diff options
author | Mario Vavti <mario@mariovavti.com> | 2020-08-22 19:50:15 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2020-08-22 19:50:15 +0200 |
commit | 32bdf42913518b3421986cb4d49d62ed1b04354e (patch) | |
tree | eaae737fcd43e2d712fc8f105052fa5b3924d924 /vendor | |
parent | 53a010d1d448f54f1a685bec0411c69e4b0fbe04 (diff) | |
download | volse-hubzilla-32bdf42913518b3421986cb4d49d62ed1b04354e.tar.gz volse-hubzilla-32bdf42913518b3421986cb4d49d62ed1b04354e.tar.bz2 volse-hubzilla-32bdf42913518b3421986cb4d49d62ed1b04354e.zip |
composer update htmlpurifier
Diffstat (limited to 'vendor')
72 files changed, 53 insertions, 8932 deletions
diff --git a/vendor/composer/autoload_classmap.php b/vendor/composer/autoload_classmap.php index 73bf8630c..54a5ea11d 100644 --- a/vendor/composer/autoload_classmap.php +++ b/vendor/composer/autoload_classmap.php @@ -193,7 +193,6 @@ return array( 'HTMLPurifier_Injector_SafeObject' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php', 'HTMLPurifier_Language' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/Language.php', 'HTMLPurifier_LanguageFactory' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/LanguageFactory.php', - 'HTMLPurifier_Language_en_x_test' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/Language/classes/en-x-test.php', 'HTMLPurifier_Length' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/Length.php', 'HTMLPurifier_Lexer' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/Lexer.php', 'HTMLPurifier_Lexer_DOMLex' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier/Lexer/DOMLex.php', diff --git a/vendor/composer/autoload_static.php b/vendor/composer/autoload_static.php index da5aa06ad..fd44b4266 100644 --- a/vendor/composer/autoload_static.php +++ b/vendor/composer/autoload_static.php @@ -361,7 +361,6 @@ class ComposerStaticInit7b34d7e50a62201ec5d5e526a5b8b35d 'HTMLPurifier_Injector_SafeObject' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier/Injector/SafeObject.php', 'HTMLPurifier_Language' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier/Language.php', 'HTMLPurifier_LanguageFactory' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier/LanguageFactory.php', - 'HTMLPurifier_Language_en_x_test' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier/Language/classes/en-x-test.php', 'HTMLPurifier_Length' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier/Length.php', 'HTMLPurifier_Lexer' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier/Lexer.php', 'HTMLPurifier_Lexer_DOMLex' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier/Lexer/DOMLex.php', diff --git a/vendor/composer/installed.json b/vendor/composer/installed.json index 2d2a3f48a..5de750e76 100644 --- a/vendor/composer/installed.json +++ b/vendor/composer/installed.json @@ -211,17 +211,17 @@ }, { "name": "ezyang/htmlpurifier", - "version": "v4.12.0", - "version_normalized": "4.12.0.0", + "version": "v4.13.0", + "version_normalized": "4.13.0.0", "source": { "type": "git", "url": "https://github.com/ezyang/htmlpurifier.git", - "reference": "a617e55bc62a87eec73bd456d146d134ad716f03" + "reference": "08e27c97e4c6ed02f37c5b2b20488046c8d90d75" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/a617e55bc62a87eec73bd456d146d134ad716f03", - "reference": "a617e55bc62a87eec73bd456d146d134ad716f03", + "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/08e27c97e4c6ed02f37c5b2b20488046c8d90d75", + "reference": "08e27c97e4c6ed02f37c5b2b20488046c8d90d75", "shasum": "" }, "require": { @@ -230,7 +230,7 @@ "require-dev": { "simpletest/simpletest": "dev-master#72de02a7b80c6bb8864ef9bf66d41d2f58f826bd" }, - "time": "2019-10-28T03:44:26+00:00", + "time": "2020-06-29T00:56:53+00:00", "type": "library", "installation-source": "dist", "autoload": { @@ -239,6 +239,9 @@ }, "files": [ "library/HTMLPurifier.composer.php" + ], + "exclude-from-classmap": [ + "/library/HTMLPurifier/Language/" ] }, "notification-url": "https://packagist.org/downloads/", diff --git a/vendor/ezyang/htmlpurifier/INSTALL b/vendor/ezyang/htmlpurifier/INSTALL deleted file mode 100644 index 5f6a965f3..000000000 --- a/vendor/ezyang/htmlpurifier/INSTALL +++ /dev/null @@ -1,341 +0,0 @@ - -Install - How to install HTML Purifier - -HTML Purifier is designed to run out of the box, so actually using the -library is extremely easy. (Although... if you were looking for a -step-by-step installation GUI, you've downloaded the wrong software!) - -While the impatient can get going immediately with some of the sample -code at the bottom of this library, it's well worth reading this entire -document--most of the other documentation assumes that you are familiar -with these contents. - - ---------------------------------------------------------------------------- -1. Compatibility - -HTML Purifier is PHP 5 and PHP 7, and is actively tested from PHP 5.3 -and up. It has no core dependencies with other libraries. - -These optional extensions can enhance the capabilities of HTML Purifier: - - * iconv : Converts text to and from non-UTF-8 encodings - * bcmath : Used for unit conversion and imagecrash protection - * tidy : Used for pretty-printing HTML - -These optional libraries can enhance the capabilities of HTML Purifier: - - * CSSTidy : Clean CSS stylesheets using %Core.ExtractStyleBlocks - Note: You should use the modernized fork of CSSTidy available - at https://github.com/Cerdic/CSSTidy - * Net_IDNA2 (PEAR) : IRI support using %Core.EnableIDNA - Note: This is not necessary for PHP 5.3 or later - ---------------------------------------------------------------------------- -2. Reconnaissance - -A big plus of HTML Purifier is its inerrant support of standards, so -your web-pages should be standards-compliant. (They should also use -semantic markup, but that's another issue altogether, one HTML Purifier -cannot fix without reading your mind.) - -HTML Purifier can process these doctypes: - -* XHTML 1.0 Transitional (default) -* XHTML 1.0 Strict -* HTML 4.01 Transitional -* HTML 4.01 Strict -* XHTML 1.1 - -...and these character encodings: - -* UTF-8 (default) -* Any encoding iconv supports (with crippled internationalization support) - -These defaults reflect what my choices would be if I were authoring an -HTML document, however, what you choose depends on the nature of your -codebase. If you don't know what doctype you are using, you can determine -the doctype from this identifier at the top of your source code: - - <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" - "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> - -...and the character encoding from this code: - - <meta http-equiv="Content-type" content="text/html;charset=ENCODING"> - -If the character encoding declaration is missing, STOP NOW, and -read 'docs/enduser-utf8.html' (web accessible at -http://htmlpurifier.org/docs/enduser-utf8.html). In fact, even if it is -present, read this document anyway, as many websites specify their -document's character encoding incorrectly. - - ---------------------------------------------------------------------------- -3. Including the library - -The procedure is quite simple: - - require_once '/path/to/library/HTMLPurifier.auto.php'; - -This will setup an autoloader, so the library's files are only included -when you use them. - -Only the contents in the library/ folder are necessary, so you can remove -everything else when using HTML Purifier in a production environment. - -If you installed HTML Purifier via PEAR, all you need to do is: - - require_once 'HTMLPurifier.auto.php'; - -Please note that the usual PEAR practice of including just the classes you -want will not work with HTML Purifier's autoloading scheme. - -Advanced users, read on; other users can skip to section 4. - -Autoload compatibility ----------------------- - - HTML Purifier attempts to be as smart as possible when registering an - autoloader, but there are some cases where you will need to change - your own code to accomodate HTML Purifier. These are those cases: - - AN __autoload FUNCTION IS DECLARED AFTER OUR AUTOLOADER IS REGISTERED - spl_autoload_register() has the curious behavior of disabling - the existing __autoload() handler. Users need to explicitly - spl_autoload_register('__autoload'). Because we use SPL when it - is available, __autoload() will ALWAYS be disabled. If __autoload() - is declared before HTML Purifier is loaded, this is not a problem: - HTML Purifier will register the function for you. But if it is - declared afterwards, it will mysteriously not work. This - snippet of code (after your autoloader is defined) will fix it: - - spl_autoload_register('__autoload') - - -For better performance ----------------------- - - Opcode caches, which greatly speed up PHP initialization for scripts - with large amounts of code (HTML Purifier included), don't like - autoloaders. We offer an include file that includes all of HTML Purifier's - files in one go in an opcode cache friendly manner: - - // If /path/to/library isn't already in your include path, uncomment - // the below line: - // require '/path/to/library/HTMLPurifier.path.php'; - - require 'HTMLPurifier.includes.php'; - - Optional components still need to be included--you'll know if you try to - use a feature and you get a class doesn't exists error! The autoloader - can be used in conjunction with this approach to catch classes that are - missing. Simply add this afterwards: - - require 'HTMLPurifier.autoload.php'; - -Standalone version ------------------- - - HTML Purifier has a standalone distribution; you can also generate - a standalone file from the full version by running the script - maintenance/generate-standalone.php . The standalone version has the - benefit of having most of its code in one file, so parsing is much - faster and the library is easier to manage. - - If HTMLPurifier.standalone.php exists in the library directory, you - can use it like this: - - require '/path/to/HTMLPurifier.standalone.php'; - - This is equivalent to including HTMLPurifier.includes.php, except that - the contents of standalone/ will be added to your path. To override this - behavior, specify a new HTMLPURIFIER_PREFIX where standalone files can - be found (usually, this will be one directory up, the "true" library - directory in full distributions). Don't forget to set your path too! - - The autoloader can be added to the end to ensure the classes are - loaded when necessary; otherwise you can manually include them. - To use the autoloader, use this: - - require 'HTMLPurifier.autoload.php'; - -For advanced users ------------------- - - HTMLPurifier.auto.php performs a number of operations that can be done - individually. These are: - - HTMLPurifier.path.php - Puts /path/to/library in the include path. For high performance, - this should be done in php.ini. - - HTMLPurifier.autoload.php - Registers our autoload handler HTMLPurifier_Bootstrap::autoload($class). - - You can do these operations by yourself, if you like. - - ---------------------------------------------------------------------------- -4. Configuration - -HTML Purifier is designed to run out-of-the-box, but occasionally HTML -Purifier needs to be told what to do. If you answer no to any of these -questions, read on; otherwise, you can skip to the next section (or, if you're -into configuring things just for the heck of it, skip to 4.3). - -* Am I using UTF-8? -* Am I using XHTML 1.0 Transitional? - -If you answered no to any of these questions, instantiate a configuration -object and read on: - - $config = HTMLPurifier_Config::createDefault(); - - -4.1. Setting a different character encoding - -You really shouldn't use any other encoding except UTF-8, especially if you -plan to support multilingual websites (read section three for more details). -However, switching to UTF-8 is not always immediately feasible, so we can -adapt. - -HTML Purifier uses iconv to support other character encodings, as such, -any encoding that iconv supports <http://www.gnu.org/software/libiconv/> -HTML Purifier supports with this code: - - $config->set('Core.Encoding', /* put your encoding here */); - -An example usage for Latin-1 websites (the most common encoding for English -websites): - - $config->set('Core.Encoding', 'ISO-8859-1'); - -Note that HTML Purifier's support for non-Unicode encodings is crippled by the -fact that any character not supported by that encoding will be silently -dropped, EVEN if it is ampersand escaped. If you want to work around -this, you are welcome to read docs/enduser-utf8.html for a fix, -but please be cognizant of the issues the "solution" creates (for this -reason, I do not include the solution in this document). - - -4.2. Setting a different doctype - -For those of you using HTML 4.01 Transitional, you can disable -XHTML output like this: - - $config->set('HTML.Doctype', 'HTML 4.01 Transitional'); - -Other supported doctypes include: - - * HTML 4.01 Strict - * HTML 4.01 Transitional - * XHTML 1.0 Strict - * XHTML 1.0 Transitional - * XHTML 1.1 - - -4.3. Other settings - -There are more configuration directives which can be read about -here: <http://htmlpurifier.org/live/configdoc/plain.html> They're a bit boring, -but they can help out for those of you who like to exert maximum control over -your code. Some of the more interesting ones are configurable at the -demo <http://htmlpurifier.org/demo.php> and are well worth looking into -for your own system. - -For example, you can fine tune allowed elements and attributes, convert -relative URLs to absolute ones, and even autoparagraph input text! These -are, respectively, %HTML.Allowed, %URI.MakeAbsolute and %URI.Base, and -%AutoFormat.AutoParagraph. The %Namespace.Directive naming convention -translates to: - - $config->set('Namespace.Directive', $value); - -E.g. - - $config->set('HTML.Allowed', 'p,b,a[href],i'); - $config->set('URI.Base', 'http://www.example.com'); - $config->set('URI.MakeAbsolute', true); - $config->set('AutoFormat.AutoParagraph', true); - - ---------------------------------------------------------------------------- -5. Caching - -HTML Purifier generates some cache files (generally one or two) to speed up -its execution. For maximum performance, make sure that -library/HTMLPurifier/DefinitionCache/Serializer is writeable by the webserver. - -If you are in the library/ folder of HTML Purifier, you can set the -appropriate permissions using: - - chmod -R 0755 HTMLPurifier/DefinitionCache/Serializer - -If the above command doesn't work, you may need to assign write permissions -to group: - - chmod -R 0775 HTMLPurifier/DefinitionCache/Serializer - -You can also chmod files via your FTP client; this option -is usually accessible by right clicking the corresponding directory and -then selecting "chmod" or "file permissions". - -Starting with 2.0.1, HTML Purifier will generate friendly error messages -that will tell you exactly what you have to chmod the directory to, if in doubt, -follow its advice. - -If you are unable or unwilling to give write permissions to the cache -directory, you can either disable the cache (and suffer a performance -hit): - - $config->set('Core.DefinitionCache', null); - -Or move the cache directory somewhere else (no trailing slash): - - $config->set('Cache.SerializerPath', '/home/user/absolute/path'); - - ---------------------------------------------------------------------------- -6. Using the code - -The interface is mind-numbingly simple: - - $purifier = new HTMLPurifier($config); - $clean_html = $purifier->purify( $dirty_html ); - -That's it! For more examples, check out docs/examples/ (they aren't very -different though). Also, docs/enduser-slow.html gives advice on what to -do if HTML Purifier is slowing down your application. - - ---------------------------------------------------------------------------- -7. Quick install - -First, make sure library/HTMLPurifier/DefinitionCache/Serializer is -writable by the webserver (see Section 5: Caching above for details). -If your website is in UTF-8 and XHTML Transitional, use this code: - -<?php - require_once '/path/to/htmlpurifier/library/HTMLPurifier.auto.php'; - - $config = HTMLPurifier_Config::createDefault(); - $purifier = new HTMLPurifier($config); - $clean_html = $purifier->purify($dirty_html); -?> - -If your website is in a different encoding or doctype, use this code: - -<?php - require_once '/path/to/htmlpurifier/library/HTMLPurifier.auto.php'; - - $config = HTMLPurifier_Config::createDefault(); - $config->set('Core.Encoding', 'ISO-8859-1'); // replace with your encoding - $config->set('HTML.Doctype', 'HTML 4.01 Transitional'); // replace with your doctype - $purifier = new HTMLPurifier($config); - - $clean_html = $purifier->purify($dirty_html); -?> - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/INSTALL.fr.utf8 b/vendor/ezyang/htmlpurifier/INSTALL.fr.utf8 deleted file mode 100644 index 629387e2e..000000000 --- a/vendor/ezyang/htmlpurifier/INSTALL.fr.utf8 +++ /dev/null @@ -1,60 +0,0 @@ - -Installation - Comment installer HTML Purifier - -Attention : Ce document est encodé en UTF-8, si les lettres avec des accents -ne s'affichent pas, prenez un meilleur éditeur de texte. - -L'installation de HTML Purifier est très simple, parce qu'il n'a pas besoin -de configuration. Pour les utilisateurs impatients, le code se trouve dans le -pied de page, mais je recommande de lire le document. - -1. Compatibilité - -HTML Purifier fonctionne avec PHP 5. PHP 5.3 est la dernière version testée. -Il ne dépend pas d'autres librairies. - -Les extensions optionnelles sont iconv (généralement déjà installée) et tidy -(répendue aussi). Si vous utilisez UTF-8 et que vous ne voulez pas l'indentation, -vous pouvez utiliser HTML Purifier sans ces extensions. - - -2. Inclure la librairie - -Quand vous devez l'utilisez, incluez le : - - require_once('/path/to/library/HTMLPurifier.auto.php'); - -Ne pas l'inclure si ce n'est pas nécessaire, car HTML Purifier est lourd. - -HTML Purifier utilise "autoload". Si vous avez défini la fonction __autoload, -vous devez ajouter cette fonction : - - spl_autoload_register('__autoload') - -Plus d'informations dans le document "INSTALL". - -3. Installation rapide - -Si votre site Web est en UTF-8 et XHTML Transitional, utilisez : - -<?php - require_once('/path/to/htmlpurifier/library/HTMLPurifier.auto.php'); - $purificateur = new HTMLPurifier(); - $html_propre = $purificateur->purify($html_a_purifier); -?> - -Sinon, utilisez : - -<?php - require_once('/path/to/html/purifier/library/HTMLPurifier.auto.load'); - $config = $HTMLPurifier_Config::createDefault(); - $config->set('Core', 'Encoding', 'ISO-8859-1'); //Remplacez par votre - encodage - $config->set('Core', 'XHTML', true); //Remplacer par false si HTML 4.01 - $purificateur = new HTMLPurifier($config); - $html_propre = $purificateur->purify($html_a_purifier); -?> - - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/NEWS b/vendor/ezyang/htmlpurifier/NEWS deleted file mode 100644 index 352835012..000000000 --- a/vendor/ezyang/htmlpurifier/NEWS +++ /dev/null @@ -1,1224 +0,0 @@ -NEWS ( CHANGELOG and HISTORY ) HTMLPurifier -||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| - -= KEY ==================== - # Breaks back-compat - ! Feature - - Bugfix - + Sub-comment - . Internal change -========================== - -4.12.0, released 2019-10-27 -! PHP 7.4 is supported, thank you Witold Wasiczko, Mateuz Turcza and - Edi Modrić -- PHPDocs for HTMLModule::addElement() and Bool attr are fixed (thanks - Mateusz) - -4.11.0, released 2019-07-14 -# SafeScripting now matches case-sensitively against its whitelist (previously it was - case-insensitive.) Thanks Dimitri Gritsajuk <gritsajuk.dimitri@gmail.com> - for reporting. -! New directive %Core.AllowParseManyTags which allows parsing of many nested tags. - Thanks M. Suzuki <msuzuki1986@gmail.com> for contributing the patch. -! purifyArray now supports multidimensional arrays. Thanks - Sandro Miguel Marques <sandromiguel@sandromiguel.com> for contributing this patch. -! initial and inherit settings available for width, height, and the min-/max- - versions thereof. Thanks Michael Kliewe <info@phpgansta.de> for contributing - this patch. -! More color names are supported. Thanks Daijobou for contributing. -- Compatibility fixes for PHP 7.3, including new CI for PHP 7.3 - (thank you Lukas Neumann <lksnmnn@gmail.com>) and removal of - reserved words in our constants (thanks Darko Hrgovic <darko@darkodev.com> -- Compatibility fixes for HHVM. Thanks Mateusz Turcza for contributing - this fix. -- HTML Purifier now never defines __autoload, fixing #196. Thanks - Michael Kliewe for reporting. -- In some situations, Config.php would report an undefined index: class - error; this has been fixed. Thanks DiLong Fa for contributing - this fix. -- We no longer produce <script /> tags; we always explicitly write - out the open and close tag. Thanks Dimitri Gritsajuk - <gritsajuk.dimitri@gmail.com> for contributing this fix. -- Better compatibility when IDNA constants are not present. Thanks - Mateusz Turcza <xemlock@gmail.com> for contributing this fix. - -4.10.0, released 2018-02-22 -# PHP 5.3 is no longer officially supported by HTML Purifier - (we did not specifically break support, but we are no longer - testing on PHP 5.3) -! Relative CSS length units are now supported -- A few PHP 7.2 compatibility fixes, thanks John Flatness - <john@zerocrates.org> -- Improve portability with old versions of libxml which don't - support accessing the data of a node -- IDNA2008 is now used for converting domains to ASCII, fixing - some rather strange bugs with international domains -- Fix race condition resulting in E_WARNING when creating - directories with Serializer - -4.9.3, released 2017-06-02 -- Workaround PHP 7.1 infinite loop when opcode cache is enabled. - Thanks @Xiphin (#134, #135) -- Don't use autoloader when testing for DOMDocument. Hypothetically, - this could cause your install to start using DirectLex if you had - previously been monkeypatching in a custom, autoloaded implementation - of DOMDocument. Don't do that. Thanks @Izumi-kun (#130) - -4.9.2, released 2017-03-12 -- Fixes PHP 5.3 compatibility -- Fix breakage when decoding decimal entities. Thanks @rybakit (#129) - -4.9.1, released 2017-03-08 -! %URI.DefaultScheme can now be set to null, in which case - all relative paths are removed. -! New CSS properties: min-width, max-width, min-height, max-height (#94) -! Transparency (rgba) and hsl/hsla supported where color CSS is present. - Thanks @fxbt for contributing the patch. (#118) -- When idn_to_ascii is defined, we might accept malformed - hostnames. Apply validation to the result in such cases. -- Close directory when done in Serializer DefinitionCache (#100) -- Deleted some asserts to avoid linters from choking (#97) -- Rework Serializer cache behavior to avoid chmod'ing if possible (#32) -- Embedded semicolons in strings in CSS are now handled correctly! -- We accidentally dropped certain Unicode characters if there was - one or more invalid characters. This has been fixed, thanks - to mpyw <ryosuke_i_628@yahoo.co.jp> -- Fix for "Don't truncate upon encountering </div> when using DOMLex" - caused a regression with HTML 4.01 Strict parsing with libxml 2.9.1 - (and maybe later versions, but known OK with libxml 2.9.4). The - fix is to go about handling truncation a bit more cleverly so that - we can wrap with divs (sidestepping the bug) but slurping out the - rest of the text in case it ran off the end. (#78) -- Fix PREG_BACKTRACK_LIMIT_ERROR in HTMLPurifier_Filter_ExtractStyle. - Thanks @breathbath for contributing the report and fix (#120) -- Fix entity decoding algorithm to be more conservative about - decoding entities that are missing trailing semicolon. - To get old behavior, set %Core.LegacyEntityDecoder to true. - (#119) -- Workaround libxml bug when HTML tags are embedded inside - script tags. To disable workaround set %Core.AggressivelyRemoveScript - to false. (#83) -# By default, when a link has a target attribute associated - with it, we now also add rel="noopener" in order to - prevent the new window from being able to overwrite - the original frame. To disable this protection, - set %HTML.TargetNoopener to FALSE. - -4.9.0 was cut on Git but never properly released; when we did the -real release we decided to skip this version number. - -4.8.0, released 2016-07-16 -# By default, when a link has a target attribute associated - with it, we now also add rel="noreferrer" in order to - prevent the new window from being able to overwrite - the original frame. To disable this protection, - set %HTML.TargetNoreferrer to FALSE. -! Full PHP 7 compatibility, the test suite is ALL GO. -! %CSS.AllowDuplicates permits duplicate CSS properties. -! Support for 'tel' URIs. -! Partial support for 'border-radius' properties when %CSS.AllowProprietary is true. - The slash syntax, i.e., 'border-radius: 2em 1em 4em / 0.5em 3em' is not - yet supported. -! %Attr.ID.HTML5 turns on HTML5-style ID handling. -- alt truncation could result in malformed UTF-8 sequence. Don't - truncate. Thanks Brandon Farber for reporting. -- Linkify regex is smarter, based off of Gruber's regex. -- IDNA supported natively on PHP 5.3 and later. -- Non all-numeric top-level names (e.g., foo.1f, 1f) are now - allowed. -- Minor bounds error fix to squash a PHP 7 notice. -- Support non-/tmp temporary directories for data:// validation -- Give a better error message when a user attempts to allow - ul/ol without allowing li. -- On some versions of PHP, the Serializer DefinitionCache could - infinite loop when the directory exists but is not listable. (#49) -- Don't match for <body> inside comments with - %Core.ConvertDocumentToFragment. (#67) -- SafeObject is now less case sensitive. (#57) -- AutoFormat.RemoveEmpty.Predicate now correctly renders in - web form. (#85) - -4.7.0, released 2015-08-04 -# opacity is now considered a "tricky" CSS property rather than a - proprietary one. -! %AutoFormat.RemoveEmpty.Predicate for specifying exactly when - an element should be considered "empty" (maybe preserve if it - has attributes), and modify iframe support so that the iframe - is removed if it is missing a src attribute. Thanks meeva for - reporting. -- Don't truncate upon encountering </div> when using DOMLex. Thanks - Myrto Christina for finally convincing me to fix this. -- Update YouTube filter for new code. -- Fix parsing of rgb() values with spaces in them for 'border' - attribute. -- Don't remove foo="" attributes if foo is a boolean attribute. Thanks - valME for reporting. - -4.6.0, released 2013-11-30 -# Secure URI munge hashing algorithm has changed to hash_hmac("sha256", $url, $secret). - Please update any verification scripts you may have. -# URI parsing algorithm was made more strict, so only prefixes which - looks like schemes will actually be schemes. Thanks - Michael Gusev <mgusev@sugarcrm.com> for fixing. -# %Core.EscapeInvalidChildren is no longer supported, and no longer does - anything. -! New directive %Core.AllowHostnameUnderscore which allows underscores - in hostnames. -- Eliminate quadratic behavior in DOMLex by using a proper queue. - Thanks Ole Laursen for noticing this. -- Rewritten MakeWellFormed/FixNesting implementation eliminates quadratic - behavior in the rest of the purificaiton pipeline. Thanks Chedburn - Networks for sponsoring this work. -- Made Linkify URL parser a bit less permissive, so that non-breaking - spaces and commas are not included as part of URL. Thanks nAS for fixing. -- Fix some bad interactions with %HTML.Allowed and injectors. Thanks - David Hirtz for reporting. -- Fix infinite loop in DirectLex. Thanks Ashar Javed (@soaj1664ashar) - for reporting. - -4.5.0, released 2013-02-17 -# Fix bug where stacked attribute transforms clobber each other; - this also means it's no longer possible to override attribute - transforms in later modules. No internal code was using this - but this may break some clients. -# We now use SHA-1 to identify cached definitions, instead of MD5. -! Support display:inline-block -! Support for more white-space CSS values. -! Permit underscores in font families -! Support for page-break-* CSS3 properties when proprietary properties - are enabled. -! New directive %Core.DisableExcludes; can be set to 'true' to turn off - SGML excludes checking. If HTML Purifier is removing too much text - and you don't care about full standards compliance, try setting this to - 'true'. -- Use prepend for SPL autoloading on PHP 5.3 and later. -- Fix bug with nofollow transform when pre-existing rel exists. -- Fix bug where background:url() always gets lower-cased - (but not background-image:url()) -- Fix bug with non lower-case color names in HTML -- Fix bug where data URI validation doesn't remove temporary files. - Thanks Javier MarÃn Ros <javiermarinros@gmail.com> for reporting. -- Don't remove certain empty tags on RemoveEmpty. - -4.4.0, released 2012-01-18 -# Removed PEARSax3 handler. -# URI.Munge now munges URIs inside the same host that go from https - to http. Reported by Neike Taika-Tessaro. -# Core.EscapeNonASCIICharacters now always transforms entities to - entities, even if target encoding is UTF-8. -# Tighten up selector validation in ExtractStyleBlocks. - Non-syntactically valid selectors are now rejected, along with - some of the more obscure ones such as attribute selectors, the - :lang pseudoselector, and anything not in CSS2.1. Furthermore, - ID and class selectors now work properly with the relevant - configuration attributes. Also, mute errors when parsing CSS - with CSS Tidy. Reported by Mario Heiderich and Norman Hippert. -! Added support for 'scope' attribute on tables. -! Added %HTML.TargetBlank, which adds target="blank" to all outgoing links. -! Properly handle sub-lists directly nested inside of lists in - a standards compliant way, by moving them into the preceding <li> -! Added %HTML.AllowedComments and %HTML.AllowedCommentsRegexp for - limited allowed comments in untrusted situations. -! Implement iframes, and allow them to be used in untrusted mode with - %HTML.SafeIframe and %URI.SafeIframeRegexp. Thanks Bradley M. Froehle - <brad.froehle@gmail.com> for submitting an initial version of the patch. -! The Forms module now works properly for transitional doctypes. -! Added support for internationalized domain names. You need the PEAR - Net_IDNA2 module to be in your path; if it is installed, ensure the - class can be loaded and then set %Core.EnableIDNA to true. -- Color keywords are now case insensitive. Thanks Yzmir Ramirez - <yramirez-htmlpurifier@adicio.com> for reporting. -- Explicitly initialize anonModule variable to null. -- Do not duplicate nofollow if already present. Thanks 178 - for reporting. -- Do not add nofollow if hostname matches our current host. Thanks 178 - for reporting, and Neike Taika-Tessaro for helping diagnose. -- Do not unset parser variable; this fixes intermittent serialization - problems. Thanks Neike Taika-Tessaro for reporting, bill - <10010tiger@gmail.com> for diagnosing. -- Fix iconv truncation bug, where non-UTF-8 target encodings see - output truncated after around 8000 characters. Thanks Jörg Ludwig - <joerg.ludwig@iserv.eu> for reporting. -- Fix broken table content model for XHTML1.1 (and also earlier - versions, although the W3C validator doesn't catch those violations). - Thanks GlitchMr <glitch.mr@gmail.com> for reporting. - -4.3.0, released 2011-03-27 -# Fixed broken caching of customized raw definitions, but requires an - API change. The old API still works but will emit a warning, - see http://htmlpurifier.org/docs/enduser-customize.html#optimized - for how to upgrade your code. -# Protect against Internet Explorer innerHTML behavior by specially - treating attributes with backticks but no angled brackets, quotes or - spaces. This constitutes a slight semantic change, which can be - reverted using %Output.FixInnerHTML. Reported by Neike Taika-Tessaro - and Mario Heiderich. -# Protect against cssText/innerHTML by restricting allowed characters - used in fonts further than mandated by the specification and encoding - some extra special characters in URLs. Reported by Neike - Taika-Tessaro and Mario Heiderich. -! Added %HTML.Nofollow to add rel="nofollow" to external links. -! More types of SPL autoloaders allowed on later versions of PHP. -! Implementations for position, top, left, right, bottom, z-index - when %CSS.Trusted is on. -! Add %Cache.SerializerPermissions option for custom serializer - directory/file permissions -! Fix longstanding bug in Flash support for non-IE browsers, and - allow more wmode attributes. -! Add %CSS.AllowedFonts to restrict permissible font names. -- Switch to an iterative traversal of the DOM, which prevents us - from running out of stack space for deeply nested documents. - Thanks Maxim Krizhanovsky for contributing a patch. -- Make removal of conditional IE comments ungreedy; thanks Bernd - for reporting. -- Escape CDATA before removing Internet Explorer comments. -- Fix removal of id attributes under certain conditions by ensuring - armor attributes are preserved when recreating tags. -- Check if schema.ser was corrupted. -- Check if zend.ze1_compatibility_mode is on, and error out if it is. - This safety check is only done for HTMLPurifier.auto.php; if you - are using standalone or the specialized includes files, you're - expected to know what you're doing. -- Stop repeatedly writing the cache file after I'm done customizing a - raw definition. Reported by ajh. -- Switch to using require_once in the Bootstrap to work around bad - interaction with Zend Debugger and APC. Reported by Antonio Parraga. -- Fix URI handling when hostname is missing but scheme is present. - Reported by Neike Taika-Tessaro. -- Fix missing numeric entities on DirectLex; thanks Neike Taika-Tessaro - for reporting. -- Fix harmless notice from indexing into empty string. Thanks Matthijs - Kooijman <matthijs@stdin.nl> for reporting. -- Don't autoclose no parent elements are able to support the element - that triggered the autoclose. In particular fixes strange behavior - of stray <li> tags. Thanks pkuliga@gmail.com for reporting and - Neike Taika-Tessaro <pinkgothic@gmail.com> for debugging assistance. - -4.2.0, released 2010-09-15 -! Added %Core.RemoveProcessingInstructions, which lets you remove - <? ... ?> statements. -! Added %URI.DisableResources functionality; the directive originally - did nothing. Thanks David Rothstein for reporting. -! Add documentation about configuration directive types. -! Add %CSS.ForbiddenProperties configuration directive. -! Add %HTML.FlashAllowFullScreen to permit embedded Flash objects - to utilize full-screen mode. -! Add optional support for the <code>file</code> URI scheme, enable - by explicitly setting %URI.AllowedSchemes. -! Add %Core.NormalizeNewlines options to allow turning off newline - normalization. -- Fix improper handling of Internet Explorer conditional comments - by parser. Thanks zmonteca for reporting. -- Fix missing attributes bug when running on Mac Snow Leopard and APC. - Thanks sidepodcast for the fix. -- Warn if an element is allowed, but an attribute it requires is - not allowed. - -4.1.1, released 2010-05-31 -- Fix undefined index warnings in maintenance scripts. -- Fix bug in DirectLex for parsing elements with a single attribute - with entities. -- Rewrite CSS output logic for font-family and url(). Thanks Mario - Heiderich <mario.heiderich@googlemail.com> for reporting and Takeshi - Terada <t-terada@violet.plala.or.jp> for suggesting the fix. -- Emit an error for CollectErrors if a body is extracted -- Fix bug where in background-position for center keyword handling. -- Fix infinite loop when a wrapper element is inserted in a context - where it's not allowed. Thanks Lars <lars@renoz.dk> for reporting. -- Remove +x bit and shebang from index.php; only supported mode is to - explicitly call it with php. -- Make test script less chatty when log_errors is on. - -4.1.0, released 2010-04-26 -! Support proprietary height attribute on table element -! Support YouTube slideshows that contain /cp/ in their URL. -! Support for data: URI scheme; not enabled by default, add it using - %URI.AllowedSchemes -! Support flashvars when using %HTML.SafeObject and %HTML.SafeEmbed. -! Support for Internet Explorer compatibility with %HTML.SafeObject - using %Output.FlashCompat. -! Handle <ol><ol> properly, by inserting the necessary <li> tag. -- Always quote the insides of url(...) in CSS. - -4.0.0, released 2009-07-07 -# APIs for ConfigSchema subsystem have substantially changed. See - docs/dev-config-bcbreaks.txt for details; in essence, anything that - had both namespace and directive now have a single unified key. -# Some configuration directives were renamed, specifically: - %AutoFormatParam.PurifierLinkifyDocURL -> %AutoFormat.PurifierLinkify.DocURL - %FilterParam.ExtractStyleBlocksEscaping -> %Filter.ExtractStyleBlocks.Escaping - %FilterParam.ExtractStyleBlocksScope -> %Filter.ExtractStyleBlocks.Scope - %FilterParam.ExtractStyleBlocksTidyImpl -> %Filter.ExtractStyleBlocks.TidyImpl - As usual, the old directive names will still work, but will throw E_NOTICE - errors. -# The allowed values for class have been relaxed to allow all of CDATA for - doctypes that are not XHTML 1.1 or XHTML 2.0. For old behavior, set - %Attr.ClassUseCDATA to false. -# Instead of appending the content model to an old content model, a blank - element will replace the old content model. You can use #SUPER to get - the old content model. -! More robust support for name="" and id="" -! HTMLPurifier_Config::inherit($config) allows you to inherit one - configuration, and have changes to that configuration be propagated - to all of its children. -! Implement %HTML.Attr.Name.UseCDATA, which relaxes validation rules on - the name attribute when set. Use with care. Thanks Ian Cook for - sponsoring. -! Implement %AutoFormat.RemoveEmpty.RemoveNbsp, which removes empty - tags that contain non-breaking spaces as well other whitespace. You - can also modify which tags should have maintained with - %AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions. -! Implement %Attr.AllowedClasses, which allows administrators to restrict - classes users can use to a specified finite set of classes, and - %Attr.ForbiddenClasses, which is the logical inverse. -! You can now maintain your own configuration schema directories by - creating a config-schema.php file or passing an extra argument. Check - docs/dev-config-schema.html for more details. -! Added HTMLPurifier_Config->serialize() method, which lets you save away - your configuration in a compact serial file, which you can unserialize - and use directly without having to go through the overhead of setup. -- Fix bug where URIDefinition would not get cleared if it's directives got - changed. -- Fix fatal error in HTMLPurifier_Encoder on certain platforms (probably NetBSD 5.0) -- Fix bug in Linkify autoformatter involving <a><span>http://foo</span></a> -- Make %URI.Munge not apply to links that have the same host as your host. -- Prevent stray </body> tag from truncating output, if a second </body> - is present. -. Created script maintenance/rename-config.php for renaming a configuration - directive while maintaining its alias. This script does not change source code. -. Implement namespace locking for definition construction, to prevent - bugs where a directive is used for definition construction but is not - used to construct the cache hash. - -3.3.0, released 2009-02-16 -! Implement CSS property 'overflow' when %CSS.AllowTricky is true. -! Implement generic property list classess -- Fix bug with testEncodingSupportsASCII() algorithm when iconv() implementation - does not do the "right thing" with characters not supported in the output - set. -- Spellcheck UTF-8: The Secret To Character Encoding -- Fix improper removal of the contents of elements with only whitespace. Thanks - Eric Wald for reporting. -- Fix broken test suite in versions of PHP without spl_autoload_register() -- Fix degenerate case with YouTube filter involving double hyphens. - Thanks Pierre Attar for reporting. -- Fix YouTube rendering problem on certain versions of Firefox. -- Fix CSSDefinition Printer problems with decorators -- Add text parameter to unit tests, forces text output -. Add verbose mode to command line test runner, use (--verbose) -. Turn on unit tests for UnitConverter -. Fix missing version number in configuration %Attr.DefaultImageAlt (added 3.2.0) -. Fix newline errors that caused spurious failures when CRLF HTML Purifier was - tested on Linux. -. Removed trailing whitespace from all text files, see - remote-trailing-whitespace.php maintenance script. -. Convert configuration to use property list backend. - -3.2.0, released 2008-10-31 -# Using %Core.CollectErrors forces line number/column tracking on, whereas - previously you could theoretically turn it off. -# HTMLPurifier_Injector->notifyEnd() is formally deprecated. Please - use handleEnd() instead. -! %Output.AttrSort for when you need your attributes in alphabetical order to - deal with a bug in FCKEditor. Requested by frank farmer. -! Enable HTML comments when %HTML.Trusted is on. Requested by Waldo Jaquith. -! Proper support for name attribute. It is now allowed and equivalent to the id - attribute in a and img tags, and is only converted to id when %HTML.TidyLevel - is heavy (for all doctypes). -! %AutoFormat.RemoveEmpty to remove some empty tags from documents. Please don't - use on hand-written HTML. -! Add error-cases for unsupported elements in MakeWellFormed. This enables - the strategy to be used, standalone, on untrusted input. -! %Core.AggressivelyFixLt is on by default. This causes more sensible - processing of left angled brackets in smileys and other whatnot. -! Test scripts now have a 'type' parameter, which lets you say 'htmlpurifier', - 'phpt', 'vtest', etc. in order to only execute those tests. This supercedes - the --only-phpt parameter, although for backwards-compatibility the flag - will still work. -! AutoParagraph auto-formatter will now preserve double-newlines upon output. - Users who are not performing inbound filtering, this may seem a little - useless, but as a bonus, the test suite and handling of edge cases is also - improved. -! Experimental implementation of forms for %HTML.Trusted -! Track column numbers when maintain line numbers is on -! Proprietary 'background' attribute on table-related elements converted into - corresponding CSS. Thanks Fusemail for sponsoring this feature! -! Add forward(), forwardUntilEndToken(), backward() and current() to Injector - supertype. -! HTMLPurifier_Injector->handleEnd() permits modification to end tokens. The - time of operation varies slightly from notifyEnd() as *all* end tokens are - processed by the injector before they are subject to the well-formedness rules. -! %Attr.DefaultImageAlt allows overriding default behavior of setting alt to - basename of image when not present. -! %AutoFormat.DisplayLinkURI neuters <a> tags into plain text URLs. -- Fix two bugs in %URI.MakeAbsolute; one involving empty paths in base URLs, - the other involving an undefined $is_folder error. -- Throw error when %Core.Encoding is set to a spurious value. Previously, - this errored silently and returned false. -- Redirected stderr to stdout for flush error output. -- %URI.DisableExternal will now use the host in %URI.Base if %URI.Host is not - available. -- Do not re-munge URL if the output URL has the same host as the input URL. - Requested by Chris. -- Fix error in documentation regarding %Filter.ExtractStyleBlocks -- Prevent <![CDATA[<body></body>]]> from triggering %Core.ConvertDocumentToFragment -- Fix bug with inline elements in blockquotes conflicting with strict doctype -- Detect if HTML support is disabled for DOM by checking for loadHTML() method. -- Fix bug where dots and double-dots in absolute URLs without hostname were - not collapsed by URIFilter_MakeAbsolute. -- Fix bug with anonymous modules operating on SafeEmbed or SafeObject elements - by reordering their addition. -- Will now throw exception on many error conditions during lexer creation; also - throw an exception when MaintainLineNumbers is true, but a non-tracksLineNumbers - is being used. -- Detect if domxml extension is loaded, and use DirectLEx accordingly. -- Improve handling of big numbers with floating point arithmetic in UnitConverter. - Reported by David Morton. -. Strategy_MakeWellFormed now operates in-place, saving memory and allowing - for more interesting filter-backtracking -. New HTMLPurifier_Injector->rewind() functionality, allows injectors to rewind - index to reprocess tokens. -. StringHashParser now allows for multiline sections with "empty" content; - previously the section would remain undefined. -. Added --quick option to multitest.php, which tests only the most recent - release for each series. -. Added --distro option to multitest.php, which accepts either 'normal' or - 'standalone'. This supercedes --exclude-normal and --exclude-standalone - -3.1.1, released 2008-06-19 -# %URI.Munge now, by default, does not munge resources (for example, <img src="">) - In order to enable this again, please set %URI.MungeResources to true. -! More robust imagecrash protection with height/width CSS with %CSS.MaxImgLength, - and height/width HTML with %HTML.MaxImgLength. -! %URI.MungeSecretKey for secure URI munging. Thanks Chris - for sponsoring this feature. Check out the corresponding documentation - for details. (Att Nightly testers: The API for this feature changed before - the general release. Namely, rename your directives %URI.SecureMungeSecretKey => - %URI.MungeSecretKey and and %URI.SecureMunge => %URI.Munge) -! Implemented post URI filtering. Set member variable $post to true to set - a URIFilter as such. -! Allow modules to define injectors via $info_injector. Injectors are - automatically disabled if injector's needed elements are not found. -! Support for "safe" objects added, use %HTML.SafeObject and %HTML.SafeEmbed. - Thanks Chris for sponsoring. If you've been using ad hoc code from the - forums, PLEASE use this instead. -! Added substitutions for %e, %n, %a and %p in %URI.Munge (in order, - embedded, tag name, attribute name, CSS property name). See %URI.Munge - for more details. Requested by Jochem Blok. -- Disable percent height/width attributes for img. -- AttrValidator operations are now atomic; updates to attributes are not - manifest in token until end of operations. This prevents naughty internal - code from directly modifying CurrentToken when they're not supposed to. - This semantics change was requested by frank farmer. -- Percent encoding checks enabled for URI query and fragment -- Fix stray backslashes in font-family; CSS Unicode character escapes are - now properly resolved (although *only* in font-family). Thanks Takeshi Terada - for reporting. -- Improve parseCDATA algorithm to take into account newline normalization -- Account for browser confusion between Yen character and backslash in - Shift_JIS encoding. This fix generalizes to any other encoding which is not - a strict superset of printable ASCII. Thanks Takeshi Terada for reporting. -- Fix missing configuration parameter in Generator calls. Thanks vs for the - partial patch. -- Improved adherence to Unicode by checking for non-character codepoints. - Thanks Geoffrey Sneddon for reporting. This may result in degraded - performance for extremely large inputs. -- Allow CSS property-value pair ''text-decoration: none''. Thanks Jochem Blok - for reporting. -. Added HTMLPurifier_UnitConverter and HTMLPurifier_Length for convenient - handling of CSS-style lengths. HTMLPurifier_AttrDef_CSS_Length now uses - this class. -. API of HTMLPurifier_AttrDef_CSS_Length changed from __construct($disable_negative) - to __construct($min, $max). __construct(true) is equivalent to - __construct('0'). -. Added HTMLPurifier_AttrDef_Switch class -. Rename HTMLPurifier_HTMLModule_Tidy->construct() to setup() and bubble method - up inheritance hierarchy to HTMLPurifier_HTMLModule. All HTMLModules - get this called with the configuration object. All modules now - use this rather than __construct(), although legacy code using constructors - will still work--the new format, however, lets modules access the - configuration object for HTML namespace dependant tweaks. -. AttrDef_HTML_Pixels now takes a single construction parameter, pixels. -. ConfigSchema data-structure heavily optimized; on average it uses a third - the memory it did previously. The interface has changed accordingly, - consult changes to HTMLPurifier_Config for details. -. Variable parsing types now are magic integers instead of strings -. Added benchmark for ConfigSchema -. HTMLPurifier_Generator requires $config and $context parameters. If you - don't know what they should be, use HTMLPurifier_Config::createDefault() - and new HTMLPurifier_Context(). -. Printers now properly distinguish between output configuration, and - target configuration. This is not applicable to scripts using - the Printers for HTML Purifier related tasks. -. HTML/CSS Printers must be primed with prepareGenerator($gen_config), otherwise - fatal errors will ensue. -. URIFilter->prepare can return false in order to abort loading of the filter -. Factory for AttrDef_URI implemented, URI#embedded to indicate URI that embeds - an external resource. -. %URI.Munge functionality factored out into a post-filter class. -. Added CurrentCSSProperty context variable during CSS validation - -3.1.0, released 2008-05-18 -# Unnecessary references to objects (vestiges of PHP4) removed from method - signatures. The following methods do not need references when assigning from - them and will result in E_STRICT errors if you try: - + HTMLPurifier_Config->get*Definition() [* = HTML, CSS] - + HTMLPurifier_ConfigSchema::instance() - + HTMLPurifier_DefinitionCacheFactory::instance() - + HTMLPurifier_DefinitionCacheFactory->create() - + HTMLPurifier_DoctypeRegistry->register() - + HTMLPurifier_DoctypeRegistry->get() - + HTMLPurifier_HTMLModule->addElement() - + HTMLPurifier_HTMLModule->addBlankElement() - + HTMLPurifier_LanguageFactory::instance() -# Printer_ConfigForm's get*() functions were static-ified -# %HTML.ForbiddenAttributes requires attribute declarations to be in the - form of tag@attr, NOT tag.attr (which will throw an error and won't do - anything). This is for forwards compatibility with XML; you'd do best - to migrate an %HTML.AllowedAttributes directives to this syntax too. -! Allow index to be false for config from form creation -! Added HTMLPurifier::VERSION constant -! Commas, not dashes, used for serializer IDs. This change is forwards-compatible - and allows for version numbers like "3.1.0-dev". -! %HTML.Allowed deals gracefully with whitespace anywhere, anytime! -! HTML Purifier's URI handling is a lot more robust, with much stricter - validation checks and better percent encoding handling. Thanks Gareth Heyes - for indicating security vulnerabilities from lax percent encoding. -! Bootstrap autoloader deals more robustly with classes that don't exist, - preventing class_exists($class, true) from barfing. -- InterchangeBuilder now alphabetizes its lists -- Validation error in configdoc output fixed -- Iconv and other encoding errors muted even with custom error handlers that - do not honor error_reporting -- Add protection against imagecrash attack with CSS height/width -- HTMLPurifier::instance() created for consistency, is equivalent to getInstance() -- Fixed and revamped broken ConfigForm smoketest -- Bug with bool/null fields in Printer_ConfigForm fixed -- Bug with global forbidden attributes fixed -- Improved error messages for allowed and forbidden HTML elements and attributes -- Missing (or null) in configdoc documentation restored -- If DOM throws and exception during parsing with PH5P (occurs in newer versions - of DOM), HTML Purifier punts to DirectLex -- Fatal error with unserialization of ScriptRequired -- Created directories are now chmod'ed properly -- Fixed bug with fallback languages in LanguageFactory -- Standalone testing setup properly with autoload -. Out-of-date documentation revised -. UTF-8 encoding check optimization as suggested by Diego -. HTMLPurifier_Error removed in favor of exceptions -. More copy() function removed; should use clone instead -. More extensive unit tests for HTMLDefinition -. assertPurification moved to central harness -. HTMLPurifier_Generator accepts $config and $context parameters during - instantiation, not runtime -. Double-quotes outside of attribute values are now unescaped - -3.1.0rc1, released 2008-04-22 -# Autoload support added. Internal require_once's removed in favor of an - explicit require list or autoloading. To use HTML Purifier, - you must now either use HTMLPurifier.auto.php - or HTMLPurifier.includes.php; setting the include path and including - HTMLPurifier.php is insufficient--in such cases include HTMLPurifier.autoload.php - as well to register our autoload handler (or modify your autoload function - to check HTMLPurifier_Bootstrap::getPath($class)). You can also use - HTMLPurifier.safe-includes.php for a less performance friendly but more - user-friendly library load. -# HTMLPurifier_ConfigSchema static functions are officially deprecated. Schema - information is stored in the ConfigSchema directory, and the - maintenance/generate-schema-cache.php generates the schema.ser file, which - is now instantiated. Support for userland schema changes coming soon! -# HTMLPurifier_Config will now throw E_USER_NOTICE when you use a directive - alias; to get rid of these errors just modify your configuration to use - the new directive name. -# HTMLPurifier->addFilter is deprecated; built-in filters can now be - enabled using %Filter.$filter_name or by setting your own filters using - %Filter.Custom -# Directive-level safety properties superceded in favor of module-level - safety. Internal method HTMLModule->addElement() has changed, although - the externally visible HTMLDefinition->addElement has *not* changed. -! Extra utility classes for testing and non-library operations can - be found in extras/. Specifically, these are FSTools and ConfigDoc. - You may find a use for these in your own project, but right now they - are highly experimental and volatile. -! Integration with PHPT allows for automated smoketests -! Limited support for proprietary HTML elements, namely <marquee>, sponsored - by Chris. You can enable them with %HTML.Proprietary if your client - demands them. -! Support for !important CSS cascade modifier. By default, this will be stripped - from CSS, but you can enable it using %CSS.AllowImportant -! Support for display and visibility CSS properties added, set %CSS.AllowTricky - to true to use them. -! HTML Purifier now has its own Exception hierarchy under HTMLPurifier_Exception. - Developer error (not enduser error) can cause these to be triggered. -! Experimental kses() wrapper introduced with HTMLPurifier.kses.php -! Finally %CSS.AllowedProperties for tweaking allowed CSS properties without - mucking around with HTMLPurifier_CSSDefinition -! ConfigDoc output has been enhanced with version and deprecation info. -! %HTML.ForbiddenAttributes and %HTML.ForbiddenElements implemented. -- Autoclose now operates iteratively, i.e. <span><span><div> now has - both span tags closed. -- Various HTMLPurifier_Config convenience functions now accept another parameter - $schema which defines what HTMLPurifier_ConfigSchema to use besides the - global default. -- Fix bug with trusted script handling in libxml versions later than 2.6.28. -- Fix bug in ExtractStyleBlocks with comments in style tags -- Fix bug in comment parsing for DirectLex -- Flush output now displayed when in command line mode for unit tester -- Fix bug with rgb(0, 1, 2) color syntax with spaces inside shorthand syntax -- HTMLPurifier_HTMLDefinition->addAttribute can now be called multiple times - on the same element without emitting errors. -- Fixed fatal error in PH5P lexer with invalid tag names -. Plugins now get their own changelogs according to project conventions. -. Convert tokens to use instanceof, reducing memory footprint and - improving comparison speed. -. Dry runs now supported in SimpleTest; testing facilities improved -. Bootstrap class added for handling autoloading functionality -. Implemented recursive glob at FSTools->globr -. ConfigSchema now has instance methods for all corresponding define* - static methods. -. A couple of new historical maintenance scripts were added. -. HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php split into two files -. tests/index.php can now be run from any directory. -. HTMLPurifier_Token subclasses split into seperate files -. HTMLPURIFIER_PREFIX now is defined in Bootstrap.php, NOT HTMLPurifier.php -. HTMLPURIFIER_PREFIX can now be defined outside of HTML Purifier -. New --php=php flag added, allows PHP executable to be specified (command - line only!) -. htmlpurifier_add_test() preferred method to translate test files in to - classes, because it handles PHPT files too. -. Debugger class is deprecated and will be removed soon. -. Command line argument parsing for testing scripts revamped, now --opt value - format is supported. -. Smoketests now cleanup after magic quotes -. Generator now can output comments (however, comments are still stripped - from HTML Purifier output) -. HTMLPurifier_ConfigSchema->validate() deprecated in favor of - HTMLPurifier_VarParser->parse() -. Integers auto-cast into float type by VarParser. -. HTMLPURIFIER_STRICT removed; no validation is performed on runtime, only - during cache generation -. Reordered script calls in maintenance/flush.php -. Command line scripts now honor exit codes -. When --flush fails in unit testers, abort tests and print message -. Improved documentation in docs/dev-flush.html about the maintenance scripts -. copy() methods removed in favor of clone keyword - -3.0.0, released 2008-01-06 -# HTML Purifier is PHP 5 only! The 2.1.x branch will be maintained - until PHP 4 is completely deprecated, but no new features will be added - to it. - + Visibility declarations added - + Constructor methods renamed to __construct() - + PHP4 reference cruft removed (in progress) -! CSS properties are now case-insensitive -! DefinitionCacheFactory now can register new implementations -! New HTMLPurifier_Filter_ExtractStyleBlocks for extracting <style> from - documents and cleaning their contents up. Requires the CSSTidy library - <http://csstidy.sourceforge.net/>. You can access the blocks with the - 'StyleBlocks' Context variable ($purifier->context->get('StyleBlocks')). - The output CSS can also be "scoped" for a specific element, use: - %Filter.ExtractStyleBlocksScope -! Experimental support for some proprietary CSS attributes allowed: - opacity (and all of the browser-specific equivalents) and scrollbar colors. - Enable by setting %CSS.Proprietary to true. -- Colors missing # but in hex form will be corrected -- CSS Number algorithm improved -- Unit testing and multi-testing now on steroids: command lines, - XML output, and other goodies now added. -. Unit tests for Injector improved -. New classes: - + HTMLPurifier_AttrDef_CSS_AlphaValue - + HTMLPurifier_AttrDef_CSS_Filter -. Multitest now has a file docblock - -2.1.3, released 2007-11-05 -! tests/multitest.php allows you to test multiple versions by running - tests/index.php through multiple interpreters using `phpv` shell - script (you must provide this script!) -- Fixed poor include ordering for Email URI AttrDefs, causes fatal errors - on some systems. -- Injector algorithm further refined: off-by-one error regarding skip - counts for dormant injectors fixed -- Corrective blockquote definition now enabled for HTML 4.01 Strict -- Fatal error when <img> tag (or any other element with required attributes) - has 'id' attribute fixed, thanks NykO18 for reporting -- Fix warning emitted when a non-supported URI scheme is passed to the - MakeAbsolute URIFilter, thanks NykO18 (again) -- Further refine AutoParagraph injector. Behavior inside of elements - allowing paragraph tags clarified: only inline content delimeted by - double newlines (not block elements) are paragraphed. -- Buggy treatment of end tags of elements that have required attributes - fixed (does not manifest on default tag-set) -- Spurious internal content reorganization error suppressed -- HTMLDefinition->addElement now returns a reference to the created - element object, as implied by the documentation -- Phorum mod's HTML Purifier help message expanded (unreleased elsewhere) -- Fix a theoretical class of infinite loops from DirectLex reported - by Nate Abele -- Work around unnecessary DOMElement type-cast in PH5P that caused errors - in PHP 5.1 -- Work around PHP 4 SimpleTest lack-of-error complaining for one-time-only - HTMLDefinition errors, this may indicate problems with error-collecting - facilities in PHP 5 -- Make ErrorCollectorEMock work in both PHP 4 and PHP 5 -- Make PH5P work with PHP 5.0 by removing unnecessary array parameter typedef -. %Core.AcceptFullDocuments renamed to %Core.ConvertDocumentToFragment - to better communicate its purpose -. Error unit tests can now specify the expectation of no errors. Future - iterations of the harness will be extremely strict about what errors - are allowed -. Extend Injector hooks to allow for more powerful injector routines -. HTMLDefinition->addBlankElement created, as according to the HTMLModule - method -. Doxygen configuration file updated, with minor improvements -. Test runner now checks for similarly named files in conf/ directory too. -. Minor cosmetic change to flush-definition-cache.php: trailing newline is - outputted -. Maintenance script for generating PH5P patch added, original PH5P source - file also added under version control -. Full unit test runner script title made more descriptive with PHP version -. Updated INSTALL file to state that 4.3.7 is the earliest version we - are actively testing - -2.1.2, released 2007-09-03 -! Implemented Object module for trusted users -! Implemented experimental HTML5 parsing mode using PH5P. To use, add - this to your code: - require_once 'HTMLPurifier/Lexer/PH5P.php'; - $config->set('Core', 'LexerImpl', 'PH5P'); - Note that this Lexer introduces some classes not in the HTMLPurifier - namespace. Also, this is PHP5 only. -! CSS property border-spacing implemented -- Fix non-visible parsing error in DirectLex with empty tags that have - slashes inside attribute values. -- Fix typo in CSS definition: border-collapse:seperate; was incorrectly - accepted as valid CSS. Usually non-visible, because this styling is the - default for tables in most browsers. Thanks Brett Zamir for pointing - this out. -- Fix validation errors in configuration form -- Hammer out a bunch of edge-case bugs in the standalone distribution -- Inclusion reflection removed from URISchemeRegistry; you must manually - include any new schema files you wish to use -- Numerous typo fixes in documentation thanks to Brett Zamir -. Unit test refactoring for one logical test per test function -. Config and context parameters in ComplexHarness deprecated: instead, edit - the $config and $context member variables -. HTML wrapper in DOMLex now takes DTD identifiers into account; doesn't - really make a difference, but is good for completeness sake -. merge-library.php script refactored for greater code reusability and - PHP4 compatibility - -2.1.1, released 2007-08-04 -- Fix show-stopper bug in %URI.MakeAbsolute functionality -- Fix PHP4 syntax error in standalone version -. Add prefix directory to include path for standalone, this prevents - other installations from clobbering the standalone's URI schemes -. Single test methods can be invoked by prefixing with __only - -2.1.0, released 2007-08-02 -# flush-htmldefinition-cache.php superseded in favor of a generic - flush-definition-cache.php script, you can clear a specific cache - by passing its name as a parameter to the script -! Phorum mod implemented for HTML Purifier -! With %Core.AggressivelyFixLt, <3 and similar emoticons no longer - trigger HTML removal in PHP5 (DOMLex). This directive is not necessary - for PHP4 (DirectLex). -! Standalone file now available, which greatly reduces the amount of - includes (although there are still a few files that reside in the - standalone folder) -! Relative URIs can now be transformed into their absolute equivalents - using %URI.Base and %URI.MakeAbsolute -! Ruby implemented for XHTML 1.1 -! You can now define custom URI filtering behavior, see enduser-uri-filter.html - for more details -! UTF-8 font names now supported in CSS -- AutoFormatters emit friendly error messages if tags or attributes they - need are not allowed -- ConfigForm's compactification of directive names is now configurable -- AutoParagraph autoformatter algorithm refined after field-testing -- XHTML 1.1 now applies XHTML 1.0 Strict cleanup routines, namely - blockquote wrapping -- Contents of <style> tags removed by default when tags are removed -. HTMLPurifier_Config->getSerial() implemented, this is extremely useful - for output cache invalidation -. ConfigForm printer now can retrieve CSS and JS files as strings, in - case HTML Purifier's directory is not publically accessible -. Introduce new text/itext configuration directive values: these represent - longer strings that would be more appropriately edited with a textarea -. Allow newlines to act as separators for lists, hashes, lookups and - %HTML.Allowed -. ConfigForm generates textareas instead of text inputs for lists, hashes, - lookups, text and itext fields -. Hidden element content removal genericized: %Core.HiddenElements can - be used to customize this behavior, by default <script> and <style> are - hidden -. Added HTMLPURIFIER_PREFIX constant, should be used instead of dirname(__FILE__) -. Custom ChildDef added to default include list -. URIScheme reflection improved: will not attempt to include file if class - already exists. May clobber autoload, so I need to keep an eye on it -. ConfigSchema heavily optimized, will only collect information and validate - definitions when HTMLPURIFIER_SCHEMA_STRICT is true. -. AttrDef_URI unit tests and implementation refactored -. benchmarks/ directory now protected from public view with .htaccess file; - run the tests via command line -. URI scheme is munged off if there is no authority and the scheme is the - default one -. All unit tests inherit from HTMLPurifier_Harness, not UnitTestCase -. Interface for URIScheme changed -. Generic URI object to hold components of URI added, most systems involved - in URI validation have been migrated to use it -. Custom filtering for URIs factored out to URIDefinition interface for - maximum extensibility - -2.0.1, released 2007-06-27 -! Tag auto-closing now based on a ChildDef heuristic rather than a - manually set auto_close array; some behavior may change -! Experimental AutoFormat functionality added: auto-paragraph and - linkify your HTML input by setting %AutoFormat.AutoParagraph and - %AutoFormat.Linkify to true -! Newlines normalized internally, and then converted back to the - value of PHP_EOL. If this is not desired, set your newline format - using %Output.Newline. -! Beta error collection, messages are implemented for the most generic - cases involving Lexing or Strategies -- Clean up special case code for <script> tags -- Reorder includes for DefinitionCache decorators, fixes a possible - missing class error -- Fixed bug where manually modified definitions were not saved via cache - (mostly harmless, except for the fact that it would be a little slower) -- Configuration objects with different serials do not clobber each - others when revision numbers are unequal -- Improve Serializer DefinitionCache directory permissions checks -- DefinitionCache no longer throws errors when it encounters old - serial files that do not conform to the current style -- Stray xmlns attributes removed from configuration documentation -- configForm.php smoketest no longer has XSS vulnerability due to - unescaped print_r output -- Printer adheres to configuration's directives on output format -- Fix improperly named form field in ConfigForm printer -. Rewire some test-cases to swallow errors rather than expect them -. HTMLDefinition printer updated with some of the new attributes -. DefinitionCache keys reordered to reflect precedence: version number, - hash, then revision number -. %Core.DefinitionCache renamed to %Cache.DefinitionImpl -. Interlinking in configuration documentation added using - Injector_PurifierLinkify -. Directives now keep track of aliases to themselves -. Error collector now requires a severity to be passed, use PHP's internal - error constants for this -. HTMLPurifier_Config::getAllowedDirectivesForForm implemented, allows - much easier selective embedding of configuration values -. Doctype objects now accept public and system DTD identifiers -. %HTML.Doctype is now constrained by specific values, to specify a custom - doctype use new %HTML.CustomDoctype -. ConfigForm truncates long directives to keep the form small, and does - not re-output namespaces - -2.0.0, released 2007-06-20 -# Completely refactored HTMLModuleManager, decentralizing safety - information -# Transform modules changed to Tidy modules, which offer more flexibility - and better modularization -# Configuration object now finalizes itself when a read operation is - performed on it, ensuring that its internal state stays consistent. - To revert this behavior, you can set the $autoFinalize member variable - off, but it's not recommended. -# New compact syntax for AttrDef objects that can be used to instantiate - new objects via make() -# Definitions (esp. HTMLDefinition) are now cached for a significant - performance boost. You can disable caching by setting %Core.DefinitionCache - to null. You CANNOT edit raw definitions without setting the corresponding - DefinitionID directive (%HTML.DefinitionID for HTMLDefinition). -# Contents between <script> tags are now completely removed if <script> - is not allowed -# Prototype-declarations for Lexer removed in favor of configuration - determination of Lexer implementations. -! HTML Purifier now works in PHP 4.3.2. -! Configuration form-editing API makes tweaking HTMLPurifier_Config a - breeze! -! Configuration directives that accept hashes now allow new string - format: key1:value1,key2:value2 -! ConfigDoc now factored into OOP design -! All deprecated elements now natively supported -! Implement TinyMCE styled whitelist specification format in - %HTML.Allowed -! Config object gives more friendly error messages when things go wrong -! Advanced API implemented: easy functions for creating elements (addElement) - and attributes (addAttribute) on HTMLDefinition -! Add native support for required attributes -- Deprecated and removed EnableRedundantUTF8Cleaning. It didn't even work! -- DOMLex will not emit errors when a custom error handler that does not - honor error_reporting is used -- StrictBlockquote child definition refrains from wrapping whitespace - in tags now. -- Bug resulting from tag transforms to non-allowed elements fixed -- ChildDef_Custom's regex generation has been improved, removing several - false positives -. Unit test for ElementDef created, ElementDef behavior modified to - be more flexible -. Added convenience functions for HTMLModule constructors -. AttrTypes now has accessor functions that should be used instead - of directly manipulating info -. TagTransform_Center deprecated in favor of generic TagTransform_Simple -. Add extra protection in AttrDef_URI against phantom Schemes -. Doctype object added to HTMLDefinition which describes certain aspects - of the operational document type -. Lexer is now pre-emptively included, with a conditional include for the - PHP5 only version. -. HTMLDefinition and CSSDefinition have a common parent class: Definition. -. DirectLex can now track line-numbers -. Preliminary error collector is in place, although no code actually reports - errors yet -. Factor out most of ValidateAttributes to new AttrValidator class - -1.6.1, released 2007-05-05 -! Support for more deprecated attributes via transformations: - + hspace and vspace in img - + size and noshade in hr - + nowrap in td - + clear in br - + align in caption, table, img and hr - + type in ul, ol and li -! DirectLex now preserves text in which a < bracket is followed by - a non-alphanumeric character. This means that certain emoticons - are now preserved. -! %Core.RemoveInvalidImg is now operational, when set to false invalid - images will hang around with an empty src -! target attribute in a tag supported, use %Attr.AllowedFrameTargets - to enable -! CSS property white-space now allows nowrap (supported in all modern - browsers) but not others (which have spotty browser implementations) -! XHTML 1.1 mode now sort-of works without any fatal errors, and - lang is now moved over to xml:lang. -! Attribute transformation smoketest available at smoketests/attrTransform.php -! Transformation of font's size attribute now handles super-large numbers -- Possibly fatal bug with __autoload() fixed in module manager -- Invert HTMLModuleManager->addModule() processing order to check - prefixes first and then the literal module -- Empty strings get converted to empty arrays instead of arrays with - an empty string in them. -- Merging in attribute lists now works. -. Demo script removed: it has been added to the website's repository -. Basic.php script modified to work out of the box -. Refactor AttrTransform classes to reduce duplication -. AttrTransform_TextAlign axed in favor of a more general - AttrTransform_EnumToCSS, refer to HTMLModule/TransformToStrict.php to - see how the new equivalent is implemented -. Unit tests now use exclusively assertIdentical - -1.6.0, released 2007-04-01 -! Support for most common deprecated attributes via transformations: - + bgcolor in td, th, tr and table - + border in img - + name in a and img - + width in td, th and hr - + height in td, th -! Support for CSS attribute 'height' added -! Support for rel and rev attributes in a tags added, use %Attr.AllowedRel - and %Attr.AllowedRev to activate -- You can define ID blacklists using regular expressions via - %Attr.IDBlacklistRegexp -- Error messages are emitted when you attempt to "allow" elements or - attributes that HTML Purifier does not support -- Fix segfault in unit test. The problem is not very reproduceable and - I don't know what causes it, but a six line patch fixed it. - -1.5.0, released 2007-03-23 -! Added a rudimentary I18N and L10N system modeled off MediaWiki. It - doesn't actually do anything yet, but keep your eyes peeled. -! docs/enduser-utf8.html explains how to use UTF-8 and HTML Purifier -! Newly structured HTMLDefinition modeled off of XHTML 1.1 modules. - I am loathe to release beta quality APIs, but this is exactly that; - don't use the internal interfaces if you're not willing to do migration - later on. -- Allow 'x' subtag in language codes -- Fixed buggy chameleon-support for ins and del -. Added support for IDREF attributes (i.e. for) -. Renamed HTMLPurifier_AttrDef_Class to HTMLPurifier_AttrDef_Nmtokens -. Removed context variable ParentType, replaced with IsInline, which - is false when you're not inline and an integer of the parent that - caused you to become inline when you are (so possibly zero) -. Removed ElementDef->type in favor of ElementDef->descendants_are_inline - and HTMLDefinition->content_sets -. StrictBlockquote now reports what elements its supposed to allow, - rather than what it does allow -. Removed HTMLDefinition->info_flow_elements in favor of - HTMLDefinition->content_sets['Flow'] -. Removed redundant "exclusionary" definitions from DTD roster -. StrictBlockquote now requires a construction parameter as if it - were an Required ChildDef, this is the "real" set of allowed elements -. AttrDef partitioned into HTML, CSS and URI segments -. Modify Youtube filter regexp to be multiline -. Require both PHP5 and DOM extension in order to use DOMLex, fixes - some edge cases where a DOMDocument class exists in a PHP4 environment - due to DOM XML extension. - -1.4.1, released 2007-01-21 -! docs/enduser-youtube.html updated according to new functionality -- YouTube IDs can have underscores and dashes - -1.4.0, released 2007-01-21 -! Implemented list-style-image, URIs now allowed in list-style -! Implemented background-image, background-repeat, background-attachment - and background-position CSS properties. Shorthand property background - supports all of these properties. -! Configuration documentation looks nicer -! Added %Core.EscapeNonASCIICharacters to workaround loss of Unicode - characters while %Core.Encoding is set to a non-UTF-8 encoding. -! Support for configuration directive aliases added -! Config object can now be instantiated from ini files -! YouTube preservation code added to the core, with two lines of code - you can add it as a filter to your code. See smoketests/preserveYouTube.php - for sample code. -! Moved SLOW to docs/enduser-slow.html and added code examples -- Replaced version check with functionality check for DOM (thanks Stephen - Khoo) -. Added smoketest 'all.php', which loads all other smoketests via frames -. Implemented AttrDef_CSSURI for url(http://google.com) style declarations -. Added convenient single test selector form on test runner - -1.3.2, released 2006-12-25 -! HTMLPurifier object now accepts configuration arrays, no need to manually - instantiate a configuration object -! Context object now accessible to outside -! Added enduser-youtube.html, explains how to embed YouTube videos. See - also corresponding smoketest preserveYouTube.php. -! Added purifyArray(), which takes a list of HTML and purifies it all -! Added static member variable $version to HTML Purifier with PHP-compatible - version number string. -- Fixed fatal error thrown by upper-cased language attributes -- printDefinition.php: added labels, added better clarification -. HTMLPurifier_Config::create() added, takes mixed variable and converts into - a HTMLPurifier_Config object. - -1.3.1, released 2006-12-06 -! Added HTMLPurifier.func.php stub for a convenient function to call the library -- Fixed bug in RemoveInvalidImg code that caused all images to be dropped - (thanks to .mario for reporting this) -. Standardized all attribute handling variables to attr, made it plural - -1.3.0, released 2006-11-26 -# Invalid images are now removed, rather than replaced with a dud - <img src="" alt="Invalid image" />. Previous behavior can be restored - with new directive %Core.RemoveInvalidImg set to false. -! (X)HTML Strict now supported - + Transparently handles inline elements in block context (blockquote) -! Added GET method to demo for easier validation, added 50kb max input size -! New directive %HTML.BlockWrapper, for block-ifying inline elements -! New directive %HTML.Parent, allows you to only allow inline content -! New directives %HTML.AllowedElements and %HTML.AllowedAttributes to let - users narrow the set of allowed tags -! <li value="4"> and <ul start="2"> now allowed in loose mode -! New directives %URI.DisableExternalResources and %URI.DisableResources -! New directive %Attr.DisableURI, which eliminates all hyperlinking -! New directive %URI.Munge, munges URI so you can use some sort of redirector - service to avoid PageRank leaks or warn users that they are exiting your site. -! Added spiffy new smoketest printDefinition.php, which lets you twiddle with - the configuration settings and see how the internal rules are affected. -! New directive %URI.HostBlacklist for blocking links to bad hosts. - xssAttacks.php smoketest updated accordingly. -- Added missing type to ChildDef_Chameleon -- Remove Tidy option from demo if there is not Tidy available -. ChildDef_Required guards against empty tags -. Lookup table HTMLDefinition->info_flow_elements added -. Added peace-of-mind variable initialization to Strategy_FixNesting -. Added HTMLPurifier->info_parent_def, parent child processing made special -. Added internal documents briefly summarizing future progression of HTML -. HTMLPurifier_Config->getBatch($namespace) added -. More lenient casting to bool from string in HTMLPurifier_ConfigSchema -. Refactored ChildDef classes into their own files - -1.2.0, released 2006-11-19 -# ID attributes now disabled by default. New directives: - + %HTML.EnableAttrID - restores old behavior by allowing IDs - + %Attr.IDPrefix - %Attr.IDBlacklist alternative that munges all user IDs - so that they don't collide with your IDs - + %Attr.IDPrefixLocal - Same as above, but for when there are multiple - instances of user content on the page - + Profuse documentation on how to use these available in docs/enduser-id.txt -! Added MODx plugin <http://modxcms.com/forums/index.php/topic,6604.0.html> -! Added percent encoding normalization -! XSS attacks smoketest given facelift -! Configuration documentation now has table of contents -! Added %URI.DisableExternal, which prevents links to external websites. You - can also use %URI.Host to permit absolute linking to subdomains -! Non-accessible resources (ex. mailto) blocked from embedded URIs (img src) -- Type variable in HTMLDefinition was not being set properly, fixed -- Documentation updated - + TODO added request Phalanger - + TODO added request Native compression - + TODO added request Remove redundant tags - + TODO added possible plaintext formatter for HTML Purifier documentation - + Updated ConfigDoc TODO - + Improved inline comments in AttrDef/Class.php, AttrDef/CSS.php - and AttrDef/Host.php - + Revamped documentation into HTML, along with misc updates -- HTMLPurifier_Context doesn't throw a variable reference error if you attempt - to retrieve a non-existent variable -. Switched to purify()-wide Context object registry -. Refactored unit tests to minimize duplication -. XSS attack sheet updated -. configdoc.xml now has xml:space attached to default value nodes -. Allow configuration directives to permit null values -. Cleaned up test-cases to remove unnecessary swallowErrors() - -1.1.2, released 2006-09-30 -! Add HTMLPurifier.auto.php stub file that configures include_path -- Documentation updated - + INSTALL document rewritten - + TODO added semi-lossy conversion - + API Doxygen docs' file exclusions updated - + Added notes on HTML versus XML attribute whitespace handling - + Noted that HTMLPurifier_ChildDef_Custom isn't being used - + Noted that config object's definitions are cached versions -- Fixed lack of attribute parsing in HTMLPurifier_Lexer_PEARSax3 -- ftp:// URIs now have their typecodes checked -- Hooked up HTMLPurifier_ChildDef_Custom's unit tests (they weren't being run) -. Line endings standardized throughout project (svn:eol-style standardized) -. Refactored parseData() to general Lexer class -. Tester named "HTML Purifier" not "HTMLPurifier" - -1.1.1, released 2006-09-24 -! Configuration option to optionally Tidy up output for indentation to make up - for dropped whitespace by DOMLex (pretty-printing for the entire application - should be done by a page-wide Tidy) -- Various documentation updates -- Fixed parse error in configuration documentation script -- Fixed fatal error in benchmark scripts, slightly augmented -- As far as possible, whitespace is preserved in-between table children -- Sample test-settings.php file included - -1.1.0, released 2006-09-16 -! Directive documentation generation using XSLT -! XHTML can now be turned off, output becomes <br> -- Made URI validator more forgiving: will ignore leading and trailing - quotes, apostrophes and less than or greater than signs. -- Enforce alphanumeric namespace and directive names for configuration. -- Table child definition made more flexible, will fix up poorly ordered elements -. Renamed ConfigDef to ConfigSchema - -1.0.1, released 2006-09-04 -- Fixed slight bug in DOMLex attribute parsing -- Fixed rejection of case-insensitive configuration values when there is a - set of allowed values. This manifested in %Core.Encoding. -- Fixed rejection of inline style declarations that had lots of extra - space in them. This manifested in TinyMCE. - -1.0.0, released 2006-09-01 -! Shorthand CSS properties implemented: font, border, background, list-style -! Basic color keywords translated into hexadecimal values -! Table CSS properties implemented -! Support for charsets other than UTF-8 (defined by iconv) -! Malformed UTF-8 and non-SGML character detection and cleaning implemented -- Fixed broken numeric entity conversion -- API documentation completed -. (HTML|CSS)Definition de-singleton-ized - -1.0.0beta, released 2006-08-16 -! First public release, most functionality implemented. Notable omissions are: - + Shorthand CSS properties - + Table CSS properties - + Deprecated attribute transformations - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/TODO b/vendor/ezyang/htmlpurifier/TODO deleted file mode 100644 index 1afb33cbf..000000000 --- a/vendor/ezyang/htmlpurifier/TODO +++ /dev/null @@ -1,150 +0,0 @@ - -TODO List - -= KEY ==================== - # Flagship - - Regular - ? Maybe I'll Do It -========================== - -If no interest is expressed for a feature that may require a considerable -amount of effort to implement, it may get endlessly delayed. Do not be -afraid to cast your vote for the next feature to be implemented! - -Things to do as soon as possible: - - - http://htmlpurifier.org/phorum/read.php?3,5560,6307#msg-6307 - - Think about allowing explicit order of operations hooks for transforms - - Fix "<.<" bug (trailing < is removed if not EOD) - - Build in better internal state dumps and debugging tools for remote - debugging - - Allowed/Allowed* have strange interactions when both set - ? Transform lone embeds into object tags - - Deprecated config options that emit warnings when you set them (with' - a way of muting the warning if you really want to) - - Make HTML.Trusted work with Output.FlashCompat - - HTML.Trusted and HTML.SafeObject have funny interaction; general - problem is what to do when a module "supersedes" another - (see also tables and basic tables.) This is a little dicier - because HTML.SafeObject has some extra functionality that - trusted might find useful. See http://htmlpurifier.org/phorum/read.php?3,5762,6100 - -FUTURE VERSIONS ---------------- - -4.9 release [OMG CONFIG PONIES] - ! Fix Printer. It's from the old days when we didn't have decent XML classes - ! Factor demo.php into a set of Printer classes, and then create a stub - file for users here (inside the actual HTML Purifier library) - - Fix error handling with form construction - - Do encoding validation in Printers, or at least, where user data comes in - - Config: Add examples to everything (make built-in which also automatically - gives output) - - Add "register" field to config schemas to eliminate dependence on - naming conventions (try to remember why we ultimately decided on tihs) - -5.0 release [HTML 5] - # Swap out code to use html5lib tokenizer and tree-builder - ! Allow turning off of FixNesting and required attribute insertion - -5.1 release [It's All About Trust] (floating) - # Implement untrusted, dangerous elements/attributes - # Implement IDREF support (harder than it seems, since you cannot have - IDREFs to non-existent IDs) - - Implement <area> (client and server side image maps are blocking - on IDREF support) - # Frameset XHTML 1.0 and HTML 4.01 doctypes - - Figure out how to simultaneously set %CSS.Trusted and %HTML.Trusted (?) - -5.2 release [Error'ed] - # Error logging for filtering/cleanup procedures - # Additional support for poorly written HTML - - Microsoft Word HTML cleaning (i.e. MsoNormal, but research essential!) - - Friendly strict handling of <address> (block -> <br>) - - XSS-attempt detection--certain errors are flagged XSS-like - - Append something to duplicate IDs so they're still usable (impl. note: the - dupe detector would also need to detect the suffix as well) - -6.0 release [Beyond HTML] - # Legit token based CSS parsing (will require revamping almost every - AttrDef class). Probably will use CSSTidy - # More control over allowed CSS properties using a modularization - # IRI support (this includes IDN) - - Standardize token armor for all areas of processing - -7.0 release [To XML and Beyond] - - Extended HTML capabilities based on namespacing and tag transforms (COMPLEX) - - Hooks for adding custom processors to custom namespaced tags and - attributes, offer default implementation - - Lots of documentation and samples - -Ongoing - - More refactoring to take advantage of PHP5's facilities - - Refactor unit tests into lots of test methods - - Plugins for major CMSes (COMPLEX) - - phpBB - - Also, a FAQ for extension writers with HTML Purifier - -AutoFormat - - Smileys - - Syntax highlighting (with GeSHi) with <pre> and possibly <?php - - Look at http://drupal.org/project/Modules/category/63 for ideas - -Neat feature related - ! Support exporting configuration, so users can easily tweak settings - in the demo, and then copy-paste into their own setup - - Advanced URI filtering schemes (see docs/proposal-new-directives.txt) - - Allow scoped="scoped" attribute in <style> tags; may be troublesome - because regular CSS has no way of uniquely identifying nodes, so we'd - have to generate IDs - - Explain how to use HTML Purifier in non-PHP languages / create - a simple command line stub (or complicated?) - - Fixes for Firefox's inability to handle COL alignment props (Bug 915) - - Automatically add non-breaking spaces to empty table cells when - empty-cells:show is applied to have compatibility with Internet Explorer - - Table of Contents generation (XHTML Compiler might be reusable). May also - be out-of-band information. - - Full set of color keywords. Also, a way to add onto them without - finalizing the configuration object. - - Write a var_export and memcached DefinitionCache - Denis - - Built-in support for target="_blank" on all external links - - Convert RTL/LTR override characters to <bdo> tags, or vice versa on demand. - Also, enable disabling of directionality - ? Externalize inline CSS to promote clean HTML, proposed by Sander Tekelenburg - ? Remove redundant tags, ex. <u><u>Underlined</u></u>. Implementation notes: - 1. Analyzing which tags to remove duplicants - 2. Ensure attributes are merged into the parent tag - 3. Extend the tag exclusion system to specify whether or not the - contents should be dropped or not (currently, there's code that could do - something like this if it didn't drop the inner text too.) - ? Make AutoParagraph also support paragraph-izing double <br> tags, and not - just double newlines. This is kind of tough to do in the current framework, - though, and might be reasonably approximated by search replacing double <br>s - with newlines before running it through HTML Purifier. - -Maintenance related (slightly boring) - # CHMOD install script for PEAR installs - ! Factor out command line parser into its own class, and unit test it - - Reduce size of internal data-structures (esp. HTMLDefinition) - - Allow merging configurations. Thus, - a -> b -> default - c -> d -> default - becomes - a -> b -> c -> d -> default - Maybe allow more fine-grained tuning of this behavior. Alternatively, - encourage people to use short plist depths before building them up. - - Time PHPT tests - -ChildDef related (very boring) - - Abstract ChildDef_BlockQuote to work with all elements that only - allow blocks in them, required or optional - - Implement lenient <ruby> child validation - -Wontfix - - Non-lossy smart alternate character encoding transformations (unless - patch provided) - - Pretty-printing HTML: users can use Tidy on the output on entire page - - Native content compression, whitespace stripping: use gzip if this is - really important - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/VERSION b/vendor/ezyang/htmlpurifier/VERSION index bcd250ed0..01b73abe5 100644 --- a/vendor/ezyang/htmlpurifier/VERSION +++ b/vendor/ezyang/htmlpurifier/VERSION @@ -1 +1 @@ -4.12.0
