ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
HTMLPurifier.php
Go to the documentation of this file.
1<?php
2
21/*
22 HTML Purifier 4.7.0 - Standards Compliant HTML Filtering
23 Copyright (C) 2006-2008 Edward Z. Yang
24
25 This library is free software; you can redistribute it and/or
26 modify it under the terms of the GNU Lesser General Public
27 License as published by the Free Software Foundation; either
28 version 2.1 of the License, or (at your option) any later version.
29
30 This library is distributed in the hope that it will be useful,
31 but WITHOUT ANY WARRANTY; without even the implied warranty of
32 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
33 Lesser General Public License for more details.
34
35 You should have received a copy of the GNU Lesser General Public
36 License along with this library; if not, write to the Free Software
37 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
38 */
39
55{
56
61 public $version = '4.7.0';
62
66 const VERSION = '4.7.0';
67
72 public $config;
73
79 private $filters = array();
80
85 private static $instance;
86
90 protected $strategy;
91
95 protected $generator;
96
102 public $context;
103
114 public function __construct($config = null)
115 {
116 $this->config = HTMLPurifier_Config::create($config);
117 $this->strategy = new HTMLPurifier_Strategy_Core();
118 }
119
125 public function addFilter($filter)
126 {
127 trigger_error(
128 'HTMLPurifier->addFilter() is deprecated, use configuration directives' .
129 ' in the Filter namespace or Filter.Custom',
130 E_USER_WARNING
131 );
132 $this->filters[] = $filter;
133 }
134
146 public function purify($html, $config = null)
147 {
148 // :TODO: make the config merge in, instead of replace
150
151 // implementation is partially environment dependant, partially
152 // configuration dependant
154
156
157 // setup HTML generator
158 $this->generator = new HTMLPurifier_Generator($config, $context);
159 $context->register('Generator', $this->generator);
160
161 // set up global context variables
162 if ($config->get('Core.CollectErrors')) {
163 // may get moved out if other facilities use it
164 $language_factory = HTMLPurifier_LanguageFactory::instance();
165 $language = $language_factory->create($config, $context);
166 $context->register('Locale', $language);
167
168 $error_collector = new HTMLPurifier_ErrorCollector($context);
169 $context->register('ErrorCollector', $error_collector);
170 }
171
172 // setup id_accumulator context, necessary due to the fact that
173 // AttrValidator can be called from many places
175 $context->register('IDAccumulator', $id_accumulator);
176
178
179 // setup filters
180 $filter_flags = $config->getBatch('Filter');
181 $custom_filters = $filter_flags['Custom'];
182 unset($filter_flags['Custom']);
183 $filters = array();
184 foreach ($filter_flags as $filter => $flag) {
185 if (!$flag) {
186 continue;
187 }
188 if (strpos($filter, '.') !== false) {
189 continue;
190 }
191 $class = "HTMLPurifier_Filter_$filter";
192 $filters[] = new $class;
193 }
194 foreach ($custom_filters as $filter) {
195 // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat
196 $filters[] = $filter;
197 }
198 $filters = array_merge($filters, $this->filters);
199 // maybe prepare(), but later
200
201 for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) {
202 $html = $filters[$i]->preFilter($html, $config, $context);
203 }
204
205 // purified HTML
206 $html =
207 $this->generator->generateFromTokens(
208 // list of tokens
209 $this->strategy->execute(
210 // list of un-purified tokens
211 $lexer->tokenizeHTML(
212 // un-purified HTML
213 $html,
214 $config,
216 ),
217 $config,
219 )
220 );
221
222 for ($i = $filter_size - 1; $i >= 0; $i--) {
223 $html = $filters[$i]->postFilter($html, $config, $context);
224 }
225
227 $this->context =& $context;
228 return $html;
229 }
230
240 public function purifyArray($array_of_html, $config = null)
241 {
242 $context_array = array();
243 foreach ($array_of_html as $key => $html) {
244 $array_of_html[$key] = $this->purify($html, $config);
245 $context_array[$key] = $this->context;
246 }
247 $this->context = $context_array;
248 return $array_of_html;
249 }
250
261 public static function instance($prototype = null)
262 {
263 if (!self::$instance || $prototype) {
264 if ($prototype instanceof HTMLPurifier) {
265 self::$instance = $prototype;
266 } elseif ($prototype) {
267 self::$instance = new HTMLPurifier($prototype);
268 } else {
269 self::$instance = new HTMLPurifier();
270 }
271 }
272 return self::$instance;
273 }
274
286 public static function getInstance($prototype = null)
287 {
288 return HTMLPurifier::instance($prototype);
289 }
290}
291
292// vim: et sw=4 sts=4
HTMLPurifier($html, $config=null)
Purify HTML.
static create($config, $schema=null)
Convenience constructor that creates a config object based on a mixed var.
Definition: Config.php:123
Registry object that contains information about the current context.
Definition: Context.php:11
static convertFromUTF8($str, $config, $context)
Converts a string from UTF-8 based on configuration.
Definition: Encoder.php:420
static convertToUTF8($str, $config, $context)
Convert a string to UTF-8 based on configuration.
Definition: Encoder.php:372
Error collection class that enables HTML Purifier to report HTML problems back to the user.
Generates HTML from tokens.
Definition: Generator.php:11
static build($config, $context)
Builds an IDAccumulator, also initializing the default blacklist.
static instance($prototype=null)
Retrieve sole instance of the factory.
static create($config)
Retrieves or sets the default Lexer as a Prototype Factory.
Definition: Lexer.php:69
Core strategy composed of the big four strategies.
Definition: Core.php:7
Facade that coordinates HTML Purifier's subsystems in order to purify HTML.
const VERSION
Constant with version of HTML Purifier.
$config
Global configuration object.
$version
Version of HTML Purifier.
static $instance
Single instance of HTML Purifier.
purifyArray($array_of_html, $config=null)
Filters an array of HTML snippets.
$filters
Array of extra filter objects to run on HTML, for backwards compatibility.
$strategy
@type HTMLPurifier_Strategy_Core
$context
Resultant context of last run purification.
static instance($prototype=null)
Singleton for enforcing just one HTML Purifier in your system.
purify($html, $config=null)
Filters an HTML snippet/document to be XSS-free and standards-compliant.
static getInstance($prototype=null)
Singleton for enforcing just one HTML Purifier in your system.
addFilter($filter)
Adds a filter to process the output.
__construct($config=null)
Initializes the purifier.
$generator
@type HTMLPurifier_Generator
$html
Definition: example_001.php:87