--- /dev/null
+<?php\r
+\r
+/**\r
+ * Our in-house implementation of a parser.\r
+ *\r
+ * A pure PHP parser, DirectLex has absolutely no dependencies, making\r
+ * it a reasonably good default for PHP4. Written with efficiency in mind,\r
+ * it can be four times faster than HTMLPurifier_Lexer_PEARSax3, although it\r
+ * pales in comparison to HTMLPurifier_Lexer_DOMLex.\r
+ *\r
+ * @todo Reread XML spec and document differences.\r
+ */\r
+class HTMLPurifier_Lexer_DirectLex extends HTMLPurifier_Lexer\r
+{\r
+ /**\r
+ * @type bool\r
+ */\r
+ public $tracksLineNumbers = true;\r
+\r
+ /**\r
+ * Whitespace characters for str(c)spn.\r
+ * @type string\r
+ */\r
+ protected $_whitespace = "\x20\x09\x0D\x0A";\r
+\r
+ /**\r
+ * Callback function for script CDATA fudge\r
+ * @param array $matches, in form of array(opening tag, contents, closing tag)\r
+ * @return string\r
+ */\r
+ protected function scriptCallback($matches)\r
+ {\r
+ return $matches[1] . htmlspecialchars($matches[2], ENT_COMPAT, 'UTF-8') . $matches[3];\r
+ }\r
+\r
+ /**\r
+ * @param String $html\r
+ * @param HTMLPurifier_Config $config\r
+ * @param HTMLPurifier_Context $context\r
+ * @return array|HTMLPurifier_Token[]\r
+ */\r
+ public function tokenizeHTML($html, $config, $context)\r
+ {\r
+ // special normalization for script tags without any armor\r
+ // our "armor" heurstic is a < sign any number of whitespaces after\r
+ // the first script tag\r
+ if ($config->get('HTML.Trusted')) {\r
+ $html = preg_replace_callback(\r
+ '#(<script[^>]*>)(\s*[^<].+?)(</script>)#si',\r
+ array($this, 'scriptCallback'),\r
+ $html\r
+ );\r
+ }\r
+\r
+ $html = $this->normalize($html, $config, $context);\r
+\r
+ $cursor = 0; // our location in the text\r
+ $inside_tag = false; // whether or not we're parsing the inside of a tag\r
+ $array = array(); // result array\r
+\r
+ // This is also treated to mean maintain *column* numbers too\r
+ $maintain_line_numbers = $config->get('Core.MaintainLineNumbers');\r
+\r
+ if ($maintain_line_numbers === null) {\r
+ // automatically determine line numbering by checking\r
+ // if error collection is on\r
+ $maintain_line_numbers = $config->get('Core.CollectErrors');\r
+ }\r
+\r
+ if ($maintain_line_numbers) {\r
+ $current_line = 1;\r
+ $current_col = 0;\r
+ $length = strlen($html);\r
+ } else {\r
+ $current_line = false;\r
+ $current_col = false;\r
+ $length = false;\r
+ }\r
+ $context->register('CurrentLine', $current_line);\r
+ $context->register('CurrentCol', $current_col);\r
+ $nl = "\n";\r
+ // how often to manually recalculate. This will ALWAYS be right,\r
+ // but it's pretty wasteful. Set to 0 to turn off\r
+ $synchronize_interval = $config->get('Core.DirectLexLineNumberSyncInterval');\r
+\r
+ $e = false;\r
+ if ($config->get('Core.CollectErrors')) {\r
+ $e =& $context->get('ErrorCollector');\r
+ }\r
+\r
+ // for testing synchronization\r
+ $loops = 0;\r
+\r
+ while (++$loops) {\r
+ // $cursor is either at the start of a token, or inside of\r
+ // a tag (i.e. there was a < immediately before it), as indicated\r
+ // by $inside_tag\r
+\r
+ if ($maintain_line_numbers) {\r
