Tasks #1297 - Code reworks and cleaning.

15 years ago · dfd1fb720e
parent 8652446666
commit dfd1fb720e
3 changed files with 25 additions and 26 deletions
--- a/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php
+++ b/main/inc/lib/formvalidator/Rule/allowed_tags.inc.php
@ -681,22 +681,25 @@ unset($allowed_tags_anonymous['object']);

 // HTMLPURIFIER-COMPATIBLE SETTINGS

-function kses_to_htmlpurifier($allowed_tags) {
-    $result[0] = array();
-    $result[1] = array();
+function convert_kses_to_htmlpurifier($allowed_tags) {
+    $allowed_html = array();
    foreach ($allowed_tags as $key1 => & $value1) {
        $result[0][] = $key1;
        if (count($value1) > 0) {
+            $attr = array();
            foreach ($value1 as $key2 => & $value2) {
-                $result[1][] = $key1.'.'.$key2;
+                $attr[] = $key2;
            }
+            $allowed_html[] = $key1.'['.implode('|', $attr).']';
+        } else {
+            $allowed_html[] = $key1;
        }
    }
-    return $result;
+    return implode(',', $allowed_html);
 }

-global $tag_student, $attribute_student, $tag_teacher, $attribute_teacher, $tag_anonymous, $attribute_anonymous;
+global $allowed_html_student, $allowed_html_teacher, $allowed_html_anonymous;

-list($tag_student, $attribute_student) = kses_to_htmlpurifier(array_merge($allowed_tags_student, $allowed_tags_student_full_page));
-list($tag_teacher, $attribute_teacher) = kses_to_htmlpurifier(array_merge($allowed_tags_teacher, $allowed_tags_teacher_full_page));
-list($tag_anonymous, $attribute_anonymous) = kses_to_htmlpurifier(array_merge($allowed_tags_anonymous, $allowed_tags_anonymous_full_page));
+$allowed_html_student = convert_kses_to_htmlpurifier(array_merge($allowed_tags_student, $allowed_tags_student_full_page));
+$allowed_html_teacher = convert_kses_to_htmlpurifier(array_merge($allowed_tags_teacher, $allowed_tags_teacher_full_page));
+$allowed_html_anonymous = convert_kses_to_htmlpurifier(array_merge($allowed_tags_anonymous, $allowed_tags_anonymous_full_page));
--- a/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php
+++ b/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php
@ -88,14 +88,8 @@ class HTMLPurifier_DefinitionCache_Serializer extends
     * @todo Make protected
     */
    public function generateBaseDirectoryPath($config) {
-    	$directory_in_garbage= api_get_path(SYS_ARCHIVE_PATH).'Serializer';
-    	//add directory Serializer, in choose not exist
-    	if (!file_exists($directory_in_garbage)) {
-    		mkdir($directory_in_garbage,0777);
-    	}
-        $base = $config->get('Cache.SerializerPath');//archive/Serializer
-       // $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
-        $base = is_null($base) ? $directory_in_garbage : $base;
+        $base = $config->get('Cache.SerializerPath');
+        $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
        return $base;
    }

--- a/main/inc/lib/security.lib.php
+++ b/main/inc/lib/security.lib.php
@ -243,30 +243,32 @@ class Security {
        }
        static $purifier = array();
        if (!isset($purifier[$user_status])) {
+            $cache_dir = api_get_path(SYS_ARCHIVE_PATH).'Serializer';
+            if (!file_exists($cache_dir)) {
+                mkdir($cache_dir, 0777);
+            }
            $config = HTMLPurifier_Config::createDefault();
+            $config->set('Cache.SerializerPath', $cache_dir);
            $config->set('Core.Encoding', api_get_system_encoding());
            $config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
            $config->set('HTML.TidyLevel', 'light');
            $config->set('Core.ConvertDocumentToFragment', false);
            $config->set('Core.RemoveProcessingInstructions', true);
            if ($user_status == STUDENT) {
-                global $tag_student, $attribute_student;
+                global $allowed_html_student;
+                $config->set('HTML.Allowed', $allowed_html_student);
                $config->set('HTML.SafeEmbed', true);
                $config->set('HTML.SafeObject', true);
                $config->set('Filter.YouTube', true);
-                $config->set('HTML.AllowedElements', $tag_student);
-                $config->set('HTML.AllowedAttributes', $attribute_student);
            } elseif ($user_status == COURSEMANAGER) {
-                global $tag_teacher, $attribute_teacher;
+                global $allowed_html_teacher;
+                $config->set('HTML.Allowed', $allowed_html_teacher);
                $config->set('HTML.SafeEmbed', true);
                $config->set('HTML.SafeObject', true);
                $config->set('Filter.YouTube', true);
-                $config->set('HTML.AllowedElements', $tag_teacher);
-                $config->set('HTML.AllowedAttributes', $attribute_teacher);
            } else {
-                global $tag_anonymous,$attribute_anonymous;
-                $config->set('HTML.AllowedElements', $tag_anonymous);
-                $config->set('HTML.AllowedAttributes', $attribute_anonymous);
+                global $allowed_html_anonymous;
+                $config->set('HTML.Allowed', $allowed_html_anonymous);
            }
            $config->set('CSS.AllowImportant', true);
            $config->set('CSS.AllowTricky', true); // We need the css definition display: none;