ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
HTMLPurifier.php
Go to the documentation of this file.
1<?php
2
21/*
22 HTML Purifier 4.7.0 - Standards Compliant HTML Filtering
23 Copyright (C) 2006-2008 Edward Z. Yang
24
25 This library is free software; you can redistribute it and/or
26 modify it under the terms of the GNU Lesser General Public
27 License as published by the Free Software Foundation; either
28 version 2.1 of the License, or (at your option) any later version.
29
30 This library is distributed in the hope that it will be useful,
31 but WITHOUT ANY WARRANTY; without even the implied warranty of
32 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
33 Lesser General Public License for more details.
34
35 You should have received a copy of the GNU Lesser General Public
36 License along with this library; if not, write to the Free Software
37 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
38 */
39
54class HTMLPurifier
55{
56
61 public $version = '4.7.0';
62
66 const VERSION = '4.7.0';
67
72 public $config;
73
79 private $filters = array();
80
85 private static $instance;
86
90 protected $strategy;
91
95 protected $generator;
96
102 public $context;
103
114 public function __construct($config = null)
115 {
116 $this->config = HTMLPurifier_Config::create($config);
117 $this->strategy = new HTMLPurifier_Strategy_Core();
118 }
119
125 public function addFilter($filter)
126 {
127 trigger_error(
128 'HTMLPurifier->addFilter() is deprecated, use configuration directives' .
129 ' in the Filter namespace or Filter.Custom',
130 E_USER_WARNING
131 );
132 $this->filters[] = $filter;
133 }
134
146 public function purify($html, $config = null)
147 {
148 // :TODO: make the config merge in, instead of replace
149 $config = $config ? HTMLPurifier_Config::create($config) : $this->config;
150
151 // implementation is partially environment dependant, partially
152 // configuration dependant
153 $lexer = HTMLPurifier_Lexer::create($config);
154
155 $context = new HTMLPurifier_Context();
156
157 // setup HTML generator
158 $this->generator = new HTMLPurifier_Generator($config, $context);
159 $context->register('Generator', $this->generator);
160
161 // set up global context variables
162 if ($config->get('Core.CollectErrors')) {
163 // may get moved out if other facilities use it
164 $language_factory = HTMLPurifier_LanguageFactory::instance();
165 $language = $language_factory->create($config, $context);
166 $context->register('Locale', $language);
167
168 $error_collector = new HTMLPurifier_ErrorCollector($context);
169 $context->register('ErrorCollector', $error_collector);
170 }
171
172 // setup id_accumulator context, necessary due to the fact that
173 // AttrValidator can be called from many places
174 $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context);
175 $context->register('IDAccumulator', $id_accumulator);
176
177 $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context);
178
179 // setup filters
180 $filter_flags = $config->getBatch('Filter');
181 $custom_filters = $filter_flags['Custom'];
182 unset($filter_flags['Custom']);
183 $filters = array();
184 foreach ($filter_flags as $filter => $flag) {
185 if (!$flag) {
186 continue;
187 }
188 if (strpos($filter, '.') !== false) {
189 continue;
190 }
191 $class = "HTMLPurifier_Filter_$filter";
192 $filters[] = new $class;
193 }
194 foreach ($custom_filters as $filter) {
195 // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat
196 $filters[] = $filter;
197 }
198 $filters = array_merge($filters, $this->filters);
199 // maybe prepare(), but later
200
201 for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) {
202 $html = $filters[$i]->preFilter($html, $config, $context);
203 }
204
205 // purified HTML
206 $html =
207 $this->generator->generateFromTokens(
208 // list of tokens
209 $this->strategy->execute(
210 // list of un-purified tokens
211 $lexer->tokenizeHTML(
212 // un-purified HTML
213 $html,
214 $config,
215 $context
216 ),
217 $config,
218 $context
219 )
220 );
221
222 for ($i = $filter_size - 1; $i >= 0; $i--) {
223 $html = $filters[$i]->postFilter($html, $config, $context);
224 }
225
226 $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context);
227 $this->context =& $context;
228 return $html;
229 }
230
240 public function purifyArray($array_of_html, $config = null)
241 {
242 $context_array = array();
243 foreach ($array_of_html as $key => $html) {
244 $array_of_html[$key] = $this->purify($html, $config);
245 $context_array[$key] = $this->context;
246 }
247 $this->context = $context_array;
248 return $array_of_html;
249 }
250
261 public static function instance($prototype = null)
262 {
263 if (!self::$instance || $prototype) {
264 if ($prototype instanceof HTMLPurifier) {
265 self::$instance = $prototype;
266 } elseif ($prototype) {
267 self::$instance = new HTMLPurifier($prototype);
268 } else {
269 self::$instance = new HTMLPurifier();
270 }
271 }
272 return self::$instance;
273 }
274
286 public static function getInstance($prototype = null)
287 {
288 return HTMLPurifier::instance($prototype);
289 }
290}
291
292// vim: et sw=4 sts=4
HTMLPurifier
HTMLPurifier($html, $config=null)
Purify HTML.