+ // $rcursor, however, is always at the start of a token.\r
+ $rcursor = $cursor - (int)$inside_tag;\r
+\r
+ // Column number is cheap, so we calculate it every round.\r
+ // We're interested at the *end* of the newline string, so\r
+ // we need to add strlen($nl) == 1 to $nl_pos before subtracting it\r
+ // from our "rcursor" position.\r
+ $nl_pos = strrpos($html, $nl, $rcursor - $length);\r
+ $current_col = $rcursor - (is_bool($nl_pos) ? 0 : $nl_pos + 1);\r
+\r
+ // recalculate lines\r
+ if ($synchronize_interval && // synchronization is on\r
+ $cursor > 0 && // cursor is further than zero\r
+ $loops % $synchronize_interval === 0) { // time to synchronize!\r
+ $current_line = 1 + $this->substrCount($html, $nl, 0, $cursor);\r
+ }\r
+ }\r
+\r
+ $position_next_lt = strpos($html, '<', $cursor);\r
+ $position_next_gt = strpos($html, '>', $cursor);\r
+\r
+ // triggers on "<b>asdf</b>" but not "asdf <b></b>"\r
+ // special case to set up context\r
+ if ($position_next_lt === $cursor) {\r
+ $inside_tag = true;\r
+ $cursor++;\r
+ }\r
+\r
+ if (!$inside_tag && $position_next_lt !== false) {\r
+ // We are not inside tag and there still is another tag to parse\r
+ $token = new\r
+ HTMLPurifier_Token_Text(\r
+ $this->parseData(\r
+ substr(\r
+ $html,\r
+ $cursor,\r
+ $position_next_lt - $cursor\r
+ )\r
+ )\r
+ );\r
+ if ($maintain_line_numbers) {\r
+ $token->rawPosition($current_line, $current_col);\r
+ $current_line += $this->substrCount($html, $nl, $cursor, $position_next_lt - $cursor);\r
+ }\r
+ $array[] = $token;\r
+ $cursor = $position_next_lt + 1;\r
+ $inside_tag = true;\r
+ continue;\r
+ } elseif (!$inside_tag) {\r
+ // We are not inside tag but there are no more tags\r
+ // If we're already at the end, break\r
+ if ($cursor === strlen($html)) {\r
+ break;\r
+ }\r
+ // Create Text of rest of string\r
+ $token = new\r
+ HTMLPurifier_Token_Text(\r
+ $this->parseData(\r
+ substr(\r
+ $html,\r
+ $cursor\r
+ )\r
+ )\r
+ );\r
+ if ($maintain_line_numbers) {\r
+ $token->rawPosition($current_line, $current_col);\r
+ }\r
+ $array[] = $token;\r
+ break;\r
+ } elseif ($inside_tag && $position_next_gt !== false) {\r
+ // We are in tag and it is well formed\r
+ // Grab the internals of the tag\r
+ $strlen_segment = $position_next_gt - $cursor;\r
+\r
+ if ($strlen_segment < 1) {\r
+ // there's nothing to process!\r
+ $token = new HTMLPurifier_Token_Text('<');\r
+ $cursor++;\r
+ continue;\r
+ }\r
+\r
+ $segment = substr($html, $cursor, $strlen_segment);\r
+\r
+ if ($segment === false) {\r
+ // somehow, we attempted to access beyond the end of\r
+ // the string, defense-in-depth, reported by Nate Abele\r
+ break;\r
+ }\r
+\r
+ // Check if it's a comment\r
+ if (substr($segment, 0, 3) === '!--') {\r
+ // re-determine segment length, looking for -->\r
+ $position_comment_end = strpos($html, '-->', $cursor);\r
+ if ($position_comment_end === false) {\r
+ // uh oh, we have a comment that extends to\r
+ // infinity. Can't be helped: set comment\r
+ // end position to end of string\r
+ if ($e) {\r
+ $e->send(E_WARNING, 'Lexer: Unclosed comment');\r
+ }\r
+ $position_comment_end = strlen($html);\r
+ $end = true;\r
