Login   Register  
PHP Classes
elePHPant
Icontem

File: test_safe_html_filter.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Manuel Lemos  >  Secure HTML parser and filter  >  test_safe_html_filter.php  >  Download  
File: test_safe_html_filter.php
Role: Example script
Content type: text/plain
Description: Example script that demonstrates how to parse and filter and HTML document file
Class: Secure HTML parser and filter
Parse and filter insecure HTML tags and CSS styles
Author: By
Last change: Added options for testing.
Date: 5 years ago
Size: 3,621 bytes
 

Contents

Class file image Download
<?php
/*
 * test_safe_html_filter.php
 *
 * @(#) $Header: /home/mlemos/cvsroot/markupparser/test_safe_html_filter.php,v 1.10 2009/08/21 05:21:12 mlemos Exp $
 *
 */

    
require_once('css_parser.php');
    require_once(
'dtd_parser.php');
    require_once(
'filecacheclass.php');
    require_once(
'markup_parser.php');
    require_once(
'markup_filter_validator.php');
    require_once(
'markup_filter_safe_html.php');

    
$message_file = ((IsSet($_SERVER['argv']) && count($_SERVER['argv'])>1) ? $_SERVER['argv'][1] : 'test/sample/simple.html');

    
$filter = new markup_filter_safe_html_class;

    
/*  Set to 1 if you need to track line numbers of errors or element
     *  positions
     */
    
$filter->track_lines 1;

    
/*  Add here the proprietary CSS properties that you know that are safe
     *  to allow.
     */
    
$filter->safe_proprietary_css_properties = array(
        
'-moz-border-radius'=>array(),
        
'-moz-border-radius-topleft'=>array(),
        
'-moz-border-radius-topright'=>array(),
        
'-moz-border-radius-bottomleft'=>array(),
        
'-moz-border-radius-bottomright'=>array(),
        
'-webkit-border-radius'=>array(),
        
'-webkit-border-top-left-radius'=>array(),
        
'-webkit-border-top-right-radius'=>array(),
        
'-webkit-border-bottom-left-radius'=>array(),
        
'-webkit-border-bottom-right-radius'=>array(),
    );
    
    
/*  Add here the CSS property function names properties that you know
     *  that are safe to allow.
     */
    
$filter->safe_css_property_functions = array(
        
'alpha'=>array()
    );

    
$parameters=array(
        
'File'=>$message_file,

        
/* Read a markup from a string instead of a file                  */
        /* 'Data'=>'<html><head><title>My HTML data string</title></head>
                    <body><p>My HTML data string</p></body></html>',            */

        /*  Set to 1 if want to filter HTML that only contains the body
            part of a page                                                */
        
'OnlyBody'=>0,

        
/*  Set to the path of the directory where cache files will be
            stored with parsed DTD information to avoid parsing overhead,
            otherwise it may become very slow.                            */
        
'DTDCachePath'=>'',
    );

/*
 * The following lines are for testing purposes.
 * Remove these lines when adapting this example to real applications.
 */
    
if(defined('__TEST'))
    {
        if(IsSet(
$__test_options['parameters']))
            
$parameters $__test_options['parameters'];
    }

    
$start microtime();
    if((
$success $filter->StartParsing($parameters)))
    {
        
$output '';
        do
        {
            if(!(
$success $filter->Parse($end$elements)))
                break;
            
$te count($elements);
            for(
$e 0$e $te; ++$e)
            {
                
/*
                var_dump($elements[$e]);
                */
                
if(!($success $filter->RewriteElement($elements[$e], $markup)))
                    break;
                
$output.= $markup;
            }
        }
        while(!
$end);
        if(
$success)
            
$success $filter->FinishParsing();
        if(
$success)
            echo 
$output;
    }
    
$end microtime();
    if(!
$success)
    {
        echo 
'Markup parsing error: '.$filter->error.' at position '.$filter->error_position;
        if(
$filter->track_lines
        
&& $filter->GetPositionLine($filter->error_position$line$column))
            echo 
' line '.$line.' column '.$column;
        echo 
"\n";
    }
    for(
$warning 0Reset($filter->warnings); $warning count($filter->warnings); Next($filter->warnings), $warning++)
    {
        
$w Key($filter->warnings);
        echo 
'Warning: '$filter->warnings[$w], ' at position '$w;
        if(
$filter->track_lines
        
&& $filter->GetPositionLine($w$line$column))
            echo 
' line '.$line.' column '.$column;
        echo 
"\n";
    }
    if(!
defined('__TEST'))
        echo 
'Timer: 'doubleval(strtok($end,' ')) + doubleval(strtok('')) - doubleval(strtok($start,' ')) - doubleval(strtok('')), "\n";
?>