/2010/plugins/editors/rokpad/lib/htmlpurifier-2.1.5/HTMLPurifier/EntityParser.php

https://bitbucket.org/elijahvsjesus/tandava · PHP · 156 lines · 88 code · 15 blank · 53 comment · 9 complexity · 37a338b76f4ee5cc111aca151dd0b227 MD5 · raw file 

    

  1. <?php
    2. 

  2. 

  3. require_once 'HTMLPurifier/EntityLookup.php';
    4. 

  4. require_once 'HTMLPurifier/Encoder.php';
    5. 

  5. 

  6. // if want to implement error collecting here, we'll need to use some sort
    7. 

  7. // of global data (probably trigger_error) because it's impossible to pass
    8. 

  8. // $config or $context to the callback functions.
    9. 

  9. 

  10. /**
    11. 

  11.  * Handles referencing and derefencing character entities
    12. 

  12.  */
    13. 

  13. class HTMLPurifier_EntityParser
    14. 

  14. {
    15. 

  15.     
    16. 

  16.     /**
    17. 

  17.      * Reference to entity lookup table.
    18. 

  18.      * @protected
    19. 

  19.      */
    20. 

  20.     var $_entity_lookup;
    21. 

  21.     
    22. 

  22.     /**
    23. 

  23.      * Callback regex string for parsing entities.
    24. 

  24.      * @protected
    25. 

  25.      */                             
    26. 

  26.     var $_substituteEntitiesRegex =
    27. 

  27. '/&(?:[#]x([a-fA-F0-9]+)|[#]0*(\d+)|([A-Za-z_:][A-Za-z0-9.\-_:]*));?/';
    28. 

  28. //     1. hex             2. dec      3. string (XML style)
    29. 

  29.     
    30. 

  30.     
    31. 

  31.     /**
    32. 

  32.      * Decimal to parsed string conversion table for special entities.
    33. 

  33.      * @protected
    34. 

  34.      */
    35. 

  35.     var $_special_dec2str =
    36. 

  36.             array(
    37. 

  37.                     34 => '"',
    38. 

  38.                     38 => '&',
    39. 

  39.                     39 => "'",
    40. 

  40.                     60 => '<',
    41. 

  41.                     62 => '>'
    42. 

  42.             );
    43. 

  43.     
    44. 

  44.     /**
    45. 

  45.      * Stripped entity names to decimal conversion table for special entities.
    46. 

  46.      * @protected
    47. 

  47.      */
    48. 

  48.     var $_special_ent2dec =
    49. 

  49.             array(
    50. 

  50.                     'quot' => 34,
    51. 

  51.                     'amp'  => 38,
    52. 

  52.                     'lt'   => 60,
    53. 

  53.                     'gt'   => 62
    54. 

  54.             );
    55. 

  55.     
    56. 

  56.     /**
    57. 

  57.      * Substitutes non-special entities with their parsed equivalents. Since
    58. 

  58.      * running this whenever you have parsed character is t3h 5uck, we run
    59. 

  59.      * it before everything else.
    60. 

  60.      * 
    61. 

  61.      * @protected
    62. 

  62.      * @param $string String to have non-special entities parsed.
    63. 

  63.      * @returns Parsed string.
    64. 

  64.      */
    65. 

  65.     function substituteNonSpecialEntities($string) {
    66. 

  66.         // it will try to detect missing semicolons, but don't rely on it
    67. 

  67.         return preg_replace_callback(
    68. 

  68.             $this->_substituteEntitiesRegex,
    69. 

  69.             array($this, 'nonSpecialEntityCallback'),
    70. 

  70.             $string
    71. 

  71.             );
    72. 

  72.     }
    73. 

  73.     
    74. 

  74.     /**
    75. 

  75.      * Callback function for substituteNonSpecialEntities() that does the work.
    76. 

  76.      * 
    77. 

  77.      * @warning Though this is public in order to let the callback happen,
    78. 

  78.      *          calling it directly is not recommended.
    79. 

  79.      * @param $matches  PCRE matches array, with 0 the entire match, and
    80. 

