Ana Sayfa Keşfet Yardım
Üye Ol Giriş Yap
aj
/
chamilo-lms2
1
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Ağaç: e7c246f349
Dallar Biçim İmleri
chamilo-lms2
/
vendor
/
ezyang
/
htmlpurifier
/
library
/
HTMLPurifier
/
EntityParser.php

EntityParser.php 4.6 KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144 
  1. <?php
    2. 

  2. 

  3. // if want to implement error collecting here, we'll need to use some sort
    4. 

  4. // of global data (probably trigger_error) because it's impossible to pass
    5. 

  5. // $config or $context to the callback functions.
    6. 

  6. 

  7. /**
    8. 

  8.  * Handles referencing and derefencing character entities
    9. 

  9.  */
    10. 

  10. class HTMLPurifier_EntityParser
    11. 

  11. {
    12. 

  12. 

  13.     /**
    14. 

  14.      * Reference to entity lookup table.
    15. 

  15.      */
    16. 

  16.     protected $_entity_lookup;
    17. 

  17. 

  18.     /**
    19. 

  19.      * Callback regex string for parsing entities.
    20. 

  20.      */
    21. 

  21.     protected $_substituteEntitiesRegex =
    22. 

  22. '/&(?:[#]x([a-fA-F0-9]+)|[#]0*(\d+)|([A-Za-z_:][A-Za-z0-9.\-_:]*));?/';
    23. 

  23. //     1. hex             2. dec      3. string (XML style)
    24. 

  24. 

  25. 

  26.     /**
    27. 

  27.      * Decimal to parsed string conversion table for special entities.
    28. 

  28.      */
    29. 

  29.     protected $_special_dec2str =
    30. 

  30.             array(
    31. 

  31.                     34 => '"',
    32. 

  32.                     38 => '&',
    33. 

  33.                     39 => "'",
    34. 

  34.                     60 => '<',
    35. 

  35.                     62 => '>'
    36. 

  36.             );
    37. 

  37. 

  38.     /**
    39. 

  39.      * Stripped entity names to decimal conversion table for special entities.
    40. 

  40.      */
    41. 

  41.     protected $_special_ent2dec =
    42. 

  42.             array(
    43. 

  43.                     'quot' => 34,
    44. 

  44.                     'amp'  => 38,
    45. 

  45.                     'lt'   => 60,
    46. 

  46.                     'gt'   => 62
    47. 

  47.             );
    48. 

  48. 

  49.     /**
    50. 

  50.      * Substitutes non-special entities with their parsed equivalents. Since
    51. 

  51.      * running this whenever you have parsed character is t3h 5uck, we run
    52. 

  52.      * it before everything else.
    53. 

  53.      *
    54. 

  54.      * @param $string String to have non-special entities parsed.
    55. 

  55.      * @returns Parsed string.
    56. 

  56.      */
    57. 

  57.     public function substituteNonSpecialEntities($string) {
    58. 

  58.         // it will try to detect missing semicolons, but don't rely on it
    59. 

  59.         return preg_replace_callback(
    60. 

  60.             $this->_substituteEntitiesRegex,
    61. 

  61.             array($this, 'nonSpecialEntityCallback'),
    62. 

  62.             $string
    63. 

  63.             );
    64. 

  64.     }
    65. 

  65. 

  66.     /**
    67. 

  67.      * Callback function for substituteNonSpecialEntities() that does the work.
    68. 

  68.      *
    69. 

  69.      * @param $matches  PCRE matches array, with 0 the entire match, and
    70. 

  70.      *                  either index 1, 2 or 3 set with a hex value, dec value,
    71. 

  71.      *                  or string (respectively).
    72. 

  72.      * @returns Replacement string.
    73. 

  73.      */
    74. 

  74. 

  75.     protected function nonSpecialEntityCallback($matches) {
    76. 

  76.         // replaces all but big five
    77. 

  77.         $entity = $matches[0];
    78. 

  78.         $is_num = (@$matches[0][1] === '#');
    79. 

  79.         if ($is_num) {
    80. 

  80.             $is_hex = (@$entity[2] === 'x');
    81. 

  81.             $code = $is_hex ? hexdec($matches[1]) : (int) $matches[2];
    82. 

  82. 

  83.             // abort for special characters
    84. 

  84.             if (isset($this->_special_dec2str[$code]))  return $entity;
    85. 

  85. 

  86.             return HTMLPurifier_Encoder::unichr($code);
    87. 

  87.         } else {
    88. 

  88.             if (isset($this->_special_ent2dec[$matches[3]])) return $entity;
    89. 

  89.             if (!$this->_entity_lookup) {
    90. 

  90.                 $this->_entity_lookup = HTMLPurifier_EntityLookup::instance();
    91. 

  91.             }
    92. 

  92.             if (isset($this->_entity_lookup->table[$matches[3]])) {
    93. 

  93.                 return $this->_entity_lookup->table[$matches[3]];
    94. 

  94.             } else {
    95. 

  95.                 return $entity;
    96. 

  96.             }
    97. 

  97.         }
    98. 

  98.     }
    99. 

  99. 

  100.     /**
    101. 

  101.      * Substitutes only special entities with their parsed equivalents.
    102. 

  102.      *
    103. 

  103.      * @notice We try to avoid calling this function because otherwise, it
    104. 

  104.      * would have to be called a lot (for every parsed section).
    105. 

  105.      *
    106. 

  106.      * @param $string String to have non-special entities parsed.
    107. 

  107.      * @returns Parsed string.
    108. 

  108.      */
    109. 

  109.     public function substituteSpecialEntities($string) {
    110. 

  110.         return preg_replace_callback(
    111. 

  111.             $this->_substituteEntitiesRegex,
    112. 

  112.             array($this, 'specialEntityCallback'),
    113. 

  113.             $string);
    114. 

  114.     }
    115. 

  115. 

  116.     /**
    117. 

  117.      * Callback function for substituteSpecialEntities() that does the work.
    118. 

  118.      *
    119. 

  119.      * This callback has same syntax as nonSpecialEntityCallback().
    120. 

  120.      *
    121. 

  121.      * @param $matches  PCRE-style matches array, with 0 the entire match, and
    122. 

  122.      *                  either index 1, 2 or 3 set with a hex value, dec value,
    123. 

  123.      *                  or string (respectively).
    124. 

  124.      * @returns Replacement string.
    125. 

  125.      */
    126. 

  126.     protected function specialEntityCallback($matches) {
    127. 

  127.         $entity = $matches[0];
    128. 

  128.         $is_num = (@$matches[0][1] === '#');
    129. 

  129.         if ($is_num) {
    130. 

  130.             $is_hex = (@$entity[2] === 'x');
    131. 

  131.             $int = $is_hex ? hexdec($matches[1]) : (int) $matches[2];
    132. 

  132.             return isset($this->_special_dec2str[$int]) ?
    133. 

  133.                 $this->_special_dec2str[$int] :
    134. 

  134.                 $entity;
    135. 

  135.         } else {
    136. 

  136.             return isset($this->_special_ent2dec[$matches[3]]) ?
    137. 

  137.                 $this->_special_ent2dec[$matches[3]] :
    138. 

  138.                 $entity;
    139. 

  139.         }
    140. 

  140.     }
    141. 

  141. 

  142. }
    143. 

  143. 

  144. // vim: et sw=4 sts=4
    145.