dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
(bug 9835) password input should be type="password"
[lhc/web/wiklou.git] / includes / Xml.php
1 <?php
2
3 /**
4 * Module of static functions for generating XML
5 */
6
7 class Xml {
8 /**
9 * Format an XML element with given attributes and, optionally, text content.
10 * Element and attribute names are assumed to be ready for literal inclusion.
11 * Strings are assumed to not contain XML-illegal characters; special
12 * characters (<, >, &) are escaped but illegals are not touched.
13 *
14 * @param $element String:
15 * @param $attribs Array: Name=>value pairs. Values will be escaped.
16 * @param $contents String: NULL to make an open tag only; '' for a contentless closed tag (default)
17 * @return string
18 */
19 public static function element( $element, $attribs = null, $contents = '') {
20 $out = '<' . $element;
21 if( !is_null( $attribs ) ) {
22 foreach( $attribs as $name => $val ) {
23 $out .= ' ' . $name . '="' . Sanitizer::encodeAttribute( $val ) . '"';
24 }
25 }
26 if( is_null( $contents ) ) {
27 $out .= '>';
28 } else {
29 if( $contents === '' ) {
30 $out .= ' />';
31 } else {
32 $out .= '>' . htmlspecialchars( $contents ) . "</$element>";
33 }
34 }
35 return $out;
36 }
37
38 /**
39 * Format an XML element as with self::element(), but run text through the
40 * UtfNormal::cleanUp() validator first to ensure that no invalid UTF-8
41 * is passed.
42 *
43 * @param $element String:
44 * @param $attribs Array: Name=>value pairs. Values will be escaped.
45 * @param $contents String: NULL to make an open tag only; '' for a contentless closed tag (default)
46 * @return string
47 */
48 public static function elementClean( $element, $attribs = array(), $contents = '') {
49 if( $attribs ) {
50 $attribs = array_map( array( 'UtfNormal', 'cleanUp' ), $attribs );
51 }
52 if( $contents ) {
53 wfProfileIn( __METHOD__ . '-norm' );
54 $contents = UtfNormal::cleanUp( $contents );
55 wfProfileOut( __METHOD__ . '-norm' );
56 }
57 return self::element( $element, $attribs, $contents );
58 }
59
60 // Shortcuts
61 public static function openElement( $element, $attribs = null ) { return self::element( $element, $attribs, null ); }
62 public static function closeElement( $element ) { return "</$element>"; }
63
64 /**
65 * Same as <link>element</link>, but does not escape contents. Handy when the
66 * content you have is already valid xml.
67 */
68 public static function tags( $element, $attribs = null, $contents ) {
69 return self::element( $element, $attribs, null ) . $contents . "</$element>";
70 }
71
72 /**
73 * Create a namespace selector
74 *
75 * @param $selected Mixed: the namespace which should be selected, default ''
76 * @param $allnamespaces String: value of a special item denoting all namespaces. Null to not include (default)
77 * @param $includehidden Bool: include hidden namespaces?
78 * @return String: Html string containing the namespace selector
79 */
80 public static function namespaceSelector($selected = '', $allnamespaces = null, $includehidden=false) {
81 global $wgContLang;
82 if( $selected !== '' ) {
83 if( is_null( $selected ) ) {
84 // No namespace selected; let exact match work without hitting Main
85 $selected = '';
86 } else {
87 // Let input be numeric strings without breaking the empty match.
88 $selected = intval( $selected );
89 }
90 }
91 $s = "\n<select id='namespace' name='namespace' class='namespaceselector'>\n";
92 $arr = $wgContLang->getFormattedNamespaces();
93 if( !is_null($allnamespaces) ) {
94 $arr = array($allnamespaces => wfMsg('namespacesall')) + $arr;
95 }
96 foreach ($arr as $index => $name) {
97 if ($index < NS_MAIN) continue;
98
99 $name = $index !== 0 ? $name : wfMsg('blanknamespace');
100
101 if ($index === $selected) {
102 $s .= "\t" . self::element("option",
103 array("value" => $index, "selected" => "selected"),
104 $name) . "\n";
105 } else {
106 $s .= "\t" . self::element("option", array("value" => $index), $name) . "\n";
107 }
108 }
109 $s .= "</select>\n";
110 return $s;
111 }
112
113 /**
114 *
115 * @param $language The language code of the selected language
116 * @param $customisedOnly If true only languages which have some content are listed
117 * @return array of label and select
118 */
119 public static function languageSelector( $selected, $customisedOnly = true ) {
120 global $wgContLanguageCode;
121 /**
122 * Make sure the site language is in the list; a custom language code
123 * might not have a defined name...
124 */
125 $languages = Language::getLanguageNames( $customisedOnly );
126 if( !array_key_exists( $wgContLanguageCode, $languages ) ) {
127 $languages[$wgContLanguageCode] = $wgContLanguageCode;
128 }
129 ksort( $languages );
130
131 /**
132 * If a bogus value is set, default to the content language.
133 * Otherwise, no default is selected and the user ends up
134 * with an Afrikaans interface since it's first in the list.
