tyler.durden/icingaweb2
1
0
Fork 0
mirror of https://github.com/Icinga/icingaweb2.git synced 2025-07-27 07:44:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into feature/query-interfaces-6018

Browse Source
This commit is contained in:
Thomas Gelf 2014-05-09 16:29:54 +00:00
commit 339460fee4
510 changed files with 17396 additions and 16088 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
application/layouts/scripts/parts/navigation.phtml
View File

@ -14,7 +14,7 @@ $menu = Menu::fromConfig();
?> ?>
<div id="menu" data-base-target="_main"> <div id="menu" data-base-target="_main">
<form action="<?= $this->href('search') ?>" method="get"> <form action="<?= $this->href('search') ?>" method="get">
<input type="text" name="q" class="search" placeholder="Search..." autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" /> <input type="text" name="q" class="search autofocus" placeholder="Search..." autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" />
</form> </form>
<?= $this->partial('parts/menu.phtml', array( <?= $this->partial('parts/menu.phtml', array(
'items' => $menu->getChildren(), 'items' => $menu->getChildren(),

330
library/vendor/JShrink/Minifier.php vendored
View File

@ -84,22 +84,37 @@ class Minifier
protected static $defaultOptions = array('flaggedComments' => true); protected static $defaultOptions = array('flaggedComments' => true);
/** /**
* Minifier::minify takes a string containing javascript and removes * Contains lock ids which are used to replace certain code patterns and
* unneeded characters in order to shrink the code without altering it's * prevent them from being minified
* functionality. *
* @var array
*/
protected $locks = array();
/**
* Takes a string containing javascript and removes unneeded characters in
* order to shrink the code without altering it's functionality.
*
* @param string $js The raw javascript to be minified
* @param array $options Various runtime options in an associative array
* @throws \Exception
* @return bool|string
*/ */
public static function minify($js, $options = array()) public static function minify($js, $options = array())
{ {
try { try {
ob_start(); ob_start();
$currentOptions = array_merge(static::$defaultOptions, $options);
$jshrink = new Minifier(); $jshrink = new Minifier();
$jshrink->breakdownScript($js, $currentOptions); $js = $jshrink->lock($js);
unset($jshrink); $jshrink->minifyDirectToOutput($js, $options);
// Sometimes there's a leading new line, so we trim that out here. // Sometimes there's a leading new line, so we trim that out here.
return ltrim(ob_get_clean()); $js = ltrim(ob_get_clean());
$js = $jshrink->unlock($js);
unset($jshrink);
return $js;
} catch (\Exception $e) { } catch (\Exception $e) {
@ -120,13 +135,25 @@ class Minifier
* Processes a javascript string and outputs only the required characters, * Processes a javascript string and outputs only the required characters,
* stripping out all unneeded characters. * stripping out all unneeded characters.
* *
* @param string $js The raw javascript to be minified * @param string $js The raw javascript to be minified
* @param array $currentOptions Various runtime options in an associative array * @param array $options Various runtime options in an associative array
*/ */
protected function breakdownScript($js, $currentOptions) protected function minifyDirectToOutput($js, $options)
{ {
$this->options = $currentOptions; $this->initialize($js, $options);
$this->loop();
$this->clean();
}
/**
* Initializes internal variables, normalizes new lines,
*
* @param string $js The raw javascript to be minified
* @param array $options Various runtime options in an associative array
*/
protected function initialize($js, $options)
{
$this->options = array_merge(static::$defaultOptions, $options);
$js = str_replace("\r\n", "\n", $js); $js = str_replace("\r\n", "\n", $js);
$this->input = str_replace("\r", "\n", $js); $this->input = str_replace("\r", "\n", $js);
@ -135,46 +162,36 @@ class Minifier
// comment error that can otherwise occur. // comment error that can otherwise occur.
$this->input .= PHP_EOL; $this->input .= PHP_EOL;
// Populate "a" with a new line, "b" with the first character, before
$this->a = $this->getReal(); // entering the loop
$this->a = "\n";
// the only time the length can be higher than 1 is if a conditional
// comment needs to be displayed and the only time that can happen for
// $a is on the very first run
while (strlen($this->a) > 1) {
echo $this->a;
$this->a = $this->getReal();
}
$this->b = $this->getReal(); $this->b = $this->getReal();
}
/**
* The primary action occurs here. This function loops through the input string,
* outputting anything that's relevant and discarding anything that is not.
*/
protected function loop()
{
while ($this->a !== false && !is_null($this->a) && $this->a !== '') { while ($this->a !== false && !is_null($this->a) && $this->a !== '') {
// now we give $b the same check for conditional comments we gave $a
// before we began looping
if (strlen($this->b) > 1) {
echo $this->a . $this->b;
$this->a = $this->getReal();
$this->b = $this->getReal();
continue;
}
switch ($this->a) { switch ($this->a) {
// new lines // new lines
case "\n": case "\n":
// if the next line is something that can't stand alone // if the next line is something that can't stand alone preserve the newline
// preserve the newline
if (strpos('(-+{[@', $this->b) !== false) { if (strpos('(-+{[@', $this->b) !== false) {
echo $this->a; echo $this->a;
$this->saveString(); $this->saveString();
break; break;
} }
// if its a space we move down to the string test below // if B is a space we skip the rest of the switch block and go down to the
// string/regex check below, resetting $this->b with getReal
if($this->b === ' ') if($this->b === ' ')
break; break;
// otherwise we treat the newline like a space // otherwise we treat the newline like a space
case ' ': case ' ':
if(static::isAlphaNumeric($this->b)) if(static::isAlphaNumeric($this->b))
@ -221,7 +238,20 @@ class Minifier
if(($this->b == '/' && strpos('(,=:[!&|?', $this->a) !== false)) if(($this->b == '/' && strpos('(,=:[!&|?', $this->a) !== false))
$this->saveRegex(); $this->saveRegex();
} }
$this->clean(); }
/**
* Resets attributes that do not need to be stored between requests so that
* the next request is ready to go. Another reason for this is to make sure
* the variables are cleared and are not taking up memory.
*/
protected function clean()
{
unset($this->input);
$this->index = 0;
$this->a = $this->b = '';
unset($this->c);
unset($this->options);
} }
/** /**
@ -264,76 +294,112 @@ class Minifier
* performance benefits as the skipping is done using native functions (ie, * performance benefits as the skipping is done using native functions (ie,
* c code) rather than in script php. * c code) rather than in script php.
* *
* @throws \RuntimeException *
* @return string Next 'real' character to be processed. * @return string Next 'real' character to be processed.
* @throws \RuntimeException
*/ */
protected function getReal() protected function getReal()
{ {
$startIndex = $this->index; $startIndex = $this->index;
$char = $this->getChar(); $char = $this->getChar();
// Check to see if we're potentially in a comment // Check to see if we're potentially in a comment
if ($char == '/') { if ($char !== '/') {
$this->c = $this->getChar(); return $char;
if ($this->c == '/') {
$thirdCommentString = substr($this->input, $this->index, 1);
// kill rest of line
$char = $this->getNext("\n");
if ($thirdCommentString == '@') {
$endPoint = ($this->index) - $startIndex;
unset($this->c);
$char = "\n" . substr($this->input, $startIndex, $endPoint);
} else {
$char = $this->getChar();
$char = $this->getChar();
}
} elseif ($this->c == '*') {
$this->getChar(); // current C
$thirdCommentString = $this->getChar();
if ($thirdCommentString == '@') {
// conditional comment
// we're gonna back up a bit and and send the comment back,
// where the first char will be echoed and the rest will be
// treated like a string
$this->index = $this->index-2;
return '/';
} elseif ($this->getNext('*/')) {
// kill everything up to the next */
$this->getChar(); // get *
$this->getChar(); // get /
$char = $this->getChar(); // get next real character
// if YUI-style comments are enabled we reinsert it into the stream
if ($this->options['flaggedComments'] && $thirdCommentString == '!') {
$endPoint = ($this->index - 1) - $startIndex;
echo "\n" . substr($this->input, $startIndex, $endPoint) . "\n";
}
} else {
$char = false;
}
if($char === false)
throw new \RuntimeException('Unclosed multiline comment at position: ' . ($this->index - 2));
// if we're here c is part of the comment and therefore tossed
if(isset($this->c))
unset($this->c);
}
} }
$this->c = $this->getChar();
if ($this->c == '/') {
return $this->processOneLineComments($startIndex);
} elseif ($this->c == '*') {
return $this->processMultiLineComments($startIndex);
}
return $char;
}
/**
* Removed one line comments, with the exception of some very specific types of
* conditional comments.
*
* @param int $startIndex The index point where "getReal" function started
* @return string
*/
protected function processOneLineComments($startIndex)
{
$thirdCommentString = substr($this->input, $this->index, 1);
// kill rest of line
$this->getNext("\n");
if ($thirdCommentString == '@') {
$endPoint = ($this->index) - $startIndex;
unset($this->c);
$char = "\n" . substr($this->input, $startIndex, $endPoint);
} else {
// first one is contents of $this->c
$this->getChar();
$char = $this->getChar();
}
return $char;
}
/**
* Skips multiline comments where appropriate, and includes them where needed.
* Conditional comments and "license" style blocks are preserved.
*
* @param int $startIndex The index point where "getReal" function started
* @return bool|string False if there's no character
* @throws \RuntimeException Unclosed comments will throw an error
*/
protected function processMultiLineComments($startIndex)
{
$this->getChar(); // current C
$thirdCommentString = $this->getChar();
// kill everything up to the next */ if it's there
if ($this->getNext('*/')) {
$this->getChar(); // get *
$this->getChar(); // get /
$char = $this->getChar(); // get next real character
// Now we reinsert conditional comments and YUI-style licensing comments
if (($this->options['flaggedComments'] && $thirdCommentString == '!')
|| ($thirdCommentString == '@') ) {
// If conditional comments or flagged comments are not the first thing in the script
// we need to echo a and fill it with a space before moving on.
if ($startIndex > 0) {
echo $this->a;
$this->a = " ";
// If the comment started on a new line we let it stay on the new line
if ($this->input[($startIndex - 1)] == "\n") {
echo "\n";
}
}
$endPoint = ($this->index - 1) - $startIndex;
echo substr($this->input, $startIndex, $endPoint);
return $char;
}
} else {
$char = false;
}
if($char === false)
throw new \RuntimeException('Unclosed multiline comment at position: ' . ($this->index - 2));
// if we're here c is part of the comment and therefore tossed
if(isset($this->c))
unset($this->c);
return $char; return $char;
} }
@ -342,7 +408,7 @@ class Minifier
* is found the first character of the string is returned and the index is set * is found the first character of the string is returned and the index is set
* to it's position. * to it's position.
* *
* @param $string * @param string $string
* @return string|false Returns the first character of the string or false. * @return string|false Returns the first character of the string or false.
*/ */
protected function getNext($string) protected function getNext($string)
@ -366,6 +432,7 @@ class Minifier
* When a javascript string is detected this function crawls for the end of * When a javascript string is detected this function crawls for the end of
* it and saves the whole string. * it and saves the whole string.
* *
* @throws \RuntimeException Unclosed strings will throw an error
*/ */
protected function saveString() protected function saveString()
{ {
@ -386,7 +453,6 @@ class Minifier
// Echo out that starting quote // Echo out that starting quote
echo $this->a; echo $this->a;
// Loop until the string is done // Loop until the string is done
while (1) { while (1) {
@ -401,8 +467,6 @@ class Minifier
case $stringType: case $stringType:
break 2; break 2;
// New lines in strings without line delimiters are bad- actual // New lines in strings without line delimiters are bad- actual
// new lines will be represented by the string \n and not the actual // new lines will be represented by the string \n and not the actual
// character, so those will be treated just fine using the switch // character, so those will be treated just fine using the switch
@ -411,7 +475,6 @@ class Minifier
throw new \RuntimeException('Unclosed string at position: ' . $startpos ); throw new \RuntimeException('Unclosed string at position: ' . $startpos );
break; break;
// Escaped characters get picked up here. If it's an escaped new line it's not really needed // Escaped characters get picked up here. If it's an escaped new line it's not really needed
case '\\': case '\\':
@ -435,15 +498,14 @@ class Minifier
default: default:
echo $this->a; echo $this->a;
} }
// Echo a- it'll be set to the next char at the start of the loop
// echo $this->a;
} }
} }
/** /**
* When a regular expression is detected this function crawls for the end of * When a regular expression is detected this function crawls for the end of
* it and saves the whole regex. * it and saves the whole regex.
*
* @throws \RuntimeException Unclosed regex will throw an error
*/ */
protected function saveRegex() protected function saveRegex()
{ {
@ -466,24 +528,10 @@ class Minifier
$this->b = $this->getReal(); $this->b = $this->getReal();
} }
/**
* Resets attributes that do not need to be stored between requests so that
* the next request is ready to go. Another reason for this is to make sure
* the variables are cleared and are not taking up memory.
*/
protected function clean()
{
unset($this->input);
$this->index = 0;
$this->a = $this->b = '';
unset($this->c);
unset($this->options);
}
/** /**
* Checks to see if a character is alphanumeric. * Checks to see if a character is alphanumeric.
* *
* @param $char string Just one character * @param string $char Just one character
* @return bool * @return bool
*/ */
protected static function isAlphaNumeric($char) protected static function isAlphaNumeric($char)
@ -491,4 +539,48 @@ class Minifier
return preg_match('/^[\w\$]$/', $char) === 1 || $char == '/'; return preg_match('/^[\w\$]$/', $char) === 1 || $char == '/';
} }
/**
* Replace patterns in the given string and store the replacement
*
* @param string $js The string to lock
* @return bool
*/
protected function lock($js)
{
/* lock things like <code>"asd" + ++x;</code> */
$lock = '"LOCK---' . crc32(time()) . '"';
$matches = array();
preg_match('/([+-])(\s+)([+-])/', $js, $matches);
if (empty($matches)) {
return $js;
}
$this->locks[$lock] = $matches[2];
$js = preg_replace('/([+-])\s+([+-])/', "$1{$lock}$2", $js);
/* -- */
return $js;
}
/**
* Replace "locks" with the original characters
*
* @param string $js The string to unlock
* @return bool
*/
protected function unlock($js)
{
if (!count($this->locks)) {
return $js;
}
foreach ($this->locks as $lock => $replacement) {
$js = str_replace($lock, $replacement, $js);
}
return $js;
}
} }

3
library/vendor/JShrink/SOURCE vendored
View File

@ -1,2 +1 @@
https://github.com/tedivm/JShrink.git https://github.com/tedivm/JShrink/releases/tag/v1.0.0
d9238750fdf763dc4f38631be64866fd84fe5ec8

3
library/vendor/Parsedown/.gitignore vendored
View File

@ -1,3 +0,0 @@
.DS_Store
.idea
nbproject

2204
library/vendor/Parsedown/Parsedown.php vendored
View File

File diff suppressed because it is too large Load Diff

31
library/vendor/Parsedown/README.md vendored
View File

@ -1,31 +0,0 @@
## Parsedown
Better [Markdown](http://en.wikipedia.org/wiki/Markdown) parser for PHP.
***
[ [demo](http://parsedown.org/demo) ] [ [tests](http://parsedown.org/tests/) ]
***
### Features
* [fast](http://parsedown.org/speed)
* [consistent](http://parsedown.org/consistency)
* [GitHub Flavored](https://help.github.com/articles/github-flavored-markdown)
* friendly to international input
* [tested](https://travis-ci.org/erusev/parsedown) in PHP 5.2, 5.3, 5.4, 5.5 and [hhvm](http://www.hhvm.com/)
### Installation
Include `Parsedown.php` or install [the composer package](https://packagist.org/packages/erusev/parsedown).
### Example
```php
$text = 'Hello _Parsedown_!';
$result = Parsedown::instance()->parse($text);
echo $result; # prints: <p>Hello <em>Parsedown</em>!</p>
```

6
library/vendor/Parsedown/SOURCE vendored Normal file
View File

@ -0,0 +1,6 @@
RELEASE=1.0.0-rc.4
FILENAME=parsedown-$RELEASE
DESTINATION=.
wget -O ${FILENAME}.tar.gz https://github.com/erusev/parsedown/archive/${RELEASE}.tar.gz
tar xfz ${FILENAME}.tar.gz -C $DESTINATION/ --strip-components 1 $FILENAME/Parsedown.php $FILENAME/LICENSE.txt
chmod 644 $DESTINATION/Parsedown.php

1
library/vendor/Parsedown/VERSION.txt vendored
View File

@ -1 +0,0 @@
0.8.3

21
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/AlphaValue.php vendored
View File

@ -1,21 +0,0 @@
<?php
class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Number
{
public function __construct() {
parent::__construct(false); // opacity is non-negative, but we will clamp it
}
public function validate($number, $config, $context) {
$result = parent::validate($number, $config, $context);
if ($result === false) return $result;
$float = (float) $result;
if ($float < 0.0) $result = '0';
if ($float > 1.0) $result = '1';
return $result;
}
}
// vim: et sw=4 sts=4

28
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php vendored
View File

@ -1,28 +0,0 @@
<?php
/**
* Decorator which enables CSS properties to be disabled for specific elements.
*/
class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef
{
public $def, $element;
/**
* @param $def Definition to wrap
* @param $element Element to deny
*/
public function __construct($def, $element) {
$this->def = $def;
$this->element = $element;
}
/**
* Checks if CurrentToken is set and equal to $this->element
*/
public function validate($string, $config, $context) {
$token = $context->get('CurrentToken', true);
if ($token && $token->name == $this->element) return false;
return $this->def->validate($string, $config, $context);
}
}
// vim: et sw=4 sts=4

24
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Ident.php vendored
View File

@ -1,24 +0,0 @@
<?php
/**
* Validates based on {ident} CSS grammar production
*/
class HTMLPurifier_AttrDef_CSS_Ident extends HTMLPurifier_AttrDef
{
public function validate($string, $config, $context) {
$string = trim($string);
// early abort: '' and '0' (strings that convert to false) are invalid
if (!$string) return false;
$pattern = '/^(-?[A-Za-z_][A-Za-z_\-0-9]*)$/';
if (!preg_match($pattern, $string)) return false;
return $string;
}
}
// vim: et sw=4 sts=4

47
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Length.php vendored
View File

@ -1,47 +0,0 @@
<?php
/**
* Represents a Length as defined by CSS.
*/
class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef
{
protected $min, $max;
/**
* @param HTMLPurifier_Length $max Minimum length, or null for no bound. String is also acceptable.
* @param HTMLPurifier_Length $max Maximum length, or null for no bound. String is also acceptable.
*/
public function __construct($min = null, $max = null) {
$this->min = $min !== null ? HTMLPurifier_Length::make($min) : null;
$this->max = $max !== null ? HTMLPurifier_Length::make($max) : null;
}
public function validate($string, $config, $context) {
$string = $this->parseCDATA($string);
// Optimizations
if ($string === '') return false;
if ($string === '0') return '0';
if (strlen($string) === 1) return false;
$length = HTMLPurifier_Length::make($string);
if (!$length->isValid()) return false;
if ($this->min) {
$c = $length->compareTo($this->min);
if ($c === false) return false;
if ($c < 0) return false;
}
if ($this->max) {
$c = $length->compareTo($this->max);
if ($c === false) return false;
if ($c > 0) return false;
}
return $length->toString();
}
}
// vim: et sw=4 sts=4

78
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/ListStyle.php vendored
View File

@ -1,78 +0,0 @@
<?php
/**
* Validates shorthand CSS property list-style.
* @warning Does not support url tokens that have internal spaces.
*/
class HTMLPurifier_AttrDef_CSS_ListStyle extends HTMLPurifier_AttrDef
{
/**
* Local copy of component validators.
* @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl.
*/
protected $info;
public function __construct($config) {
$def = $config->getCSSDefinition();
$this->info['list-style-type'] = $def->info['list-style-type'];
$this->info['list-style-position'] = $def->info['list-style-position'];
$this->info['list-style-image'] = $def->info['list-style-image'];
}
public function validate($string, $config, $context) {
// regular pre-processing
$string = $this->parseCDATA($string);
if ($string === '') return false;
// assumes URI doesn't have spaces in it
$bits = explode(' ', strtolower($string)); // bits to process
$caught = array();
$caught['type'] = false;
$caught['position'] = false;
$caught['image'] = false;
$i = 0; // number of catches
$none = false;
foreach ($bits as $bit) {
if ($i >= 3) return; // optimization bit
if ($bit === '') continue;
foreach ($caught as $key => $status) {
if ($status !== false) continue;
$r = $this->info['list-style-' . $key]->validate($bit, $config, $context);
if ($r === false) continue;
if ($r === 'none') {
if ($none) continue;
else $none = true;
if ($key == 'image') continue;
}
$caught[$key] = $r;
$i++;
break;
}
}
if (!$i) return false;
$ret = array();
// construct type
if ($caught['type']) $ret[] = $caught['type'];
// construct image
if ($caught['image']) $ret[] = $caught['image'];
// construct position
if ($caught['position']) $ret[] = $caught['position'];
if (empty($ret)) return false;
return implode(' ', $ret);
}
}
// vim: et sw=4 sts=4

40
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Percentage.php vendored
View File

@ -1,40 +0,0 @@
<?php
/**
* Validates a Percentage as defined by the CSS spec.
*/
class HTMLPurifier_AttrDef_CSS_Percentage extends HTMLPurifier_AttrDef
{
/**
* Instance of HTMLPurifier_AttrDef_CSS_Number to defer number validation
*/
protected $number_def;
/**
* @param Bool indicating whether to forbid negative values
*/
public function __construct($non_negative = false) {
$this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
}
public function validate($string, $config, $context) {
$string = $this->parseCDATA($string);
if ($string === '') return false;
$length = strlen($string);
if ($length === 1) return false;
if ($string[$length - 1] !== '%') return false;
$number = substr($string, 0, $length - 1);
$number = $this->number_def->validate($number, $config, $context);
if ($number === false) return false;
return "$number%";
}
}
// vim: et sw=4 sts=4

28
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/Clone.php vendored
View File

@ -1,28 +0,0 @@
<?php
/**
* Dummy AttrDef that mimics another AttrDef, BUT it generates clones
* with make.
*/
class HTMLPurifier_AttrDef_Clone extends HTMLPurifier_AttrDef
{
/**
* What we're cloning
*/
protected $clone;
public function __construct($clone) {
$this->clone = $clone;
}
public function validate($v, $config, $context) {
return $this->clone->validate($v, $config, $context);
}
public function make($string) {
return clone $this->clone;
}
}
// vim: et sw=4 sts=4

28
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/HTML/Bool.php vendored
View File

@ -1,28 +0,0 @@
<?php
/**
* Validates a boolean attribute
*/
class HTMLPurifier_AttrDef_HTML_Bool extends HTMLPurifier_AttrDef
{
protected $name;
public $minimized = true;
public function __construct($name = false) {$this->name = $name;}
public function validate($string, $config, $context) {
if (empty($string)) return false;
return $this->name;
}
/**
* @param $string Name of attribute
*/
public function make($string) {
return new HTMLPurifier_AttrDef_HTML_Bool($string);
}
}
// vim: et sw=4 sts=4

