egroupware_official/phpgwapi/inc/htmlpurifier/library/HTMLPurifier/StringHashParser.php
Ralf Becker 8f797be836 Added HTMLPurifier (http://htmlpurifier.org/) Version 3.3.0
- can be used via html class like: 

        $clean_html = html::purify($html);

- using it now in eTemplate to remove malicious code from html:
  a) when displaying "formatted text"
  b) when "formatted text" get's input by the user
2009-05-19 17:32:06 +00:00

111 lines
3.2 KiB
PHP
Executable File

<?php
/**
* Parses string hash files. File format is as such:
*
* DefaultKeyValue
* KEY: Value
* KEY2: Value2
* --MULTILINE-KEY--
* Multiline
* value.
*
* Which would output something similar to:
*
* array(
* 'ID' => 'DefaultKeyValue',
* 'KEY' => 'Value',
* 'KEY2' => 'Value2',
* 'MULTILINE-KEY' => "Multiline\nvalue.\n",
* )
*
* We use this as an easy to use file-format for configuration schema
* files, but the class itself is usage agnostic.
*
* You can use ---- to forcibly terminate parsing of a single string-hash;
* this marker is used in multi string-hashes to delimit boundaries.
*/
class HTMLPurifier_StringHashParser
{
public $default = 'ID';
/**
* Parses a file that contains a single string-hash.
*/
public function parseFile($file) {
if (!file_exists($file)) return false;
$fh = fopen($file, 'r');
if (!$fh) return false;
$ret = $this->parseHandle($fh);
fclose($fh);
return $ret;
}
/**
* Parses a file that contains multiple string-hashes delimited by '----'
*/
public function parseMultiFile($file) {
if (!file_exists($file)) return false;
$ret = array();
$fh = fopen($file, 'r');
if (!$fh) return false;
while (!feof($fh)) {
$ret[] = $this->parseHandle($fh);
}
fclose($fh);
return $ret;
}
/**
* Internal parser that acepts a file handle.
* @note While it's possible to simulate in-memory parsing by using
* custom stream wrappers, if such a use-case arises we should
* factor out the file handle into its own class.
* @param $fh File handle with pointer at start of valid string-hash
* block.
*/
protected function parseHandle($fh) {
$state = false;
$single = false;
$ret = array();
do {
$line = fgets($fh);
if ($line === false) break;
$line = rtrim($line, "\n\r");
if (!$state && $line === '') continue;
if ($line === '----') break;
if (strncmp('--#', $line, 3) === 0) {
// Comment
continue;
} elseif (strncmp('--', $line, 2) === 0) {
// Multiline declaration
$state = trim($line, '- ');
if (!isset($ret[$state])) $ret[$state] = '';
continue;
} elseif (!$state) {
$single = true;
if (strpos($line, ':') !== false) {
// Single-line declaration
list($state, $line) = explode(':', $line, 2);
$line = trim($line);
} else {
// Use default declaration
$state = $this->default;
}
}
if ($single) {
$ret[$state] = $line;
$single = false;
$state = false;
} else {
$ret[$state] .= "$line\n";
}
} while (!feof($fh));
return $ret;
}
}
// vim: et sw=4 sts=4