MyOOS [Shopsystem] is Free Software released under the GNU/GPL License.
Webmaster: info@r23.de (Impressum)
00001 <?php 00002 00017 class HTMLPurifier_Config 00018 { 00019 00023 public $version = '4.0.0'; 00024 00029 public $autoFinalize = true; 00030 00031 // protected member variables 00032 00037 protected $serials = array(); 00038 00042 protected $serial; 00043 00047 protected $parser; 00048 00054 public $def; 00055 00059 protected $definitions; 00060 00064 protected $finalized = false; 00065 00069 protected $plist; 00070 00075 private $aliasMode; 00076 00081 public $chatty = true; 00082 00086 private $lock; 00087 00092 public function __construct($definition, $parent = null) { 00093 $parent = $parent ? $parent : $definition->defaultPlist; 00094 $this->plist = new HTMLPurifier_PropertyList($parent); 00095 $this->def = $definition; // keep a copy around for checking 00096 $this->parser = new HTMLPurifier_VarParser_Flexible(); 00097 } 00098 00108 public static function create($config, $schema = null) { 00109 if ($config instanceof HTMLPurifier_Config) { 00110 // pass-through 00111 return $config; 00112 } 00113 if (!$schema) { 00114 $ret = HTMLPurifier_Config::createDefault(); 00115 } else { 00116 $ret = new HTMLPurifier_Config($schema); 00117 } 00118 if (is_string($config)) $ret->loadIni($config); 00119 elseif (is_array($config)) $ret->loadArray($config); 00120 return $ret; 00121 } 00122 00129 public static function inherit(HTMLPurifier_Config $config) { 00130 return new HTMLPurifier_Config($config->def, $config->plist); 00131 } 00132 00137 public static function createDefault() { 00138 $definition = HTMLPurifier_ConfigSchema::instance(); 00139 $config = new HTMLPurifier_Config($definition); 00140 return $config; 00141 } 00142 00147 public function get($key, $a = null) { 00148 if ($a !== null) { 00149 $this->triggerError("Using deprecated API: use \$config->get('$key.$a') instead", E_USER_WARNING); 00150 $key = "$key.$a"; 00151 } 00152 if (!$this->finalized) $this->autoFinalize(); 00153 if (!isset($this->def->info[$key])) { 00154 // can't add % due to SimpleTest bug 00155 $this->triggerError('Cannot retrieve value of undefined directive ' . htmlspecialchars($key), 00156 E_USER_WARNING); 00157 return; 00158 } 00159 if (isset($this->def->info[$key]->isAlias)) { 00160 $d = $this->def->info[$key]; 00161 $this->triggerError('Cannot get value from aliased directive, use real name ' . $d->key, 00162 E_USER_ERROR); 00163 return; 00164 } 00165 if ($this->lock) { 00166 list($ns) = explode('.', $key); 00167 if ($ns !== $this->lock) { 00168 $this->triggerError('Cannot get value of namespace ' . $ns . ' when lock for ' . $this->lock . ' is active, this probably indicates a Definition setup method is accessing directives that are not within its namespace', E_USER_ERROR); 00169 return; 00170 } 00171 } 00172 return $this->plist->get($key); 00173 } 00174 00179 public function getBatch($namespace) { 00180 if (!$this->finalized) $this->autoFinalize(); 00181 $full = $this->getAll(); 00182 if (!isset($full[$namespace])) { 00183 $this->triggerError('Cannot retrieve undefined namespace ' . htmlspecialchars($namespace), 00184 E_USER_WARNING); 00185 return; 00186 } 00187 return $full[$namespace]; 00188 } 00189 00197 public function getBatchSerial($namespace) { 00198 if (empty($this->serials[$namespace])) { 00199 $batch = $this->getBatch($namespace); 00200 unset($batch['DefinitionRev']); 00201 $this->serials[$namespace] = md5(serialize($batch)); 00202 } 00203 return $this->serials[$namespace]; 00204 } 00205 00210 public function getSerial() { 00211 if (empty($this->serial)) { 00212 $this->serial = md5(serialize($this->getAll())); 00213 } 00214 return $this->serial; 00215 } 00216 00221 public function getAll() { 00222 if (!$this->finalized) $this->autoFinalize(); 00223 $ret = array(); 00224 foreach ($this->plist->squash() as $name => $value) { 00225 list($ns, $key) = explode('.', $name, 2); 00226 $ret[$ns][$key] = $value; 00227 } 00228 return $ret; 00229 } 00230 00236 public function set($key, $value, $a = null) { 00237 if (strpos($key, '.') === false) { 00238 $namespace = $key; 00239 $directive = $value; 00240 $value = $a; 00241 $key = "$key.$directive"; 00242 $this->triggerError("Using deprecated API: use \$config->set('$key', ...) instead", E_USER_NOTICE); 00243 } else { 00244 list($namespace) = explode('.', $key); 00245 } 00246 if ($this->isFinalized('Cannot set directive after finalization')) return; 00247 if (!isset($this->def->info[$key])) { 00248 $this->triggerError('Cannot set undefined directive ' . htmlspecialchars($key) . ' to value', 00249 E_USER_WARNING); 00250 return; 00251 } 00252 $def = $this->def->info[$key]; 00253 00254 if (isset($def->isAlias)) { 00255 if ($this->aliasMode) { 00256 $this->triggerError('Double-aliases not allowed, please fix '. 