]>
Commit | Line | Data |
---|---|---|
d4949327 NL |
1 | <?php\r |
2 | \r | |
3 | /**\r | |
4 | * Parses string representations into their corresponding native PHP\r | |
5 | * variable type. The base implementation does a simple type-check.\r | |
6 | */\r | |
7 | class HTMLPurifier_VarParser\r | |
8 | {\r | |
9 | \r | |
10 | const STRING = 1;\r | |
11 | const ISTRING = 2;\r | |
12 | const TEXT = 3;\r | |
13 | const ITEXT = 4;\r | |
14 | const INT = 5;\r | |
15 | const FLOAT = 6;\r | |
16 | const BOOL = 7;\r | |
17 | const LOOKUP = 8;\r | |
18 | const ALIST = 9;\r | |
19 | const HASH = 10;\r | |
20 | const MIXED = 11;\r | |
21 | \r | |
22 | /**\r | |
23 | * Lookup table of allowed types. Mainly for backwards compatibility, but\r | |
24 | * also convenient for transforming string type names to the integer constants.\r | |
25 | */\r | |
26 | public static $types = array(\r | |
27 | 'string' => self::STRING,\r | |
28 | 'istring' => self::ISTRING,\r | |
29 | 'text' => self::TEXT,\r | |
30 | 'itext' => self::ITEXT,\r | |
31 | 'int' => self::INT,\r | |
32 | 'float' => self::FLOAT,\r | |
33 | 'bool' => self::BOOL,\r | |
34 | 'lookup' => self::LOOKUP,\r | |
35 | 'list' => self::ALIST,\r | |
36 | 'hash' => self::HASH,\r | |
37 | 'mixed' => self::MIXED\r | |
38 | );\r | |
39 | \r | |
40 | /**\r | |
41 | * Lookup table of types that are string, and can have aliases or\r | |
42 | * allowed value lists.\r | |
43 | */\r | |
44 | public static $stringTypes = array(\r | |
45 | self::STRING => true,\r | |
46 | self::ISTRING => true,\r | |
47 | self::TEXT => true,\r | |
48 | self::ITEXT => true,\r | |
49 | );\r | |
50 | \r | |
51 | /**\r | |
52 | * Validate a variable according to type.\r | |
53 | * It may return NULL as a valid type if $allow_null is true.\r | |
54 | *\r | |
55 | * @param mixed $var Variable to validate\r | |
56 | * @param int $type Type of variable, see HTMLPurifier_VarParser->types\r | |
57 | * @param bool $allow_null Whether or not to permit null as a value\r | |
58 | * @return string Validated and type-coerced variable\r | |
59 | * @throws HTMLPurifier_VarParserException\r | |
60 | */\r | |
61 | final public function parse($var, $type, $allow_null = false)\r | |
62 | {\r | |
63 | if (is_string($type)) {\r | |
64 | if (!isset(HTMLPurifier_VarParser::$types[$type])) {\r | |
65 | throw new HTMLPurifier_VarParserException("Invalid type '$type'");\r | |
66 | } else {\r | |
67 | $type = HTMLPurifier_VarParser::$types[$type];\r | |
68 | }\r | |
69 | }\r | |
70 | $var = $this->parseImplementation($var, $type, $allow_null);\r | |
71 | if ($allow_null && $var === null) {\r | |
72 | return null;\r | |
73 | }\r | |
74 | // These are basic checks, to make sure nothing horribly wrong\r | |
75 | // happened in our implementations.\r | |
76 | switch ($type) {\r | |
77 | case (self::STRING):\r | |
78 | case (self::ISTRING):\r | |
79 | case (self::TEXT):\r | |
80 | case (self::ITEXT):\r | |
81 | if (!is_string($var)) {\r | |
82 | break;\r | |
83 | }\r | |
84 | if ($type == self::ISTRING || $type == self::ITEXT) {\r | |
85 | $var = strtolower($var);\r | |
86 | }\r | |
87 | return $var;\r | |
88 | case (self::INT):\r | |
89 | if (!is_int($var)) {\r | |
90 | break;\r | |
91 | }\r | |
92 | return $var;\r | |
93 | case (self::FLOAT):\r | |
94 | if (!is_float($var)) {\r | |
