[ Index ]
 

Code source de SPIP 1.8.3
Accédez au Source d'autres logiciels libres | Soutenez Angelica Josefina !

title

Body

[fermer]

/ecrire/safehtml/classes/ -> safehtml.php (summary)

[Code source] [Imprimer] [Statistiques]

SafeHTML Parser PHP versions 4 and 5

Author: Roman Ivanov <thingol@mail.ru>
Copyright: 2004-2005 Roman Ivanov
License: http://www.debian.org/misc/bsd.license BSD License (3 Clause)
Version: CVS: $Id:$
Poids: 621 lignes (17 kb)
Inclus ou requis:0 fois
Référencé: 0 fois
Nécessite: 1 fichier
 ecrire/safehtml/classes/HTMLSax3.php

Définit 1 class

SafeHTML:: (10 méthodes):
  SafeHTML()
  _writeAttrs()
  _openHandler()
  _closeHandler()
  _closeTag()
  _dataHandler()
  _escapeHandler()
  getXHTML()
  clear()
  parse()


Classe: SafeHTML  - X-Ref

SafeHTML Parser

This parser strips down all potentially dangerous content within HTML:
<ul>
<li>opening tag without its closing tag</li>
<li>closing tag without its opening tag</li>
<li>any of these tags: "base", "basefont", "head", "html", "body", "applet",
"object", "iframe", "frame", "frameset", "script", "layer", "ilayer", "embed",
"bgsound", "link", "meta", "style", "title", "blink", "xml" etc.</li>
<li>any of these attributes: on*, data*, dynsrc</li>
<li>javascript:/vbscript:/about: etc. protocols</li>
<li>expression/behavior etc. in styles</li>
<li>any other active content</li>
</ul>
It also tries to convert code to XHTML valid, but htmltidy is far better
solution for this task.

<b>Example:</b>
<pre>
$parser =& new SafeHTML();
$result = $parser->parse($doc);
</pre>

SafeHTML()   X-Ref
Constructs class


_writeAttrs($attrs)   X-Ref
Handles the writing of attributes - called from $this->_openHandler()

param: array $attrs array of attributes $name => $value
return: boolean

_openHandler(&$parser, $name, $attrs)   X-Ref
Opening tag handler - called from HTMLSax

param: object $parser HTML Parser
param: string $name   tag name
param: array  $attrs  tag attributes
return: boolean

_closeHandler(&$parser, $name)   X-Ref
Closing tag handler - called from HTMLSax

param: object $parsers HTML parser
param: string $name    tag name
return: boolean

_closeTag($tag)   X-Ref
Closes tag

param: string $tag tag name
return: boolean

_dataHandler(&$parser, $data)   X-Ref
Character data handler - called from HTMLSax

param: object $parser HTML parser
param: string $data   textual data
return: boolean

_escapeHandler(&$parser, $data)   X-Ref
Escape handler - called from HTMLSax

param: object $parser HTML parser
param: string $data   comments or other type of data
return: boolean

getXHTML()   X-Ref
Returns the XHTML document

return: string Processed (X)HTML document

clear()   X-Ref
Clears current document data

return: boolean

parse($doc)   X-Ref
Main parsing fuction

param: string $doc HTML document for processing
return: string Processed (X)HTML document


Généré le : Thu Feb 22 22:27:47 2007 par Balluche grâce à PHPXref 0.7