mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-23 06:19:09 +01:00
reverted r29759 and merged r28076 instead, to only get new content_headers() method, but not break tooltips in calendar
This commit is contained in:
parent
3102177fbc
commit
60471a000a
@ -79,7 +79,7 @@ class html
|
|||||||
/**
|
/**
|
||||||
* Created an input-field with an attached color-picker
|
* Created an input-field with an attached color-picker
|
||||||
*
|
*
|
||||||
* Please note: it need to be called before the call to egw_header() !!!
|
* Please note: it need to be called before the call to phpgw_header() !!!
|
||||||
*
|
*
|
||||||
* @param string $name the name of the input-field
|
* @param string $name the name of the input-field
|
||||||
* @param string $value the actual value for the input-field, default ''
|
* @param string $value the actual value for the input-field, default ''
|
||||||
@ -89,8 +89,8 @@ class html
|
|||||||
static function inputColor($name,$value='',$title='')
|
static function inputColor($name,$value='',$title='')
|
||||||
{
|
{
|
||||||
$id = str_replace(array('[',']'),array('_',''),$name).'_colorpicker';
|
$id = str_replace(array('[',']'),array('_',''),$name).'_colorpicker';
|
||||||
$onclick = "javascript:window.open('".self::$api_js_url.'/colorpicker/select_color.html?id='.urlencode($id)."&color='+encodeURIComponent(document.getElementById('$id').value),'colorPicker','width=240,height=187,scrollbars=no,resizable=no,toolbar=no');";
|
$onclick = "javascript:window.open('".self::$api_js_url.'/colorpicker/select_color.html?id='.urlencode($id)."&color='+document.getElementById('$id').value,'colorPicker','width=240,height=187,scrollbars=no,resizable=no,toolbar=no');";
|
||||||
return '<input type="text" name="'.$name.'" id="'.$id.'" value="'.self::htmlspecialchars($value).'" size="7" maxsize="7" /> '.
|
return '<input type="text" name="'.$name.'" id="'.$id.'" value="'.self::htmlspecialchars($value).'" /> '.
|
||||||
'<a href="#" onclick="'.$onclick.'">'.
|
'<a href="#" onclick="'.$onclick.'">'.
|
||||||
'<img src="'.self::$api_js_url.'/colorpicker/ed_color_bg.gif'.'"'.($title ? ' title="'.self::htmlspecialchars($title).'"' : '')." /></a>";
|
'<img src="'.self::$api_js_url.'/colorpicker/ed_color_bg.gif'.'"'.($title ? ' title="'.self::htmlspecialchars($title).'"' : '')." /></a>";
|
||||||
}
|
}
|
||||||
@ -100,7 +100,8 @@ class html
|
|||||||
*
|
*
|
||||||
* Note: The wz_tooltip.js file gets automaticaly loaded at the end of the page
|
* Note: The wz_tooltip.js file gets automaticaly loaded at the end of the page
|
||||||
*
|
*
|
||||||
* @param string $text text or html for the tooltip, all chars allowed, they will be quoted approperiate
|
* @param string/boolean $text text or html for the tooltip, all chars allowed, they will be quoted approperiate
|
||||||
|
* Or if False the content (innerHTML) of the element itself is used.