\ No newline at end of file +4.13.0
\ No newline at end of file diff --git a/vendor/ezyang/htmlpurifier/WHATSNEW b/vendor/ezyang/htmlpurifier/WHATSNEW deleted file mode 100644 index aec9b37c1..000000000 --- a/vendor/ezyang/htmlpurifier/WHATSNEW +++ /dev/null @@ -1,2 +0,0 @@ -HTML Purifier 4.12.x is a maintenance release which makes -compatibility fixes for PHP 7.4. diff --git a/vendor/ezyang/htmlpurifier/WYSIWYG b/vendor/ezyang/htmlpurifier/WYSIWYG deleted file mode 100644 index c518aacdd..000000000 --- a/vendor/ezyang/htmlpurifier/WYSIWYG +++ /dev/null @@ -1,20 +0,0 @@ - -WYSIWYG - What You See Is What You Get - HTML Purifier: A Pretty Good Fit for TinyMCE and FCKeditor - -Javascript-based WYSIWYG editors, simply stated, are quite amazing. But I've -always been wary about using them due to security issues: they handle the -client-side magic, but once you've been served a piping hot load of unfiltered -HTML, what should be done then? In some situations, you can serve it uncleaned, -since you only offer these facilities to trusted(?) authors. - -Unfortunantely, for blog comments and anonymous input, BBCode, Textile and -other markup languages still reign supreme. Put simply: filtering HTML is -hard work, and these WYSIWYG authors don't offer anything to alleviate that -trouble. Therein lies the solution: - -HTML Purifier is perfect for filtering pure-HTML input from WYSIWYG editors. - -Enough said. - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/composer.json b/vendor/ezyang/htmlpurifier/composer.json index ef4134fdf..0ff86b5df 100644 --- a/vendor/ezyang/htmlpurifier/composer.json +++ b/vendor/ezyang/htmlpurifier/composer.json @@ -20,6 +20,9 @@ }, "autoload": { "psr-0": { "HTMLPurifier": "library/" }, - "files": ["library/HTMLPurifier.composer.php"] + "files": ["library/HTMLPurifier.composer.php"], + "exclude-from-classmap": [ + "/library/HTMLPurifier/Language/" + ] } } diff --git a/vendor/ezyang/htmlpurifier/extras/ConfigDoc/HTMLXSLTProcessor.php b/vendor/ezyang/htmlpurifier/extras/ConfigDoc/HTMLXSLTProcessor.php deleted file mode 100644 index 1cfec5d76..000000000 --- a/vendor/ezyang/htmlpurifier/extras/ConfigDoc/HTMLXSLTProcessor.php +++ /dev/null @@ -1,91 +0,0 @@ -<?php - -/** - * Decorator/extender XSLT processor specifically for HTML documents. - */ -class ConfigDoc_HTMLXSLTProcessor -{ - - /** - * Instance of XSLTProcessor - */ - protected $xsltProcessor; - - public function __construct($proc = false) - { - if ($proc === false) $proc = new XSLTProcessor(); - $this->xsltProcessor = $proc; - } - - /** - * @note Allows a string $xsl filename to be passed - */ - public function importStylesheet($xsl) - { - if (is_string($xsl)) { - $xsl_file = $xsl; - $xsl = new DOMDocument(); - $xsl->load($xsl_file); - } - return $this->xsltProcessor->importStylesheet($xsl); - } - - /** - * Transforms an XML file into compatible XHTML based on the stylesheet - * @param $xml XML DOM tree, or string filename - * @return string HTML output - * @todo Rename to transformToXHTML, as transformToHTML is misleading - */ - public function transformToHTML($xml) - { - if (is_string($xml)) { - $dom = new DOMDocument(); - $dom->load($xml); - } else { - $dom = $xml; - } - $out = $this->xsltProcessor->transformToXML($dom); - - // fudges for HTML backwards compatibility - // assumes that document is XHTML - $out = str_replace('/>', ' />', $out); // <br /> not <br/> - $out = str_replace(' xmlns=""', '', $out); // rm unnecessary xmlns - - if (class_exists('Tidy')) { - // cleanup output - $config = array( - 'indent' => true, - 'output-xhtml' => true, - 'wrap' => 80 - ); - $tidy = new Tidy; - $tidy->parseString($out, $config, 'utf8'); - $tidy->cleanRepair(); - $out = (string) $tidy; - } - - return $out; - } - - /** - * Bulk sets parameters for the XSL stylesheet - * @param array $options Associative array of options to set - */ - public function setParameters($options) - { - foreach ($options as $name => $value) { - $this->xsltProcessor->setParameter('', $name, $value); - } - } - - /** - * Forward any other calls to the XSLT processor - */ - public function __call($name, $arguments) - { - call_user_func_array(array($this->xsltProcessor, $name), $arguments); - } - -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/extras/FSTools.php b/vendor/ezyang/htmlpurifier/extras/FSTools.php deleted file mode 100644 index ce0076316..000000000 --- a/vendor/ezyang/htmlpurifier/extras/FSTools.php +++ /dev/null @@ -1,164 +0,0 @@ -<?php - -/** - * Filesystem tools not provided by default; can recursively create, copy - * and delete folders. Some template methods are provided for extensibility. - * - * @note This class must be instantiated to be used, although it does - * not maintain state. - */ -class FSTools -{ - - private static $singleton; - - /** - * Returns a global instance of FSTools - */ - public static function singleton() - { - if (empty(FSTools::$singleton)) FSTools::$singleton = new FSTools(); - return FSTools::$singleton; - } - - /** - * Sets our global singleton to something else; useful for overloading - * functions. - */ - public static function setSingleton($singleton) - { - FSTools::$singleton = $singleton; - } - - /** - * Recursively creates a directory - * @param string $folder Name of folder to create - * @note Adapted from the PHP manual comment 76612 - */ - public function mkdirr($folder) - { - $folders = preg_split("#[\\\\/]#", $folder); - $base = ''; - for($i = 0, $c = count($folders); $i < $c; $i++) { - if(empty($folders[$i])) { - if (!$i) { - // special case for root level - $base .= DIRECTORY_SEPARATOR; - } - continue; - } - $base .= $folders[$i]; - if(!is_dir($base)){ - $this->mkdir($base); - } - $base .= DIRECTORY_SEPARATOR; - } - } - - /** - * Copy a file, or recursively copy a folder and its contents; modified - * so that copied files, if PHP, have includes removed - * @note Adapted from http://aidanlister.com/repos/v/function.copyr.php - */ - public function copyr($source, $dest) - { - // Simple copy for a file - if (is_file($source)) { - return $this->copy($source, $dest); - } - // Make destination directory - if (!is_dir($dest)) { - $this->mkdir($dest); - } - // Loop through the folder - $dir = $this->dir($source); - while ( false !== ($entry = $dir->read()) ) { - // Skip pointers - if ($entry == '.' || $entry == '..') { - continue; - } - if (!$this->copyable($entry)) { - continue; - } - // Deep copy directories - if ($dest !== "$source/$entry") { - $this->copyr("$source/$entry", "$dest/$entry"); - } - } - // Clean up - $dir->close(); - return true; - } - - /** - * Overloadable function that tests a filename for copyability. By - * default, everything should be copied; you can restrict things to - * ignore hidden files, unreadable files, etc. This function - * applies to copyr(). - */ - public function copyable($file) - { - return true; - } - - /** - * Delete a file, or a folder and its contents - * @note Adapted from http://aidanlister.com/repos/v/function.rmdirr.php - */ - public function rmdirr($dirname) - { - // Sanity check - if (!$this->file_exists($dirname)) { - return false; - } - - // Simple delete for a file - if ($this->is_file($dirname) || $this->is_link($dirname)) { - return $this->unlink($dirname); - } - - // Loop through the folder - $dir = $this->dir($dirname); - while (false !== $entry = $dir->read()) { - // Skip pointers - if ($entry == '.' || $entry == '..') { - continue; - } - // Recurse - $this->rmdirr($dirname . DIRECTORY_SEPARATOR . $entry); - } - - // Clean up - $dir->close(); - return $this->rmdir($dirname); - } - - /** - * Recursively globs a directory. - */ - public function globr($dir, $pattern, $flags = NULL) - { - $files = $this->glob("$dir/$pattern", $flags); - if ($files === false) $files = array(); - $sub_dirs = $this->glob("$dir/*", GLOB_ONLYDIR); - if ($sub_dirs === false) $sub_dirs = array(); - foreach ($sub_dirs as $sub_dir) { - $sub_files = $this->globr($sub_dir, $pattern, $flags); - $files = array_merge($files, $sub_files); - } - return $files; - } - - /** - * Allows for PHP functions to be called and be stubbed. - * @warning This function will not work for functions that need - * to pass references; manually define a stub function for those. - */ - public function __call($name, $args) - { - return call_user_func_array($name, $args); - } - -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/extras/FSTools/File.php b/vendor/ezyang/htmlpurifier/extras/FSTools/File.php deleted file mode 100644 index 6453a7a45..000000000 --- a/vendor/ezyang/htmlpurifier/extras/FSTools/File.php +++ /dev/null @@ -1,141 +0,0 @@ -<?php - -/** - * Represents a file in the filesystem - * - * @warning Be sure to distinguish between get() and write() versus - * read() and put(), the former operates on the entire file, while - * the latter operates on a handle. - */ -class FSTools_File -{ - - /** Filename of file this object represents */ - protected $name; - - /** Handle for the file */ - protected $handle = false; - - /** Instance of FSTools for interfacing with filesystem */ - protected $fs; - - /** - * Filename of file you wish to instantiate. - * @note This file need not exist - */ - public function __construct($name, $fs = false) - { - $this->name = $name; - $this->fs = $fs ? $fs : FSTools::singleton(); - } - - /** Returns the filename of the file. */ - public function getName() {return $this->name;} - - /** Returns directory of the file without trailing slash */ - public function getDirectory() {return $this->fs->dirname($this->name);} - - /** - * Retrieves the contents of a file - * @todo Throw an exception if file doesn't exist - */ - public function get() - { - return $this->fs->file_get_contents($this->name); - } - - /** Writes contents to a file, creates new file if necessary */ - public function write($contents) - { - return $this->fs->file_put_contents($this->name, $contents); - } - - /** Deletes the file */ - public function delete() - { - return $this->fs->unlink($this->name); - } - - /** Returns true if file exists and is a file. */ - public function exists() - { - return $this->fs->is_file($this->name); - } - - /** Returns last file modification time */ - public function getMTime() - { - return $this->fs->filemtime($this->name); - } - - /** - * Chmod a file - * @note We ignore errors because of some weird owner trickery due - * to SVN duality - */ - public function chmod($octal_code) - { - return @$this->fs->chmod($this->name, $octal_code); - } - - /** Opens file's handle */ - public function open($mode) - { - if ($this->handle) $this->close(); - $this->handle = $this->fs->fopen($this->name, $mode); - return true; - } - - /** Closes file's handle */ - public function close() - { - if (!$this->handle) return false; - $status = $this->fs->fclose($this->handle); - $this->handle = false; - return $status; - } - - /** Retrieves a line from an open file, with optional max length $length */ - public function getLine($length = null) - { - if (!$this->handle) $this->open('r'); - if ($length === null) return $this->fs->fgets($this->handle); - else return $this->fs->fgets($this->handle, $length); - } - - /** Retrieves a character from an open file */ - public function getChar() - { - if (!$this->handle) $this->open('r'); - return $this->fs->fgetc($this->handle); - } - - /** Retrieves an $length bytes of data from an open data */ - public function read($length) - { - if (!$this->handle) $this->open('r'); - return $this->fs->fread($this->handle, $length); - } - - /** Writes to an open file */ - public function put($string) - { - if (!$this->handle) $this->open('a'); - return $this->fs->fwrite($this->handle, $string); - } - - /** Returns TRUE if the end of the file has been reached */ - public function eof() - { - if (!$this->handle) return true; - return $this->fs->feof($this->handle); - } - - public function __destruct() - { - if ($this->handle) $this->close(); - } - -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.auto.php b/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.auto.php deleted file mode 100644 index 4016d8afd..000000000 --- a/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.auto.php +++ /dev/null @@ -1,11 +0,0 @@ -<?php - -/** - * This is a stub include that automatically configures the include path. - */ - -set_include_path(dirname(__FILE__) . PATH_SEPARATOR . get_include_path() ); -require_once 'HTMLPurifierExtras.php'; -require_once 'HTMLPurifierExtras.autoload.php'; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.autoload-legacy.php b/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.autoload-legacy.php deleted file mode 100644 index d1485bf2e..000000000 --- a/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.autoload-legacy.php +++ /dev/null @@ -1,15 +0,0 @@ -<?php - -/** - * @file - * Legacy autoloader for systems lacking spl_autoload_register - * - * Must be separate to prevent deprecation warning on PHP 7.2 - */ - -function __autoload($class) -{ - return HTMLPurifierExtras::autoload($class); -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.autoload.php b/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.autoload.php deleted file mode 100644 index 69c909538..000000000 --- a/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.autoload.php +++ /dev/null @@ -1,23 +0,0 @@ -<?php - -/** - * @file - * Convenience file that registers autoload handler for HTML Purifier. - * - * @warning - * This autoloader does not contain the compatibility code seen in - * HTMLPurifier_Bootstrap; the user is expected to make any necessary - * changes to use this library. - */ - -if (function_exists('spl_autoload_register')) { - spl_autoload_register(array('HTMLPurifierExtras', 'autoload')); - if (function_exists('__autoload')) { - // Be polite and ensure that userland autoload gets retained - spl_autoload_register('__autoload'); - } -} elseif (!function_exists('__autoload')) { - require dirname(__FILE__) . '/HTMLPurifierExtras.autoload-legacy.php'; -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.php b/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.php deleted file mode 100644 index 35c2ca7e7..000000000 --- a/vendor/ezyang/htmlpurifier/extras/HTMLPurifierExtras.php +++ /dev/null @@ -1,31 +0,0 @@ -<?php - -/** - * Meta-class for HTML Purifier's extra class hierarchies, similar to - * HTMLPurifier_Bootstrap. - */ -class HTMLPurifierExtras -{ - - public static function autoload($class) - { - $path = HTMLPurifierExtras::getPath($class); - if (!$path) return false; - require $path; - return true; - } - - public static function getPath($class) - { - if ( - strncmp('FSTools', $class, 7) !== 0 && - strncmp('ConfigDoc', $class, 9) !== 0 - ) return false; - // Custom implementations can go here - // Standard implementation: - return str_replace('_', '/', $class) . '.php'; - } - -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/extras/README b/vendor/ezyang/htmlpurifier/extras/README deleted file mode 100644 index 4bfece79e..000000000 --- a/vendor/ezyang/htmlpurifier/extras/README +++ /dev/null @@ -1,32 +0,0 @@ - -HTML Purifier Extras - The Method Behind The Madness! - -The extras/ folder in HTML Purifier contains--you guessed it--extra things -for HTML Purifier. Specifically, these are two extra libraries called -FSTools and ConfigSchema. They're extra for a reason: you don't need them -if you're using HTML Purifier for normal usage: filtering HTML. However, -if you're a developer, and would like to test HTML Purifier, or need to -use one of HTML Purifier's maintenance scripts, chances are they'll need -these libraries. Who knows: maybe you'll find them useful too! - -Here are the libraries: - - -FSTools -------- - -Short for File System Tools, this is a poor-man's object-oriented wrapper for -the filesystem. It currently consists of two classes: - -- FSTools: This is a singleton that contains a manner of useful functions - such as recursive glob, directory removal, etc, as well as the ability - to call arbitrary native PHP functions through it like $FS->fopen(...). - This makes it a lot simpler to mock these filesystem calls for unit testing. - -- FSTools_File: This object represents a single file, and has almost any - method imaginable one would need. - -Check the files themselves for more information. - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier.includes.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier.includes.php index 3158b2b86..151e6752d 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier.includes.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier.includes.php @@ -7,7 +7,7 @@ * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS * FILE, changes will be overwritten the next time the script is run. * - * @version 4.12.0 + * @version 4.13.0 * * @warning * You must *not* include any other HTML Purifier files before this file, diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier.php index 58bbddb02..3c0f8a0ec 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier.php @@ -19,7 +19,7 @@ */ /* - HTML Purifier 4.12.0 - Standards Compliant HTML Filtering + HTML Purifier 4.13.0 - Standards Compliant HTML Filtering Copyright (C) 2006-2008 Edward Z. Yang This library is free software; you can redistribute it and/or @@ -58,12 +58,12 @@ class HTMLPurifier * Version of HTML Purifier. * @type string */ - public $version = '4.12.0'; + public $version = '4.13.0'; /** * Constant with version of HTML Purifier. */ - const VERSION = '4.12.0'; + const VERSION = '4.13.0'; /** * Global configuration object. @@ -240,6 +240,7 @@ class HTMLPurifier public function purifyArray($array_of_html, $config = null) { $context_array = array(); + $array = array(); foreach($array_of_html as $key=>$value){ if (is_array($value)) { $array[$key] = $this->purifyArray($value, $config); diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Number.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Number.php index 8edc159e7..ef49d20fd 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Number.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/AttrDef/CSS/Number.php @@ -69,7 +69,13 @@ class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef return false; } - $left = ltrim($left, '0'); + // Remove leading zeros until positive number or a zero stays left + if (ltrim($left, '0') != '') { + $left = ltrim($left, '0'); + } else { + $left = '0'; + } + $right = rtrim($right, '0'); if ($right === '') { diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php index f569d40c9..3133d8a4f 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Config.php @@ -21,7 +21,7 @@ class HTMLPurifier_Config * HTML Purifier's version * @type string */ - public $version = '4.12.0'; + public $version = '4.13.0'; /** * Whether or not to automatically finalize @@ -408,7 +408,7 @@ class HTMLPurifier_Config * maybeGetRawHTMLDefinition, which is more explicitly * named, instead. * - * @return HTMLPurifier_HTMLDefinition + * @return HTMLPurifier_HTMLDefinition|null */ public function getHTMLDefinition($raw = false, $optimized = false) { @@ -427,7 +427,7 @@ class HTMLPurifier_Config * maybeGetRawCSSDefinition, which is more explicitly * named, instead. * - * @return HTMLPurifier_CSSDefinition + * @return HTMLPurifier_CSSDefinition|null */ public function getCSSDefinition($raw = false, $optimized = false) { @@ -446,7 +446,7 @@ class HTMLPurifier_Config * maybeGetRawURIDefinition, which is more explicitly * named, instead. * - * @return HTMLPurifier_URIDefinition + * @return HTMLPurifier_URIDefinition|null */ public function getURIDefinition($raw = false, $optimized = false) { @@ -468,7 +468,7 @@ class HTMLPurifier_Config * maybe semantics is the "right thing to do." * * @throws HTMLPurifier_Exception - * @return HTMLPurifier_Definition + * @return HTMLPurifier_Definition|null */ public function getDefinition($type, $raw = false, $optimized = false) { @@ -647,7 +647,7 @@ class HTMLPurifier_Config } /** - * @return HTMLPurifier_HTMLDefinition + * @return HTMLPurifier_HTMLDefinition|null */ public function maybeGetRawHTMLDefinition() { @@ -655,7 +655,7 @@ class HTMLPurifier_Config } /** - * @return HTMLPurifier_CSSDefinition + * @return HTMLPurifier_CSSDefinition|null */ public function maybeGetRawCSSDefinition() { @@ -663,7 +663,7 @@ class HTMLPurifier_Config } /** - * @return HTMLPurifier_URIDefinition + * @return HTMLPurifier_URIDefinition|null */ public function maybeGetRawURIDefinition() { diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema.ser b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema.ser index 47bd259b2..a5426c736 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema.ser +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema.ser @@ -1 +1 @@ -O:25:"HTMLPurifier_ConfigSchema":3:{s:8:"defaults";a:126:{s:19:"Attr.AllowedClasses";N;s:24:"Attr.AllowedFrameTargets";a:0:{}s:15:"Attr.AllowedRel";a:0:{}s:15:"Attr.AllowedRev";a:0:{}s:18:"Attr.ClassUseCDATA";N;s:20:"Attr.DefaultImageAlt";N;s:24:"Attr.DefaultInvalidImage";s:0:"";s:27:"Attr.DefaultInvalidImageAlt";s:13:"Invalid image";s:19:"Attr.DefaultTextDir";s:3:"ltr";s:13:"Attr.EnableID";b:0;s:21:"Attr.ForbiddenClasses";a:0:{}s:13:"Attr.ID.HTML5";N;s:16:"Attr.IDBlacklist";a:0:{}s:22:"Attr.IDBlacklistRegexp";N;s:13:"Attr.IDPrefix";s:0:"";s:18:"Attr.IDPrefixLocal";s:0:"";s:24:"AutoFormat.AutoParagraph";b:0;s:17:"AutoFormat.Custom";a:0:{}s:25:"AutoFormat.DisplayLinkURI";b:0;s:18:"AutoFormat.Linkify";b:0;s:33:"AutoFormat.PurifierLinkify.DocURL";s:3:"#%s";s:26:"AutoFormat.PurifierLinkify";b:0;s:32:"AutoFormat.RemoveEmpty.Predicate";a:4:{s:8:"colgroup";a:0:{}s:2:"th";a:0:{}s:2:"td";a:0:{}s:6:"iframe";a:1:{i:0;s:3:"src";}}s:44:"AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions";a:2:{s:2:"td";b:1;s:2:"th";b:1;}s:33:"AutoFormat.RemoveEmpty.RemoveNbsp";b:0;s:22:"AutoFormat.RemoveEmpty";b:0;s:39:"AutoFormat.RemoveSpansWithoutAttributes";b:0;s:19:"CSS.AllowDuplicates";b:0;s:18:"CSS.AllowImportant";b:0;s:15:"CSS.AllowTricky";b:0;s:16:"CSS.AllowedFonts";N;s:21:"CSS.AllowedProperties";N;s:17:"CSS.DefinitionRev";i:1;s:23:"CSS.ForbiddenProperties";a:0:{}s:16:"CSS.MaxImgLength";s:6:"1200px";s:15:"CSS.Proprietary";b:0;s:11:"CSS.Trusted";b:0;s:20:"Cache.DefinitionImpl";s:10:"Serializer";s:20:"Cache.SerializerPath";N;s:27:"Cache.SerializerPermissions";i:493;s:22:"Core.AggressivelyFixLt";b:1;s:29:"Core.AggressivelyRemoveScript";b:1;s:28:"Core.AllowHostnameUnderscore";b:0;s:23:"Core.AllowParseManyTags";b:0;s:18:"Core.CollectErrors";b:0;s:18:"Core.ColorKeywords";a:148:{s:9:"aliceblue";s:7:"#F0F8FF";s:12:"antiquewhite";s:7:"#FAEBD7";s:4:"aqua";s:7:"#00FFFF";s:10:"aquamarine";s:7:"#7FFFD4";s:5:"azure";s:7:"#F0FFFF";s:5:"beige";s:7:"#F5F5DC";s:6:"bisque";s:7:"#FFE4C4";s:5:"black";s:7:"#000000";s:14:"blanchedalmond";s:7:"#FFEBCD";s:4:"blue";s:7:"#0000FF";s:10:"blueviolet";s:7:"#8A2BE2";s:5:"brown";s:7:"#A52A2A";s:9:"burlywood";s:7:"#DEB887";s:9:"cadetblue";s:7:"#5F9EA0";s:10:"chartreuse";s:7:"#7FFF00";s:9:"chocolate";s:7:"#D2691E";s:5:"coral";s:7:"#FF7F50";s:14:"cornflowerblue";s:7:"#6495ED";s:8:"cornsilk";s:7:"#FFF8DC";s:7:"crimson";s:7:"#DC143C";s:4:"cyan";s:7:"#00FFFF";s:8:"darkblue";s:7:"#00008B";s:8:"darkcyan";s:7:"#008B8B";s:13:"darkgoldenrod";s:7:"#B8860B";s:8:"darkgray";s:7:"#A9A9A9";s:8:"darkgrey";s:7:"#A9A9A9";s:9:"darkgreen";s:7:"#006400";s:9:"darkkhaki";s:7:"#BDB76B";s:11:"darkmagenta";s:7:"#8B008B";s:14:"darkolivegreen";s:7:"#556B2F";s:10:"darkorange";s:7:"#FF8C00";s:10:"darkorchid";s:7:"#9932CC";s:7:"darkred";s:7:"#8B0000";s:10:"darksalmon";s:7:"#E9967A";s:12:"darkseagreen";s:7:"#8FBC8F";s:13:"darkslateblue";s:7:"#483D8B";s:13:"darkslategray";s:7:"#2F4F4F";s:13:"darkslategrey";s:7:"#2F4F4F";s:13:"darkturquoise";s:7:"#00CED1";s:10:"darkviolet";s:7:"#9400D3";s:8:"deeppink";s:7:"#FF1493";s:11:"deepskyblue";s:7:"#00BFFF";s:7:"dimgray";s:7:"#696969";s:7:"dimgrey";s:7:"#696969";s:10:"dodgerblue";s:7:"#1E90FF";s:9:"firebrick";s:7:"#B22222";s:11:"floralwhite";s:7:"#FFFAF0";s:11:"forestgreen";s:7:"#228B22";s:7:"fuchsia";s:7:"#FF00FF";s:9:"gainsboro";s:7:"#DCDCDC";s:10:"ghostwhite";s:7:"#F8F8FF";s:4:"gold";s:7:"#FFD700";s:9:"goldenrod";s:7:"#DAA520";s:4:"gray";s:7:"#808080";s:4:"grey";s:7:"#808080";s:5:"green";s:7:"#008000";s:11:"greenyellow";s:7:"#ADFF2F";s:8:"honeydew";s:7:"#F0FFF0";s:7:"hotpink";s:7:"#FF69B4";s:9:"indianred";s:7:"#CD5C5C";s:6:"indigo";s:7:"#4B0082";s:5:"ivory";s:7:"#FFFFF0";s:5:"khaki";s:7:"#F0E68C";s:8:"lavender";s:7:"#E6E6FA";s:13:"lavenderblush";s:7:"#FFF0F5";s:9:"lawngreen";s:7:"#7CFC00";s:12:"lemonchiffon";s:7:"#FFFACD";s:9:"lightblue";s:7:"#ADD8E6";s:10:"lightcoral";s:7:"#F08080";s:9:"lightcyan";s:7:"#E0FFFF";s:20:"lightgoldenrodyellow";s:7:"#FAFAD2";s:9:"lightgray";s:7:"#D3D3D3";s:9:"lightgrey";s:7:"#D3D3D3";s:10:"lightgreen";s:7:"#90EE90";s:9:"lightpink";s:7:"#FFB6C1";s:11:"lightsalmon";s:7:"#FFA07A";s:13:"lightseagreen";s:7:"#20B2AA";s:12:"lightskyblue";s:7:"#87CEFA";s:14:"lightslategray";s:7:"#778899";s:14:"lightslategrey";s:7:"#778899";s:14:"lightsteelblue";s:7:"#B0C4DE";s:11:"lightyellow";s:7:"#FFFFE0";s:4:"lime";s:7:"#00FF00";s:9:"limegreen";s:7:"#32CD32";s:5:"linen";s:7:"#FAF0E6";s:7:"magenta";s:7:"#FF00FF";s:6:"maroon";s:7:"#800000";s:16:"mediumaquamarine";s:7:"#66CDAA";s:10:"mediumblue";s:7:"#0000CD";s:12:"mediumorchid";s:7:"#BA55D3";s:12:"mediumpurple";s:7:"#9370DB";s:14:"mediumseagreen";s:7:"#3CB371";s:15:"mediumslateblue";s:7:"#7B68EE";s:17:"mediumspringgreen";s:7:"#00FA9A";s:15:"mediumturquoise";s:7:"#48D1CC";s:15:"mediumvioletred";s:7:"#C71585";s:12:"midnightblue";s:7:"#191970";s:9:"mintcream";s:7:"#F5FFFA";s:9:"mistyrose";s:7:"#FFE4E1";s:8:"moccasin";s:7:"#FFE4B5";s:11:"navajowhite";s:7:"#FFDEAD";s:4:"navy";s:7:"#000080";s:7:"oldlace";s:7:"#FDF5E6";s:5:"olive";s:7:"#808000";s:9:"olivedrab";s:7:"#6B8E23";s:6:"orange";s:7:"#FFA500";s:9:"orangered";s:7:"#FF4500";s:6:"orchid";s:7:"#DA70D6";s:13:"palegoldenrod";s:7:"#EEE8AA";s:9:"palegreen";s:7:"#98FB98";s:13:"paleturquoise";s:7:"#AFEEEE";s:13:"palevioletred";s:7:"#DB7093";s:10:"papayawhip";s:7:"#FFEFD5";s:9:"peachpuff";s:7:"#FFDAB9";s:4:"peru";s:7:"#CD853F";s:4:"pink";s:7:"#FFC0CB";s:4:"plum";s:7:"#DDA0DD";s:10:"powderblue";s:7:"#B0E0E6";s:6:"purple";s:7:"#800080";s:13:"rebeccapurple";s:7:"#663399";s:3:"red";s:7:"#FF0000";s:9:"rosybrown";s:7:"#BC8F8F";s:9:"royalblue";s:7:"#4169E1";s:11:"saddlebrown";s:7:"#8B4513";s:6:"salmon";s:7:"#FA8072";s:10:"sandybrown";s:7:"#F4A460";s:8:"seagreen";s:7:"#2E8B57";s:8:"seashell";s:7:"#FFF5EE";s:6:"sienna";s:7:"#A0522D";s:6:"silver";s:7:"#C0C0C0";s:7:"skyblue";s:7:"#87CEEB";s:9:"slateblue";s:7:"#6A5ACD";s:9:"slategray";s:7:"#708090";s:9:"slategrey";s:7:"#708090";s:4:"snow";s:7:"#FFFAFA";s:11:"springgreen";s:7:"#00FF7F";s:9:"steelblue";s:7:"#4682B4";s:3:"tan";s:7:"#D2B48C";s:4:"teal";s:7:"#008080";s:7:"thistle";s:7:"#D8BFD8";s:6:"tomato";s:7:"#FF6347";s:9:"turquoise";s:7:"#40E0D0";s:6:"violet";s:7:"#EE82EE";s:5:"wheat";s:7:"#F5DEB3";s:5:"white";s:7:"#FFFFFF";s:10:"whitesmoke";s:7:"#F5F5F5";s:6:"yellow";s:7:"#FFFF00";s:11:"yellowgreen";s:7:"#9ACD32";}s:30:"Core.ConvertDocumentToFragment";b:1;s:36:"Core.DirectLexLineNumberSyncInterval";i:0;s:20:"Core.DisableExcludes";b:0;s:15:"Core.EnableIDNA";b:0;s:13:"Core.Encoding";s:5:"utf-8";s:26:"Core.EscapeInvalidChildren";b:0;s:22:"Core.EscapeInvalidTags";b:0;s:29:"Core.EscapeNonASCIICharacters";b:0;s:19:"Core.HiddenElements";a:2:{s:6:"script";b:1;s:5:"style";b:1;}s:13:"Core.Language";s:2:"en";s:24:"Core.LegacyEntityDecoder";b:0;s:14:"Core.LexerImpl";N;s:24:"Core.MaintainLineNumbers";N;s:22:"Core.NormalizeNewlines";b:1;s:21:"Core.RemoveInvalidImg";b:1;s:33:"Core.RemoveProcessingInstructions";b:0;s:25:"Core.RemoveScriptContents";N;s:13:"Filter.Custom";a:0:{}s:34:"Filter.ExtractStyleBlocks.Escaping";b:1;s:31:"Filter.ExtractStyleBlocks.Scope";N;s:34:"Filter.ExtractStyleBlocks.TidyImpl";N;s:25:"Filter.ExtractStyleBlocks";b:0;s:14:"Filter.YouTube";b:0;s:12:"HTML.Allowed";N;s:22:"HTML.AllowedAttributes";N;s:20:"HTML.AllowedComments";a:0:{}s:26:"HTML.AllowedCommentsRegexp";N;s:20:"HTML.AllowedElements";N;s:19:"HTML.AllowedModules";N;s:23:"HTML.Attr.Name.UseCDATA";b:0;s:17:"HTML.BlockWrapper";s:1:"p";s:16:"HTML.CoreModules";a:7:{s:9:"Structure";b:1;s:4:"Text";b:1;s:9:"Hypertext";b:1;s:4:"List";b:1;s:22:"NonXMLCommonAttributes";b:1;s:19:"XMLCommonAttributes";b:1;s:16:"CommonAttributes";b:1;}s:18:"HTML.CustomDoctype";N;s:17:"HTML.DefinitionID";N;s:18:"HTML.DefinitionRev";i:1;s:12:"HTML.Doctype";N;s:25:"HTML.FlashAllowFullScreen";b:0;s:24:"HTML.ForbiddenAttributes";a:0:{}s:22:"HTML.ForbiddenElements";a:0:{}s:17:"HTML.MaxImgLength";i:1200;s:13:"HTML.Nofollow";b:0;s:11:"HTML.Parent";s:3:"div";s:16:"HTML.Proprietary";b:0;s:14:"HTML.SafeEmbed";b:0;s:15:"HTML.SafeIframe";b:0;s:15:"HTML.SafeObject";b:0;s:18:"HTML.SafeScripting";a:0:{}s:11:"HTML.Strict";b:0;s:16:"HTML.TargetBlank";b:0;s:19:"HTML.TargetNoopener";b:1;s:21:"HTML.TargetNoreferrer";b:1;s:12:"HTML.TidyAdd";a:0:{}s:14:"HTML.TidyLevel";s:6:"medium";s:15:"HTML.TidyRemove";a:0:{}s:12:"HTML.Trusted";b:0;s:10:"HTML.XHTML";b:1;s:28:"Output.CommentScriptContents";b:1;s:19:"Output.FixInnerHTML";b:1;s:18:"Output.FlashCompat";b:0;s:14:"Output.Newline";N;s:15:"Output.SortAttr";b:0;s:17:"Output.TidyFormat";b:0;s:17:"Test.ForceNoIconv";b:0;s:18:"URI.AllowedSchemes";a:7:{s:4:"http";b:1;s:5:"https";b:1;s:6:"mailto";b:1;s:3:"ftp";b:1;s:4:"nntp";b:1;s:4:"news";b:1;s:3:"tel";b:1;}s:8:"URI.Base";N;s:17:"URI.DefaultScheme";s:4:"http";s:16:"URI.DefinitionID";N;s:17:"URI.DefinitionRev";i:1;s:11:"URI.Disable";b:0;s:19:"URI.DisableExternal";b:0;s:28:"URI.DisableExternalResources";b:0;s:20:"URI.DisableResources";b:0;s:8:"URI.Host";N;s:17:"URI.HostBlacklist";a:0:{}s:16:"URI.MakeAbsolute";b:0;s:9:"URI.Munge";N;s:18:"URI.MungeResources";b:0;s:18:"URI.MungeSecretKey";N;s:26:"URI.OverrideAllowedSchemes";b:1;s:20:"URI.SafeIframeRegexp";N;}s:12:"defaultPlist";O:25:"HTMLPurifier_PropertyList":3:{s:7:" +O:25:"HTMLPurifier_ConfigSchema":3:{s:8:"defaults";a:127:{s:19:"Attr.AllowedClasses";N;s:24:"Attr.AllowedFrameTargets";a:0:{}s:15:"Attr.AllowedRel";a:0:{}s:15:"Attr.AllowedRev";a:0:{}s:18:"Attr.ClassUseCDATA";N;s:20:"Attr.DefaultImageAlt";N;s:24:"Attr.DefaultInvalidImage";s:0:"";s:27:"Attr.DefaultInvalidImageAlt";s:13:"Invalid image";s:19:"Attr.DefaultTextDir";s:3:"ltr";s:13:"Attr.EnableID";b:0;s:21:"Attr.ForbiddenClasses";a:0:{}s:13:"Attr.ID.HTML5";N;s:16:"Attr.IDBlacklist";a:0:{}s:22:"Attr.IDBlacklistRegexp";N;s:13:"Attr.IDPrefix";s:0:"";s:18:"Attr.IDPrefixLocal";s:0:"";s:24:"AutoFormat.AutoParagraph";b:0;s:17:"AutoFormat.Custom";a:0:{}s:25:"AutoFormat.DisplayLinkURI";b:0;s:18:"AutoFormat.Linkify";b:0;s:33:"AutoFormat.PurifierLinkify.DocURL";s:3:"#%s";s:26:"AutoFormat.PurifierLinkify";b:0;s:32:"AutoFormat.RemoveEmpty.Predicate";a:4:{s:8:"colgroup";a:0:{}s:2:"th";a:0:{}s:2:"td";a:0:{}s:6:"iframe";a:1:{i:0;s:3:"src";}}s:44:"AutoFormat.RemoveEmpty.RemoveNbsp.Exceptions";a:2:{s:2:"td";b:1;s:2:"th";b:1;}s:33:"AutoFormat.RemoveEmpty.RemoveNbsp";b:0;s:22:"AutoFormat.RemoveEmpty";b:0;s:39:"AutoFormat.RemoveSpansWithoutAttributes";b:0;s:19:"CSS.AllowDuplicates";b:0;s:18:"CSS.AllowImportant";b:0;s:15:"CSS.AllowTricky";b:0;s:16:"CSS.AllowedFonts";N;s:21:"CSS.AllowedProperties";N;s:17:"CSS.DefinitionRev";i:1;s:23:"CSS.ForbiddenProperties";a:0:{}s:16:"CSS.MaxImgLength";s:6:"1200px";s:15:"CSS.Proprietary";b:0;s:11:"CSS.Trusted";b:0;s:20:"Cache.DefinitionImpl";s:10:"Serializer";s:20:"Cache.SerializerPath";N;s:27:"Cache.SerializerPermissions";i:493;s:22:"Core.AggressivelyFixLt";b:1;s:29:"Core.AggressivelyRemoveScript";b:1;s:28:"Core.AllowHostnameUnderscore";b:0;s:23:"Core.AllowParseManyTags";b:0;s:18:"Core.CollectErrors";b:0;s:18:"Core.ColorKeywords";a:148:{s:9:"aliceblue";s:7:"#F0F8FF";s:12:"antiquewhite";s:7:"#FAEBD7";s:4:"aqua";s:7:"#00FFFF";s:10:"aquamarine";s:7:"#7FFFD4";s:5:"azure";s:7:"#F0FFFF";s:5:"beige";s:7:"#F5F5DC";s:6:"bisque";s:7:"#FFE4C4";s:5:"black";s:7:"#000000";s:14:"blanchedalmond";s:7:"#FFEBCD";s:4:"blue";s:7:"#0000FF";s:10:"blueviolet";s:7:"#8A2BE2";s:5:"brown";s:7:"#A52A2A";s:9:"burlywood";s:7:"#DEB887";s:9:"cadetblue";s:7:"#5F9EA0";s:10:"chartreuse";s:7:"#7FFF00";s:9:"chocolate";s:7:"#D2691E";s:5:"coral";s:7:"#FF7F50";s:14:"cornflowerblue";s:7:"#6495ED";s:8:"cornsilk";s:7:"#FFF8DC";s:7:"crimson";s:7:"#DC143C";s:4:"cyan";s:7:"#00FFFF";s:8:"darkblue";s:7:"#00008B";s:8:"darkcyan";s:7:"#008B8B";s:13:"darkgoldenrod";s:7:"#B8860B";s:8:"darkgray";s:7:"#A9A9A9";s:8:"darkgrey";s:7:"#A9A9A9";s:9:"darkgreen";s:7:"#006400";s:9:"darkkhaki";s:7:"#BDB76B";s:11:"darkmagenta";s:7:"#8B008B";s:14:"darkolivegreen";s:7:"#556B2F";s:10:"darkorange";s:7:"#FF8C00";s:10:"darkorchid";s:7:"#9932CC";s:7:"darkred";s:7:"#8B0000";s:10:"darksalmon";s:7:"#E9967A";s:12:"darkseagreen";s:7:"#8FBC8F";s:13:"darkslateblue";s:7:"#483D8B";s:13:"darkslategray";s:7:"#2F4F4F";s:13:"darkslategrey";s:7:"#2F4F4F";s:13:"darkturquoise";s:7:"#00CED1";s:10:"darkviolet";s:7:"#9400D3";s:8:"deeppink";s:7:"#FF1493";s:11:"deepskyblue";s:7:"#00BFFF";s:7:"dimgray";s:7:"#696969";s:7:"dimgrey";s:7:"#696969";s:10:"dodgerblue";s:7:"#1E90FF";s:9:"firebrick";s:7:"#B22222";s:11:"floralwhite";s:7:"#FFFAF0";s:11:"forestgreen";s:7:"#228B22";s:7:"fuchsia";s:7:"#FF00FF";s:9:"gainsboro";s:7:"#DCDCDC";s:10:"ghostwhite";s:7:"#F8F8FF";s:4:"gold";s:7:"#FFD700";s:9:"goldenrod";s:7:"#DAA520";s:4:"gray";s:7:"#808080";s:4:"grey";s:7:"#808080";s:5:"green";s:7:"#008000";s:11:"greenyellow";s:7:"#ADFF2F";s:8:"honeydew";s:7:"#F0FFF0";s:7:"hotpink";s:7:"#FF69B4";s:9:"indianred";s:7:"#CD5C5C";s:6:"indigo";s:7:"#4B0082";s:5:"ivory";s:7:"#FFFFF0";s:5:"khaki";s:7:"#F0E68C";s:8:"lavender";s:7:"#E6E6FA";s:13:"lavenderblush";s:7:"#FFF0F5";s:9:"lawngreen";s:7:"#7CFC00";s:12:"lemonchiffon";s:7:"#FFFACD";s:9:"lightblue";s:7:"#ADD8E6";s:10:"lightcoral";s:7:"#F08080";s:9:"lightcyan";s:7:"#E0FFFF";s:20:"lightgoldenrodyellow";s:7:"#FAFAD2";s:9:"lightgray";s:7:"#D3D3D3";s:9:"lightgrey";s:7:"#D3D3D3";s:10:"lightgreen";s:7:"#90EE90";s:9:"lightpink";s:7:"#FFB6C1";s:11:"lightsalmon";s:7:"#FFA07A";s:13:"lightseagreen";s:7:"#20B2AA";s:12:"lightskyblue";s:7:"#87CEFA";s:14:"lightslategray";s:7:"#778899";s:14:"lightslategrey";s:7:"#778899";s:14:"lightsteelblue";s:7:"#B0C4DE";s:11:"lightyellow";s:7:"#FFFFE0";s:4:"lime";s:7:"#00FF00";s:9:"limegreen";s:7:"#32CD32";s:5:"linen";s:7:"#FAF0E6";s:7:"magenta";s:7:"#FF00FF";s:6:"maroon";s:7:"#800000";s:16:"mediumaquamarine";s:7:"#66CDAA";s:10:"mediumblue";s:7:"#0000CD";s:12:"mediumorchid";s:7:"#BA55D3";s:12:"mediumpurple";s:7:"#9370DB";s:14:"mediumseagreen";s:7:"#3CB371";s:15:"mediumslateblue";s:7:"#7B68EE";s:17:"mediumspringgreen";s:7:"#00FA9A";s:15:"mediumturquoise";s:7:"#48D1CC";s:15:"mediumvioletred";s:7:"#C71585";s:12:"midnightblue";s:7:"#191970";s:9:"mintcream";s:7:"#F5FFFA";s:9:"mistyrose";s:7:"#FFE4E1";s:8:"moccasin";s:7:"#FFE4B5";s:11:"navajowhite";s:7:"#FFDEAD";s:4:"navy";s:7:"#000080";s:7:"oldlace";s:7:"#FDF5E6";s:5:"olive";s:7:"#808000";s:9:"olivedrab";s:7:"#6B8E23";s:6:"orange";s:7:"#FFA500";s:9:"orangered";s:7:"#FF4500";s:6:"orchid";s:7:"#DA70D6";s:13:"palegoldenrod";s:7:"#EEE8AA";s:9:"palegreen";s:7:"#98FB98";s:13:"paleturquoise";s:7:"#AFEEEE";s:13:"palevioletred";s:7:"#DB7093";s:10:"papayawhip";s:7:"#FFEFD5";s:9:"peachpuff";s:7:"#FFDAB9";s:4:"peru";s:7:"#CD853F";s:4:"pink";s:7:"#FFC0CB";s:4:"plum";s:7:"#DDA0DD";s:10:"powderblue";s:7:"#B0E0E6";s:6:"purple";s:7:"#800080";s:13:"rebeccapurple";s:7:"#663399";s:3:"red";s:7:"#FF0000";s:9:"rosybrown";s:7:"#BC8F8F";s:9:"royalblue";s:7:"#4169E1";s:11:"saddlebrown";s:7:"#8B4513";s:6:"salmon";s:7:"#FA8072";s:10:"sandybrown";s:7:"#F4A460";s:8:"seagreen";s:7:"#2E8B57";s:8:"seashell";s:7:"#FFF5EE";s:6:"sienna";s:7:"#A0522D";s:6:"silver";s:7:"#C0C0C0";s:7:"skyblue";s:7:"#87CEEB";s:9:"slateblue";s:7:"#6A5ACD";s:9:"slategray";s:7:"#708090";s:9:"slategrey";s:7:"#708090";s:4:"snow";s:7:"#FFFAFA";s:11:"springgreen";s:7:"#00FF7F";s:9:"steelblue";s:7:"#4682B4";s:3:"tan";s:7:"#D2B48C";s:4:"teal";s:7:"#008080";s:7:"thistle";s:7:"#D8BFD8";s:6:"tomato";s:7:"#FF6347";s:9:"turquoise";s:7:"#40E0D0";s:6:"violet";s:7:"#EE82EE";s:5:"wheat";s:7:"#F5DEB3";s:5:"white";s:7:"#FFFFFF";s:10:"whitesmoke";s:7:"#F5F5F5";s:6:"yellow";s:7:"#FFFF00";s:11:"yellowgreen";s:7:"#9ACD32";}s:30:"Core.ConvertDocumentToFragment";b:1;s:36:"Core.DirectLexLineNumberSyncInterval";i:0;s:20:"Core.DisableExcludes";b:0;s:15:"Core.EnableIDNA";b:0;s:13:"Core.Encoding";s:5:"utf-8";s:26:"Core.EscapeInvalidChildren";b:0;s:22:"Core.EscapeInvalidTags";b:0;s:29:"Core.EscapeNonASCIICharacters";b:0;s:19:"Core.HiddenElements";a:2:{s:6:"script";b:1;s:5:"style";b:1;}s:13:"Core.Language";s:2:"en";s:24:"Core.LegacyEntityDecoder";b:0;s:14:"Core.LexerImpl";N;s:24:"Core.MaintainLineNumbers";N;s:22:"Core.NormalizeNewlines";b:1;s:21:"Core.RemoveInvalidImg";b:1;s:33:"Core.RemoveProcessingInstructions";b:0;s:25:"Core.RemoveScriptContents";N;s:13:"Filter.Custom";a:0:{}s:34:"Filter.ExtractStyleBlocks.Escaping";b:1;s:31:"Filter.ExtractStyleBlocks.Scope";N;s:34:"Filter.ExtractStyleBlocks.TidyImpl";N;s:25:"Filter.ExtractStyleBlocks";b:0;s:14:"Filter.YouTube";b:0;s:12:"HTML.Allowed";N;s:22:"HTML.AllowedAttributes";N;s:20:"HTML.AllowedComments";a:0:{}s:26:"HTML.AllowedCommentsRegexp";N;s:20:"HTML.AllowedElements";N;s:19:"HTML.AllowedModules";N;s:23:"HTML.Attr.Name.UseCDATA";b:0;s:17:"HTML.BlockWrapper";s:1:"p";s:16:"HTML.CoreModules";a:7:{s:9:"Structure";b:1;s:4:"Text";b:1;s:9:"Hypertext";b:1;s:4:"List";b:1;s:22:"NonXMLCommonAttributes";b:1;s:19:"XMLCommonAttributes";b:1;s:16:"CommonAttributes";b:1;}s:18:"HTML.CustomDoctype";N;s:17:"HTML.DefinitionID";N;s:18:"HTML.DefinitionRev";i:1;s:12:"HTML.Doctype";N;s:25:"HTML.FlashAllowFullScreen";b:0;s:24:"HTML.ForbiddenAttributes";a:0:{}s:22:"HTML.ForbiddenElements";a:0:{}s:10:"HTML.Forms";b:0;s:17:"HTML.MaxImgLength";i:1200;s:13:"HTML.Nofollow";b:0;s:11:"HTML.Parent";s:3:"div";s:16:"HTML.Proprietary";b:0;s:14:"HTML.SafeEmbed";b:0;s:15:"HTML.SafeIframe";b:0;s:15:"HTML.SafeObject";b:0;s:18:"HTML.SafeScripting";a:0:{}s:11:"HTML.Strict";b:0;s:16:"HTML.TargetBlank";b:0;s:19:"HTML.TargetNoopener";b:1;s:21:"HTML.TargetNoreferrer";b:1;s:12:"HTML.TidyAdd";a:0:{}s:14:"HTML.TidyLevel";s:6:"medium";s:15:"HTML.TidyRemove";a:0:{}s:12:"HTML.Trusted";b:0;s:10:"HTML.XHTML";b:1;s:28:"Output.CommentScriptContents";b:1;s:19:"Output.FixInnerHTML";b:1;s:18:"Output.FlashCompat";b:0;s:14:"Output.Newline";N;s:15:"Output.SortAttr";b:0;s:17:"Output.TidyFormat";b:0;s:17:"Test.ForceNoIconv";b:0;s:18:"URI.AllowedSchemes";a:7:{s:4:"http";b:1;s:5:"https";b:1;s:6:"mailto";b:1;s:3:"ftp";b:1;s:4:"nntp";b:1;s:4:"news";b:1;s:3:"tel";b:1;}s:8:"URI.Base";N;s:17:"URI.DefaultScheme";s:4:"http";s:16:"URI.DefinitionID";N;s:17:"URI.DefinitionRev";i:1;s:11:"URI.Disable";b:0;s:19:"URI.DisableExternal";b:0;s:28:"URI.DisableExternalResources";b:0;s:20:"URI.DisableResources";b:0;s:8:"URI.Host";N;s:17:"URI.HostBlacklist";a:0:{}s:16:"URI.MakeAbsolute";b:0;s:9:"URI.Munge";N;s:18:"URI.MungeResources";b:0;s:18:"URI.MungeSecretKey";N;s:26:"URI.OverrideAllowedSchemes";b:1;s:20:"URI.SafeIframeRegexp";N;}s:12:"defaultPlist";O:25:"HTMLPurifier_PropertyList":3:{s:7:" diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt new file mode 100644 index 000000000..4a432d89b --- /dev/null +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/ConfigSchema/schema/HTML.Forms.txt @@ -0,0 +1,11 @@ +HTML.Forms +TYPE: bool +VERSION: 4.13.0 +DEFAULT: false +--DESCRIPTION-- +<p> + Whether or not to permit form elements in the user input, regardless of + %HTML.Trusted value. Please be very careful when using this functionality, as + enabling forms in untrusted documents may allow for phishing attacks. +</p> +--# vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Forms.