Home Explore Help
Sign In
huangzhidong
/
guoyao-jiankang
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 90da9ad65d
Branches Tags
guoyao-jiank...
/
vendor
/
ezyang
/
htmlpurifier
/
library
/
HTMLPurifier
/
VarParser
/
Flexible.php

Flexible.php 4.9 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * Performs safe variable parsing based on types which can be used by
    5. 

  5.  * users. This may not be able to represent all possible data inputs,
    6. 

  6.  * however.
    7. 

  7.  */
    8. 

  8. class HTMLPurifier_VarParser_Flexible extends HTMLPurifier_VarParser
    9. 

  9. {
    10. 

  10.     /**
    11. 

  11.      * @param mixed $var
    12. 

  12.      * @param int $type
    13. 

  13.      * @param bool $allow_null
    14. 

  14.      * @return array|bool|float|int|mixed|null|string
    15. 

  15.      * @throws HTMLPurifier_VarParserException
    16. 

  16.      */
    17. 

  17.     protected function parseImplementation($var, $type, $allow_null)
    18. 

  18.     {
    19. 

  19.         if ($allow_null && $var === null) {
    20. 

  20.             return null;
    21. 

  21.         }
    22. 

  22.         switch ($type) {
    23. 

  23.             // Note: if code "breaks" from the switch, it triggers a generic
    24. 

  24.             // exception to be thrown. Specific errors can be specifically
    25. 

  25.             // done here.
    26. 

  26.             case self::C_MIXED:
    27. 

  27.             case self::ISTRING:
    28. 

  28.             case self::C_STRING:
    29. 

  29.             case self::TEXT:
    30. 

  30.             case self::ITEXT:
    31. 

  31.                 return $var;
    32. 

  32.             case self::C_INT:
    33. 

  33.                 if (is_string($var) && ctype_digit($var)) {
    34. 

  34.                     $var = (int)$var;
    35. 

  35.                 }
    36. 

  36.                 return $var;
    37. 

  37.             case self::C_FLOAT:
    38. 

  38.                 if ((is_string($var) && is_numeric($var)) || is_int($var)) {
    39. 

  39.                     $var = (float)$var;
    40. 

  40.                 }
    41. 

  41.                 return $var;
    42. 

  42.             case self::C_BOOL:
    43. 

  43.                 if (is_int($var) && ($var === 0 || $var === 1)) {
    44. 

  44.                     $var = (bool)$var;
    45. 

  45.                 } elseif (is_string($var)) {
    46. 

  46.                     if ($var == 'on' || $var == 'true' || $var == '1') {
    47. 

  47.                         $var = true;
    48. 

  48.                     } elseif ($var == 'off' || $var == 'false' || $var == '0') {
    49. 

  49.                         $var = false;
    50. 

  50.                     } else {
    51. 

  51.                         throw new HTMLPurifier_VarParserException("Unrecognized value '$var' for $type");
    52. 

  52.                     }
    53. 

  53.                 }
    54. 

  54.                 return $var;
    55. 

  55.             case self::ALIST:
    56. 

  56.             case self::HASH:
    57. 

  57.             case self::LOOKUP:
    58. 

  58.                 if (is_string($var)) {
    59. 

  59.                     // special case: technically, this is an array with
    60. 

  60.                     // a single empty string item, but having an empty
    61. 

  61.                     // array is more intuitive
    62. 

  62.                     if ($var == '') {
    63. 

  63.                         return array();
    64. 

  64.                     }
    65. 

  65.                     if (strpos($var, "\n") === false && strpos($var, "\r") === false) {
    66. 

  66.                         // simplistic string to array method that only works
    67. 

  67.                         // for simple lists of tag names or alphanumeric characters
    68. 

  68.                         $var = explode(',', $var);
    69. 

  69.                     } else {
    70. 

  70.                         $var = preg_split('/(,|[\n\r]+)/', $var);
    71. 

  71.                     }
    72. 

  72.                     // remove spaces
    73. 

  73.                     foreach ($var as $i => $j) {
    74. 

  74.                         $var[$i] = trim($j);
    75. 

  75.                     }
    76. 

  76.                     if ($type === self::HASH) {
    77. 

  77.                         // key:value,key2:value2
    78. 

  78.                         $nvar = array();
    79. 

  79.                         foreach ($var as $keypair) {
    80. 

  80.                             $c = explode(':', $keypair, 2);
    81. 

  81.                             if (!isset($c[1])) {
    82. 

  82.                                 continue;
    83. 

  83.                             }
    84. 

  84.                             $nvar[trim($c[0])] = trim($c[1]);
    85. 

  85.                         }
    86. 

  86.                         $var = $nvar;
    87. 

  87.                     }
    88. 

  88.                 }
    89. 

  89.                 if (!is_array($var)) {
    90. 

  90.                     break;
    91. 

  91.                 }
    92. 

  92.                 $keys = array_keys($var);
    93. 

  93.                 if ($keys === array_keys($keys)) {
    94. 

  94.                     if ($type == self::ALIST) {
    95. 

  95.                         return $var;
    96. 

  96.                     } elseif ($type == self::LOOKUP) {
    97. 

  97.                         $new = array();
    98. 

  98.                         foreach ($var as $key) {
    99. 

  99.                             $new[$key] = true;
    100. 

  100.                         }
    101. 

  101.                         return $new;
    102. 

  102.                     } else {
    103. 

  103.                         break;
    104. 

  104.                     }
    105. 

  105.                 }
    106. 

  106.                 if ($type === self::ALIST) {
    107. 

  107.                     trigger_error("Array list did not have consecutive integer indexes", E_USER_WARNING);
    108. 

  108.                     return array_values($var);
    109. 

  109.                 }
    110. 

  110.                 if ($type === self::LOOKUP) {
    111. 

  111.                     foreach ($var as $key => $value) {
    112. 

  112.                         if ($value !== true) {
    113. 

  113.                             trigger_error(
    114. 

  114.                                 "Lookup array has non-true value at key '$key'; " .
    115. 

  115.                                 "maybe your input array was not indexed numerically",
    116. 

  116.                                 E_USER_WARNING
    117. 

  117.                             );
    118. 

  118.                         }
    119. 

  119.                         $var[$key] = true;
    120. 

  120.                     }
    121. 

  121.                 }
    122. 

  122.                 return $var;
    123. 

  123.             default:
    124. 

  124.                 $this->errorInconsistent(__CLASS__, $type);
    125. 

  125.         }
    126. 

  126.         $this->errorGeneric($var, $type);
    127. 

  127.     }
    128. 

  128. }
    129. 

  129. 

  130. // vim: et sw=4 sts=4
    131.