95 | break;\r | |
96 | }\r | |
97 | return $var;\r | |
98 | case (self::BOOL):\r | |
99 | if (!is_bool($var)) {\r | |
100 | break;\r | |
101 | }\r | |
102 | return $var;\r | |
103 | case (self::LOOKUP):\r | |
104 | case (self::ALIST):\r | |
105 | case (self::HASH):\r | |
106 | if (!is_array($var)) {\r | |
107 | break;\r | |
108 | }\r | |
109 | if ($type === self::LOOKUP) {\r | |
110 | foreach ($var as $k) {\r | |
111 | if ($k !== true) {\r | |
112 | $this->error('Lookup table contains value other than true');\r | |
113 | }\r | |
114 | }\r | |
115 | } elseif ($type === self::ALIST) {\r | |
116 | $keys = array_keys($var);\r | |
117 | if (array_keys($keys) !== $keys) {\r | |
118 | $this->error('Indices for list are not uniform');\r | |
119 | }\r | |
120 | }\r | |
121 | return $var;\r | |
122 | case (self::MIXED):\r | |
123 | return $var;\r | |
124 | default:\r | |
125 | $this->errorInconsistent(get_class($this), $type);\r | |
126 | }\r | |
127 | $this->errorGeneric($var, $type);\r | |
128 | }\r | |
129 | \r | |
130 | /**\r | |
131 | * Actually implements the parsing. Base implementation does not\r | |
132 | * do anything to $var. Subclasses should overload this!\r | |
133 | * @param mixed $var\r | |
134 | * @param int $type\r | |
135 | * @param bool $allow_null\r | |
136 | * @return string\r | |
137 | */\r | |
138 | protected function parseImplementation($var, $type, $allow_null)\r | |
139 | {\r | |
140 | return $var;\r | |
141 | }\r | |
142 | \r | |
143 | /**\r | |
144 | * Throws an exception.\r | |
145 | * @throws HTMLPurifier_VarParserException\r | |
146 | */\r | |
147 | protected function error($msg)\r | |
148 | {\r | |
149 | throw new HTMLPurifier_VarParserException($msg);\r | |
150 | }\r | |
151 | \r | |
152 | /**\r | |
153 | * Throws an inconsistency exception.\r | |
154 | * @note This should not ever be called. It would be called if we\r | |
155 | * extend the allowed values of HTMLPurifier_VarParser without\r | |
156 | * updating subclasses.\r | |
157 | * @param string $class\r | |
158 | * @param int $type\r | |
159 | * @throws HTMLPurifier_Exception\r | |
160 | */\r | |
161 | protected function errorInconsistent($class, $type)\r | |
162 | {\r | |
163 | throw new HTMLPurifier_Exception(\r | |
164 | "Inconsistency in $class: " . HTMLPurifier_VarParser::getTypeName($type) .\r | |
165 | " not implemented"\r | |
166 | );\r | |
167 | }\r | |
168 | \r | |
169 | /**\r | |
170 | * Generic error for if a type didn't work.\r | |
171 | * @param mixed $var\r | |
172 | * @param int $type\r | |
173 | */\r | |
174 | protected function errorGeneric($var, $type)\r | |
175 | {\r | |
176 | $vtype = gettype($var);\r | |
177 | $this->error("Expected type " . HTMLPurifier_VarParser::getTypeName($type) . ", got $vtype");\r | |
178 | }\r | |
179 | \r | |
180 | /**\r | |
181 | * @param int $type\r | |
182 | * @return string\r | |
183 | */\r | |
184 | public static function getTypeName($type)\r | |
185 | {\r | |
186 | static $lookup;\r | |
187 | if (!$lookup) {\r | |
188 | // Lazy load the alternative lookup table\r | |
189 | $lookup = array_flip(HTMLPurifier_VarParser::$types);\r | |
190 | }\r | |
191 | if (!isset($lookup[$type])) {\r | |
192 | return 'unknown';\r | |
193 | }\r | |
194 | return $lookup[$type];\r | |
195 | }\r | |
196 | }\r | |
197 | \r | |
198 | // vim: et sw=4 sts=4\r |