friendica/vendor/ezyang/htmlpurifier/library/HTMLPurifier/EntityParser.php

154 lines
4.9 KiB
PHP
Raw Normal View History

2010-09-09 05:14:17 +02:00
<?php
// if want to implement error collecting here, we'll need to use some sort
// of global data (probably trigger_error) because it's impossible to pass
// $config or $context to the callback functions.
/**
* Handles referencing and derefencing character entities
*/
class HTMLPurifier_EntityParser
{
/**
* Reference to entity lookup table.
2016-02-09 11:06:17 +01:00
* @type HTMLPurifier_EntityLookup
2010-09-09 05:14:17 +02:00
*/
protected $_entity_lookup;
/**
* Callback regex string for parsing entities.
2016-02-09 11:06:17 +01:00
* @type string
2010-09-09 05:14:17 +02:00
*/
protected $_substituteEntitiesRegex =
2016-02-09 11:06:17 +01:00
'/&(?:[#]x([a-fA-F0-9]+)|[#]0*(\d+)|([A-Za-z_:][A-Za-z0-9.\-_:]*));?/';
// 1. hex 2. dec 3. string (XML style)
2010-09-09 05:14:17 +02:00
/**
* Decimal to parsed string conversion table for special entities.
2016-02-09 11:06:17 +01:00
* @type array
2010-09-09 05:14:17 +02:00
*/
protected $_special_dec2str =
array(
34 => '"',
38 => '&',
39 => "'",
60 => '<',
62 => '>'
);
/**
* Stripped entity names to decimal conversion table for special entities.
2016-02-09 11:06:17 +01:00
* @type array
2010-09-09 05:14:17 +02:00
*/
protected $_special_ent2dec =
array(
'quot' => 34,
'amp' => 38,
'lt' => 60,
'gt' => 62
);
/**
* Substitutes non-special entities with their parsed equivalents. Since
* running this whenever you have parsed character is t3h 5uck, we run
* it before everything else.
*
2016-02-09 11:06:17 +01:00
* @param string $string String to have non-special entities parsed.
* @return string Parsed string.
2010-09-09 05:14:17 +02:00
*/
2016-02-09 11:06:17 +01:00
public function substituteNonSpecialEntities($string)
{
2010-09-09 05:14:17 +02:00
// it will try to detect missing semicolons, but don't rely on it
return preg_replace_callback(
$this->_substituteEntitiesRegex,
array($this, 'nonSpecialEntityCallback'),
$string
2016-02-09 11:06:17 +01:00
);
2010-09-09 05:14:17 +02:00
}
/**
* Callback function for substituteNonSpecialEntities() that does the work.
*
2016-02-09 11:06:17 +01:00
* @param array $matches PCRE matches array, with 0 the entire match, and
2010-09-09 05:14:17 +02:00
* either index 1, 2 or 3 set with a hex value, dec value,
* or string (respectively).
2016-02-09 11:06:17 +01:00
* @return string Replacement string.
2010-09-09 05:14:17 +02:00
*/
2016-02-09 11:06:17 +01:00
protected function nonSpecialEntityCallback($matches)
{
2010-09-09 05:14:17 +02:00
// replaces all but big five
$entity = $matches[0];
$is_num = (@$matches[0][1] === '#');
if ($is_num) {
$is_hex = (@$entity[2] === 'x');
$code = $is_hex ? hexdec($matches[1]) : (int) $matches[2];
// abort for special characters
2016-02-09 11:06:17 +01:00
if (isset($this->_special_dec2str[$code])) {
return $entity;
}
2010-09-09 05:14:17 +02:00
return HTMLPurifier_Encoder::unichr($code);
} else {
2016-02-09 11:06:17 +01:00
if (isset($this->_special_ent2dec[$matches[3]])) {
return $entity;
}
2010-09-09 05:14:17 +02:00
if (!$this->_entity_lookup) {
$this->_entity_lookup = HTMLPurifier_EntityLookup::instance();
}
if (isset($this->_entity_lookup->table[$matches[3]])) {
return $this->_entity_lookup->table[$matches[3]];
} else {
return $entity;
}
}
}
/**
* Substitutes only special entities with their parsed equivalents.
*
* @notice We try to avoid calling this function because otherwise, it
* would have to be called a lot (for every parsed section).
*
2016-02-09 11:06:17 +01:00
* @param string $string String to have non-special entities parsed.
* @return string Parsed string.
2010-09-09 05:14:17 +02:00
*/
2016-02-09 11:06:17 +01:00
public function substituteSpecialEntities($string)
{
2010-09-09 05:14:17 +02:00
return preg_replace_callback(
$this->_substituteEntitiesRegex,
array($this, 'specialEntityCallback'),
2016-02-09 11:06:17 +01:00
$string
);
2010-09-09 05:14:17 +02:00
}
/**
* Callback function for substituteSpecialEntities() that does the work.
*
* This callback has same syntax as nonSpecialEntityCallback().
*
2016-02-09 11:06:17 +01:00
* @param array $matches PCRE-style matches array, with 0 the entire match, and
2010-09-09 05:14:17 +02:00
* either index 1, 2 or 3 set with a hex value, dec value,
* or string (respectively).
2016-02-09 11:06:17 +01:00
* @return string Replacement string.
2010-09-09 05:14:17 +02:00
*/
2016-02-09 11:06:17 +01:00
protected function specialEntityCallback($matches)
{
2010-09-09 05:14:17 +02:00
$entity = $matches[0];
$is_num = (@$matches[0][1] === '#');
if ($is_num) {
$is_hex = (@$entity[2] === 'x');
$int = $is_hex ? hexdec($matches[1]) : (int) $matches[2];
return isset($this->_special_dec2str[$int]) ?
$this->_special_dec2str[$int] :
$entity;
} else {
return isset($this->_special_ent2dec[$matches[3]]) ?
$this->_special_ent2dec[$matches[3]] :
$entity;
}
}
}
// vim: et sw=4 sts=4