception

Returns: HTMLPurifier_Definition

Definition at line 473 of file Config.php.

References $def, $lock, autoFinalize(), initDefinition(), HTMLPurifier_DefinitionCacheFactory\instance(), and triggerError().

Referenced by getCSSDefinition(), getHTMLDefinition(), getURIDefinition(), maybeGetRawCSSDefinition(), maybeGetRawDefinition(), maybeGetRawHTMLDefinition(), maybeGetRawURIDefinition(), and serialize().

     {
         if ($optimized && !$raw) {
             throw new HTMLPurifier_Exception("Cannot set optimized = true when raw = false");
         }
         if (!$this->finalized) {
             $this->autoFinalize();
         }
         // temporarily suspend locks, so we can handle recursive definition calls
         $lock = $this->lock;
         $this->lock = null;
         $factory = HTMLPurifier_DefinitionCacheFactory::instance();
         $cache = $factory->create($type, $this);
         $this->lock = $lock;
         if (!$raw) {
             // full definition
             // ---------------
             // check if definition is in memory
             if (!empty($this->definitions[$type])) {
                 $def = $this->definitions[$type];
                 // check if the definition is setup
                 if ($def->setup) {
                     return $def;
                 } else {
                     $def->setup($this);
                     if ($def->optimized) {
                         $cache->add($def, $this);
                     }
                     return $def;
                 }
             }
             // check if definition is in cache
             $def = $cache->get($this);
             if ($def) {
                 // definition in cache, save to memory and return it
                 $this->definitions[$type] = $def;
                 return $def;
             }
             // initialize it
             $def = $this->initDefinition($type);
             // set it up
             $this->lock = $type;
             $def->setup($this);
             $this->lock = null;
             // save in cache
             $cache->add($def, $this);
             // return it
             return $def;
         } else {
             // raw definition
             // --------------
             // check preconditions
             $def = null;
             if ($optimized) {
                 if (is_null($this->get($type . '.DefinitionID'))) {
                     // fatally error out if definition ID not set
                     throw new HTMLPurifier_Exception(
                         "Cannot retrieve raw version without specifying %$type.DefinitionID"
                     );
                 }
             }
             if (!empty($this->definitions[$type])) {
                 $def = $this->definitions[$type];
                 if ($def->setup && !$optimized) {
                     $extra = $this->chatty ?
                         " (try moving this code block earlier in your initialization)" :
                         "";
                     throw new HTMLPurifier_Exception(
                         "Cannot retrieve raw definition after it has already been setup" .
                         $extra
                     );
                 }
                 if ($def->optimized === null) {
                     $extra = $this->chatty ? " (try flushing your cache)" : "";
                     throw new HTMLPurifier_Exception(
                         "Optimization status of definition is unknown" . $extra
                     );
                 }
                 if ($def->optimized !== $optimized) {
                     $msg = $optimized ? "optimized" : "unoptimized";
                     $extra = $this->chatty ?
                         " (this backtrace is for the first inconsistent call, which was for a $msg raw definition)"
                         : "";
                     throw new HTMLPurifier_Exception(
                         "Inconsistent use of optimized and unoptimized raw definition retrievals" . $extra
                     );
                 }
             }
             // check if definition was in memory
             if ($def) {
                 if ($def->setup) {
                     // invariant: $optimized === true (checked above)
                     return null;
                 } else {
                     return $def;
                 }
             }
             // if optimized, check if definition was in cache
             // (because we do the memory check first, this formulation
             // is prone to cache slamming, but I think
             // guaranteeing that either /all/ of the raw
             // setup code or /none/ of it is run is more important.)
             if ($optimized) {
                 // This code path only gets run once; once we put
                 // something in $definitions (which is guaranteed by the
                 // trailing code), we always short-circuit above.
                 $def = $cache->get($this);
                 if ($def) {
                     // save the full definition for later, but don't
                     // return it yet
                     $this->definitions[$type] = $def;
                     return null;
                 }
             }
             // check invariants for creation
             if (!$optimized) {
                 if (!is_null($this->get($type . '.DefinitionID'))) {
                     if ($this->chatty) {
                         $this->triggerError(
                             'Due to a documentation error in previous version of HTML Purifier, your ' .
                             'definitions are not being cached.  If this is OK, you can remove the ' .
                             '%$type.DefinitionRev and %$type.DefinitionID declaration.  Otherwise, ' .
                             'modify your code to use maybeGetRawDefinition, and test if the returned ' .
                             'value is null before making any edits (if it is null, that means that a ' .
                             'cached version is available, and no raw operations are necessary).  See ' .
                             '<a href="http://htmlpurifier.org/docs/enduser-customize.html#optimized">' .
                             'Customize</a> for more details',
                             E_USER_WARNING
                         );
                     } else {
                         $this->triggerError(
                             "Useless DefinitionID declaration",
                             E_USER_WARNING
                         );
                     }
                 }
             }
             // initialize it
             $def = $this->initDefinition($type);
             $def->optimized = $optimized;
             return $def;
         }
         throw new HTMLPurifier_Exception("The impossible happened!");
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ getHTMLDefinition()