+ } else {\r
+ $end = false;\r
+ }\r
+ $strlen_segment = $position_comment_end - $cursor;\r
+ $segment = substr($html, $cursor, $strlen_segment);\r
+ $token = new\r
+ HTMLPurifier_Token_Comment(\r
+ substr(\r
+ $segment,\r
+ 3,\r
+ $strlen_segment - 3\r
+ )\r
+ );\r
+ if ($maintain_line_numbers) {\r
+ $token->rawPosition($current_line, $current_col);\r
+ $current_line += $this->substrCount($html, $nl, $cursor, $strlen_segment);\r
+ }\r
+ $array[] = $token;\r
+ $cursor = $end ? $position_comment_end : $position_comment_end + 3;\r
+ $inside_tag = false;\r
+ continue;\r
+ }\r
+\r
+ // Check if it's an end tag\r
+ $is_end_tag = (strpos($segment, '/') === 0);\r
+ if ($is_end_tag) {\r
+ $type = substr($segment, 1);\r
+ $token = new HTMLPurifier_Token_End($type);\r
+ if ($maintain_line_numbers) {\r
+ $token->rawPosition($current_line, $current_col);\r
+ $current_line += $this->substrCount($html, $nl, $cursor, $position_next_gt - $cursor);\r
+ }\r
+ $array[] = $token;\r
+ $inside_tag = false;\r
+ $cursor = $position_next_gt + 1;\r
+ continue;\r
+ }\r
+\r
+ // Check leading character is alnum, if not, we may\r
+ // have accidently grabbed an emoticon. Translate into\r
+ // text and go our merry way\r
+ if (!ctype_alpha($segment[0])) {\r
+ // XML: $segment[0] !== '_' && $segment[0] !== ':'\r
+ if ($e) {\r
+ $e->send(E_NOTICE, 'Lexer: Unescaped lt');\r
+ }\r
+ $token = new HTMLPurifier_Token_Text('<');\r
+ if ($maintain_line_numbers) {\r
+ $token->rawPosition($current_line, $current_col);\r
+ $current_line += $this->substrCount($html, $nl, $cursor, $position_next_gt - $cursor);\r
+ }\r
+ $array[] = $token;\r
+ $inside_tag = false;\r
+ continue;\r
+ }\r
+\r
+ // Check if it is explicitly self closing, if so, remove\r
+ // trailing slash. Remember, we could have a tag like <br>, so\r
+ // any later token processing scripts must convert improperly\r
+ // classified EmptyTags from StartTags.\r
+ $is_self_closing = (strrpos($segment, '/') === $strlen_segment - 1);\r
+ if ($is_self_closing) {\r
+ $strlen_segment--;\r
+ $segment = substr($segment, 0, $strlen_segment);\r
+ }\r
+\r
+ // Check if there are any attributes\r
+ $position_first_space = strcspn($segment, $this->_whitespace);\r
+\r
+ if ($position_first_space >= $strlen_segment) {\r
+ if ($is_self_closing) {\r
+ $token = new HTMLPurifier_Token_Empty($segment);\r
+ } else {\r
+ $token = new HTMLPurifier_Token_Start($segment);\r
+ }\r
+ if ($maintain_line_numbers) {\r
+ $token->rawPosition($current_line, $current_col);\r
+ $current_line += $this->substrCount($html, $nl, $cursor, $position_next_gt - $cursor);\r
+ }\r
+ $array[] = $token;\r
+ $inside_tag = false;\r
+ $cursor = $position_next_gt + 1;\r
+ continue;\r
+ }\r
+\r
+ // Grab out all the data\r
+ $type = substr($segment, 0, $position_first_space);\r
+ $attribute_string =\r
+ trim(\r
+ substr(\r
+ $segment,\r
+ $position_first_space\r
+ )\r
+ );\r
+ if ($attribute_string) {\r
+ $attr = $this->parseAttributeString(\r
+ $attribute_string,\r
+ $config,\r
+ $context\r
+ );\r
+ } else {\r
+ $attr = array();\r
+ }\r
+\r
+ if ($is_self_closing) {\r
+ $token = new HTMLPurifier_Token_Empty($type, $attr);\r