33
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/HTML/Color.php vendored
View File

@ -1,33 +0,0 @@
<?php
/**
* Validates a color according to the HTML spec.
*/
class HTMLPurifier_AttrDef_HTML_Color extends HTMLPurifier_AttrDef
{
public function validate($string, $config, $context) {
static $colors = null;
if ($colors === null) $colors = $config->get('Core.ColorKeywords');
$string = trim($string);
if (empty($string)) return false;
$lower = strtolower($string);
if (isset($colors[$lower])) return $colors[$lower];
if ($string[0] === '#') $hex = substr($string, 1);
else $hex = $string;
$length = strlen($hex);
if ($length !== 3 && $length !== 6) return false;
if (!ctype_xdigit($hex)) return false;
if ($length === 3) $hex = $hex[0].$hex[0].$hex[1].$hex[1].$hex[2].$hex[2];
return "#$hex";
}
}
// vim: et sw=4 sts=4

21
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/HTML/FrameTarget.php vendored
View File

@ -1,21 +0,0 @@
<?php
/**
* Special-case enum attribute definition that lazy loads allowed frame targets
*/
class HTMLPurifier_AttrDef_HTML_FrameTarget extends HTMLPurifier_AttrDef_Enum
{
public $valid_values = false; // uninitialized value
protected $case_sensitive = false;
public function __construct() {}
public function validate($string, $config, $context) {
if ($this->valid_values === false) $this->valid_values = $config->get('Attr.AllowedFrameTargets');
return parent::validate($string, $config, $context);
}
}
// vim: et sw=4 sts=4

41
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/HTML/Length.php vendored
View File

@ -1,41 +0,0 @@
<?php
/**
* Validates the HTML type length (not to be confused with CSS's length).
*
* This accepts integer pixels or percentages as lengths for certain
* HTML attributes.
*/
class HTMLPurifier_AttrDef_HTML_Length extends HTMLPurifier_AttrDef_HTML_Pixels
{
public function validate($string, $config, $context) {
$string = trim($string);
if ($string === '') return false;
$parent_result = parent::validate($string, $config, $context);
if ($parent_result !== false) return $parent_result;
$length = strlen($string);
$last_char = $string[$length - 1];
if ($last_char !== '%') return false;
$points = substr($string, 0, $length - 1);
if (!is_numeric($points)) return false;
$points = (int) $points;
if ($points < 0) return '0%';
if ($points > 100) return '100%';
return ((string) $points) . '%';
}
}
// vim: et sw=4 sts=4

41
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/HTML/MultiLength.php vendored
View File

@ -1,41 +0,0 @@
<?php
/**
* Validates a MultiLength as defined by the HTML spec.
*
* A multilength is either a integer (pixel count), a percentage, or
* a relative number.
*/
class HTMLPurifier_AttrDef_HTML_MultiLength extends HTMLPurifier_AttrDef_HTML_Length
{
public function validate($string, $config, $context) {
$string = trim($string);
if ($string === '') return false;
$parent_result = parent::validate($string, $config, $context);
if ($parent_result !== false) return $parent_result;
$length = strlen($string);
$last_char = $string[$length - 1];
if ($last_char !== '*') return false;
$int = substr($string, 0, $length - 1);
if ($int == '') return '*';
if (!is_numeric($int)) return false;
$int = (int) $int;
if ($int < 0) return false;
if ($int == 0) return '0';
if ($int == 1) return '*';
return ((string) $int) . '*';
}
}
// vim: et sw=4 sts=4

48
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/HTML/Pixels.php vendored
View File

@ -1,48 +0,0 @@
<?php
/**
* Validates an integer representation of pixels according to the HTML spec.
*/
class HTMLPurifier_AttrDef_HTML_Pixels extends HTMLPurifier_AttrDef
{
protected $max;
public function __construct($max = null) {
$this->max = $max;
}
public function validate($string, $config, $context) {
$string = trim($string);
if ($string === '0') return $string;
if ($string === '') return false;
$length = strlen($string);
if (substr($string, $length - 2) == 'px') {
$string = substr($string, 0, $length - 2);
}
if (!is_numeric($string)) return false;
$int = (int) $string;
if ($int < 0) return '0';
// upper-bound value, extremely high values can
// crash operating systems, see <http://ha.ckers.org/imagecrash.html>
// WARNING, above link WILL crash you if you're using Windows
if ($this->max !== null && $int > $this->max) return (string) $this->max;
return (string) $int;
}
public function make($string) {
if ($string === '') $max = null;
else $max = (int) $string;
$class = get_class($this);
return new $class($max);
}
}
// vim: et sw=4 sts=4

15
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/Text.php vendored
View File

@ -1,15 +0,0 @@
<?php
/**
* Validates arbitrary text according to the HTML spec.
*/
class HTMLPurifier_AttrDef_Text extends HTMLPurifier_AttrDef
{
public function validate($string, $config, $context) {
return $this->parseCDATA($string);
}
}
// vim: et sw=4 sts=4

99
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/URI/IPv6.php vendored
View File

@ -1,99 +0,0 @@
<?php
/**
* Validates an IPv6 address.
* @author Feyd @ forums.devnetwork.net (public domain)
* @note This function requires brackets to have been removed from address
* in URI.
*/
class HTMLPurifier_AttrDef_URI_IPv6 extends HTMLPurifier_AttrDef_URI_IPv4
{
public function validate($aIP, $config, $context) {
if (!$this->ip4) $this->_loadRegex();
$original = $aIP;
$hex = '[0-9a-fA-F]';
$blk = '(?:' . $hex . '{1,4})';
$pre = '(?:/(?:12[0-8]|1[0-1][0-9]|[1-9][0-9]|[0-9]))'; // /0 - /128
// prefix check
if (strpos($aIP, '/') !== false)
{
if (preg_match('#' . $pre . '$#s', $aIP, $find))
{
$aIP = substr($aIP, 0, 0-strlen($find[0]));
unset($find);
}
else
{
return false;
}
}
// IPv4-compatiblity check
if (preg_match('#(?<=:'.')' . $this->ip4 . '$#s', $aIP, $find))
{
$aIP = substr($aIP, 0, 0-strlen($find[0]));
$ip = explode('.', $find[0]);
$ip = array_map('dechex', $ip);
$aIP .= $ip[0] . $ip[1] . ':' . $ip[2] . $ip[3];
unset($find, $ip);
}
// compression check
$aIP = explode('::', $aIP);
$c = count($aIP);
if ($c > 2)
{
return false;
}
elseif ($c == 2)
{
list($first, $second) = $aIP;
$first = explode(':', $first);
$second = explode(':', $second);
if (count($first) + count($second) > 8)
{
return false;
}
while(count($first) < 8)
{
array_push($first, '0');
}
array_splice($first, 8 - count($second), 8, $second);
$aIP = $first;
unset($first,$second);
}
else
{
$aIP = explode(':', $aIP[0]);
}
$c = count($aIP);
if ($c != 8)
{
return false;
}
// All the pieces should be 16-bit hex strings. Are they?
foreach ($aIP as $piece)
{
if (!preg_match('#^[0-9a-fA-F]{4}$#s', sprintf('%04s', $piece)))
{
return false;
}
}
return $original;
}
}
// vim: et sw=4 sts=4

36
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrTransform/BoolToCSS.php vendored
View File

@ -1,36 +0,0 @@
<?php
/**
* Pre-transform that changes converts a boolean attribute to fixed CSS
*/
class HTMLPurifier_AttrTransform_BoolToCSS extends HTMLPurifier_AttrTransform {
/**
* Name of boolean attribute that is trigger
*/
protected $attr;
/**
* CSS declarations to add to style, needs trailing semicolon
*/
protected $css;
/**
* @param $attr string attribute name to convert from
* @param $css string CSS declarations to add to style (needs semicolon)
*/
public function __construct($attr, $css) {
$this->attr = $attr;
$this->css = $css;
}
public function transform($attr, $config, $context) {
if (!isset($attr[$this->attr])) return $attr;
unset($attr[$this->attr]);
$this->prependCSS($attr, $this->css);
return $attr;
}
}
// vim: et sw=4 sts=4

58
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrTransform/EnumToCSS.php vendored
View File

@ -1,58 +0,0 @@
<?php
/**
* Generic pre-transform that converts an attribute with a fixed number of
* values (enumerated) to CSS.
*/
class HTMLPurifier_AttrTransform_EnumToCSS extends HTMLPurifier_AttrTransform {
/**
* Name of attribute to transform from
*/
protected $attr;
/**
* Lookup array of attribute values to CSS
*/
protected $enumToCSS = array();
/**
* Case sensitivity of the matching
* @warning Currently can only be guaranteed to work with ASCII
* values.
*/
protected $caseSensitive = false;
/**
* @param $attr String attribute name to transform from
* @param $enumToCSS Lookup array of attribute values to CSS
* @param $case_sensitive Boolean case sensitivity indicator, default false
*/
public function __construct($attr, $enum_to_css, $case_sensitive = false) {
$this->attr = $attr;
$this->enumToCSS = $enum_to_css;
$this->caseSensitive = (bool) $case_sensitive;
}
public function transform($attr, $config, $context) {
if (!isset($attr[$this->attr])) return $attr;
$value = trim($attr[$this->attr]);
unset($attr[$this->attr]);
if (!$this->caseSensitive) $value = strtolower($value);
if (!isset($this->enumToCSS[$value])) {
return $attr;
}
$this->prependCSS($attr, $this->enumToCSS[$value]);
return $attr;
}
}
// vim: et sw=4 sts=4

27
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrTransform/Length.php vendored
View File

@ -1,27 +0,0 @@
<?php
/**
* Class for handling width/height length attribute transformations to CSS
*/
class HTMLPurifier_AttrTransform_Length extends HTMLPurifier_AttrTransform
{
protected $name;
protected $cssName;
public function __construct($name, $css_name = null) {
$this->name = $name;
$this->cssName = $css_name ? $css_name : $name;
}
public function transform($attr, $config, $context) {
if (!isset($attr[$this->name])) return $attr;
$length = $this->confiscateAttr($attr, $this->name);
if(ctype_digit($length)) $length .= 'px';
$this->prependCSS($attr, $this->cssName . ":$length;");
return $attr;
}
}
// vim: et sw=4 sts=4

21
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrTransform/Name.php vendored
View File

@ -1,21 +0,0 @@
<?php
/**
* Pre-transform that changes deprecated name attribute to ID if necessary
*/
class HTMLPurifier_AttrTransform_Name extends HTMLPurifier_AttrTransform
{
public function transform($attr, $config, $context) {
// Abort early if we're using relaxed definition of name
if ($config->get('HTML.Attr.Name.UseCDATA')) return $attr;
if (!isset($attr['name'])) return $attr;
$id = $this->confiscateAttr($attr, 'name');
if ( isset($attr['id'])) return $attr;
$attr['id'] = $id;
return $attr;
}
}
// vim: et sw=4 sts=4

27
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrTransform/NameSync.php vendored
View File

@ -1,27 +0,0 @@
<?php
/**
* Post-transform that performs validation to the name attribute; if
* it is present with an equivalent id attribute, it is passed through;
* otherwise validation is performed.
*/
class HTMLPurifier_AttrTransform_NameSync extends HTMLPurifier_AttrTransform
{
public function __construct() {
$this->idDef = new HTMLPurifier_AttrDef_HTML_ID();
}
public function transform($attr, $config, $context) {
if (!isset($attr['name'])) return $attr;
$name = $attr['name'];
if (isset($attr['id']) && $attr['id'] === $name) return $attr;
$result = $this->idDef->validate($name, $config, $context);
if ($result === false) unset($attr['name']);
else $attr['name'] = $result;
return $attr;
}
}
// vim: et sw=4 sts=4

16
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrTransform/SafeObject.php vendored
View File

@ -1,16 +0,0 @@
<?php
/**
* Writes default type for all objects. Currently only supports flash.
*/
class HTMLPurifier_AttrTransform_SafeObject extends HTMLPurifier_AttrTransform
{
public $name = "SafeObject";
function transform($attr, $config, $context) {
if (!isset($attr['type'])) $attr['type'] = 'application/x-shockwave-flash';
return $attr;
}
}
// vim: et sw=4 sts=4

18
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrTransform/Textarea.php vendored
View File

@ -1,18 +0,0 @@
<?php
/**
* Sets height/width defaults for <textarea>
*/
class HTMLPurifier_AttrTransform_Textarea extends HTMLPurifier_AttrTransform
{
public function transform($attr, $config, $context) {
// Calculated from Firefox
if (!isset($attr['cols'])) $attr['cols'] = '22';
if (!isset($attr['rows'])) $attr['rows'] = '3';
return $attr;
}
}
// vim: et sw=4 sts=4

328
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/CSSDefinition.php vendored
View File

@ -1,328 +0,0 @@
<?php
/**
* Defines allowed CSS attributes and what their values are.
* @see HTMLPurifier_HTMLDefinition
*/
class HTMLPurifier_CSSDefinition extends HTMLPurifier_Definition
{
public $type = 'CSS';
/**
* Assoc array of attribute name to definition object.
*/
public $info = array();
/**
* Constructs the info array. The meat of this class.
*/
protected function doSetup($config) {
$this->info['text-align'] = new HTMLPurifier_AttrDef_Enum(
array('left', 'right', 'center', 'justify'), false);
$border_style =
$this->info['border-bottom-style'] =
$this->info['border-right-style'] =
$this->info['border-left-style'] =
$this->info['border-top-style'] = new HTMLPurifier_AttrDef_Enum(
array('none', 'hidden', 'dotted', 'dashed', 'solid', 'double',
'groove', 'ridge', 'inset', 'outset'), false);
$this->info['border-style'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_style);
$this->info['clear'] = new HTMLPurifier_AttrDef_Enum(
array('none', 'left', 'right', 'both'), false);
$this->info['float'] = new HTMLPurifier_AttrDef_Enum(
array('none', 'left', 'right'), false);
$this->info['font-style'] = new HTMLPurifier_AttrDef_Enum(
array('normal', 'italic', 'oblique'), false);
$this->info['font-variant'] = new HTMLPurifier_AttrDef_Enum(
array('normal', 'small-caps'), false);
$uri_or_none = new HTMLPurifier_AttrDef_CSS_Composite(
array(
new HTMLPurifier_AttrDef_Enum(array('none')),
new HTMLPurifier_AttrDef_CSS_URI()
)
);
$this->info['list-style-position'] = new HTMLPurifier_AttrDef_Enum(
array('inside', 'outside'), false);
$this->info['list-style-type'] = new HTMLPurifier_AttrDef_Enum(
array('disc', 'circle', 'square', 'decimal', 'lower-roman',
'upper-roman', 'lower-alpha', 'upper-alpha', 'none'), false);
$this->info['list-style-image'] = $uri_or_none;
$this->info['list-style'] = new HTMLPurifier_AttrDef_CSS_ListStyle($config);
$this->info['text-transform'] = new HTMLPurifier_AttrDef_Enum(
array('capitalize', 'uppercase', 'lowercase', 'none'), false);
$this->info['color'] = new HTMLPurifier_AttrDef_CSS_Color();
$this->info['background-image'] = $uri_or_none;
$this->info['background-repeat'] = new HTMLPurifier_AttrDef_Enum(
array('repeat', 'repeat-x', 'repeat-y', 'no-repeat')
);
$this->info['background-attachment'] = new HTMLPurifier_AttrDef_Enum(
array('scroll', 'fixed')
);
$this->info['background-position'] = new HTMLPurifier_AttrDef_CSS_BackgroundPosition();
$border_color =
$this->info['border-top-color'] =
$this->info['border-bottom-color'] =
$this->info['border-left-color'] =
$this->info['border-right-color'] =
$this->info['background-color'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_Enum(array('transparent')),
new HTMLPurifier_AttrDef_CSS_Color()
));
$this->info['background'] = new HTMLPurifier_AttrDef_CSS_Background($config);
$this->info['border-color'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_color);
$border_width =
$this->info['border-top-width'] =
$this->info['border-bottom-width'] =
$this->info['border-left-width'] =
$this->info['border-right-width'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_Enum(array('thin', 'medium', 'thick')),
new HTMLPurifier_AttrDef_CSS_Length('0') //disallow negative
));
$this->info['border-width'] = new HTMLPurifier_AttrDef_CSS_Multiple($border_width);
$this->info['letter-spacing'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_Enum(array('normal')),
new HTMLPurifier_AttrDef_CSS_Length()
));
$this->info['word-spacing'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_Enum(array('normal')),
new HTMLPurifier_AttrDef_CSS_Length()
));
$this->info['font-size'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_Enum(array('xx-small', 'x-small',
'small', 'medium', 'large', 'x-large', 'xx-large',
'larger', 'smaller')),
new HTMLPurifier_AttrDef_CSS_Percentage(),
new HTMLPurifier_AttrDef_CSS_Length()
));
$this->info['line-height'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_Enum(array('normal')),
new HTMLPurifier_AttrDef_CSS_Number(true), // no negatives
new HTMLPurifier_AttrDef_CSS_Length('0'),
new HTMLPurifier_AttrDef_CSS_Percentage(true)
));
$margin =
$this->info['margin-top'] =
$this->info['margin-bottom'] =
$this->info['margin-left'] =
$this->info['margin-right'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_CSS_Length(),
new HTMLPurifier_AttrDef_CSS_Percentage(),
new HTMLPurifier_AttrDef_Enum(array('auto'))
));
$this->info['margin'] = new HTMLPurifier_AttrDef_CSS_Multiple($margin);
// non-negative
$padding =
$this->info['padding-top'] =
$this->info['padding-bottom'] =
$this->info['padding-left'] =
$this->info['padding-right'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_CSS_Length('0'),
new HTMLPurifier_AttrDef_CSS_Percentage(true)
));
$this->info['padding'] = new HTMLPurifier_AttrDef_CSS_Multiple($padding);
$this->info['text-indent'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_CSS_Length(),
new HTMLPurifier_AttrDef_CSS_Percentage()
));
$trusted_wh = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_CSS_Length('0'),
new HTMLPurifier_AttrDef_CSS_Percentage(true),
new HTMLPurifier_AttrDef_Enum(array('auto'))
));
$max = $config->get('CSS.MaxImgLength');
$this->info['width'] =
$this->info['height'] =
$max === null ?
$trusted_wh :
new HTMLPurifier_AttrDef_Switch('img',
// For img tags:
new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_CSS_Length('0', $max),
new HTMLPurifier_AttrDef_Enum(array('auto'))
)),
// For everyone else:
$trusted_wh
);
$this->info['text-decoration'] = new HTMLPurifier_AttrDef_CSS_TextDecoration();
$this->info['font-family'] = new HTMLPurifier_AttrDef_CSS_FontFamily();
// this could use specialized code
$this->info['font-weight'] = new HTMLPurifier_AttrDef_Enum(
array('normal', 'bold', 'bolder', 'lighter', '100', '200', '300',
'400', '500', '600', '700', '800', '900'), false);
// MUST be called after other font properties, as it references
// a CSSDefinition object
$this->info['font'] = new HTMLPurifier_AttrDef_CSS_Font($config);
// same here
$this->info['border'] =
$this->info['border-bottom'] =
$this->info['border-top'] =
$this->info['border-left'] =
$this->info['border-right'] = new HTMLPurifier_AttrDef_CSS_Border($config);
$this->info['border-collapse'] = new HTMLPurifier_AttrDef_Enum(array(
'collapse', 'separate'));
$this->info['caption-side'] = new HTMLPurifier_AttrDef_Enum(array(
'top', 'bottom'));
$this->info['table-layout'] = new HTMLPurifier_AttrDef_Enum(array(
'auto', 'fixed'));
$this->info['vertical-align'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_Enum(array('baseline', 'sub', 'super',
'top', 'text-top', 'middle', 'bottom', 'text-bottom')),
new HTMLPurifier_AttrDef_CSS_Length(),
new HTMLPurifier_AttrDef_CSS_Percentage()
));
$this->info['border-spacing'] = new HTMLPurifier_AttrDef_CSS_Multiple(new HTMLPurifier_AttrDef_CSS_Length(), 2);
// These CSS properties don't work on many browsers, but we live
// in THE FUTURE!
$this->info['white-space'] = new HTMLPurifier_AttrDef_Enum(array('nowrap', 'normal', 'pre', 'pre-wrap', 'pre-line'));
if ($config->get('CSS.Proprietary')) {
$this->doSetupProprietary($config);
}
if ($config->get('CSS.AllowTricky')) {
$this->doSetupTricky($config);
}
if ($config->get('CSS.Trusted')) {
$this->doSetupTrusted($config);
}
$allow_important = $config->get('CSS.AllowImportant');
// wrap all attr-defs with decorator that handles !important
foreach ($this->info as $k => $v) {
$this->info[$k] = new HTMLPurifier_AttrDef_CSS_ImportantDecorator($v, $allow_important);
}
$this->setupConfigStuff($config);
}
protected function doSetupProprietary($config) {
// Internet Explorer only scrollbar colors
$this->info['scrollbar-arrow-color'] = new HTMLPurifier_AttrDef_CSS_Color();
$this->info['scrollbar-base-color'] = new HTMLPurifier_AttrDef_CSS_Color();
$this->info['scrollbar-darkshadow-color'] = new HTMLPurifier_AttrDef_CSS_Color();
$this->info['scrollbar-face-color'] = new HTMLPurifier_AttrDef_CSS_Color();
$this->info['scrollbar-highlight-color'] = new HTMLPurifier_AttrDef_CSS_Color();
$this->info['scrollbar-shadow-color'] = new HTMLPurifier_AttrDef_CSS_Color();
// technically not proprietary, but CSS3, and no one supports it
$this->info['opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
$this->info['-moz-opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
$this->info['-khtml-opacity'] = new HTMLPurifier_AttrDef_CSS_AlphaValue();
// only opacity, for now
$this->info['filter'] = new HTMLPurifier_AttrDef_CSS_Filter();
// more CSS3
$this->info['page-break-after'] =
$this->info['page-break-before'] = new HTMLPurifier_AttrDef_Enum(array('auto','always','avoid','left','right'));
$this->info['page-break-inside'] = new HTMLPurifier_AttrDef_Enum(array('auto','avoid'));
}
protected function doSetupTricky($config) {
$this->info['display'] = new HTMLPurifier_AttrDef_Enum(array(
'inline', 'block', 'list-item', 'run-in', 'compact',
'marker', 'table', 'inline-block', 'inline-table', 'table-row-group',
'table-header-group', 'table-footer-group', 'table-row',
'table-column-group', 'table-column', 'table-cell', 'table-caption', 'none'
));
$this->info['visibility'] = new HTMLPurifier_AttrDef_Enum(array(
'visible', 'hidden', 'collapse'
));
$this->info['overflow'] = new HTMLPurifier_AttrDef_Enum(array('visible', 'hidden', 'auto', 'scroll'));
}
protected function doSetupTrusted($config) {
$this->info['position'] = new HTMLPurifier_AttrDef_Enum(array(
'static', 'relative', 'absolute', 'fixed'
));
$this->info['top'] =
$this->info['left'] =
$this->info['right'] =
$this->info['bottom'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_CSS_Length(),
new HTMLPurifier_AttrDef_CSS_Percentage(),
new HTMLPurifier_AttrDef_Enum(array('auto')),
));
$this->info['z-index'] = new HTMLPurifier_AttrDef_CSS_Composite(array(
new HTMLPurifier_AttrDef_Integer(),
new HTMLPurifier_AttrDef_Enum(array('auto')),
));
}
/**
* Performs extra config-based processing. Based off of
* HTMLPurifier_HTMLDefinition.
* @todo Refactor duplicate elements into common class (probably using
* composition, not inheritance).
*/
protected function setupConfigStuff($config) {
// setup allowed elements
$support = "(for information on implementing this, see the ".
"support forums) ";
$allowed_properties = $config->get('CSS.AllowedProperties');
if ($allowed_properties !== null) {
foreach ($this->info as $name => $d) {
if(!isset($allowed_properties[$name])) unset($this->info[$name]);
unset($allowed_properties[$name]);
}
// emit errors
foreach ($allowed_properties as $name => $d) {
// :TODO: Is this htmlspecialchars() call really necessary?
$name = htmlspecialchars($name);
trigger_error("Style attribute '$name' is not supported $support", E_USER_WARNING);
}
}
$forbidden_properties = $config->get('CSS.ForbiddenProperties');
if ($forbidden_properties !== null) {
foreach ($this->info as $name => $d) {
if (isset($forbidden_properties[$name])) {
unset($this->info[$name]);
}
}
}
}
}
// vim: et sw=4 sts=4