HTMLPurifier_Config::getHTMLDefinition	(	$raw = `false`,
		$optimized = `false`
	)

Retrieves object reference to the HTML definition.

Parameters

bool	$raw	Return a copy that has not been setup yet. Must be called before it's been setup, otherwise won't work.
bool	$optimized	If true, this method may return null, to indicate that a cached version of the modified definition object is available and no further edits are necessary. Consider using maybeGetRawHTMLDefinition, which is more explicitly named, instead.

Returns: HTMLPurifier_HTMLDefinition

Definition at line 413 of file Config.php.

References getDefinition().

     {
         return $this->getDefinition('HTML', $raw, $optimized);
     }

Here is the call graph for this function:

◆ getSerial()

HTMLPurifier_Config::getSerial ( )

Returns a SHA-1 signature for the entire configuration object that uniquely identifies that particular configuration.

Returns: string

Definition at line 263 of file Config.php.

References $serial, getAll(), and serialize().

     {
         if (empty($this->serial)) {
             $this->serial = sha1(serialize($this->getAll()));
         }
         return $this->serial;
     }

Here is the call graph for this function:

◆ getURIDefinition()

HTMLPurifier_Config::getURIDefinition	(	$raw = `false`,
		$optimized = `false`
	)

Retrieves object reference to the URI definition.

Parameters

bool	$raw	Return a copy that has not been setup yet. Must be called before it's been setup, otherwise won't work.
bool	$optimized	If true, this method may return null, to indicate that a cached version of the modified definition object is available and no further edits are necessary. Consider using maybeGetRawURIDefinition, which is more explicitly named, instead.

Returns: HTMLPurifier_URIDefinition

Definition at line 451 of file Config.php.

References getDefinition().

     {
         return $this->getDefinition('URI', $raw, $optimized);
     }

Here is the call graph for this function:

◆ inherit()

static HTMLPurifier_Config::inherit ( HTMLPurifier_Config $config )

static

Creates a new config object that inherits from a previous one.

Parameters

HTMLPurifier_Config $config Configuration object to inherit from.

Returns: HTMLPurifier_Config object with $config as its parent.

Definition at line 145 of file Config.php.

     {
         return new HTMLPurifier_Config($config->def, $config->plist);
     }

◆ initDefinition()

HTMLPurifier_Config::initDefinition ( $type )

private

Initialise definition.

Parameters

string $type What type of definition to create

Returns: HTMLPurifier_CSSDefinition|HTMLPurifier_HTMLDefinition|HTMLPurifier_URIDefinition

Exceptions

HTMLPurifier_Exception

Definition at line 626 of file Config.php.

References $def.

Referenced by getDefinition().

     {
         // quick checks failed, let's create the object
         if ($type == 'HTML') {
             $def = new HTMLPurifier_HTMLDefinition();
         } elseif ($type == 'CSS') {
             $def = new HTMLPurifier_CSSDefinition();
         } elseif ($type == 'URI') {
             $def = new HTMLPurifier_URIDefinition();
         } else {
             throw new HTMLPurifier_Exception(
                 "Definition of $type type not supported"
             );
         }
         $this->definitions[$type] = $def;
         return $def;
     }

Here is the caller graph for this function:

◆ isFinalized()

HTMLPurifier_Config::isFinalized ( $error = false )

Checks whether or not the configuration object is finalized.

Parameters

string | bool $error String error message, or false for no error

Returns: bool

Definition at line 847 of file Config.php.

References $finalized, and triggerError().

Referenced by loadArray(), loadIni(), and set().

     {
         if ($this->finalized && $error) {
             $this->triggerError($error, E_USER_ERROR);
         }
         return $this->finalized;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ loadArray()

HTMLPurifier_Config::loadArray ( $config_array )

Loads configuration values from an array with the following structure: Namespace.Directive => Value.

Parameters

array $config_array Configuration associative array

Definition at line 679 of file Config.php.

References $namespace, and isFinalized().