+ } else {\r
+ $token = new HTMLPurifier_Token_Start($type, $attr);\r
+ }\r
+ if ($maintain_line_numbers) {\r
+ $token->rawPosition($current_line, $current_col);\r
+ $current_line += $this->substrCount($html, $nl, $cursor, $position_next_gt - $cursor);\r
+ }\r
+ $array[] = $token;\r
+ $cursor = $position_next_gt + 1;\r
+ $inside_tag = false;\r
+ continue;\r
+ } else {\r
+ // inside tag, but there's no ending > sign\r
+ if ($e) {\r
+ $e->send(E_WARNING, 'Lexer: Missing gt');\r
+ }\r
+ $token = new\r
+ HTMLPurifier_Token_Text(\r
+ '<' .\r
+ $this->parseData(\r
+ substr($html, $cursor)\r
+ )\r
+ );\r
+ if ($maintain_line_numbers) {\r
+ $token->rawPosition($current_line, $current_col);\r
+ }\r
+ // no cursor scroll? Hmm...\r
+ $array[] = $token;\r
+ break;\r
+ }\r
+ break;\r
+ }\r
+\r
+ $context->destroy('CurrentLine');\r
+ $context->destroy('CurrentCol');\r
+ return $array;\r
+ }\r
+\r
+ /**\r
+ * PHP 5.0.x compatible substr_count that implements offset and length\r
+ * @param string $haystack\r
+ * @param string $needle\r
+ * @param int $offset\r
+ * @param int $length\r
+ * @return int\r
+ */\r
+ protected function substrCount($haystack, $needle, $offset, $length)\r
+ {\r
+ static $oldVersion;\r
+ if ($oldVersion === null) {\r
+ $oldVersion = version_compare(PHP_VERSION, '5.1', '<');\r
+ }\r
+ if ($oldVersion) {\r
+ $haystack = substr($haystack, $offset, $length);\r
+ return substr_count($haystack, $needle);\r
+ } else {\r
+ return substr_count($haystack, $needle, $offset, $length);\r
+ }\r
+ }\r
+\r
+ /**\r
+ * Takes the inside of an HTML tag and makes an assoc array of attributes.\r
+ *\r
+ * @param string $string Inside of tag excluding name.\r
+ * @param HTMLPurifier_Config $config\r
+ * @param HTMLPurifier_Context $context\r
+ * @return array Assoc array of attributes.\r
+ */\r
+ public function parseAttributeString($string, $config, $context)\r
+ {\r
+ $string = (string)$string; // quick typecast\r
+\r
+ if ($string == '') {\r
+ return array();\r
+ } // no attributes\r
+\r
+ $e = false;\r
+ if ($config->get('Core.CollectErrors')) {\r
+ $e =& $context->get('ErrorCollector');\r
+ }\r
+\r
+ // let's see if we can abort as quickly as possible\r
+ // one equal sign, no spaces => one attribute\r
+ $num_equal = substr_count($string, '=');\r
+ $has_space = strpos($string, ' ');\r
+ if ($num_equal === 0 && !$has_space) {\r
+ // bool attribute\r
+ return array($string => $string);\r
+ } elseif ($num_equal === 1 && !$has_space) {\r
+ // only one attribute\r
+ list($key, $quoted_value) = explode('=', $string);\r
+ $quoted_value = trim($quoted_value);\r
+ if (!$key) {\r
+ if ($e) {\r
+ $e->send(E_ERROR, 'Lexer: Missing attribute key');\r
+ }\r
+ return array();\r
+ }\r
+ if (!$quoted_value) {\r
+ return array($key => '');\r
+ }\r
+ $first_char = @$quoted_value[0];\r
+ $last_char = @$quoted_value[strlen($quoted_value) - 1];\r
+\r
+ $same_quote = ($first_char == $last_char);\r
+ $open_quote = ($first_char == '"' || $first_char == "'");\r
+\r
+ if ($same_quote && $open_quote) {\r
+ // well behaved\r
+ $value = substr($quoted_value, 1, strlen($quoted_value) - 2);\r