|
||||||
* @param boolean $do_lang (default False) should the text be run though lang()
|
* @param boolean $do_lang (default False) should the text be run though lang()
|
||||||
* @param array $options param/value pairs, eg. 'TITLE' => 'I am the title'. Some common parameters:
|
* @param array $options param/value pairs, eg. 'TITLE' => 'I am the title'. Some common parameters:
|
||||||
* title (string) gives extra title-row, width (int,'auto') , padding (int), above (bool), bgcolor (color), bgimg (URL)
|
* title (string) gives extra title-row, width (int,'auto') , padding (int), above (bool), bgcolor (color), bgimg (URL)
|
||||||
@ -109,35 +110,28 @@ class html
|
|||||||
*/
|
*/
|
||||||
static function tooltip($text,$do_lang=False,$options=False)
|
static function tooltip($text,$do_lang=False,$options=False)
|
||||||
{
|
{
|
||||||
|
if (!self::$wz_tooltip_included)
|
||||||
|
{
|
||||||
|
if (strpos($GLOBALS['egw_info']['flags']['need_footer'],'wz_tooltip')===false)
|
||||||
|
{
|
||||||
|
$GLOBALS['egw_info']['flags']['need_footer'] .= '<script language="JavaScript" type="text/javascript" src="'.self::$api_js_url.'/wz_tooltip/wz_tooltip.js"></script>'."\n";
|
||||||
|
}
|
||||||
|
self::$wz_tooltip_included = True;
|
||||||
|
}
|
||||||
if ($do_lang) $text = lang($text);
|
if ($do_lang) $text = lang($text);
|
||||||
|
|
||||||
$ttip = ' onmouseover="Tip(\''.str_replace(array("\n","\r","'",'"'),array('','',"\\'",'"'),$text).'\'';
|
$opt_out = 'this.T_WIDTH = 200;';
|
||||||
|
|
||||||
$sticky = false;
|
|
||||||
if (is_array($options))
|
if (is_array($options))
|
||||||
{
|
{
|
||||||
foreach($options as $option => $value)
|
foreach($options as $option => $value)
|
||||||
{
|
{
|
||||||
$option = strtoupper($option);
|
$opt_out .= 'this.T_'.strtoupper($option).'='.(is_bool($value)?($value?'true':'false'):
|
||||||
if ($option == 'STICKY') $sticky = (bool)$value;
|
(is_numeric($value)?$value:"'".str_replace(array("'",'"'),array("\\'",'"'),$value)."'")).'; ';
|
||||||
|
|
||||||
switch(gettype($value))
|
|
||||||
{
|
|
||||||
case 'boolean':
|
|
||||||
$value = $value ? 'true' : 'false';
|
|
||||||
break;
|
|
||||||
case 'string':
|
|
||||||
if (stripos($value,"'")===false) $value = "'$value'";
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
$ttip .= ','.$option.','.$value;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$ttip .= ')"';
|
if ($text === False) return ' onmouseover="'.$opt_out.'return escape(this.innerHTML);"';
|
||||||
|
|
||||||
$ttip .= ' onmouseout="UnTip()"';
|
return ' onmouseover="'.$opt_out.'return escape(\''.str_replace(array("\n","\r","'",'"'),array('','',"\\'",'"'),$text).'\')"';
|
||||||
|
|
||||||
return $ttip;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -149,7 +143,7 @@ class html
|
|||||||
static function activate_links($content)
|
static function activate_links($content)
|
||||||
{
|
{
|
||||||
if (!$content || strlen($content) < 20) return $content; // performance
|
if (!$content || strlen($content) < 20) return $content; // performance
|
||||||
|
|
||||||
// Exclude everything which is already a link
|
// Exclude everything which is already a link
|
||||||
$NotAnchor = '(?<!"|href=|href\s=\s|href=\s|href\s=)';
|
$NotAnchor = '(?<!"|href=|href\s=\s|href=\s|href\s=)';
|
||||||
|
|
||||||
@ -175,97 +169,6 @@ class html
|
|||||||
return preg_replace( $Expr, "<a href=\"http://$0\" target=\"_blank\">$0</a>", $result );
|
return preg_replace( $Expr, "<a href=\"http://$0\" target=\"_blank\">$0</a>", $result );
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* activates URLs in a text, URLs get replaced by html-links using htmlpurify
|
|
||||||
*
|
|
||||||
* @param string $content text containing URLs
|
|
||||||
* @return string html with activated links
|
|
||||||
*/
|
|
||||||
static function activateLinks($content)
|
|
||||||
{
|
|
||||||
if (!$content || strlen($content) < 20) return $content; // performance
|
|
||||||
|
|
||||||
// spamsaver emailaddress
|
|
||||||
$result = preg_replace('/'.$NotAnchor.'mailto:([a-z0-9._-]+)@([a-z0-9_-]+)\.([a-z0-9._-]+)/i',
|
|
||||||
'<a href="#" onclick="document.location=\'mai\'+\'lto:\\1\'+unescape(\'%40\')+\'\\2.\\3\'; return false;">\\1 AT \\2 DOT \\3</a>',
|
|
||||||
$content);
|
|
||||||
|
|
||||||
$config = self::purifyCreateDefaultConfig();
|
|
||||||
$config->set('Core.Encoding', (self::$charset?self::$charset:'UTF-8'));
|
|
||||||
// maybe the two following lines are useful for caching???
