HtmlSafe.php

Revision 479, 8.1 kB (checked in by insultant, 10 months ago)
--

Line
1	<?php
2
3	/* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
4
5	// +-------------------------------------------------------------------+
6	// \| WiFiDog Authentication Server \|
7	// \| ============================= \|
8	// \| \|
9	// \| The WiFiDog Authentication Server is part of the WiFiDog captive \|
10	// \| portal suite. \|
11	// +-------------------------------------------------------------------+
12	// \| PHP version 5 required. \|
13	// +-------------------------------------------------------------------+
14	// \| Homepage: http://www.wifidog.org/ \|
15	// \| Source Forge: http://sourceforge.net/projects/wifidog/ \|
16	// +-------------------------------------------------------------------+
17	// \| This program is free software; you can redistribute it and/or \|
18	// \| modify it under the terms of the GNU General Public License as \|
19	// \| published by the Free Software Foundation; either version 2 of \|
20	// \| the License, or (at your option) any later version. \|
21	// \| \|
22	// \| This program is distributed in the hope that it will be useful, \|
23	// \| but WITHOUT ANY WARRANTY; without even the implied warranty of \|
24	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the \|
25	// \| GNU General Public License for more details. \|
26	// \| \|
27	// \| You should have received a copy of the GNU General Public License \|
28	// \| along with this program; if not, contact: \|
29	// \| \|
30	// \| Free Software Foundation Voice: +1-617-542-5942 \|
31	// \| 59 Temple Place - Suite 330 Fax: +1-617-542-2652 \|
32	// \| Boston, MA 02111-1307, USA gnu@gnu.org \|
33	// \| \|
34	// +-------------------------------------------------------------------+
35
36	/**
37	* @package WiFiDogAuthServer
38	* @subpackage Security
39	* @author Max HorvÃ¡th <max.horvath@freenet.de>
40	* @copyright 2006 Max HorvÃ¡th, Horvath Web Consulting
41	* @version Subversion $Id: Cache.php 930 2006-01-29 23:15:52Z max-horvath $
42	* @link http://www.wifidog.org/
43	*/
44
45	/**
46	* PEAR::HTML_Safe implementation
47	*
48	* @package WiFiDogAuthServer
49	* @subpackage Security
50	* @author Max HorvÃ¡th <max.horvath@freenet.de>
51	* @copyright 2006 Max HorvÃ¡th, Horvath Web Consulting
52	*/
53	class HtmlSafe
54	{
55
56	/**
57	* Defines if PEAR::HTML_Safe will be used or not
58	*
59	*/
60	public $isHtmlSafeEnabled = false;
61
62	/**
63	* PEAR::HTML_Safe object.
64	*
65
66	*/
67	private $_HtmlSafe;
68
69	/**
70	* List of dangerous tags (such tags will be deleted)
71	*
72
73	*/
74	private $_deleteTags = array(
75	'applet', 'base', 'basefont', 'bgsound', 'blink', 'body',
76	'frame', 'frameset', 'head', 'html', 'ilayer', 'iframe',
77	'layer', 'link', 'meta', 'style', 'title', 'script'
78	);
79
80	/**
81	* List of dangerous tags (such tags will be deleted, and all content
82	* inside this tags will be also removed)
83	*
84
85	*/
86	private $_deleteTagsContent = array('script', 'style', 'title', 'xml');
87
88	/**
89	* List of dangerous attributes
90	*
91
92	*/
93	private $_attributes = array('dynsrc', 'id', 'name');
94
95	/**
96	* Constructor.
97	*
98	* @return void
99	*/
100	public function __construct()
101	{
102	// Check if PEAR::HTML_Safe is available
103	if (Dependency::check("HTML_Safe")) {
104	// Load PEAR::HTML_Safe
105	require_once('HTML/Safe.php');
106
107	// Enabled PEAR::HTML_Safe support
108	$this->isHtmlSafeEnabled = true;
109
110	// Create a PEAR::HTML_Safe object
111	$this->_HtmlSafe = new HTML_Safe();
112
113	// Define list of dangerous tags
114	$this->_HtmlSafe->deleteTags = $this->getDeleteTags();
115
116	// Define list of dangerous tags
117	$this->_HtmlSafe->deleteTagsContent = $this->getDeleteTagsContent();