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Forms.php index 6f7ddbc05..eb0edcffd 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Forms.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Forms.php @@ -28,6 +28,10 @@ class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule */ public function setup($config) { + if ($config->get('HTML.Forms')) { + $this->safe = true; + } + $form = $this->addElement( 'form', 'Form', diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php index c4f16a4dc..700a25dbc 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/HTMLModule/Tidy/XHTMLAndHTML4.php @@ -96,6 +96,7 @@ class HTMLPurifier_HTMLModule_Tidy_XHTMLAndHTML4 extends HTMLPurifier_HTMLModule // @bgcolor for table, tr, td, th --------------------------------- $r['table@bgcolor'] = + $r['tr@bgcolor'] = $r['td@bgcolor'] = $r['th@bgcolor'] = new HTMLPurifier_AttrTransform_BgColor(); diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/classes/en-x-test.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/classes/en-x-test.php deleted file mode 100644 index 8828f5cde..000000000 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/classes/en-x-test.php +++ /dev/null @@ -1,9 +0,0 @@ -<?php - -// private class for unit testing - -class HTMLPurifier_Language_en_x_test extends HTMLPurifier_Language -{ -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-test.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-test.php deleted file mode 100644 index dd5f5024f..000000000 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-test.php +++ /dev/null @@ -1,13 +0,0 @@ -<?php - -// private language message file for unit testing purposes - -$fallback = 'en'; - -$messages = array( - 'HTMLPurifier' => 'HTML Purifier X' -); - -$errorNames = array(); - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-testmini.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-testmini.php deleted file mode 100644 index e1e7db500..000000000 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Language/messages/en-x-testmini.php +++ /dev/null @@ -1,14 +0,0 @@ -<?php - -// private language message file for unit testing purposes -// this language file has no class associated with it - -$fallback = 'en'; - -$messages = array( - 'HTMLPurifier' => 'HTML Purifier XNone' -); - -$errorNames = array(); - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Printer/HTMLDefinition.php b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Printer/HTMLDefinition.php index 5f2f2f8a7..ae8639176 100644 --- a/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Printer/HTMLDefinition.php +++ b/vendor/ezyang/htmlpurifier/library/HTMLPurifier/Printer/HTMLDefinition.php @@ -43,8 +43,8 @@ class HTMLPurifier_Printer_HTMLDefinition extends HTMLPurifier_Printer $ret .= $this->element('caption', 'Doctype'); $ret .= $this->row('Name', $doctype->name); $ret .= $this->row('XML', $doctype->xml ? 'Yes' : 'No'); - $ret .= $this->row('Default Modules', implode($doctype->modules, ', ')); - $ret .= $this->row('Default Tidy Modules', implode($doctype->tidyModules, ', ')); + $ret .= $this->row('Default Modules', implode(', ', $doctype->modules)); + $ret .= $this->row('Default Tidy Modules', implode(', ', $doctype->tidyModules)); $ret .= $this->end('table'); return $ret; } diff --git a/vendor/ezyang/htmlpurifier/maintenance/.htaccess b/vendor/ezyang/htmlpurifier/maintenance/.htaccess deleted file mode 100644 index 8f6c14146..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/.htaccess +++ /dev/null @@ -1,7 +0,0 @@ -<IfModule mod_authz_core.c> - Require all denied -</IfModule> - -<IfModule !mod_authz_core.c> - Deny from all -</ifModule> diff --git a/vendor/ezyang/htmlpurifier/maintenance/PH5P.patch b/vendor/ezyang/htmlpurifier/maintenance/PH5P.patch deleted file mode 100644 index 763709509..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/PH5P.patch +++ /dev/null @@ -1,102 +0,0 @@ ---- C:\Users\Edward\Webs\htmlpurifier\maintenance\PH5P.php 2008-07-07 09:12:12.000000000 -0400 -+++ C:\Users\Edward\Webs\htmlpurifier\maintenance/PH5P.new.php 2008-12-06 02:29:34.988800000 -0500 -@@ -65,7 +65,7 @@ - - public function __construct($data) { - $data = str_replace("\r\n", "\n", $data); -- $date = str_replace("\r", null, $data); -+ $data = str_replace("\r", null, $data); - - $this->data = $data; - $this->char = -1; -@@ -211,7 +211,10 @@ - // If nothing is returned, emit a U+0026 AMPERSAND character token. - // Otherwise, emit the character token that was returned. - $char = (!$entity) ? '&' : $entity; -- $this->emitToken($char); -+ $this->emitToken(array( -+ 'type' => self::CHARACTR, -+ 'data' => $char -+ )); - - // Finally, switch to the data state. - $this->state = 'data'; -@@ -708,7 +711,7 @@ - } elseif($char === '&') { - /* U+0026 AMPERSAND (&) - Switch to the entity in attribute value state. */ -- $this->entityInAttributeValueState('non'); -+ $this->entityInAttributeValueState(); - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) -@@ -738,7 +741,8 @@ - ? '&' - : $entity; - -- $this->emitToken($char); -+ $last = count($this->token['attr']) - 1; -+ $this->token['attr'][$last]['value'] .= $char; - } - - private function bogusCommentState() { -@@ -1066,6 +1070,11 @@ - $this->char++; - - if(in_array($id, $this->entities)) { -+ if ($e_name[$c-1] !== ';') { -+ if ($c < $len && $e_name[$c] == ';') { -+ $this->char++; // consume extra semicolon -+ } -+ } - $entity = $id; - break; - } -@@ -2084,7 +2093,7 @@ - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - -- $this->insertElement($token); -+ $this->insertElement($token, true, true); - break; - } - break; -@@ -3465,7 +3474,18 @@ - } - } - -- private function insertElement($token, $append = true) { -+ private function insertElement($token, $append = true, $check = false) { -+ // Proprietary workaround for libxml2's limitations with tag names -+ if ($check) { -+ // Slightly modified HTML5 tag-name modification, -+ // removing anything that's not an ASCII letter, digit, or hyphen -+ $token['name'] = preg_replace('/[^a-z0-9-]/i', '', $token['name']); -+ // Remove leading hyphens and numbers -+ $token['name'] = ltrim($token['name'], '-0..9'); -+ // In theory, this should ever be needed, but just in case -+ if ($token['name'] === '') $token['name'] = 'span'; // arbitrary generic choice -+ } -+ - $el = $this->dom->createElement($token['name']); - - foreach($token['attr'] as $attr) { -@@ -3659,7 +3679,7 @@ - } - } - -- private function generateImpliedEndTags(array $exclude = array()) { -+ private function generateImpliedEndTags($exclude = array()) { - /* When the steps below require the UA to generate implied end tags, - then, if the current node is a dd element, a dt element, an li element, - a p element, a td element, a th element, or a tr element, the UA must -@@ -3673,7 +3693,8 @@ - } - } - -- private function getElementCategory($name) { -+ private function getElementCategory($node) { -+ $name = $node->tagName; - if(in_array($name, $this->special)) - return self::SPECIAL; - diff --git a/vendor/ezyang/htmlpurifier/maintenance/PH5P.php b/vendor/ezyang/htmlpurifier/maintenance/PH5P.php deleted file mode 100644 index a04273e01..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/PH5P.php +++ /dev/null @@ -1,3889 +0,0 @@ -<?php -class HTML5 -{ - private $data; - private $char; - private $EOF; - private $state; - private $tree; - private $token; - private $content_model; - private $escape = false; - private $entities = array('AElig;','AElig','AMP;','AMP','Aacute;','Aacute', - 'Acirc;','Acirc','Agrave;','Agrave','Alpha;','Aring;','Aring','Atilde;', - 'Atilde','Auml;','Auml','Beta;','COPY;','COPY','Ccedil;','Ccedil','Chi;', - 'Dagger;','Delta;','ETH;','ETH','Eacute;','Eacute','Ecirc;','Ecirc','Egrave;', - 'Egrave','Epsilon;','Eta;','Euml;','Euml','GT;','GT','Gamma;','Iacute;', - 'Iacute','Icirc;','Icirc','Igrave;','Igrave','Iota;','Iuml;','Iuml','Kappa;', - 'LT;','LT','Lambda;','Mu;','Ntilde;','Ntilde','Nu;','OElig;','Oacute;', - 'Oacute','Ocirc;','Ocirc','Ograve;','Ograve','Omega;','Omicron;','Oslash;', - 'Oslash','Otilde;','Otilde','Ouml;','Ouml','Phi;','Pi;','Prime;','Psi;', - 'QUOT;','QUOT','REG;','REG','Rho;','Scaron;','Sigma;','THORN;','THORN', - 'TRADE;','Tau;','Theta;','Uacute;','Uacute','Ucirc;','Ucirc','Ugrave;', - 'Ugrave','Upsilon;','Uuml;','Uuml','Xi;','Yacute;','Yacute','Yuml;','Zeta;', - 'aacute;','aacute','acirc;','acirc','acute;','acute','aelig;','aelig', - 'agrave;','agrave','alefsym;','alpha;','amp;','amp','and;','ang;','apos;', - 'aring;','aring','asymp;','atilde;','atilde','auml;','auml','bdquo;','beta;', - 'brvbar;','brvbar','bull;','cap;','ccedil;','ccedil','cedil;','cedil', - 'cent;','cent','chi;','circ;','clubs;','cong;','copy;','copy','crarr;', - 'cup;','curren;','curren','dArr;','dagger;','darr;','deg;','deg','delta;', - 'diams;','divide;','divide','eacute;','eacute','ecirc;','ecirc','egrave;', - 'egrave','empty;','emsp;','ensp;','epsilon;','equiv;','eta;','eth;','eth', - 'euml;','euml','euro;','exist;','fnof;','forall;','frac12;','frac12', - 'frac14;','frac14','frac34;','frac34','frasl;','gamma;','ge;','gt;','gt', - 'hArr;','harr;','hearts;','hellip;','iacute;','iacute','icirc;','icirc', - 'iexcl;','iexcl','igrave;','igrave','image;','infin;','int;','iota;', - 'iquest;','iquest','isin;','iuml;','iuml','kappa;','lArr;','lambda;','lang;', - 'laquo;','laquo','larr;','lceil;','ldquo;','le;','lfloor;','lowast;','loz;', - 'lrm;','lsaquo;','lsquo;','lt;','lt','macr;','macr','mdash;','micro;','micro', - 'middot;','middot','minus;','mu;','nabla;','nbsp;','nbsp','ndash;','ne;', - 'ni;','not;','not','notin;','nsub;','ntilde;','ntilde','nu;','oacute;', - 'oacute','ocirc;','ocirc','oelig;','ograve;','ograve','oline;','omega;', - 'omicron;','oplus;','or;','ordf;','ordf','ordm;','ordm','oslash;','oslash', - 'otilde;','otilde','otimes;','ouml;','ouml','para;','para','part;','permil;', - 'perp;','phi;','pi;','piv;','plusmn;','plusmn','pound;','pound','prime;', - 'prod;','prop;','psi;','quot;','quot','rArr;','radic;','rang;','raquo;', - 'raquo','rarr;','rceil;','rdquo;','real;','reg;','reg','rfloor;','rho;', - 'rlm;','rsaquo;','rsquo;','sbquo;','scaron;','sdot;','sect;','sect','shy;', - 'shy','sigma;','sigmaf;','sim;','spades;','sub;','sube;','sum;','sup1;', - 'sup1','sup2;','sup2','sup3;','sup3','sup;','supe;','szlig;','szlig','tau;', - 'there4;','theta;','thetasym;','thinsp;','thorn;','thorn','tilde;','times;', - 'times','trade;','uArr;','uacute;','uacute','uarr;','ucirc;','ucirc', - 'ugrave;','ugrave','uml;','uml','upsih;','upsilon;','uuml;','uuml','weierp;', - 'xi;','yacute;','yacute','yen;','yen','yuml;','yuml','zeta;','zwj;','zwnj;'); - - const PCDATA = 0; - const RCDATA = 1; - const CDATA = 2; - const PLAINTEXT = 3; - - const DOCTYPE = 0; - const STARTTAG = 1; - const ENDTAG = 2; - const COMMENT = 3; - const CHARACTR = 4; - const EOF = 5; - - public function __construct($data) - { - $data = str_replace("\r\n", "\n", $data); - $date = str_replace("\r", null, $data); - - $this->data = $data; - $this->char = -1; - $this->EOF = strlen($data); - $this->tree = new HTML5TreeConstructer; - $this->content_model = self::PCDATA; - - $this->state = 'data'; - - while($this->state !== null) { - $this->{$this->state.'State'}(); - } - } - - public function save() - { - return $this->tree->save(); - } - - private function char() - { - return ($this->char < $this->EOF) - ? $this->data[$this->char] - : false; - } - - private function character($s, $l = 0) - { - if($s + $l < $this->EOF) { - if($l === 0) { - return $this->data[$s]; - } else { - return substr($this->data, $s, $l); - } - } - } - - private function characters($char_class, $start) - { - return preg_replace('#^(['.$char_class.']+).*#s', '\\1', substr($this->data, $start)); - } - - private function dataState() - { - // Consume the next input character - $this->char++; - $char = $this->char(); - - if($char === '&' && ($this->content_model === self::PCDATA || $this->content_model === self::RCDATA)) { - /* U+0026 AMPERSAND (&) - When the content model flag is set to one of the PCDATA or RCDATA - states: switch to the entity data state. Otherwise: treat it as per - the "anything else" entry below. */ - $this->state = 'entityData'; - - } elseif($char === '-') { - /* If the content model flag is set to either the RCDATA state or - the CDATA state, and the escape flag is false, and there are at - least three characters before this one in the input stream, and the - last four characters in the input stream, including this one, are - U+003C LESS-THAN SIGN, U+0021 EXCLAMATION MARK, U+002D HYPHEN-MINUS, - and U+002D HYPHEN-MINUS ("<!--"), then set the escape flag to true. */ - if(($this->content_model === self::RCDATA || $this->content_model === - self::CDATA) && $this->escape === false && - $this->char >= 3 && $this->character($this->char - 4, 4) === '<!--') { - $this->escape = true; - } - - /* In any case, emit the input character as a character token. Stay - in the data state. */ - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => $char - )); - - /* U+003C LESS-THAN SIGN (<) */ - } elseif($char === '<' && ($this->content_model === self::PCDATA || - (($this->content_model === self::RCDATA || - $this->content_model === self::CDATA) && $this->escape === false))) { - /* When the content model flag is set to the PCDATA state: switch - to the tag open state. - - When the content model flag is set to either the RCDATA state or - the CDATA state and the escape flag is false: switch to the tag - open state. - - Otherwise: treat it as per the "anything else" entry below. */ - $this->state = 'tagOpen'; - - /* U+003E GREATER-THAN SIGN (>) */ - } elseif($char === '>') { - /* If the content model flag is set to either the RCDATA state or - the CDATA state, and the escape flag is true, and the last three - characters in the input stream including this one are U+002D - HYPHEN-MINUS, U+002D HYPHEN-MINUS, U+003E GREATER-THAN SIGN ("-->"), - set the escape flag to false. */ - if(($this->content_model === self::RCDATA || - $this->content_model === self::CDATA) && $this->escape === true && - $this->character($this->char, 3) === '-->') { - $this->escape = false; - } - - /* In any case, emit the input character as a character token. - Stay in the data state. */ - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => $char - )); - - } elseif($this->char === $this->EOF) { - /* EOF - Emit an end-of-file token. */ - $this->EOF(); - - } elseif($this->content_model === self::PLAINTEXT) { - /* When the content model flag is set to the PLAINTEXT state - THIS DIFFERS GREATLY FROM THE SPEC: Get the remaining characters of - the text and emit it as a character token. */ - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => substr($this->data, $this->char) - )); - - $this->EOF(); - - } else { - /* Anything else - THIS DIFFERS GREATLY FROM THE SPEC: Get as many character that - otherwise would also be treated as a character token and emit it - as a single character token. Stay in the data state. */ - $len = strcspn($this->data, '<&', $this->char); - $char = substr($this->data, $this->char, $len); - $this->char += $len - 1; - - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => $char - )); - - $this->state = 'data'; - } - } - - private function entityDataState() - { - // Attempt to consume an entity. - $entity = $this->entity(); - - // If nothing is returned, emit a U+0026 AMPERSAND character token. - // Otherwise, emit the character token that was returned. - $char = (!$entity) ? '&' : $entity; - $this->emitToken($char); - - // Finally, switch to the data state. - $this->state = 'data'; - } - - private function tagOpenState() - { - switch($this->content_model) { - case self::RCDATA: - case self::CDATA: - /* If the next input character is a U+002F SOLIDUS (/) character, - consume it and switch to the close tag open state. If the next - input character is not a U+002F SOLIDUS (/) character, emit a - U+003C LESS-THAN SIGN character token and switch to the data - state to process the next input character. */ - if($this->character($this->char + 1) === '/') { - $this->char++; - $this->state = 'closeTagOpen'; - - } else { - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => '<' - )); - - $this->state = 'data'; - } - break; - - case self::PCDATA: - // If the content model flag is set to the PCDATA state - // Consume the next input character: - $this->char++; - $char = $this->char(); - - if($char === '!') { - /* U+0021 EXCLAMATION MARK (!) - Switch to the markup declaration open state. */ - $this->state = 'markupDeclarationOpen'; - - } elseif($char === '/') { - /* U+002F SOLIDUS (/) - Switch to the close tag open state. */ - $this->state = 'closeTagOpen'; - - } elseif(preg_match('/^[A-Za-z]$/', $char)) { - /* U+0041 LATIN LETTER A through to U+005A LATIN LETTER Z - Create a new start tag token, set its tag name to the lowercase - version of the input character (add 0x0020 to the character's code - point), then switch to the tag name state. (Don't emit the token - yet; further details will be filled in before it is emitted.) */ - $this->token = array( - 'name' => strtolower($char), - 'type' => self::STARTTAG, - 'attr' => array() - ); - - $this->state = 'tagName'; - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) - Parse error. Emit a U+003C LESS-THAN SIGN character token and a - U+003E GREATER-THAN SIGN character token. Switch to the data state. */ - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => '<>' - )); - - $this->state = 'data'; - - } elseif($char === '?') { - /* U+003F QUESTION MARK (?) - Parse error. Switch to the bogus comment state. */ - $this->state = 'bogusComment'; - - } else { - /* Anything else - Parse error. Emit a U+003C LESS-THAN SIGN character token and - reconsume the current input character in the data state. */ - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => '<' - )); - - $this->char--; - $this->state = 'data'; - } - break; - } - } - - private function closeTagOpenState() - { - $next_node = strtolower($this->characters('A-Za-z', $this->char + 1)); - $the_same = count($this->tree->stack) > 0 && $next_node === end($this->tree->stack)->nodeName; - - if(($this->content_model === self::RCDATA || $this->content_model === self::CDATA) && - (!$the_same || ($the_same && (!preg_match('/[\t\n\x0b\x0c >\/]/', - $this->character($this->char + 1 + strlen($next_node))) || $this->EOF === $this->char)))) { - /* If the content model flag is set to the RCDATA or CDATA states then - examine the next few characters. If they do not match the tag name of - the last start tag token emitted (case insensitively), or if they do but - they are not immediately followed by one of the following characters: - * U+0009 CHARACTER TABULATION - * U+000A LINE FEED (LF) - * U+000B LINE TABULATION - * U+000C FORM FEED (FF) - * U+0020 SPACE - * U+003E GREATER-THAN SIGN (>) - * U+002F SOLIDUS (/) - * EOF - ...then there is a parse error. Emit a U+003C LESS-THAN SIGN character - token, a U+002F SOLIDUS character token, and switch to the data state - to process the next input character. */ - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => '</' - )); - - $this->state = 'data'; - - } else { - /* Otherwise, if the content model flag is set to the PCDATA state, - or if the next few characters do match that tag name, consume the - next input character: */ - $this->char++; - $char = $this->char(); - - if(preg_match('/^[A-Za-z]$/', $char)) { - /* U+0041 LATIN LETTER A through to U+005A LATIN LETTER Z - Create a new end tag token, set its tag name to the lowercase version - of the input character (add 0x0020 to the character's code point), then - switch to the tag name state. (Don't emit the token yet; further details - will be filled in before it is emitted.) */ - $this->token = array( - 'name' => strtolower($char), - 'type' => self::ENDTAG - ); - - $this->state = 'tagName'; - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) - Parse error. Switch to the data state. */ - $this->state = 'data'; - - } elseif($this->char === $this->EOF) { - /* EOF - Parse error. Emit a U+003C LESS-THAN SIGN character token and a U+002F - SOLIDUS character token. Reconsume the EOF character in the data state. */ - $this->emitToken(array( - 'type' => self::CHARACTR, - 'data' => '</' - )); - - $this->char--; - $this->state = 'data'; - - } else { - /* Parse error. Switch to the bogus comment state. */ - $this->state = 'bogusComment'; - } - } - } - - private function tagNameState() - { - // Consume the next input character: - $this->char++; - $char = $this->character($this->char); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - /* U+0009 CHARACTER TABULATION - U+000A LINE FEED (LF) - U+000B LINE TABULATION - U+000C FORM FEED (FF) - U+0020 SPACE - Switch to the before attribute name state. */ - $this->state = 'beforeAttributeName'; - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) - Emit the current tag token. Switch to the data state. */ - $this->emitToken($this->token); - $this->state = 'data'; - - } elseif($this->char === $this->EOF) { - /* EOF - Parse error. Emit the current tag token. Reconsume the EOF - character in the data state. */ - $this->emitToken($this->token); - - $this->char--; - $this->state = 'data'; - - } elseif($char === '/') { - /* U+002F SOLIDUS (/) - Parse error unless this is a permitted slash. Switch to the before - attribute name state. */ - $this->state = 'beforeAttributeName'; - - } else { - /* Anything else - Append the current input character to the current tag token's tag name. - Stay in the tag name state. */ - $this->token['name'] .= strtolower($char); - $this->state = 'tagName'; - } - } - - private function beforeAttributeNameState() - { - // Consume the next input character: - $this->char++; - $char = $this->character($this->char); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - /* U+0009 CHARACTER TABULATION - U+000A LINE FEED (LF) - U+000B LINE TABULATION - U+000C FORM FEED (FF) - U+0020 SPACE - Stay in the before attribute name state. */ - $this->state = 'beforeAttributeName'; - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) - Emit the current tag token. Switch to the data state. */ - $this->emitToken($this->token); - $this->state = 'data'; - - } elseif($char === '/') { - /* U+002F SOLIDUS (/) - Parse error unless this is a permitted slash. Stay in the before - attribute name state. */ - $this->state = 'beforeAttributeName'; - - } elseif($this->char === $this->EOF) { - /* EOF - Parse error. Emit the current tag token. Reconsume the EOF - character in the data state. */ - $this->emitToken($this->token); - - $this->char--; - $this->state = 'data'; - - } else { - /* Anything else - Start a new attribute in the current tag token. Set that attribute's - name to the current input character, and its value to the empty string. - Switch to the attribute name state. */ - $this->token['attr'][] = array( - 'name' => strtolower($char), - 'value' => null - ); - - $this->state = 'attributeName'; - } - } - - private function attributeNameState() - { - // Consume the next input character: - $this->char++; - $char = $this->character($this->char); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - /* U+0009 CHARACTER TABULATION - U+000A LINE FEED (LF) - U+000B LINE TABULATION - U+000C FORM FEED (FF) - U+0020 SPACE - Stay in the before attribute name state. */ - $this->state = 'afterAttributeName'; - - } elseif($char === '=') { - /* U+003D EQUALS SIGN (=) - Switch to the before attribute value state. */ - $this->state = 'beforeAttributeValue'; - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) - Emit the current tag token. Switch to the data state. */ - $this->emitToken($this->token); - $this->state = 'data'; - - } elseif($char === '/' && $this->character($this->char + 1) !== '>') { - /* U+002F SOLIDUS (/) - Parse error unless this is a permitted slash. Switch to the before - attribute name state. */ - $this->state = 'beforeAttributeName'; - - } elseif($this->char === $this->EOF) { - /* EOF - Parse error. Emit the current tag token. Reconsume the EOF - character in the data state. */ - $this->emitToken($this->token); - - $this->char--; - $this->state = 'data'; - - } else { - /* Anything else - Append the current input character to the current attribute's name. - Stay in the attribute name state. */ - $last = count($this->token['attr']) - 1; - $this->token['attr'][$last]['name'] .= strtolower($char); - - $this->state = 'attributeName'; - } - } - - private function afterAttributeNameState() - { - // Consume the next input character: - $this->char++; - $char = $this->character($this->char); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - /* U+0009 CHARACTER TABULATION - U+000A LINE FEED (LF) - U+000B LINE TABULATION - U+000C FORM FEED (FF) - U+0020 SPACE - Stay in the after attribute name state. */ - $this->state = 'afterAttributeName'; - - } elseif($char === '=') { - /* U+003D EQUALS SIGN (=) - Switch to the before attribute value state. */ - $this->state = 'beforeAttributeValue'; - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) - Emit the current tag token. Switch to the data state. */ - $this->emitToken($this->token); - $this->state = 'data'; - - } elseif($char === '/' && $this->character($this->char + 1) !== '>') { - /* U+002F SOLIDUS (/) - Parse error unless this is a permitted slash. Switch to the - before attribute name state. */ - $this->state = 'beforeAttributeName'; - - } elseif($this->char === $this->EOF) { - /* EOF - Parse error. Emit the current tag token. Reconsume the EOF - character in the data state. */ - $this->emitToken($this->token); - - $this->char--; - $this->state = 'data'; - - } else { - /* Anything else - Start a new attribute in the current tag token. Set that attribute's - name to the current input character, and its value to the empty string. - Switch to the attribute name state. */ - $this->token['attr'][] = array( - 'name' => strtolower($char), - 'value' => null - ); - - $this->state = 'attributeName'; - } - } - - private function beforeAttributeValueState() - { - // Consume the next input character: - $this->char++; - $char = $this->character($this->char); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - /* U+0009 CHARACTER TABULATION - U+000A LINE FEED (LF) - U+000B LINE TABULATION - U+000C FORM FEED (FF) - U+0020 SPACE - Stay in the before attribute value state. */ - $this->state = 'beforeAttributeValue'; - - } elseif($char === '"') { - /* U+0022 QUOTATION MARK (") - Switch to the attribute value (double-quoted) state. */ - $this->state = 'attributeValueDoubleQuoted'; - - } elseif($char === '&') { - /* U+0026 AMPERSAND (&) - Switch to the attribute value (unquoted) state and reconsume - this input character. */ - $this->char--; - $this->state = 'attributeValueUnquoted'; - - } elseif($char === '\'') { - /* U+0027 APOSTROPHE (') - Switch to the attribute value (single-quoted) state. */ - $this->state = 'attributeValueSingleQuoted'; - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) - Emit the current tag token. Switch to the data state. */ - $this->emitToken($this->token); - $this->state = 'data'; - - } else { - /* Anything else - Append the current input character to the current attribute's value. - Switch to the attribute value (unquoted) state. */ - $last = count($this->token['attr']) - 1; - $this->token['attr'][$last]['value'] .= $char; - - $this->state = 'attributeValueUnquoted'; - } - } - - private function attributeValueDoubleQuotedState() - { - // Consume the next input character: - $this->char++; - $char = $this->character($this->char); - - if($char === '"') { - /* U+0022 QUOTATION MARK (") - Switch to the before attribute name state. */ - $this->state = 'beforeAttributeName'; - - } elseif($char === '&') { - /* U+0026 AMPERSAND (&) - Switch to the entity in attribute value state. */ - $this->entityInAttributeValueState('double'); - - } elseif($this->char === $this->EOF) { - /* EOF - Parse error. Emit the current tag token. Reconsume the character - in the data state. */ - $this->emitToken($this->token); - - $this->char--; - $this->state = 'data'; - - } else { - /* Anything else - Append the current input character to the current attribute's value. - Stay in the attribute value (double-quoted) state. */ - $last = count($this->token['attr']) - 1; - $this->token['attr'][$last]['value'] .= $char; - - $this->state = 'attributeValueDoubleQuoted'; - } - } - - private function attributeValueSingleQuotedState() - { - // Consume the next input character: - $this->char++; - $char = $this->character($this->char); - - if($char === '\'') { - /* U+0022 QUOTATION MARK (') - Switch to the before attribute name state. */ - $this->state = 'beforeAttributeName'; - - } elseif($char === '&') { - /* U+0026 AMPERSAND (&) - Switch to the entity in attribute value state. */ - $this->entityInAttributeValueState('single'); - - } elseif($this->char === $this->EOF) { - /* EOF - Parse error. Emit the current tag token. Reconsume the character - in the data state. */ - $this->emitToken($this->token); - - $this->char--; - $this->state = 'data'; - - } else { - /* Anything else - Append the current input character to the current attribute's value. - Stay in the attribute value (single-quoted) state. */ - $last = count($this->token['attr']) - 1; - $this->token['attr'][$last]['value'] .= $char; - - $this->state = 'attributeValueSingleQuoted'; - } - } - - private function attributeValueUnquotedState() - { - // Consume the next input character: - $this->char++; - $char = $this->character($this->char); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - /* U+0009 CHARACTER TABULATION - U+000A LINE FEED (LF) - U+000B LINE TABULATION - U+000C FORM FEED (FF) - U+0020 SPACE - Switch to the before attribute name state. */ - $this->state = 'beforeAttributeName'; - - } elseif($char === '&') { - /* U+0026 AMPERSAND (&) - Switch to the entity in attribute value state. */ - $this->entityInAttributeValueState('non'); - - } elseif($char === '>') { - /* U+003E GREATER-THAN SIGN (>) - Emit the current tag token. Switch to the data state. */ - $this->emitToken($this->token); - $this->state = 'data'; - - } else { - /* Anything else - Append the current input character to the current attribute's value. - Stay in the attribute value (unquoted) state. */ - $last = count($this->token['attr']) - 1; - $this->token['attr'][$last]['value'] .= $char; - - $this->state = 'attributeValueUnquoted'; - } - } - - private function entityInAttributeValueState() - { - // Attempt to consume an entity. - $entity = $this->entity(); - - // If nothing is returned, append a U+0026 AMPERSAND character to the - // current attribute's value. Otherwise, emit the character token that - // was returned. - $char = (!$entity) - ? '&' - : $entity; - - $this->emitToken($char); - } - - private function bogusCommentState() - { - /* Consume every character up to the first U+003E GREATER-THAN SIGN - character (>) or the end of the file (EOF), whichever comes first. Emit - a comment token whose data is the concatenation of all the characters - starting from and including the character that caused the state machine - to switch into the bogus comment state, up to and including the last - consumed character before the U+003E character, if any, or up to the - end of the file otherwise. (If the comment was started by the end of - the file (EOF), the token is empty.) */ - $data = $this->characters('^>', $this->char); - $this->emitToken(array( - 'data' => $data, - 'type' => self::COMMENT - )); - - $this->char += strlen($data); - - /* Switch to the data state. */ - $this->state = 'data'; - - /* If the end of the file was reached, reconsume the EOF character. */ - if($this->char === $this->EOF) { - $this->char = $this->EOF - 1; - } - } - - private function markupDeclarationOpenState() - { - /* If the next two characters are both U+002D HYPHEN-MINUS (-) - characters, consume those two characters, create a comment token whose - data is the empty string, and switch to the comment state. */ - if($this->character($this->char + 1, 2) === '--') { - $this->char += 2; - $this->state = 'comment'; - $this->token = array( - 'data' => null, - 'type' => self::COMMENT - ); - - /* Otherwise if the next seven chacacters are a case-insensitive match - for the word "DOCTYPE", then consume those characters and switch to the - DOCTYPE state. */ - } elseif(strtolower($this->character($this->char + 1, 7)) === 'doctype') { - $this->char += 7; - $this->state = 'doctype'; - - /* Otherwise, is is a parse error. Switch to the bogus comment state. - The next character that is consumed, if any, is the first character - that will be in the comment. */ - } else { - $this->char++; - $this->state = 'bogusComment'; - } - } - - private function commentState() - { - /* Consume the next input character: */ - $this->char++; - $char = $this->char(); - - /* U+002D HYPHEN-MINUS (-) */ - if($char === '-') { - /* Switch to the comment dash state */ - $this->state = 'commentDash'; - - /* EOF */ - } elseif($this->char === $this->EOF) { - /* Parse error. Emit the comment token. Reconsume the EOF character - in the data state. */ - $this->emitToken($this->token); - $this->char--; - $this->state = 'data'; - - /* Anything else */ - } else { - /* Append the input character to the comment token's data. Stay in - the comment state. */ - $this->token['data'] .= $char; - } - } - - private function commentDashState() - { - /* Consume the next input character: */ - $this->char++; - $char = $this->char(); - - /* U+002D HYPHEN-MINUS (-) */ - if($char === '-') { - /* Switch to the comment end state */ - $this->state = 'commentEnd'; - - /* EOF */ - } elseif($this->char === $this->EOF) { - /* Parse error. Emit the comment token. Reconsume the EOF character - in the data state. */ - $this->emitToken($this->token); - $this->char--; - $this->state = 'data'; - - /* Anything else */ - } else { - /* Append a U+002D HYPHEN-MINUS (-) character and the input - character to the comment token's data. Switch to the comment state. */ - $this->token['data'] .= '-'.$char; - $this->state = 'comment'; - } - } - - private function commentEndState() - { - /* Consume the next input character: */ - $this->char++; - $char = $this->char(); - - if($char === '>') { - $this->emitToken($this->token); - $this->state = 'data'; - - } elseif($char === '-') { - $this->token['data'] .= '-'; - - } elseif($this->char === $this->EOF) { - $this->emitToken($this->token); - $this->char--; - $this->state = 'data'; - - } else { - $this->token['data'] .= '--'.$char; - $this->state = 'comment'; - } - } - - private function doctypeState() - { - /* Consume the next input character: */ - $this->char++; - $char = $this->char(); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - $this->state = 'beforeDoctypeName'; - - } else { - $this->char--; - $this->state = 'beforeDoctypeName'; - } - } - - private function beforeDoctypeNameState() - { - /* Consume the next input character: */ - $this->char++; - $char = $this->char(); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - // Stay in the before DOCTYPE name state. - - } elseif(preg_match('/^[a-z]$/', $char)) { - $this->token = array( - 'name' => strtoupper($char), - 'type' => self::DOCTYPE, - 'error' => true - ); - - $this->state = 'doctypeName'; - - } elseif($char === '>') { - $this->emitToken(array( - 'name' => null, - 'type' => self::DOCTYPE, - 'error' => true - )); - - $this->state = 'data'; - - } elseif($this->char === $this->EOF) { - $this->emitToken(array( - 'name' => null, - 'type' => self::DOCTYPE, - 'error' => true - )); - - $this->char--; - $this->state = 'data'; - - } else { - $this->token = array( - 'name' => $char, - 'type' => self::DOCTYPE, - 'error' => true - ); - - $this->state = 'doctypeName'; - } - } - - private function doctypeNameState() - { - /* Consume the next input character: */ - $this->char++; - $char = $this->char(); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - $this->state = 'AfterDoctypeName'; - - } elseif($char === '>') { - $this->emitToken($this->token); - $this->state = 'data'; - - } elseif(preg_match('/^[a-z]$/', $char)) { - $this->token['name'] .= strtoupper($char); - - } elseif($this->char === $this->EOF) { - $this->emitToken($this->token); - $this->char--; - $this->state = 'data'; - - } else { - $this->token['name'] .= $char; - } - - $this->token['error'] = ($this->token['name'] === 'HTML') - ? false - : true; - } - - private function afterDoctypeNameState() - { - /* Consume the next input character: */ - $this->char++; - $char = $this->char(); - - if(preg_match('/^[\t\n\x0b\x0c ]$/', $char)) { - // Stay in the DOCTYPE name state. - - } elseif($char === '>') { - $this->emitToken($this->token); - $this->state = 'data'; - - } elseif($this->char === $this->EOF) { - $this->emitToken($this->token); - $this->char--; - $this->state = 'data'; - - } else { - $this->token['error'] = true; - $this->state = 'bogusDoctype'; - } - } - - private function bogusDoctypeState() - { - /* Consume the next input character: */ - $this->char++; - $char = $this->char(); - - if($char === '>') { - $this->emitToken($this->token); - $this->state = 'data'; - - } elseif($this->char === $this->EOF) { - $this->emitToken($this->token); - $this->char--; - $this->state = 'data'; - - } else { - // Stay in the bogus DOCTYPE state. - } - } - - private function entity() - { - $start = $this->char; - - // This section defines how to consume an entity. This definition is - // used when parsing entities in text and in attributes. - - // The behaviour depends on the identity of the next character (the - // one immediately after the U+0026 AMPERSAND character): - - switch($this->character($this->char + 1)) { - // U+0023 NUMBER SIGN (#) - case '#': - - // The behaviour further depends on the character after the - // U+0023 NUMBER SIGN: - switch($this->character($this->char + 1)) { - // U+0078 LATIN SMALL LETTER X - // U+0058 LATIN CAPITAL LETTER X - case 'x': - case 'X': - // Follow the steps below, but using the range of - // characters U+0030 DIGIT ZERO through to U+0039 DIGIT - // NINE, U+0061 LATIN SMALL LETTER A through to U+0066 - // LATIN SMALL LETTER F, and U+0041 LATIN CAPITAL LETTER - // A, through to U+0046 LATIN CAPITAL LETTER F (in other - // words, 0-9, A-F, a-f). - $char = 1; - $char_class = '0-9A-Fa-f'; - break; - - // Anything else - default: - // Follow the steps below, but using the range of - // characters U+0030 DIGIT ZERO through to U+0039 DIGIT - // NINE (i.e. just 0-9). - $char = 0; - $char_class = '0-9'; - break; - } - - // Consume as many characters as match the range of characters - // given above. - $this->char++; - $e_name = $this->characters($char_class, $this->char + $char + 1); - $entity = $this->character($start, $this->char); - $cond = strlen($e_name) > 0; - - // The rest of the parsing happens below. - break; - - // Anything else - default: - // Consume the maximum number of characters possible, with the - // consumed characters case-sensitively matching one of the - // identifiers in the first column of the entities table. - $e_name = $this->characters('0-9A-Za-z;', $this->char + 1); - $len = strlen($e_name); - - for($c = 1; $c <= $len; $c++) { - $id = substr($e_name, 0, $c); - $this->char++; - - if(in_array($id, $this->entities)) { - $entity = $id; - break; - } - } - - $cond = isset($entity); - // The rest of the parsing happens below. - break; - } - - if(!$cond) { - // If no match can be made, then this is a parse error. No - // characters are consumed, and nothing is returned. - $this->char = $start; - return false; - } - - // Return a character token for the character corresponding to the - // entity name (as given by the second column of the entities table). - return html_entity_decode('&'.