Eu8Y#RAH@Zz*BSu'YN0.?)d1 >VvΉ F/@9-i'wqz7)!@}J9"y Ab4|zJ2$&0Wb0 )+L,5&70eTbmGPq6Ə@ m'yoY3:aQG}j]F0k5 x׆-xMc"e+rt$F~Ck$s9W#(gWa\V2؋]RwAѺEԞg`6z/:.Y9XY(QXd|.b*qr}L~n%`rzjhʠ\9\>zQG|. _&M0mG#gM5,N#qq RIt\xhW Q FE̪?1Y?q ҁb?]Vx2H!ؙk,r";>{5Nw@qiFOx[_ 㣂uO1ԸOSu65–N1:/d$ -7Qlv58EؗrZ=s#}De*u7nv?$ânԺi: ҨBUyǔRllw(ՙ, N/w^W,Zͪwle!r@EL*R+k6fsqٕQ%^q4 ֒ߦLK@ mw`_'OWy݁o8{bCb>sX #4DĶbKm ,&}7Up 0JCѳVo"E?l 8aͪ5))xyo!q ôr暰_Bx9n=_;:N>wm`in+Գ4mJ|)yo*s ;(vTXX!ؙk,r";>{5Nw@qidVu8Mi?"4<q.#kC,]Zd nR| s _NEZQNKn<;PNtMK>.lͶ2[{{j56nEFs7O)"! %UT۳cY8/e'6PƃKU&*՚nz[ (< fCTc+Y'yta^' }Cڅ-lW ?|=Mz\S-OWnV \]aGp(ql;4Om +y94DwCuTK.6⹾AEw>*-I? 9HqFYy9fqbr} c6D{ۢq[k aJoh5:h,`p{uOk|96uI(kڥyYOTxdR,%*|'2FOKcFij}>뎙((N 8,Wq^Rf1^خ*AoP⒥|+*|]뢂FL7^q[wACsjHR5B2On_n.; *-Rf"رn{`j^/9/[ȭ J% (_6E];+\P  H4Ъ6smڲ /n5ܐP/MN;#U"c goŝz&Ҋ'#TnJe$v#gzb!V4RfVm)ئqzp8 OeҺtU&Ue4`񳘞.cR֔֏m)]+>'#kg+?F [7HG7\NՀ':t%3-^ɚ~R tV^rv`;/,BLe ;N=@ u9̩}kT#L؀k/A"O4{×ZNyR-N!N3kb"(l:' gǖ dֿzA#l TSɜyhªmT拻βb) 9 RG"o~7t!b$K$.تVKF?LycG͊:OO "v옮N5Ѝg{:״L~G]ϻc&,@lbj` lfcqLmlJc_r]%ڦ0 &ph ;@]$])xF3y G7YT1C?(hG(6|FPژJg[-'*[qJRP-կH!%FL_Me 2YəMC]9;C]L7}(iQ2 ! Gx䎹zҰpo@v:˔5z//j8JˀvHC6X<0E"k5U= ]T2F03RBurZ0 FK FֲP:E,nV.'!p wp0r LX3 E} \t|s c9lJ/H@s6o(Q+TWޑZ)H:Y+v2ѝ8EhO4Sr7@p2(]?*xI D ĢQ$3D`Y2q:oU_:~Qд1) D@s=DiԆetSL% aǫ"+iÈ 7ҳ0DZ) |NNTN3z2Q5Ze ޟ6k^م9A.@{q є2)QvdpRՒ$@+Ni?8`fb^@ŢKY9ڬKl?lo&ÊiyhªmT拻5KUHYŴ;D%  ->O`_ \%Tٳ8v~lSX;Ͻkπ ݭֈϢb_fpF[H@:^,Ⱥoa4V>t ni7NhM}#oKÉL+IMaY{B%'9?K=cu=BO&7E֍\ۛ]R{k)0.}5.WYvP{n5$w:=ᣘP[9Yc|ٍ|gJ!P1BQK-ȉ "$@|{ ƺ%Cjټy-6Wi5٤n1w:he Filter namespace or Filter.Custom', E_USER_WARNING ); $this->filters[] = $filter; } /** * Filters an HTML snippet/document to be XSS-free and standards-compliant. * * @param string $html String of HTML to purify * @param HTMLPurifier_Config $config Config object for this operation, * if omitted, defaults to the config object specified during this * object's construction. The parameter can also be any type * that HTMLPurifier_Config::create() supports. * * @return string Purified HTML */ public function purify($html, $config = null) { // :TODO: make the config merge in, instead of replace $config = $config ? HTMLPurifier_Config::create($config) : $this->config; // implementation is partially environment dependant, partially // configuration dependant $lexer = HTMLPurifier_Lexer::create($config); $context = new HTMLPurifier_Context(); // setup HTML generator $this->generator = new HTMLPurifier_Generator($config, $context); $context->register('Generator', $this->generator); // set up global context variables if ($config->get('Core.CollectErrors')) { // may get moved out if other facilities use it $language_factory = HTMLPurifier_LanguageFactory::instance(); $language = $language_factory->create($config, $context); $context->register('Locale', $language); $error_collector = new HTMLPurifier_ErrorCollector($context); $context->register('ErrorCollector', $error_collector); } // setup id_accumulator context, necessary due to the fact that // AttrValidator can be called from many places $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context); $context->register('IDAccumulator', $id_accumulator); $html = HTMLPurifier_Encoder::convertToUTF8($html, $config, $context); // setup filters $filter_flags = $config->getBatch('Filter'); $custom_filters = $filter_flags['Custom']; unset($filter_flags['Custom']); $filters = array(); foreach ($filter_flags as $filter => $flag) { if (!