Referenced by loadIni(), and mergeArrayFromForm().

     {
         if ($this->isFinalized('Cannot load directives after finalization')) {
             return;
         }
         foreach ($config_array as $key => $value) {
             $key = str_replace('_', '.', $key);
             if (strpos($key, '.') !== false) {
                 $this->set($key, $value);
             } else {
                 $namespace = $key;
                 $namespace_values = $value;
                 foreach ($namespace_values as $directive => $value2) {
                     $this->set($namespace .'.'. $directive, $value2);
                 }
             }
         }
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ loadArrayFromForm()

static HTMLPurifier_Config::loadArrayFromForm	(	$array,
		$index = `false`,
		$allowed = `true`,
		$mq_fix = `true`,
		$schema = `null`
	)

static

Loads configuration values from $_GET/$_POST that were posted via ConfigForm.

Parameters

array	$array	$_GET or $_POST array to import
string \| bool	$index	Index/name that the config variables are in
array \| bool	$allowed	List of allowed namespaces/directives
bool	$mq_fix	Boolean whether or not to enable magic quotes fix
HTMLPurifier_ConfigSchema	$schema	Schema to use, if not global copy

Returns: mixed

Definition at line 768 of file Config.php.

References $ret, create(), and prepareArrayFromForm().

     {
         $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $schema);
         $config = HTMLPurifier_Config::create($ret, $schema);
         return $config;
     }

Here is the call graph for this function:

◆ loadIni()

HTMLPurifier_Config::loadIni ( $filename )

Loads configuration values from an ini file.

Parameters

string $filename Name of ini file

Definition at line 831 of file Config.php.

References $filename, isFinalized(), and loadArray().

     {
         if ($this->isFinalized('Cannot load directives after finalization')) {
             return;
         }
         $array = parse_ini_file($filename, true);
         $this->loadArray($array);
     }

Here is the call graph for this function:

◆ maybeGetRawCSSDefinition()

HTMLPurifier_Config::maybeGetRawCSSDefinition ( )

Returns: HTMLPurifier_CSSDefinition

Definition at line 660 of file Config.php.

References getDefinition().

     {
         return $this->getDefinition('CSS', true, true);
     }

Here is the call graph for this function:

◆ maybeGetRawDefinition()

HTMLPurifier_Config::maybeGetRawDefinition ( $name )

Definition at line 644 of file Config.php.

References getDefinition().

     {
         return $this->getDefinition($name, true, true);
     }

Here is the call graph for this function:

◆ maybeGetRawHTMLDefinition()

HTMLPurifier_Config::maybeGetRawHTMLDefinition ( )

Returns: HTMLPurifier_HTMLDefinition

Definition at line 652 of file Config.php.

References getDefinition().

     {
         return $this->getDefinition('HTML', true, true);
     }

Here is the call graph for this function:

◆ maybeGetRawURIDefinition()

HTMLPurifier_Config::maybeGetRawURIDefinition ( )

Returns: HTMLPurifier_URIDefinition

Definition at line 668 of file Config.php.

References getDefinition().

     {
         return $this->getDefinition('URI', true, true);
     }

Here is the call graph for this function:

◆ mergeArrayFromForm()

HTMLPurifier_Config::mergeArrayFromForm	(	$array,
		$index = `false`,
		$allowed = `true`,
		$mq_fix = `true`
	)

Merges in configuration values from $_GET/$_POST to object.

NOT STATIC.

Parameters

array	$array	$_GET or $_POST array to import
string \| bool	$index	Index/name that the config variables are in
array \| bool	$allowed	List of allowed namespaces/directives
bool	$mq_fix	Boolean whether or not to enable magic quotes fix

Definition at line 783 of file Config.php.

References $ret, loadArray(), and prepareArrayFromForm().

     {
          $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $this->def);
          $this->loadArray($ret);
     }

Here is the call graph for this function:

◆ prepareArrayFromForm()

static HTMLPurifier_Config::prepareArrayFromForm	(	$array,
		$index = `false`,
		$allowed = `true`,
		$mq_fix = `true`,
		$schema = `null`
	)

static

Prepares an array from a form into something usable for the more strict parts of HTMLPurifier_Config.

Parameters

array	$array	$_GET or $_POST array to import
string \| bool	$index	Index/name that the config variables are in
array \| bool	$allowed	List of allowed namespaces/directives
bool	$mq_fix	Boolean whether or not to enable magic quotes fix
HTMLPurifier_ConfigSchema	$schema	Schema to use, if not global copy

Returns: array

Definition at line 801 of file Config.php.