|
|
||||||
$config->set('HTML.DefinitionID', 'activatelinks');
|
|
||||||
$config->set('HTML.DefinitionRev', 1);
|
|
||||||
// doctype and tidylevel
|
|
||||||
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
|
|
||||||
$config->set('HTML.TidyLevel', 'light');
|
|
||||||
// EnableID is needed for anchor tags
|
|
||||||
$config->set('Attr.EnableID',true);
|
|
||||||
// actual allowed tags and attributes
|
|
||||||
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true));
|
|
||||||
$config->set('AutoFormat.RemoveEmpty', true);
|
|
||||||
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,center,div[align],hr[class|style],'.
|
|
||||||
'font[size|color],'.
|
|
||||||
'ul[type],ol[type|start],li,'.
|
|
||||||
'h1,h2,h3,'.
|
|
||||||
'span[class|style],'.
|
|
||||||
'table[class|border|cellpadding|cellspacing|width|style|align|bgcolor|align],'.
|
|
||||||
'tbody,thead,tfoot,colgroup,'.
|
|
||||||
'col[width|span],'.
|
|
||||||
'blockquote[class|cite|dir],'.
|
|
||||||
'tr[class|style|align|bgcolor|align|valign],'.
|
|
||||||
'td[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
|
||||||
'th[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
|
||||||
'a[href|target|name|title],'.
|
|
||||||
'img[src|alt|title]');
|
|
||||||
$config->set('Attr.DefaultInvalidImage', 'Image removed by htmlpurify');
|
|
||||||
$config->set('Cache.SerializerPath', ($GLOBALS['egw_info']['server']['temp_dir']?$GLOBALS['egw_info']['server']['temp_dir']:sys_get_temp_dir()));
|
|
||||||
$config->set('AutoFormat.Linkify',true);
|
|
||||||
return self::purify($result,$config);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* deactivates URLs in a text, URLs get replaced by html-links using htmlpurify
|
|
||||||
*
|
|
||||||
* @param string $content text containing URLs
|
|
||||||
* @return string html with activated links
|
|
||||||
*/
|
|
||||||
static function deactivateLinks($_html)
|
|
||||||
{
|
|
||||||
$config = self::purifyCreateDefaultConfig();
|
|
||||||
$config->set('Core.Encoding', (self::$charset?self::$charset:'UTF-8'));
|
|
||||||
// maybe the two following lines are useful for caching???
|
|
||||||
$config->set('HTML.DefinitionID', 'deactivatelinks');
|
|
||||||
$config->set('HTML.DefinitionRev', 1);
|
|
||||||
// doctype and tidylevel
|
|
||||||
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
|
|
||||||
$config->set('HTML.TidyLevel', 'light');
|
|
||||||
// EnableID is needed for anchor tags
|
|
||||||
$config->set('Attr.EnableID',true);
|
|
||||||
// actual allowed tags and attributes
|
|
||||||
$config->set('URI.AllowedSchemes', array('http'=>true, 'https'=>true, 'ftp'=>true, 'file'=>true, 'cid'=>true));
|
|
||||||
$config->set('AutoFormat.RemoveEmpty', true);
|
|
||||||
$config->set('HTML.Allowed', 'br,p[align],b,i,u,s,em,pre,tt,strong,strike,center,div[align],hr[class|style],'.
|
|
||||||
'font[size|color],'.
|
|
||||||
'ul[type],ol[type|start],li,'.
|
|
||||||
'h1,h2,h3,'.
|
|
||||||
'span[class|style],'.
|
|
||||||
'table[class|border|cellpadding|cellspacing|width|style|align|bgcolor|align],'.
|
|
||||||
'tbody,thead,tfoot,colgroup,'.
|
|
||||||
'col[width|span],'.
|
|
||||||
'blockquote[class|cite|dir],'.
|
|
||||||
'tr[class|style|align|bgcolor|align|valign],'.
|
|
||||||
'td[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
|
||||||
'th[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
|
||||||
'a[href|target|name|title],'.
|
|
||||||
'img[src|alt|title]');
|
|
||||||
$config->set('Attr.DefaultInvalidImage', 'Image removed by htmlpurify');
|
|
||||||
$config->set('Cache.SerializerPath', ($GLOBALS['egw_info']['server']['temp_dir']?$GLOBALS['egw_info']['server']['temp_dir']:sys_get_temp_dir()));
|
|
||||||
|
|
||||||
$config->set('AutoFormat.DisplayLinkURI',true);
|
|
||||||
$_html = self::purify($_html,$config);
|
|
||||||
return $_html;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* escapes chars with special meaning in html as entities
|
* escapes chars with special meaning in html as entities
|
||||||
*
|
*
|
||||||
@ -317,18 +220,6 @@ class html
|
|||||||
{
|
{
|
||||||
$options .= ' size="'.abs($multiple).'"';
|
$options .= ' size="'.abs($multiple).'"';
|
||||||
}
|
}
|
||||||
// fix width for MSIE in/for selectboxes
|
|
||||||
if (self::$user_agent == 'msie')
|
|
||||||
{
|
|
||||||
if (stripos($options,'onfocus="') === false)
|
|
||||||
{
|
|
||||||
$options .= ' onfocus="window.dropdown_menu_hack(this);" ';
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
$options = str_ireplace('onfocus="','onfocus="window.dropdown_menu_hack(this);',$options);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$out = "<select name=\"$name\" $options>\n";
|
$out = "<select name=\"$name\" $options>\n";
|
||||||
|
|
||||||
if (!is_array($key))
|
if (!is_array($key))
|
||||||
@ -665,12 +556,11 @@ class html
|
|||||||
* @param string $_name name and id of the input-field
|
* @param string $_name name and id of the input-field
|
||||||
* @param string $_mode display mode of the tinymce editor can be: simple, extended or advanced
|
* @param string $_mode display mode of the tinymce editor can be: simple, extended or advanced
|
||||||
* @param string $_content='' of the tinymce (will be run through htmlspecialchars !!!), default ''
|
* @param string $_content='' of the tinymce (will be run through htmlspecialchars !!!), default ''
|
||||||
* @param string $_height='400px'
|
* @param string $style='' initial css for the style attribute
|
||||||
* @param string $_width='100%'
|
* @param string $base_href=''
|
||||||
* @param boolean $_purify=true
|
|
||||||
* @return string the necessary html for the textarea
|
* @return string the necessary html for the textarea
|
||||||
*/
|
*/
|
||||||
static function fckEditorQuick($_name, $_mode, $_content='', $_height='400px', $_width='100%',$_purify=true)
|
static function fckEditorQuick($_name, $_mode, $_content='', $_height='400px', $_width='100%')
|
||||||
{
|
{
|
||||||
if (!self::htmlarea_availible() || $_mode == 'ascii')
|
if (!self::htmlarea_availible() || $_mode == 'ascii')
|
||||||
{
|
{
|
||||||
@ -678,7 +568,7 @@ class html
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
return self::fckEditor($_name, $_content, $_mode, array(), $_height, $_width,'',$_purify);
|
return self::fckEditor($_name, $_content, $_mode, array(), $_height, $_width);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -840,24 +730,11 @@ class html
|
|||||||
return self::form(self::submit_button($name,$label),$hidden_vars,$url,$url_vars,$form_name,'',$method);
|
return self::form(self::submit_button($name,$label),$hidden_vars,$url,$url_vars,$form_name,'',$method);
|
||||||
}
|
}
|
||||||
|
|
||||||
const THEAD = 1;
|
|
||||||
const TFOOT = 2;
|
|
||||||
const TBODY = 3;
|
|
||||||
static $part2tag = array(
|
|
||||||
self::THEAD => 'thead',
|
|
||||||
self::TFOOT => 'tfoot',
|
|
||||||
self::TBODY => 'tbody',
|
|
||||||
);
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* creates table from array of rows
|
* creates table from array of rows
|
||||||
*
|
*
|
||||||
* abstracts the html stuff for the table creation
|
* abstracts the html stuff for the table creation
|
||||||
* Example: $rows = array (
|
* Example: $rows = array (