120
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/ChildDef/List.php vendored
View File

@ -1,120 +0,0 @@
<?php
/**
* Definition for list containers ul and ol.
*/
class HTMLPurifier_ChildDef_List extends HTMLPurifier_ChildDef
{
public $type = 'list';
// lying a little bit, so that we can handle ul and ol ourselves
// XXX: This whole business with 'wrap' is all a bit unsatisfactory
public $elements = array('li' => true, 'ul' => true, 'ol' => true);
public function validateChildren($tokens_of_children, $config, $context) {
// Flag for subclasses
$this->whitespace = false;
// if there are no tokens, delete parent node
if (empty($tokens_of_children)) return false;
// the new set of children
$result = array();
// current depth into the nest
$nesting = 0;
// a little sanity check to make sure it's not ALL whitespace
$all_whitespace = true;
$seen_li = false;
$need_close_li = false;
foreach ($tokens_of_children as $token) {
if (!empty($token->is_whitespace)) {
$result[] = $token;
continue;
}
$all_whitespace = false; // phew, we're not talking about whitespace
if ($nesting == 1 && $need_close_li) {
$result[] = new HTMLPurifier_Token_End('li');
$nesting--;
$need_close_li = false;
}
$is_child = ($nesting == 0);
if ($token instanceof HTMLPurifier_Token_Start) {
$nesting++;
} elseif ($token instanceof HTMLPurifier_Token_End) {
$nesting--;
}
if ($is_child) {
if ($token->name === 'li') {
// good
$seen_li = true;
} elseif ($token->name === 'ul' || $token->name === 'ol') {
// we want to tuck this into the previous li
$need_close_li = true;
$nesting++;
if (!$seen_li) {
// create a new li element
$result[] = new HTMLPurifier_Token_Start('li');
} else {
// backtrack until </li> found
while(true) {
$t = array_pop($result);
if ($t instanceof HTMLPurifier_Token_End) {
// XXX actually, these invariants could very plausibly be violated
// if we are doing silly things with modifying the set of allowed elements.
// FORTUNATELY, it doesn't make a difference, since the allowed
// elements are hard-coded here!
if ($t->name !== 'li') {
trigger_error("Only li present invariant violated in List ChildDef", E_USER_ERROR);
return false;
}
break;
} elseif ($t instanceof HTMLPurifier_Token_Empty) { // bleagh
if ($t->name !== 'li') {
trigger_error("Only li present invariant violated in List ChildDef", E_USER_ERROR);
return false;
}
// XXX this should have a helper for it...
$result[] = new HTMLPurifier_Token_Start('li', $t->attr, $t->line, $t->col, $t->armor);
break;
} else {
if (!$t->is_whitespace) {
trigger_error("Only whitespace present invariant violated in List ChildDef", E_USER_ERROR);
return false;
}
}
}
}
} else {
// start wrapping (this doesn't precisely mimic
// browser behavior, but what browsers do is kind of
// hard to mimic in a standards compliant way
// XXX Actually, this has no impact in practice,
// because this gets handled earlier. Arguably,
// we should rip out all of that processing
$result[] = new HTMLPurifier_Token_Start('li');
$nesting++;
$seen_li = true;
$need_close_li = true;
}
}
$result[] = $token;
}
if ($need_close_li) {
$result[] = new HTMLPurifier_Token_End('li');
}
if (empty($result)) return false;
if ($all_whitespace) {
return false;
}
if ($tokens_of_children == $result) return true;
return $result;
}
}
// vim: et sw=4 sts=4

26
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/ChildDef/Optional.php vendored
View File

@ -1,26 +0,0 @@
<?php
/**
* Definition that allows a set of elements, and allows no children.
* @note This is a hack to reuse code from HTMLPurifier_ChildDef_Required,
* really, one shouldn't inherit from the other. Only altered behavior
* is to overload a returned false with an array. Thus, it will never
* return false.
*/
class HTMLPurifier_ChildDef_Optional extends HTMLPurifier_ChildDef_Required
{
public $allow_empty = true;
public $type = 'optional';
public function validateChildren($tokens_of_children, $config, $context) {
$result = parent::validateChildren($tokens_of_children, $config, $context);
// we assume that $tokens_of_children is not modified
if ($result === false) {
if (empty($tokens_of_children)) return true;
elseif ($this->whitespace) return $tokens_of_children;
else return array();
}
return $result;
}
}
// vim: et sw=4 sts=4

117
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/ChildDef/Required.php vendored
View File

@ -1,117 +0,0 @@
<?php
/**
* Definition that allows a set of elements, but disallows empty children.
*/
class HTMLPurifier_ChildDef_Required extends HTMLPurifier_ChildDef
{
/**
* Lookup table of allowed elements.
* @public
*/
public $elements = array();
/**
* Whether or not the last passed node was all whitespace.
*/
protected $whitespace = false;
/**
* @param $elements List of allowed element names (lowercase).
*/
public function __construct($elements) {
if (is_string($elements)) {
$elements = str_replace(' ', '', $elements);
$elements = explode('|', $elements);
}
$keys = array_keys($elements);
if ($keys == array_keys($keys)) {
$elements = array_flip($elements);
foreach ($elements as $i => $x) {
$elements[$i] = true;
if (empty($i)) unset($elements[$i]); // remove blank
}
}
$this->elements = $elements;
}
public $allow_empty = false;
public $type = 'required';
public function validateChildren($tokens_of_children, $config, $context) {
// Flag for subclasses
$this->whitespace = false;
// if there are no tokens, delete parent node
if (empty($tokens_of_children)) return false;
// the new set of children
$result = array();
// current depth into the nest
$nesting = 0;
// whether or not we're deleting a node
$is_deleting = false;
// whether or not parsed character data is allowed
// this controls whether or not we silently drop a tag
// or generate escaped HTML from it
$pcdata_allowed = isset($this->elements['#PCDATA']);
// a little sanity check to make sure it's not ALL whitespace
$all_whitespace = true;
// some configuration
$escape_invalid_children = $config->get('Core.EscapeInvalidChildren');
// generator
$gen = new HTMLPurifier_Generator($config, $context);
foreach ($tokens_of_children as $token) {
if (!empty($token->is_whitespace)) {
$result[] = $token;
continue;
}
$all_whitespace = false; // phew, we're not talking about whitespace
$is_child = ($nesting == 0);
if ($token instanceof HTMLPurifier_Token_Start) {
$nesting++;
} elseif ($token instanceof HTMLPurifier_Token_End) {
$nesting--;
}
if ($is_child) {
$is_deleting = false;
if (!isset($this->elements[$token->name])) {
$is_deleting = true;
if ($pcdata_allowed && $token instanceof HTMLPurifier_Token_Text) {
$result[] = $token;
} elseif ($pcdata_allowed && $escape_invalid_children) {
$result[] = new HTMLPurifier_Token_Text(
$gen->generateFromToken($token)
);
}
continue;
}
}
if (!$is_deleting || ($pcdata_allowed && $token instanceof HTMLPurifier_Token_Text)) {
$result[] = $token;
} elseif ($pcdata_allowed && $escape_invalid_children) {
$result[] =
new HTMLPurifier_Token_Text(
$gen->generateFromToken($token)
);
} else {
// drop silently
}
}
if (empty($result)) return false;
if ($all_whitespace) {
$this->whitespace = true;
return false;
}
if ($tokens_of_children == $result) return true;
return $result;
}
}
// vim: et sw=4 sts=4

88
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/ChildDef/StrictBlockquote.php vendored
View File

@ -1,88 +0,0 @@
<?php
/**
* Takes the contents of blockquote when in strict and reformats for validation.
*/
class HTMLPurifier_ChildDef_StrictBlockquote extends HTMLPurifier_ChildDef_Required
{
protected $real_elements;
protected $fake_elements;
public $allow_empty = true;
public $type = 'strictblockquote';
protected $init = false;
/**
* @note We don't want MakeWellFormed to auto-close inline elements since
* they might be allowed.
*/
public function getAllowedElements($config) {
$this->init($config);
return $this->fake_elements;
}
public function validateChildren($tokens_of_children, $config, $context) {
$this->init($config);
// trick the parent class into thinking it allows more
$this->elements = $this->fake_elements;
$result = parent::validateChildren($tokens_of_children, $config, $context);
$this->elements = $this->real_elements;
if ($result === false) return array();
if ($result === true) $result = $tokens_of_children;
$def = $config->getHTMLDefinition();
$block_wrap_start = new HTMLPurifier_Token_Start($def->info_block_wrapper);
$block_wrap_end = new HTMLPurifier_Token_End( $def->info_block_wrapper);
$is_inline = false;
$depth = 0;
$ret = array();
// assuming that there are no comment tokens
foreach ($result as $i => $token) {
$token = $result[$i];
// ifs are nested for readability
if (!$is_inline) {
if (!$depth) {
if (
($token instanceof HTMLPurifier_Token_Text && !$token->is_whitespace) ||
(!$token instanceof HTMLPurifier_Token_Text && !isset($this->elements[$token->name]))
) {
$is_inline = true;
$ret[] = $block_wrap_start;
}
}
} else {
if (!$depth) {
// starting tokens have been inline text / empty
if ($token instanceof HTMLPurifier_Token_Start || $token instanceof HTMLPurifier_Token_Empty) {
if (isset($this->elements[$token->name])) {
// ended
$ret[] = $block_wrap_end;
$is_inline = false;
}
}
}
}
$ret[] = $token;
if ($token instanceof HTMLPurifier_Token_Start) $depth++;
if ($token instanceof HTMLPurifier_Token_End) $depth--;
}
if ($is_inline) $ret[] = $block_wrap_end;
return $ret;
}
private function init($config) {
if (!$this->init) {
$def = $config->getHTMLDefinition();
// allow all inline elements
$this->real_elements = $this->elements;
$this->fake_elements = $def->info_content_sets['Flow'];
$this->fake_elements['#PCDATA'] = true;
$this->init = true;
}
}
}
// vim: et sw=4 sts=4

227
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/ChildDef/Table.php vendored
View File

@ -1,227 +0,0 @@
<?php
/**
* Definition for tables. The general idea is to extract out all of the
* essential bits, and then reconstruct it later.
*
* This is a bit confusing, because the DTDs and the W3C
* validators seem to disagree on the appropriate definition. The
* DTD claims:
*
* (CAPTION?, (COL*|COLGROUP*), THEAD?, TFOOT?, TBODY+)
*
* But actually, the HTML4 spec then has this to say:
*
* The TBODY start tag is always required except when the table
* contains only one table body and no table head or foot sections.
* The TBODY end tag may always be safely omitted.
*
* So the DTD is kind of wrong. The validator is, unfortunately, kind
* of on crack.
*
* The definition changed again in XHTML1.1; and in my opinion, this
* formulation makes the most sense.
*
* caption?, ( col* | colgroup* ), (( thead?, tfoot?, tbody+ ) | ( tr+ ))
*
* Essentially, we have two modes: thead/tfoot/tbody mode, and tr mode.
* If we encounter a thead, tfoot or tbody, we are placed in the former
* mode, and we *must* wrap any stray tr segments with a tbody. But if
* we don't run into any of them, just have tr tags is OK.
*/
class HTMLPurifier_ChildDef_Table extends HTMLPurifier_ChildDef
{
public $allow_empty = false;
public $type = 'table';
public $elements = array('tr' => true, 'tbody' => true, 'thead' => true,
'tfoot' => true, 'caption' => true, 'colgroup' => true, 'col' => true);
public function __construct() {}
public function validateChildren($tokens_of_children, $config, $context) {
if (empty($tokens_of_children)) return false;
// this ensures that the loop gets run one last time before closing
// up. It's a little bit of a hack, but it works! Just make sure you
// get rid of the token later.
$tokens_of_children[] = false;
// only one of these elements is allowed in a table
$caption = false;
$thead = false;
$tfoot = false;
// as many of these as you want
$cols = array();
$content = array();
$nesting = 0; // current depth so we can determine nodes
$is_collecting = false; // are we globbing together tokens to package
// into one of the collectors?
$collection = array(); // collected nodes
$tag_index = 0; // the first node might be whitespace,
// so this tells us where the start tag is
$tbody_mode = false; // if true, then we need to wrap any stray
// <tr>s with a <tbody>.
foreach ($tokens_of_children as $token) {
$is_child = ($nesting == 0);
if ($token === false) {
// terminating sequence started
} elseif ($token instanceof HTMLPurifier_Token_Start) {
$nesting++;
} elseif ($token instanceof HTMLPurifier_Token_End) {
$nesting--;
}
// handle node collection
if ($is_collecting) {
if ($is_child) {
// okay, let's stash the tokens away
// first token tells us the type of the collection
switch ($collection[$tag_index]->name) {
case 'tbody':
$tbody_mode = true;
case 'tr':
$content[] = $collection;
break;
case 'caption':
if ($caption !== false) break;
$caption = $collection;
break;
case 'thead':
case 'tfoot':
$tbody_mode = true;
// XXX This breaks rendering properties with
// Firefox, which never floats a <thead> to
// the top. Ever. (Our scheme will float the
// first <thead> to the top.) So maybe
// <thead>s that are not first should be
// turned into <tbody>? Very tricky, indeed.
// access the appropriate variable, $thead or $tfoot
$var = $collection[$tag_index]->name;
if ($$var === false) {
$$var = $collection;
} else {
// Oops, there's a second one! What
// should we do? Current behavior is to
// transmutate the first and last entries into
// tbody tags, and then put into content.
// Maybe a better idea is to *attach
// it* to the existing thead or tfoot?
// We don't do this, because Firefox
// doesn't float an extra tfoot to the
// bottom like it does for the first one.
$collection[$tag_index]->name = 'tbody';
$collection[count($collection)-1]->name = 'tbody';
$content[] = $collection;
}
break;
case 'colgroup':
$cols[] = $collection;
break;
}
$collection = array();
$is_collecting = false;
$tag_index = 0;
} else {
// add the node to the collection
$collection[] = $token;
}
}
// terminate
if ($token === false) break;
if ($is_child) {
// determine what we're dealing with
if ($token->name == 'col') {
// the only empty tag in the possie, we can handle it
// immediately
$cols[] = array_merge($collection, array($token));
$collection = array();
$tag_index = 0;
continue;
}
switch($token->name) {
case 'caption':
case 'colgroup':
case 'thead':
case 'tfoot':
case 'tbody':
case 'tr':
$is_collecting = true;
$collection[] = $token;
continue;
default:
if (!empty($token->is_whitespace)) {
$collection[] = $token;
$tag_index++;
}
continue;
}
}
}
if (empty($content)) return false;
$ret = array();
if ($caption !== false) $ret = array_merge($ret, $caption);
if ($cols !== false) foreach ($cols as $token_array) $ret = array_merge($ret, $token_array);
if ($thead !== false) $ret = array_merge($ret, $thead);
if ($tfoot !== false) $ret = array_merge($ret, $tfoot);
if ($tbody_mode) {
// a little tricky, since the start of the collection may be
// whitespace
$inside_tbody = false;
foreach ($content as $token_array) {
// find the starting token
foreach ($token_array as $t) {
if ($t->name === 'tr' || $t->name === 'tbody') {
break;
}
} // iterator variable carries over
if ($t->name === 'tr') {
if ($inside_tbody) {
$ret = array_merge($ret, $token_array);
} else {
$ret[] = new HTMLPurifier_Token_Start('tbody');
$ret = array_merge($ret, $token_array);
$inside_tbody = true;
}
} elseif ($t->name === 'tbody') {
if ($inside_tbody) {
$ret[] = new HTMLPurifier_Token_End('tbody');
$inside_tbody = false;
$ret = array_merge($ret, $token_array);
} else {
$ret = array_merge($ret, $token_array);
}
} else {
trigger_error("tr/tbody in content invariant failed in Table ChildDef", E_USER_ERROR);
}
}
if ($inside_tbody) {
$ret[] = new HTMLPurifier_Token_End('tbody');
}
} else {
foreach ($content as $token_array) {
// invariant: everything in here is <tr>s
$ret = array_merge($ret, $token_array);
}
}
if (!empty($collection) && $is_collecting == false){
// grab the trailing space
$ret = array_merge($ret, $collection);
}
array_pop($tokens_of_children); // remove phantom token
return ($ret === $tokens_of_children) ? true : $ret;
}
}
// vim: et sw=4 sts=4

66
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/ConfigSchema/ValidatorAtom.php vendored
View File

@ -1,66 +0,0 @@
<?php
/**
* Fluent interface for validating the contents of member variables.
* This should be immutable. See HTMLPurifier_ConfigSchema_Validator for
* use-cases. We name this an 'atom' because it's ONLY for validations that
* are independent and usually scalar.
*/
class HTMLPurifier_ConfigSchema_ValidatorAtom
{
protected $context, $obj, $member, $contents;
public function __construct($context, $obj, $member) {
$this->context = $context;
$this->obj = $obj;
$this->member = $member;
$this->contents =& $obj->$member;
}
public function assertIsString() {
if (!is_string($this->contents)) $this->error('must be a string');
return $this;
}
public function assertIsBool() {
if (!is_bool($this->contents)) $this->error('must be a boolean');
return $this;
}
public function assertIsArray() {
if (!is_array($this->contents)) $this->error('must be an array');
return $this;
}
public function assertNotNull() {
if ($this->contents === null) $this->error('must not be null');
return $this;
}
public function assertAlnum() {
$this->assertIsString();
if (!ctype_alnum($this->contents)) $this->error('must be alphanumeric');
return $this;
}
public function assertNotEmpty() {
if (empty($this->contents)) $this->error('must not be empty');
return $this;
}
public function assertIsLookup() {
$this->assertIsArray();
foreach ($this->contents as $v) {
if ($v !== true) $this->error('must be a lookup array');
}
return $this;
}
protected function error($msg) {
throw new HTMLPurifier_ConfigSchema_Exception(ucfirst($this->member) . ' in ' . $this->context . ' ' . $msg);
}
}
// vim: et sw=4 sts=4

BIN
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/ConfigSchema/schema.ser vendored
View File

Binary file not shown.

