ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
svg-scanner.php
Go to the documentation of this file.
1#!/usr/bin/env php
2<?php
3
4/*
5 * Simple program that uses svg-sanitizer
6 * to find issues in files specified on the
7 * command line, and prints a JSON output with
8 * the issues found on exit.
9 */
10
11require_once( __DIR__ . '/data/AttributeInterface.php' );
12require_once( __DIR__ . '/data/TagInterface.php' );
13require_once( __DIR__ . '/data/AllowedAttributes.php' );
14require_once( __DIR__ . '/data/AllowedTags.php' );
15require_once( __DIR__ . '/Sanitizer.php' );
16
17
18/*
19 * Print array as JSON and then
20 * exit program with a particular
21 * exit-code.
22 */
23
24function sysexit(
25 $results,
26 $status
27) {
28 echo json_encode(
29 $results,
30 JSON_PRETTY_PRINT
31 );
32
33 exit( $status );
34}
35
36
37/*
38 * Main part begins
39 */
40
41global $argv;
42
43/*
44 * Set up results array, to
45 * be printed on exit.
46 */
47$results = array(
48 'totals' => array(
49 'errors' => 0,
50 ),
51
52 'files' => array(
53 ),
54);
55
56
57/*
58 * Catch files to scan from $argv.
59 */
60
61$files_to_scan = $argv;
62unset( $files_to_scan[0] );
63
64$files_to_scan = array_values(
65 $files_to_scan
66);
67
68/*
69 * Catch no file specified.
70 */
71
72if ( empty( $files_to_scan ) ) {
73 $results['totals']['errors']++;
74 $results['messages'] = array(
75 array( 'No files to scan specified' ),
76 );
77
78 sysexit(
79 $results,
80 1
81 );
82}
83
84/*
85 * Initialize the SVG scanner.
86 *
87 * Make sure to allow custom attributes,
88 * and to remove remote references.
89 */
90$sanitizer = new enshrined\svgSanitize\Sanitizer();
91
92$sanitizer->removeRemoteReferences( true );
93
94/*
95 * Scan each file specified to be scanned.
96 */
97
98foreach( $files_to_scan as $file_name ) {
99 /*
100 * Read SVG file.
101 */
102 $svg_file = @file_get_contents( $file_name );
103
104 /*
105 * If not found, report that and continue.
106 */
107 if ( false === $svg_file ) {
108 $results['totals']['errors']++;
109
110 $results['files'][ $file_name ][] = array(
111 'errors' => 1,
112 'messages' => array(
113 array(
114 'message' => 'File specified could not be read (' . $file_name . ')',
115 'line' => null,
116 ),
117 ),
118 );
119
120 continue;
121 }
122
123 /*
124 * Sanitize file and get issues found.
125 */
126 $sanitize_status = $sanitizer->sanitize( $svg_file );
127
128 $xml_issues = $sanitizer->getXmlIssues();
129
130 /*
131 * If we find no issues, simply note that.
132 */
133 if ( empty( $xml_issues ) && ( false !== $sanitize_status ) ) {
134 $results['files'][ $file_name ] = array(
135 'errors' => 0,
136 'messages' => array()
137 );
138 }
139
140 /*
141 * Could not sanitize the file.
142 */
143 else if (
144 ( '' === $sanitize_status ) ||
145 ( false === $sanitize_status )
146 ) {
147 $results['totals']['errors']++;
148
149 $results['files'][ $file_name ] = array(
150 'errors' => 1,
151 'messages' => array(
152 array(
153 'message' => 'Unable to sanitize file \'' . $file_name . '\'' ,
154 'line' => null,
155 )
156 ),
157 );
158 }
159
160 /*
161 * If we find issues, note it and update statistics.
162 */
163
164 else {
165 $results['totals']['errors'] += count( $xml_issues );
166
167 $results['files'][ $file_name ] = array(
168 'errors' => count( $xml_issues ),
169 'messages' => $xml_issues,
170 );
171 }
172
173 unset( $svg_file );
174 unset( $xml_issues );
175 unset( $sanitize_status );
176}
177
178
179/*
180 * Exit with a status
181 * that reflects what issues
182 * we found.
183 */
184sysexit(
185 $results,
186 ( $results['totals']['errors'] === 0 ? 0 : 1 )
187);
php
An exception for terminatinating execution or to throw for unit testing.
$results
$results
Definition: svg-scanner.php:47
$argv
global $argv
Definition: svg-scanner.php:41
$files_to_scan
$files_to_scan
Definition: svg-scanner.php:61
$sanitizer
if(empty( $files_to_scan)) $sanitizer
Definition: svg-scanner.php:90
sysexit
sysexit( $results, $status)
Definition: svg-scanner.php:24