References $ret, and getAllowedDirectivesForForm().

Referenced by loadArrayFromForm(), and mergeArrayFromForm().

     {
         if ($index !== false) {
             $array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array();
         }
         $mq = $mq_fix && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc();
 
         $allowed = HTMLPurifier_Config::getAllowedDirectivesForForm($allowed, $schema);
         $ret = array();
         foreach ($allowed as $key) {
             list($ns, $directive) = $key;
             $skey = "$ns.$directive";
             if (!empty($array["Null_$skey"])) {
                 $ret[$ns][$directive] = null;
                 continue;
             }
             if (!isset($array[$skey])) {
                 continue;
             }
             $value = $mq ? stripslashes($array[$skey]) : $array[$skey];
             $ret[$ns][$directive] = $value;
         }
         return $ret;
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ serialize()

HTMLPurifier_Config::serialize ( )

Returns a serialized form of the configuration object that can be reconstituted.

Returns: string

Definition at line 910 of file Config.php.

References getDefinition().

Referenced by getBatchSerial(), and getSerial().

     {
         $this->getDefinition('HTML');
         $this->getDefinition('CSS');
         $this->getDefinition('URI');
         return serialize($this);
     }

Here is the call graph for this function:

Here is the caller graph for this function:

◆ set()

HTMLPurifier_Config::set	(	$key,
		$value,
		$a = `null`
	)

Sets a value to configuration.

Parameters

string	$key	key
mixed	$value	value
mixed	$a

Definition at line 296 of file Config.php.

References $def, $namespace, _listify(), HTMLPurifier_VarParser\getTypeName(), isFinalized(), and triggerError().

     {
         if (strpos($key, '.') === false) {
             $namespace = $key;
             $directive = $value;
             $value = $a;
             $key = "$key.$directive";
             $this->triggerError("Using deprecated API: use \$config->set('$key', ...) instead", E_USER_NOTICE);
         } else {
             list($namespace) = explode('.', $key);
         }
         if ($this->isFinalized('Cannot set directive after finalization')) {
             return;
         }
         if (!isset($this->def->info[$key])) {
             $this->triggerError(
                 'Cannot set undefined directive ' . htmlspecialchars($key) . ' to value',
                 E_USER_WARNING
             );
             return;
         }
         $def = $this->def->info[$key];
 
         if (isset($def->isAlias)) {
             if ($this->aliasMode) {
                 $this->triggerError(
                     'Double-aliases not allowed, please fix '.
                     'ConfigSchema bug with' . $key,
                     E_USER_ERROR
                 );
                 return;
             }
             $this->aliasMode = true;
             $this->set($def->key, $value);
             $this->aliasMode = false;
             $this->triggerError("$key is an alias, preferred directive name is {$def->key}", E_USER_NOTICE);
             return;
         }
 
         // Raw type might be negative when using the fully optimized form
         // of stdclass, which indicates allow_null == true
         $rtype = is_int($def) ? $def : $def->type;
         if ($rtype < 0) {
             $type = -$rtype;
             $allow_null = true;
         } else {
             $type = $rtype;
             $allow_null = isset($def->allow_null);
         }
 
         try {
             $value = $this->parser->parse($value, $type, $allow_null);
         } catch (HTMLPurifier_VarParserException $e) {
             $this->triggerError(
                 'Value for ' . $key . ' is of invalid type, should be ' .
                 HTMLPurifier_VarParser::getTypeName($type),
                 E_USER_WARNING
             );
             return;
         }
         if (is_string($value) && is_object($def)) {
             // resolve value alias if defined
             if (isset($def->aliases[$value])) {
                 $value = $def->aliases[$value];
             }
             // check to see if the value is allowed
             if (isset($def->allowed) && !isset($def->allowed[$value])) {
                 $this->triggerError(
                     'Value not supported, valid values are: ' .
                     $this->_listify($def->allowed),
                     E_USER_WARNING
                 );
                 return;
             }
         }
         $this->plist->set($key, $value);
 
         // reset definitions if the directives they depend on changed
         // this is a very costly process, so it's discouraged
         // with finalization
         if ($namespace == 'HTML' || $namespace == 'CSS' || $namespace == 'URI') {
             $this->definitions[$namespace] = null;
         }
 
         $this->serials[$namespace] = false;
     }

Here is the call graph for this function:

◆ triggerError()

HTMLPurifier_Config::triggerError	(	$msg,
		$no
	)

protected

Produces a nicely formatted error message by supplying the stack frame information OUTSIDE of HTMLPurifier_Config.