Definition: HTMLPurifier.func.php:16
HTMLPurifier_Config\create
static create($config, $schema=null)
Convenience constructor that creates a config object based on a mixed var.
Definition: Config.php:123
HTMLPurifier_Context
Registry object that contains information about the current context.
Definition: Context.php:11
HTMLPurifier_Encoder\convertFromUTF8
static convertFromUTF8($str, $config, $context)
Converts a string from UTF-8 based on configuration.
Definition: Encoder.php:420
HTMLPurifier_Encoder\convertToUTF8
static convertToUTF8($str, $config, $context)
Convert a string to UTF-8 based on configuration.
Definition: Encoder.php:372
HTMLPurifier_ErrorCollector
Error collection class that enables HTML Purifier to report HTML problems back to the user.
Definition: ErrorCollector.php:8
HTMLPurifier_Generator
Generates HTML from tokens.
Definition: Generator.php:11
HTMLPurifier_IDAccumulator\build
static build($config, $context)
Builds an IDAccumulator, also initializing the default blacklist.
Definition: IDAccumulator.php:24
HTMLPurifier_LanguageFactory\instance
static instance($prototype=null)
Retrieve sole instance of the factory.
Definition: LanguageFactory.php:59
HTMLPurifier_Lexer\create
static create($config)
Retrieves or sets the default Lexer as a Prototype Factory.
Definition: Lexer.php:69
HTMLPurifier_Strategy_Core
Core strategy composed of the big four strategies.
Definition: Core.php:7
HTMLPurifier
Facade that coordinates HTML Purifier's subsystems in order to purify HTML.
Definition: HTMLPurifier.php:55
HTMLPurifier\VERSION
const VERSION
Constant with version of HTML Purifier.
Definition: HTMLPurifier.php:66
HTMLPurifier\$config
$config
Global configuration object.
Definition: HTMLPurifier.php:72
HTMLPurifier\$version
$version
Version of HTML Purifier.
Definition: HTMLPurifier.php:61
HTMLPurifier\$instance
static $instance
Single instance of HTML Purifier.
Definition: HTMLPurifier.php:85
HTMLPurifier\purifyArray
purifyArray($array_of_html, $config=null)
Filters an array of HTML snippets.
Definition: HTMLPurifier.php:240
HTMLPurifier\$filters
$filters
Array of extra filter objects to run on HTML, for backwards compatibility.
Definition: HTMLPurifier.php:79
HTMLPurifier\$strategy
$strategy
@type HTMLPurifier_Strategy_Core
Definition: HTMLPurifier.php:90
HTMLPurifier\$context
$context
Resultant context of last run purification.
Definition: HTMLPurifier.php:102
HTMLPurifier\instance
static instance($prototype=null)
Singleton for enforcing just one HTML Purifier in your system.
Definition: HTMLPurifier.php:261
HTMLPurifier\purify
purify($html, $config=null)
Filters an HTML snippet/document to be XSS-free and standards-compliant.
Definition: HTMLPurifier.php:146
HTMLPurifier\getInstance
static getInstance($prototype=null)
Singleton for enforcing just one HTML Purifier in your system.
Definition: HTMLPurifier.php:286
HTMLPurifier\addFilter
addFilter($filter)
Adds a filter to process the output.
Definition: HTMLPurifier.php:125
HTMLPurifier\__construct
__construct($config=null)
Initializes the purifier.
Definition: HTMLPurifier.php:114
HTMLPurifier\$generator
$generator
@type HTMLPurifier_Generator
Definition: HTMLPurifier.php:95
$html
$html
Definition: example_001.php:87