aboutsummaryrefslogtreecommitdiffhomepage
path: root/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser
diff options
context:
space:
mode:
Diffstat (limited to 'inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser')
-rw-r--r--inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Flexible.php130
-rw-r--r--inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Native.php38
2 files changed, 168 insertions, 0 deletions
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Flexible.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Flexible.php
new file mode 100644
index 00000000..b2ed860a
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Flexible.php
@@ -0,0 +1,130 @@
1<?php
2
3/**
4 * Performs safe variable parsing based on types which can be used by
5 * users. This may not be able to represent all possible data inputs,
6 * however.
7 */
8class HTMLPurifier_VarParser_Flexible extends HTMLPurifier_VarParser
9{
10 /**
11 * @param mixed $var
12 * @param int $type
13 * @param bool $allow_null
14 * @return array|bool|float|int|mixed|null|string
15 * @throws HTMLPurifier_VarParserException
16 */
17 protected function parseImplementation($var, $type, $allow_null)
18 {
19 if ($allow_null && $var === null) {
20 return null;
21 }
22 switch ($type) {
23 // Note: if code "breaks" from the switch, it triggers a generic
24 // exception to be thrown. Specific errors can be specifically
25 // done here.
26 case self::MIXED:
27 case self::ISTRING:
28 case self::STRING:
29 case self::TEXT:
30 case self::ITEXT:
31 return $var;
32 case self::INT:
33 if (is_string($var) && ctype_digit($var)) {
34 $var = (int)$var;
35 }
36 return $var;
37 case self::FLOAT:
38 if ((is_string($var) && is_numeric($var)) || is_int($var)) {
39 $var = (float)$var;
40 }
41 return $var;
42 case self::BOOL:
43 if (is_int($var) && ($var === 0 || $var === 1)) {
44 $var = (bool)$var;
45 } elseif (is_string($var)) {
46 if ($var == 'on' || $var == 'true' || $var == '1') {
47 $var = true;
48 } elseif ($var == 'off' || $var == 'false' || $var == '0') {
49 $var = false;
50 } else {
51 throw new HTMLPurifier_VarParserException("Unrecognized value '$var' for $type");
52 }
53 }
54 return $var;
55 case self::ALIST:
56 case self::HASH:
57 case self::LOOKUP:
58 if (is_string($var)) {
59 // special case: technically, this is an array with
60 // a single empty string item, but having an empty
61 // array is more intuitive
62 if ($var == '') {
63 return array();
64 }
65 if (strpos($var, "\n") === false && strpos($var, "\r") === false) {
66 // simplistic string to array method that only works
67 // for simple lists of tag names or alphanumeric characters
68 $var = explode(',', $var);
69 } else {
70 $var = preg_split('/(,|[\n\r]+)/', $var);
71 }
72 // remove spaces
73 foreach ($var as $i => $j) {
74 $var[$i] = trim($j);
75 }
76 if ($type === self::HASH) {
77 // key:value,key2:value2
78 $nvar = array();
79 foreach ($var as $keypair) {
80 $c = explode(':', $keypair, 2);
81 if (!isset($c[1])) {
82 continue;
83 }
84 $nvar[trim($c[0])] = trim($c[1]);
85 }
86 $var = $nvar;
87 }
88 }
89 if (!is_array($var)) {
90 break;
91 }
92 $keys = array_keys($var);
93 if ($keys === array_keys($keys)) {
94 if ($type == self::ALIST) {
95 return $var;
96 } elseif ($type == self::LOOKUP) {
97 $new = array();
98 foreach ($var as $key) {
99 $new[$key] = true;
100 }
101 return $new;
102 } else {
103 break;
104 }
105 }
106 if ($type === self::ALIST) {
107 trigger_error("Array list did not have consecutive integer indexes", E_USER_WARNING);
108 return array_values($var);
109 }
110 if ($type === self::LOOKUP) {
111 foreach ($var as $key => $value) {
112 if ($value !== true) {
113 trigger_error(
114 "Lookup array has non-true value at key '$key'; " .
115 "maybe your input array was not indexed numerically",
116 E_USER_WARNING
117 );
118 }
119 $var[$key] = true;
120 }
121 }
122 return $var;
123 default:
124 $this->errorInconsistent(__CLASS__, $type);
125 }
126 $this->errorGeneric($var, $type);
127 }
128}
129
130// vim: et sw=4 sts=4
diff --git a/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Native.php b/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Native.php
new file mode 100644
index 00000000..c28055b5
--- /dev/null
+++ b/inc/3rdparty/htmlpurifier/HTMLPurifier/VarParser/Native.php
@@ -0,0 +1,38 @@
1<?php
2
3/**
4 * This variable parser uses PHP's internal code engine. Because it does
5 * this, it can represent all inputs; however, it is dangerous and cannot
6 * be used by users.
7 */
8class HTMLPurifier_VarParser_Native extends HTMLPurifier_VarParser
9{
10
11 /**
12 * @param mixed $var
13 * @param int $type
14 * @param bool $allow_null
15 * @return null|string
16 */
17 protected function parseImplementation($var, $type, $allow_null)
18 {
19 return $this->evalExpression($var);
20 }
21
22 /**
23 * @param string $expr
24 * @return mixed
25 * @throws HTMLPurifier_VarParserException
26 */
27 protected function evalExpression($expr)
28 {
29 $var = null;
30 $result = eval("\$var = $expr;");
31 if ($result === false) {
32 throw new HTMLPurifier_VarParserException("Fatal error in evaluated code");
33 }
34 return $var;
35 }
36}
37
38// vim: et sw=4 sts=4