Parameters

string	$msg	An error message
int	$no	An error number

Definition at line 884 of file Config.php.

Referenced by get(), getBatch(), getDefinition(), isFinalized(), and set().

     {
         // determine previous stack frame
         $extra = '';
         if ($this->chatty) {
             $trace = debug_backtrace();
             // zip(tail(trace), trace) -- but PHP is not Haskell har har
             for ($i = 0, $c = count($trace); $i < $c - 1; $i++) {
                 // XXX this is not correct on some versions of HTML Purifier
                 if ($trace[$i + 1]['class'] === 'HTMLPurifier_Config') {
                     continue;
                 }
                 $frame = $trace[$i];
                 $extra = " invoked on line {$frame['line']} in file {$frame['file']}";
                 break;
             }
         }
         trigger_error($msg . $extra, $no);
     }

Here is the caller graph for this function:

Field Documentation

◆ $aliasMode

HTMLPurifier_Config::$aliasMode

private

Whether or not a set is taking place due to an alias lookup.

bool

Definition at line 84 of file Config.php.

◆ $autoFinalize

HTMLPurifier_Config::$autoFinalize = true

Whether or not to automatically finalize the object if a read operation is done.

bool

Definition at line 31 of file Config.php.

◆ $chatty

HTMLPurifier_Config::$chatty = true

Set to false if you do not want line and file numbers in errors.

(useful when unit testing). This will also compress some errors and exceptions. bool

Definition at line 92 of file Config.php.

◆ $def

HTMLPurifier_Config::$def

Reference HTMLPurifier_ConfigSchema for value checking.

HTMLPurifier_ConfigSchema

Note: This is public for introspective purposes. Please don't abuse!

Definition at line 60 of file Config.php.

Referenced by getAllowedDirectivesForForm(), getDefinition(), initDefinition(), and set().

◆ $definitions

HTMLPurifier_Config::$definitions

protected

Indexed array of definitions.

HTMLPurifier_Definition[]

Definition at line 66 of file Config.php.

◆ $finalized

HTMLPurifier_Config::$finalized = false

protected

Whether or not config is finalized.

bool

Definition at line 72 of file Config.php.

Referenced by isFinalized().

◆ $lock

HTMLPurifier_Config::$lock

private

Current lock; only gets to this namespace are allowed.

string

Definition at line 98 of file Config.php.

Referenced by getDefinition().

◆ $parser

HTMLPurifier_Config::$parser = null

protected

Parser for variables.

HTMLPurifier_VarParser_Flexible

Definition at line 52 of file Config.php.

◆ $plist

HTMLPurifier_Config::$plist

protected

Property list containing configuration directives.

array

Definition at line 78 of file Config.php.

◆ $serial

HTMLPurifier_Config::$serial

protected

Serial for entire configuration object.

string

Definition at line 46 of file Config.php.

Referenced by getSerial().

◆ $serials

HTMLPurifier_Config::$serials = array()

protected

Namespace indexed array of serials for specific namespaces.

See also: getSerial() for more info. string[]

Definition at line 40 of file Config.php.

◆ $version

HTMLPurifier_Config::$version = '4.7.0'

HTML Purifier's version string.

Definition at line 24 of file Config.php.

The documentation for this class was generated from the following file:

Services/Html/HtmlPurifier/library/HTMLPurifier/Config.php

Public Member Functions

Static Public Member Functions

Data Fields

Protected Member Functions

Protected Attributes

Private Member Functions

Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ _listify()

◆ autoFinalize()

◆ create()

◆ createDefault()

◆ finalize()

◆ get()

◆ getAll()

◆ getAllowedDirectivesForForm()

◆ getBatch()

◆ getBatchSerial()

◆ getCSSDefinition()

◆ getDefinition()

◆ getHTMLDefinition()

◆ getSerial()

◆ getURIDefinition()

◆ inherit()

◆ initDefinition()

◆ isFinalized()

◆ loadArray()

◆ loadArrayFromForm()

◆ loadIni()

◆ maybeGetRawCSSDefinition()

◆ maybeGetRawDefinition()

◆ maybeGetRawHTMLDefinition()

◆ maybeGetRawURIDefinition()

◆ mergeArrayFromForm()

◆ prepareArrayFromForm()

◆ serialize()

◆ set()

◆ triggerError()

Field Documentation

◆ $aliasMode

◆ $autoFinalize

◆ $chatty

◆ $def

◆ $definitions

◆ $finalized

◆ $lock

◆ $parser

◆ $plist

◆ $serial

◆ $serials

◆ $version