82
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/Context.php vendored
View File

@ -1,82 +0,0 @@
<?php
/**
* Registry object that contains information about the current context.
* @warning Is a bit buggy when variables are set to null: it thinks
* they don't exist! So use false instead, please.
* @note Since the variables Context deals with may not be objects,
* references are very important here! Do not remove!
*/
class HTMLPurifier_Context
{
/**
* Private array that stores the references.
*/
private $_storage = array();
/**
* Registers a variable into the context.
* @param $name String name
* @param $ref Reference to variable to be registered
*/
public function register($name, &$ref) {
if (isset($this->_storage[$name])) {
trigger_error("Name $name produces collision, cannot re-register",
E_USER_ERROR);
return;
}
$this->_storage[$name] =& $ref;
}
/**
* Retrieves a variable reference from the context.
* @param $name String name
* @param $ignore_error Boolean whether or not to ignore error
*/
public function &get($name, $ignore_error = false) {
if (!isset($this->_storage[$name])) {
if (!$ignore_error) {
trigger_error("Attempted to retrieve non-existent variable $name",
E_USER_ERROR);
}
$var = null; // so we can return by reference
return $var;
}
return $this->_storage[$name];
}
/**
* Destorys a variable in the context.
* @param $name String name
*/
public function destroy($name) {
if (!isset($this->_storage[$name])) {
trigger_error("Attempted to destroy non-existent variable $name",
E_USER_ERROR);
return;
}
unset($this->_storage[$name]);
}
/**
* Checks whether or not the variable exists.
* @param $name String name
*/
public function exists($name) {
return isset($this->_storage[$name]);
}
/**
* Loads a series of variables from an associative array
* @param $context_array Assoc array of variables to load
*/
public function loadArray($context_array) {
foreach ($context_array as $key => $discard) {
$this->register($key, $context_array[$key]);
}
}
}
// vim: et sw=4 sts=4

62
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/DefinitionCache/Decorator.php vendored
View File

@ -1,62 +0,0 @@
<?php
class HTMLPurifier_DefinitionCache_Decorator extends HTMLPurifier_DefinitionCache
{
/**
* Cache object we are decorating
*/
public $cache;
public function __construct() {}
/**
* Lazy decorator function
* @param $cache Reference to cache object to decorate
*/
public function decorate(&$cache) {
$decorator = $this->copy();
// reference is necessary for mocks in PHP 4
$decorator->cache =& $cache;
$decorator->type = $cache->type;
return $decorator;
}
/**
* Cross-compatible clone substitute
*/
public function copy() {
return new HTMLPurifier_DefinitionCache_Decorator();
}
public function add($def, $config) {
return $this->cache->add($def, $config);
}
public function set($def, $config) {
return $this->cache->set($def, $config);
}
public function replace($def, $config) {
return $this->cache->replace($def, $config);
}
public function get($config) {
return $this->cache->get($config);
}
public function remove($config) {
return $this->cache->remove($config);
}
public function flush($config) {
return $this->cache->flush($config);
}
public function cleanup($config) {
return $this->cache->cleanup($config);
}
}
// vim: et sw=4 sts=4

43
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/DefinitionCache/Decorator/Cleanup.php vendored
View File

@ -1,43 +0,0 @@
<?php
/**
* Definition cache decorator class that cleans up the cache
* whenever there is a cache miss.
*/
class HTMLPurifier_DefinitionCache_Decorator_Cleanup extends
HTMLPurifier_DefinitionCache_Decorator
{
public $name = 'Cleanup';
public function copy() {
return new HTMLPurifier_DefinitionCache_Decorator_Cleanup();
}
public function add($def, $config) {
$status = parent::add($def, $config);
if (!$status) parent::cleanup($config);
return $status;
}
public function set($def, $config) {
$status = parent::set($def, $config);
if (!$status) parent::cleanup($config);
return $status;
}
public function replace($def, $config) {
$status = parent::replace($def, $config);
if (!$status) parent::cleanup($config);
return $status;
}
public function get($config) {
$ret = parent::get($config);
if (!$ret) parent::cleanup($config);
return $ret;
}
}
// vim: et sw=4 sts=4

46
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/DefinitionCache/Decorator/Memory.php vendored
View File

@ -1,46 +0,0 @@
<?php
/**
* Definition cache decorator class that saves all cache retrievals
* to PHP's memory; good for unit tests or circumstances where
* there are lots of configuration objects floating around.
*/
class HTMLPurifier_DefinitionCache_Decorator_Memory extends
HTMLPurifier_DefinitionCache_Decorator
{
protected $definitions;
public $name = 'Memory';
public function copy() {
return new HTMLPurifier_DefinitionCache_Decorator_Memory();
}
public function add($def, $config) {
$status = parent::add($def, $config);
if ($status) $this->definitions[$this->generateKey($config)] = $def;
return $status;
}
public function set($def, $config) {
$status = parent::set($def, $config);
if ($status) $this->definitions[$this->generateKey($config)] = $def;
return $status;
}
public function replace($def, $config) {
$status = parent::replace($def, $config);
if ($status) $this->definitions[$this->generateKey($config)] = $def;
return $status;
}
public function get($config) {
$key = $this->generateKey($config);
if (isset($this->definitions[$key])) return $this->definitions[$key];
$this->definitions[$key] = parent::get($config);
return $this->definitions[$key];
}
}
// vim: et sw=4 sts=4

47
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/DefinitionCache/Decorator/Template.php.in vendored
View File

@ -1,47 +0,0 @@
<?php
require_once 'HTMLPurifier/DefinitionCache/Decorator.php';
/**
* Definition cache decorator template.
*/
class HTMLPurifier_DefinitionCache_Decorator_Template extends
HTMLPurifier_DefinitionCache_Decorator
{
var $name = 'Template'; // replace this
function copy() {
// replace class name with yours
return new HTMLPurifier_DefinitionCache_Decorator_Template();
}
// remove methods you don't need
function add($def, $config) {
return parent::add($def, $config);
}
function set($def, $config) {
return parent::set($def, $config);
}
function replace($def, $config) {
return parent::replace($def, $config);
}
function get($config) {
return parent::get($config);
}
function flush() {
return parent::flush();
}
function cleanup($config) {
return parent::cleanup($config);
}
}
// vim: et sw=4 sts=4

39
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/DefinitionCache/Null.php vendored
View File

@ -1,39 +0,0 @@
<?php
/**
* Null cache object to use when no caching is on.
*/
class HTMLPurifier_DefinitionCache_Null extends HTMLPurifier_DefinitionCache
{
public function add($def, $config) {
return false;
}
public function set($def, $config) {
return false;
}
public function replace($def, $config) {
return false;
}
public function remove($config) {
return false;
}
public function get($config) {
return false;
}
public function flush($config) {
return false;
}
public function cleanup($config) {
return false;
}
}
// vim: et sw=4 sts=4

39
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/Filter/YouTube.php vendored
View File

@ -1,39 +0,0 @@
<?php
class HTMLPurifier_Filter_YouTube extends HTMLPurifier_Filter
{
public $name = 'YouTube';
public function preFilter($html, $config, $context) {
$pre_regex = '#<object[^>]+>.+?'.
'http://www.youtube.com/((?:v|cp)/[A-Za-z0-9\-_=]+).+?</object>#s';
$pre_replace = '<span class="youtube-embed">\1</span>';
return preg_replace($pre_regex, $pre_replace, $html);
}
public function postFilter($html, $config, $context) {
$post_regex = '#<span class="youtube-embed">((?:v|cp)/[A-Za-z0-9\-_=]+)</span>#';
return preg_replace_callback($post_regex, array($this, 'postFilterCallback'), $html);
}
protected function armorUrl($url) {
return str_replace('--', '-&#45;', $url);
}
protected function postFilterCallback($matches) {
$url = $this->armorUrl($matches[1]);
return '<object width="425" height="350" type="application/x-shockwave-flash" '.
'data="http://www.youtube.com/'.$url.'">'.
'<param name="movie" value="http://www.youtube.com/'.$url.'"></param>'.
'<!--[if IE]>'.
'<embed src="http://www.youtube.com/'.$url.'"'.
'type="application/x-shockwave-flash"'.
'wmode="transparent" width="425" height="350" />'.
'<![endif]-->'.
'</object>';
}
}
// vim: et sw=4 sts=4

119
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/HTMLModule/Forms.php vendored
View File

@ -1,119 +0,0 @@
<?php
/**
* XHTML 1.1 Forms module, defines all form-related elements found in HTML 4.
*/
class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule
{
public $name = 'Forms';
public $safe = false;
public $content_sets = array(
'Block' => 'Form',
'Inline' => 'Formctrl',
);
public function setup($config) {
$form = $this->addElement('form', 'Form',
'Required: Heading | List | Block | fieldset', 'Common', array(
'accept' => 'ContentTypes',
'accept-charset' => 'Charsets',
'action*' => 'URI',
'method' => 'Enum#get,post',
// really ContentType, but these two are the only ones used today
'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data',
));
$form->excludes = array('form' => true);
$input = $this->addElement('input', 'Formctrl', 'Empty', 'Common', array(
'accept' => 'ContentTypes',
'accesskey' => 'Character',
'alt' => 'Text',
'checked' => 'Bool#checked',
'disabled' => 'Bool#disabled',
'maxlength' => 'Number',
'name' => 'CDATA',
'readonly' => 'Bool#readonly',
'size' => 'Number',
'src' => 'URI#embedded',
'tabindex' => 'Number',
'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image',
'value' => 'CDATA',
));
$input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input();
$this->addElement('select', 'Formctrl', 'Required: optgroup | option', 'Common', array(
'disabled' => 'Bool#disabled',
'multiple' => 'Bool#multiple',
'name' => 'CDATA',
'size' => 'Number',
'tabindex' => 'Number',
));
$this->addElement('option', false, 'Optional: #PCDATA', 'Common', array(
'disabled' => 'Bool#disabled',
'label' => 'Text',
'selected' => 'Bool#selected',
'value' => 'CDATA',
));
// It's illegal for there to be more than one selected, but not
// be multiple. Also, no selected means undefined behavior. This might
// be difficult to implement; perhaps an injector, or a context variable.
$textarea = $this->addElement('textarea', 'Formctrl', 'Optional: #PCDATA', 'Common', array(
'accesskey' => 'Character',
'cols*' => 'Number',
'disabled' => 'Bool#disabled',
'name' => 'CDATA',
'readonly' => 'Bool#readonly',
'rows*' => 'Number',
'tabindex' => 'Number',
));
$textarea->attr_transform_pre[] = new HTMLPurifier_AttrTransform_Textarea();
$button = $this->addElement('button', 'Formctrl', 'Optional: #PCDATA | Heading | List | Block | Inline', 'Common', array(
'accesskey' => 'Character',
'disabled' => 'Bool#disabled',
'name' => 'CDATA',
'tabindex' => 'Number',
'type' => 'Enum#button,submit,reset',
'value' => 'CDATA',
));
// For exclusions, ideally we'd specify content sets, not literal elements
$button->excludes = $this->makeLookup(
'form', 'fieldset', // Form
'input', 'select', 'textarea', 'label', 'button', // Formctrl
'a', // as per HTML 4.01 spec, this is omitted by modularization
'isindex', 'iframe' // legacy items
);
// Extra exclusion: img usemap="" is not permitted within this element.
// We'll omit this for now, since we don't have any good way of
// indicating it yet.
// This is HIGHLY user-unfriendly; we need a custom child-def for this
$this->addElement('fieldset', 'Form', 'Custom: (#WS?,legend,(Flow|#PCDATA)*)', 'Common');
$label = $this->addElement('label', 'Formctrl', 'Optional: #PCDATA | Inline', 'Common', array(
'accesskey' => 'Character',
// 'for' => 'IDREF', // IDREF not implemented, cannot allow
));
$label->excludes = array('label' => true);
$this->addElement('legend', false, 'Optional: #PCDATA | Inline', 'Common', array(
'accesskey' => 'Character',
));
$this->addElement('optgroup', false, 'Required: option', 'Common', array(
'disabled' => 'Bool#disabled',
'label*' => 'Text',
));
// Don't forget an injector for <isindex>. This one's a little complex
// because it maps to multiple elements.
}
}
// vim: et sw=4 sts=4

21
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/HTMLModule/Tidy/Strict.php vendored
View File

@ -1,21 +0,0 @@
<?php
class HTMLPurifier_HTMLModule_Tidy_Strict extends HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4
{
public $name = 'Tidy_Strict';
public $defaultLevel = 'light';
public function makeFixes() {
$r = parent::makeFixes();
$r['blockquote#content_model_type'] = 'strictblockquote';
return $r;
}
public $defines_child_def = true;
public function getChildDef($def) {
if ($def->content_model_type != 'strictblockquote') return parent::getChildDef($def);
return new HTMLPurifier_ChildDef_StrictBlockquote($def->content_model);
}
}
// vim: et sw=4 sts=4

54
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/Injector/RemoveEmpty.php vendored
View File

@ -1,54 +0,0 @@
<?php
class HTMLPurifier_Injector_RemoveEmpty extends HTMLPurifier_Injector
{
private $context, $config, $attrValidator, $removeNbsp, $removeNbspExceptions;
// TODO: make me configurable
private $_exclude = array('colgroup' => 1, 'th' => 1, 'td' => 1, 'iframe' => 1);
public function prepare($config, $context) {
parent::prepare($config, $context);
$this->config = $config;
$this->context = $context;
$this->removeNbsp = $config->get('AutoFormat.RemoveEmpty.RemoveNbsp');
$this->removeNbspExceptions = $config->get('AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions');
$this->attrValidator = new HTMLPurifier_AttrValidator();
}
public function handleElement(&$token) {
if (!$token instanceof HTMLPurifier_Token_Start) return;
$next = false;
for ($i = $this->inputIndex + 1, $c = count($this->inputTokens); $i < $c; $i++) {
$next = $this->inputTokens[$i];
if ($next instanceof HTMLPurifier_Token_Text) {
if ($next->is_whitespace) continue;
if ($this->removeNbsp && !isset($this->removeNbspExceptions[$token->name])) {
$plain = str_replace("\xC2\xA0", "", $next->data);
$isWsOrNbsp = $plain === '' || ctype_space($plain);
if ($isWsOrNbsp) continue;
}
}
break;
}
if (!$next || ($next instanceof HTMLPurifier_Token_End && $next->name == $token->name)) {
if (isset($this->_exclude[$token->name])) return;
$this->attrValidator->validateToken($token, $this->config, $this->context);
$token->armor['ValidateAttributes'] = true;
if (isset($token->attr['id']) || isset($token->attr['name'])) return;
$token = $i - $this->inputIndex + 1;
for ($b = $this->inputIndex - 1; $b > 0; $b--) {
$prev = $this->inputTokens[$b];
if ($prev instanceof HTMLPurifier_Token_Text && $prev->is_whitespace) continue;
break;
}
// This is safe because we removed the token that triggered this.
$this->rewind($b - 1);
return;
}
}
}
// vim: et sw=4 sts=4

63
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/Language/messages/en.php vendored
View File

@ -1,63 +0,0 @@
<?php
$fallback = false;
$messages = array(
'HTMLPurifier' => 'HTML Purifier',
// for unit testing purposes
'LanguageFactoryTest: Pizza' => 'Pizza',
'LanguageTest: List' => '$1',
'LanguageTest: Hash' => '$1.Keys; $1.Values',
'Item separator' => ', ',
'Item separator last' => ' and ', // non-Harvard style
'ErrorCollector: No errors' => 'No errors detected. However, because error reporting is still incomplete, there may have been errors that the error collector was not notified of; please inspect the output HTML carefully.',
'ErrorCollector: At line' => ' at line $line',
'ErrorCollector: Incidental errors' => 'Incidental errors',
'Lexer: Unclosed comment' => 'Unclosed comment',
'Lexer: Unescaped lt' => 'Unescaped less-than sign (<) should be &lt;',
'Lexer: Missing gt' => 'Missing greater-than sign (>), previous less-than sign (<) should be escaped',
'Lexer: Missing attribute key' => 'Attribute declaration has no key',
'Lexer: Missing end quote' => 'Attribute declaration has no end quote',
'Lexer: Extracted body' => 'Removed document metadata tags',
'Strategy_RemoveForeignElements: Tag transform' => '<$1> element transformed into $CurrentToken.Serialized',
'Strategy_RemoveForeignElements: Missing required attribute' => '$CurrentToken.Compact element missing required attribute $1',
'Strategy_RemoveForeignElements: Foreign element to text' => 'Unrecognized $CurrentToken.Serialized tag converted to text',
'Strategy_RemoveForeignElements: Foreign element removed' => 'Unrecognized $CurrentToken.Serialized tag removed',
'Strategy_RemoveForeignElements: Comment removed' => 'Comment containing "$CurrentToken.Data" removed',
'Strategy_RemoveForeignElements: Foreign meta element removed' => 'Unrecognized $CurrentToken.Serialized meta tag and all descendants removed',
'Strategy_RemoveForeignElements: Token removed to end' => 'Tags and text starting from $1 element where removed to end',
'Strategy_RemoveForeignElements: Trailing hyphen in comment removed' => 'Trailing hyphen(s) in comment removed',
'Strategy_RemoveForeignElements: Hyphens in comment collapsed' => 'Double hyphens in comments are not allowed, and were collapsed into single hyphens',
'Strategy_MakeWellFormed: Unnecessary end tag removed' => 'Unnecessary $CurrentToken.Serialized tag removed',
'Strategy_MakeWellFormed: Unnecessary end tag to text' => 'Unnecessary $CurrentToken.Serialized tag converted to text',
'Strategy_MakeWellFormed: Tag auto closed' => '$1.Compact started on line $1.Line auto-closed by $CurrentToken.Compact',
'Strategy_MakeWellFormed: Tag carryover' => '$1.Compact started on line $1.Line auto-continued into $CurrentToken.Compact',
'Strategy_MakeWellFormed: Stray end tag removed' => 'Stray $CurrentToken.Serialized tag removed',
'Strategy_MakeWellFormed: Stray end tag to text' => 'Stray $CurrentToken.Serialized tag converted to text',
'Strategy_MakeWellFormed: Tag closed by element end' => '$1.Compact tag started on line $1.Line closed by end of $CurrentToken.Serialized',
'Strategy_MakeWellFormed: Tag closed by document end' => '$1.Compact tag started on line $1.Line closed by end of document',
'Strategy_FixNesting: Node removed' => '$CurrentToken.Compact node removed',
'Strategy_FixNesting: Node excluded' => '$CurrentToken.Compact node removed due to descendant exclusion by ancestor element',
'Strategy_FixNesting: Node reorganized' => 'Contents of $CurrentToken.Compact node reorganized to enforce its content model',
'Strategy_FixNesting: Node contents removed' => 'Contents of $CurrentToken.Compact node removed',
'AttrValidator: Attributes transformed' => 'Attributes on $CurrentToken.Compact transformed from $1.Keys to $2.Keys',
'AttrValidator: Attribute removed' => '$CurrentAttr.Name attribute on $CurrentToken.Compact removed',
);
$errorNames = array(
E_ERROR => 'Error',
E_WARNING => 'Warning',
E_NOTICE => 'Notice'
);
// vim: et sw=4 sts=4

3904
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/Lexer/PH5P.php vendored
View File

File diff suppressed because it is too large Load Diff

346
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/Strategy/FixNesting.php vendored
View File

@ -1,346 +0,0 @@
<?php
/**
* Takes a well formed list of tokens and fixes their nesting.
*
* HTML elements dictate which elements are allowed to be their children,
* for example, you can't have a p tag in a span tag. Other elements have
* much more rigorous definitions: tables, for instance, require a specific
* order for their elements. There are also constraints not expressible by
* document type definitions, such as the chameleon nature of ins/del
* tags and global child exclusions.
*
* The first major objective of this strategy is to iterate through all the
* nodes (not tokens) of the list of tokens and determine whether or not
* their children conform to the element's definition. If they do not, the
* child definition may optionally supply an amended list of elements that
* is valid or require that the entire node be deleted (and the previous
* node rescanned).
*
* The second objective is to ensure that explicitly excluded elements of
* an element do not appear in its children. Code that accomplishes this
* task is pervasive through the strategy, though the two are distinct tasks
* and could, theoretically, be seperated (although it's not recommended).
*
* @note Whether or not unrecognized children are silently dropped or
* translated into text depends on the child definitions.
*
* @todo Enable nodes to be bubbled out of the structure.
*
* @warning This algorithm (though it may be hard to see) proceeds from
* a top-down fashion. Thus, parents are processed before
* children. This is easy to implement and has a nice effiency
* benefit, in that if a node is removed, we never waste any
* time processing it, but it also means that if a child
* changes in a non-encapsulated way (e.g. it is removed), we
* need to go back and reprocess the parent to see if those
* changes resulted in problems for the parent. See
* [BACKTRACK] for an example of this. In the current
* implementation, this backtracking can only be triggered when
* a node is removed and if that node was the sole node, the
* parent would need to be removed. As such, it is easy to see
* that backtracking only incurs constant overhead. If more
* sophisticated backtracking is implemented, care must be
* taken to avoid nontermination or exponential blowup.
*/
class HTMLPurifier_Strategy_FixNesting extends HTMLPurifier_Strategy
{
public function execute($tokens, $config, $context) {
//####################################################################//
// Pre-processing
// get a copy of the HTML definition
$definition = $config->getHTMLDefinition();
$excludes_enabled = !$config->get('Core.DisableExcludes');
// insert implicit "parent" node, will be removed at end.
// DEFINITION CALL
$parent_name = $definition->info_parent;
array_unshift($tokens, new HTMLPurifier_Token_Start($parent_name));
$tokens[] = new HTMLPurifier_Token_End($parent_name);
// setup the context variable 'IsInline', for chameleon processing
// is 'false' when we are not inline, 'true' when it must always
// be inline, and an integer when it is inline for a certain
// branch of the document tree
$is_inline = $definition->info_parent_def->descendants_are_inline;
$context->register('IsInline', $is_inline);
// setup error collector
$e =& $context->get('ErrorCollector', true);
//####################################################################//
// Loop initialization
// stack that contains the indexes of all parents,
// $stack[count($stack)-1] being the current parent
$stack = array();
// stack that contains all elements that are excluded
// it is organized by parent elements, similar to $stack,
// but it is only populated when an element with exclusions is
// processed, i.e. there won't be empty exclusions.
$exclude_stack = array();
// variable that contains the start token while we are processing
// nodes. This enables error reporting to do its job
$start_token = false;
$context->register('CurrentToken', $start_token);
//####################################################################//
// Loop
// iterate through all start nodes. Determining the start node
// is complicated so it has been omitted from the loop construct
for ($i = 0, $size = count($tokens) ; $i < $size; ) {
//################################################################//
// Gather information on children
// child token accumulator
$child_tokens = array();
// scroll to the end of this node, report number, and collect
// all children
for ($j = $i, $depth = 0; ; $j++) {
if ($tokens[$j] instanceof HTMLPurifier_Token_Start) {
$depth++;
// skip token assignment on first iteration, this is the
// token we currently are on
if ($depth == 1) continue;
} elseif ($tokens[$j] instanceof HTMLPurifier_Token_End) {
$depth--;
// skip token assignment on last iteration, this is the
// end token of the token we're currently on
if ($depth == 0) break;
}
$child_tokens[] = $tokens[$j];
}
// $i is index of start token
// $j is index of end token
$start_token = $tokens[$i]; // to make token available via CurrentToken
//################################################################//
// Gather information on parent
// calculate parent information
if ($count = count($stack)) {
$parent_index = $stack[$count-1];
$parent_name = $tokens[$parent_index]->name;
if ($parent_index == 0) {
$parent_def = $definition->info_parent_def;
} else {
$parent_def = $definition->info[$parent_name];
}
} else {
// processing as if the parent were the "root" node
// unknown info, it won't be used anyway, in the future,
// we may want to enforce one element only (this is
// necessary for HTML Purifier to clean entire documents
$parent_index = $parent_name = $parent_def = null;
}
// calculate context
if ($is_inline === false) {
// check if conditions make it inline
if (!empty($parent_def) && $parent_def->descendants_are_inline) {
$is_inline = $count - 1;
}
} else {
// check if we're out of inline
if ($count === $is_inline) {
$is_inline = false;
}
}
//################################################################//
// Determine whether element is explicitly excluded SGML-style
// determine whether or not element is excluded by checking all
// parent exclusions. The array should not be very large, two
// elements at most.
$excluded = false;
if (!empty($exclude_stack) && $excludes_enabled) {
foreach ($exclude_stack as $lookup) {
if (isset($lookup[$tokens[$i]->name])) {
$excluded = true;
// no need to continue processing
break;
}
}
}
//################################################################//
// Perform child validation
if ($excluded) {
// there is an exclusion, remove the entire node
$result = false;
$excludes = array(); // not used, but good to initialize anyway
} else {
// DEFINITION CALL
if ($i === 0) {
// special processing for the first node
$def = $definition->info_parent_def;
} else {
$def = $definition->info[$tokens[$i]->name];
}
if (!empty($def->child)) {
// have DTD child def validate children
$result = $def->child->validateChildren(
$child_tokens, $config, $context);
} else {
// weird, no child definition, get rid of everything
$result = false;
}
// determine whether or not this element has any exclusions
$excludes = $def->excludes;
}
// $result is now a bool or array
//################################################################//
// Process result by interpreting $result
if ($result === true || $child_tokens === $result) {
// leave the node as is
// register start token as a parental node start
$stack[] = $i;
// register exclusions if there are any
if (!empty($excludes)) $exclude_stack[] = $excludes;
// move cursor to next possible start node
$i++;
} elseif($result === false) {
// remove entire node
if ($e) {
if ($excluded) {
$e->send(E_ERROR, 'Strategy_FixNesting: Node excluded');
} else {
$e->send(E_ERROR, 'Strategy_FixNesting: Node removed');
}
}
// calculate length of inner tokens and current tokens
$length = $j - $i + 1;
// perform removal
array_splice($tokens, $i, $length);
// update size
$size -= $length;
// there is no start token to register,
// current node is now the next possible start node
// unless it turns out that we need to do a double-check
// this is a rought heuristic that covers 100% of HTML's
// cases and 99% of all other cases. A child definition
// that would be tricked by this would be something like:
// ( | a b c) where it's all or nothing. Fortunately,
// our current implementation claims that that case would
// not allow empty, even if it did
if (!$parent_def->child->allow_empty) {
// we need to do a double-check [BACKTRACK]
$i = $parent_index;
array_pop($stack);
}
// PROJECTED OPTIMIZATION: Process all children elements before
// reprocessing parent node.
} else {
// replace node with $result
// calculate length of inner tokens
$length = $j - $i - 1;
if ($e) {
if (empty($result) && $length) {
$e->send(E_ERROR, 'Strategy_FixNesting: Node contents removed');
} else {
$e->send(E_WARNING, 'Strategy_FixNesting: Node reorganized');
}
}
// perform replacement
array_splice($tokens, $i + 1, $length, $result);
// update size
$size -= $length;
$size += count($result);
// register start token as a parental node start
$stack[] = $i;
// register exclusions if there are any
if (!empty($excludes)) $exclude_stack[] = $excludes;
// move cursor to next possible start node
$i++;
}
//################################################################//
// Scroll to next start node
// We assume, at this point, that $i is the index of the token
// that is the first possible new start point for a node.
// Test if the token indeed is a start tag, if not, move forward
// and test again.
$size = count($tokens);
while ($i < $size and !$tokens[$i] instanceof HTMLPurifier_Token_Start) {
if ($tokens[$i] instanceof HTMLPurifier_Token_End) {
// pop a token index off the stack if we ended a node
array_pop($stack);
// pop an exclusion lookup off exclusion stack if
// we ended node and that node had exclusions
if ($i == 0 || $i == $size - 1) {
// use specialized var if it's the super-parent
$s_excludes = $definition->info_parent_def->excludes;
} else {
$s_excludes = $definition->info[$tokens[$i]->name]->excludes;
}
if ($s_excludes) {
array_pop($exclude_stack);
}
}
$i++;
}
}
//####################################################################//
// Post-processing
// remove implicit parent tokens at the beginning and end
array_shift($tokens);
array_pop($tokens);
// remove context variables
$context->destroy('IsInline');
$context->destroy('CurrentToken');
//####################################################################//
// Return
return $tokens;
}
}
// vim: et sw=4 sts=4

