1 : <?php
2 :
3 : /**
4 : * Performs safe variable parsing based on types which can be used by
5 : * users. This may not be able to represent all possible data inputs,
6 : * however.
7 : */
8 1 : class HTMLPurifier_VarParser_Flexible extends HTMLPurifier_VarParser
9 : {
10 :
11 : protected function parseImplementation($var, $type, $allow_null) {
12 2 : if ($allow_null && $var === null) return null;
13 : switch ($type) {
14 : // Note: if code "breaks" from the switch, it triggers a generic
15 : // exception to be thrown. Specific errors can be specifically
16 : // done here.
17 2 : case self::MIXED :
18 2 : case self::ISTRING :
19 2 : case self::STRING :
20 2 : case self::TEXT :
21 2 : case self::ITEXT :
22 2 : return $var;
23 2 : case self::INT :
24 0 : if (is_string($var) && ctype_digit($var)) $var = (int) $var;
25 0 : return $var;
26 2 : case self::FLOAT :
27 0 : if ((is_string($var) && is_numeric($var)) || is_int($var)) $var = (float) $var;
28 0 : return $var;
29 2 : case self::BOOL :
30 2 : if (is_int($var) && ($var === 0 || $var === 1)) {
31 0 : $var = (bool) $var;
32 2 : } elseif (is_string($var)) {
33 0 : if ($var == 'on' || $var == 'true' || $var == '1') {
34 0 : $var = true;
35 0 : } elseif ($var == 'off' || $var == 'false' || $var == '0') {
36 0 : $var = false;
37 0 : } else {
38 0 : throw new HTMLPurifier_VarParserException("Unrecognized value '$var' for $type");
39 : }
40 0 : }
41 2 : return $var;
42 0 : case self::ALIST :
43 0 : case self::HASH :
44 0 : case self::LOOKUP :
45 0 : if (is_string($var)) {
46 : // special case: technically, this is an array with
47 : // a single empty string item, but having an empty
48 : // array is more intuitive
49 0 : if ($var == '') return array();
50 0 : if (strpos($var, "\n") === false && strpos($var, "\r") === false) {
51 : // simplistic string to array method that only works
52 : // for simple lists of tag names or alphanumeric characters
53 0 : $var = explode(',',$var);
54 0 : } else {
55 0 : $var = preg_split('/(,|[\n\r]+)/', $var);
56 : }
57 : // remove spaces
58 0 : foreach ($var as $i => $j) $var[$i] = trim($j);
59 0 : if ($type === self::HASH) {
60 : // key:value,key2:value2
61 0 : $nvar = array();
62 0 : foreach ($var as $keypair) {
63 0 : $c = explode(':', $keypair, 2);
64 0 : if (!isset($c[1])) continue;
65 0 : $nvar[$c[0]] = $c[1];
66 0 : }
67 0 : $var = $nvar;
68 0 : }
69 0 : }
70 0 : if (!is_array($var)) break;
71 0 : $keys = array_keys($var);
72 0 : if ($keys === array_keys($keys)) {
73 0 : if ($type == self::ALIST) return $var;
74 0 : elseif ($type == self::LOOKUP) {
75 0 : $new = array();
76 0 : foreach ($var as $key) {
77 0 : $new[$key] = true;
78 0 : }
79 0 : return $new;
80 0 : } else break;
81 0 : }
82 0 : if ($type === self::LOOKUP) {
83 0 : foreach ($var as $key => $value) {
84 0 : $var[$key] = true;
85 0 : }
86 0 : }
87 0 : return $var;
88 0 : default:
89 0 : $this->errorInconsistent(__CLASS__, $type);
90 0 : }
91 0 : $this->errorGeneric($var, $type);
92 0 : }
93 :
94 : }
|