$entity.';', ENT_QUOTES, 'UTF-8'); - } - - private function emitToken($token) - { - $emit = $this->tree->emitToken($token); - - if(is_int($emit)) { - $this->content_model = $emit; - - } elseif($token['type'] === self::ENDTAG) { - $this->content_model = self::PCDATA; - } - } - - private function EOF() - { - $this->state = null; - $this->tree->emitToken(array( - 'type' => self::EOF - )); - } -} - -class HTML5TreeConstructer -{ - public $stack = array(); - - private $phase; - private $mode; - private $dom; - private $foster_parent = null; - private $a_formatting = array(); - - private $head_pointer = null; - private $form_pointer = null; - - private $scoping = array('button','caption','html','marquee','object','table','td','th'); - private $formatting = array('a','b','big','em','font','i','nobr','s','small','strike','strong','tt','u'); - private $special = array('address','area','base','basefont','bgsound', - 'blockquote','body','br','center','col','colgroup','dd','dir','div','dl', - 'dt','embed','fieldset','form','frame','frameset','h1','h2','h3','h4','h5', - 'h6','head','hr','iframe','image','img','input','isindex','li','link', - 'listing','menu','meta','noembed','noframes','noscript','ol','optgroup', - 'option','p','param','plaintext','pre','script','select','spacer','style', - 'tbody','textarea','tfoot','thead','title','tr','ul','wbr'); - - // The different phases. - const INIT_PHASE = 0; - const ROOT_PHASE = 1; - const MAIN_PHASE = 2; - const END_PHASE = 3; - - // The different insertion modes for the main phase. - const BEFOR_HEAD = 0; - const IN_HEAD = 1; - const AFTER_HEAD = 2; - const IN_BODY = 3; - const IN_TABLE = 4; - const IN_CAPTION = 5; - const IN_CGROUP = 6; - const IN_TBODY = 7; - const IN_ROW = 8; - const IN_CELL = 9; - const IN_SELECT = 10; - const AFTER_BODY = 11; - const IN_FRAME = 12; - const AFTR_FRAME = 13; - - // The different types of elements. - const SPECIAL = 0; - const SCOPING = 1; - const FORMATTING = 2; - const PHRASING = 3; - - const MARKER = 0; - - public function __construct() - { - $this->phase = self::INIT_PHASE; - $this->mode = self::BEFOR_HEAD; - $this->dom = new DOMDocument; - - $this->dom->encoding = 'UTF-8'; - $this->dom->preserveWhiteSpace = true; - $this->dom->substituteEntities = true; - $this->dom->strictErrorChecking = false; - } - - // Process tag tokens - public function emitToken($token) - { - switch($this->phase) { - case self::INIT_PHASE: return $this->initPhase($token); break; - case self::ROOT_PHASE: return $this->rootElementPhase($token); break; - case self::MAIN_PHASE: return $this->mainPhase($token); break; - case self::END_PHASE : return $this->trailingEndPhase($token); break; - } - } - - private function initPhase($token) - { - /* Initially, the tree construction stage must handle each token - emitted from the tokenisation stage as follows: */ - - /* A DOCTYPE token that is marked as being in error - A comment token - A start tag token - An end tag token - A character token that is not one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE - An end-of-file token */ - if((isset($token['error']) && $token['error']) || - $token['type'] === HTML5::COMMENT || - $token['type'] === HTML5::STARTTAG || - $token['type'] === HTML5::ENDTAG || - $token['type'] === HTML5::EOF || - ($token['type'] === HTML5::CHARACTR && isset($token['data']) && - !preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data']))) { - /* This specification does not define how to handle this case. In - particular, user agents may ignore the entirety of this specification - altogether for such documents, and instead invoke special parse modes - with a greater emphasis on backwards compatibility. */ - - $this->phase = self::ROOT_PHASE; - return $this->rootElementPhase($token); - - /* A DOCTYPE token marked as being correct */ - } elseif(isset($token['error']) && !$token['error']) { - /* Append a DocumentType node to the Document node, with the name - attribute set to the name given in the DOCTYPE token (which will be - "HTML"), and the other attributes specific to DocumentType objects - set to null, empty lists, or the empty string as appropriate. */ - $doctype = new DOMDocumentType(null, null, 'HTML'); - - /* Then, switch to the root element phase of the tree construction - stage. */ - $this->phase = self::ROOT_PHASE; - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE */ - } elseif(isset($token['data']) && preg_match('/^[\t\n\x0b\x0c ]+$/', - $token['data'])) { - /* Append that character to the Document node. */ - $text = $this->dom->createTextNode($token['data']); - $this->dom->appendChild($text); - } - } - - private function rootElementPhase($token) - { - /* After the initial phase, as each token is emitted from the tokenisation - stage, it must be processed as described in this section. */ - - /* A DOCTYPE token */ - if($token['type'] === HTML5::DOCTYPE) { - // Parse error. Ignore the token. - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the Document object with the data - attribute set to the data given in the comment token. */ - $comment = $this->dom->createComment($token['data']); - $this->dom->appendChild($comment); - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE */ - } elseif($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Append that character to the Document node. */ - $text = $this->dom->createTextNode($token['data']); - $this->dom->appendChild($text); - - /* A character token that is not one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED - (FF), or U+0020 SPACE - A start tag token - An end tag token - An end-of-file token */ - } elseif(($token['type'] === HTML5::CHARACTR && - !preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) || - $token['type'] === HTML5::STARTTAG || - $token['type'] === HTML5::ENDTAG || - $token['type'] === HTML5::EOF) { - /* Create an HTMLElement node with the tag name html, in the HTML - namespace. Append it to the Document object. Switch to the main - phase and reprocess the current token. */ - $html = $this->dom->createElement('html'); - $this->dom->appendChild($html); - $this->stack[] = $html; - - $this->phase = self::MAIN_PHASE; - return $this->mainPhase($token); - } - } - - private function mainPhase($token) - { - /* Tokens in the main phase must be handled as follows: */ - - /* A DOCTYPE token */ - if($token['type'] === HTML5::DOCTYPE) { - // Parse error. Ignore the token. - - /* A start tag token with the tag name "html" */ - } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'html') { - /* If this start tag token was not the first start tag token, then - it is a parse error. */ - - /* For each attribute on the token, check to see if the attribute - is already present on the top element of the stack of open elements. - If it is not, add the attribute and its corresponding value to that - element. */ - foreach($token['attr'] as $attr) { - if(!$this->stack[0]->hasAttribute($attr['name'])) { - $this->stack[0]->setAttribute($attr['name'], $attr['value']); - } - } - - /* An end-of-file token */ - } elseif($token['type'] === HTML5::EOF) { - /* Generate implied end tags. */ - $this->generateImpliedEndTags(); - - /* Anything else. */ - } else { - /* Depends on the insertion mode: */ - switch($this->mode) { - case self::BEFOR_HEAD: return $this->beforeHead($token); break; - case self::IN_HEAD: return $this->inHead($token); break; - case self::AFTER_HEAD: return $this->afterHead($token); break; - case self::IN_BODY: return $this->inBody($token); break; - case self::IN_TABLE: return $this->inTable($token); break; - case self::IN_CAPTION: return $this->inCaption($token); break; - case self::IN_CGROUP: return $this->inColumnGroup($token); break; - case self::IN_TBODY: return $this->inTableBody($token); break; - case self::IN_ROW: return $this->inRow($token); break; - case self::IN_CELL: return $this->inCell($token); break; - case self::IN_SELECT: return $this->inSelect($token); break; - case self::AFTER_BODY: return $this->afterBody($token); break; - case self::IN_FRAME: return $this->inFrameset($token); break; - case self::AFTR_FRAME: return $this->afterFrameset($token); break; - case self::END_PHASE: return $this->trailingEndPhase($token); break; - } - } - } - - private function beforeHead($token) - { - /* Handle the token as follows: */ - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE */ - if($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Append the character to the current node. */ - $this->insertText($token['data']); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the current node with the data attribute - set to the data given in the comment token. */ - $this->insertComment($token['data']); - - /* A start tag token with the tag name "head" */ - } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'head') { - /* Create an element for the token, append the new element to the - current node and push it onto the stack of open elements. */ - $element = $this->insertElement($token); - - /* Set the head element pointer to this new element node. */ - $this->head_pointer = $element; - - /* Change the insertion mode to "in head". */ - $this->mode = self::IN_HEAD; - - /* A start tag token whose tag name is one of: "base", "link", "meta", - "script", "style", "title". Or an end tag with the tag name "html". - Or a character token that is not one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE. Or any other start tag token */ - } elseif($token['type'] === HTML5::STARTTAG || - ($token['type'] === HTML5::ENDTAG && $token['name'] === 'html') || - ($token['type'] === HTML5::CHARACTR && !preg_match('/^[\t\n\x0b\x0c ]$/', - $token['data']))) { - /* Act as if a start tag token with the tag name "head" and no - attributes had been seen, then reprocess the current token. */ - $this->beforeHead(array( - 'name' => 'head', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - return $this->inHead($token); - - /* Any other end tag */ - } elseif($token['type'] === HTML5::ENDTAG) { - /* Parse error. Ignore the token. */ - } - } - - private function inHead($token) - { - /* Handle the token as follows: */ - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE. - - THIS DIFFERS FROM THE SPEC: If the current node is either a title, style - or script element, append the character to the current node regardless - of its content. */ - if(($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) || ( - $token['type'] === HTML5::CHARACTR && in_array(end($this->stack)->nodeName, - array('title', 'style', 'script')))) { - /* Append the character to the current node. */ - $this->insertText($token['data']); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the current node with the data attribute - set to the data given in the comment token. */ - $this->insertComment($token['data']); - - } elseif($token['type'] === HTML5::ENDTAG && - in_array($token['name'], array('title', 'style', 'script'))) { - array_pop($this->stack); - return HTML5::PCDATA; - - /* A start tag with the tag name "title" */ - } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'title') { - /* Create an element for the token and append the new element to the - node pointed to by the head element pointer, or, if that is null - (innerHTML case), to the current node. */ - if($this->head_pointer !== null) { - $element = $this->insertElement($token, false); - $this->head_pointer->appendChild($element); - - } else { - $element = $this->insertElement($token); - } - - /* Switch the tokeniser's content model flag to the RCDATA state. */ - return HTML5::RCDATA; - - /* A start tag with the tag name "style" */ - } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'style') { - /* Create an element for the token and append the new element to the - node pointed to by the head element pointer, or, if that is null - (innerHTML case), to the current node. */ - if($this->head_pointer !== null) { - $element = $this->insertElement($token, false); - $this->head_pointer->appendChild($element); - - } else { - $this->insertElement($token); - } - - /* Switch the tokeniser's content model flag to the CDATA state. */ - return HTML5::CDATA; - - /* A start tag with the tag name "script" */ - } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'script') { - /* Create an element for the token. */ - $element = $this->insertElement($token, false); - $this->head_pointer->appendChild($element); - - /* Switch the tokeniser's content model flag to the CDATA state. */ - return HTML5::CDATA; - - /* A start tag with the tag name "base", "link", or "meta" */ - } elseif($token['type'] === HTML5::STARTTAG && in_array($token['name'], - array('base', 'link', 'meta'))) { - /* Create an element for the token and append the new element to the - node pointed to by the head element pointer, or, if that is null - (innerHTML case), to the current node. */ - if($this->head_pointer !== null) { - $element = $this->insertElement($token, false); - $this->head_pointer->appendChild($element); - array_pop($this->stack); - - } else { - $this->insertElement($token); - } - - /* An end tag with the tag name "head" */ - } elseif($token['type'] === HTML5::ENDTAG && $token['name'] === 'head') { - /* If the current node is a head element, pop the current node off - the stack of open elements. */ - if($this->head_pointer->isSameNode(end($this->stack))) { - array_pop($this->stack); - - /* Otherwise, this is a parse error. */ - } else { - // k - } - - /* Change the insertion mode to "after head". */ - $this->mode = self::AFTER_HEAD; - - /* A start tag with the tag name "head" or an end tag except "html". */ - } elseif(($token['type'] === HTML5::STARTTAG && $token['name'] === 'head') || - ($token['type'] === HTML5::ENDTAG && $token['name'] !== 'html')) { - // Parse error. Ignore the token. - - /* Anything else */ - } else { - /* If the current node is a head element, act as if an end tag - token with the tag name "head" had been seen. */ - if($this->head_pointer->isSameNode(end($this->stack))) { - $this->inHead(array( - 'name' => 'head', - 'type' => HTML5::ENDTAG - )); - - /* Otherwise, change the insertion mode to "after head". */ - } else { - $this->mode = self::AFTER_HEAD; - } - - /* Then, reprocess the current token. */ - return $this->afterHead($token); - } - } - - private function afterHead($token) - { - /* Handle the token as follows: */ - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE */ - if($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Append the character to the current node. */ - $this->insertText($token['data']); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the current node with the data attribute - set to the data given in the comment token. */ - $this->insertComment($token['data']); - - /* A start tag token with the tag name "body" */ - } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'body') { - /* Insert a body element for the token. */ - $this->insertElement($token); - - /* Change the insertion mode to "in body". */ - $this->mode = self::IN_BODY; - - /* A start tag token with the tag name "frameset" */ - } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'frameset') { - /* Insert a frameset element for the token. */ - $this->insertElement($token); - - /* Change the insertion mode to "in frameset". */ - $this->mode = self::IN_FRAME; - - /* A start tag token whose tag name is one of: "base", "link", "meta", - "script", "style", "title" */ - } elseif($token['type'] === HTML5::STARTTAG && in_array($token['name'], - array('base', 'link', 'meta', 'script', 'style', 'title'))) { - /* Parse error. Switch the insertion mode back to "in head" and - reprocess the token. */ - $this->mode = self::IN_HEAD; - return $this->inHead($token); - - /* Anything else */ - } else { - /* Act as if a start tag token with the tag name "body" and no - attributes had been seen, and then reprocess the current token. */ - $this->afterHead(array( - 'name' => 'body', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - return $this->inBody($token); - } - } - - private function inBody($token) - { - /* Handle the token as follows: */ - - switch($token['type']) { - /* A character token */ - case HTML5::CHARACTR: - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Append the token's character to the current node. */ - $this->insertText($token['data']); - break; - - /* A comment token */ - case HTML5::COMMENT: - /* Append a Comment node to the current node with the data - attribute set to the data given in the comment token. */ - $this->insertComment($token['data']); - break; - - case HTML5::STARTTAG: - switch($token['name']) { - /* A start tag token whose tag name is one of: "script", - "style" */ - case 'script': case 'style': - /* Process the token as if the insertion mode had been "in - head". */ - return $this->inHead($token); - break; - - /* A start tag token whose tag name is one of: "base", "link", - "meta", "title" */ - case 'base': case 'link': case 'meta': case 'title': - /* Parse error. Process the token as if the insertion mode - had been "in head". */ - return $this->inHead($token); - break; - - /* A start tag token with the tag name "body" */ - case 'body': - /* Parse error. If the second element on the stack of open - elements is not a body element, or, if the stack of open - elements has only one node on it, then ignore the token. - (innerHTML case) */ - if(count($this->stack) === 1 || $this->stack[1]->nodeName !== 'body') { - // Ignore - - /* Otherwise, for each attribute on the token, check to see - if the attribute is already present on the body element (the - second element) on the stack of open elements. If it is not, - add the attribute and its corresponding value to that - element. */ - } else { - foreach($token['attr'] as $attr) { - if(!$this->stack[1]->hasAttribute($attr['name'])) { - $this->stack[1]->setAttribute($attr['name'], $attr['value']); - } - } - } - break; - - /* A start tag whose tag name is one of: "address", - "blockquote", "center", "dir", "div", "dl", "fieldset", - "listing", "menu", "ol", "p", "ul" */ - case 'address': case 'blockquote': case 'center': case 'dir': - case 'div': case 'dl': case 'fieldset': case 'listing': - case 'menu': case 'ol': case 'p': case 'ul': - /* If the stack of open elements has a p element in scope, - then act as if an end tag with the tag name p had been - seen. */ - if($this->elementInScope('p')) { - $this->emitToken(array( - 'name' => 'p', - 'type' => HTML5::ENDTAG - )); - } - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - break; - - /* A start tag whose tag name is "form" */ - case 'form': - /* If the form element pointer is not null, ignore the - token with a parse error. */ - if($this->form_pointer !== null) { - // Ignore. - - /* Otherwise: */ - } else { - /* If the stack of open elements has a p element in - scope, then act as if an end tag with the tag name p - had been seen. */ - if($this->elementInScope('p')) { - $this->emitToken(array( - 'name' => 'p', - 'type' => HTML5::ENDTAG - )); - } - - /* Insert an HTML element for the token, and set the - form element pointer to point to the element created. */ - $element = $this->insertElement($token); - $this->form_pointer = $element; - } - break; - - /* A start tag whose tag name is "li", "dd" or "dt" */ - case 'li': case 'dd': case 'dt': - /* If the stack of open elements has a p element in scope, - then act as if an end tag with the tag name p had been - seen. */ - if($this->elementInScope('p')) { - $this->emitToken(array( - 'name' => 'p', - 'type' => HTML5::ENDTAG - )); - } - - $stack_length = count($this->stack) - 1; - - for($n = $stack_length; 0 <= $n; $n--) { - /* 1. Initialise node to be the current node (the - bottommost node of the stack). */ - $stop = false; - $node = $this->stack[$n]; - $cat = $this->getElementCategory($node->tagName); - - /* 2. If node is an li, dd or dt element, then pop all - the nodes from the current node up to node, including - node, then stop this algorithm. */ - if($token['name'] === $node->tagName || ($token['name'] !== 'li' - && ($node->tagName === 'dd' || $node->tagName === 'dt'))) { - for($x = $stack_length; $x >= $n ; $x--) { - array_pop($this->stack); - } - - break; - } - - /* 3. If node is not in the formatting category, and is - not in the phrasing category, and is not an address or - div element, then stop this algorithm. */ - if($cat !== self::FORMATTING && $cat !== self::PHRASING && - $node->tagName !== 'address' && $node->tagName !== 'div') { - break; - } - } - - /* Finally, insert an HTML element with the same tag - name as the token's. */ - $this->insertElement($token); - break; - - /* A start tag token whose tag name is "plaintext" */ - case 'plaintext': - /* If the stack of open elements has a p element in scope, - then act as if an end tag with the tag name p had been - seen. */ - if($this->elementInScope('p')) { - $this->emitToken(array( - 'name' => 'p', - 'type' => HTML5::ENDTAG - )); - } - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - return HTML5::PLAINTEXT; - break; - - /* A start tag whose tag name is one of: "h1", "h2", "h3", "h4", - "h5", "h6" */ - case 'h1': case 'h2': case 'h3': case 'h4': case 'h5': case 'h6': - /* If the stack of open elements has a p element in scope, - then act as if an end tag with the tag name p had been seen. */ - if($this->elementInScope('p')) { - $this->emitToken(array( - 'name' => 'p', - 'type' => HTML5::ENDTAG - )); - } - - /* If the stack of open elements has in scope an element whose - tag name is one of "h1", "h2", "h3", "h4", "h5", or "h6", then - this is a parse error; pop elements from the stack until an - element with one of those tag names has been popped from the - stack. */ - while($this->elementInScope(array('h1', 'h2', 'h3', 'h4', 'h5', 'h6'))) { - array_pop($this->stack); - } - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - break; - - /* A start tag whose tag name is "a" */ - case 'a': - /* If the list of active formatting elements contains - an element whose tag name is "a" between the end of the - list and the last marker on the list (or the start of - the list if there is no marker on the list), then this - is a parse error; act as if an end tag with the tag name - "a" had been seen, then remove that element from the list - of active formatting elements and the stack of open - elements if the end tag didn't already remove it (it - might not have if the element is not in table scope). */ - $leng = count($this->a_formatting); - - for($n = $leng - 1; $n >= 0; $n--) { - if($this->a_formatting[$n] === self::MARKER) { - break; - - } elseif($this->a_formatting[$n]->nodeName === 'a') { - $this->emitToken(array( - 'name' => 'a', - 'type' => HTML5::ENDTAG - )); - break; - } - } - - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Insert an HTML element for the token. */ - $el = $this->insertElement($token); - - /* Add that element to the list of active formatting - elements. */ - $this->a_formatting[] = $el; - break; - - /* A start tag whose tag name is one of: "b", "big", "em", "font", - "i", "nobr", "s", "small", "strike", "strong", "tt", "u" */ - case 'b': case 'big': case 'em': case 'font': case 'i': - case 'nobr': case 's': case 'small': case 'strike': - case 'strong': case 'tt': case 'u': - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Insert an HTML element for the token. */ - $el = $this->insertElement($token); - - /* Add that element to the list of active formatting - elements. */ - $this->a_formatting[] = $el; - break; - - /* A start tag token whose tag name is "button" */ - case 'button': - /* If the stack of open elements has a button element in scope, - then this is a parse error; act as if an end tag with the tag - name "button" had been seen, then reprocess the token. (We don't - do that. Unnecessary.) */ - if($this->elementInScope('button')) { - $this->inBody(array( - 'name' => 'button', - 'type' => HTML5::ENDTAG - )); - } - - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* Insert a marker at the end of the list of active - formatting elements. */ - $this->a_formatting[] = self::MARKER; - break; - - /* A start tag token whose tag name is one of: "marquee", "object" */ - case 'marquee': case 'object': - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* Insert a marker at the end of the list of active - formatting elements. */ - $this->a_formatting[] = self::MARKER; - break; - - /* A start tag token whose tag name is "xmp" */ - case 'xmp': - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* Switch the content model flag to the CDATA state. */ - return HTML5::CDATA; - break; - - /* A start tag whose tag name is "table" */ - case 'table': - /* If the stack of open elements has a p element in scope, - then act as if an end tag with the tag name p had been seen. */ - if($this->elementInScope('p')) { - $this->emitToken(array( - 'name' => 'p', - 'type' => HTML5::ENDTAG - )); - } - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* Change the insertion mode to "in table". */ - $this->mode = self::IN_TABLE; - break; - - /* A start tag whose tag name is one of: "area", "basefont", - "bgsound", "br", "embed", "img", "param", "spacer", "wbr" */ - case 'area': case 'basefont': case 'bgsound': case 'br': - case 'embed': case 'img': case 'param': case 'spacer': - case 'wbr': - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* Immediately pop the current node off the stack of open elements. */ - array_pop($this->stack); - break; - - /* A start tag whose tag name is "hr" */ - case 'hr': - /* If the stack of open elements has a p element in scope, - then act as if an end tag with the tag name p had been seen. */ - if($this->elementInScope('p')) { - $this->emitToken(array( - 'name' => 'p', - 'type' => HTML5::ENDTAG - )); - } - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* Immediately pop the current node off the stack of open elements. */ - array_pop($this->stack); - break; - - /* A start tag whose tag name is "image" */ - case 'image': - /* Parse error. Change the token's tag name to "img" and - reprocess it. (Don't ask.) */ - $token['name'] = 'img'; - return $this->inBody($token); - break; - - /* A start tag whose tag name is "input" */ - case 'input': - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Insert an input element for the token. */ - $element = $this->insertElement($token, false); - - /* If the form element pointer is not null, then associate the - input element with the form element pointed to by the form - element pointer. */ - $this->form_pointer !== null - ? $this->form_pointer->appendChild($element) - : end($this->stack)->appendChild($element); - - /* Pop that input element off the stack of open elements. */ - array_pop($this->stack); - break; - - /* A start tag whose tag name is "isindex" */ - case 'isindex': - /* Parse error. */ - // w/e - - /* If the form element pointer is not null, - then ignore the token. */ - if($this->form_pointer === null) { - /* Act as if a start tag token with the tag name "form" had - been seen. */ - $this->inBody(array( - 'name' => 'body', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - /* Act as if a start tag token with the tag name "hr" had - been seen. */ - $this->inBody(array( - 'name' => 'hr', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - /* Act as if a start tag token with the tag name "p" had - been seen. */ - $this->inBody(array( - 'name' => 'p', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - /* Act as if a start tag token with the tag name "label" - had been seen. */ - $this->inBody(array( - 'name' => 'label', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - /* Act as if a stream of character tokens had been seen. */ - $this->insertText('This is a searchable index. '. - 'Insert your search keywords here: '); - - /* Act as if a start tag token with the tag name "input" - had been seen, with all the attributes from the "isindex" - token, except with the "name" attribute set to the value - "isindex" (ignoring any explicit "name" attribute). */ - $attr = $token['attr']; - $attr[] = array('name' => 'name', 'value' => 'isindex'); - - $this->inBody(array( - 'name' => 'input', - 'type' => HTML5::STARTTAG, - 'attr' => $attr - )); - - /* Act as if a stream of character tokens had been seen - (see below for what they should say). */ - $this->insertText('This is a searchable index. '. - 'Insert your search keywords here: '); - - /* Act as if an end tag token with the tag name "label" - had been seen. */ - $this->inBody(array( - 'name' => 'label', - 'type' => HTML5::ENDTAG - )); - - /* Act as if an end tag token with the tag name "p" had - been seen. */ - $this->inBody(array( - 'name' => 'p', - 'type' => HTML5::ENDTAG - )); - - /* Act as if a start tag token with the tag name "hr" had - been seen. */ - $this->inBody(array( - 'name' => 'hr', - 'type' => HTML5::ENDTAG - )); - - /* Act as if an end tag token with the tag name "form" had - been seen. */ - $this->inBody(array( - 'name' => 'form', - 'type' => HTML5::ENDTAG - )); - } - break; - - /* A start tag whose tag name is "textarea" */ - case 'textarea': - $this->insertElement($token); - - /* Switch the tokeniser's content model flag to the - RCDATA state. */ - return HTML5::RCDATA; - break; - - /* A start tag whose tag name is one of: "iframe", "noembed", - "noframes" */ - case 'iframe': case 'noembed': case 'noframes': - $this->insertElement($token); - - /* Switch the tokeniser's content model flag to the CDATA state. */ - return HTML5::CDATA; - break; - - /* A start tag whose tag name is "select" */ - case 'select': - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* Change the insertion mode to "in select". */ - $this->mode = self::IN_SELECT; - break; - - /* A start or end tag whose tag name is one of: "caption", "col", - "colgroup", "frame", "frameset", "head", "option", "optgroup", - "tbody", "td", "tfoot", "th", "thead", "tr". */ - case 'caption': case 'col': case 'colgroup': case 'frame': - case 'frameset': case 'head': case 'option': case 'optgroup': - case 'tbody': case 'td': case 'tfoot': case 'th': case 'thead': - case 'tr': - // Parse error. Ignore the token. - break; - - /* A start or end tag whose tag name is one of: "event-source", - "section", "nav", "article", "aside", "header", "footer", - "datagrid", "command" */ - case 'event-source': case 'section': case 'nav': case 'article': - case 'aside': case 'header': case 'footer': case 'datagrid': - case 'command': - // Work in progress! - break; - - /* A start tag token not covered by the previous entries */ - default: - /* Reconstruct the active formatting elements, if any. */ - $this->reconstructActiveFormattingElements(); - - $this->insertElement($token); - break; - } - break; - - case HTML5::ENDTAG: - switch($token['name']) { - /* An end tag with the tag name "body" */ - case 'body': - /* If the second element in the stack of open elements is - not a body element, this is a parse error. Ignore the token. - (innerHTML case) */ - if(count($this->stack) < 2 || $this->stack[1]->nodeName !== 'body') { - // Ignore. - - /* If the current node is not the body element, then this - is a parse error. */ - } elseif(end($this->stack)->nodeName !== 'body') { - // Parse error. - } - - /* Change the insertion mode to "after body". */ - $this->mode = self::AFTER_BODY; - break; - - /* An end tag with the tag name "html" */ - case 'html': - /* Act as if an end tag with tag name "body" had been seen, - then, if that token wasn't ignored, reprocess the current - token. */ - $this->inBody(array( - 'name' => 'body', - 'type' => HTML5::ENDTAG - )); - - return $this->afterBody($token); - break; - - /* An end tag whose tag name is one of: "address", "blockquote", - "center", "dir", "div", "dl", "fieldset", "listing", "menu", - "ol", "pre", "ul" */ - case 'address': case 'blockquote': case 'center': case 'dir': - case 'div': case 'dl': case 'fieldset': case 'listing': - case 'menu': case 'ol': case 'pre': case 'ul': - /* If the stack of open elements has an element in scope - with the same tag name as that of the token, then generate - implied end tags. */ - if($this->elementInScope($token['name'])) { - $this->generateImpliedEndTags(); - - /* Now, if the current node is not an element with - the same tag name as that of the token, then this - is a parse error. */ - // w/e - - /* If the stack of open elements has an element in - scope with the same tag name as that of the token, - then pop elements from this stack until an element - with that tag name has been popped from the stack. */ - for($n = count($this->stack) - 1; $n >= 0; $n--) { - if($this->stack[$n]->nodeName === $token['name']) { - $n = -1; - } - - array_pop($this->stack); - } - } - break; - - /* An end tag whose tag name is "form" */ - case 'form': - /* If the stack of open elements has an element in scope - with the same tag name as that of the token, then generate - implied end tags. */ - if($this->elementInScope($token['name'])) { - $this->generateImpliedEndTags(); - - } - - if(end($this->stack)->nodeName !== $token['name']) { - /* Now, if the current node is not an element with the - same tag name as that of the token, then this is a parse - error. */ - // w/e - - } else { - /* Otherwise, if the current node is an element with - the same tag name as that of the token pop that element - from the stack. */ - array_pop($this->stack); - } - - /* In any case, set the form element pointer to null. */ - $this->form_pointer = null; - break; - - /* An end tag whose tag name is "p" */ - case 'p': - /* If the stack of open elements has a p element in scope, - then generate implied end tags, except for p elements. */ - if($this->elementInScope('p')) { - $this->generateImpliedEndTags(array('p')); - - /* If the current node is not a p element, then this is - a parse error. */ - // k - - /* If the stack of open elements has a p element in - scope, then pop elements from this stack until the stack - no longer has a p element in scope. */ - for($n = count($this->stack) - 1; $n >= 0; $n--) { - if($this->elementInScope('p')) { - array_pop($this->stack); - - } else { - break; - } - } - } - break; - - /* An end tag whose tag name is "dd", "dt", or "li" */ - case 'dd': case 'dt': case 'li': - /* If the stack of open elements has an element in scope - whose tag name matches the tag name of the token, then - generate implied end tags, except for elements with the - same tag name as the token. */ - if($this->elementInScope($token['name'])) { - $this->generateImpliedEndTags(array($token['name'])); - - /* If the current node is not an element with the same - tag name as the token, then this is a parse error. */ - // w/e - - /* If the stack of open elements has an element in scope - whose tag name matches the tag name of the token, then - pop elements from this stack until an element with that - tag name has been popped from the stack. */ - for($n = count($this->stack) - 1; $n >= 0; $n--) { - if($this->stack[$n]->nodeName === $token['name']) { - $n = -1; - } - - array_pop($this->stack); - } - } - break; - - /* An end tag whose tag name is one of: "h1", "h2", "h3", "h4", - "h5", "h6" */ - case 'h1': case 'h2': case 'h3': case 'h4': case 'h5': case 'h6': - $elements = array('h1', 'h2', 'h3', 'h4', 'h5', 'h6'); - - /* If the stack of open elements has in scope an element whose - tag name is one of "h1", "h2", "h3", "h4", "h5", or "h6", then - generate implied end tags. */ - if($this->elementInScope($elements)) { - $this->generateImpliedEndTags(); - - /* Now, if the current node is not an element with the same - tag name as that of the token, then this is a parse error. */ - // w/e - - /* If the stack of open elements has in scope an element - whose tag name is one of "h1", "h2", "h3", "h4", "h5", or - "h6", then pop elements from the stack until an element - with one of those tag names has been popped from the stack. */ - while($this->elementInScope($elements)) { - array_pop($this->stack); - } - } - break; - - /* An end tag whose tag name is one of: "a", "b", "big", "em", - "font", "i", "nobr", "s", "small", "strike", "strong", "tt", "u" */ - case 'a': case 'b': case 'big': case 'em': case 'font': - case 'i': case 'nobr': case 's': case 'small': case 'strike': - case 'strong': case 'tt': case 'u': - /* 1. Let the formatting element be the last element in - the list of active formatting elements that: - * is between the end of the list and the last scope - marker in the list, if any, or the start of the list - otherwise, and - * has the same tag name as the token. - */ - while(true) { - for($a = count($this->a_formatting) - 1; $a >= 0; $a--) { - if($this->a_formatting[$a] === self::MARKER) { - break; - - } elseif($this->a_formatting[$a]->tagName === $token['name']) { - $formatting_element = $this->a_formatting[$a]; - $in_stack = in_array($formatting_element, $this->stack, true); - $fe_af_pos = $a; - break; - } - } - - /* If there is no such node, or, if that node is - also in the stack of open elements but the element - is not in scope, then this is a parse error. Abort - these steps. The token is ignored. */ - if(!isset($formatting_element) || ($in_stack && - !$this->elementInScope($token['name']))) { - break; - - /* Otherwise, if there is such a node, but that node - is not in the stack of open elements, then this is a - parse error; remove the element from the list, and - abort these steps. */ - } elseif(isset($formatting_element) && !$in_stack) { - unset($this->a_formatting[$fe_af_pos]); - $this->a_formatting = array_merge($this->a_formatting); - break; - } - - /* 2. Let the furthest block be the topmost node in the - stack of open elements that is lower in the stack - than the formatting element, and is not an element in - the phrasing or formatting categories. There might - not be one. */ - $fe_s_pos = array_search($formatting_element, $this->stack, true); - $length = count($this->stack); - - for($s = $fe_s_pos + 1; $s < $length; $s++) { - $category = $this->getElementCategory($this->stack[$s]->nodeName); - - if($category !== self::PHRASING && $category !== self::FORMATTING) { - $furthest_block = $this->stack[$s]; - } - } - - /* 3. If there is no furthest block, then the UA must - skip the subsequent steps and instead just pop all - the nodes from the bottom of the stack of open - elements, from the current node up to the formatting - element, and remove the formatting element from the - list of active formatting elements. */ - if(!isset($furthest_block)) { - for($n = $length - 1; $n >= $fe_s_pos; $n--) { - array_pop($this->stack); - } - - unset($this->a_formatting[$fe_af_pos]); - $this->a_formatting = array_merge($this->a_formatting); - break; - } - - /* 4. Let the common ancestor be the element - immediately above the formatting element in the stack - of open elements. */ - $common_ancestor = $this->stack[$fe_s_pos - 1]; - - /* 5. If the furthest block has a parent node, then - remove the furthest block from its parent node. */ - if($furthest_block->parentNode !== null) { - $furthest_block->parentNode->removeChild($furthest_block); - } - - /* 6. Let a bookmark note the position of the - formatting element in the list of active formatting - elements relative to the elements on either side - of it in the list. */ - $bookmark = $fe_af_pos; - - /* 7. Let node and last node be the furthest block. - Follow these steps: */ - $node = $furthest_block; - $last_node = $furthest_block; - - while(true) { - for($n = array_search($node, $this->stack, true) - 1; $n >= 0; $n--) { - /* 7.1 Let node be the element immediately - prior to node in the stack of open elements. */ - $node = $this->stack[$n]; - - /* 7.2 If node is not in the list of active - formatting elements, then remove node from - the stack of open elements and then go back - to step 1. */ - if(!in_array($node, $this->a_formatting, true)) { - unset($this->stack[$n]); - $this->stack = array_merge($this->stack); - - } else { - break; - } - } - - /* 7.3 Otherwise, if node is the formatting - element, then go to the next step in the overall - algorithm. */ - if($node === $formatting_element) { - break; - - /* 7.4 Otherwise, if last node is the furthest - block, then move the aforementioned bookmark to - be immediately after the node in the list of - active formatting elements. */ - } elseif($last_node === $furthest_block) { - $bookmark = array_search($node, $this->a_formatting, true) + 1; - } - - /* 7.5 If node has any children, perform a - shallow clone of node, replace the entry for - node in the list of active formatting elements - with an entry for the clone, replace the entry - for node in the stack of open elements with an - entry for the clone, and let node be the clone. */ - if($node->hasChildNodes()) { - $clone = $node->cloneNode(); - $s_pos = array_search($node, $this->stack, true); - $a_pos = array_search($node, $this->a_formatting, true); - - $this->stack[$s_pos] = $clone; - $this->a_formatting[$a_pos] = $clone; - $node = $clone; - } - - /* 7.6 Insert last node into node, first removing - it from its previous parent node if any. */ - if($last_node->parentNode !== null) { - $last_node->parentNode->removeChild($last_node); - } - - $node->appendChild($last_node); - - /* 7.7 Let last node be node. */ - $last_node = $node; - } - - /* 8. Insert whatever last node ended up being in - the previous step into the common ancestor node, - first removing it from its previous parent node if - any. */ - if($last_node->parentNode !== null) { - $last_node->parentNode->removeChild($last_node); - } - - $common_ancestor->appendChild($last_node); - - /* 9. Perform a shallow clone of the formatting - element. */ - $clone = $formatting_element->cloneNode(); - - /* 10. Take all of the child nodes of the furthest - block and append them to the clone created in the - last step. */ - while($furthest_block->hasChildNodes()) { - $child = $furthest_block->firstChild; - $furthest_block->removeChild($child); - $clone->appendChild($child); - } - - /* 11. Append that clone to the furthest block. */ - $furthest_block->appendChild($clone); - - /* 12. Remove the formatting element from the list - of active formatting elements, and insert the clone - into the list of active formatting elements at the - position of the aforementioned bookmark. */ - $fe_af_pos = array_search($formatting_element, $this->a_formatting, true); - unset($this->a_formatting[$fe_af_pos]); - $this->a_formatting = array_merge($this->a_formatting); - - $af_part1 = array_slice($this->a_formatting, 0, $bookmark - 1); - $af_part2 = array_slice($this->a_formatting, $bookmark, count($this->a_formatting)); - $this->a_formatting = array_merge($af_part1, array($clone), $af_part2); - - /* 13. Remove the formatting element from the stack - of open elements, and insert the clone into the stack - of open elements immediately after (i.e. in a more - deeply nested position than) the position of the - furthest block in that stack. */ - $fe_s_pos = array_search($formatting_element, $this->stack, true); - $fb_s_pos = array_search($furthest_block, $this->stack, true); - unset($this->stack[$fe_s_pos]); - - $s_part1 = array_slice($this->stack, 0, $fb_s_pos); - $s_part2 = array_slice($this->stack, $fb_s_pos + 1, count($this->stack)); - $this->stack = array_merge($s_part1, array($clone), $s_part2); - - /* 14. Jump back to step 1 in this series of steps. */ - unset($formatting_element, $fe_af_pos, $fe_s_pos, $furthest_block); - } - break; - - /* An end tag token whose tag name is one of: "button", - "marquee", "object" */ - case 'button': case 'marquee': case 'object': - /* If the stack of open elements has an element in scope whose - tag name matches the tag name of the token, then generate implied - tags. */ - if($this->elementInScope($token['name'])) { - $this->generateImpliedEndTags(); - - /* Now, if the current node is not an element with the same - tag name as the token, then this is a parse error. */ - // k - - /* Now, if the stack of open elements has an element in scope - whose tag name matches the tag name of the token, then pop - elements from the stack until that element has been popped from - the stack, and clear the list of active formatting elements up - to the last marker. */ - for($n = count($this->stack) - 1; $n >= 0; $n--) { - if($this->stack[$n]->nodeName === $token['name']) { - $n = -1; - } - - array_pop($this->stack); - } - - $marker = end(array_keys($this->a_formatting, self::MARKER, true)); - - for($n = count($this->a_formatting) - 1; $n > $marker; $n--) { - array_pop($this->a_formatting); - } - } - break; - - /* Or an end tag whose tag name is one of: "area", "basefont", - "bgsound", "br", "embed", "hr", "iframe", "image", "img", - "input", "isindex", "noembed", "noframes", "param", "select", - "spacer", "table", "textarea", "wbr" */ - case 'area': case 'basefont': case 'bgsound': case 'br': - case 'embed': case 'hr': case 'iframe': case 'image': - case 'img': case 'input': case 'isindex': case 'noembed': - case 'noframes': case 'param': case 'select': case 'spacer': - case 'table': case 'textarea': case 'wbr': - // Parse error. Ignore the token. - break; - - /* An end tag token not covered by the previous entries */ - default: - for($n = count($this->stack) - 1; $n >= 0; $n--) { - /* Initialise node to be the current node (the bottommost - node of the stack). */ - $node = end($this->stack); - - /* If node has the same tag name as the end tag token, - then: */ - if($token['name'] === $node->nodeName) { - /* Generate implied end tags. */ - $this->generateImpliedEndTags(); - - /* If the tag name of the end tag token does not - match the tag name of the current node, this is a - parse error. */ - // k - - /* Pop all the nodes from the current node up to - node, including node, then stop this algorithm. */ - for($x = count($this->stack) - $n; $x >= $n; $x--) { - array_pop($this->stack); - } - - } else { - $category = $this->getElementCategory($node); - - if($category !