57
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/Token.php vendored
View File

@ -1,57 +0,0 @@
<?php
/**
* Abstract base token class that all others inherit from.
*/
class HTMLPurifier_Token {
public $line; /**< Line number node was on in source document. Null if unknown. */
public $col; /**< Column of line node was on in source document. Null if unknown. */
/**
* Lookup array of processing that this token is exempt from.
* Currently, valid values are "ValidateAttributes" and
* "MakeWellFormed_TagClosedError"
*/
public $armor = array();
/**
* Used during MakeWellFormed.
*/
public $skip;
public $rewind;
public $carryover;
public function __get($n) {
if ($n === 'type') {
trigger_error('Deprecated type property called; use instanceof', E_USER_NOTICE);
switch (get_class($this)) {
case 'HTMLPurifier_Token_Start': return 'start';
case 'HTMLPurifier_Token_Empty': return 'empty';
case 'HTMLPurifier_Token_End': return 'end';
case 'HTMLPurifier_Token_Text': return 'text';
case 'HTMLPurifier_Token_Comment': return 'comment';
default: return null;
}
}
}
/**
* Sets the position of the token in the source document.
*/
public function position($l = null, $c = null) {
$this->line = $l;
$this->col = $c;
}
/**
* Convenience function for DirectLex settings line/col position.
*/
public function rawPosition($l, $c) {
if ($c === -1) $l++;
$this->line = $l;
$this->col = $c;
}
}
// vim: et sw=4 sts=4

22
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/Token/Comment.php vendored
View File

@ -1,22 +0,0 @@
<?php
/**
* Concrete comment token class. Generally will be ignored.
*/
class HTMLPurifier_Token_Comment extends HTMLPurifier_Token
{
public $data; /**< Character data within comment. */
public $is_whitespace = true;
/**
* Transparent constructor.
*
* @param $data String comment data.
*/
public function __construct($data, $line = null, $col = null) {
$this->data = $data;
$this->line = $line;
$this->col = $col;
}
}
// vim: et sw=4 sts=4

94
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/TokenFactory.php vendored
View File

@ -1,94 +0,0 @@
<?php
/**
* Factory for token generation.
*
* @note Doing some benchmarking indicates that the new operator is much
* slower than the clone operator (even discounting the cost of the
* constructor). This class is for that optimization.
* Other then that, there's not much point as we don't
* maintain parallel HTMLPurifier_Token hierarchies (the main reason why
* you'd want to use an abstract factory).
* @todo Port DirectLex to use this
*/
class HTMLPurifier_TokenFactory
{
/**
* Prototypes that will be cloned.
* @private
*/
// p stands for prototype
private $p_start, $p_end, $p_empty, $p_text, $p_comment;
/**
* Generates blank prototypes for cloning.
*/
public function __construct() {
$this->p_start = new HTMLPurifier_Token_Start('', array());
$this->p_end = new HTMLPurifier_Token_End('');
$this->p_empty = new HTMLPurifier_Token_Empty('', array());
$this->p_text = new HTMLPurifier_Token_Text('');
$this->p_comment= new HTMLPurifier_Token_Comment('');
}
/**
* Creates a HTMLPurifier_Token_Start.
* @param $name Tag name
* @param $attr Associative array of attributes
* @return Generated HTMLPurifier_Token_Start
*/
public function createStart($name, $attr = array()) {
$p = clone $this->p_start;
$p->__construct($name, $attr);
return $p;
}
/**
* Creates a HTMLPurifier_Token_End.
* @param $name Tag name
* @return Generated HTMLPurifier_Token_End
*/
public function createEnd($name) {
$p = clone $this->p_end;
$p->__construct($name);
return $p;
}
/**
* Creates a HTMLPurifier_Token_Empty.
* @param $name Tag name
* @param $attr Associative array of attributes
* @return Generated HTMLPurifier_Token_Empty
*/
public function createEmpty($name, $attr = array()) {
$p = clone $this->p_empty;
$p->__construct($name, $attr);
return $p;
}
/**
* Creates a HTMLPurifier_Token_Text.
* @param $data Data of text token
* @return Generated HTMLPurifier_Token_Text
*/
public function createText($data) {
$p = clone $this->p_text;
$p->__construct($data);
return $p;
}
/**
* Creates a HTMLPurifier_Token_Comment.
* @param $data Data of comment token
* @return Generated HTMLPurifier_Token_Comment
*/
public function createComment($data) {
$p = clone $this->p_comment;
$p->__construct($data);
return $p;
}
}
// vim: et sw=4 sts=4

23
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/URIFilter/DisableExternal.php vendored
View File

@ -1,23 +0,0 @@
<?php
class HTMLPurifier_URIFilter_DisableExternal extends HTMLPurifier_URIFilter
{
public $name = 'DisableExternal';
protected $ourHostParts = false;
public function prepare($config) {
$our_host = $config->getDefinition('URI')->host;
if ($our_host !== null) $this->ourHostParts = array_reverse(explode('.', $our_host));
}
public function filter(&$uri, $config, $context) {
if (is_null($uri->host)) return true;
if ($this->ourHostParts === false) return false;
$host_parts = array_reverse(explode('.', $uri->host));
foreach ($this->ourHostParts as $i => $x) {
if (!isset($host_parts[$i])) return false;
if ($host_parts[$i] != $this->ourHostParts[$i]) return false;
}
return true;
}
}
// vim: et sw=4 sts=4

12
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/URIFilter/DisableExternalResources.php vendored
View File

@ -1,12 +0,0 @@
<?php
class HTMLPurifier_URIFilter_DisableExternalResources extends HTMLPurifier_URIFilter_DisableExternal
{
public $name = 'DisableExternalResources';
public function filter(&$uri, $config, $context) {
if (!$context->get('EmbeddedURI', true)) return true;
return parent::filter($uri, $config, $context);
}
}
// vim: et sw=4 sts=4

11
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/URIFilter/DisableResources.php vendored
View File

@ -1,11 +0,0 @@
<?php
class HTMLPurifier_URIFilter_DisableResources extends HTMLPurifier_URIFilter
{
public $name = 'DisableResources';
public function filter(&$uri, $config, $context) {
return !$context->get('EmbeddedURI', true);
}
}
// vim: et sw=4 sts=4

53
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/URIFilter/Munge.php vendored
View File

@ -1,53 +0,0 @@
<?php
class HTMLPurifier_URIFilter_Munge extends HTMLPurifier_URIFilter
{
public $name = 'Munge';
public $post = true;
private $target, $parser, $doEmbed, $secretKey;
protected $replace = array();
public function prepare($config) {
$this->target = $config->get('URI.' . $this->name);
$this->parser = new HTMLPurifier_URIParser();
$this->doEmbed = $config->get('URI.MungeResources');
$this->secretKey = $config->get('URI.MungeSecretKey');
return true;
}
public function filter(&$uri, $config, $context) {
if ($context->get('EmbeddedURI', true) && !$this->doEmbed) return true;
$scheme_obj = $uri->getSchemeObj($config, $context);
if (!$scheme_obj) return true; // ignore unknown schemes, maybe another postfilter did it
if (!$scheme_obj->browsable) return true; // ignore non-browseable schemes, since we can't munge those in a reasonable way
if ($uri->isBenign($config, $context)) return true; // don't redirect if a benign URL
$this->makeReplace($uri, $config, $context);
$this->replace = array_map('rawurlencode', $this->replace);
$new_uri = strtr($this->target, $this->replace);
$new_uri = $this->parser->parse($new_uri);
// don't redirect if the target host is the same as the
// starting host
if ($uri->host === $new_uri->host) return true;
$uri = $new_uri; // overwrite
return true;
}
protected function makeReplace($uri, $config, $context) {
$string = $uri->toString();
// always available
$this->replace['%s'] = $string;
$this->replace['%r'] = $context->get('EmbeddedURI', true);
$token = $context->get('CurrentToken', true);
$this->replace['%n'] = $token ? $token->name : null;
$this->replace['%m'] = $context->get('CurrentAttr', true);
$this->replace['%p'] = $context->get('CurrentCSSProperty', true);
// not always available
if ($this->secretKey) $this->replace['%t'] = sha1($this->secretKey . ':' . $string);
}
}
// vim: et sw=4 sts=4

35
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/URIFilter/SafeIframe.php vendored
View File

@ -1,35 +0,0 @@
<?php
/**
* Implements safety checks for safe iframes.
*
* @warning This filter is *critical* for ensuring that %HTML.SafeIframe
* works safely.
*/
class HTMLPurifier_URIFilter_SafeIframe extends HTMLPurifier_URIFilter
{
public $name = 'SafeIframe';
public $always_load = true;
protected $regexp = NULL;
// XXX: The not so good bit about how this is all setup now is we
// can't check HTML.SafeIframe in the 'prepare' step: we have to
// defer till the actual filtering.
public function prepare($config) {
$this->regexp = $config->get('URI.SafeIframeRegexp');
return true;
}
public function filter(&$uri, $config, $context) {
// check if filter not applicable
if (!$config->get('HTML.SafeIframe')) return true;
// check if the filter should actually trigger
if (!$context->get('EmbeddedURI', true)) return true;
$token = $context->get('CurrentToken', true);
if (!($token && $token->name == 'iframe')) return true;
// check if we actually have some whitelists enabled
if ($this->regexp === null) return false;
// actually check the whitelists
return preg_match($this->regexp, $uri->toString());
}
}
// vim: et sw=4 sts=4

32
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/URIScheme/file.php vendored
View File

@ -1,32 +0,0 @@
<?php
/**
* Validates file as defined by RFC 1630 and RFC 1738.
*/
class HTMLPurifier_URIScheme_file extends HTMLPurifier_URIScheme {
// Generally file:// URLs are not accessible from most
// machines, so placing them as an img src is incorrect.
public $browsable = false;
// Basically the *only* URI scheme for which this is true, since
// accessing files on the local machine is very common. In fact,
// browsers on some operating systems don't understand the
// authority, though I hear it is used on Windows to refer to
// network shares.
public $may_omit_host = true;
public function doValidate(&$uri, $config, $context) {
// Authentication method is not supported
$uri->userinfo = null;
// file:// makes no provisions for accessing the resource
$uri->port = null;
// While it seems to work on Firefox, the querystring has
// no possible effect and is thus stripped.
$uri->query = null;
return true;
}
}
// vim: et sw=4 sts=4

22
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/URIScheme/news.php vendored
View File

@ -1,22 +0,0 @@
<?php
/**
* Validates news (Usenet) as defined by generic RFC 1738
*/
class HTMLPurifier_URIScheme_news extends HTMLPurifier_URIScheme {
public $browsable = false;
public $may_omit_host = true;
public function doValidate(&$uri, $config, $context) {
$uri->userinfo = null;
$uri->host = null;
$uri->port = null;
$uri->query = null;
// typecode check needed on path
return true;
}
}
// vim: et sw=4 sts=4

19
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/URIScheme/nntp.php vendored
View File

@ -1,19 +0,0 @@
<?php
/**
* Validates nntp (Network News Transfer Protocol) as defined by generic RFC 1738
*/
class HTMLPurifier_URIScheme_nntp extends HTMLPurifier_URIScheme {
public $default_port = 119;
public $browsable = false;
public function doValidate(&$uri, $config, $context) {
$uri->userinfo = null;
$uri->query = null;
return true;
}
}
// vim: et sw=4 sts=4

154
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/VarParser.php vendored
View File

@ -1,154 +0,0 @@
<?php
/**
* Parses string representations into their corresponding native PHP
* variable type. The base implementation does a simple type-check.
*/
class HTMLPurifier_VarParser
{
const STRING = 1;
const ISTRING = 2;
const TEXT = 3;
const ITEXT = 4;
const INT = 5;
const FLOAT = 6;
const BOOL = 7;
const LOOKUP = 8;
const ALIST = 9;
const HASH = 10;
const MIXED = 11;
/**
* Lookup table of allowed types. Mainly for backwards compatibility, but
* also convenient for transforming string type names to the integer constants.
*/
static public $types = array(
'string' => self::STRING,
'istring' => self::ISTRING,
'text' => self::TEXT,
'itext' => self::ITEXT,
'int' => self::INT,
'float' => self::FLOAT,
'bool' => self::BOOL,
'lookup' => self::LOOKUP,
'list' => self::ALIST,
'hash' => self::HASH,
'mixed' => self::MIXED
);
/**
* Lookup table of types that are string, and can have aliases or
* allowed value lists.
*/
static public $stringTypes = array(
self::STRING => true,
self::ISTRING => true,
self::TEXT => true,
self::ITEXT => true,
);
/**
* Validate a variable according to type. Throws
* HTMLPurifier_VarParserException if invalid.
* It may return NULL as a valid type if $allow_null is true.
*
* @param $var Variable to validate
* @param $type Type of variable, see HTMLPurifier_VarParser->types
* @param $allow_null Whether or not to permit null as a value
* @return Validated and type-coerced variable
*/
final public function parse($var, $type, $allow_null = false) {
if (is_string($type)) {
if (!isset(HTMLPurifier_VarParser::$types[$type])) {
throw new HTMLPurifier_VarParserException("Invalid type '$type'");
} else {
$type = HTMLPurifier_VarParser::$types[$type];
}
}
$var = $this->parseImplementation($var, $type, $allow_null);
if ($allow_null && $var === null) return null;
// These are basic checks, to make sure nothing horribly wrong
// happened in our implementations.
switch ($type) {
case (self::STRING):
case (self::ISTRING):
case (self::TEXT):
case (self::ITEXT):
if (!is_string($var)) break;
if ($type == self::ISTRING || $type == self::ITEXT) $var = strtolower($var);
return $var;
case (self::INT):
if (!is_int($var)) break;
return $var;
case (self::FLOAT):
if (!is_float($var)) break;
return $var;
case (self::BOOL):
if (!is_bool($var)) break;
return $var;
case (self::LOOKUP):
case (self::ALIST):
case (self::HASH):
if (!is_array($var)) break;
if ($type === self::LOOKUP) {
foreach ($var as $k) if ($k !== true) $this->error('Lookup table contains value other than true');
} elseif ($type === self::ALIST) {
$keys = array_keys($var);
if (array_keys($keys) !== $keys) $this->error('Indices for list are not uniform');
}
return $var;
case (self::MIXED):
return $var;
default:
$this->errorInconsistent(get_class($this), $type);
}
$this->errorGeneric($var, $type);
}
/**
* Actually implements the parsing. Base implementation is to not
* do anything to $var. Subclasses should overload this!
*/
protected function parseImplementation($var, $type, $allow_null) {
return $var;
}
/**
* Throws an exception.
*/
protected function error($msg) {
throw new HTMLPurifier_VarParserException($msg);
}
/**
* Throws an inconsistency exception.
* @note This should not ever be called. It would be called if we
* extend the allowed values of HTMLPurifier_VarParser without
* updating subclasses.
*/
protected function errorInconsistent($class, $type) {
throw new HTMLPurifier_Exception("Inconsistency in $class: ".HTMLPurifier_VarParser::getTypeName($type)." not implemented");
}
/**
* Generic error for if a type didn't work.
*/
protected function errorGeneric($var, $type) {
$vtype = gettype($var);
$this->error("Expected type ".HTMLPurifier_VarParser::getTypeName($type).", got $vtype");
}
static public function getTypeName($type) {
static $lookup;
if (!$lookup) {
// Lazy load the alternative lookup table
$lookup = array_flip(HTMLPurifier_VarParser::$types);
}
if (!isset($lookup[$type])) return 'unknown';
return $lookup[$type];
}
}
// vim: et sw=4 sts=4

0
library/vendor/htmlpurifier-4.5.0-lite/CREDITS → library/vendor/htmlpurifier-4.6.0-lite/CREDITS vendored
View File

0
library/vendor/htmlpurifier-4.5.0-lite/INSTALL → library/vendor/htmlpurifier-4.6.0-lite/INSTALL vendored
View File

0
library/vendor/htmlpurifier-4.5.0-lite/LICENSE → library/vendor/htmlpurifier-4.6.0-lite/LICENSE vendored
View File

26
library/vendor/htmlpurifier-4.5.0-lite/NEWS → library/vendor/htmlpurifier-4.6.0-lite/NEWS vendored
View File

@ -9,6 +9,28 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
. Internal change . Internal change
========================== ==========================
4.6.0, released 2013-11-30
# Secure URI munge hashing algorithm has changed to hash_hmac("sha256", $url, $secret).
Please update any verification scripts you may have.
# URI parsing algorithm was made more strict, so only prefixes which
looks like schemes will actually be schemes. Thanks
Michael Gusev <mgusev@sugarcrm.com> for fixing.
# %Core.EscapeInvalidChildren is no longer supported, and no longer does
anything.
! New directive %Core.AllowHostnameUnderscore which allows underscores
in hostnames.
- Eliminate quadratic behavior in DOMLex by using a proper queue.
Thanks Ole Laursen for noticing this.
- Rewritten MakeWellFormed/FixNesting implementation eliminates quadratic
behavior in the rest of the purificaiton pipeline. Thanks Chedburn
Networks for sponsoring this work.
- Made Linkify URL parser a bit less permissive, so that non-breaking
spaces and commas are not included as part of URL. Thanks nAS for fixing.
- Fix some bad interactions with %HTML.Allowed and injectors. Thanks
David Hirtz for reporting.
- Fix infinite loop in DirectLex. Thanks Ashar Javed (@soaj1664ashar)
for reporting.
4.5.0, released 2013-02-17 4.5.0, released 2013-02-17
# Fix bug where stacked attribute transforms clobber each other; # Fix bug where stacked attribute transforms clobber each other;
this also means it's no longer possible to override attribute this also means it's no longer possible to override attribute
@ -20,10 +42,10 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier
! Permit underscores in font families ! Permit underscores in font families
! Support for page-break-* CSS3 properties when proprietary properties ! Support for page-break-* CSS3 properties when proprietary properties
are enabled. are enabled.
! New directive %Core.EnableExcludes; can be set to 'false' to turn off ! New directive %Core.DisableExcludes; can be set to 'true' to turn off
SGML excludes checking. If HTML Purifier is removing too much text SGML excludes checking. If HTML Purifier is removing too much text
and you don't care about full standards compliance, try setting this to and you don't care about full standards compliance, try setting this to
'false'. 'true'.
- Use prepend for SPL autoloading on PHP 5.3 and later. - Use prepend for SPL autoloading on PHP 5.3 and later.
- Fix bug with nofollow transform when pre-existing rel exists. - Fix bug with nofollow transform when pre-existing rel exists.
- Fix bug where background:url() always gets lower-cased - Fix bug where background:url() always gets lower-cased

0
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.auto.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.auto.php vendored
View File

3
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.autoload.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.autoload.php vendored
View File

@ -14,7 +14,8 @@ if (function_exists('spl_autoload_register') && function_exists('spl_autoload_un
spl_autoload_register('__autoload'); spl_autoload_register('__autoload');
} }
} elseif (!function_exists('__autoload')) { } elseif (!function_exists('__autoload')) {
function __autoload($class) { function __autoload($class)
{
return HTMLPurifier_Bootstrap::autoload($class); return HTMLPurifier_Bootstrap::autoload($class);
} }
} }

0
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.composer.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.composer.php vendored
View File

8
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.func.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.func.php vendored
View File

@ -8,11 +8,13 @@
/** /**
* Purify HTML. * Purify HTML.
* @param $html String HTML to purify * @param string $html String HTML to purify
* @param $config Configuration to use, can be any value accepted by * @param mixed $config Configuration to use, can be any value accepted by
* HTMLPurifier_Config::create() * HTMLPurifier_Config::create()
* @return string
*/ */
function HTMLPurifier($html, $config = null) { function HTMLPurifier($html, $config = null)
{
static $purifier = false; static $purifier = false;
if (!$purifier) { if (!$purifier) {
$purifier = new HTMLPurifier(); $purifier = new HTMLPurifier();

9
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.includes.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.includes.php vendored
View File