  80.      *                  either index 1, 2 or 3 set with a hex value, dec value,
    81. 

  81.      *                  or string (respectively).
    82. 

  82.      * @returns Replacement string.
    83. 

  83.      */
    84. 

  84.     
    85. 

  85.     function nonSpecialEntityCallback($matches) {
    86. 

  86.         // replaces all but big five
    87. 

  87.         $entity = $matches[0];
    88. 

  88.         $is_num = (@$matches[0][1] === '#');
    89. 

  89.         if ($is_num) {
    90. 

  90.             $is_hex = (@$entity[2] === 'x');
    91. 

  91.             $code = $is_hex ? hexdec($matches[1]) : (int) $matches[2];
    92. 

  92.             
    93. 

  93.             // abort for special characters
    94. 

  94.             if (isset($this->_special_dec2str[$code]))  return $entity;
    95. 

  95.             
    96. 

  96.             return HTMLPurifier_Encoder::unichr($code);
    97. 

  97.         } else {
    98. 

  98.             if (isset($this->_special_ent2dec[$matches[3]])) return $entity;
    99. 

  99.             if (!$this->_entity_lookup) {
    100. 

  100.                 $this->_entity_lookup = HTMLPurifier_EntityLookup::instance();
    101. 

  101.             }
    102. 

  102.             if (isset($this->_entity_lookup->table[$matches[3]])) {
    103. 

  103.                 return $this->_entity_lookup->table[$matches[3]];
    104. 

  104.             } else {
    105. 

  105.                 return $entity;
    106. 

  106.             }
    107. 

  107.         }
    108. 

  108.     }
    109. 

  109.     
    110. 

  110.     /**
    111. 

  111.      * Substitutes only special entities with their parsed equivalents.
    112. 

  112.      * 
    113. 

  113.      * @notice We try to avoid calling this function because otherwise, it
    114. 

  114.      * would have to be called a lot (for every parsed section).
    115. 

  115.      * 
    116. 

  116.      * @protected
    117. 

  117.      * @param $string String to have non-special entities parsed.
    118. 

  118.      * @returns Parsed string.
    119. 

  119.      */
    120. 

  120.     function substituteSpecialEntities($string) {
    121. 

  121.         return preg_replace_callback(
    122. 

  122.             $this->_substituteEntitiesRegex,
    123. 

  123.             array($this, 'specialEntityCallback'),
    124. 

  124.             $string);
    125. 

  125.     }
    126. 

  126.     
    127. 

  127.     /**
    128. 

  128.      * Callback function for substituteSpecialEntities() that does the work.
    129. 

  129.      * 
    130. 

  130.      * This callback has same syntax as nonSpecialEntityCallback().
    131. 

  131.      * 
    132. 

  132.      * @warning Though this is public in order to let the callback happen,
    133. 

  133.      *          calling it directly is not recommended.
    134. 

  134.      * @param $matches  PCRE-style matches array, with 0 the entire match, and
    135. 

  135.      *                  either index 1, 2 or 3 set with a hex value, dec value,
    136. 

  136.      *                  or string (respectively).
    137. 

  137.      * @returns Replacement string.
    138. 

  138.      */
    139. 

  139.     function specialEntityCallback($matches) {
    140. 

  140.         $entity = $matches[0];
    141. 

  141.         $is_num = (@$matches[0][1] === '#');
    142. 

  142.         if ($is_num) {
    143. 

  143.             $is_hex = (@$entity[2] === 'x');
    144. 

  144.             $int = $is_hex ? hexdec($matches[1]) : (int) $matches[2];
    145. 

  145.             return isset($this->_special_dec2str[$int]) ?
    146. 

  146.                 $this->_special_dec2str[$int] :
    147. 

  147.                 $entity;
    148. 

  148.         } else {
    149. 

  149.             return isset($this->_special_ent2dec[$matches[3]]) ?
    150. 

  150.                 $this->_special_ent2dec[$matches[3]] :
    151. 

  151.                 $entity;
    152. 

  152.         }
    153. 

  153.     }
    154. 

  154.     
    155. 

  155. }
    156.