mirror of
https://github.com/EGroupware/egroupware.git
synced 2025-01-22 13:58:40 +01:00
8f797be836
- can be used via html class like: $clean_html = html::purify($html); - using it now in eTemplate to remove malicious code from html: a) when displaying "formatted text" b) when "formatted text" get's input by the user
83 lines
2.3 KiB
PHP
Executable File
83 lines
2.3 KiB
PHP
Executable File
<?php
|
|
|
|
/**
|
|
* Registry object that contains information about the current context.
|
|
* @warning Is a bit buggy when variables are set to null: it thinks
|
|
* they don't exist! So use false instead, please.
|
|
* @note Since the variables Context deals with may not be objects,
|
|
* references are very important here! Do not remove!
|
|
*/
|
|
class HTMLPurifier_Context
|
|
{
|
|
|
|
/**
|
|
* Private array that stores the references.
|
|
*/
|
|
private $_storage = array();
|
|
|
|
/**
|
|
* Registers a variable into the context.
|
|
* @param $name String name
|
|
* @param $ref Reference to variable to be registered
|
|
*/
|
|
public function register($name, &$ref) {
|
|
if (isset($this->_storage[$name])) {
|
|
trigger_error("Name $name produces collision, cannot re-register",
|
|
E_USER_ERROR);
|
|
return;
|
|
}
|
|
$this->_storage[$name] =& $ref;
|
|
}
|
|
|
|
/**
|
|
* Retrieves a variable reference from the context.
|
|
* @param $name String name
|
|
* @param $ignore_error Boolean whether or not to ignore error
|
|
*/
|
|
public function &get($name, $ignore_error = false) {
|
|
if (!isset($this->_storage[$name])) {
|
|
if (!$ignore_error) {
|
|
trigger_error("Attempted to retrieve non-existent variable $name",
|
|
E_USER_ERROR);
|
|
}
|
|
$var = null; // so we can return by reference
|
|
return $var;
|
|
}
|
|
return $this->_storage[$name];
|
|
}
|
|
|
|
/**
|
|
* Destorys a variable in the context.
|
|
* @param $name String name
|
|
*/
|
|
public function destroy($name) {
|
|
if (!isset($this->_storage[$name])) {
|
|
trigger_error("Attempted to destroy non-existent variable $name",
|
|
E_USER_ERROR);
|
|
return;
|
|
}
|
|
unset($this->_storage[$name]);
|
|
}
|
|
|
|
/**
|
|
* Checks whether or not the variable exists.
|
|
* @param $name String name
|
|
*/
|
|
public function exists($name) {
|
|
return isset($this->_storage[$name]);
|
|
}
|
|
|
|
/**
|
|
* Loads a series of variables from an associative array
|
|
* @param $context_array Assoc array of variables to load
|
|
*/
|
|
public function loadArray($context_array) {
|
|
foreach ($context_array as $key => $discard) {
|
|
$this->register($key, $context_array[$key]);
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|