|
||||||
* 'h1' => array( // optional header row(s)
|
|
||||||
* ),
|
|
||||||
* 'f1' => array( // optional footer row(s)
|
|
||||||
* ),
|
|
||||||
* '1' => array(
|
* '1' => array(
|
||||||
* 1 => 'cell1', '.1' => 'colspan=3',
|
* 1 => 'cell1', '.1' => 'colspan=3',
|
||||||
* 2 => 'cell2',
|
* 2 => 'cell2',
|
||||||
@ -874,20 +751,12 @@ class html
|
|||||||
{
|
{
|
||||||
$html = $no_table_tr ? '' : "<table $options>\n";
|
$html = $no_table_tr ? '' : "<table $options>\n";
|
||||||
|
|
||||||
$part = 0;
|
|
||||||
foreach($rows as $key => $row)
|
foreach($rows as $key => $row)
|
||||||
{
|
{
|
||||||
if (!is_array($row))
|
if (!is_array($row))
|
||||||
{
|
{
|
||||||
continue; // parameter
|
continue; // parameter
|
||||||
}
|
}
|
||||||
// get the current part from the optional 'h' or 'f' prefix of the key
|
|
||||||
$p = $key[0] == 'h' ? html::THEAD : ($key[0] == 'f' ? html::TFOOT : html::TBODY);
|
|
||||||
if ($part < $p && ($part || $p < self::TBODY)) // add only allowed and neccessary transitions
|
|
||||||
{
|
|
||||||
if ($part) $html .= '</'.self::$part2tag[$part].">\n";
|
|
||||||
$html .= '<'.self::$part2tag[$part=$p].">\n";
|
|
||||||
}
|
|
||||||
$html .= $no_table_tr && $key == 1 ? '' : "\t<tr ".$rows['.'.$key].">\n";
|
$html .= $no_table_tr && $key == 1 ? '' : "\t<tr ".$rows['.'.$key].">\n";
|
||||||
|
|
||||||
foreach($row as $key => $cell)
|
foreach($row as $key => $cell)
|
||||||
@ -913,10 +782,6 @@ class html
|
|||||||
{
|
{
|
||||||
echo "<p>".function_backtrace()."</p>\n";
|
echo "<p>".function_backtrace()."</p>\n";
|
||||||
}
|
}
|
||||||
if ($part) // close current part
|
|
||||||
{
|
|
||||||
$html .= "</".self::$part2tag[$part].">\n";
|
|
||||||
}
|
|
||||||
$html .= "</table>\n";
|
$html .= "</table>\n";
|
||||||
|
|
||||||
if ($no_table_tr)
|
if ($no_table_tr)
|
||||||
@ -988,17 +853,16 @@ class html
|
|||||||
*/
|
*/
|
||||||
static function image( $app,$name,$title='',$options='' )
|
static function image( $app,$name,$title='',$options='' )
|
||||||
{
|
{
|
||||||
if (is_array($name)) // menuaction and other get-vars
|
|
||||||
{
|
|
||||||
$name = $GLOBALS['egw']->link('/index.php',$name);
|
|
||||||
}
|
|
||||||
if (substr($name,0,5) == 'vfs:/') // vfs pseudo protocoll
|
if (substr($name,0,5) == 'vfs:/') // vfs pseudo protocoll
|
||||||
{
|
{
|
||||||
$name = egw::link(egw_vfs::download_url(substr($name,4)));
|
$name = egw::link(egw_vfs::download_url(substr($name,4)));
|
||||||
}
|
}
|
||||||
if ($name[0] == '/' || substr($name,0,7) == 'http://' || substr($name,0,8) == 'https://' || stripos($name,'etemplate/thumbnail.php') )
|
if (is_array($name)) // menuaction and other get-vars
|
||||||
|
{
|
||||||
|
$name = $GLOBALS['egw']->link('/index.php',$name);
|
||||||
|
}
|
||||||
|
if ($name[0] == '/' || substr($name,0,7) == 'http://' || substr($name,0,8) == 'https://')
|
||||||
{
|
{
|
||||||
if (!($name[0] == '/' || substr($name,0,7) == 'http://' || substr($name,0,8) == 'https://')) $name = '/'.$name;
|
|
||||||
$url = $name;
|
$url = $name;
|
||||||
}
|
}
|
||||||
else // no URL, so try searching the image
|
else // no URL, so try searching the image
|
||||||
@ -1020,7 +884,7 @@ class html
|
|||||||
$path = EGW_SERVER_ROOT.$url;
|
$path = EGW_SERVER_ROOT.$url;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (is_null($path) || (!@is_readable($path) && stripos($path,'webdav.php')===false))
|
if (is_null($path) || !@is_readable($path))
|
||||||
{
|
{
|
||||||
// if the image-name is a percentage, use a progressbar
|
// if the image-name is a percentage, use a progressbar
|
||||||
if (substr($name,-1) == '%' && is_numeric($percent = substr($name,0,-1)))
|
if (substr($name,-1) == '%' && is_numeric($percent = substr($name,0,-1)))
|
||||||
@ -1352,24 +1216,6 @@ class html
|
|||||||
return $html;
