PageRenderTime 46ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 0ms

/common/libraries/plugin/htmlpurifier/library/HTMLPurifier/EntityParser.php

https://bitbucket.org/chamilo/chamilo-dev/
PHP | 136 lines | 75 code | 15 blank | 46 comment | 6 complexity | 9336489e17aec894589c473c351bf604 MD5 | raw file
Possible License(s): GPL-2.0, BSD-3-Clause, LGPL-2.1, LGPL-3.0, GPL-3.0, MIT 
    

  1. <?php

    2. 

  2. 

    3. 

  3. // if want to implement error collecting here, we'll need to use some sort

    4. 

  4. // of global data (probably trigger_error) because it's impossible to pass

    5. 

  5. // $config or $context to the callback functions.

    6. 

  6. 

    7. 

  7. 

    8. 

  8. /**

    9. 

  9.  * Handles referencing and derefencing character entities

    10. 

  10.  */

    11. 

  11. class HTMLPurifier_EntityParser

    12. 

  12. {

    13. 

  13.     

    14. 

  14.     /**

    15. 

  15.      * Reference to entity lookup table.

    16. 

  16.      */

    17. 

  17.     protected $_entity_lookup;

    18. 

  18.     

    19. 

  19.     /**

    20. 

  20.      * Callback regex string for parsing entities.

    21. 

  21.      */

    22. 

  22.     protected $_substituteEntitiesRegex = '/&(?:[#]x([a-fA-F0-9]+)|[#]0*(\d+)|([A-Za-z_:][A-Za-z0-9.\-_:]*));?/';

    23. 

  23.     //     1. hex             2. dec      3. string (XML style)

    24. 

  24.     

    25. 

  25. 

    26. 

  26.     /**

    27. 

  27.      * Decimal to parsed string conversion table for special entities.

    28. 

  28.      */

    29. 

  29.     protected $_special_dec2str = array(34 => '"', 38 => '&', 39 => "'", 60 => '<', 62 => '>');

    30. 

  30.     

    31. 

  31.     /**

    32. 

  32.      * Stripped entity names to decimal conversion table for special entities.

    33. 

  33.      */

    34. 

  34.     protected $_special_ent2dec = array('quot' => 34, 'amp' => 38, 'lt' => 60, 'gt' => 62);

    35. 

  35. 

    36. 

  36.     /**

    37. 

  37.      * Substitutes non-special entities with their parsed equivalents. Since

    38. 

  38.      * running this whenever you have parsed character is t3h 5uck, we run

    39. 

  39.      * it before everything else.

    40. 

  40.      *

    41. 

  41.      * @param $string String to have non-special entities parsed.

    42. 

  42.      * @returns Parsed string.

    43. 

  43.      */

    44. 

  44.     public function substituteNonSpecialEntities($string)

    45. 

  45.     {

    46. 

  46.         // it will try to detect missing semicolons, but don't rely on it

    47. 

  47.         return preg_replace_callback($this->_substituteEntitiesRegex, array($this, 'nonSpecialEntityCallback'), $string);

    48. 

  48.     }

    49. 

  49. 

    50. 

  50.     /**

    51. 

  51.      * Callback function for substituteNonSpecialEntities() that does the work.

    52. 

  52.      *

    53. 

  53.      * @param $matches  PCRE matches array, with 0 the entire match, and

    54. 

  54.      * either index 1, 2 or 3 set with a hex value, dec value,

    55. 

  55.      * or string (respectively).

    56. 

  56.      * @returns Replacement string.

    57. 

  57.      */

    58. 

  58.     

    59. 

  59.     protected function nonSpecialEntityCallback($matches)

    60. 

  60.     {

    61. 

  61.         // replaces all but big five

    62. 

  62.         $entity = $matches[0];

    63. 

  63.         $is_num = (@$matches[0][1] === '#');

    64. 

  64.         if ($is_num)

    65. 

  65.         {

    66. 

  66.             $is_hex = (@$entity[2] === 'x');

    67. 

  67.             $code = $is_hex ? hexdec($matches[1]) : (int) $matches[2];

    68. 

  68.             

    69. 

  69.             // abort for special characters

    70. 

  70.             if (isset($this->_special_dec2str[$code]))

    71. 

  71.                 return $entity;

    72. 

  72.             

    73. 

  73.             return HTMLPurifier_Encoder :: unichr($code);

    74. 

  74.         }

    75. 

  75.         else

    76. 

  76.         {

    77. 

  77.             if (isset($this->_special_ent2dec[$matches[3]]))

    78. 

  78.                 return $entity;

    79. 

  79.             if (! $this->_entity_lookup)

    80. 

  80.             {

    81. 

  81.                 $this->_entity_lookup = HTMLPurifier_EntityLookup :: instance();

    82. 

  82.             }

    83. 

  83.             if (isset($this->_entity_lookup->table[$matches[3]]))

    84. 

  84.             {

    85. 

  85.                 return $this->_entity_lookup->table[$matches[3]];

    86. 

  86.             }

    87. 

  87.             else

    88. 

  88.             {

    89. 

  89.                 return $entity;

    90. 

  90.             }

    91. 

  91.         }

    92. 

  92.     }

    93. 

  93. 

    94. 

  94.     /**

    95. 

  95.      * Substitutes only special entities with their parsed equivalents.

    96. 

  96.      *

    97. 

  97.      * @notice We try to avoid calling this function because otherwise, it

    98. 

  98.      * would have to be called a lot (for every parsed section).

    99. 

  99.      *

    100. 

  100.      * @param $string String to have non-special entities parsed.

    101. 

  101.      * @returns Parsed string.

    102. 

  102.      */

    103. 

  103.     public function substituteSpecialEntities($string)

    104. 

  104.     {

    105. 

  105.         return preg_replace_callback($this->_substituteEntitiesRegex, array($this, 'specialEntityCallback'), $string);

    106. 

  106.     }

    107. 

  107. 

    108. 

  108.     /**

    109. 

  109.      * Callback function for substituteSpecialEntities() that does the work.

    110. 

  110.      *

    111. 

  111.      * This callback has same syntax as nonSpecialEntityCallback().

    112. 

  112.      *

    113. 

  113.      * @param $matches  PCRE-style matches array, with 0 the entire match, and

    114. 

  114.      * either index 1, 2 or 3 set with a hex value, dec value,

    115. 

  115.      * or string (respectively).

    116. 

  116.      * @returns Replacement string.

    117. 

  117.      */

    118. 

  118.     protected function specialEntityCallback($matches)

    119. 

  119.     {

    120. 

  120.         $entity = $matches[0];

    121. 

  121.         $is_num = (@$matches[0][1] === '#');

    122. 

  122.         if ($is_num)

    123. 

  123.         {

    124. 

  124.             $is_hex = (@$entity[2] === 'x');

    125. 

  125.             $int = $is_hex ? hexdec($matches[1]) : (int) $matches[2];

    126. 

  126.             return isset($this->_special_dec2str[$int]) ? $this->_special_dec2str[$int] : $entity;

    127. 

  127.         }

    128. 

  128.         else

    129. 

  129.         {

    130. 

  130.             return isset($this->_special_ent2dec[$matches[3]]) ? $this->_special_ent2dec[$matches[3]] : $entity;

    131. 

  131.         }

    132. 

  132.     }

    133. 

  133. 

    134. 

  134. }

    135. 

  135. 

    136. 

  136. // vim: et sw=4 sts=4

    137. 

  137.