HTMLPurifier 4.4.0
|
00001 <?php 00002 00021 /* 00022 HTML Purifier 4.4.0 - Standards Compliant HTML Filtering 00023 Copyright (C) 2006-2008 Edward Z. Yang 00024 00025 This library is free software; you can redistribute it and/or 00026 modify it under the terms of the GNU Lesser General Public 00027 License as published by the Free Software Foundation; either 00028 version 2.1 of the License, or (at your option) any later version. 00029 00030 This library is distributed in the hope that it will be useful, 00031 but WITHOUT ANY WARRANTY; without even the implied warranty of 00032 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00033 Lesser General Public License for more details. 00034 00035 You should have received a copy of the GNU Lesser General Public 00036 License along with this library; if not, write to the Free Software 00037 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 00038 */ 00039 00054 class HTMLPurifier 00055 { 00056 00058 public $version = '4.4.0'; 00059 00061 const VERSION = '4.4.0'; 00062 00064 public $config; 00065 00067 private $filters = array(); 00068 00070 private static $instance; 00071 00072 protected $strategy, $generator; 00073 00078 public $context; 00079 00088 public function __construct($config = null) { 00089 00090 $this->config = HTMLPurifier_Config::create($config); 00091 00092 $this->strategy = new HTMLPurifier_Strategy_Core(); 00093 00094 } 00095 00100 public function addFilter($filter) { 00101 trigger_error('HTMLPurifier->addFilter() is deprecated, use configuration directives in the Filter namespace or Filter.Custom', E_USER_WARNING); 00102 $this->filters[] = $filter; 00103 } 00104 00115 public function purify($html, $config = null) { 00116 00117 // :TODO: make the config merge in, instead of replace 00118 $config = $config ? HTMLPurifier_Config::create($config) : $this->config; 00119 00120 // implementation is partially environment dependant, partially 00121 // configuration dependant 00122 $lexer = HTMLPurifier_Lexer::create($config); 00123 00124 $context = new HTMLPurifier_Context(); 00125 00126 // setup HTML generator 00127 $this->generator = new HTMLPurifier_Generator($config, $context); 00128 $context->register('Generator', $this->generator); 00129 00130 // set up global context variables 00131 if ($config->get('Core.CollectErrors')) { 00132 // may get moved out if other facilities use it 00133 $language_factory = HTMLPurifier_LanguageFactory::instance(); 00134 $language = $language_factory->create($config, $context); 00135 $context->register('Locale', $language); 00136 00137 $error_collector = new HTMLPurifier_ErrorCollector($context); 00138 $context->register('ErrorCollector', $error_collector); 00139 } 00140 00141 // setup id_accumulator context, necessary due to the fact that 00142 // AttrValidator can be called from many places 00143 $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context); 00144 $context->register('IDAccumulator', $id_accumulator); 00145 00146 $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context); 00147 00148 // setup filters 00149 $filter_flags = $config->getBatch('Filter'); 00150 $custom_filters = $filter_flags['Custom']; 00151 unset($filter_flags['Custom']); 00152 $filters = array(); 00153 foreach ($filter_flags as $filter => $flag) { 00154 if (!$flag) continue; 00155 if (strpos($filter, '.') !== false) continue; 00156 $class = "HTMLPurifier_Filter_$filter"; 00157 $filters[] = new $class; 00158 } 00159 foreach ($custom_filters as $filter) { 00160 // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat 00161 $filters[] = $filter; 00162 } 00163 $filters = array_merge($filters, $this->filters); 00164 // maybe prepare(), but later 00165 00166 for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) { 00167 $html = $filters[$i]->preFilter($html, $config, $context); 00168 } 00169 00170 // purified HTML 00171 $html = 00172 $this->generator->generateFromTokens( 00173 // list of tokens 00174 $this->strategy->execute( 00175 // list of un-purified tokens 00176 $lexer->tokenizeHTML( 00177 // un-purified HTML 00178 $html, $config, $context 00179 ), 00180 $config, $context 00181 ) 00182 ); 00183 00184 for ($i = $filter_size - 1; $i >= 0; $i--) { 00185 $html = $filters[$i]->postFilter($html, $config, $context); 00186 } 00187 00188 $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context); 00189 $this->context =& $context; 00190 return $html; 00191 } 00192 00199 public function purifyArray($array_of_html, $config = null) { 00200 $context_array = array(); 00201 foreach ($array_of_html as $key => $html) { 00202 $array_of_html[$key] = $this->purify($html, $config); 00203 $context_array[$key] = $this->context; 00204 } 00205 $this->context = $context_array; 00206 return $array_of_html; 00207 } 00208 00215 public static function instance($prototype = null) { 00216 if (!self::$instance || $prototype) { 00217 if ($prototype instanceof HTMLPurifier) { 00218 self::$instance = $prototype; 00219 } elseif ($prototype) { 00220 self::$instance = new HTMLPurifier($prototype); 00221 } else { 00222 self::$instance = new HTMLPurifier(); 00223 } 00224 } 00225 return self::$instance; 00226 } 00227 00231 public static function getInstance($prototype = null) { 00232 return HTMLPurifier::instance($prototype); 00233 } 00234 00235 } 00236 00237 // vim: et sw=4 sts=4