forked from extern/egroupware
8f797be836
- can be used via html class like: $clean_html = html::purify($html); - using it now in eTemplate to remove malicious code from html: a) when displaying "formatted text" b) when "formatted text" get's input by the user
47 lines
1.4 KiB
PHP
Executable File
47 lines
1.4 KiB
PHP
Executable File
<?php
|
|
|
|
/**
|
|
* Injector that converts http, https and ftp text URLs to actual links.
|
|
*/
|
|
class HTMLPurifier_Injector_Linkify extends HTMLPurifier_Injector
|
|
{
|
|
|
|
public $name = 'Linkify';
|
|
public $needed = array('a' => array('href'));
|
|
|
|
public function handleText(&$token) {
|
|
if (!$this->allowsElement('a')) return;
|
|
|
|
if (strpos($token->data, '://') === false) {
|
|
// our really quick heuristic failed, abort
|
|
// this may not work so well if we want to match things like
|
|
// "google.com", but then again, most people don't
|
|
return;
|
|
}
|
|
|
|
// there is/are URL(s). Let's split the string:
|
|
// Note: this regex is extremely permissive
|
|
$bits = preg_split('#((?:https?|ftp)://[^\s\'"<>()]+)#S', $token->data, -1, PREG_SPLIT_DELIM_CAPTURE);
|
|
|
|
$token = array();
|
|
|
|
// $i = index
|
|
// $c = count
|
|
// $l = is link
|
|
for ($i = 0, $c = count($bits), $l = false; $i < $c; $i++, $l = !$l) {
|
|
if (!$l) {
|
|
if ($bits[$i] === '') continue;
|
|
$token[] = new HTMLPurifier_Token_Text($bits[$i]);
|
|
} else {
|
|
$token[] = new HTMLPurifier_Token_Start('a', array('href' => $bits[$i]));
|
|
$token[] = new HTMLPurifier_Token_Text($bits[$i]);
|
|
$token[] = new HTMLPurifier_Token_End('a');
|
|
}
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// vim: et sw=4 sts=4
|