118
119	// Define list of dangerous attributes
120	$this->_HtmlSafe->attributes = $this->getAttributes();
121	}
122	}
123
124	/**
125	* Sets list of tags
126	*
127	* @param array $deleteTags List of tags
128	* @param bool $appendTags If set to true your list of tags will
129	* be appended to the current list of tags
130	*
131	* @return bool True on a successful change of list of tags
132
133	*/
134	private function _setTags(&$tagList, $tags, $appendTags = false)
135	{
136	// Init values
137	$_retVal = false;
138
139	if (is_array($tags)) {
140	if ($appendTags) {
141	$tagList[] = $tags;
142	} else {
143	$tagList = $tags;
144	}
145
146	$_retVal = true;
147	}
148
149	return $_retVal;
150	}
151
152	/**
153	* Returns list of dangerous tags
154	*
155	* @return array List of dangerous tags
156	*/
157	public function getDeleteTags()
158	{
159	return $this->_deleteTags;
160	}
161
162	/**
163	* Sets list of dangerous tags
164	*
165	* @param array $deleteTags List of dangerous tags
166	* @param bool $appendTags If set to true your list of dangerous tags will
167	* be appended to the current list of dangerous
168	* tags
169	*
170	* @return bool True on a successful change of list of dangerous tags
171	*/
172	public function setDeleteTags($deleteTags, $appendTags = false)
173	{
174	$_retVal = $this->_setTags($this->_deleteTags, $deleteTags, $appendTags);
175
176	if ($_retVal) {
177	$this->_HtmlSafe->deleteTags = $this->getDeleteTags();
178	}
179
180	return $_retVal;
181	}
182
183	/**
184	* Returns list of dangerous tags
185	*
186	* @return array List of dangerous tags
187	*/
188	public function getDeleteTagsContent()
189	{
190	return $this->_deleteTagsContent;
191	}
192
193	/**
194	* Sets list of dangerous tags
195	*
196	* @param array $deleteTagsContent List of dangerous tags
197	* @param bool $appendTags If set to true your list of dangerous
198	* tags will be appended to the current
199	* list of dangerous tags
200	*
201	* @return bool True on a successful change of list of dangerous tags
202	*/
203	public function setDeleteTagsContent($deleteTagsContent, $appendTags = false)
204	{
205	$_retVal = $this->_setTags($this->_deleteTagsContent, $deleteTagsContent, $appendTags);
206
207	if ($_retVal) {
208	$this->_HtmlSafe->deleteTags = $this->getDeleteTagsContent();
209	}
210
211	return $_retVal;
212	}
213
214	/**
215	* Returns list of dangerous attributes
216	*
217	* @return array List of dangerous attributes
218	*/
219	public function getAttributes()
220	{
221	return $this->_attributes;
222	}
223
224	/**
225	* Sets list of dangerous attributes
226	*
227	* @param array $attributes List of dangerous attributes
228	* @param bool $appendTags If set to true your list of dangerous attributes
229	* will be appended to the current list of
230	* dangerous attributes
231	*
232	* @return bool True on a successful change of list of dangerous attributes
233	*/
234	public function setAttributes($attributes, $appendTags = false)
235	{
236	$_retVal = $this->_setTags($this->_attributes, $attributes, $appendTags);
237
238	if ($_retVal) {
239	$this->_HtmlSafe->deleteTags = $this->getAttributes();
240	}
241
242	return $_retVal;
243	}
244
245	/**
246	* Parses and strips down all potentially dangerous content within HTML
247	*
248	* @param string $html HTML markup to be parsed
249	*
250	* @return string Parsed and stripped down HTML markup
251	*/
252	public function parseHtml($html)
253	{
254	return $this->_HtmlSafe->parse($html);
255	}
256
257	}
258
259	/*
260	* Local variables:
261	* tab-width: 4
262	* c-basic-offset: 4
263	* c-hanging-comment-ender-p: nil
264	* End:
265	*/
266
267

Note: See TracBrowser for help on using the browser.

root/wifidogadmin/wifidog/classes/HtmlSafe.php

Download in other formats: