diff --git a/main/inc/lib/htmlpurifier/configdoc/generate.php b/main/inc/lib/htmlpurifier/configdoc/generate.php
index e0c4e674ae..1611a1f701 100644
--- a/main/inc/lib/htmlpurifier/configdoc/generate.php
+++ b/main/inc/lib/htmlpurifier/configdoc/generate.php
@@ -18,9 +18,11 @@ TODO:
if (version_compare(PHP_VERSION, '5.2', '<')) exit('PHP 5.2+ required.');
error_reporting(E_ALL | E_STRICT);
+chdir(dirname(__FILE__));
+
// load dual-libraries
-require_once dirname(__FILE__) . '/../extras/HTMLPurifierExtras.auto.php';
-require_once dirname(__FILE__) . '/../library/HTMLPurifier.auto.php';
+require_once '../extras/HTMLPurifierExtras.auto.php';
+require_once '../library/HTMLPurifier.auto.php';
// setup HTML Purifier singleton
HTMLPurifier::getInstance(array(
@@ -35,7 +37,7 @@ if (file_exists($loader)) include $loader;
$interchange->validate();
$style = 'plain'; // use $_GET in the future, careful to validate!
-$configdoc_xml = dirname(__FILE__) . '/configdoc.xml';
+$configdoc_xml = 'configdoc.xml';
$xml_builder = new HTMLPurifier_ConfigSchema_Builder_Xml();
$xml_builder->openURI($configdoc_xml);
@@ -52,13 +54,11 @@ if (!$output) {
}
// write out
-file_put_contents(dirname(__FILE__) . "/$style.html", $output);
+file_put_contents("$style.html", $output);
if (php_sapi_name() != 'cli') {
// output (instant feedback if it's a browser)
echo $output;
} else {
- echo "Files generated successfully.\n";
-}
-
-// vim: et sw=4 sts=4
+ echo 'Files generated successfully.';
+}
\ No newline at end of file
diff --git a/main/inc/lib/htmlpurifier/library/HTMLPurifier.php b/main/inc/lib/htmlpurifier/library/HTMLPurifier.php
index fff4678862..a0fb4e0741 100644
--- a/main/inc/lib/htmlpurifier/library/HTMLPurifier.php
+++ b/main/inc/lib/htmlpurifier/library/HTMLPurifier.php
@@ -71,6 +71,9 @@ class HTMLPurifier
protected $strategy, $generator;
+ /**allow set user status*/
+ public $my_user_status;
+
/**
* Resultant HTMLPurifier_Context of last run purification. Is an array
* of contexts if the last called method was purifyArray().
@@ -85,11 +88,44 @@ class HTMLPurifier
* The parameter can also be any type that
* HTMLPurifier_Config::create() supports.
*/
- public function __construct($config = null) {
-
+ public function __construct($config = null,$user_status) {
+/*
$this->config = HTMLPurifier_Config::create($config);
$this->strategy = new HTMLPurifier_Strategy_Core();
+*/
+ global $charset;
+ if ($user_status==COURSEMANAGERLOWSECURITY) {
+ //non initialize object htmlpurifier
+ $this->my_user_status=COURSEMANAGERLOWSECURITY;
+ } else {
+ $config = HTMLPurifier_Config::createDefault();
+ $config->set('Core.Encoding',$charset);
+ $config->set('HTML.Doctype', 'XHTML 1.0 Transitional');
+
+ if ($user_status==STUDENT) {
+ global $tag_student,$attribute_student;//$tag_student
+ $config->set('HTML.SafeEmbed',true);
+ $config->set('HTML.SafeObject',true);
+ $config->set('Filter.YouTube', true);
+ $config->set('HTML.AllowedElements',$tag_student);
+ $config->set('HTML.AllowedAttributes',$attribute_student);
+ } elseif ($user_status==COURSEMANAGER) {
+ //activate in configuration setting
+ global $tag_teacher,$attribute_teacher;
+ $config->set('HTML.SafeEmbed',true);
+ $config->set('Filter.YouTube', true);
+ $config->set('HTML.AllowedElements',$tag_teacher);
+ $config->set('HTML.AllowedAttributes', $attribute_teacher);
+ } else {
+ global $tag_anonymous,$attribute_anonymous;
+ $config->set('HTML.AllowedElements', $tag_anonymous);
+ $config->set('HTML.AllowedAttributes',$attribute_anonymous);
+ }
+ $config->set('HTML.TidyLevel', 'light');
+ $this->config = HTMLPurifier_Config::create($config);
+ $this->strategy = new HTMLPurifier_Strategy_Core();
+ }
}
@@ -113,6 +149,10 @@ class HTMLPurifier
* @return Purified HTML
*/
public function purify($html, $config = null) {
+
+ if ($this->my_user_status==COURSEMANAGERLOWSECURITY) {
+ return $html;
+ } else {
// :TODO: make the config merge in, instead of replace
$config = $config ? HTMLPurifier_Config::create($config) : $this->config;
@@ -188,6 +228,7 @@ class HTMLPurifier
$html = HTMLPurifier_Encoder::convertFromUTF8($html, $config, $context);
$this->context =& $context;
return $html;
+ }
}
/**
@@ -197,13 +238,17 @@ class HTMLPurifier
* @return Array of purified HTML
*/
public function purifyArray($array_of_html, $config = null) {
- $context_array = array();
- foreach ($array_of_html as $key => $html) {
- $array_of_html[$key] = $this->purify($html, $config);
- $context_array[$key] = $this->context;
- }
- $this->context = $context_array;
- return $array_of_html;
+ if ($this->my_user_status==COURSEMANAGERLOWSECURITY) {
+ return $array_of_html;
+ } else {
+ $context_array = array();
+ foreach ($array_of_html as $key => $html) {
+ $array_of_html[$key] = $this->purify($html, $config);
+ $context_array[$key] = $this->context;
+ }
+ $this->context = $context_array;
+ return $array_of_html;
+ }
}
/**
diff --git a/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php b/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php
index 7a6aa93f02..feeacc7780 100644
--- a/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php
+++ b/main/inc/lib/htmlpurifier/library/HTMLPurifier/DefinitionCache/Serializer.php
@@ -88,8 +88,14 @@ class HTMLPurifier_DefinitionCache_Serializer extends
* @todo Make protected
*/
public function generateBaseDirectoryPath($config) {
- $base = $config->get('Cache.SerializerPath');
- $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
+ $directory_in_garbage= api_get_path(SYS_ARCHIVE_PATH).'Serializer';
+ //add directory Serializer, in choose not exist
+ if (!file_exists($directory_in_garbage)) {
+ mkdir($directory_in_garbage,0777);
+ }
+ $base = $config->get('Cache.SerializerPath');//archive/Serializer
+ // $base = is_null($base) ? HTMLPURIFIER_PREFIX . '/HTMLPurifier/DefinitionCache/Serializer' : $base;
+ $base = is_null($base) ? $directory_in_garbage : $base;
return $base;
}