mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-05 14:20:40 +01:00
8f797be836
- can be used via html class like: $clean_html = html::purify($html); - using it now in eTemplate to remove malicious code from html: a) when displaying "formatted text" b) when "formatted text" get's input by the user
46 lines
1.4 KiB
PHP
Executable File
46 lines
1.4 KiB
PHP
Executable File
<?php
|
|
|
|
/**
|
|
* Injector that converts configuration directive syntax %Namespace.Directive
|
|
* to links
|
|
*/
|
|
class HTMLPurifier_Injector_PurifierLinkify extends HTMLPurifier_Injector
|
|
{
|
|
|
|
public $name = 'PurifierLinkify';
|
|
public $docURL;
|
|
public $needed = array('a' => array('href'));
|
|
|
|
public function prepare($config, $context) {
|
|
$this->docURL = $config->get('AutoFormatParam', 'PurifierLinkifyDocURL');
|
|
return parent::prepare($config, $context);
|
|
}
|
|
|
|
public function handleText(&$token) {
|
|
if (!$this->allowsElement('a')) return;
|
|
if (strpos($token->data, '%') === false) return;
|
|
|
|
$bits = preg_split('#%([a-z0-9]+\.[a-z0-9]+)#Si', $token->data, -1, PREG_SPLIT_DELIM_CAPTURE);
|
|
$token = array();
|
|
|
|
// $i = index
|
|
// $c = count
|
|
// $l = is link
|
|
for ($i = 0, $c = count($bits), $l = false; $i < $c; $i++, $l = !$l) {
|
|
if (!$l) {
|
|
if ($bits[$i] === '') continue;
|
|
$token[] = new HTMLPurifier_Token_Text($bits[$i]);
|
|
} else {
|
|
$token[] = new HTMLPurifier_Token_Start('a',
|
|
array('href' => str_replace('%s', $bits[$i], $this->docURL)));
|
|
$token[] = new HTMLPurifier_Token_Text('%' . $bits[$i]);
|
|
$token[] = new HTMLPurifier_Token_End('a');
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|