@ -7,7 +7,7 @@
* primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS
* FILE, changes will be overwritten the next time the script is run. * FILE, changes will be overwritten the next time the script is run.
* *
* @version 4.5.0 * @version 4.6.0
* *
* @warning * @warning
* You must *not* include any other HTML Purifier files before this file, * You must *not* include any other HTML Purifier files before this file,
@ -19,6 +19,7 @@
*/ */
require 'HTMLPurifier.php'; require 'HTMLPurifier.php';
require 'HTMLPurifier/Arborize.php';
require 'HTMLPurifier/AttrCollections.php'; require 'HTMLPurifier/AttrCollections.php';
require 'HTMLPurifier/AttrDef.php'; require 'HTMLPurifier/AttrDef.php';
require 'HTMLPurifier/AttrTransform.php'; require 'HTMLPurifier/AttrTransform.php';
@ -54,9 +55,11 @@ require 'HTMLPurifier/Language.php';
require 'HTMLPurifier/LanguageFactory.php'; require 'HTMLPurifier/LanguageFactory.php';
require 'HTMLPurifier/Length.php'; require 'HTMLPurifier/Length.php';
require 'HTMLPurifier/Lexer.php'; require 'HTMLPurifier/Lexer.php';
require 'HTMLPurifier/Node.php';
require 'HTMLPurifier/PercentEncoder.php'; require 'HTMLPurifier/PercentEncoder.php';
require 'HTMLPurifier/PropertyList.php'; require 'HTMLPurifier/PropertyList.php';
require 'HTMLPurifier/PropertyListIterator.php'; require 'HTMLPurifier/PropertyListIterator.php';
require 'HTMLPurifier/Queue.php';
require 'HTMLPurifier/Strategy.php'; require 'HTMLPurifier/Strategy.php';
require 'HTMLPurifier/StringHash.php'; require 'HTMLPurifier/StringHash.php';
require 'HTMLPurifier/StringHashParser.php'; require 'HTMLPurifier/StringHashParser.php';
@ -72,6 +75,7 @@ require 'HTMLPurifier/URISchemeRegistry.php';
require 'HTMLPurifier/UnitConverter.php'; require 'HTMLPurifier/UnitConverter.php';
require 'HTMLPurifier/VarParser.php'; require 'HTMLPurifier/VarParser.php';
require 'HTMLPurifier/VarParserException.php'; require 'HTMLPurifier/VarParserException.php';
require 'HTMLPurifier/Zipper.php';
require 'HTMLPurifier/AttrDef/CSS.php'; require 'HTMLPurifier/AttrDef/CSS.php';
require 'HTMLPurifier/AttrDef/Clone.php'; require 'HTMLPurifier/AttrDef/Clone.php';
require 'HTMLPurifier/AttrDef/Enum.php'; require 'HTMLPurifier/AttrDef/Enum.php';
@ -189,6 +193,9 @@ require 'HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php';
require 'HTMLPurifier/Injector/SafeObject.php'; require 'HTMLPurifier/Injector/SafeObject.php';
require 'HTMLPurifier/Lexer/DOMLex.php'; require 'HTMLPurifier/Lexer/DOMLex.php';
require 'HTMLPurifier/Lexer/DirectLex.php'; require 'HTMLPurifier/Lexer/DirectLex.php';
require 'HTMLPurifier/Node/Comment.php';
require 'HTMLPurifier/Node/Element.php';
require 'HTMLPurifier/Node/Text.php';
require 'HTMLPurifier/Strategy/Composite.php'; require 'HTMLPurifier/Strategy/Composite.php';
require 'HTMLPurifier/Strategy/Core.php'; require 'HTMLPurifier/Strategy/Core.php';
require 'HTMLPurifier/Strategy/FixNesting.php'; require 'HTMLPurifier/Strategy/FixNesting.php';

4
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.kses.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.kses.php vendored
View File

@ -7,7 +7,8 @@
require_once dirname(__FILE__) . '/HTMLPurifier.auto.php'; require_once dirname(__FILE__) . '/HTMLPurifier.auto.php';
function kses($string, $allowed_html, $allowed_protocols = null) { function kses($string, $allowed_html, $allowed_protocols = null)
{
$config = HTMLPurifier_Config::createDefault(); $config = HTMLPurifier_Config::createDefault();
$allowed_elements = array(); $allowed_elements = array();
$allowed_attributes = array(); $allowed_attributes = array();
@ -19,7 +20,6 @@ function kses($string, $allowed_html, $allowed_protocols = null) {
} }
$config->set('HTML.AllowedElements', $allowed_elements); $config->set('HTML.AllowedElements', $allowed_elements);
$config->set('HTML.AllowedAttributes', $allowed_attributes); $config->set('HTML.AllowedAttributes', $allowed_attributes);
$allowed_schemes = array();
if ($allowed_protocols !== null) { if ($allowed_protocols !== null) {
$config->set('URI.AllowedSchemes', $allowed_protocols); $config->set('URI.AllowedSchemes', $allowed_protocols);
} }

0
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.path.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.path.php vendored
View File

153
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.php vendored
View File

@ -19,7 +19,7 @@
*/ */
/* /*
HTML Purifier 4.5.0 - Standards Compliant HTML Filtering HTML Purifier 4.6.0 - Standards Compliant HTML Filtering
Copyright (C) 2006-2008 Edward Z. Yang Copyright (C) 2006-2008 Edward Z. Yang
This library is free software; you can redistribute it and/or This library is free software; you can redistribute it and/or
@ -54,66 +54,97 @@
class HTMLPurifier class HTMLPurifier
{ {
/** Version of HTML Purifier */ /**
public $version = '4.5.0'; * Version of HTML Purifier.
* @type string
/** Constant with version of HTML Purifier */ */
const VERSION = '4.5.0'; public $version = '4.6.0';
/** Global configuration object */
public $config;
/** Array of extra HTMLPurifier_Filter objects to run on HTML, for backwards compatibility */
private $filters = array();
/** Single instance of HTML Purifier */
private static $instance;
protected $strategy, $generator;
/** /**
* Resultant HTMLPurifier_Context of last run purification. Is an array * Constant with version of HTML Purifier.
* of contexts if the last called method was purifyArray(). */
const VERSION = '4.6.0';
/**
* Global configuration object.
* @type HTMLPurifier_Config
*/
public $config;
/**
* Array of extra filter objects to run on HTML,
* for backwards compatibility.
* @type HTMLPurifier_Filter[]
*/
private $filters = array();
/**
* Single instance of HTML Purifier.
* @type HTMLPurifier
*/
private static $instance;
/**
* @type HTMLPurifier_Strategy_Core
*/
protected $strategy;
/**
* @type HTMLPurifier_Generator
*/
protected $generator;
/**
* Resultant context of last run purification.
* Is an array of contexts if the last called method was purifyArray().
* @type HTMLPurifier_Context
*/ */
public $context; public $context;
/** /**
* Initializes the purifier. * Initializes the purifier.
* @param $config Optional HTMLPurifier_Config object for all instances of *
* the purifier, if omitted, a default configuration is * @param HTMLPurifier_Config $config Optional HTMLPurifier_Config object
* supplied (which can be overridden on a per-use basis). * for all instances of the purifier, if omitted, a default
* configuration is supplied (which can be overridden on a
* per-use basis).
* The parameter can also be any type that * The parameter can also be any type that
* HTMLPurifier_Config::create() supports. * HTMLPurifier_Config::create() supports.
*/ */
public function __construct($config = null) { public function __construct($config = null)
{
$this->config = HTMLPurifier_Config::create($config); $this->config = HTMLPurifier_Config::create($config);
$this->strategy = new HTMLPurifier_Strategy_Core();
$this->strategy = new HTMLPurifier_Strategy_Core();
} }
/** /**
* Adds a filter to process the output. First come first serve * Adds a filter to process the output. First come first serve
* @param $filter HTMLPurifier_Filter object *
* @param HTMLPurifier_Filter $filter HTMLPurifier_Filter object
*/ */
public function addFilter($filter) { public function addFilter($filter)
trigger_error('HTMLPurifier->addFilter() is deprecated, use configuration directives in the Filter namespace or Filter.Custom', E_USER_WARNING); {
trigger_error(
'HTMLPurifier->addFilter() is deprecated, use configuration directives' .
' in the Filter namespace or Filter.Custom',
E_USER_WARNING
);
$this->filters[] = $filter; $this->filters[] = $filter;
} }
/** /**
* Filters an HTML snippet/document to be XSS-free and standards-compliant. * Filters an HTML snippet/document to be XSS-free and standards-compliant.
* *
* @param $html String of HTML to purify * @param string $html String of HTML to purify
* @param $config HTMLPurifier_Config object for this operation, if omitted, * @param HTMLPurifier_Config $config Config object for this operation,
* defaults to the config object specified during this * if omitted, defaults to the config object specified during this
* object's construction. The parameter can also be any type * object's construction. The parameter can also be any type
* that HTMLPurifier_Config::create() supports. * that HTMLPurifier_Config::create() supports.
* @return Purified HTML *
* @return string Purified HTML
*/ */
public function purify($html, $config = null) { public function purify($html, $config = null)
{
// :TODO: make the config merge in, instead of replace // :TODO: make the config merge in, instead of replace
$config = $config ? HTMLPurifier_Config::create($config) : $this->config; $config = $config ? HTMLPurifier_Config::create($config) : $this->config;
@ -151,8 +182,12 @@ class HTMLPurifier
unset($filter_flags['Custom']); unset($filter_flags['Custom']);
$filters = array(); $filters = array();
foreach ($filter_flags as $filter => $flag) { foreach ($filter_flags as $filter => $flag) {
if (!$flag) continue; if (!$flag) {
if (strpos($filter, '.') !== false) continue; continue;
}
if (strpos($filter, '.') !== false) {
continue;
}
$class = "HTMLPurifier_Filter_$filter"; $class = "HTMLPurifier_Filter_$filter";
$filters[] = new $class; $filters[] = new $class;
} }
@ -175,9 +210,12 @@ class HTMLPurifier
// list of un-purified tokens // list of un-purified tokens
$lexer->tokenizeHTML( $lexer->tokenizeHTML(
// un-purified HTML // un-purified HTML
$html, $config, $context $html,
$config,
$context
), ),
$config, $context $config,
$context
) )
); );
@ -192,11 +230,15 @@ class HTMLPurifier
/** /**
* Filters an array of HTML snippets * Filters an array of HTML snippets
* @param $config Optional HTMLPurifier_Config object for this operation. *
* @param string[] $array_of_html Array of html snippets
* @param HTMLPurifier_Config $config Optional config object for this operation.
* See HTMLPurifier::purify() for more details. * See HTMLPurifier::purify() for more details.
* @return Array of purified HTML *
* @return string[] Array of purified HTML
*/ */
public function purifyArray($array_of_html, $config = null) { public function purifyArray($array_of_html, $config = null)
{
$context_array = array(); $context_array = array();
foreach ($array_of_html as $key => $html) { foreach ($array_of_html as $key => $html) {
$array_of_html[$key] = $this->purify($html, $config); $array_of_html[$key] = $this->purify($html, $config);
@ -208,11 +250,16 @@ class HTMLPurifier
/** /**
* Singleton for enforcing just one HTML Purifier in your system * Singleton for enforcing just one HTML Purifier in your system
* @param $prototype Optional prototype HTMLPurifier instance to *
* overload singleton with, or HTMLPurifier_Config * @param HTMLPurifier|HTMLPurifier_Config $prototype Optional prototype
* instance to configure the generated version with. * HTMLPurifier instance to overload singleton with,
* or HTMLPurifier_Config instance to configure the
* generated version with.
*
* @return HTMLPurifier
*/ */
public static function instance($prototype = null) { public static function instance($prototype = null)
{
if (!self::$instance || $prototype) { if (!self::$instance || $prototype) {
if ($prototype instanceof HTMLPurifier) { if ($prototype instanceof HTMLPurifier) {
self::$instance = $prototype; self::$instance = $prototype;
@ -226,12 +273,20 @@ class HTMLPurifier
} }
/** /**
* Singleton for enforcing just one HTML Purifier in your system
*
* @param HTMLPurifier|HTMLPurifier_Config $prototype Optional prototype
* HTMLPurifier instance to overload singleton with,
* or HTMLPurifier_Config instance to configure the
* generated version with.
*
* @return HTMLPurifier
* @note Backwards compatibility, see instance() * @note Backwards compatibility, see instance()
*/ */
public static function getInstance($prototype = null) { public static function getInstance($prototype = null)
{
return HTMLPurifier::instance($prototype); return HTMLPurifier::instance($prototype);
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

7
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier.safe-includes.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier.safe-includes.php vendored
View File

@ -13,6 +13,7 @@
$__dir = dirname(__FILE__); $__dir = dirname(__FILE__);
require_once $__dir . '/HTMLPurifier.php'; require_once $__dir . '/HTMLPurifier.php';
require_once $__dir . '/HTMLPurifier/Arborize.php';
require_once $__dir . '/HTMLPurifier/AttrCollections.php'; require_once $__dir . '/HTMLPurifier/AttrCollections.php';
require_once $__dir . '/HTMLPurifier/AttrDef.php'; require_once $__dir . '/HTMLPurifier/AttrDef.php';
require_once $__dir . '/HTMLPurifier/AttrTransform.php'; require_once $__dir . '/HTMLPurifier/AttrTransform.php';
@ -48,9 +49,11 @@ require_once $__dir . '/HTMLPurifier/Language.php';
require_once $__dir . '/HTMLPurifier/LanguageFactory.php'; require_once $__dir . '/HTMLPurifier/LanguageFactory.php';
require_once $__dir . '/HTMLPurifier/Length.php'; require_once $__dir . '/HTMLPurifier/Length.php';
require_once $__dir . '/HTMLPurifier/Lexer.php'; require_once $__dir . '/HTMLPurifier/Lexer.php';
require_once $__dir . '/HTMLPurifier/Node.php';
require_once $__dir . '/HTMLPurifier/PercentEncoder.php'; require_once $__dir . '/HTMLPurifier/PercentEncoder.php';
require_once $__dir . '/HTMLPurifier/PropertyList.php'; require_once $__dir . '/HTMLPurifier/PropertyList.php';
require_once $__dir . '/HTMLPurifier/PropertyListIterator.php'; require_once $__dir . '/HTMLPurifier/PropertyListIterator.php';
require_once $__dir . '/HTMLPurifier/Queue.php';
require_once $__dir . '/HTMLPurifier/Strategy.php'; require_once $__dir . '/HTMLPurifier/Strategy.php';
require_once $__dir . '/HTMLPurifier/StringHash.php'; require_once $__dir . '/HTMLPurifier/StringHash.php';
require_once $__dir . '/HTMLPurifier/StringHashParser.php'; require_once $__dir . '/HTMLPurifier/StringHashParser.php';
@ -66,6 +69,7 @@ require_once $__dir . '/HTMLPurifier/URISchemeRegistry.php';
require_once $__dir . '/HTMLPurifier/UnitConverter.php'; require_once $__dir . '/HTMLPurifier/UnitConverter.php';
require_once $__dir . '/HTMLPurifier/VarParser.php'; require_once $__dir . '/HTMLPurifier/VarParser.php';
require_once $__dir . '/HTMLPurifier/VarParserException.php'; require_once $__dir . '/HTMLPurifier/VarParserException.php';
require_once $__dir . '/HTMLPurifier/Zipper.php';
require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php'; require_once $__dir . '/HTMLPurifier/AttrDef/CSS.php';
require_once $__dir . '/HTMLPurifier/AttrDef/Clone.php'; require_once $__dir . '/HTMLPurifier/AttrDef/Clone.php';
require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php'; require_once $__dir . '/HTMLPurifier/AttrDef/Enum.php';
@ -183,6 +187,9 @@ require_once $__dir . '/HTMLPurifier/Injector/RemoveSpansWithoutAttributes.php';
require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php'; require_once $__dir . '/HTMLPurifier/Injector/SafeObject.php';
require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php'; require_once $__dir . '/HTMLPurifier/Lexer/DOMLex.php';
require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php'; require_once $__dir . '/HTMLPurifier/Lexer/DirectLex.php';
require_once $__dir . '/HTMLPurifier/Node/Comment.php';
require_once $__dir . '/HTMLPurifier/Node/Element.php';
require_once $__dir . '/HTMLPurifier/Node/Text.php';
require_once $__dir . '/HTMLPurifier/Strategy/Composite.php'; require_once $__dir . '/HTMLPurifier/Strategy/Composite.php';
require_once $__dir . '/HTMLPurifier/Strategy/Core.php'; require_once $__dir . '/HTMLPurifier/Strategy/Core.php';
require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php'; require_once $__dir . '/HTMLPurifier/Strategy/FixNesting.php';

71
library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/Arborize.php vendored Normal file
View File

@ -0,0 +1,71 @@
<?php
/**
* Converts a stream of HTMLPurifier_Token into an HTMLPurifier_Node,
* and back again.
*
* @note This transformation is not an equivalence. We mutate the input
* token stream to make it so; see all [MUT] markers in code.
*/
class HTMLPurifier_Arborize
{
public static function arborize($tokens, $config, $context) {
$definition = $config->getHTMLDefinition();
$parent = new HTMLPurifier_Token_Start($definition->info_parent);
$stack = array($parent->toNode());
foreach ($tokens as $token) {
$token->skip = null; // [MUT]
$token->carryover = null; // [MUT]
if ($token instanceof HTMLPurifier_Token_End) {
$token->start = null; // [MUT]
$r = array_pop($stack);
assert($r->name === $token->name);
assert(empty($token->attr));
$r->endCol = $token->col;
$r->endLine = $token->line;
$r->endArmor = $token->armor;
continue;
}
$node = $token->toNode();
$stack[count($stack)-1]->children[] = $node;
if ($token instanceof HTMLPurifier_Token_Start) {
$stack[] = $node;
}
}
assert(count($stack) == 1);
return $stack[0];
}
public static function flatten($node, $config, $context) {
$level = 0;
$nodes = array($level => new HTMLPurifier_Queue(array($node)));
$closingTokens = array();
$tokens = array();
do {
while (!$nodes[$level]->isEmpty()) {
$node = $nodes[$level]->shift(); // FIFO
list($start, $end) = $node->toTokenPair();
if ($level > 0) {
$tokens[] = $start;
}
if ($end !== NULL) {
$closingTokens[$level][] = $end;
}
if ($node instanceof HTMLPurifier_Node_Element) {
$level++;
$nodes[$level] = new HTMLPurifier_Queue();
foreach ($node->children as $childNode) {
$nodes[$level]->push($childNode);
}
}
}
$level--;
if ($level && isset($closingTokens[$level])) {
while ($token = array_pop($closingTokens[$level])) {
$tokens[] = $token;
}
}
} while ($level > 0);
return $tokens;
}
}

53
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrCollections.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrCollections.php vendored
View File

@ -8,7 +8,8 @@ class HTMLPurifier_AttrCollections
{ {
/** /**
* Associative array of attribute collections, indexed by name * Associative array of attribute collections, indexed by name.
* @type array
*/ */
public $info = array(); public $info = array();
@ -16,10 +17,11 @@ class HTMLPurifier_AttrCollections
* Performs all expansions on internal data for use by other inclusions * Performs all expansions on internal data for use by other inclusions
* It also collects all attribute collection extensions from * It also collects all attribute collection extensions from
* modules * modules
* @param $attr_types HTMLPurifier_AttrTypes instance * @param HTMLPurifier_AttrTypes $attr_types HTMLPurifier_AttrTypes instance
* @param $modules Hash array of HTMLPurifier_HTMLModule members * @param HTMLPurifier_HTMLModule[] $modules Hash array of HTMLPurifier_HTMLModule members
*/ */
public function __construct($attr_types, $modules) { public function __construct($attr_types, $modules)
{
// load extensions from the modules // load extensions from the modules
foreach ($modules as $module) { foreach ($modules as $module) {
foreach ($module->attr_collections as $coll_i => $coll) { foreach ($module->attr_collections as $coll_i => $coll) {
@ -30,7 +32,9 @@ class HTMLPurifier_AttrCollections
if ($attr_i === 0 && isset($this->info[$coll_i][$attr_i])) { if ($attr_i === 0 && isset($this->info[$coll_i][$attr_i])) {
// merge in includes // merge in includes
$this->info[$coll_i][$attr_i] = array_merge( $this->info[$coll_i][$attr_i] = array_merge(
$this->info[$coll_i][$attr_i], $attr); $this->info[$coll_i][$attr_i],
$attr
);
continue; continue;
} }
$this->info[$coll_i][$attr_i] = $attr; $this->info[$coll_i][$attr_i] = $attr;
@ -49,20 +53,29 @@ class HTMLPurifier_AttrCollections
/** /**
* Takes a reference to an attribute associative array and performs * Takes a reference to an attribute associative array and performs
* all inclusions specified by the zero index. * all inclusions specified by the zero index.
* @param &$attr Reference to attribute array * @param array &$attr Reference to attribute array
*/ */
public function performInclusions(&$attr) { public function performInclusions(&$attr)
if (!isset($attr[0])) return; {
if (!isset($attr[0])) {
return;
}
$merge = $attr[0]; $merge = $attr[0];
$seen = array(); // recursion guard $seen = array(); // recursion guard
// loop through all the inclusions // loop through all the inclusions
for ($i = 0; isset($merge[$i]); $i++) { for ($i = 0; isset($merge[$i]); $i++) {
if (isset($seen[$merge[$i]])) continue; if (isset($seen[$merge[$i]])) {
continue;
}
$seen[$merge[$i]] = true; $seen[$merge[$i]] = true;
// foreach attribute of the inclusion, copy it over // foreach attribute of the inclusion, copy it over
if (!isset($this->info[$merge[$i]])) continue; if (!isset($this->info[$merge[$i]])) {
continue;
}
foreach ($this->info[$merge[$i]] as $key => $value) { foreach ($this->info[$merge[$i]] as $key => $value) {
if (isset($attr[$key])) continue; // also catches more inclusions if (isset($attr[$key])) {
continue;
} // also catches more inclusions
$attr[$key] = $value; $attr[$key] = $value;
} }
if (isset($this->info[$merge[$i]][0])) { if (isset($this->info[$merge[$i]][0])) {
@ -76,20 +89,24 @@ class HTMLPurifier_AttrCollections
/** /**
* Expands all string identifiers in an attribute array by replacing * Expands all string identifiers in an attribute array by replacing
* them with the appropriate values inside HTMLPurifier_AttrTypes * them with the appropriate values inside HTMLPurifier_AttrTypes
* @param &$attr Reference to attribute array * @param array &$attr Reference to attribute array
* @param $attr_types HTMLPurifier_AttrTypes instance * @param HTMLPurifier_AttrTypes $attr_types HTMLPurifier_AttrTypes instance
*/ */
public function expandIdentifiers(&$attr, $attr_types) { public function expandIdentifiers(&$attr, $attr_types)
{
// because foreach will process new elements we add, make sure we // because foreach will process new elements we add, make sure we
// skip duplicates // skip duplicates
$processed = array(); $processed = array();
foreach ($attr as $def_i => $def) { foreach ($attr as $def_i => $def) {
// skip inclusions // skip inclusions
if ($def_i === 0) continue; if ($def_i === 0) {
continue;
}
if (isset($processed[$def_i])) continue; if (isset($processed[$def_i])) {
continue;
}
// determine whether or not attribute is required // determine whether or not attribute is required
if ($required = (strpos($def_i, '*') !== false)) { if ($required = (strpos($def_i, '*') !== false)) {
@ -120,9 +137,7 @@ class HTMLPurifier_AttrCollections
unset($attr[$def_i]); unset($attr[$def_i]);
} }
} }
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

51
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef.php vendored
View File