+ } else {\r
+ // not well behaved\r
+ if ($open_quote) {\r
+ if ($e) {\r
+ $e->send(E_ERROR, 'Lexer: Missing end quote');\r
+ }\r
+ $value = substr($quoted_value, 1);\r
+ } else {\r
+ $value = $quoted_value;\r
+ }\r
+ }\r
+ if ($value === false) {\r
+ $value = '';\r
+ }\r
+ return array($key => $this->parseData($value));\r
+ }\r
+\r
+ // setup loop environment\r
+ $array = array(); // return assoc array of attributes\r
+ $cursor = 0; // current position in string (moves forward)\r
+ $size = strlen($string); // size of the string (stays the same)\r
+\r
+ // if we have unquoted attributes, the parser expects a terminating\r
+ // space, so let's guarantee that there's always a terminating space.\r
+ $string .= ' ';\r
+\r
+ $old_cursor = -1;\r
+ while ($cursor < $size) {\r
+ if ($old_cursor >= $cursor) {\r
+ throw new Exception("Infinite loop detected");\r
+ }\r
+ $old_cursor = $cursor;\r
+\r
+ $cursor += ($value = strspn($string, $this->_whitespace, $cursor));\r
+ // grab the key\r
+\r
+ $key_begin = $cursor; //we're currently at the start of the key\r
+\r
+ // scroll past all characters that are the key (not whitespace or =)\r
+ $cursor += strcspn($string, $this->_whitespace . '=', $cursor);\r
+\r
+ $key_end = $cursor; // now at the end of the key\r
+\r
+ $key = substr($string, $key_begin, $key_end - $key_begin);\r
+\r
+ if (!$key) {\r
+ if ($e) {\r
+ $e->send(E_ERROR, 'Lexer: Missing attribute key');\r
+ }\r
+ $cursor += 1 + strcspn($string, $this->_whitespace, $cursor + 1); // prevent infinite loop\r
+ continue; // empty key\r
+ }\r
+\r
+ // scroll past all whitespace\r
+ $cursor += strspn($string, $this->_whitespace, $cursor);\r
+\r
+ if ($cursor >= $size) {\r
+ $array[$key] = $key;\r
+ break;\r
+ }\r
+\r
+ // if the next character is an equal sign, we've got a regular\r
+ // pair, otherwise, it's a bool attribute\r
+ $first_char = @$string[$cursor];\r
+\r
+ if ($first_char == '=') {\r
+ // key="value"\r
+\r
+ $cursor++;\r
+ $cursor += strspn($string, $this->_whitespace, $cursor);\r
+\r
+ if ($cursor === false) {\r
+ $array[$key] = '';\r
+ break;\r
+ }\r
+\r
+ // we might be in front of a quote right now\r
+\r
+ $char = @$string[$cursor];\r
+\r
+ if ($char == '"' || $char == "'") {\r
+ // it's quoted, end bound is $char\r
+ $cursor++;\r
+ $value_begin = $cursor;\r
+ $cursor = strpos($string, $char, $cursor);\r
+ $value_end = $cursor;\r
+ } else {\r
+ // it's not quoted, end bound is whitespace\r
+ $value_begin = $cursor;\r
+ $cursor += strcspn($string, $this->_whitespace, $cursor);\r
+ $value_end = $cursor;\r
+ }\r
+\r
+ // we reached a premature end\r
+ if ($cursor === false) {\r
+ $cursor = $size;\r
+ $value_end = $cursor;\r
+ }\r
+\r
+ $value = substr($string, $value_begin, $value_end - $value_begin);\r
+ if ($value === false) {\r
+ $value = '';\r
+ }\r
+ $array[$key] = $this->parseData($value);\r
+ $cursor++;\r
+ } else {\r
+ // boolattr\r
+ if ($key !== '') {\r
+ $array[$key] = $key;\r
+ } else {\r
+ // purely theoretical\r
+ if ($e) {\r
+ $e->send(E_ERROR, 'Lexer: Missing attribute key');\r
+ }\r
+ }\r
+ }\r
+ }\r
+ return $array;\r
+ }\r
+}\r
+\r
+// vim: et sw=4 sts=4\r