00257 'ConfigSchema bug with' . $key, E_USER_ERROR); 00258 return; 00259 } 00260 $this->aliasMode = true; 00261 $this->set($def->key, $value); 00262 $this->aliasMode = false; 00263 $this->triggerError("$key is an alias, preferred directive name is {$def->key}", E_USER_NOTICE); 00264 return; 00265 } 00266 00267 // Raw type might be negative when using the fully optimized form 00268 // of stdclass, which indicates allow_null == true 00269 $rtype = is_int($def) ? $def : $def->type; 00270 if ($rtype < 0) { 00271 $type = -$rtype; 00272 $allow_null = true; 00273 } else { 00274 $type = $rtype; 00275 $allow_null = isset($def->allow_null); 00276 } 00277 00278 try { 00279 $value = $this->parser->parse($value, $type, $allow_null); 00280 } catch (HTMLPurifier_VarParserException $e) { 00281 $this->triggerError('Value for ' . $key . ' is of invalid type, should be ' . HTMLPurifier_VarParser::getTypeName($type), E_USER_WARNING); 00282 return; 00283 } 00284 if (is_string($value) && is_object($def)) { 00285 // resolve value alias if defined 00286 if (isset($def->aliases[$value])) { 00287 $value = $def->aliases[$value]; 00288 } 00289 // check to see if the value is allowed 00290 if (isset($def->allowed) && !isset($def->allowed[$value])) { 00291 $this->triggerError('Value not supported, valid values are: ' . 00292 $this->_listify($def->allowed), E_USER_WARNING); 00293 return; 00294 } 00295 } 00296 $this->plist->set($key, $value); 00297 00298 // reset definitions if the directives they depend on changed 00299 // this is a very costly process, so it's discouraged 00300 // with finalization 00301 if ($namespace == 'HTML' || $namespace == 'CSS' || $namespace == 'URI') { 00302 $this->definitions[$namespace] = null; 00303 } 00304 00305 $this->serials[$namespace] = false; 00306 } 00307 00311 private function _listify($lookup) { 00312 $list = array(); 00313 foreach ($lookup as $name => $b) $list[] = $name; 00314 return implode(', ', $list); 00315 } 00316 00322 public function getHTMLDefinition($raw = false) { 00323 return $this->getDefinition('HTML', $raw); 00324 } 00325 00331 public function getCSSDefinition($raw = false) { 00332 return $this->getDefinition('CSS', $raw); 00333 } 00334 00340 public function getDefinition($type, $raw = false) { 00341 if (!$this->finalized) $this->autoFinalize(); 00342 // temporarily suspend locks, so we can handle recursive definition calls 00343 $lock = $this->lock; 00344 $this->lock = null; 00345 $factory = HTMLPurifier_DefinitionCacheFactory::instance(); 00346 $cache = $factory->create($type, $this); 00347 $this->lock = $lock; 00348 if (!$raw) { 00349 // see if we can quickly supply a definition 00350 if (!empty($this->definitions[$type])) { 00351 if (!$this->definitions[$type]->setup) { 00352 $this->definitions[$type]->setup($this); 00353 $cache->set($this->definitions[$type], $this); 00354 } 00355 return $this->definitions[$type]; 00356 } 00357 // memory check missed, try cache 00358 $this->definitions[$type] = $cache->get($this); 00359 if ($this->definitions[$type]) { 00360 // definition in cache, return it 00361 return $this->definitions[$type]; 00362 } 00363 } elseif ( 00364 !empty($this->definitions[$type]) && 00365 !$this->definitions[$type]->setup 00366 ) { 00367 // raw requested, raw in memory, quick return 00368 return $this->definitions[$type]; 00369 } 00370 // quick checks failed, let's create the object 00371 if ($type == 'HTML') { 00372 $this->definitions[$type] = new HTMLPurifier_HTMLDefinition(); 00373 } elseif ($type == 'CSS') { 00374 $this->definitions[$type] = new HTMLPurifier_CSSDefinition(); 00375 } elseif ($type == 'URI') { 00376 $this->definitions[$type] = new HTMLPurifier_URIDefinition(); 00377 } else { 00378 throw new HTMLPurifier_Exception("Definition of $type type not supported"); 00379 } 00380 // quick abort if raw 00381 if ($raw) { 00382 if (is_null($this->get($type . '.DefinitionID'))) { 00383 // fatally error out if definition ID not set 00384 throw new HTMLPurifier_Exception("Cannot retrieve raw version without specifying %$type.DefinitionID"); 00385 } 00386 return $this->definitions[$type]; 00387 } 00388 // set it up 00389 $this->lock = $type; 00390 $this->definitions[$type]->setup($this); 00391 $this->lock = null; 00392 // save in cache 00393 $cache->set($this->definitions[$type], $this); 00394 return $this->definitions[$type]; 00395 } 00396 00402 public function loadArray($config_array) { 00403 if ($this->isFinalized('Cannot load directives after finalization')) return; 00404 foreach ($config_array as $key => $value) { 00405 $key = str_replace('_', '.', $key); 00406 if (strpos($key, '.') !