== self::SPECIAL && $category !== self::SCOPING) { - /* Otherwise, if node is in neither the formatting - category nor the phrasing category, then this is a - parse error. Stop this algorithm. The end tag token - is ignored. */ - return false; - } - } - } - break; - } - break; - } - } - - private function inTable($token) - { - $clear = array('html', 'table'); - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE */ - if($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Append the character to the current node. */ - $text = $this->dom->createTextNode($token['data']); - end($this->stack)->appendChild($text); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the current node with the data - attribute set to the data given in the comment token. */ - $comment = $this->dom->createComment($token['data']); - end($this->stack)->appendChild($comment); - - /* A start tag whose tag name is "caption" */ - } elseif($token['type'] === HTML5::STARTTAG && - $token['name'] === 'caption') { - /* Clear the stack back to a table context. */ - $this->clearStackToTableContext($clear); - - /* Insert a marker at the end of the list of active - formatting elements. */ - $this->a_formatting[] = self::MARKER; - - /* Insert an HTML element for the token, then switch the - insertion mode to "in caption". */ - $this->insertElement($token); - $this->mode = self::IN_CAPTION; - - /* A start tag whose tag name is "colgroup" */ - } elseif($token['type'] === HTML5::STARTTAG && - $token['name'] === 'colgroup') { - /* Clear the stack back to a table context. */ - $this->clearStackToTableContext($clear); - - /* Insert an HTML element for the token, then switch the - insertion mode to "in column group". */ - $this->insertElement($token); - $this->mode = self::IN_CGROUP; - - /* A start tag whose tag name is "col" */ - } elseif($token['type'] === HTML5::STARTTAG && - $token['name'] === 'col') { - $this->inTable(array( - 'name' => 'colgroup', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - $this->inColumnGroup($token); - - /* A start tag whose tag name is one of: "tbody", "tfoot", "thead" */ - } elseif($token['type'] === HTML5::STARTTAG && in_array($token['name'], - array('tbody', 'tfoot', 'thead'))) { - /* Clear the stack back to a table context. */ - $this->clearStackToTableContext($clear); - - /* Insert an HTML element for the token, then switch the insertion - mode to "in table body". */ - $this->insertElement($token); - $this->mode = self::IN_TBODY; - - /* A start tag whose tag name is one of: "td", "th", "tr" */ - } elseif($token['type'] === HTML5::STARTTAG && - in_array($token['name'], array('td', 'th', 'tr'))) { - /* Act as if a start tag token with the tag name "tbody" had been - seen, then reprocess the current token. */ - $this->inTable(array( - 'name' => 'tbody', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - return $this->inTableBody($token); - - /* A start tag whose tag name is "table" */ - } elseif($token['type'] === HTML5::STARTTAG && - $token['name'] === 'table') { - /* Parse error. Act as if an end tag token with the tag name "table" - had been seen, then, if that token wasn't ignored, reprocess the - current token. */ - $this->inTable(array( - 'name' => 'table', - 'type' => HTML5::ENDTAG - )); - - return $this->mainPhase($token); - - /* An end tag whose tag name is "table" */ - } elseif($token['type'] === HTML5::ENDTAG && - $token['name'] === 'table') { - /* If the stack of open elements does not have an element in table - scope with the same tag name as the token, this is a parse error. - Ignore the token. (innerHTML case) */ - if(!$this->elementInScope($token['name'], true)) { - return false; - - /* Otherwise: */ - } else { - /* Generate implied end tags. */ - $this->generateImpliedEndTags(); - - /* Now, if the current node is not a table element, then this - is a parse error. */ - // w/e - - /* Pop elements from this stack until a table element has been - popped from the stack. */ - while(true) { - $current = end($this->stack)->nodeName; - array_pop($this->stack); - - if($current === 'table') { - break; - } - } - - /* Reset the insertion mode appropriately. */ - $this->resetInsertionMode(); - } - - /* An end tag whose tag name is one of: "body", "caption", "col", - "colgroup", "html", "tbody", "td", "tfoot", "th", "thead", "tr" */ - } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], - array('body', 'caption', 'col', 'colgroup', 'html', 'tbody', 'td', - 'tfoot', 'th', 'thead', 'tr'))) { - // Parse error. Ignore the token. - - /* Anything else */ - } else { - /* Parse error. Process the token as if the insertion mode was "in - body", with the following exception: */ - - /* If the current node is a table, tbody, tfoot, thead, or tr - element, then, whenever a node would be inserted into the current - node, it must instead be inserted into the foster parent element. */ - if(in_array(end($this->stack)->nodeName, - array('table', 'tbody', 'tfoot', 'thead', 'tr'))) { - /* The foster parent element is the parent element of the last - table element in the stack of open elements, if there is a - table element and it has such a parent element. If there is no - table element in the stack of open elements (innerHTML case), - then the foster parent element is the first element in the - stack of open elements (the html element). Otherwise, if there - is a table element in the stack of open elements, but the last - table element in the stack of open elements has no parent, or - its parent node is not an element, then the foster parent - element is the element before the last table element in the - stack of open elements. */ - for($n = count($this->stack) - 1; $n >= 0; $n--) { - if($this->stack[$n]->nodeName === 'table') { - $table = $this->stack[$n]; - break; - } - } - - if(isset($table) && $table->parentNode !== null) { - $this->foster_parent = $table->parentNode; - - } elseif(!isset($table)) { - $this->foster_parent = $this->stack[0]; - - } elseif(isset($table) && ($table->parentNode === null || - $table->parentNode->nodeType !== XML_ELEMENT_NODE)) { - $this->foster_parent = $this->stack[$n - 1]; - } - } - - $this->inBody($token); - } - } - - private function inCaption($token) - { - /* An end tag whose tag name is "caption" */ - if($token['type'] === HTML5::ENDTAG && $token['name'] === 'caption') { - /* If the stack of open elements does not have an element in table - scope with the same tag name as the token, this is a parse error. - Ignore the token. (innerHTML case) */ - if(!$this->elementInScope($token['name'], true)) { - // Ignore - - /* Otherwise: */ - } else { - /* Generate implied end tags. */ - $this->generateImpliedEndTags(); - - /* Now, if the current node is not a caption element, then this - is a parse error. */ - // w/e - - /* Pop elements from this stack until a caption element has - been popped from the stack. */ - while(true) { - $node = end($this->stack)->nodeName; - array_pop($this->stack); - - if($node === 'caption') { - break; - } - } - - /* Clear the list of active formatting elements up to the last - marker. */ - $this->clearTheActiveFormattingElementsUpToTheLastMarker(); - - /* Switch the insertion mode to "in table". */ - $this->mode = self::IN_TABLE; - } - - /* A start tag whose tag name is one of: "caption", "col", "colgroup", - "tbody", "td", "tfoot", "th", "thead", "tr", or an end tag whose tag - name is "table" */ - } elseif(($token['type'] === HTML5::STARTTAG && in_array($token['name'], - array('caption', 'col', 'colgroup', 'tbody', 'td', 'tfoot', 'th', - 'thead', 'tr'))) || ($token['type'] === HTML5::ENDTAG && - $token['name'] === 'table')) { - /* Parse error. Act as if an end tag with the tag name "caption" - had been seen, then, if that token wasn't ignored, reprocess the - current token. */ - $this->inCaption(array( - 'name' => 'caption', - 'type' => HTML5::ENDTAG - )); - - return $this->inTable($token); - - /* An end tag whose tag name is one of: "body", "col", "colgroup", - "html", "tbody", "td", "tfoot", "th", "thead", "tr" */ - } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], - array('body', 'col', 'colgroup', 'html', 'tbody', 'tfoot', 'th', - 'thead', 'tr'))) { - // Parse error. Ignore the token. - - /* Anything else */ - } else { - /* Process the token as if the insertion mode was "in body". */ - $this->inBody($token); - } - } - - private function inColumnGroup($token) - { - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE */ - if($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Append the character to the current node. */ - $text = $this->dom->createTextNode($token['data']); - end($this->stack)->appendChild($text); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the current node with the data - attribute set to the data given in the comment token. */ - $comment = $this->dom->createComment($token['data']); - end($this->stack)->appendChild($comment); - - /* A start tag whose tag name is "col" */ - } elseif($token['type'] === HTML5::STARTTAG && $token['name'] === 'col') { - /* Insert a col element for the token. Immediately pop the current - node off the stack of open elements. */ - $this->insertElement($token); - array_pop($this->stack); - - /* An end tag whose tag name is "colgroup" */ - } elseif($token['type'] === HTML5::ENDTAG && - $token['name'] === 'colgroup') { - /* If the current node is the root html element, then this is a - parse error, ignore the token. (innerHTML case) */ - if(end($this->stack)->nodeName === 'html') { - // Ignore - - /* Otherwise, pop the current node (which will be a colgroup - element) from the stack of open elements. Switch the insertion - mode to "in table". */ - } else { - array_pop($this->stack); - $this->mode = self::IN_TABLE; - } - - /* An end tag whose tag name is "col" */ - } elseif($token['type'] === HTML5::ENDTAG && $token['name'] === 'col') { - /* Parse error. Ignore the token. */ - - /* Anything else */ - } else { - /* Act as if an end tag with the tag name "colgroup" had been seen, - and then, if that token wasn't ignored, reprocess the current token. */ - $this->inColumnGroup(array( - 'name' => 'colgroup', - 'type' => HTML5::ENDTAG - )); - - return $this->inTable($token); - } - } - - private function inTableBody($token) - { - $clear = array('tbody', 'tfoot', 'thead', 'html'); - - /* A start tag whose tag name is "tr" */ - if($token['type'] === HTML5::STARTTAG && $token['name'] === 'tr') { - /* Clear the stack back to a table body context. */ - $this->clearStackToTableContext($clear); - - /* Insert a tr element for the token, then switch the insertion - mode to "in row". */ - $this->insertElement($token); - $this->mode = self::IN_ROW; - - /* A start tag whose tag name is one of: "th", "td" */ - } elseif($token['type'] === HTML5::STARTTAG && - ($token['name'] === 'th' || $token['name'] === 'td')) { - /* Parse error. Act as if a start tag with the tag name "tr" had - been seen, then reprocess the current token. */ - $this->inTableBody(array( - 'name' => 'tr', - 'type' => HTML5::STARTTAG, - 'attr' => array() - )); - - return $this->inRow($token); - - /* An end tag whose tag name is one of: "tbody", "tfoot", "thead" */ - } elseif($token['type'] === HTML5::ENDTAG && - in_array($token['name'], array('tbody', 'tfoot', 'thead'))) { - /* If the stack of open elements does not have an element in table - scope with the same tag name as the token, this is a parse error. - Ignore the token. */ - if(!$this->elementInScope($token['name'], true)) { - // Ignore - - /* Otherwise: */ - } else { - /* Clear the stack back to a table body context. */ - $this->clearStackToTableContext($clear); - - /* Pop the current node from the stack of open elements. Switch - the insertion mode to "in table". */ - array_pop($this->stack); - $this->mode = self::IN_TABLE; - } - - /* A start tag whose tag name is one of: "caption", "col", "colgroup", - "tbody", "tfoot", "thead", or an end tag whose tag name is "table" */ - } elseif(($token['type'] === HTML5::STARTTAG && in_array($token['name'], - array('caption', 'col', 'colgroup', 'tbody', 'tfoor', 'thead'))) || - ($token['type'] === HTML5::STARTTAG && $token['name'] === 'table')) { - /* If the stack of open elements does not have a tbody, thead, or - tfoot element in table scope, this is a parse error. Ignore the - token. (innerHTML case) */ - if(!$this->elementInScope(array('tbody', 'thead', 'tfoot'), true)) { - // Ignore. - - /* Otherwise: */ - } else { - /* Clear the stack back to a table body context. */ - $this->clearStackToTableContext($clear); - - /* Act as if an end tag with the same tag name as the current - node ("tbody", "tfoot", or "thead") had been seen, then - reprocess the current token. */ - $this->inTableBody(array( - 'name' => end($this->stack)->nodeName, - 'type' => HTML5::ENDTAG - )); - - return $this->mainPhase($token); - } - - /* An end tag whose tag name is one of: "body", "caption", "col", - "colgroup", "html", "td", "th", "tr" */ - } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], - array('body', 'caption', 'col', 'colgroup', 'html', 'td', 'th', 'tr'))) { - /* Parse error. Ignore the token. */ - - /* Anything else */ - } else { - /* Process the token as if the insertion mode was "in table". */ - $this->inTable($token); - } - } - - private function inRow($token) - { - $clear = array('tr', 'html'); - - /* A start tag whose tag name is one of: "th", "td" */ - if($token['type'] === HTML5::STARTTAG && - ($token['name'] === 'th' || $token['name'] === 'td')) { - /* Clear the stack back to a table row context. */ - $this->clearStackToTableContext($clear); - - /* Insert an HTML element for the token, then switch the insertion - mode to "in cell". */ - $this->insertElement($token); - $this->mode = self::IN_CELL; - - /* Insert a marker at the end of the list of active formatting - elements. */ - $this->a_formatting[] = self::MARKER; - - /* An end tag whose tag name is "tr" */ - } elseif($token['type'] === HTML5::ENDTAG && $token['name'] === 'tr') { - /* If the stack of open elements does not have an element in table - scope with the same tag name as the token, this is a parse error. - Ignore the token. (innerHTML case) */ - if(!$this->elementInScope($token['name'], true)) { - // Ignore. - - /* Otherwise: */ - } else { - /* Clear the stack back to a table row context. */ - $this->clearStackToTableContext($clear); - - /* Pop the current node (which will be a tr element) from the - stack of open elements. Switch the insertion mode to "in table - body". */ - array_pop($this->stack); - $this->mode = self::IN_TBODY; - } - - /* A start tag whose tag name is one of: "caption", "col", "colgroup", - "tbody", "tfoot", "thead", "tr" or an end tag whose tag name is "table" */ - } elseif($token['type'] === HTML5::STARTTAG && in_array($token['name'], - array('caption', 'col', 'colgroup', 'tbody', 'tfoot', 'thead', 'tr'))) { - /* Act as if an end tag with the tag name "tr" had been seen, then, - if that token wasn't ignored, reprocess the current token. */ - $this->inRow(array( - 'name' => 'tr', - 'type' => HTML5::ENDTAG - )); - - return $this->inCell($token); - - /* An end tag whose tag name is one of: "tbody", "tfoot", "thead" */ - } elseif($token['type'] === HTML5::ENDTAG && - in_array($token['name'], array('tbody', 'tfoot', 'thead'))) { - /* If the stack of open elements does not have an element in table - scope with the same tag name as the token, this is a parse error. - Ignore the token. */ - if(!$this->elementInScope($token['name'], true)) { - // Ignore. - - /* Otherwise: */ - } else { - /* Otherwise, act as if an end tag with the tag name "tr" had - been seen, then reprocess the current token. */ - $this->inRow(array( - 'name' => 'tr', - 'type' => HTML5::ENDTAG - )); - - return $this->inCell($token); - } - - /* An end tag whose tag name is one of: "body", "caption", "col", - "colgroup", "html", "td", "th" */ - } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], - array('body', 'caption', 'col', 'colgroup', 'html', 'td', 'th', 'tr'))) { - /* Parse error. Ignore the token. */ - - /* Anything else */ - } else { - /* Process the token as if the insertion mode was "in table". */ - $this->inTable($token); - } - } - - private function inCell($token) - { - /* An end tag whose tag name is one of: "td", "th" */ - if($token['type'] === HTML5::ENDTAG && - ($token['name'] === 'td' || $token['name'] === 'th')) { - /* If the stack of open elements does not have an element in table - scope with the same tag name as that of the token, then this is a - parse error and the token must be ignored. */ - if(!$this->elementInScope($token['name'], true)) { - // Ignore. - - /* Otherwise: */ - } else { - /* Generate implied end tags, except for elements with the same - tag name as the token. */ - $this->generateImpliedEndTags(array($token['name'])); - - /* Now, if the current node is not an element with the same tag - name as the token, then this is a parse error. */ - // k - - /* Pop elements from this stack until an element with the same - tag name as the token has been popped from the stack. */ - while(true) { - $node = end($this->stack)->nodeName; - array_pop($this->stack); - - if($node === $token['name']) { - break; - } - } - - /* Clear the list of active formatting elements up to the last - marker. */ - $this->clearTheActiveFormattingElementsUpToTheLastMarker(); - - /* Switch the insertion mode to "in row". (The current node - will be a tr element at this point.) */ - $this->mode = self::IN_ROW; - } - - /* A start tag whose tag name is one of: "caption", "col", "colgroup", - "tbody", "td", "tfoot", "th", "thead", "tr" */ - } elseif($token['type'] === HTML5::STARTTAG && in_array($token['name'], - array('caption', 'col', 'colgroup', 'tbody', 'td', 'tfoot', 'th', - 'thead', 'tr'))) { - /* If the stack of open elements does not have a td or th element - in table scope, then this is a parse error; ignore the token. - (innerHTML case) */ - if(!$this->elementInScope(array('td', 'th'), true)) { - // Ignore. - - /* Otherwise, close the cell (see below) and reprocess the current - token. */ - } else { - $this->closeCell(); - return $this->inRow($token); - } - - /* A start tag whose tag name is one of: "caption", "col", "colgroup", - "tbody", "td", "tfoot", "th", "thead", "tr" */ - } elseif($token['type'] === HTML5::STARTTAG && in_array($token['name'], - array('caption', 'col', 'colgroup', 'tbody', 'td', 'tfoot', 'th', - 'thead', 'tr'))) { - /* If the stack of open elements does not have a td or th element - in table scope, then this is a parse error; ignore the token. - (innerHTML case) */ - if(!$this->elementInScope(array('td', 'th'), true)) { - // Ignore. - - /* Otherwise, close the cell (see below) and reprocess the current - token. */ - } else { - $this->closeCell(); - return $this->inRow($token); - } - - /* An end tag whose tag name is one of: "body", "caption", "col", - "colgroup", "html" */ - } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], - array('body', 'caption', 'col', 'colgroup', 'html'))) { - /* Parse error. Ignore the token. */ - - /* An end tag whose tag name is one of: "table", "tbody", "tfoot", - "thead", "tr" */ - } elseif($token['type'] === HTML5::ENDTAG && in_array($token['name'], - array('table', 'tbody', 'tfoot', 'thead', 'tr'))) { - /* If the stack of open elements does not have an element in table - scope with the same tag name as that of the token (which can only - happen for "tbody", "tfoot" and "thead", or, in the innerHTML case), - then this is a parse error and the token must be ignored. */ - if(!$this->elementInScope($token['name'], true)) { - // Ignore. - - /* Otherwise, close the cell (see below) and reprocess the current - token. */ - } else { - $this->closeCell(); - return $this->inRow($token); - } - - /* Anything else */ - } else { - /* Process the token as if the insertion mode was "in body". */ - $this->inBody($token); - } - } - - private function inSelect($token) - { - /* Handle the token as follows: */ - - /* A character token */ - if($token['type'] === HTML5::CHARACTR) { - /* Append the token's character to the current node. */ - $this->insertText($token['data']); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the current node with the data - attribute set to the data given in the comment token. */ - $this->insertComment($token['data']); - - /* A start tag token whose tag name is "option" */ - } elseif($token['type'] === HTML5::STARTTAG && - $token['name'] === 'option') { - /* If the current node is an option element, act as if an end tag - with the tag name "option" had been seen. */ - if(end($this->stack)->nodeName === 'option') { - $this->inSelect(array( - 'name' => 'option', - 'type' => HTML5::ENDTAG - )); - } - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* A start tag token whose tag name is "optgroup" */ - } elseif($token['type'] === HTML5::STARTTAG && - $token['name'] === 'optgroup') { - /* If the current node is an option element, act as if an end tag - with the tag name "option" had been seen. */ - if(end($this->stack)->nodeName === 'option') { - $this->inSelect(array( - 'name' => 'option', - 'type' => HTML5::ENDTAG - )); - } - - /* If the current node is an optgroup element, act as if an end tag - with the tag name "optgroup" had been seen. */ - if(end($this->stack)->nodeName === 'optgroup') { - $this->inSelect(array( - 'name' => 'optgroup', - 'type' => HTML5::ENDTAG - )); - } - - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* An end tag token whose tag name is "optgroup" */ - } elseif($token['type'] === HTML5::ENDTAG && - $token['name'] === 'optgroup') { - /* First, if the current node is an option element, and the node - immediately before it in the stack of open elements is an optgroup - element, then act as if an end tag with the tag name "option" had - been seen. */ - $elements_in_stack = count($this->stack); - - if($this->stack[$elements_in_stack - 1]->nodeName === 'option' && - $this->stack[$elements_in_stack - 2]->nodeName === 'optgroup') { - $this->inSelect(array( - 'name' => 'option', - 'type' => HTML5::ENDTAG - )); - } - - /* If the current node is an optgroup element, then pop that node - from the stack of open elements. Otherwise, this is a parse error, - ignore the token. */ - if($this->stack[$elements_in_stack - 1] === 'optgroup') { - array_pop($this->stack); - } - - /* An end tag token whose tag name is "option" */ - } elseif($token['type'] === HTML5::ENDTAG && - $token['name'] === 'option') { - /* If the current node is an option element, then pop that node - from the stack of open elements. Otherwise, this is a parse error, - ignore the token. */ - if(end($this->stack)->nodeName === 'option') { - array_pop($this->stack); - } - - /* An end tag whose tag name is "select" */ - } elseif($token['type'] === HTML5::ENDTAG && - $token['name'] === 'select') { - /* If the stack of open elements does not have an element in table - scope with the same tag name as the token, this is a parse error. - Ignore the token. (innerHTML case) */ - if(!$this->elementInScope($token['name'], true)) { - // w/e - - /* Otherwise: */ - } else { - /* Pop elements from the stack of open elements until a select - element has been popped from the stack. */ - while(true) { - $current = end($this->stack)->nodeName; - array_pop($this->stack); - - if($current === 'select') { - break; - } - } - - /* Reset the insertion mode appropriately. */ - $this->resetInsertionMode(); - } - - /* A start tag whose tag name is "select" */ - } elseif($token['name'] === 'select' && - $token['type'] === HTML5::STARTTAG) { - /* Parse error. Act as if the token had been an end tag with the - tag name "select" instead. */ - $this->inSelect(array( - 'name' => 'select', - 'type' => HTML5::ENDTAG - )); - - /* An end tag whose tag name is one of: "caption", "table", "tbody", - "tfoot", "thead", "tr", "td", "th" */ - } elseif(in_array($token['name'], array('caption', 'table', 'tbody', - 'tfoot', 'thead', 'tr', 'td', 'th')) && $token['type'] === HTML5::ENDTAG) { - /* Parse error. */ - // w/e - - /* If the stack of open elements has an element in table scope with - the same tag name as that of the token, then act as if an end tag - with the tag name "select" had been seen, and reprocess the token. - Otherwise, ignore the token. */ - if($this->elementInScope($token['name'], true)) { - $this->inSelect(array( - 'name' => 'select', - 'type' => HTML5::ENDTAG - )); - - $this->mainPhase($token); - } - - /* Anything else */ - } else { - /* Parse error. Ignore the token. */ - } - } - - private function afterBody($token) - { - /* Handle the token as follows: */ - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE */ - if($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Process the token as it would be processed if the insertion mode - was "in body". */ - $this->inBody($token); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the first element in the stack of open - elements (the html element), with the data attribute set to the - data given in the comment token. */ - $comment = $this->dom->createComment($token['data']); - $this->stack[0]->appendChild($comment); - - /* An end tag with the tag name "html" */ - } elseif($token['type'] === HTML5::ENDTAG && $token['name'] === 'html') { - /* If the parser was originally created in order to handle the - setting of an element's innerHTML attribute, this is a parse error; - ignore the token. (The element will be an html element in this - case.) (innerHTML case) */ - - /* Otherwise, switch to the trailing end phase. */ - $this->phase = self::END_PHASE; - - /* Anything else */ - } else { - /* Parse error. Set the insertion mode to "in body" and reprocess - the token. */ - $this->mode = self::IN_BODY; - return $this->inBody($token); - } - } - - private function inFrameset($token) - { - /* Handle the token as follows: */ - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - U+000D CARRIAGE RETURN (CR), or U+0020 SPACE */ - if($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Append the character to the current node. */ - $this->insertText($token['data']); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the current node with the data - attribute set to the data given in the comment token. */ - $this->insertComment($token['data']); - - /* A start tag with the tag name "frameset" */ - } elseif($token['name'] === 'frameset' && - $token['type'] === HTML5::STARTTAG) { - $this->insertElement($token); - - /* An end tag with the tag name "frameset" */ - } elseif($token['name'] === 'frameset' && - $token['type'] === HTML5::ENDTAG) { - /* If the current node is the root html element, then this is a - parse error; ignore the token. (innerHTML case) */ - if(end($this->stack)->nodeName === 'html') { - // Ignore - - } else { - /* Otherwise, pop the current node from the stack of open - elements. */ - array_pop($this->stack); - - /* If the parser was not originally created in order to handle - the setting of an element's innerHTML attribute (innerHTML case), - and the current node is no longer a frameset element, then change - the insertion mode to "after frameset". */ - $this->mode = self::AFTR_FRAME; - } - - /* A start tag with the tag name "frame" */ - } elseif($token['name'] === 'frame' && - $token['type'] === HTML5::STARTTAG) { - /* Insert an HTML element for the token. */ - $this->insertElement($token); - - /* Immediately pop the current node off the stack of open elements. */ - array_pop($this->stack); - - /* A start tag with the tag name "noframes" */ - } elseif($token['name'] === 'noframes' && - $token['type'] === HTML5::STARTTAG) { - /* Process the token as if the insertion mode had been "in body". */ - $this->inBody($token); - - /* Anything else */ - } else { - /* Parse error. Ignore the token. */ - } - } - - private function afterFrameset($token) - { - /* Handle the token as follows: */ - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - U+000D CARRIAGE RETURN (CR), or U+0020 SPACE */ - if($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Append the character to the current node. */ - $this->insertText($token['data']); - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the current node with the data - attribute set to the data given in the comment token. */ - $this->insertComment($token['data']); - - /* An end tag with the tag name "html" */ - } elseif($token['name'] === 'html' && - $token['type'] === HTML5::ENDTAG) { - /* Switch to the trailing end phase. */ - $this->phase = self::END_PHASE; - - /* A start tag with the tag name "noframes" */ - } elseif($token['name'] === 'noframes' && - $token['type'] === HTML5::STARTTAG) { - /* Process the token as if the insertion mode had been "in body". */ - $this->inBody($token); - - /* Anything else */ - } else { - /* Parse error. Ignore the token. */ - } - } - - private function trailingEndPhase($token) - { - /* After the main phase, as each token is emitted from the tokenisation - stage, it must be processed as described in this section. */ - - /* A DOCTYPE token */ - if($token['type'] === HTML5::DOCTYPE) { - // Parse error. Ignore the token. - - /* A comment token */ - } elseif($token['type'] === HTML5::COMMENT) { - /* Append a Comment node to the Document object with the data - attribute set to the data given in the comment token. */ - $comment = $this->dom->createComment($token['data']); - $this->dom->appendChild($comment); - - /* A character token that is one of one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE */ - } elseif($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) { - /* Process the token as it would be processed in the main phase. */ - $this->mainPhase($token); - - /* A character token that is not one of U+0009 CHARACTER TABULATION, - U+000A LINE FEED (LF), U+000B LINE TABULATION, U+000C FORM FEED (FF), - or U+0020 SPACE. Or a start tag token. Or an end tag token. */ - } elseif(($token['type'] === HTML5::CHARACTR && - preg_match('/^[\t\n\x0b\x0c ]+$/', $token['data'])) || - $token['type'] === HTML5::STARTTAG || $token['type'] === HTML5::ENDTAG) { - /* Parse error. Switch back to the main phase and reprocess the - token. */ - $this->phase = self::MAIN_PHASE; - return $this->mainPhase($token); - - /* An end-of-file token */ - } elseif($token['type'] === HTML5::EOF) { - /* OMG DONE!! */ - } - } - - private function insertElement($token, $append = true) - { - $el = $this->dom->createElement($token['name']); - - foreach($token['attr'] as $attr) { - if(!$el->hasAttribute($attr['name'])) { - $el->setAttribute($attr['name'], $attr['value']); - } - } - - $this->appendToRealParent($el); - $this->stack[] = $el; - - return $el; - } - - private function insertText($data) - { - $text = $this->dom->createTextNode($data); - $this->appendToRealParent($text); - } - - private function insertComment($data) - { - $comment = $this->dom->createComment($data); - $this->appendToRealParent($comment); - } - - private function appendToRealParent($node) - { - if($this->foster_parent === null) { - end($this->stack)->appendChild($node); - - } elseif($this->foster_parent !== null) { - /* If the foster parent element is the parent element of the - last table element in the stack of open elements, then the new - node must be inserted immediately before the last table element - in the stack of open elements in the foster parent element; - otherwise, the new node must be appended to the foster parent - element. */ - for($n = count($this->stack) - 1; $n >= 0; $n--) { - if($this->stack[$n]->nodeName === 'table' && - $this->stack[$n]->parentNode !== null) { - $table = $this->stack[$n]; - break; - } - } - - if(isset($table) && $this->foster_parent->isSameNode($table->parentNode)) - $this->foster_parent->insertBefore($node, $table); - else - $this->foster_parent->appendChild($node); - - $this->foster_parent = null; - } - } - - private function elementInScope($el, $table = false) - { - if(is_array($el)) { - foreach($el as $element) { - if($this->elementInScope($element, $table)) { - return true; - } - } - - return false; - } - - $leng = count($this->stack); - - for($n = 0; $n < $leng; $n++) { - /* 1. Initialise node to be the current node (the bottommost node of - the stack). */ - $node = $this->stack[$leng - 1 - $n]; - - if($node->tagName === $el) { - /* 2. If node is the target node, terminate in a match state. */ - return true; - - } elseif($node->tagName === 'table') { - /* 3. Otherwise, if node is a table element, terminate in a failure - state. */ - return false; - - } elseif($table === true && in_array($node->tagName, array('caption', 'td', - 'th', 'button', 'marquee', 'object'))) { - /* 4. Otherwise, if the algorithm is the "has an element in scope" - variant (rather than the "has an element in table scope" variant), - and node is one of the following, terminate in a failure state. */ - return false; - - } elseif($node === $node->ownerDocument->documentElement) { - /* 5. Otherwise, if node is an html element (root element), terminate - in a failure state. (This can only happen if the node is the topmost - node of the stack of open elements, and prevents the next step from - being invoked if there are no more elements in the stack.) */ - return false; - } - - /* Otherwise, set node to the previous entry in the stack of open - elements and return to step 2. (This will never fail, since the loop - will always terminate in the previous step if the top of the stack - is reached.) */ - } - } - - private function reconstructActiveFormattingElements() - { - /* 1. If there are no entries in the list of active formatting elements, - then there is nothing to reconstruct; stop this algorithm. */ - $formatting_elements = count($this->a_formatting); - - if($formatting_elements === 0) { - return false; - } - - /* 3. Let entry be the last (most recently added) element in the list - of active formatting elements. */ - $entry = end($this->a_formatting); - - /* 2. If the last (most recently added) entry in the list of active - formatting elements is a marker, or if it is an element that is in the - stack of open elements, then there is nothing to reconstruct; stop this - algorithm. */ - if($entry === self::MARKER || in_array($entry, $this->stack, true)) { - return false; - } - - for($a = $formatting_elements - 1; $a >= 0; true) { - /* 4. If there are no entries before entry in the list of active - formatting elements, then jump to step 8. */ - if($a === 0) { - $step_seven = false; - break; - } - - /* 5. Let entry be the entry one earlier than entry in the list of - active formatting elements. */ - $a--; - $entry = $this->a_formatting[$a]; - - /* 6. If entry is neither a marker nor an element that is also in - thetack of open elements, go to step 4. */ - if($entry === self::MARKER || in_array($entry, $this->stack, true)) { - break; - } - } - - while(true) { - /* 7. Let entry be the element one later than entry in the list of - active formatting elements. */ - if(isset($step_seven) && $step_seven === true) { - $a++; - $entry = $this->a_formatting[$a]; - } - - /* 8. Perform a shallow clone of the element entry to obtain clone. */ - $clone = $entry->cloneNode(); - - /* 9. Append clone to the current node and push it onto the stack - of open elements so that it is the new current node. */ - end($this->stack)->appendChild($clone); - $this->stack[] = $clone; - - /* 10. Replace the entry for entry in the list with an entry for - clone. */ - $this->a_formatting[$a] = $clone; - - /* 11. If the entry for clone in the list of active formatting - elements is not the last entry in the list, return to step 7. */ - if(end($this->a_formatting) !== $clone) { - $step_seven = true; - } else { - break; - } - } - } - - private function clearTheActiveFormattingElementsUpToTheLastMarker() - { - /* When the steps below require the UA to clear the list of active - formatting elements up to the last marker, the UA must perform the - following steps: */ - - while(true) { - /* 1. Let entry be the last (most recently added) entry in the list - of active formatting elements. */ - $entry = end($this->a_formatting); - - /* 2. Remove entry from the list of active formatting elements. */ - array_pop($this->a_formatting); - - /* 3. If entry was a marker, then stop the algorithm at this point. - The list has been cleared up to the last marker. */ - if($entry === self::MARKER) { - break; - } - } - } - - private function generateImpliedEndTags(array $exclude = array()) - { - /* When the steps below require the UA to generate implied end tags, - then, if the current node is a dd element, a dt element, an li element, - a p element, a td element, a th element, or a tr element, the UA must - act as if an end tag with the respective tag name had been seen and - then generate implied end tags again. */ - $node = end($this->stack); - $elements = array_diff(array('dd', 'dt', 'li', 'p', 'td', 'th', 'tr'), $exclude); - - while(in_array(end($this->stack)->nodeName, $elements)) { - array_pop($this->stack); - } - } - - private function getElementCategory($name) - { - if(in_array($name, $this->special)) - return self::SPECIAL; - - elseif(in_array($name, $this->scoping)) - return self::SCOPING; - - elseif(in_array($name, $this->formatting)) - return self::FORMATTING; - - else - return self::PHRASING; - } - - private function clearStackToTableContext($elements) - { - /* When the steps above require the UA to clear the stack back to a - table context, it means that the UA must, while the current node is not - a table element or an html element, pop elements from the stack of open - elements. If this causes any elements to be popped from the stack, then - this is a parse error. */ - while(true) { - $node = end($this->stack)->nodeName; - - if(in_array($node, $elements)) { - break; - } else { - array_pop($this->stack); - } - } - } - - private function resetInsertionMode() - { - /* 1. Let last be false. */ - $last = false; - $leng = count($this->stack); - - for($n = $leng - 1; $n >= 0; $n--) { - /* 2. Let node be the last node in the stack of open elements. */ - $node = $this->stack[$n]; - - /* 3. If node is the first node in the stack of open elements, then - set last to true. If the element whose innerHTML attribute is being - set is neither a td element nor a th element, then set node to the - element whose innerHTML attribute is being set. (innerHTML case) */ - if($this->stack[0]->isSameNode($node)) { - $last = true; - } - - /* 4. If node is a select element, then switch the insertion mode to - "in select" and abort these steps. (innerHTML case) */ - if($node->nodeName === 'select') { - $this->mode = self::IN_SELECT; - break; - - /* 5. If node is a td or th element, then switch the insertion mode - to "in cell" and abort these steps. */ - } elseif($node->nodeName === 'td' || $node->nodeName === 'th') { - $this->mode = self::IN_CELL; - break; - - /* 6. If node is a tr element, then switch the insertion mode to - "in row" and abort these steps. */ - } elseif($node->nodeName === 'tr') { - $this->mode = self::IN_ROW; - break; - - /* 7. If node is a tbody, thead, or tfoot element, then switch the - insertion mode to "in table body" and abort these steps. */ - } elseif(in_array($node->nodeName, array('tbody', 'thead', 'tfoot'))) { - $this->mode = self::IN_TBODY; - break; - - /* 8. If node is a caption element, then switch the insertion mode - to "in caption" and abort these steps. */ - } elseif($node->nodeName === 'caption') { - $this->mode = self::IN_CAPTION; - break; - - /* 9. If node is a colgroup element, then switch the insertion mode - to "in column group" and abort these steps. (innerHTML case) */ - } elseif($node->nodeName === 'colgroup') { - $this->mode = self::IN_CGROUP; - break; - - /* 10. If node is a table element, then switch the insertion mode - to "in table" and abort these steps. */ - } elseif($node->nodeName === 'table') { - $this->mode = self::IN_TABLE; - break; - - /* 11. If node is a head element, then switch the insertion mode - to "in body" ("in body"! not "in head"!) and abort these steps. - (innerHTML case) */ - } elseif($node->nodeName === 'head') { - $this->mode = self::IN_BODY; - break; - - /* 12. If node is a body element, then switch the insertion mode to - "in body" and abort these steps. */ - } elseif($node->nodeName === 'body') { - $this->mode = self::IN_BODY; - break; - - /* 13. If node is a frameset element, then switch the insertion - mode to "in frameset" and abort these steps. (innerHTML case) */ - } elseif($node->nodeName === 'frameset') { - $this->mode = self::IN_FRAME; - break; - - /* 14. If node is an html element, then: if the head element - pointer is null, switch the insertion mode to "before head", - otherwise, switch the insertion mode to "after head". In either - case, abort these steps. (innerHTML case) */ - } elseif($node->nodeName === 'html') { - $this->mode = ($this->head_pointer === null) - ? self::BEFOR_HEAD - : self::AFTER_HEAD; - - break; - - /* 15. If last is true, then set the insertion mode to "in body" - and abort these steps. (innerHTML case) */ - } elseif($last) { - $this->mode = self::IN_BODY; - break; - } - } - } - - private function closeCell() - { - /* If the stack of open elements has a td or th element in table scope, - then act as if an end tag token with that tag name had been seen. */ - foreach(array('td', 'th') as $cell) { - if($this->elementInScope($cell, true)) { - $this->inCell(array( - 'name' => $cell, - 'type' => HTML5::ENDTAG - )); - - break; - } - } - } - - public function save() - { - return $this->dom; - } -} diff --git a/vendor/ezyang/htmlpurifier/maintenance/add-vimline.php b/vendor/ezyang/htmlpurifier/maintenance/add-vimline.php deleted file mode 100644 index d6a8eb202..