|
|
|
|
@ -71,9 +71,6 @@ class HTMLPurifier |
|
|
|
|
|
|
|
|
|
protected $strategy, $generator; |
|
|
|
|
|
|
|
|
|
/**allow set user status*/ |
|
|
|
|
public $my_user_status; |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* Resultant HTMLPurifier_Context of last run purification. Is an array |
|
|
|
|
* of contexts if the last called method was purifyArray(). |
|
|
|
|
@ -88,48 +85,11 @@ class HTMLPurifier |
|
|
|
|
* The parameter can also be any type that |
|
|
|
|
* HTMLPurifier_Config::create() supports. |
|
|
|
|
*/ |
|
|
|
|
public function __construct($config = null, $user_status) { |
|
|
|
|
/* |
|
|
|
|
$this->config = HTMLPurifier_Config::create($config); |
|
|
|
|
|
|
|
|
|
$this->strategy = new HTMLPurifier_Strategy_Core(); |
|
|
|
|
*/ |
|
|
|
|
|
|
|
|
|
if ($user_status == COURSEMANAGERLOWSECURITY) { |
|
|
|
|
//non initialize object htmlpurifier |
|
|
|
|
$this->my_user_status = COURSEMANAGERLOWSECURITY; |
|
|
|
|
} else { |
|
|
|
|
$config = HTMLPurifier_Config::createDefault(); |
|
|
|
|
$config->set('Core.Encoding', api_get_system_encoding()); |
|
|
|
|
$config->set('HTML.Doctype', 'XHTML 1.0 Transitional'); |
|
|
|
|
|
|
|
|
|
if ($user_status == STUDENT) { |
|
|
|
|
global $tag_student, $attribute_student; |
|
|
|
|
$config->set('HTML.SafeEmbed', true); |
|
|
|
|
$config->set('HTML.SafeObject', true); |
|
|
|
|
$config->set('Filter.YouTube', true); |
|
|
|
|
$config->set('HTML.AllowedElements', $tag_student); |
|
|
|
|
$config->set('HTML.AllowedAttributes', $attribute_student); |
|
|
|
|
} elseif ($user_status == COURSEMANAGER) { |
|
|
|
|
//activate in configuration setting |
|
|
|
|
global $tag_teacher, $attribute_teacher; |
|
|
|
|
$config->set('HTML.SafeEmbed', true); |
|
|
|
|
$config->set('HTML.SafeObject', true); |
|
|
|
|
$config->set('Filter.YouTube', true); |
|
|
|
|
$config->set('HTML.AllowedElements', $tag_teacher); |
|
|
|
|
$config->set('HTML.AllowedAttributes', $attribute_teacher); |
|
|
|
|
} else { |
|
|
|
|
global $tag_anonymous,$attribute_anonymous; |
|
|
|
|
$config->set('HTML.AllowedElements', $tag_anonymous); |
|
|
|
|
$config->set('HTML.AllowedAttributes', $attribute_anonymous); |
|
|
|
|
} |
|
|
|
|
$config->set('HTML.TidyLevel', 'light'); |
|
|
|
|
$config->set('CSS.AllowTricky', true); // We need the css definition display: none; |
|
|
|
|
public function __construct($config = null) { |
|
|
|
|
|
|
|
|
|
$this->config = HTMLPurifier_Config::create($config); |
|
|
|
|
|
|
|
|
|
$this->strategy = new HTMLPurifier_Strategy_Core(); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
@ -154,10 +114,6 @@ class HTMLPurifier |
|
|
|
|
*/ |
|
|
|
|
public function purify($html, $config = null) { |
|
|
|
|
|
|
|
|
|
if ($this->my_user_status == COURSEMANAGERLOWSECURITY) { |
|
|
|
|
return $html; |
|
|
|
|
} else { |
|
|
|
|
|
|
|
|
|
// :TODO: make the config merge in, instead of replace |
|
|
|
|
$config = $config ? HTMLPurifier_Config::create($config) : $this->config; |
|
|
|
|
|
|
|
|
|
@ -233,7 +189,6 @@ class HTMLPurifier |
|
|
|
|
$this->context =& $context; |
|
|
|
|
return $html; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* Filters an array of HTML snippets |
|
|
|
|
@ -242,9 +197,6 @@ class HTMLPurifier |
|
|
|
|
* @return Array of purified HTML |
|
|
|
|
*/ |
|
|
|
|
public function purifyArray($array_of_html, $config = null) { |
|
|
|
|
if ($this->my_user_status == COURSEMANAGERLOWSECURITY) { |
|
|
|
|
return $array_of_html; |
|
|
|
|
} else { |
|
|
|
|
$context_array = array(); |
|
|
|
|
foreach ($array_of_html as $key => $html) { |
|
|
|
|
$array_of_html[$key] = $this->purify($html, $config); |
|
|
|
|
@ -253,7 +205,6 @@ class HTMLPurifier |
|
|
|
|
$this->context = $context_array; |
|
|
|
|
return $array_of_html; |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* Singleton for enforcing just one HTML Purifier in your system |
|
|
|
|
|
Ivan Tcholakov
15 years ago