8 private $_htmlPurifier;
14 $this->_checkCacheDir();
17 require_once
_XE_PATH_ .
'classes/security/htmlpurifier/library/HTMLPurifier.auto.php';
18 require_once
'HTMLPurifier.func.php';
25 if(!isset(
$GLOBALS[
'__PURIFIER_INSTANCE__']))
29 return $GLOBALS[
'__PURIFIER_INSTANCE__'];
32 private function _setConfig()
34 $whiteDomainRegex = $this->_getWhiteDomainRegx();
37 $this->_config = HTMLPurifier_Config::createDefault();
38 $this->_config->autoFinalize =
false;
39 $this->_config->set(
'HTML.TidyLevel',
'light');
40 $this->_config->set(
'Output.FlashCompat', TRUE);
41 $this->_config->set(
'HTML.SafeObject', TRUE);
42 $this->_config->set(
'HTML.SafeEmbed', TRUE);
43 $this->_config->set(
'HTML.SafeIframe', TRUE);
44 $this->_config->set(
'URI.SafeIframeRegexp', $whiteDomainRegex);
45 $this->_config->set(
'Cache.SerializerPath', $this->_cacheDir);
46 $this->_config->set(
'Attr.AllowedFrameTargets', array(
'_blank'));
49 $this->_config->set(
'Attr.IDPrefix',
'user_content_');
51 $this->_def = $this->_config->getHTMLDefinition(TRUE);
52 $this->_def->addAttribute(
'iframe',
'allowfullscreen',
'Text');
57 if($this->_config->isFinalized())
return;
59 $this->_config->set($name, $value);
62 private function _setDefinition(&$content)
65 $editComponentAttrs = $this->_searchEditComponent($content);
66 if(is_array($editComponentAttrs))
68 foreach($editComponentAttrs AS $k => $v)
70 $this->_def->addAttribute(
'img', $v,
'CDATA');
71 $this->_def->addAttribute(
'div', $v,
'CDATA');
76 $widgetAttrs = $this->_searchWidget($content);
77 if(is_array($widgetAttrs))
79 foreach($widgetAttrs AS $k => $v)
81 $this->_def->addAttribute(
'img', $v,
'CDATA');
91 private function _searchEditComponent($content)
93 preg_match_all(
'!<(?:(div)|img)([^>]*)editor_component=([^>]*)>(?(1)(.*?)</div>)!is', $content, $m);
95 $attributeList = array();
98 foreach($m[2] as $key => $value)
101 $script =
" {$m[2][$key]} editor_component={$m[3][$key]}";
103 if(preg_match_all(
'/([a-z0-9_-]+)="([^"]+)"/is', $script, $m2))
105 foreach($m2[1] as $value2)
108 if($value2 ==
'style')
112 $attributeList[] = $value2;
118 return array_unique($attributeList);
126 private function _searchWidget(&$content)
128 preg_match_all(
'!<(?:(div)|img)([^>]*)class="zbxe_widget_output"([^>]*)>(?(1)(.*?)</div>)!is', $content, $m);
130 $attributeList = array();
133 $content = str_replace(
'<img class="zbxe_widget_output"',
'<img src="" class="zbxe_widget_output"', $content);
135 foreach($m[3] as $key => $value)
137 if (preg_match_all(
'/([a-z0-9_-]+)="([^"]+)"/is', $m[3][$key], $m2))
139 foreach($m2[1] as $value2)
142 if($value2 ==
'style')
146 $attributeList[] = $value2;
151 return array_unique($attributeList);
154 private function _getWhiteDomainRegx()
157 $whiteIframeUrlList = $oEmbedFilter->getWhiteIframeUrlList();
159 $whiteDomain = array();
160 foreach($whiteIframeUrlList as $value)
162 $whiteDomain[] = preg_quote($value,
'%');
165 $whiteDomainRegex =
'%^(' . implode(
'|', $whiteDomain) .
')%';
167 return $whiteDomainRegex;
170 private function _checkCacheDir()
173 $this->_cacheDir =
_XE_PATH_ .
'files/cache/htmlpurifier';
179 $this->_setDefinition($content);
180 $this->_htmlPurifier =
new HTMLPurifier($this->_config);
182 $content = $this->_htmlPurifier->purify($content);
if(file_exists(_XE_PATH_. 'config/config.user.inc.php')) if(!defined('__DEBUG__')) if(!defined('__DEBUG_OUTPUT__')) if(!defined('__DEBUG_PROTECT__')) if(!defined('__DEBUG_PROTECT_IP__')) if(!defined('__DEBUG_DB_OUTPUT__')) if(!defined('__LOG_SLOW_QUERY__')) if(!defined('__LOG_SLOW_TRIGGER__')) if(!defined('__LOG_SLOW_ADDON__')) if(!defined('__LOG_SLOW_WIDGET__')) if(!defined('__DEBUG_QUERY__')) if(!defined('__OB_GZHANDLER_ENABLE__')) if(!defined('__ENABLE_PHPUNIT_TEST__')) if(!defined('__PROXY_SERVER__')) if(!defined('__ERROR_LOG__')) if(!defined('__DISABLE_DEFAULT_CSS__')) if(!defined('__AUTO_OPCACHE_INVALIDATE__')) if((__DEBUG_OUTPUT__==2)&&version_compare(PHP_VERSION, '6.0.0')===-1) if(version_compare(PHP_VERSION, '5.3.0') >=0) $GLOBALS['__xe_autoload_file_map']