|
return $html;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* creates the HTMLPurifier default config
|
|
||||||
*
|
|
||||||
* @return HTMLPurifier_Config object
|
|
||||||
*/
|
|
||||||
static function purifyCreateDefaultConfig()
|
|
||||||
{
|
|
||||||
// add htmlpurifiers library to include_path
|
|
||||||
require_once(EGW_API_INC.'/htmlpurifier/library/HTMLPurifier.path.php');
|
|
||||||
// include most of the required files, for best performance with bytecode caches
|
|
||||||
require_once(EGW_API_INC.'/htmlpurifier/library/HTMLPurifier.includes.php');
|
|
||||||
// installs an autoloader for other files
|
|
||||||
require_once(EGW_API_INC.'/htmlpurifier/library/HTMLPurifier.autoload.php');
|
|
||||||
// testcase to test the processing of purify
|
|
||||||
//$html = "<h1 onclick=\"alert('hallo');\"> h1 </h1>".$html;
|
|
||||||
return HTMLPurifier_Config::createDefault();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Runs HTMLPurifier over supplied html to remove malicious code
|
* Runs HTMLPurifier over supplied html to remove malicious code
|
||||||
*
|
*
|
||||||
@ -1390,12 +1236,11 @@ class html
|
|||||||
require_once(EGW_API_INC.'/htmlpurifier/library/HTMLPurifier.includes.php');
|
require_once(EGW_API_INC.'/htmlpurifier/library/HTMLPurifier.includes.php');
|
||||||
// installs an autoloader for other files
|
// installs an autoloader for other files
|
||||||
require_once(EGW_API_INC.'/htmlpurifier/library/HTMLPurifier.autoload.php');
|
require_once(EGW_API_INC.'/htmlpurifier/library/HTMLPurifier.autoload.php');
|
||||||
// testcase to test the processing of purify
|
|
||||||
//$html = "<h1 onclick=\"alert('hallo');\"> h1 </h1>".$html;
|
|
||||||
if (is_null($config))
|
if (is_null($config))
|
||||||
{
|
{
|
||||||
$config = HTMLPurifier_Config::createDefault();
|
$config = HTMLPurifier_Config::createDefault();
|
||||||
$config->set('Core.Encoding', (self::$charset?self::$charset:'UTF-8'));
|
$config->set('Core.Encoding', self::$charset);
|
||||||
// maybe the two following lines are useful for caching???
|
// maybe the two following lines are useful for caching???
|
||||||
$config->set('HTML.DefinitionID', 'egroupware');
|
$config->set('HTML.DefinitionID', 'egroupware');
|
||||||
$config->set('HTML.DefinitionRev', 1);
|
$config->set('HTML.DefinitionRev', 1);
|
||||||
@ -1417,15 +1262,13 @@ class html
|
|||||||
'td[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
'td[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
||||||
'th[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
'th[class|colspan|rowspan|width|style|align|bgcolor|align|valign|nowrap],'.
|
||||||
'a[href|target|name|title],img[src|alt|title]');
|
'a[href|target|name|title],img[src|alt|title]');
|
||||||
$config->set('Cache.SerializerPath', ($GLOBALS['egw_info']['server']['temp_dir']?$GLOBALS['egw_info']['server']['temp_dir']:sys_get_temp_dir()));
|
$config->set('Cache.SerializerPath', $GLOBALS['egw_info']['server']['temp_dir']);
|
||||||
}
|
}
|
||||||
$purifier = new HTMLPurifier($config);
|
$purifier = new HTMLPurifier($config);
|
||||||
// the latter may enable you to modify the config later on, but by now
|
// the latter may enable you to modify the config later on, but by now
|
||||||
// the effort for e.g. enabling anchor tags is already included above
|
// the effort for e.g. enabling anchor tags is already included above
|
||||||
//$def =& $purifier->config->getHTMLDefinition(true);
|
//$def =& $purifier->config->getHTMLDefinition(true);
|
||||||
//$def->addAttribute('a', 'name', 'Text');
|
//$def->addAttribute('a', 'name', 'Text');
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
return $purifier->purify( $html );
|
return $purifier->purify( $html );
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user