@ -14,23 +14,25 @@ abstract class HTMLPurifier_AttrDef
{ {
/** /**
* Tells us whether or not an HTML attribute is minimized. Has no * Tells us whether or not an HTML attribute is minimized.
* meaning in other contexts. * Has no meaning in other contexts.
* @type bool
*/ */
public $minimized = false; public $minimized = false;
/** /**
* Tells us whether or not an HTML attribute is required. Has no * Tells us whether or not an HTML attribute is required.
* meaning in other contexts * Has no meaning in other contexts
* @type bool
*/ */
public $required = false; public $required = false;
/** /**
* Validates and cleans passed string according to a definition. * Validates and cleans passed string according to a definition.
* *
* @param $string String to be validated and cleaned. * @param string $string String to be validated and cleaned.
* @param $config Mandatory HTMLPurifier_Config object. * @param HTMLPurifier_Config $config Mandatory HTMLPurifier_Config object.
* @param $context Mandatory HTMLPurifier_AttrContext object. * @param HTMLPurifier_Context $context Mandatory HTMLPurifier_Context object.
*/ */
abstract public function validate($string, $config, $context); abstract public function validate($string, $config, $context);
@ -55,7 +57,8 @@ abstract class HTMLPurifier_AttrDef
* parsing XML, thus, this behavior may still be correct. We * parsing XML, thus, this behavior may still be correct. We
* assume that newlines have been normalized. * assume that newlines have been normalized.
*/ */
public function parseCDATA($string) { public function parseCDATA($string)
{
$string = trim($string); $string = trim($string);
$string = str_replace(array("\n", "\t", "\r"), ' ', $string); $string = str_replace(array("\n", "\t", "\r"), ' ', $string);
return $string; return $string;
@ -63,10 +66,11 @@ abstract class HTMLPurifier_AttrDef
/** /**
* Factory method for creating this class from a string. * Factory method for creating this class from a string.
* @param $string String construction info * @param string $string String construction info
* @return Created AttrDef object corresponding to $string * @return HTMLPurifier_AttrDef Created AttrDef object corresponding to $string
*/ */
public function make($string) { public function make($string)
{
// default implementation, return a flyweight of this object. // default implementation, return a flyweight of this object.
// If $string has an effect on the returned object (i.e. you // If $string has an effect on the returned object (i.e. you
// need to overload this method), it is best // need to overload this method), it is best
@ -77,8 +81,11 @@ abstract class HTMLPurifier_AttrDef
/** /**
* Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work
* properly. THIS IS A HACK! * properly. THIS IS A HACK!
* @param string $string a CSS colour definition
* @return string
*/ */
protected function mungeRgb($string) { protected function mungeRgb($string)
{
return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string); return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string);
} }
@ -86,7 +93,8 @@ abstract class HTMLPurifier_AttrDef
* Parses a possibly escaped CSS string and returns the "pure" * Parses a possibly escaped CSS string and returns the "pure"
* version of it. * version of it.
*/ */
protected function expandCSSEscape($string) { protected function expandCSSEscape($string)
{
// flexibly parse it // flexibly parse it
$ret = ''; $ret = '';
for ($i = 0, $c = strlen($string); $i < $c; $i++) { for ($i = 0, $c = strlen($string); $i < $c; $i++) {
@ -99,25 +107,32 @@ abstract class HTMLPurifier_AttrDef
if (ctype_xdigit($string[$i])) { if (ctype_xdigit($string[$i])) {
$code = $string[$i]; $code = $string[$i];
for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) { for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {
if (!ctype_xdigit($string[$i])) break; if (!ctype_xdigit($string[$i])) {
break;
}
$code .= $string[$i]; $code .= $string[$i];
} }
// We have to be extremely careful when adding // We have to be extremely careful when adding
// new characters, to make sure we're not breaking // new characters, to make sure we're not breaking
// the encoding. // the encoding.
$char = HTMLPurifier_Encoder::unichr(hexdec($code)); $char = HTMLPurifier_Encoder::unichr(hexdec($code));
if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue; if (HTMLPurifier_Encoder::cleanUTF8($char) === '') {
continue;
}
$ret .= $char; $ret .= $char;
if ($i < $c && trim($string[$i]) !== '') $i--; if ($i < $c && trim($string[$i]) !== '') {
$i--;
}
continue;
}
if ($string[$i] === "\n") {
continue; continue;
} }
if ($string[$i] === "\n") continue;
} }
$ret .= $string[$i]; $ret .= $string[$i];
} }
return $ret; return $ret;
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

39
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS.php vendored
View File

@ -14,8 +14,14 @@
class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
{ {
public function validate($css, $config, $context) { /**
* @param string $css
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($css, $config, $context)
{
$css = $this->parseCDATA($css); $css = $this->parseCDATA($css);
$definition = $config->getCSSDefinition(); $definition = $config->getCSSDefinition();
@ -36,34 +42,47 @@ class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
$context->register('CurrentCSSProperty', $property); $context->register('CurrentCSSProperty', $property);
foreach ($declarations as $declaration) { foreach ($declarations as $declaration) {
if (!$declaration) continue; if (!$declaration) {
if (!strpos($declaration, ':')) continue; continue;
}
if (!strpos($declaration, ':')) {
continue;
}
list($property, $value) = explode(':', $declaration, 2); list($property, $value) = explode(':', $declaration, 2);
$property = trim($property); $property = trim($property);
$value = trim($value); $value = trim($value);
$ok = false; $ok = false;
do { do {
if (isset($definition->info[$property])) { if (isset($definition->info[$property])) {
$ok = true; $ok = true;
break; break;
} }
if (ctype_lower($property)) break; if (ctype_lower($property)) {
break;
}
$property = strtolower($property); $property = strtolower($property);
if (isset($definition->info[$property])) { if (isset($definition->info[$property])) {
$ok = true; $ok = true;
break; break;
} }
} while(0); } while (0);
if (!$ok) continue; if (!$ok) {
continue;
}
// inefficient call, since the validator will do this again // inefficient call, since the validator will do this again
if (strtolower(trim($value)) !== 'inherit') { if (strtolower(trim($value)) !== 'inherit') {
// inherit works for everything (but only on the base property) // inherit works for everything (but only on the base property)
$result = $definition->info[$property]->validate( $result = $definition->info[$property]->validate(
$value, $config, $context ); $value,
$config,
$context
);
} else { } else {
$result = 'inherit'; $result = 'inherit';
} }
if ($result === false) continue; if ($result === false) {
continue;
}
$propvalues[$property] = $result; $propvalues[$property] = $result;
} }

34
library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/AlphaValue.php vendored Normal file
View File

@ -0,0 +1,34 @@
<?php
class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Number
{
public function __construct()
{
parent::__construct(false); // opacity is non-negative, but we will clamp it
}
/**
* @param string $number
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return string
*/
public function validate($number, $config, $context)
{
$result = parent::validate($number, $config, $context);
if ($result === false) {
return $result;
}
$float = (float)$result;
if ($float < 0.0) {
$result = '0';
}
if ($float > 1.0) {
$result = '1';
}
return $result;
}
}
// vim: et sw=4 sts=4

58
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Background.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Background.php vendored
View File

@ -9,11 +9,16 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
/** /**
* Local copy of component validators. * Local copy of component validators.
* @type HTMLPurifier_AttrDef[]
* @note See HTMLPurifier_AttrDef_Font::$info for a similar impl. * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl.
*/ */
protected $info; protected $info;
public function __construct($config) { /**
* @param HTMLPurifier_Config $config
*/
public function __construct($config)
{
$def = $config->getCSSDefinition(); $def = $config->getCSSDefinition();
$this->info['background-color'] = $def->info['background-color']; $this->info['background-color'] = $def->info['background-color'];
$this->info['background-image'] = $def->info['background-image']; $this->info['background-image'] = $def->info['background-image'];
@ -22,11 +27,19 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
$this->info['background-position'] = $def->info['background-position']; $this->info['background-position'] = $def->info['background-position'];
} }
public function validate($string, $config, $context) { /**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
// regular pre-processing // regular pre-processing
$string = $this->parseCDATA($string); $string = $this->parseCDATA($string);
if ($string === '') return false; if ($string === '') {
return false;
}
// munge rgb() decl if necessary // munge rgb() decl if necessary
$string = $this->mungeRgb($string); $string = $this->mungeRgb($string);
@ -35,27 +48,34 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
$bits = explode(' ', $string); // bits to process $bits = explode(' ', $string); // bits to process
$caught = array(); $caught = array();
$caught['color'] = false; $caught['color'] = false;
$caught['image'] = false; $caught['image'] = false;
$caught['repeat'] = false; $caught['repeat'] = false;
$caught['attachment'] = false; $caught['attachment'] = false;
$caught['position'] = false; $caught['position'] = false;
$i = 0; // number of catches $i = 0; // number of catches
$none = false;
foreach ($bits as $bit) { foreach ($bits as $bit) {
if ($bit === '') continue; if ($bit === '') {
continue;
}
foreach ($caught as $key => $status) { foreach ($caught as $key => $status) {
if ($key != 'position') { if ($key != 'position') {
if ($status !== false) continue; if ($status !== false) {
continue;
}
$r = $this->info['background-' . $key]->validate($bit, $config, $context); $r = $this->info['background-' . $key]->validate($bit, $config, $context);
} else { } else {
$r = $bit; $r = $bit;
} }
if ($r === false) continue; if ($r === false) {
continue;
}
if ($key == 'position') { if ($key == 'position') {
if ($caught[$key] === false) $caught[$key] = ''; if ($caught[$key] === false) {
$caught[$key] = '';
}
$caught[$key] .= $r . ' '; $caught[$key] .= $r . ' ';
} else { } else {
$caught[$key] = $r; $caught[$key] = $r;
@ -65,7 +85,9 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
} }
} }
if (!$i) return false; if (!$i) {
return false;
}
if ($caught['position'] !== false) { if ($caught['position'] !== false) {
$caught['position'] = $this->info['background-position']-> $caught['position'] = $this->info['background-position']->
validate($caught['position'], $config, $context); validate($caught['position'], $config, $context);
@ -73,15 +95,17 @@ class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef
$ret = array(); $ret = array();
foreach ($caught as $value) { foreach ($caught as $value) {
if ($value === false) continue; if ($value === false) {
continue;
}
$ret[] = $value; $ret[] = $value;
} }
if (empty($ret)) return false; if (empty($ret)) {
return false;
}
return implode(' ', $ret); return implode(' ', $ret);
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

54
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/BackgroundPosition.php vendored
View File

@ -44,15 +44,30 @@
class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef
{ {
/**
* @type HTMLPurifier_AttrDef_CSS_Length
*/
protected $length; protected $length;
/**
* @type HTMLPurifier_AttrDef_CSS_Percentage
*/
protected $percentage; protected $percentage;
public function __construct() { public function __construct()
$this->length = new HTMLPurifier_AttrDef_CSS_Length(); {
$this->length = new HTMLPurifier_AttrDef_CSS_Length();
$this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage(); $this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage();
} }
public function validate($string, $config, $context) { /**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
$string = $this->parseCDATA($string); $string = $this->parseCDATA($string);
$bits = explode(' ', $string); $bits = explode(' ', $string);
@ -74,7 +89,9 @@ class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef
); );
foreach ($bits as $bit) { foreach ($bits as $bit) {
if ($bit === '') continue; if ($bit === '') {
continue;
}
// test for keyword // test for keyword
$lbit = ctype_lower($bit) ? $bit : strtolower($bit); $lbit = ctype_lower($bit) ? $bit : strtolower($bit);
@ -104,30 +121,37 @@ class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef
$measures[] = $r; $measures[] = $r;
$i++; $i++;
} }
} }
if (!$i) return false; // no valid values were caught if (!$i) {
return false;
} // no valid values were caught
$ret = array(); $ret = array();
// first keyword // first keyword
if ($keywords['h']) $ret[] = $keywords['h']; if ($keywords['h']) {
elseif ($keywords['ch']) { $ret[] = $keywords['h'];
} elseif ($keywords['ch']) {
$ret[] = $keywords['ch']; $ret[] = $keywords['ch'];
$keywords['cv'] = false; // prevent re-use: center = center center $keywords['cv'] = false; // prevent re-use: center = center center
} elseif (count($measures)) {
$ret[] = array_shift($measures);
} }
elseif (count($measures)) $ret[] = array_shift($measures);
if ($keywords['v']) $ret[] = $keywords['v']; if ($keywords['v']) {
elseif ($keywords['cv']) $ret[] = $keywords['cv']; $ret[] = $keywords['v'];
elseif (count($measures)) $ret[] = array_shift($measures); } elseif ($keywords['cv']) {
$ret[] = $keywords['cv'];
} elseif (count($measures)) {
$ret[] = array_shift($measures);
}
if (empty($ret)) return false; if (empty($ret)) {
return false;
}
return implode(' ', $ret); return implode(' ', $ret);
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

21
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Border.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Border.php vendored
View File

@ -8,17 +8,29 @@ class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef
/** /**
* Local copy of properties this property is shorthand for. * Local copy of properties this property is shorthand for.
* @type HTMLPurifier_AttrDef[]
*/ */
protected $info = array(); protected $info = array();
public function __construct($config) { /**
* @param HTMLPurifier_Config $config
*/
public function __construct($config)
{
$def = $config->getCSSDefinition(); $def = $config->getCSSDefinition();
$this->info['border-width'] = $def->info['border-width']; $this->info['border-width'] = $def->info['border-width'];
$this->info['border-style'] = $def->info['border-style']; $this->info['border-style'] = $def->info['border-style'];
$this->info['border-top-color'] = $def->info['border-top-color']; $this->info['border-top-color'] = $def->info['border-top-color'];
} }
public function validate($string, $config, $context) { /**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
$string = $this->parseCDATA($string); $string = $this->parseCDATA($string);
$string = $this->mungeRgb($string); $string = $this->mungeRgb($string);
$bits = explode(' ', $string); $bits = explode(' ', $string);
@ -26,7 +38,9 @@ class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef
$ret = ''; // return value $ret = ''; // return value
foreach ($bits as $bit) { foreach ($bits as $bit) {
foreach ($this->info as $propname => $validator) { foreach ($this->info as $propname => $validator) {
if (isset($done[$propname])) continue; if (isset($done[$propname])) {
continue;
}
$r = $validator->validate($bit, $config, $context); $r = $validator->validate($bit, $config, $context);
if ($r !== false) { if ($r !== false) {
$ret .= $r . ' '; $ret .= $r . ' ';
@ -37,7 +51,6 @@ class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef
} }
return rtrim($ret); return rtrim($ret);
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

67
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Color.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Color.php vendored
View File

@ -6,29 +6,47 @@
class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
{ {
public function validate($color, $config, $context) { /**
* @param string $color
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($color, $config, $context)
{
static $colors = null; static $colors = null;
if ($colors === null) $colors = $config->get('Core.ColorKeywords'); if ($colors === null) {
$colors = $config->get('Core.ColorKeywords');
}
$color = trim($color); $color = trim($color);
if ($color === '') return false; if ($color === '') {
return false;
}
$lower = strtolower($color); $lower = strtolower($color);
if (isset($colors[$lower])) return $colors[$lower]; if (isset($colors[$lower])) {
return $colors[$lower];
}
if (strpos($color, 'rgb(') !== false) { if (strpos($color, 'rgb(') !== false) {
// rgb literal handling // rgb literal handling
$length = strlen($color); $length = strlen($color);
if (strpos($color, ')') !== $length - 1) return false; if (strpos($color, ')') !== $length - 1) {
return false;
}
$triad = substr($color, 4, $length - 4 - 1); $triad = substr($color, 4, $length - 4 - 1);
$parts = explode(',', $triad); $parts = explode(',', $triad);
if (count($parts) !== 3) return false; if (count($parts) !== 3) {
return false;
}
$type = false; // to ensure that they're all the same type $type = false; // to ensure that they're all the same type
$new_parts = array(); $new_parts = array();
foreach ($parts as $part) { foreach ($parts as $part) {
$part = trim($part); $part = trim($part);
if ($part === '') return false; if ($part === '') {
return false;
}
$length = strlen($part); $length = strlen($part);
if ($part[$length - 1] === '%') { if ($part[$length - 1] === '%') {
// handle percents // handle percents
@ -37,9 +55,13 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
} elseif ($type !== 'percentage') { } elseif ($type !== 'percentage') {
return false; return false;
} }
$num = (float) substr($part, 0, $length - 1); $num = (float)substr($part, 0, $length - 1);
if ($num < 0) $num = 0; if ($num < 0) {
if ($num > 100) $num = 100; $num = 0;
}
if ($num > 100) {
$num = 100;
}
$new_parts[] = "$num%"; $new_parts[] = "$num%";
} else { } else {
// handle integers // handle integers
@ -48,10 +70,14 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
} elseif ($type !== 'integer') { } elseif ($type !== 'integer') {
return false; return false;
} }
$num = (int) $part; $num = (int)$part;
if ($num < 0) $num = 0; if ($num < 0) {
if ($num > 255) $num = 255; $num = 0;
$new_parts[] = (string) $num; }
if ($num > 255) {
$num = 255;
}
$new_parts[] = (string)$num;
} }
} }
$new_triad = implode(',', $new_parts); $new_triad = implode(',', $new_parts);
@ -65,14 +91,15 @@ class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef
$color = '#' . $color; $color = '#' . $color;
} }
$length = strlen($hex); $length = strlen($hex);
if ($length !== 3 && $length !== 6) return false; if ($length !== 3 && $length !== 6) {
if (!ctype_xdigit($hex)) return false; return false;
}
if (!ctype_xdigit($hex)) {
return false;
}
} }
return $color; return $color;
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

22
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Composite.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Composite.php vendored
View File

@ -13,26 +13,36 @@ class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef
{ {
/** /**
* List of HTMLPurifier_AttrDef objects that may process strings * List of objects that may process strings.
* @type HTMLPurifier_AttrDef[]
* @todo Make protected * @todo Make protected
*/ */
public $defs; public $defs;
/** /**
* @param $defs List of HTMLPurifier_AttrDef objects * @param HTMLPurifier_AttrDef[] $defs List of HTMLPurifier_AttrDef objects
*/ */
public function __construct($defs) { public function __construct($defs)
{
$this->defs = $defs; $this->defs = $defs;
} }
public function validate($string, $config, $context) { /**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
foreach ($this->defs as $i => $def) { foreach ($this->defs as $i => $def) {
$result = $this->defs[$i]->validate($string, $config, $context); $result = $this->defs[$i]->validate($string, $config, $context);
if ($result !== false) return $result; if ($result !== false) {
return $result;
}
} }
return false; return false;
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

44
library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/DenyElementDecorator.php vendored Normal file
View File

@ -0,0 +1,44 @@
<?php
/**
* Decorator which enables CSS properties to be disabled for specific elements.
*/
class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef
{
/**
* @type HTMLPurifier_AttrDef
*/
public $def;
/**
* @type string
*/
public $element;
/**
* @param HTMLPurifier_AttrDef $def Definition to wrap
* @param string $element Element to deny
*/
public function __construct($def, $element)
{
$this->def = $def;
$this->element = $element;
}
/**
* Checks if CurrentToken is set and equal to $this->element
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
$token = $context->get('CurrentToken', true);
if ($token && $token->name == $this->element) {
return false;
}
return $this->def->validate($string, $config, $context);
}
}
// vim: et sw=4 sts=4

49
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Filter.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Filter.php vendored
View File

@ -7,23 +7,37 @@
*/ */
class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
{ {
/**
* @type HTMLPurifier_AttrDef_Integer
*/
protected $intValidator; protected $intValidator;
public function __construct() { public function __construct()
{
$this->intValidator = new HTMLPurifier_AttrDef_Integer(); $this->intValidator = new HTMLPurifier_AttrDef_Integer();
} }
public function validate($value, $config, $context) { /**
* @param string $value
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($value, $config, $context)
{
$value = $this->parseCDATA($value); $value = $this->parseCDATA($value);
if ($value === 'none') return $value; if ($value === 'none') {
return $value;
}
// if we looped this we could support multiple filters // if we looped this we could support multiple filters
$function_length = strcspn($value, '('); $function_length = strcspn($value, '(');
$function = trim(substr($value, 0, $function_length)); $function = trim(substr($value, 0, $function_length));
if ($function !== 'alpha' && if ($function !== 'alpha' &&
$function !== 'Alpha' && $function !== 'Alpha' &&
$function !== 'progid:DXImageTransform.Microsoft.Alpha' $function !== 'progid:DXImageTransform.Microsoft.Alpha'
) return false; ) {
return false;
}
$cursor = $function_length + 1; $cursor = $function_length + 1;
$parameters_length = strcspn($value, ')', $cursor); $parameters_length = strcspn($value, ')', $cursor);
$parameters = substr($value, $cursor, $parameters_length); $parameters = substr($value, $cursor, $parameters_length);
@ -32,15 +46,25 @@ class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
$lookup = array(); $lookup = array();
foreach ($params as $param) { foreach ($params as $param) {
list($key, $value) = explode('=', $param); list($key, $value) = explode('=', $param);
$key = trim($key); $key = trim($key);
$value = trim($value); $value = trim($value);
if (isset($lookup[$key])) continue; if (isset($lookup[$key])) {
if ($key !== 'opacity') continue; continue;
}
if ($key !== 'opacity') {
continue;
}
$value = $this->intValidator->validate($value, $config, $context); $value = $this->intValidator->validate($value, $config, $context);
if ($value === false) continue; if ($value === false) {
$int = (int) $value; continue;
if ($int > 100) $value = '100'; }
if ($int < 0) $value = '0'; $int = (int)$value;
if ($int > 100) {
$value = '100';
}
if ($int < 0) {
$value = '0';
}
$ret_params[] = "$key=$value"; $ret_params[] = "$key=$value";
$lookup[$key] = true; $lookup[$key] = true;
} }
@ -48,7 +72,6 @@ class HTMLPurifier_AttrDef_CSS_Filter extends HTMLPurifier_AttrDef
$ret_function = "$function($ret_parameters)"; $ret_function = "$function($ret_parameters)";
return $ret_function; return $ret_function;
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

89
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Font.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Font.php vendored
View File