== false) { 00407 $this->set($key, $value); 00408 } else { 00409 $namespace = $key; 00410 $namespace_values = $value; 00411 foreach ($namespace_values as $directive => $value) { 00412 $this->set($namespace .'.'. $directive, $value); 00413 } 00414 } 00415 } 00416 } 00417 00424 public static function getAllowedDirectivesForForm($allowed, $schema = null) { 00425 if (!$schema) { 00426 $schema = HTMLPurifier_ConfigSchema::instance(); 00427 } 00428 if ($allowed !== true) { 00429 if (is_string($allowed)) $allowed = array($allowed); 00430 $allowed_ns = array(); 00431 $allowed_directives = array(); 00432 $blacklisted_directives = array(); 00433 foreach ($allowed as $ns_or_directive) { 00434 if (strpos($ns_or_directive, '.') !== false) { 00435 // directive 00436 if ($ns_or_directive[0] == '-') { 00437 $blacklisted_directives[substr($ns_or_directive, 1)] = true; 00438 } else { 00439 $allowed_directives[$ns_or_directive] = true; 00440 } 00441 } else { 00442 // namespace 00443 $allowed_ns[$ns_or_directive] = true; 00444 } 00445 } 00446 } 00447 $ret = array(); 00448 foreach ($schema->info as $key => $def) { 00449 list($ns, $directive) = explode('.', $key, 2); 00450 if ($allowed !== true) { 00451 if (isset($blacklisted_directives["$ns.$directive"])) continue; 00452 if (!isset($allowed_directives["$ns.$directive"]) && !isset($allowed_ns[$ns])) continue; 00453 } 00454 if (isset($def->isAlias)) continue; 00455 if ($directive == 'DefinitionID' || $directive == 'DefinitionRev') continue; 00456 $ret[] = array($ns, $directive); 00457 } 00458 return $ret; 00459 } 00460 00470 public static function loadArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { 00471 $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $schema); 00472 $config = HTMLPurifier_Config::create($ret, $schema); 00473 return $config; 00474 } 00475 00480 public function mergeArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true) { 00481 $ret = HTMLPurifier_Config::prepareArrayFromForm($array, $index, $allowed, $mq_fix, $this->def); 00482 $this->loadArray($ret); 00483 } 00484 00489 public static function prepareArrayFromForm($array, $index = false, $allowed = true, $mq_fix = true, $schema = null) { 00490 if ($index !== false) $array = (isset($array[$index]) && is_array($array[$index])) ? $array[$index] : array(); 00491 $mq = $mq_fix && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc(); 00492 00493 $allowed = HTMLPurifier_Config::getAllowedDirectivesForForm($allowed, $schema); 00494 $ret = array(); 00495 foreach ($allowed as $key) { 00496 list($ns, $directive) = $key; 00497 $skey = "$ns.$directive"; 00498 if (!empty($array["Null_$skey"])) { 00499 $ret[$ns][$directive] = null; 00500 continue; 00501 } 00502 if (!isset($array[$skey])) continue; 00503 $value = $mq ? stripslashes($array[$skey]) : $array[$skey]; 00504 $ret[$ns][$directive] = $value; 00505 } 00506 return $ret; 00507 } 00508 00513 public function loadIni($filename) { 00514 if ($this->isFinalized('Cannot load directives after finalization')) return; 00515 $array = parse_ini_file($filename, true); 00516 $this->loadArray($array); 00517 } 00518 00523 public function isFinalized($error = false) { 00524 if ($this->finalized && $error) { 00525 $this->triggerError($error, E_USER_ERROR); 00526 } 00527 return $this->finalized; 00528 } 00529 00534 public function autoFinalize() { 00535 if ($this->autoFinalize) { 00536 $this->finalize(); 00537 } else { 00538 $this->plist->squash(true); 00539 } 00540 } 00541 00545 public function finalize() { 00546 $this->finalized = true; 00547 unset($this->parser); 00548 } 00549 00555 protected function triggerError($msg, $no) { 00556 // determine previous stack frame 00557 $backtrace = debug_backtrace(); 00558 if ($this->chatty && isset($backtrace[1])) { 00559 $frame = $backtrace[1]; 00560 $extra = " on line {$frame['line']} in file {$frame['file']}"; 00561 } else { 00562 $extra = ''; 00563 } 00564 trigger_error($msg . $extra, $no); 00565 } 00566 00571 public function serialize() { 00572 $this->getDefinition('HTML'); 00573 $this->getDefinition('CSS'); 00574 $this->getDefinition('URI'); 00575 return serialize($this); 00576 } 00577 00578 } 00579 00580 // vim: et sw=4 sts=4
| Copyright © 2003 - 2009 MyOOS [Shopsystem]. All rights reserved. MyOOS [Shopsystem] is Free Software released under the GNU/GPL License. Webmaster: info@r23.de (Impressum) |
|