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/add-vimline.php +++ /dev/null @@ -1,130 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -/** - * @file - * Adds vimline to files - */ - -chdir(dirname(__FILE__) . '/..'); -$FS = new FSTools(); - -$vimline = 'vim: et sw=4 sts=4'; - -$files = $FS->globr('.', '*'); -foreach ($files as $file) { - if ( - !is_file($file) || - prefix_is('./docs/doxygen', $file) || - prefix_is('./library/standalone', $file) || - prefix_is('./docs/specimens', $file) || - postfix_is('.ser', $file) || - postfix_is('.tgz', $file) || - postfix_is('.patch', $file) || - postfix_is('.dtd', $file) || - postfix_is('.ent', $file) || - postfix_is('.png', $file) || - postfix_is('.ico', $file) || - // wontfix - postfix_is('.vtest', $file) || - postfix_is('.svg', $file) || - postfix_is('.phpt', $file) || - postfix_is('VERSION', $file) || - postfix_is('WHATSNEW', $file) || - postfix_is('configdoc/usage.xml', $file) || - postfix_is('library/HTMLPurifier.includes.php', $file) || - postfix_is('library/HTMLPurifier.safe-includes.php', $file) || - postfix_is('smoketests/xssAttacks.xml', $file) || - // phpt files - postfix_is('.diff', $file) || - postfix_is('.exp', $file) || - postfix_is('.log', $file) || - postfix_is('.out', $file) || - - $file == './library/HTMLPurifier/Lexer/PH5P.php' || - $file == './maintenance/PH5P.php' - ) continue; - $ext = strrchr($file, '.'); - if ( - postfix_is('README', $file) || - postfix_is('LICENSE', $file) || - postfix_is('CREDITS', $file) || - postfix_is('INSTALL', $file) || - postfix_is('NEWS', $file) || - postfix_is('TODO', $file) || - postfix_is('WYSIWYG', $file) || - postfix_is('Changelog', $file) - ) $ext = '.txt'; - if (postfix_is('Doxyfile', $file)) $ext = 'Doxyfile'; - if (postfix_is('.php.in', $file)) $ext = '.php'; - $no_nl = false; - switch ($ext) { - case '.php': - case '.inc': - case '.js': - $line = '// %s'; - break; - case '.html': - case '.xsl': - case '.xml': - case '.htc': - $line = "<!-- %s\n-->"; - break; - case '.htmlt': - $no_nl = true; - $line = '--# %s'; - break; - case '.ini': - $line = '; %s'; - break; - case '.css': - $line = '/* %s */'; - break; - case '.bat': - $line = 'rem %s'; - break; - case '.txt': - case '.utf8': - if ( - prefix_is('./library/HTMLPurifier/ConfigSchema', $file) || - prefix_is('./smoketests/test-schema', $file) || - prefix_is('./tests/HTMLPurifier/StringHashParser', $file) - ) { - $no_nl = true; - $line = '--# %s'; - } else { - $line = ' %s'; - } - break; - case 'Doxyfile': - $line = '# %s'; - break; - default: - throw new Exception('Unknown file: ' . $file); - } - - echo "$file\n"; - $contents = file_get_contents($file); - - $regex = '~' . str_replace('%s', 'vim: .+', preg_quote($line, '~')) . '~m'; - $contents = preg_replace($regex, '', $contents); - - $contents = rtrim($contents); - - if (strpos($contents, "\r\n") !== false) $nl = "\r\n"; - elseif (strpos($contents, "\n") !== false) $nl = "\n"; - elseif (strpos($contents, "\r") !== false) $nl = "\r"; - else $nl = PHP_EOL; - - if (!$no_nl) $contents .= $nl; - $contents .= $nl . str_replace('%s', $vimline, $line) . $nl; - - file_put_contents($file, $contents); - -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/common.php b/vendor/ezyang/htmlpurifier/maintenance/common.php deleted file mode 100644 index 342bc205a..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/common.php +++ /dev/null @@ -1,25 +0,0 @@ -<?php - -function assertCli() -{ - if (php_sapi_name() != 'cli' && !getenv('PHP_IS_CLI')) { - echo 'Script cannot be called from web-browser (if you are indeed calling via cli, -set environment variable PHP_IS_CLI to work around this).'; - exit(1); - } -} - -function prefix_is($comp, $subject) -{ - return strncmp($comp, $subject, strlen($comp)) === 0; -} - -function postfix_is($comp, $subject) -{ - return strlen($subject) < $comp ? false : substr($subject, -strlen($comp)) === $comp; -} - -// Load useful stuff like FSTools -require_once dirname(__FILE__) . '/../extras/HTMLPurifierExtras.auto.php'; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/compile-doxygen.sh b/vendor/ezyang/htmlpurifier/maintenance/compile-doxygen.sh deleted file mode 100644 index ecd1127fd..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/compile-doxygen.sh +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -cd .. -mkdir docs/doxygen -rm -Rf docs/doxygen/* -doxygen 1>docs/doxygen/info.log 2>docs/doxygen/errors.log -if [ "$?" != 0 ]; then - cat docs/doxygen/errors.log - exit -fi -cd docs -tar czf doxygen.tgz doxygen diff --git a/vendor/ezyang/htmlpurifier/maintenance/config-scanner.php b/vendor/ezyang/htmlpurifier/maintenance/config-scanner.php deleted file mode 100644 index c614d1fbc..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/config-scanner.php +++ /dev/null @@ -1,155 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -require_once '../library/HTMLPurifier.auto.php'; -assertCli(); - -if (version_compare(PHP_VERSION, '5.2.2', '<')) { - echo "This script requires PHP 5.2.2 or later, for tokenizer line numbers."; - exit(1); -} - -/** - * @file - * Scans HTML Purifier source code for $config tokens and records the - * directive being used; configdoc can use this info later. - * - * Currently, this just dumps all the info onto the console. Eventually, it - * will create an XML file that our XSLT transform can use. - */ - -$FS = new FSTools(); -chdir(dirname(__FILE__) . '/../library/'); -$raw_files = $FS->globr('.', '*.php'); -$files = array(); -foreach ($raw_files as $file) { - $file = substr($file, 2); // rm leading './' - if (strncmp('standalone/', $file, 11) === 0) continue; // rm generated files - if (substr_count($file, '.') > 1) continue; // rm meta files - $files[] = $file; -} - -/** - * Moves the $i cursor to the next non-whitespace token - */ -function consumeWhitespace($tokens, &$i) -{ - do {$i++;} while (is_array($tokens[$i]) && $tokens[$i][0] === T_WHITESPACE); -} - -/** - * Tests whether or not a token is a particular type. There are three run-cases: - * - ($token, $expect_token): tests if the token is $expect_token type; - * - ($token, $expect_value): tests if the token is the string $expect_value; - * - ($token, $expect_token, $expect_value): tests if token is $expect_token type, and - * its string representation is $expect_value - */ -function testToken($token, $value_or_token, $value = null) -{ - if (is_null($value)) { - if (is_int($value_or_token)) return is_array($token) && $token[0] === $value_or_token; - else return $token === $value_or_token; - } else { - return is_array($token) && $token[0] === $value_or_token && $token[1] === $value; - } -} - -$counter = 0; -$full_counter = 0; -$tracker = array(); - -foreach ($files as $file) { - $tokens = token_get_all(file_get_contents($file)); - $file = str_replace('\\', '/', $file); - for ($i = 0, $c = count($tokens); $i < $c; $i++) { - $ok = false; - // Match $config - if (!$ok && testToken($tokens[$i], T_VARIABLE, '$config')) $ok = true; - // Match $this->config - while (!$ok && testToken($tokens[$i], T_VARIABLE, '$this')) { - consumeWhitespace($tokens, $i); - if (!testToken($tokens[$i], T_OBJECT_OPERATOR)) break; - consumeWhitespace($tokens, $i); - if (testToken($tokens[$i], T_STRING, 'config')) $ok = true; - break; - } - if (!$ok) continue; - - $ok = false; - for($i++; $i < $c; $i++) { - if ($tokens[$i] === ',' || $tokens[$i] === ')' || $tokens[$i] === ';') { - break; - } - if (is_string($tokens[$i])) continue; - if ($tokens[$i][0] === T_OBJECT_OPERATOR) { - $ok = true; - break; - } - } - if (!$ok) continue; - - $line = $tokens[$i][2]; - - consumeWhitespace($tokens, $i); - if (!testToken($tokens[$i], T_STRING, 'get')) continue; - - consumeWhitespace($tokens, $i); - if (!testToken($tokens[$i], '(')) continue; - - $full_counter++; - - $matched = false; - do { - - // What we currently don't match are batch retrievals, and - // wildcard retrievals. This data might be useful in the future, - // which is why we have a do {} while loop that doesn't actually - // do anything. - - consumeWhitespace($tokens, $i); - if (!testToken($tokens[$i], T_CONSTANT_ENCAPSED_STRING)) continue; - $id = substr($tokens[$i][1], 1, -1); - - $counter++; - $matched = true; - - if (!isset($tracker[$id])) $tracker[$id] = array(); - if (!isset($tracker[$id][$file])) $tracker[$id][$file] = array(); - $tracker[$id][$file][] = $line; - - } while (0); - - //echo "$file:$line uses $namespace.$directive\n"; - } -} - -echo "\n$counter/$full_counter instances of \$config or \$this->config found in source code.\n"; - -echo "Generating XML... "; - -$xw = new XMLWriter(); -$xw->openURI('../configdoc/usage.xml'); -$xw->setIndent(true); -$xw->startDocument('1.0', 'UTF-8'); -$xw->startElement('usage'); -foreach ($tracker as $id => $files) { - $xw->startElement('directive'); - $xw->writeAttribute('id', $id); - foreach ($files as $file => $lines) { - $xw->startElement('file'); - $xw->writeAttribute('name', $file); - foreach ($lines as $line) { - $xw->writeElement('line', $line); - } - $xw->endElement(); - } - $xw->endElement(); -} -$xw->endElement(); -$xw->flush(); - -echo "done!\n"; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/flush-definition-cache.php b/vendor/ezyang/htmlpurifier/maintenance/flush-definition-cache.php deleted file mode 100644 index 138badb65..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/flush-definition-cache.php +++ /dev/null @@ -1,42 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -/** - * @file - * Flushes the definition serial cache. This file should be - * called if changes to any subclasses of HTMLPurifier_Definition - * or related classes (such as HTMLPurifier_HTMLModule) are made. This - * may also be necessary if you've modified a customized version. - * - * @param Accepts one argument, cache type to flush; otherwise flushes all - * the caches. - */ - -echo "Flushing cache... \n"; - -require_once(dirname(__FILE__) . '/../library/HTMLPurifier.auto.php'); - -$config = HTMLPurifier_Config::createDefault(); - -$names = array('HTML', 'CSS', 'URI', 'Test'); -if (isset($argv[1])) { - if (in_array($argv[1], $names)) { - $names = array($argv[1]); - } else { - throw new Exception("Cache parameter {$argv[1]} is not a valid cache"); - } -} - -foreach ($names as $name) { - echo " - Flushing $name\n"; - $cache = new HTMLPurifier_DefinitionCache_Serializer($name); - $cache->flush($config); -} - -echo "Cache flushed successfully.\n"; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/flush.sh b/vendor/ezyang/htmlpurifier/maintenance/flush.sh deleted file mode 100644 index 65ef6f8cc..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/flush.sh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -set -ex -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" -php "$DIR/generate-includes.php" -php "$DIR/generate-schema-cache.php" -php "$DIR/flush-definition-cache.php" -php "$DIR/generate-standalone.php" -php "$DIR/config-scanner.php" diff --git a/vendor/ezyang/htmlpurifier/maintenance/generate-entity-file.php b/vendor/ezyang/htmlpurifier/maintenance/generate-entity-file.php deleted file mode 100644 index ff1713e39..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/generate-entity-file.php +++ /dev/null @@ -1,75 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -/** - * @file - * Parses *.ent files into an entity lookup table, and then serializes and - * writes the whole kaboodle to a file. The resulting file is cached so - * that this script does not need to be run. This script should rarely, - * if ever, be run, since HTML's entities are fairly immutable. - */ - -// here's where the entity files are located, assuming working directory -// is the same as the location of this PHP file. Needs trailing slash. -$entity_dir = '../docs/entities/'; - -// defines the output file for the serialized content. -$output_file = '../library/HTMLPurifier/EntityLookup/entities.ser'; - -// courtesy of a PHP manual comment -function unichr($dec) -{ - if ($dec < 128) { - $utf = chr($dec); - } elseif ($dec < 2048) { - $utf = chr(192 + (($dec - ($dec % 64)) / 64)); - $utf .= chr(128 + ($dec % 64)); - } else { - $utf = chr(224 + (($dec - ($dec % 4096)) / 4096)); - $utf .= chr(128 + ((($dec % 4096) - ($dec % 64)) / 64)); - $utf .= chr(128 + ($dec % 64)); - } - return $utf; -} - -if ( !is_dir($entity_dir) ) exit("Fatal Error: Can't find entity directory.\n"); -if ( file_exists($output_file) ) exit("Fatal Error: output file already exists.\n"); - -$dh = @opendir($entity_dir); -if ( !$dh ) exit("Fatal Error: Cannot read entity directory.\n"); - -$entity_files = array(); -while (($file = readdir($dh)) !== false) { - if (@$file[0] === '.') continue; - if (substr(strrchr($file, "."), 1) !== 'ent') continue; - $entity_files[] = $file; -} -closedir($dh); - -if ( !$entity_files ) exit("Fatal Error: No entity files to parse.\n"); - -$entity_table = array(); -$regexp = '/<!ENTITY\s+([A-Za-z0-9]+)\s+"&#(?:38;#)?([0-9]+);">/'; - -foreach ( $entity_files as $file ) { - $contents = file_get_contents($entity_dir . $file); - $matches = array(); - preg_match_all($regexp, $contents, $matches, PREG_SET_ORDER); - foreach ($matches as $match) { - $entity_table[$match[1]] = unichr($match[2]); - } -} - -$output = serialize($entity_table); - -$fh = fopen($output_file, 'w'); -fwrite($fh, $output); -fclose($fh); - -echo "Completed successfully."; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/generate-includes.php b/vendor/ezyang/htmlpurifier/maintenance/generate-includes.php deleted file mode 100644 index 01e1c2aba..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/generate-includes.php +++ /dev/null @@ -1,192 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -require_once '../tests/path2class.func.php'; -require_once '../library/HTMLPurifier/Bootstrap.php'; -assertCli(); - -/** - * @file - * Generates an include stub for users who do not want to use the autoloader. - * When new files are added to HTML Purifier's main codebase, this file should - * be called. - */ - -chdir(dirname(__FILE__) . '/../library/'); -$FS = new FSTools(); - -$exclude_dirs = array( - 'HTMLPurifier/Language/', - 'HTMLPurifier/ConfigSchema/', - 'HTMLPurifier/Filter/', - 'HTMLPurifier/Printer/', - /* These should be excluded, but need to have ConfigSchema support first - - */ -); -$exclude_files = array( - 'HTMLPurifier/Lexer/PEARSax3.php', - 'HTMLPurifier/Lexer/PH5P.php', - 'HTMLPurifier/Printer.php', -); - -// Determine what files need to be included: -echo 'Scanning for files... '; -$raw_files = $FS->globr('.', '*.php'); -if (!$raw_files) throw new Exception('Did not find any PHP source files'); -$files = array(); -foreach ($raw_files as $file) { - $file = substr($file, 2); // rm leading './' - if (strncmp('standalone/', $file, 11) === 0) continue; // rm generated files - if (substr_count($file, '.') > 1) continue; // rm meta files - $ok = true; - foreach ($exclude_dirs as $dir) { - if (strncmp($dir, $file, strlen($dir)) === 0) { - $ok = false; - break; - } - } - if (!$ok) continue; // rm excluded directories - if (in_array($file, $exclude_files)) continue; // rm excluded files - $files[] = $file; -} -echo "done!\n"; - -// Reorder list so that dependencies are included first: - -/** - * Returns a lookup array of dependencies for a file. - * - * @note This function expects that format $name extends $parent on one line - * - * @param string $file - * File to check dependencies of. - * @return array - * Lookup array of files the file is dependent on, sorted accordingly. - */ -function get_dependency_lookup($file) -{ - static $cache = array(); - if (isset($cache[$file])) return $cache[$file]; - if (!file_exists($file)) { - echo "File doesn't exist: $file\n"; - return array(); - } - $fh = fopen($file, 'r'); - $deps = array(); - while (!feof($fh)) { - $line = fgets($fh); - if (strncmp('class', $line, 5) === 0) { - // The implementation here is fragile and will break if we attempt - // to use interfaces. Beware! - $arr = explode(' extends ', trim($line, ' {'."\n\r"), 2); - if (count($arr) < 2) break; - $parent = $arr[1]; - $dep_file = HTMLPurifier_Bootstrap::getPath($parent); - if (!$dep_file) break; - $deps[$dep_file] = true; - break; - } - } - fclose($fh); - foreach (array_keys($deps) as $file) { - // Extra dependencies must come *before* base dependencies - $deps = get_dependency_lookup($file) + $deps; - } - $cache[$file] = $deps; - return $deps; -} - -/** - * Sorts files based on dependencies. This function is lazy and will not - * group files with dependencies together; it will merely ensure that a file - * is never included before its dependencies are. - * - * @param $files - * Files array to sort. - * @return - * Sorted array ($files is not modified by reference!) - */ -function dep_sort($files) -{ - $ret = array(); - $cache = array(); - foreach ($files as $file) { - if (isset($cache[$file])) continue; - $deps = get_dependency_lookup($file); - foreach (array_keys($deps) as $dep) { - if (!isset($cache[$dep])) { - $ret[] = $dep; - $cache[$dep] = true; - } - } - $cache[$file] = true; - $ret[] = $file; - } - return $ret; -} - -$files = dep_sort($files); - -// Build the actual include stub: - -$version = trim(file_get_contents('../VERSION')); - -// stub -$php = "<?php - -/** - * @file - * This file was auto-generated by generate-includes.php and includes all of - * the core files required by HTML Purifier. Use this if performance is a - * primary concern and you are using an opcode cache. PLEASE DO NOT EDIT THIS - * FILE, changes will be overwritten the next time the script is run. - * - * @version $version - * - * @warning - * You must *not* include any other HTML Purifier files before this file, - * because 'require' not 'require_once' is used. - * - * @warning - * This file requires that the include path contains the HTML Purifier - * library directory; this is not auto-set. - */ - -"; - -foreach ($files as $file) { - $php .= "require '$file';" . PHP_EOL; -} - -echo "Writing HTMLPurifier.includes.php... "; -file_put_contents('HTMLPurifier.includes.php', $php); -echo "done!\n"; - -$php = "<?php - -/** - * @file - * This file was auto-generated by generate-includes.php and includes all of - * the core files required by HTML Purifier. This is a convenience stub that - * includes all files using dirname(__FILE__) and require_once. PLEASE DO NOT - * EDIT THIS FILE, changes will be overwritten the next time the script is run. - * - * Changes to include_path are not necessary. - */ - -\$__dir = dirname(__FILE__); - -"; - -foreach ($files as $file) { - $php .= "require_once \$__dir . '/$file';" . PHP_EOL; -} - -echo "Writing HTMLPurifier.safe-includes.php... "; -file_put_contents('HTMLPurifier.safe-includes.php', $php); -echo "done!\n"; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/generate-ph5p-patch.php b/vendor/ezyang/htmlpurifier/maintenance/generate-ph5p-patch.php deleted file mode 100644 index c92a7d211..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/generate-ph5p-patch.php +++ /dev/null @@ -1,22 +0,0 @@ -<?php - -/** - * @file - * This file compares our version of PH5P with Jero's original version, and - * generates a patch of the differences. This script should be run whenever - * library/HTMLPurifier/Lexer/PH5P.php is modified. - */ - -$orig = realpath(dirname(__FILE__) . '/PH5P.php'); -$new = realpath(dirname(__FILE__) . '/../library/HTMLPurifier/Lexer/PH5P.php'); -$newt = dirname(__FILE__) . '/PH5P.new.php'; // temporary file - -// minor text-processing of new file to get into same format as original -$new_src = file_get_contents($new); -$new_src = '<?php' . PHP_EOL . substr($new_src, strpos($new_src, 'class HTML5 {')); - -file_put_contents($newt, $new_src); -shell_exec("diff -u \"$orig\" \"$newt\" > PH5P.patch"); -unlink($newt); - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/generate-schema-cache.php b/vendor/ezyang/htmlpurifier/maintenance/generate-schema-cache.php deleted file mode 100644 index 339ff12da..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/generate-schema-cache.php +++ /dev/null @@ -1,45 +0,0 @@ -#!/usr/bin/php -<?php - -require_once dirname(__FILE__) . '/common.php'; -require_once dirname(__FILE__) . '/../library/HTMLPurifier.auto.php'; -assertCli(); - -/** - * @file - * Generates a schema cache file, saving it to - * library/HTMLPurifier/ConfigSchema/schema.ser. - * - * This should be run when new configuration options are added to - * HTML Purifier. A cached version is available via the repository - * so this does not normally have to be regenerated. - * - * If you have a directory containing custom configuration schema files, - * you can simple add a path to that directory as a parameter to - * this, and they will get included. - */ - -$target = dirname(__FILE__) . '/../library/HTMLPurifier/ConfigSchema/schema.ser'; - -$builder = new HTMLPurifier_ConfigSchema_InterchangeBuilder(); -$interchange = new HTMLPurifier_ConfigSchema_Interchange(); - -$builder->buildDir($interchange); - -$loader = dirname(__FILE__) . '/../config-schema.php'; -if (file_exists($loader)) include $loader; -foreach ($_SERVER['argv'] as $i => $dir) { - if ($i === 0) continue; - $builder->buildDir($interchange, realpath($dir)); -} - -$interchange->validate(); - -$schema_builder = new HTMLPurifier_ConfigSchema_Builder_ConfigSchema(); -$schema = $schema_builder->build($interchange); - -echo "Saving schema... "; -file_put_contents($target, serialize($schema)); -echo "done!\n"; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/generate-standalone.php b/vendor/ezyang/htmlpurifier/maintenance/generate-standalone.php deleted file mode 100644 index 254d4d83b..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/generate-standalone.php +++ /dev/null @@ -1,159 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -/** - * @file - * Compiles all of HTML Purifier's library files into one big file - * named HTMLPurifier.standalone.php. This is usually called during the - * release process. - */ - -/** - * Global hash that tracks already loaded includes - */ -$GLOBALS['loaded'] = array(); - -/** - * Custom FSTools for this script that overloads some behavior - * @warning The overloading of copy() is not necessarily global for - * this script. Watch out! - */ -class MergeLibraryFSTools extends FSTools -{ - public function copyable($entry) - { - // Skip hidden files - if ($entry[0] == '.') { - return false; - } - return true; - } - public function copy($source, $dest) - { - copy_and_remove_includes($source, $dest); - } -} -$FS = new MergeLibraryFSTools(); - -/** - * Replaces the includes inside PHP source code with the corresponding - * source. - * @param string $text PHP source code to replace includes from - */ -function replace_includes($text) -{ - // also remove vim modelines - return preg_replace_callback( - "/require(?:_once)? ['\"]([^'\"]+)['\"];/", - 'replace_includes_callback', - $text - ); -} - -/** - * Removes leading PHP tags from included files. Assumes that there is - * no trailing tag. Also removes vim modelines. - * @note This is safe for files that have internal <?php - * @param string $text Text to have leading PHP tag from - */ -function remove_php_tags($text) -{ - $text = preg_replace('#// vim:.+#', '', $text); - return substr($text, 5); -} - -/** - * Copies the contents of a directory to the standalone directory - * @param string $dir Directory to copy - */ -function make_dir_standalone($dir) -{ - global $FS; - return $FS->copyr($dir, 'standalone/' . $dir); -} - -/** - * Copies the contents of a file to the standalone directory - * @param string $file File to copy - */ -function make_file_standalone($file) -{ - global $FS; - $FS->mkdirr('standalone/' . dirname($file)); - copy_and_remove_includes($file, 'standalone/' . $file); - return true; -} - -/** - * Copies a file to another location recursively, if it is a PHP file - * remove includes - * @param string $file Original file - * @param string $sfile New location of file - */ -function copy_and_remove_includes($file, $sfile) -{ - $contents = file_get_contents($file); - if (strrchr($file, '.') === '.php') $contents = replace_includes($contents); - return file_put_contents($sfile, $contents); -} - -/** - * @param $matches preg_replace_callback matches array, where index 1 - * is the filename to include - */ -function replace_includes_callback($matches) -{ - $file = $matches[1]; - $preserve = array( - // PEAR (external) - 'XML/HTMLSax3.php' => 1 - ); - if (isset($preserve[$file])) { - return $matches[0]; - } - if (isset($GLOBALS['loaded'][$file])) return ''; - $GLOBALS['loaded'][$file] = true; - return replace_includes(remove_php_tags(file_get_contents($file))); -} - -echo 'Generating includes file... '; -shell_exec('php generate-includes.php'); -echo "done!\n"; - -chdir(dirname(__FILE__) . '/../library/'); - -echo 'Creating full file...'; -$contents = replace_includes(file_get_contents('HTMLPurifier.includes.php')); -$contents = str_replace( - // Note that bootstrap is now inside the standalone file - "define('HTMLPURIFIER_PREFIX', realpath(dirname(__FILE__) . '/..'));", - "define('HTMLPURIFIER_PREFIX', dirname(__FILE__) . '/standalone'); - set_include_path(HTMLPURIFIER_PREFIX . PATH_SEPARATOR . get_include_path());", - $contents -); -file_put_contents('HTMLPurifier.standalone.php', $contents); -echo ' done!' . PHP_EOL; - -echo 'Creating standalone directory...'; -$FS->rmdirr('standalone'); // ensure a clean copy - -// data files -$FS->mkdirr('standalone/HTMLPurifier/DefinitionCache/Serializer'); -make_file_standalone('HTMLPurifier/EntityLookup/entities.ser'); -make_file_standalone('HTMLPurifier/ConfigSchema/schema.ser'); - -// non-standard inclusion setup -make_dir_standalone('HTMLPurifier/ConfigSchema'); -make_dir_standalone('HTMLPurifier/Language'); -make_dir_standalone('HTMLPurifier/Filter'); -make_dir_standalone('HTMLPurifier/Printer'); -make_file_standalone('HTMLPurifier/Printer.php'); -make_file_standalone('HTMLPurifier/Lexer/PH5P.php'); - -echo ' done!' . PHP_EOL; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/merge-library.php b/vendor/ezyang/htmlpurifier/maintenance/merge-library.php deleted file mode 100644 index de2eecdc0..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/merge-library.php +++ /dev/null @@ -1,11 +0,0 @@ -#!/usr/bin/php -<?php - -/** - * @file - * Deprecated in favor of generate-standalone.php. - */ - -require dirname(__FILE__) . '/generate-standalone.php'; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/old-extract-schema.php b/vendor/ezyang/htmlpurifier/maintenance/old-extract-schema.php deleted file mode 100644 index 514a08dd9..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/old-extract-schema.php +++ /dev/null @@ -1,71 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -echo "Please do not run this script. It is here for historical purposes only."; -exit; - -/** - * @file - * Extracts all definitions inside a configuration schema - * (HTMLPurifier_ConfigSchema) and exports them as plain text files. - * - * @todo Extract version numbers. - */ - -define('HTMLPURIFIER_SCHEMA_STRICT', true); // description data needs to be collected -require_once dirname(__FILE__) . '/../library/HTMLPurifier.auto.php'; - -// We need includes to ensure all HTMLPurifier_ConfigSchema calls are -// performed. -require_once 'HTMLPurifier.includes.php'; - -// Also, these extra files will be necessary. -require_once 'HTMLPurifier/Filter/ExtractStyleBlocks.php'; - -/** - * Takes a hash and saves its contents to library/HTMLPurifier/ConfigSchema/ - */ -function saveHash($hash) -{ - if ($hash === false) return; - $dir = realpath(dirname(__FILE__) . '/../library/HTMLPurifier/ConfigSchema'); - $name = $hash['ID'] . '.txt'; - $file = $dir . '/' . $name; - if (file_exists($file)) { - trigger_error("File already exists; skipped $name"); - return; - } - $file = new FSTools_File($file); - $file->open('w'); - $multiline = false; - foreach ($hash as $key => $value) { - $multiline = $multiline || (strpos($value, "\n") !== false); - if ($multiline) { - $file->put("--$key--" . PHP_EOL); - $file->put(str_replace("\n", PHP_EOL, $value) . PHP_EOL); - } else { - if ($key == 'ID') { - $file->put("$value" . PHP_EOL); - } else { - $file->put("$key: $value" . PHP_EOL); - } - } - } - $file->close(); -} - -$schema = HTMLPurifier_ConfigSchema::instance(); -$adapter = new HTMLPurifier_ConfigSchema_StringHashReverseAdapter($schema); - -foreach ($schema->info as $ns => $ns_array) { - saveHash($adapter->get($ns)); - foreach ($ns_array as $dir => $x) { - saveHash($adapter->get($ns, $dir)); - } -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/old-remove-require-once.php b/vendor/ezyang/htmlpurifier/maintenance/old-remove-require-once.php deleted file mode 100644 index f47c7d0f1..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/old-remove-require-once.php +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -echo "Please do not run this script. It is here for historical purposes only."; -exit; - -/** - * @file - * Removes leading includes from files. - * - * @note - * This does not remove inline includes; those must be handled manually. - */ - -chdir(dirname(__FILE__) . '/../tests/HTMLPurifier'); -$FS = new FSTools(); - -$files = $FS->globr('.', '*.php'); -foreach ($files as $file) { - if (substr_count(basename($file), '.') > 1) continue; - $old_code = file_get_contents($file); - $new_code = preg_replace("#^require_once .+[\n\r]*#m", '', $old_code); - if ($old_code !== $new_code) { - file_put_contents($file, $new_code); - } -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/old-remove-schema-def.php b/vendor/ezyang/htmlpurifier/maintenance/old-remove-schema-def.php deleted file mode 100644 index 5ae031973..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/old-remove-schema-def.php +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -echo "Please do not run this script. It is here for historical purposes only."; -exit; - -/** - * @file - * Removes ConfigSchema function calls from source files. - */ - -chdir(dirname(__FILE__) . '/../library/'); -$FS = new FSTools(); - -$files = $FS->globr('.', '*.php'); -foreach ($files as $file) { - if (substr_count(basename($file), '.') > 1) continue; - $old_code = file_get_contents($file); - $new_code = preg_replace("#^HTMLPurifier_ConfigSchema::.+?\);[\n\r]*#ms", '', $old_code); - if ($old_code !== $new_code) { - file_put_contents($file, $new_code); - } - if (preg_match('#^\s+HTMLPurifier_ConfigSchema::#m', $new_code)) { - echo "Indented ConfigSchema call in $file\n"; - } -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/regenerate-docs.sh b/vendor/ezyang/htmlpurifier/maintenance/regenerate-docs.sh deleted file mode 100644 index 6f4d720ff..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/regenerate-docs.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -e -./compile-doxygen.sh -cd ../docs -scp doxygen.tgz htmlpurifier.org:/home/ezyang/htmlpurifier.org -ssh htmlpurifier.org "cd /home/ezyang/htmlpurifier.org && ./reload-docs.sh" diff --git a/vendor/ezyang/htmlpurifier/maintenance/remove-trailing-whitespace.php b/vendor/ezyang/htmlpurifier/maintenance/remove-trailing-whitespace.php deleted file mode 100644 index 857870546..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/remove-trailing-whitespace.php +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -assertCli(); - -/** - * @file - * Removes trailing whitespace from files. - */ - -chdir(dirname(__FILE__) . '/..'); -$FS = new FSTools(); - -$files = $FS->globr('.', '{,.}*', GLOB_BRACE); -foreach ($files as $file) { - if ( - !is_file($file) || - prefix_is('./.git', $file) || - prefix_is('./docs/doxygen', $file) || - postfix_is('.ser', $file) || - postfix_is('.tgz', $file) || - postfix_is('.patch', $file) || - postfix_is('.dtd', $file) || - postfix_is('.ent', $file) || - $file == './library/HTMLPurifier/Lexer/PH5P.php' || - $file == './maintenance/PH5P.php' - ) continue; - $contents = file_get_contents($file); - $result = preg_replace('/^(.*?)[ \t]+(\r?)$/m', '\1\2', $contents, -1, $count); - if (!$count) continue; - echo "$file\n"; - file_put_contents($file, $result); -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/maintenance/rename-config.php b/vendor/ezyang/htmlpurifier/maintenance/rename-config.php deleted file mode 100644 index 6e59e2a79..000000000 --- a/vendor/ezyang/htmlpurifier/maintenance/rename-config.php +++ /dev/null @@ -1,84 +0,0 @@ -#!/usr/bin/php -<?php - -chdir(dirname(__FILE__)); -require_once 'common.php'; -require_once '../library/HTMLPurifier.auto.php'; -assertCli(); - -/** - * @file - * Renames a configuration directive. This involves renaming the file, - * adding an alias, and then regenerating the cache. You still have to - * manually go through and fix any calls to the directive. - * @warning This script doesn't handle multi-stringhash files. - */ - -$argv = $_SERVER['argv']; -if (count($argv) < 3) { - echo "Usage: {$argv[0]} OldName NewName\n"; - exit(1); -} - -chdir('../library/HTMLPurifier/ConfigSchema/schema'); - -$old = $argv[1]; -$new = $argv[2]; - -if (!file_exists("$old.txt")) { - echo "Cannot move undefined configuration directive $old\n"; - exit(1); -} - -if ($old === $new) { - echo "Attempting to move to self, aborting\n"; - exit(1); -} - -if (file_exists("$new.txt")) { - echo "Cannot move to already defined directive $new\n"; - exit(1); -} - -$file = "$old.txt"; -$builder = new HTMLPurifier_ConfigSchema_InterchangeBuilder(); -$interchange = new HTMLPurifier_ConfigSchema_Interchange(); -$builder->buildFile($interchange, $file); -$contents = file_get_contents($file); - -if (strpos($contents, "\r\n") !== false) { - $nl = "\r\n"; -} elseif (strpos($contents, "\r") !== false) { - $nl = "\r"; -} else { - $nl = "\n"; -} - -// replace name with new name -$contents = str_replace($old, $new, $contents); - -if ($interchange->directives[$old]->aliases) { - $pos_alias = strpos($contents, 'ALIASES:'); - $pos_ins = strpos($contents, $nl, $pos_alias); - if ($pos_ins === false) $pos_ins = strlen($contents); - $contents = - substr($contents, 0, $pos_ins) . ", $old" . substr($contents, $pos_ins); - file_put_contents($file, $contents); -} else { - $lines = explode($nl, $contents); - $insert = false; - foreach ($lines as $n => $line) { - if (strncmp($line, '--', 2) === 0) { - $insert = $n; - break; - } - } - if (!$insert) { - $lines[] = "ALIASES: $old"; - } else { - array_splice($lines, $insert, 0, "ALIASES: $old"); - } - file_put_contents($file, implode($nl, $lines)); -} - -rename("$old.txt", "$new.txt") || exit(1); diff --git a/vendor/ezyang/htmlpurifier/package.php b/vendor/ezyang/htmlpurifier/package.php deleted file mode 100644 index bfef93622..000000000 --- a/vendor/ezyang/htmlpurifier/package.php +++ /dev/null @@ -1,61 +0,0 @@ -<?php - -set_time_limit(0); - -require_once 'PEAR/PackageFileManager2.php'; -require_once 'PEAR/PackageFileManager/File.php'; -PEAR::setErrorHandling(PEAR_ERROR_PRINT); -$pkg = new PEAR_PackageFileManager2; - -$pkg->setOptions( - array( - 'baseinstalldir' => '/', - 'packagefile' => 'package.xml', - 'packagedirectory' => realpath(dirname(__FILE__) . '/library'), - 'filelistgenerator' => 'file', - 'include' => array('*'), - 'dir_roles' => array('/' => 'php'), // hack to put *.ser files in the right place - 'ignore' => array( - 'HTMLPurifier.standalone.php', - 'HTMLPurifier.path.php', - '*.tar.gz', - '*.tgz', - 'standalone/' - ), - ) -); - -$pkg->setPackage('HTMLPurifier'); -$pkg->setLicense('LGPL', 'http://www.gnu.org/licenses/lgpl.html'); -$pkg->setSummary('Standards-compliant HTML filter'); -$pkg->setDescription( - 'HTML Purifier is an HTML filter that will remove all malicious code - (better known as XSS) with a thoroughly audited, secure yet permissive - whitelist and will also make sure your documents are standards - compliant.' -); - -$pkg->addMaintainer('lead', 'ezyang', 'Edward Z. Yang', 'admin@htmlpurifier.org', 'yes'); - -$version = trim(file_get_contents('VERSION')); -$api_version = substr($version, 0, strrpos($version, '.')); - -$pkg->setChannel('htmlpurifier.org'); -$pkg->setAPIVersion($api_version); -$pkg->setAPIStability('stable'); -$pkg->setReleaseVersion($version); -$pkg->setReleaseStability('stable'); - -$pkg->addRelease(); - -$pkg->setNotes(file_get_contents('WHATSNEW')); -$pkg->setPackageType('php'); - -$pkg->setPhpDep('5.0.0'); -$pkg->setPearinstallerDep('1.4.3'); - -$pkg->generateContents(); - -$pkg->writePackageFile(); - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/phpdoc.ini b/vendor/ezyang/htmlpurifier/phpdoc.ini deleted file mode 100644 index c4c372353..000000000 --- a/vendor/ezyang/htmlpurifier/phpdoc.ini +++ /dev/null @@ -1,102 +0,0 @@ -;; phpDocumentor parse configuration file -;; -;; This file is designed to cut down on repetitive typing on the command-line or web interface -;; You can copy this file to create a number of configuration files that can be used with the -;; command-line switch -c, as in phpdoc -c default.ini or phpdoc -c myini.ini. The web -;; interface will automatically generate a list of .ini files that can be used. -;; -;; default.ini is used to generate the online manual at http://www.phpdoc.org/docs -;; -;; ALL .ini files must be in the user subdirectory of phpDocumentor with an extension of .ini -;; -;; Copyright 2002, Greg Beaver <cellog@users.sourceforge.net> -;; -;; WARNING: do not change the name of any command-line parameters, phpDocumentor will ignore them - -[Parse Data] -;; title of all the documentation -;; legal values: any string -title = HTML Purifier API Documentation - -;; parse files that start with a . like .bash_profile -;; legal values: true, false -hidden = false - -;; show elements marked @access private in documentation by setting this to on -;; legal values: on, off -parseprivate = off - -;; parse with javadoc-like description (first sentence is always the short description) -;; legal values: on, off -javadocdesc = on - -;; add any custom @tags separated by commas here -;; legal values: any legal tagname separated by commas. -;customtags = mytag1,mytag2 - -;; This is only used by the XML:DocBook/peardoc2 converter -defaultcategoryname = Documentation - -;; what is the main package? -;; legal values: alphanumeric string plus - and _ -defaultpackagename = HTMLPurifier - -;; output any parsing information? set to on for cron jobs -;; legal values: on -;quiet = on - -;; parse a PEAR-style repository. Do not turn this on if your project does -;; not have a parent directory named "pear" -;; legal values: on/off -;pear = on - -;; where should the documentation be written? -;; legal values: a legal path -target = docs/phpdoc - -;; Which files should be parsed out as special documentation files, such as README, -;; INSTALL and CHANGELOG? This overrides the default files found in -;; phpDocumentor.ini (this file is not a user .ini file, but the global file) -readmeinstallchangelog = README, INSTALL, NEWS, WYSIWYG, SLOW, LICENSE, CREDITS - -;; limit output to the specified packages, even if others are parsed -;; legal values: package names separated by commas -;packageoutput = package1,package2 - -;; comma-separated list of files to parse -;; legal values: paths separated by commas -;filename = /path/to/file1,/path/to/file2,fileincurrentdirectory - -;; comma-separated list of directories to parse -;; legal values: directory paths separated by commas -;directory = /path1,/path2,.,..,subdirectory -;directory = /home/jeichorn/cvs/pear -directory = . - -;; template base directory (the equivalent directory of <installdir>/phpDocumentor) -;templatebase = /path/to/my/templates - -;; directory to find any example files in through @example and {@example} tags -;examplesdir = /path/to/my/templates - -;; comma-separated list of files, directories or wildcards ? and * (any wildcard) to ignore -;; legal values: any wildcard strings separated by commas -;ignore = /path/to/ignore*,*list.php,myfile.php,subdirectory/ -ignore = *tests*,*benchmarks*,*docs*,*test-settings.php,*configdoc*,*maintenance*,*smoketests*,*standalone*,*.svn*,*conf* - -sourcecode = on - -;; comma-separated list of Converters to use in outputformat:Convertername:templatedirectory format -;; legal values: HTML:frames:default,HTML:frames:l0l33t,HTML:frames:phpdoc.de,HTML:frames:phphtmllib, -;; HTML:frames:earthli, -;; HTML:frames:DOM/default,HTML:frames:DOM/l0l33t,HTML:frames:DOM/phpdoc.de, -;; HTML:frames:DOM/phphtmllib,HTML:frames:DOM/earthli -;; HTML:Smarty:default,HTML:Smarty:PHP,HTML:Smarty:HandS -;; PDF:default:default,CHM:default:default,XML:DocBook/peardoc2:default -output=HTML:frames:default - -;; turn this option on if you want highlighted source code for every file -;; legal values: on/off -sourcecode = on - -; vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/modx.txt b/vendor/ezyang/htmlpurifier/plugins/modx.txt deleted file mode 100644 index 0763821b5..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/modx.txt +++ /dev/null @@ -1,112 +0,0 @@ - -MODx Plugin - -MODx <http://www.modxcms.com/> is an open source PHP application framework. -I first came across them in my referrer logs when tillda asked if anyone -could implement an HTML Purifier plugin. This forum thread -<http://modxcms.com/forums/index.php/topic,6604.0.html> eventually resulted -in the fruition of this plugin that davidm says, "is on top of my favorite -list." HTML Purifier goes great with WYSIWYG editors! - - - -1. Credits - -PaulGregory wrote the overall structure of the code. I added the -slashes hack. - - - -2. Install - -First, you need to place HTML Purifier library somewhere. The code here -assumes that you've placed in MODx's assets/plugins/htmlpurifier (no version -number). - -Log into the manager, and navigate: - -Resources > Manage Resources > Plugins tab > New Plugin - -Type in a name (probably HTML Purifier), and copy paste this code into the -textarea: - --------------------------------------------------------------------------------- -$e = &$modx->Event; -if ($e->name == 'OnBeforeDocFormSave') { - global $content; - - include_once '../assets/plugins/htmlpurifier/library/HTMLPurifier.auto.php'; - $purifier = new HTMLPurifier(); - - static $magic_quotes = null; - if ($magic_quotes === null) { - // this is an ugly hack because this hook hasn't - // had the backslashes removed yet when magic_quotes_gpc is on, - // but HTMLPurifier must not have the quotes slashed. - $magic_quotes = get_magic_quotes_gpc(); - } - - if ($magic_quotes) $content = stripslashes($content); - $content = $purifier->purify($content); - if ($magic_quotes) $content = addslashes($content); -} --------------------------------------------------------------------------------- - -Then navigate to the System Events tab and check "OnBeforeDocFormSave". -Save the plugin. HTML Purifier now is integrated! - - - -3. Making sure it works - -You can test HTML Purifier by deliberately putting in crappy HTML and seeing -whether or not it gets fixed. A better way is to put in something like this: - -<p lang="fr">Il est bon</p> - -...and seeing whether or not the content comes out as: - -<p lang="fr" xml:lang="fr">Il est bon</p> - -(lang to xml:lang synchronization is one of the many features HTML Purifier -has). - - - -4. Caveat Emptor - -This code does not intercept save requests from the QuickEdit plugin, this may -be added in a later version. It also modifies things on save, so there's a -slight chance that HTML Purifier may make a boo-boo and accidently mess things -up (the original version is not saved). - -Finally, make sure that MODx is using UTF-8. If you are using, say, a French -localisation, you may be using Latin-1, if that's the case, configure -HTML Purifier properly like this: - -$config = HTMLPurifier_Config::createDefault(); -$config->set('Core', 'Encoding', 'ISO-8859-1'); // or whatever encoding -$purifier = new HTMLPurifier($config); - - - -5. Known Bugs - -'rn' characters sometimes mysteriously appear after purification. We are -currently investigating this issue. See: <http://htmlpurifier.org/phorum/read.php?3,1866> - - - -6. See Also - -A modified version of Jot 1.1.3 is available, which integrates with HTML -Purifier. You can check it out here: <http://modxcms.com/forums/index.php/topic,25621.msg161970.html> - - -X. Changelog - -2008-06-16 -- Updated code to work with 3.1.0 and later -- Add Known Bugs and See Also section - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/.gitignore b/vendor/ezyang/htmlpurifier/plugins/phorum/.gitignore deleted file mode 100644 index 8325e0902..