@ -7,8 +7,8 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
{ {
/** /**
* Local copy of component validators. * Local copy of validators
* * @type HTMLPurifier_AttrDef[]
* @note If we moved specific CSS property definitions to their own * @note If we moved specific CSS property definitions to their own
* classes instead of having them be assembled at run time by * classes instead of having them be assembled at run time by
* CSSDefinition, this wouldn't be necessary. We'd instantiate * CSSDefinition, this wouldn't be necessary. We'd instantiate
@ -16,18 +16,28 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
*/ */
protected $info = array(); protected $info = array();
public function __construct($config) { /**
* @param HTMLPurifier_Config $config
*/
public function __construct($config)
{
$def = $config->getCSSDefinition(); $def = $config->getCSSDefinition();
$this->info['font-style'] = $def->info['font-style']; $this->info['font-style'] = $def->info['font-style'];
$this->info['font-variant'] = $def->info['font-variant']; $this->info['font-variant'] = $def->info['font-variant'];
$this->info['font-weight'] = $def->info['font-weight']; $this->info['font-weight'] = $def->info['font-weight'];
$this->info['font-size'] = $def->info['font-size']; $this->info['font-size'] = $def->info['font-size'];
$this->info['line-height'] = $def->info['line-height']; $this->info['line-height'] = $def->info['line-height'];
$this->info['font-family'] = $def->info['font-family']; $this->info['font-family'] = $def->info['font-family'];
} }
public function validate($string, $config, $context) { /**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
static $system_fonts = array( static $system_fonts = array(
'caption' => true, 'caption' => true,
'icon' => true, 'icon' => true,
@ -39,7 +49,9 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
// regular pre-processing // regular pre-processing
$string = $this->parseCDATA($string); $string = $this->parseCDATA($string);
if ($string === '') return false; if ($string === '') {
return false;
}
// check if it's one of the keywords // check if it's one of the keywords
$lowercase_string = strtolower($string); $lowercase_string = strtolower($string);
@ -54,15 +66,20 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
$final = ''; // output $final = ''; // output
for ($i = 0, $size = count($bits); $i < $size; $i++) { for ($i = 0, $size = count($bits); $i < $size; $i++) {
if ($bits[$i] === '') continue; if ($bits[$i] === '') {
continue;
}
switch ($stage) { switch ($stage) {
case 0: // attempting to catch font-style, font-variant or font-weight
// attempting to catch font-style, font-variant or font-weight
case 0:
foreach ($stage_1 as $validator_name) { foreach ($stage_1 as $validator_name) {
if (isset($caught[$validator_name])) continue; if (isset($caught[$validator_name])) {
continue;
}
$r = $this->info[$validator_name]->validate( $r = $this->info[$validator_name]->validate(
$bits[$i], $config, $context); $bits[$i],
$config,
$context
);
if ($r !== false) { if ($r !== false) {
$final .= $r . ' '; $final .= $r . ' ';
$caught[$validator_name] = true; $caught[$validator_name] = true;
@ -70,15 +87,17 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
} }
} }
// all three caught, continue on // all three caught, continue on
if (count($caught) >= 3) $stage = 1; if (count($caught) >= 3) {
if ($r !== false) break; $stage = 1;
}
// attempting to catch font-size and perhaps line-height if ($r !== false) {
case 1: break;
}
case 1: // attempting to catch font-size and perhaps line-height
$found_slash = false; $found_slash = false;
if (strpos($bits[$i], '/') !== false) { if (strpos($bits[$i], '/') !== false) {
list($font_size, $line_height) = list($font_size, $line_height) =
explode('/', $bits[$i]); explode('/', $bits[$i]);
if ($line_height === '') { if ($line_height === '') {
// ooh, there's a space after the slash! // ooh, there's a space after the slash!
$line_height = false; $line_height = false;
@ -89,14 +108,19 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
$line_height = false; $line_height = false;
} }
$r = $this->info['font-size']->validate( $r = $this->info['font-size']->validate(
$font_size, $config, $context); $font_size,
$config,
$context
);
if ($r !== false) { if ($r !== false) {
$final .= $r; $final .= $r;
// attempt to catch line-height // attempt to catch line-height
if ($line_height === false) { if ($line_height === false) {
// we need to scroll forward // we need to scroll forward
for ($j = $i + 1; $j < $size; $j++) { for ($j = $i + 1; $j < $size; $j++) {
if ($bits[$j] === '') continue; if ($bits[$j] === '') {
continue;
}
if ($bits[$j] === '/') { if ($bits[$j] === '/') {
if ($found_slash) { if ($found_slash) {
return false; return false;
@ -116,7 +140,10 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
if ($found_slash) { if ($found_slash) {
$i = $j; $i = $j;
$r = $this->info['line-height']->validate( $r = $this->info['line-height']->validate(
$line_height, $config, $context); $line_height,
$config,
$context
);
if ($r !== false) { if ($r !== false) {
$final .= '/' . $r; $final .= '/' . $r;
} }
@ -126,13 +153,14 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
break; break;
} }
return false; return false;
case 2: // attempting to catch font-family
// attempting to catch font-family
case 2:
$font_family = $font_family =
implode(' ', array_slice($bits, $i, $size - $i)); implode(' ', array_slice($bits, $i, $size - $i));
$r = $this->info['font-family']->validate( $r = $this->info['font-family']->validate(
$font_family, $config, $context); $font_family,
$config,
$context
);
if ($r !== false) { if ($r !== false) {
$final .= $r . ' '; $final .= $r . ' ';
// processing completed successfully // processing completed successfully
@ -143,7 +171,6 @@ class HTMLPurifier_AttrDef_CSS_Font extends HTMLPurifier_AttrDef
} }
return false; return false;
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

42
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/FontFamily.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/FontFamily.php vendored
View File

@ -8,11 +8,18 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
protected $mask = null; protected $mask = null;
public function __construct() { public function __construct()
{
$this->mask = '_- '; $this->mask = '_- ';
for ($c = 'a'; $c <= 'z'; $c++) $this->mask .= $c; for ($c = 'a'; $c <= 'z'; $c++) {
for ($c = 'A'; $c <= 'Z'; $c++) $this->mask .= $c; $this->mask .= $c;
for ($c = '0'; $c <= '9'; $c++) $this->mask .= $c; // cast-y, but should be fine }
for ($c = 'A'; $c <= 'Z'; $c++) {
$this->mask .= $c;
}
for ($c = '0'; $c <= '9'; $c++) {
$this->mask .= $c;
} // cast-y, but should be fine
// special bytes used by UTF-8 // special bytes used by UTF-8
for ($i = 0x80; $i <= 0xFF; $i++) { for ($i = 0x80; $i <= 0xFF; $i++) {
// We don't bother excluding invalid bytes in this range, // We don't bother excluding invalid bytes in this range,
@ -39,7 +46,14 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
// possible optimization: invert the mask. // possible optimization: invert the mask.
} }
public function validate($string, $config, $context) { /**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
static $generic_names = array( static $generic_names = array(
'serif' => true, 'serif' => true,
'sans-serif' => true, 'sans-serif' => true,
@ -52,9 +66,11 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
// assume that no font names contain commas in them // assume that no font names contain commas in them
$fonts = explode(',', $string); $fonts = explode(',', $string);
$final = ''; $final = '';
foreach($fonts as $font) { foreach ($fonts as $font) {
$font = trim($font); $font = trim($font);
if ($font === '') continue; if ($font === '') {
continue;
}
// match a generic name // match a generic name
if (isset($generic_names[$font])) { if (isset($generic_names[$font])) {
if ($allowed_fonts === null || isset($allowed_fonts[$font])) { if ($allowed_fonts === null || isset($allowed_fonts[$font])) {
@ -65,9 +81,13 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
// match a quoted name // match a quoted name
if ($font[0] === '"' || $font[0] === "'") { if ($font[0] === '"' || $font[0] === "'") {
$length = strlen($font); $length = strlen($font);
if ($length <= 2) continue; if ($length <= 2) {
continue;
}
$quote = $font[0]; $quote = $font[0];
if ($font[$length - 1] !== $quote) continue; if ($font[$length - 1] !== $quote) {
continue;
}
$font = substr($font, 1, $length - 2); $font = substr($font, 1, $length - 2);
} }
@ -188,7 +208,9 @@ class HTMLPurifier_AttrDef_CSS_FontFamily extends HTMLPurifier_AttrDef
$final .= "'$font', "; $final .= "'$font', ";
} }
$final = rtrim($final, ', '); $final = rtrim($final, ', ');
if ($final === '') return false; if ($final === '') {
return false;
}
return $final; return $final;
} }

32
library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Ident.php vendored Normal file
View File

@ -0,0 +1,32 @@
<?php
/**
* Validates based on {ident} CSS grammar production
*/
class HTMLPurifier_AttrDef_CSS_Ident extends HTMLPurifier_AttrDef
{
/**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
$string = trim($string);
// early abort: '' and '0' (strings that convert to false) are invalid
if (!$string) {
return false;
}
$pattern = '/^(-?[A-Za-z_][A-Za-z_\-0-9]*)$/';
if (!preg_match($pattern, $string)) {
return false;
}
return $string;
}
}
// vim: et sw=4 sts=4

28
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/ImportantDecorator.php vendored
View File

@ -5,20 +5,34 @@
*/ */
class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef
{ {
public $def, $allow; /**
* @type HTMLPurifier_AttrDef
*/
public $def;
/**
* @type bool
*/
public $allow;
/** /**
* @param $def Definition to wrap * @param HTMLPurifier_AttrDef $def Definition to wrap
* @param $allow Whether or not to allow !important * @param bool $allow Whether or not to allow !important
*/ */
public function __construct($def, $allow = false) { public function __construct($def, $allow = false)
{
$this->def = $def; $this->def = $def;
$this->allow = $allow; $this->allow = $allow;
} }
/** /**
* Intercepts and removes !important if necessary * Intercepts and removes !important if necessary
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/ */
public function validate($string, $config, $context) { public function validate($string, $config, $context)
{
// test for ! and important tokens // test for ! and important tokens
$string = trim($string); $string = trim($string);
$is_important = false; $is_important = false;
@ -32,7 +46,9 @@ class HTMLPurifier_AttrDef_CSS_ImportantDecorator extends HTMLPurifier_AttrDef
} }
} }
$string = $this->def->validate($string, $config, $context); $string = $this->def->validate($string, $config, $context);
if ($this->allow && $is_important) $string .= ' !important'; if ($this->allow && $is_important) {
$string .= ' !important';
}
return $string; return $string;
} }
} }

77
library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Length.php vendored Normal file
View File

@ -0,0 +1,77 @@
<?php
/**
* Represents a Length as defined by CSS.
*/
class HTMLPurifier_AttrDef_CSS_Length extends HTMLPurifier_AttrDef
{
/**
* @type HTMLPurifier_Length|string
*/
protected $min;
/**
* @type HTMLPurifier_Length|string
*/
protected $max;
/**
* @param HTMLPurifier_Length|string $min Minimum length, or null for no bound. String is also acceptable.
* @param HTMLPurifier_Length|string $max Maximum length, or null for no bound. String is also acceptable.
*/
public function __construct($min = null, $max = null)
{
$this->min = $min !== null ? HTMLPurifier_Length::make($min) : null;
$this->max = $max !== null ? HTMLPurifier_Length::make($max) : null;
}
/**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
$string = $this->parseCDATA($string);
// Optimizations
if ($string === '') {
return false;
}
if ($string === '0') {
return '0';
}
if (strlen($string) === 1) {
return false;
}
$length = HTMLPurifier_Length::make($string);
if (!$length->isValid()) {
return false;
}
if ($this->min) {
$c = $length->compareTo($this->min);
if ($c === false) {
return false;
}
if ($c < 0) {
return false;
}
}
if ($this->max) {
$c = $length->compareTo($this->max);
if ($c === false) {
return false;
}
if ($c > 0) {
return false;
}
}
return $length->toString();
}
}
// vim: et sw=4 sts=4

112
library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/ListStyle.php vendored Normal file
View File

@ -0,0 +1,112 @@
<?php
/**
* Validates shorthand CSS property list-style.
* @warning Does not support url tokens that have internal spaces.
*/
class HTMLPurifier_AttrDef_CSS_ListStyle extends HTMLPurifier_AttrDef
{
/**
* Local copy of validators.
* @type HTMLPurifier_AttrDef[]
* @note See HTMLPurifier_AttrDef_CSS_Font::$info for a similar impl.
*/
protected $info;
/**
* @param HTMLPurifier_Config $config
*/
public function __construct($config)
{
$def = $config->getCSSDefinition();
$this->info['list-style-type'] = $def->info['list-style-type'];
$this->info['list-style-position'] = $def->info['list-style-position'];
$this->info['list-style-image'] = $def->info['list-style-image'];
}
/**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
// regular pre-processing
$string = $this->parseCDATA($string);
if ($string === '') {
return false;
}
// assumes URI doesn't have spaces in it
$bits = explode(' ', strtolower($string)); // bits to process
$caught = array();
$caught['type'] = false;
$caught['position'] = false;
$caught['image'] = false;
$i = 0; // number of catches
$none = false;
foreach ($bits as $bit) {
if ($i >= 3) {
return;
} // optimization bit
if ($bit === '') {
continue;
}
foreach ($caught as $key => $status) {
if ($status !== false) {
continue;
}
$r = $this->info['list-style-' . $key]->validate($bit, $config, $context);
if ($r === false) {
continue;
}
if ($r === 'none') {
if ($none) {
continue;
} else {
$none = true;
}
if ($key == 'image') {
continue;
}
}
$caught[$key] = $r;
$i++;
break;
}
}
if (!$i) {
return false;
}
$ret = array();
// construct type
if ($caught['type']) {
$ret[] = $caught['type'];
}
// construct image
if ($caught['image']) {
$ret[] = $caught['image'];
}
// construct position
if ($caught['position']) {
$ret[] = $caught['position'];
}
if (empty($ret)) {
return false;
}
return implode(' ', $ret);
}
}
// vim: et sw=4 sts=4

31
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Multiple.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Multiple.php vendored
View File

@ -13,9 +13,9 @@
*/ */
class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef
{ {
/** /**
* Instance of component definition to defer validation to. * Instance of component definition to defer validation to.
* @type HTMLPurifier_AttrDef
* @todo Make protected * @todo Make protected
*/ */
public $single; public $single;
@ -27,32 +27,45 @@ class HTMLPurifier_AttrDef_CSS_Multiple extends HTMLPurifier_AttrDef
public $max; public $max;
/** /**
* @param $single HTMLPurifier_AttrDef to multiply * @param HTMLPurifier_AttrDef $single HTMLPurifier_AttrDef to multiply
* @param $max Max number of values allowed (usually four) * @param int $max Max number of values allowed (usually four)
*/ */
public function __construct($single, $max = 4) { public function __construct($single, $max = 4)
{
$this->single = $single; $this->single = $single;
$this->max = $max; $this->max = $max;
} }
public function validate($string, $config, $context) { /**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
$string = $this->parseCDATA($string); $string = $this->parseCDATA($string);
if ($string === '') return false; if ($string === '') {
return false;
}
$parts = explode(' ', $string); // parseCDATA replaced \r, \t and \n $parts = explode(' ', $string); // parseCDATA replaced \r, \t and \n
$length = count($parts); $length = count($parts);
$final = ''; $final = '';
for ($i = 0, $num = 0; $i < $length && $num < $this->max; $i++) { for ($i = 0, $num = 0; $i < $length && $num < $this->max; $i++) {
if (ctype_space($parts[$i])) continue; if (ctype_space($parts[$i])) {
continue;
}
$result = $this->single->validate($parts[$i], $config, $context); $result = $this->single->validate($parts[$i], $config, $context);
if ($result !== false) { if ($result !== false) {
$final .= $result . ' '; $final .= $result . ' ';
$num++; $num++;
} }
} }
if ($final === '') return false; if ($final === '') {
return false;
}
return rtrim($final); return rtrim($final);
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

45
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/Number.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Number.php vendored
View File

@ -7,32 +7,44 @@ class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef
{ {
/** /**
* Bool indicating whether or not only positive values allowed. * Indicates whether or not only positive values are allowed.
* @type bool
*/ */
protected $non_negative = false; protected $non_negative = false;
/** /**
* @param $non_negative Bool indicating whether negatives are forbidden * @param bool $non_negative indicates whether negatives are forbidden
*/ */
public function __construct($non_negative = false) { public function __construct($non_negative = false)
{
$this->non_negative = $non_negative; $this->non_negative = $non_negative;
} }
/** /**
* @param string $number
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return string|bool
* @warning Some contexts do not pass $config, $context. These * @warning Some contexts do not pass $config, $context. These
* variables should not be used without checking HTMLPurifier_Length * variables should not be used without checking HTMLPurifier_Length
*/ */
public function validate($number, $config, $context) { public function validate($number, $config, $context)
{
$number = $this->parseCDATA($number); $number = $this->parseCDATA($number);
if ($number === '') return false; if ($number === '') {
if ($number === '0') return '0'; return false;
}
if ($number === '0') {
return '0';
}
$sign = ''; $sign = '';
switch ($number[0]) { switch ($number[0]) {
case '-': case '-':
if ($this->non_negative) return false; if ($this->non_negative) {
return false;
}
$sign = '-'; $sign = '-';
case '+': case '+':
$number = substr($number, 1); $number = substr($number, 1);
@ -44,14 +56,20 @@ class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef
} }
// Period is the only non-numeric character allowed // Period is the only non-numeric character allowed
if (strpos($number, '.') === false) return false; if (strpos($number, '.') === false) {
return false;
}
list($left, $right) = explode('.', $number, 2); list($left, $right) = explode('.', $number, 2);
if ($left === '' && $right === '') return false; if ($left === '' && $right === '') {
if ($left !== '' && !ctype_digit($left)) return false; return false;
}
if ($left !== '' && !ctype_digit($left)) {
return false;
}
$left = ltrim($left, '0'); $left = ltrim($left, '0');
$right = rtrim($right, '0'); $right = rtrim($right, '0');
if ($right === '') { if ($right === '') {
@ -59,11 +77,8 @@ class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef
} elseif (!ctype_digit($right)) { } elseif (!ctype_digit($right)) {
return false; return false;
} }
return $sign . $left . '.' . $right; return $sign . $left . '.' . $right;
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

54
library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/Percentage.php vendored Normal file
View File

@ -0,0 +1,54 @@
<?php
/**
* Validates a Percentage as defined by the CSS spec.
*/
class HTMLPurifier_AttrDef_CSS_Percentage extends HTMLPurifier_AttrDef
{
/**
* Instance to defer number validation to.
* @type HTMLPurifier_AttrDef_CSS_Number
*/
protected $number_def;
/**
* @param bool $non_negative Whether to forbid negative values
*/
public function __construct($non_negative = false)
{
$this->number_def = new HTMLPurifier_AttrDef_CSS_Number($non_negative);
}
/**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
$string = $this->parseCDATA($string);
if ($string === '') {
return false;
}
$length = strlen($string);
if ($length === 1) {
return false;
}
if ($string[$length - 1] !== '%') {
return false;
}
$number = substr($string, 0, $length - 1);
$number = $this->number_def->validate($number, $config, $context);
if ($number === false) {
return false;
}
return "$number%";
}
}
// vim: et sw=4 sts=4

20
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/TextDecoration.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/TextDecoration.php vendored
View File

@ -8,8 +8,14 @@
class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
{ {
public function validate($string, $config, $context) { /**
* @param string $string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($string, $config, $context)
{
static $allowed_values = array( static $allowed_values = array(
'line-through' => true, 'line-through' => true,
'overline' => true, 'overline' => true,
@ -18,7 +24,9 @@ class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
$string = strtolower($this->parseCDATA($string)); $string = strtolower($this->parseCDATA($string));
if ($string === 'none') return $string; if ($string === 'none') {
return $string;
}
$parts = explode(' ', $string); $parts = explode(' ', $string);
$final = ''; $final = '';
@ -28,11 +36,11 @@ class HTMLPurifier_AttrDef_CSS_TextDecoration extends HTMLPurifier_AttrDef
} }
} }
$final = rtrim($final); $final = rtrim($final);
if ($final === '') return false; if ($final === '') {
return false;
}
return $final; return $final;
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

31
library/vendor/htmlpurifier-4.5.0-lite/library/HTMLPurifier/AttrDef/CSS/URI.php → library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/CSS/URI.php vendored
View File

@ -12,25 +12,39 @@
class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
{ {
public function __construct() { public function __construct()
{
parent::__construct(true); // always embedded parent::__construct(true); // always embedded
} }
public function validate($uri_string, $config, $context) { /**
* @param string $uri_string
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($uri_string, $config, $context)
{
// parse the URI out of the string and then pass it onto // parse the URI out of the string and then pass it onto
// the parent object // the parent object
$uri_string = $this->parseCDATA($uri_string); $uri_string = $this->parseCDATA($uri_string);
if (strpos($uri_string, 'url(') !== 0) return false; if (strpos($uri_string, 'url(') !== 0) {
return false;
}
$uri_string = substr($uri_string, 4); $uri_string = substr($uri_string, 4);
$new_length = strlen($uri_string) - 1; $new_length = strlen($uri_string) - 1;
if ($uri_string[$new_length] != ')') return false; if ($uri_string[$new_length] != ')') {
return false;
}
$uri = trim(substr($uri_string, 0, $new_length)); $uri = trim(substr($uri_string, 0, $new_length));
if (!empty($uri) && ($uri[0] == "'" || $uri[0] == '"')) { if (!empty($uri) && ($uri[0] == "'" || $uri[0] == '"')) {
$quote = $uri[0]; $quote = $uri[0];
$new_length = strlen($uri) - 1; $new_length = strlen($uri) - 1;
if ($uri[$new_length] !== $quote) return false; if ($uri[$new_length] !== $quote) {
return false;
}
$uri = substr($uri, 1, $new_length - 1); $uri = substr($uri, 1, $new_length - 1);
} }
@ -38,7 +52,9 @@ class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
$result = parent::validate($uri, $config, $context); $result = parent::validate($uri, $config, $context);
if ($result === false) return false; if ($result === false) {
return false;
}
// extra sanity check; should have been done by URI // extra sanity check; should have been done by URI
$result = str_replace(array('"', "\\", "\n", "\x0c", "\r"), "", $result); $result = str_replace(array('"', "\\", "\n", "\x0c", "\r"), "", $result);
@ -51,11 +67,8 @@ class HTMLPurifier_AttrDef_CSS_URI extends HTMLPurifier_AttrDef_URI
// an innerHTML cycle, so a very unlucky query parameter could // an innerHTML cycle, so a very unlucky query parameter could
// then change the meaning of the URL. Unfortunately, there's // then change the meaning of the URL. Unfortunately, there's
// not much we can do about that... // not much we can do about that...
return "url(\"$result\")"; return "url(\"$result\")";
} }
} }
// vim: et sw=4 sts=4 // vim: et sw=4 sts=4

44
library/vendor/htmlpurifier-4.6.0-lite/library/HTMLPurifier/AttrDef/Clone.php vendored Normal file
View File

@ -0,0 +1,44 @@
<?php
/**
* Dummy AttrDef that mimics another AttrDef, BUT it generates clones
* with make.
*/
class HTMLPurifier_AttrDef_Clone extends HTMLPurifier_AttrDef
{
/**
* What we're cloning.
* @type HTMLPurifier_AttrDef
*/
protected $clone;
/**
* @param HTMLPurifier_AttrDef $clone
*/
public function __construct($clone)
{
$this->clone = $clone;
}
/**
* @param string $v
* @param HTMLPurifier_Config $config
* @param HTMLPurifier_Context $context
* @return bool|string
*/
public function validate($v, $config, $context)
{
return $this->clone->validate($v, $config, $context);
}
/**
* @param string $string
* @return HTMLPurifier_AttrDef
*/
public function make($string)
{
return clone $this->clone;
}
}
// vim: et sw=4 sts=4

Some files were not shown because too many files have changed in this diff Show More