$flag) { continue; } if (strpos($filter, '.') !== false) { continue; } $class = "HTMLPurifier_Filter_$filter"; $filters[] = new $class; } foreach ($custom_filters as $filter) { // maybe "HTMLPurifier_Filter_$filter", but be consistent with AutoFormat $filters[] = $filter; } $filters = array_merge($filters, $this->filters); // maybe prepare(), but later for ($i = 0, $filter_size = count($filters); $i < $filter_size; $i++) { $html = $filters[$i]->preFilter($html, $config, $context); } // purified HTML $html = $this->generator->generateFromTokens( // list of tokens $this->strategy->execute( // list of un-purified tokens $lexer->tokenizeHTML( // un-purified HTML $html, $config, $context ), $config, $context ) ); for ($i = $filter_size - 1; $i >= 0; $i--) { $html = $filters[$i]->postFilter($html, $config, $context); } $html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context); $this->context =& $context; return $html; } /** * Filters an array of HTML snippets * * @param string[] $array_of_html Array of html snippets * @param HTMLPurifier_Config $config Optional config object for this operation. * See HTMLPurifier::purify() for more details. * * @return string[] Array of purified HTML */ public function purifyArray($array_of_html, $config = null) { $context_array = array(); $array = array(); foreach($array_of_html as $key=>$value){ if (is_array($value)) { $array[$key] = $this->purifyArray($value, $config); } else { $array[$key] = $this->purify($value, $config); } $context_array[$key] = $this->context; } $this->context = $context_array; return $array; } /** * Singleton for enforcing just one HTML Purifier in your system * * @param HTMLPurifier|HTMLPurifier_Config $prototype Optional prototype * HTMLPurifier instance to overload singleton with, * or HTMLPurifier_Config instance to configure the * generated version with. * * @return HTMLPurifier */ public static function instance($prototype = null) { if (!self::$instance || $prototype) { if ($prototype instanceof HTMLPurifier) { self::$instance = $prototype; } elseif ($prototype) { self::$instance = new HTMLPurifier($prototype); } else { self::$instance = new HTMLPurifier(); } } return self::$instance; } /** * Singleton for enforcing just one HTML Purifier in your system * * @param HTMLPurifier|HTMLPurifier_Config $prototype Optional prototype * HTMLPurifier instance to overload singleton with, * or HTMLPurifier_Config instance to configure the * generated version with. * * @return HTMLPurifier * @note Backwards compatibility, see instance() */ public static function getInstance($prototype = null) { return HTMLPurifier::instance($prototype); } } // vim: et sw=4 sts=4