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -migrate.php -htmlpurifier/* diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/Changelog b/vendor/ezyang/htmlpurifier/plugins/phorum/Changelog deleted file mode 100644 index 9f939e54a..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/Changelog +++ /dev/null @@ -1,27 +0,0 @@ -Changelog HTMLPurifier : Phorum Mod -||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| - -= KEY ==================== - # Breaks back-compat - ! Feature - - Bugfix - + Sub-comment - . Internal change -========================== - -Version 4.0.0 for Phorum 5.2, released July 9, 2009 -# Works only with HTML Purifier 4.0.0 -! Better installation documentation -- Fixed double encoded quotes -- Fixed fatal error when migrate.php is blank - -Version 3.0.0 for Phorum 5.2, released January 12, 2008 -# WYSIWYG and suppress_message options are now configurable via web - interface. -- Module now compatible with Phorum 5.2, primary bugs were in migration - code as well as signature and edit message handling. This module is NOT - compatible with Phorum 5.1. -- Buggy WYSIWYG mode refined -. AutoFormatParam added to list of default configuration namespaces - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/INSTALL b/vendor/ezyang/htmlpurifier/plugins/phorum/INSTALL deleted file mode 100644 index 23c76fc5c..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/INSTALL +++ /dev/null @@ -1,84 +0,0 @@ - -Install - How to install the Phorum HTML Purifier plugin - -0. PREREQUISITES ----------------- -This Phorum module only works on PHP5 and with HTML Purifier 4.0.0 -or later. - -1. UNZIP --------- -Unzip phorum-htmlpurifier-x.y.z, producing an htmlpurifier folder. -You've already done this step if you're reading this! - -2. MOVE -------- -Move the htmlpurifier folder to the mods/ folder of your Phorum -installation, so the directory structure looks like: - -phorum/ - mods/ - htmlpurifier/ - INSTALL - this install file - info.txt, ... - the module files - htmlpurifier/ - -3. INSTALL HTML PURIFIER ------------------------- -Download and unzip HTML Purifier <htmlpurifier.org>. Place the contents of -the library/ folder in the htmlpurifier/htmlpurifier folder. Your directory -structure will look like: - -phorum/ - mods/ - htmlpurifier/ - htmlpurifier/ - HTMLPurifier.auto.php - ... - other files - HTMLPurifier/ - -Advanced users: - If you have HTML Purifier installed elsewhere on your server, - all you need is an HTMLPurifier.auto.php file in the library folder which - includes the HTMLPurifier.auto.php file in your install. - -4. MIGRATE ----------- -If you're setting up a new Phorum installation, all you need to do is create -a blank migrate.php file in the htmlpurifier module folder (NOT the library -folder. - -If you have an old Phorum installation and was using BBCode, -copy migrate.bbcode.php to migrate.php. If you were using a different input -format, follow the instructions in migrate.bbcode.php to create your own custom -migrate.php file. - -Your directory structure should now look like this: - -phorum/ - mods/ - htmlpurifier/ - migrate.php - -5. ENABLE ---------- -Navigate to your Phorum admin panel at http://example.com/phorum/admin.php, -click on Global Settings > Modules, scroll to "HTML Purifier Phorum Mod" and -turn it On. - -6. MIGRATE SIGNATURES ---------------------- -If you're setting up a new Phorum installation, skip this step. - -If you allowed your users to make signatures, navigate to the module settings -page of HTML Purifier (Global Settings > Modules > HTML Purifier Phorum Mod > -Configure), type in "yes" in the "Confirm" box, and press "Migrate." - -ONLY DO THIS ONCE! BE SURE TO BACK UP YOUR DATABASE! - -7. CONFIGURE ------------- -Configure using Edit settings. See that page for more information. - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/README b/vendor/ezyang/htmlpurifier/plugins/phorum/README deleted file mode 100644 index 0524ed39d..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/README +++ /dev/null @@ -1,45 +0,0 @@ - -HTML Purifier Phorum Mod - Filter your HTML the Standards-Compliant Way! - -This Phorum mod enables HTML posting on Phorum. Under normal circumstances, -this would cause a huge security risk, but because we are running -HTML through HTML Purifier, output is guaranteed to be XSS free and -standards-compliant. - -This mod requires HTML input, and previous markup languages need to be -converted accordingly. Thus, it is vital that you create a 'migrate.php' -file that works with your installation. If you're using the built-in -BBCode formatting, simply move migrate.bbcode.php to that place; for -other markup languages, consult said file for instructions on how -to adapt it to your needs. - - -- NOTE ------------------------------------------------- - You can also run this module in parallel with another - formatting module; this module attempts to place itself - at the end of the filtering chain. However, if any - previous modules produce insecure HTML (for instance, - a JavaScript email obfuscator) they will get cleaned. - -This module will not work if 'migrate.php' is not created, and an improperly -made migration file may *CORRUPT* Phorum, so please take your time to -do this correctly. It should go without saying to *BACKUP YOUR DATABASE* -before attempting anything here. If no migration is necessary, you can -simply create a blank migrate.php file. HTML Purifier is smart and will -not re-migrate already processed messages. However, the original code -is irretrievably lost (we may change this in the future.) - -This module will not automatically migrate user signatures, because this -process may take a long time. After installing the HTML Purifier module and -then configuring 'migrate.php', navigate to Settings and click 'Migrate -Signatures' to migrate all user signatures to HTML. - -All of HTML Purifier's usual functions are configurable via the mod settings -page. If you require custom configuration, create config.php file in -the mod directory that edits a $config variable. Be sure, also, to -set $PHORUM['mod_htmlpurifier']['wysiwyg'] to TRUE if you are using a -WYSIWYG editor (you can do this through a common hook or the web -configuration form). - -Visit HTML Purifier at <http://htmlpurifier.org/>. - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/config.default.php b/vendor/ezyang/htmlpurifier/plugins/phorum/config.default.php deleted file mode 100644 index 29c1b7497..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/config.default.php +++ /dev/null @@ -1,58 +0,0 @@ -<?php - -if(!defined("PHORUM")) exit; - -// default HTML Purifier configuration settings -$config->set('HTML.Allowed', - // alphabetically sorted -'a[href|title] -abbr[title] -acronym[title] -b -blockquote[cite] -br -caption -cite -code -dd -del -dfn -div -dl -dt -em -i -img[src|alt|title|class] -ins -kbd -li -ol -p -pre -s -strike -strong -sub -sup -table -tbody -td -tfoot -th -thead -tr -tt -u -ul -var'); -$config->set('AutoFormat.AutoParagraph', true); -$config->set('AutoFormat.Linkify', true); -$config->set('HTML.Doctype', 'XHTML 1.0 Transitional'); -$config->set('Core.AggressivelyFixLt', true); -$config->set('Core.Encoding', $GLOBALS['PHORUM']['DATA']['CHARSET']); // we'll change this eventually -if (strtolower($GLOBALS['PHORUM']['DATA']['CHARSET']) !== 'utf-8') { - $config->set('Core.EscapeNonASCIICharacters', true); -} -$config->set('Core.AllowParseManyTags', false); - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/htmlpurifier.php b/vendor/ezyang/htmlpurifier/plugins/phorum/htmlpurifier.php deleted file mode 100644 index f66d8c36c..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/htmlpurifier.php +++ /dev/null @@ -1,316 +0,0 @@ -<?php - -/** - * HTML Purifier Phorum Mod. Filter your HTML the Standards-Compliant Way! - * - * This Phorum mod enables users to post raw HTML into Phorum. But never - * fear: with the help of HTML Purifier, this HTML will be beat into - * de-XSSed and standards-compliant form, safe for general consumption. - * It is not recommended, but possible to run this mod in parallel - * with other formatters (in short, please DISABLE the BBcode mod). - * - * For help migrating from your previous markup language to pure HTML - * please check the migrate.bbcode.php file. - * - * If you'd like to use this with a WYSIWYG editor, make sure that - * editor sets $PHORUM['mod_htmlpurifier']['wysiwyg'] to true. Otherwise, - * administrators who need to edit other people's comments may be at - * risk for some nasty attacks. - * - * Tested with Phorum 5.2.11. - */ - -// Note: Cache data is base64 encoded because Phorum insists on flinging -// to the user and expecting it to come back unharmed, newlines and -// all, which ain't happening. It's slower, it takes up more space, but -// at least it won't get mutilated - -/** - * Purifies a data array - */ -function phorum_htmlpurifier_format($data) -{ - $PHORUM = $GLOBALS["PHORUM"]; - - $purifier =& HTMLPurifier::getInstance(); - $cache_serial = $PHORUM['mod_htmlpurifier']['body_cache_serial']; - - foreach($data as $message_id => $message){ - if(isset($message['body'])) { - - if ($message_id) { - // we're dealing with a real message, not a fake, so - // there a number of shortcuts that can be taken - - if (isset($message['meta']['htmlpurifier_light'])) { - // format hook was called outside of Phorum's normal - // functions, do the abridged purification - $data[$message_id]['body'] = $purifier->purify($message['body']); - continue; - } - - if (!empty($PHORUM['args']['purge'])) { - // purge the cache, must be below the following if - unset($message['meta']['body_cache']); - } - - if ( - isset($message['meta']['body_cache']) && - isset($message['meta']['body_cache_serial']) && - $message['meta']['body_cache_serial'] == $cache_serial - ) { - // cached version is present, bail out early - $data[$message_id]['body'] = base64_decode($message['meta']['body_cache']); - continue; - } - } - - // migration might edit this array, that's why it's defined - // so early - $updated_message = array(); - - // create the $body variable - if ( - $message_id && // message must be real to migrate - !isset($message['meta']['body_cache_serial']) - ) { - // perform migration - $fake_data = array(); - list($signature, $edit_message) = phorum_htmlpurifier_remove_sig_and_editmessage($message); - $fake_data[$message_id] = $message; - $fake_data = phorum_htmlpurifier_migrate($fake_data); - $body = $fake_data[$message_id]['body']; - $body = str_replace("<phorum break>\n", "\n", $body); - $updated_message['body'] = $body; // save it in - $body .= $signature . $edit_message; // add it back in - } else { - // reverse Phorum's pre-processing - $body = $message['body']; - // order is important - $body = str_replace("<phorum break>\n", "\n", $body); - $body = str_replace(array('<','>','&', '"'), array('<','>','&','"'), $body); - if (!$message_id && defined('PHORUM_CONTROL_CENTER')) { - // we're in control.php, so it was double-escaped - $body = str_replace(array('<','>','&', '"'), array('<','>','&','"'), $body); - } - } - - $body = $purifier->purify($body); - - // dynamically update the cache (MUST BE DONE HERE!) - // this is inefficient because it's one db call per - // cache miss, but once the cache is in place things are - // a lot zippier. - - if ($message_id) { // make sure it's not a fake id - $updated_message['meta'] = $message['meta']; - $updated_message['meta']['body_cache'] = base64_encode($body); - $updated_message['meta']['body_cache_serial'] = $cache_serial; - phorum_db_update_message($message_id, $updated_message); - } - - // must not get overloaded until after we cache it, otherwise - // we'll inadvertently change the original text - $data[$message_id]['body'] = $body; - - } - } - - return $data; -} - -// ----------------------------------------------------------------------- -// This is fragile code, copied from read.php:596 (Phorum 5.2.6). Please -// keep this code in-sync with Phorum - -/** - * Generates a signature based on a message array - */ -function phorum_htmlpurifier_generate_sig($row) -{ - $phorum_sig = ''; - if(isset($row["user"]["signature"]) - && isset($row['meta']['show_signature']) && $row['meta']['show_signature']==1){ - $phorum_sig=trim($row["user"]["signature"]); - if(!empty($phorum_sig)){ - $phorum_sig="\n\n$phorum_sig"; - } - } - return $phorum_sig; -} - -/** - * Generates an edit message based on a message array - */ -function phorum_htmlpurifier_generate_editmessage($row) -{ - $PHORUM = $GLOBALS['PHORUM']; - $editmessage = ''; - if(isset($row['meta']['edit_count']) && $row['meta']['edit_count'] > 0) { - $editmessage = str_replace ("%count%", $row['meta']['edit_count'], $PHORUM["DATA"]["LANG"]["EditedMessage"]); - $editmessage = str_replace ("%lastedit%", phorum_date($PHORUM["short_date_time"],$row['meta']['edit_date']), $editmessage); - $editmessage = str_replace ("%lastuser%", $row['meta']['edit_username'], $editmessage); - $editmessage = "\n\n\n\n$editmessage"; - } - return $editmessage; -} - -// End fragile code -// ----------------------------------------------------------------------- - -/** - * Removes the signature and edit message from a message - * @param $row Message passed by reference - */ -function phorum_htmlpurifier_remove_sig_and_editmessage(&$row) -{ - $signature = phorum_htmlpurifier_generate_sig($row); - $editmessage = phorum_htmlpurifier_generate_editmessage($row); - $replacements = array(); - // we need to remove add <phorum break> as that is the form these - // extra bits are in. - if ($signature) $replacements[str_replace("\n", "<phorum break>\n", $signature)] = ''; - if ($editmessage) $replacements[str_replace("\n", "<phorum break>\n", $editmessage)] = ''; - $row['body'] = strtr($row['body'], $replacements); - return array($signature, $editmessage); -} - -/** - * Indicate that data is fully HTML and not from migration, invalidate - * previous caches - * @note This function could generate the actual cache entries, but - * since there's data missing that must be deferred to the first read - */ -function phorum_htmlpurifier_posting($message) -{ - $PHORUM = $GLOBALS["PHORUM"]; - unset($message['meta']['body_cache']); // invalidate the cache - $message['meta']['body_cache_serial'] = $PHORUM['mod_htmlpurifier']['body_cache_serial']; - return $message; -} - -/** - * Overload quoting mechanism to prevent default, mail-style quote from happening - */ -function phorum_htmlpurifier_quote($array) -{ - $PHORUM = $GLOBALS["PHORUM"]; - $purifier =& HTMLPurifier::getInstance(); - $text = $purifier->purify($array[1]); - $source = htmlspecialchars($array[0]); - return "<blockquote cite=\"$source\">\n$text\n</blockquote>"; -} - -/** - * Ensure that our format hook is processed last. Also, loads the library. - * @credits <http://secretsauce.phorum.org/snippets/make_bbcode_last_formatter.php.txt> - */ -function phorum_htmlpurifier_common() -{ - require_once(dirname(__FILE__).'/htmlpurifier/HTMLPurifier.auto.php'); - require(dirname(__FILE__).'/init-config.php'); - - $config = phorum_htmlpurifier_get_config(); - HTMLPurifier::getInstance($config); - - // increment revision.txt if you want to invalidate the cache - $GLOBALS['PHORUM']['mod_htmlpurifier']['body_cache_serial'] = $config->getSerial(); - - // load migration - if (file_exists(dirname(__FILE__) . '/migrate.php')) { - include(dirname(__FILE__) . '/migrate.php'); - } else { - echo '<strong>Error:</strong> No migration path specified for HTML Purifier, please check - <tt>modes/htmlpurifier/migrate.bbcode.php</tt> for instructions on - how to migrate from your previous markup language.'; - exit; - } - - if (!function_exists('phorum_htmlpurifier_migrate')) { - // Dummy function - function phorum_htmlpurifier_migrate($data) {return $data;} - } - -} - -/** - * Pre-emptively performs purification if it looks like a WYSIWYG editor - * is being used - */ -function phorum_htmlpurifier_before_editor($message) -{ - if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) { - if (!empty($message['body'])) { - $body = $message['body']; - // de-entity-ize contents - $body = str_replace(array('<','>','&'), array('<','>','&'), $body); - $purifier =& HTMLPurifier::getInstance(); - $body = $purifier->purify($body); - // re-entity-ize contents - $body = htmlspecialchars($body, ENT_QUOTES, $GLOBALS['PHORUM']['DATA']['CHARSET']); - $message['body'] = $body; - } - } - return $message; -} - -function phorum_htmlpurifier_editor_after_subject() -{ - // don't show this message if it's a WYSIWYG editor, since it will - // then be handled automatically - if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg'])) { - $i = $GLOBALS['PHORUM']['DATA']['MODE']; - if ($i == 'quote' || $i == 'edit' || $i == 'moderation') { - ?> - <div> - <p> - <strong>Notice:</strong> HTML has been scrubbed for your safety. - If you would like to see the original, turn off WYSIWYG mode - (consult your administrator for details.) - </p> - </div> - <?php - } - return; - } - if (!empty($GLOBALS['PHORUM']['mod_htmlpurifier']['suppress_message'])) return; - ?><div class="htmlpurifier-help"> - <p> - <strong>HTML input</strong> is enabled. Make sure you escape all HTML and - angled brackets with <code>&lt;</code> and <code>&gt;</code>. - </p><?php - $purifier =& HTMLPurifier::getInstance(); - $config = $purifier->config; - if ($config->get('AutoFormat.AutoParagraph')) { - ?><p> - <strong>Auto-paragraphing</strong> is enabled. Double - newlines will be converted to paragraphs; for single - newlines, use the <code>pre</code> tag. - </p><?php - } - $html_definition = $config->getDefinition('HTML'); - $allowed = array(); - foreach ($html_definition->info as $name => $x) $allowed[] = "<code>$name</code>"; - sort($allowed); - $allowed_text = implode(', ', $allowed); - ?><p><strong>Allowed tags:</strong> <?php - echo $allowed_text; - ?>.</p><?php - ?> - </p> - <p> - For inputting literal code such as HTML and PHP for display, use - CDATA tags to auto-escape your angled brackets, and <code>pre</code> - to preserve newlines: - </p> - <pre><pre><![CDATA[ -<em>Place code here</em> -]]></pre></pre> - <p> - Power users, you can hide this notice with: - <pre>.htmlpurifier-help {display:none;}</pre> - </p> - </div><?php -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/info.txt b/vendor/ezyang/htmlpurifier/plugins/phorum/info.txt deleted file mode 100644 index 723465490..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/info.txt +++ /dev/null @@ -1,18 +0,0 @@ -title: HTML Purifier Phorum Mod -desc: This module enables standards-compliant HTML filtering on Phorum. Please check migrate.bbcode.php before enabling this mod. -author: Edward Z. Yang -url: http://htmlpurifier.org/ -version: 4.0.0 - -hook: format|phorum_htmlpurifier_format -hook: quote|phorum_htmlpurifier_quote -hook: posting_custom_action|phorum_htmlpurifier_posting -hook: common|phorum_htmlpurifier_common -hook: before_editor|phorum_htmlpurifier_before_editor -hook: tpl_editor_after_subject|phorum_htmlpurifier_editor_after_subject - -# This module is meant to be a drop-in for bbcode, so make it run last. -priority: run module after * -priority: run hook format after * - - vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/init-config.php b/vendor/ezyang/htmlpurifier/plugins/phorum/init-config.php deleted file mode 100644 index e19787b4b..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/init-config.php +++ /dev/null @@ -1,30 +0,0 @@ -<?php - -/** - * Initializes the appropriate configuration from either a PHP file - * or a module configuration value - * @return Instance of HTMLPurifier_Config - */ -function phorum_htmlpurifier_get_config($default = false) -{ - global $PHORUM; - $config_exists = phorum_htmlpurifier_config_file_exists(); - if ($default || $config_exists || !isset($PHORUM['mod_htmlpurifier']['config'])) { - $config = HTMLPurifier_Config::createDefault(); - include(dirname(__FILE__) . '/config.default.php'); - if ($config_exists) { - include(dirname(__FILE__) . '/config.php'); - } - unset($PHORUM['mod_htmlpurifier']['config']); // unnecessary - } else { - $config = HTMLPurifier_Config::create($PHORUM['mod_htmlpurifier']['config']); - } - return $config; -} - -function phorum_htmlpurifier_config_file_exists() -{ - return file_exists(dirname(__FILE__) . '/config.php'); -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/migrate.bbcode.php b/vendor/ezyang/htmlpurifier/plugins/phorum/migrate.bbcode.php deleted file mode 100644 index 0d0919455..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/migrate.bbcode.php +++ /dev/null @@ -1,31 +0,0 @@ -<?php - -/** - * This file is responsible for migrating from a specific markup language - * like BBCode or Markdown to HTML. WARNING: THIS PROCESS IS NOT REVERSIBLE - * - * Copy this file to 'migrate.php' and it will automatically work for - * BBCode; you may need to tweak this a little to get it to work for other - * languages (usually, just replace the include name and the function name). - * - * If you do NOT want to have any migration performed (for instance, you - * are installing the module on a new forum with no posts), simply remove - * phorum_htmlpurifier_migrate() function. You still need migrate.php - * present, otherwise the module won't work. This ensures that the user - * explicitly says, "No, I do not need to migrate." - */ - -if(!defined("PHORUM")) exit; - -require_once(dirname(__FILE__) . "/../bbcode/bbcode.php"); - -/** - * 'format' hook style function that will be called to convert - * legacy markup into HTML. - */ -function phorum_htmlpurifier_migrate($data) -{ - return phorum_mod_bbcode_format($data); // bbcode's 'format' hook -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/settings.php b/vendor/ezyang/htmlpurifier/plugins/phorum/settings.php deleted file mode 100644 index 8158f0282..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/settings.php +++ /dev/null @@ -1,64 +0,0 @@ -<?php - -// based off of BBCode's settings file - -/** - * HTML Purifier Phorum mod settings configuration. This provides - * a convenient web-interface for editing the most common HTML Purifier - * configuration directives. You can also specify custom configuration - * by creating a 'config.php' file. - */ - -if(!defined("PHORUM_ADMIN")) exit; - -// error reporting is good! -error_reporting(E_ALL ^ E_NOTICE); - -// load library and other paraphenalia -require_once './include/admin/PhorumInputForm.php'; -require_once (dirname(__FILE__) . '/htmlpurifier/HTMLPurifier.auto.php'); -require_once (dirname(__FILE__) . '/init-config.php'); -require_once (dirname(__FILE__) . '/settings/migrate-sigs-form.php'); -require_once (dirname(__FILE__) . '/settings/migrate-sigs.php'); -require_once (dirname(__FILE__) . '/settings/form.php'); -require_once (dirname(__FILE__) . '/settings/save.php'); - -// define friendly configuration directives. you can expand this array -// to get more web-definable directives -$PHORUM['mod_htmlpurifier']['directives'] = array( - 'URI.Host', // auto-detectable - 'URI.DisableExternal', - 'URI.DisableExternalResources', - 'URI.DisableResources', - 'URI.Munge', - 'URI.HostBlacklist', - 'URI.Disable', - 'HTML.TidyLevel', - 'HTML.Doctype', // auto-detectable - 'HTML.Allowed', - 'AutoFormat', - '-AutoFormat.Custom', - 'AutoFormatParam', - 'Output.TidyFormat', -); - -// lower this setting if you're getting time outs/out of memory -$PHORUM['mod_htmlpurifier']['migrate-sigs-increment'] = 100; - -if (isset($_POST['reset'])) { - unset($PHORUM['mod_htmlpurifier']['config']); -} - -if ($offset = phorum_htmlpurifier_migrate_sigs_check()) { - // migrate signatures - phorum_htmlpurifier_migrate_sigs($offset); -} elseif(!empty($_POST)){ - // save settings - phorum_htmlpurifier_save_settings(); -} - -phorum_htmlpurifier_show_migrate_sigs_form(); -echo '<br />'; -phorum_htmlpurifier_show_form(); - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/settings/form.php b/vendor/ezyang/htmlpurifier/plugins/phorum/settings/form.php deleted file mode 100644 index 9b6ad5f39..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/settings/form.php +++ /dev/null @@ -1,95 +0,0 @@ -<?php - -function phorum_htmlpurifier_show_form() -{ - if (phorum_htmlpurifier_config_file_exists()) { - phorum_htmlpurifier_show_config_info(); - return; - } - - global $PHORUM; - - $config = phorum_htmlpurifier_get_config(); - - $frm = new PhorumInputForm ("", "post", "Save"); - $frm->hidden("module", "modsettings"); - $frm->hidden("mod", "htmlpurifier"); // this is the directory name that the Settings file lives in - - if (!empty($error)){ - echo "$error<br />"; - } - - $frm->addbreak("Edit settings for the HTML Purifier module"); - - $frm->addMessage('<p>The box below sets <code>$PHORUM[\'mod_htmlpurifier\'][\'wysiwyg\']</code>. - When checked, contents sent for edit are now purified and the - informative message is disabled. If your WYSIWYG editor is disabled for - admin edits, you can safely keep this unchecked.</p>'); - $frm->addRow('Use WYSIWYG?', $frm->checkbox('wysiwyg', '1', '', $PHORUM['mod_htmlpurifier']['wysiwyg'])); - - $frm->addMessage('<p>The box below sets <code>$PHORUM[\'mod_htmlpurifier\'][\'suppress_message\']</code>, - which removes the big how-to use - HTML Purifier message.</p>'); - $frm->addRow('Suppress information?', $frm->checkbox('suppress_message', '1', '', $PHORUM['mod_htmlpurifier']['suppress_message'])); - - $frm->addMessage('<p>Click on directive links to read what each option does - (links do not open in new windows).</p> - <p>For more flexibility (for instance, you want to edit the full - range of configuration directives), you can create a <tt>config.php</tt> - file in your <tt>mods/htmlpurifier/</tt> directory. Doing so will, - however, make the web configuration interface unavailable.</p>'); - - require_once 'HTMLPurifier/Printer/ConfigForm.php'; - $htmlpurifier_form = new HTMLPurifier_Printer_ConfigForm('config', 'http://htmlpurifier.org/live/configdoc/plain.html#%s'); - $htmlpurifier_form->setTextareaDimensions(23, 7); // widen a little, since we have space - - $frm->addMessage($htmlpurifier_form->render( - $config, $PHORUM['mod_htmlpurifier']['directives'], false)); - - $frm->addMessage("<strong>Warning: Changing HTML Purifier's configuration will invalidate - the cache. Expect to see a flurry of database activity after you change - any of these settings.</strong>"); - - $frm->addrow('Reset to defaults:', $frm->checkbox("reset", "1", "", false)); - - // hack to include extra styling - echo '<style type="text/css">' . $htmlpurifier_form->getCSS() . ' - .hp-config {margin-left:auto;margin-right:auto;} - </style>'; - $js = $htmlpurifier_form->getJavaScript(); - echo '<script type="text/javascript">'."<!--\n$js\n//-->".'</script>'; - - $frm->show(); -} - -function phorum_htmlpurifier_show_config_info() -{ - global $PHORUM; - - // update mod_htmlpurifier for housekeeping - phorum_htmlpurifier_commit_settings(); - - // politely tell user how to edit settings manually -?> - <div class="input-form-td-break">How to edit settings for HTML Purifier module</div> - <p> - A <tt>config.php</tt> file exists in your <tt>mods/htmlpurifier/</tt> - directory. This file contains your custom configuration: in order to - change it, please navigate to that file and edit it accordingly. - You can also set <code>$GLOBALS['PHORUM']['mod_htmlpurifier']['wysiwyg']</code> - or <code>$GLOBALS['PHORUM']['mod_htmlpurifier']['suppress_message']</code> - </p> - <p> - To use the web interface, delete <tt>config.php</tt> (or rename it to - <tt>config.php.bak</tt>). - </p> - <p> - <strong>Warning: Changing HTML Purifier's configuration will invalidate - the cache. Expect to see a flurry of database activity after you change - any of these settings.</strong> - </p> -<?php - -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php b/vendor/ezyang/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php deleted file mode 100644 index abea3b51d..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/settings/migrate-sigs-form.php +++ /dev/null @@ -1,22 +0,0 @@ -<?php - -function phorum_htmlpurifier_show_migrate_sigs_form() -{ - $frm = new PhorumInputForm ('', "post", "Migrate"); - $frm->hidden("module", "modsettings"); - $frm->hidden("mod", "htmlpurifier"); - $frm->hidden("migrate-sigs", "1"); - $frm->addbreak("Migrate user signatures to HTML"); - $frm->addMessage('This operation will migrate your users signatures - to HTML. <strong>This process is irreversible and must only be performed once.</strong> - Type in yes in the confirmation field to migrate.'); - if (!file_exists(dirname(__FILE__) . '/../migrate.php')) { - $frm->addMessage('Migration file does not exist, cannot migrate signatures. - Please check <tt>migrate.bbcode.php</tt> on how to create an appropriate file.'); - } else { - $frm->addrow('Confirm:', $frm->text_box("confirmation", "")); - } - $frm->show(); -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/settings/migrate-sigs.php b/vendor/ezyang/htmlpurifier/plugins/phorum/settings/migrate-sigs.php deleted file mode 100644 index 5ea9cd0b8..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/settings/migrate-sigs.php +++ /dev/null @@ -1,79 +0,0 @@ -<?php - -function phorum_htmlpurifier_migrate_sigs_check() -{ - global $PHORUM; - $offset = 0; - if (!empty($_POST['migrate-sigs'])) { - if (!isset($_POST['confirmation']) || strtolower($_POST['confirmation']) !== 'yes') { - echo 'Invalid confirmation code.'; - exit; - } - $PHORUM['mod_htmlpurifier']['migrate-sigs'] = true; - phorum_db_update_settings(array("mod_htmlpurifier"=>$PHORUM["mod_htmlpurifier"])); - $offset = 1; - } elseif (!empty($_GET['migrate-sigs']) && $PHORUM['mod_htmlpurifier']['migrate-sigs']) { - $offset = (int) $_GET['migrate-sigs']; - } - return $offset; -} - -function phorum_htmlpurifier_migrate_sigs($offset) -{ - global $PHORUM; - - if(!$offset) return; // bail out quick if $offset == 0 - - // theoretically, we could get rid of this multi-request - // doo-hickery if safe mode is off - @set_time_limit(0); // attempt to let this run - $increment = $PHORUM['mod_htmlpurifier']['migrate-sigs-increment']; - - require_once(dirname(__FILE__) . '/../migrate.php'); - // migrate signatures - // do this in batches so we don't run out of time/space - $end = $offset + $increment; - $user_ids = array(); - for ($i = $offset; $i < $end; $i++) { - $user_ids[] = $i; - } - $userinfos = phorum_db_user_get_fields($user_ids, 'signature'); - foreach ($userinfos as $i => $user) { - if (empty($user['signature'])) continue; - $sig = $user['signature']; - // perform standard Phorum processing on the sig - $sig = str_replace(array("&","<",">"), array("&","<",">"), $sig); - $sig = preg_replace("/<((http|https|ftp):\/\/[a-z0-9;\/\?:@=\&\$\-_\.\+!*'\(\),~%]+?)>/i", "$1", $sig); - // prepare fake data to pass to migration function - $fake_data = array(array("author"=>"", "email"=>"", "subject"=>"", 'body' => $sig)); - list($fake_message) = phorum_htmlpurifier_migrate($fake_data); - $user['signature'] = $fake_message['body']; - if (!phorum_api_user_save($user)) { - exit('Error while saving user data'); - } - } - unset($userinfos); // free up memory - - // query for highest ID in database - $type = $PHORUM['DBCONFIG']['type']; - $sql = "select MAX(user_id) from {$PHORUM['user_table']}"; - $row = phorum_db_interact(DB_RETURN_ROW, $sql); - $top_id = (int) $row[0]; - - $offset += $increment; - if ($offset > $top_id) { // test for end condition - echo 'Migration finished'; - $PHORUM['mod_htmlpurifier']['migrate-sigs'] = false; - phorum_htmlpurifier_commit_settings(); - return true; - } - $host = $_SERVER['HTTP_HOST']; - $uri = rtrim(dirname($_SERVER['PHP_SELF']), '/\\'); - $extra = 'admin.php?module=modsettings&mod=htmlpurifier&migrate-sigs=' . $offset; - // relies on output buffering to work - header("Location: http://$host$uri/$extra"); - exit; - -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/plugins/phorum/settings/save.php b/vendor/ezyang/htmlpurifier/plugins/phorum/settings/save.php deleted file mode 100644 index 2aefaf83a..000000000 --- a/vendor/ezyang/htmlpurifier/plugins/phorum/settings/save.php +++ /dev/null @@ -1,29 +0,0 @@ -<?php - -function phorum_htmlpurifier_save_settings() -{ - global $PHORUM; - if (phorum_htmlpurifier_config_file_exists()) { - echo "Cannot update settings, <code>mods/htmlpurifier/config.php</code> already exists. To change - settings, edit that file. To use the web form, delete that file.<br />"; - } else { - $config = phorum_htmlpurifier_get_config(true); - if (!isset($_POST['reset'])) $config->mergeArrayFromForm($_POST, 'config', $PHORUM['mod_htmlpurifier']['directives']); - $PHORUM['mod_htmlpurifier']['config'] = $config->getAll(); - } - $PHORUM['mod_htmlpurifier']['wysiwyg'] = !empty($_POST['wysiwyg']); - $PHORUM['mod_htmlpurifier']['suppress_message'] = !empty($_POST['suppress_message']); - if(!phorum_htmlpurifier_commit_settings()){ - $error="Database error while updating settings."; - } else { - echo "Settings Updated<br />"; - } -} - -function phorum_htmlpurifier_commit_settings() -{ - global $PHORUM; - return phorum_db_update_settings(array("mod_htmlpurifier"=>$PHORUM["mod_htmlpurifier"])); -} - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/test-settings.sample.php b/vendor/ezyang/htmlpurifier/test-settings.sample.php deleted file mode 100644 index 480b66279..000000000 --- a/vendor/ezyang/htmlpurifier/test-settings.sample.php +++ /dev/null @@ -1,74 +0,0 @@ -<?php - -// ATTENTION! DO NOT EDIT THIS FILE! -// This file is necessary to run the unit tests and profiling scripts. -// Please copy it to 'test-settings.php' and make the necessary edits. - -// Note: The only external library you *need* is SimpleTest; everything else -// is optional. - -// We've got a lot of tests, so we recommend turning the limit off. -set_time_limit(0); - -// Turning off output buffering will prevent mysterious errors from core dumps. -$data = @ob_get_clean(); -if ($data !== false && $data !== '') { - echo "Output buffer contains data [".urlencode($data)."]\n"; - exit; -} - -// ----------------------------------------------------------------------------- -// REQUIRED SETTINGS - -// Note on running SimpleTest: -// You want the Git copy of SimpleTest, found here: -// https://github.com/simpletest/simpletest/ -// -// If SimpleTest is borked with HTML Purifier, please contact me or -// the SimpleTest devs; I am a developer for SimpleTest so I should be -// able to quickly assess a fix. SimpleTest's problem is my problem! - -// Where is SimpleTest located? Remember to include a trailing slash! -$simpletest_location = '/path/to/simpletest/'; - -// ----------------------------------------------------------------------------- -// OPTIONAL SETTINGS - -// Note on running PHPT: -// Vanilla PHPT from https://github.com/tswicegood/PHPT_Core should -// work fine on Linux w/o multitest. -// -// To do multitest or Windows testing, you'll need some more -// patches at https://github.com/ezyang/PHPT_Core -// -// I haven't tested the Windows setup in a while so I don't know if -// it still works. - -// Should PHPT tests be enabled? -$GLOBALS['HTMLPurifierTest']['PHPT'] = false; - -// If PHPT isn't in your Path via PEAR, set that here: -// set_include_path('/path/to/phpt/Core/src' . PATH_SEPARATOR . get_include_path()); - -// Where is CSSTidy located? (Include trailing slash. Leave false to disable.) -$csstidy_location = false; - -// For tests/multitest.php, which versions to test? -$versions_to_test = array(); - -// Stable PHP binary to use when invoking maintenance scripts. -$php = 'php'; - -// For tests/multitest.php, what is the multi-version executable? It must -// accept an extra parameter (version number) before all other arguments -$phpv = false; - -// Should PEAR tests be run? If you've got a valid PEAR installation, set this -// to true (or, if it's not in the include path, to its install directory). -$GLOBALS['HTMLPurifierTest']['PEAR'] = false; - -// If PEAR is enabled, what PEAR tests should be run? (Note: you will -// need to ensure these libraries are installed) -$GLOBALS['HTMLPurifierTest']['Net_IDNA2'] = true; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/test-settings.travis.php b/vendor/ezyang/htmlpurifier/test-settings.travis.php deleted file mode 100644 index b1edce4aa..000000000 --- a/vendor/ezyang/htmlpurifier/test-settings.travis.php +++ /dev/null @@ -1,72 +0,0 @@ -<?php - -// This file is the configuration for Travis testing. - -// Note: The only external library you *need* is SimpleTest; everything else -// is optional. - -// We've got a lot of tests, so we recommend turning the limit off. -set_time_limit(0); - -// Turning off output buffering will prevent mysterious errors from core dumps. -$data = @ob_get_clean(); -if ($data !== false && $data !== '') { - echo "Output buffer contains data [".urlencode($data)."]\n"; - exit; -} - -// ----------------------------------------------------------------------------- -// REQUIRED SETTINGS - -// Note on running SimpleTest: -// You want the Git copy of SimpleTest, found here: -// https://github.com/simpletest/simpletest/ -// -// If SimpleTest is borked with HTML Purifier, please contact me or -// the SimpleTest devs; I am a developer for SimpleTest so I should be -// able to quickly assess a fix. SimpleTest's problem is my problem! - -// Where is SimpleTest located? Remember to include a trailing slash! -$simpletest_location = dirname(__FILE__) . '/simpletest/'; - -// ----------------------------------------------------------------------------- -// OPTIONAL SETTINGS - -// Note on running PHPT: -// Vanilla PHPT from https://github.com/tswicegood/PHPT_Core should -// work fine on Linux w/o multitest. -// -// To do multitest or Windows testing, you'll need some more -// patches at https://github.com/ezyang/PHPT_Core -// -// I haven't tested the Windows setup in a while so I don't know if -// it still works. - -// Should PHPT tests be enabled? -$GLOBALS['HTMLPurifierTest']['PHPT'] = false; - -// If PHPT isn't in your Path via PEAR, set that here: -// set_include_path('/path/to/phpt/Core/src' . PATH_SEPARATOR . get_include_path()); - -// Where is CSSTidy located? (Include trailing slash. Leave false to disable.) -$csstidy_location = false; - -// For tests/multitest.php, which versions to test? -$versions_to_test = array(); - -// Stable PHP binary to use when invoking maintenance scripts. -$php = 'php'; - -// For tests/multitest.php, what is the multi-version executable? It must -// accept an extra parameter (version number) before all other arguments -$phpv = false; - -// Should PEAR tests be run? If you've got a valid PEAR installation, set this -// to true (or, if it's not in the include path, to its install directory). -$GLOBALS['HTMLPurifierTest']['PEAR'] = false; - -// If PEAR is enabled, what PEAR tests should be run? (Note: you will -// need to ensure these libraries are installed) -$GLOBALS['HTMLPurifierTest']['Net_IDNA2'] = true; - -// vim: et sw=4 sts=4 diff --git a/vendor/ezyang/htmlpurifier/update-for-release b/vendor/ezyang/htmlpurifier/update-for-release deleted file mode 100644 index 32709d25e..000000000 --- a/vendor/ezyang/htmlpurifier/update-for-release +++ /dev/null @@ -1,110 +0,0 @@ -<?php - -// release script -// PHP 5.0 only - -if (php_sapi_name() != 'cli') { - echo 'Release script cannot be called from web-browser.'; - exit; -} - -if (!isset($argv[1])) { - echo -'php release.php [version] - HTML Purifier release script -'; - exit; -} - -$version = trim($argv[1]); - -// Bump version numbers: - -// ...in VERSION -file_put_contents('VERSION', $version); - -// ...in NEWS -if ($is_dev = (strpos($version, 'dev') === false)) { - $date = date('Y-m-d'); - $news_c = str_replace( - $l = "$version, unknown release date", - "$version, released $date", - file_get_contents('NEWS'), - $c - ); - if (!$c) { - echo 'Could not update NEWS, missing ' . $l . PHP_EOL; - exit; - } elseif ($c > 1) { - echo 'More than one release declaration in NEWS replaced' . PHP_EOL; - exit; - } - file_put_contents('NEWS', $news_c); -} - -// ...in Doxyfile -$doxyfile_c = preg_replace( - '/(?<=PROJECT_NUMBER {9}= )[^\s]+/m', // brittle - $version, - file_get_contents('Doxyfile'), - 1, $c -); -if (!$c) { - echo 'Could not update Doxyfile, missing PROJECT_NUMBER.' . PHP_EOL; - exit; -} -file_put_contents('Doxyfile', $doxyfile_c); - -// ...in HTMLPurifier.php -$htmlpurifier_c = file_get_contents('library/HTMLPurifier.php'); -$htmlpurifier_c = preg_replace( - '/HTML Purifier .+? - /', - "HTML Purifier $version - ", - $htmlpurifier_c, - 1, $c -); -if (!$c) { - echo 'Could not update HTMLPurifier.php, missing HTML Purifier [version] header.' . PHP_EOL; - exit; -} -$htmlpurifier_c = preg_replace( - '/public \$version = \'.+?\';/', - "public \$version = '$version';", - $htmlpurifier_c, - 1, $c -); -if (!$c) { - echo 'Could not update HTMLPurifier.php, missing public $version.' . PHP_EOL; - exit; -} -$htmlpurifier_c = preg_replace( - '/const VERSION = \'.+?\';/', - "const VERSION = '$version';", - $htmlpurifier_c, - 1, $c -); -if (!$c) { - echo 'Could not update HTMLPurifier.php, missing const $version.' . PHP_EOL; - exit; -} -file_put_contents('library/HTMLPurifier.php', $htmlpurifier_c); - -$config_c = file_get_contents('library/HTMLPurifier/Config.php'); -$config_c = preg_replace( - '/public \$version = \'.+?\';/', - "public \$version = '$version';", - $config_c, - 1, $c -); -if (!$c) { - echo 'Could not update Config.php, missing public $version.' . PHP_EOL; - exit; -} -file_put_contents('library/HTMLPurifier/Config.php', $config_c); - -passthru('maintenance/flush.sh'); - -if ($is_dev) echo "Review changes, write something in WHATSNEW and FOCUS, and then commit with log 'Release $version.'" . PHP_EOL; -else echo "Numbers updated to dev, no other modifications necessary!"; - -// vim: et sw=4 sts=4 |