135 */
136 $selected = isset( $languages[$selected] ) ? $selected : $wgContLanguageCode;
137 $options = "\n";
138 foreach( $languages as $code => $name ) {
139 $options .= Xml::option( "$code - $name", $code, ($code == $selected) ) . "\n";
140 }
141
142 return array(
143 Xml::label( wfMsg('yourlanguage'), 'wpUserLanguage' ),
144 Xml::tags( 'select',
145 array( 'id' => 'wpUserLanguage', 'name' => 'wpUserLanguage' ),
146 $options
147 )
148 );
149
150 }
151
152 public static function span( $text, $class, $attribs=array() ) {
153 return self::element( 'span', array( 'class' => $class ) + $attribs, $text );
154 }
155
156 /**
157 * Convenience function to build an HTML text input field
158 * @return string HTML
159 */
160 public static function input( $name, $size=false, $value=false, $attribs=array() ) {
161 return self::element( 'input', array(
162 'name' => $name,
163 'size' => $size,
164 'value' => $value ) + $attribs );
165 }
166
167 /**
168 * Convenience function to build an HTML password input field
169 * @return string HTML
170 */
171 public static function password( $name, $size=false, $value=false, $attribs=array() ) {
172 return self::input( $name, $size, $value, array_merge($attribs, array('type' => 'password')));
173 }
174
175 /**
176 * Internal function for use in checkboxes and radio buttons and such.
177 * @return array
178 */
179 public static function attrib( $name, $present = true ) {
180 return $present ? array( $name => $name ) : array();
181 }
182
183 /**
184 * Convenience function to build an HTML checkbox
185 * @return string HTML
186 */
187 public static function check( $name, $checked=false, $attribs=array() ) {
188 return self::element( 'input', array_merge(
189 array(
190 'name' => $name,
191 'type' => 'checkbox',
192 'value' => 1 ),
193 self::attrib( 'checked', $checked ),
194 $attribs ) );
195 }
196
197 /**
198 * Convenience function to build an HTML radio button
199 * @return string HTML
200 */
201 public static function radio( $name, $value, $checked=false, $attribs=array() ) {
202 return self::element( 'input', array(
203 'name' => $name,
204 'type' => 'radio',
205 'value' => $value ) + self::attrib( 'checked', $checked ) + $attribs );
206 }
207
208 /**
209 * Convenience function to build an HTML form label
210 * @return string HTML
211 */
212 public static function label( $label, $id ) {
213 return self::element( 'label', array( 'for' => $id ), $label );
214 }
215
216 /**
217 * Convenience function to build an HTML text input field with a label
218 * @return string HTML
219 */
220 public static function inputLabel( $label, $name, $id, $size=false, $value=false, $attribs=array() ) {
221 return Xml::label( $label, $id ) .
222 '&nbsp;' .
223 self::input( $name, $size, $value, array( 'id' => $id ) + $attribs );
224 }
225
226 /**
227 * Convenience function to build an HTML checkbox with a label
228 * @return string HTML
229 */
230 public static function checkLabel( $label, $name, $id, $checked=false, $attribs=array() ) {
231 return self::check( $name, $checked, array( 'id' => $id ) + $attribs ) .
232 '&nbsp;' .
233 self::label( $label, $id );
234 }
235
236 /**
237 * Convenience function to build an HTML radio button with a label
238 * @return string HTML
239 */
240 public static function radioLabel( $label, $name, $value, $id, $checked=false, $attribs=array() ) {
241 return self::radio( $name, $value, $checked, array( 'id' => $id ) + $attribs ) .
242 '&nbsp;' .
243 self::label( $label, $id );
244 }
245
246 /**
247 * Convenience function to build an HTML submit button
248 * @param $value String: label text for the button
249 * @param $attribs Array: optional custom attributes
250 * @return string HTML
251 */
252 public static function submitButton( $value, $attribs=array() ) {
253 return self::element( 'input', array( 'type' => 'submit', 'value' => $value ) + $attribs );
254 }
255
256 /**
257 * Convenience function to build an HTML hidden form field.
258 * @todo Document $name parameter.
259 * @param $name FIXME
260 * @param $value String: label text for the button
261 * @param $attribs Array: optional custom attributes
262 * @return string HTML
263 */
264 public static function hidden( $name, $value, $attribs=array() ) {
265 return self::element( 'input', array(
266 'name' => $name,
267 'type' => 'hidden',
268 'value' => $value ) + $attribs );
269 }
270
271 /**
272 * Convenience function to build an HTML drop-down list item.
273 * @param $text String: text for this item
274 * @param $value String: form submission value; if empty, use text
275 * @param $selected boolean: if true, will be the default selected item
276 * @param $attribs array: optional additional HTML attributes
277 * @return string HTML
278 */
279 public static function option( $text, $value=null, $selected=false,
280 $attribs=array() ) {
281 if( !is_null( $value ) ) {
282 $attribs['value'] = $value;
283 }
284 if( $selected ) {
285 $attribs['selected'] = 'selected';
286 }
287 return self::element( 'option', $attribs, $text );
288 }
289
290 /**
291 * Returns an escaped string suitable for inclusion in a string literal
292 * for JavaScript source code.
293 * Illegal control characters are assumed not to be present.
294 *
295 * @param string $string
296 * @return string
297 */
298 public static function escapeJsString( $string ) {
299 // See ECMA 262 section 7.8.4 for string literal format
300 $pairs = array(
301 "\\" => "\\\\",
302 "\"" => "\\\"",
303 '\'' => '\\\'',
304 "\n" => "\\n",
305 "\r" => "\\r",
306
307 # To avoid closing the element or CDATA section
308 "<" => "\\x3c",
309 ">" => "\\x3e",
310
311 # To avoid any complaints about bad entity refs
312 "&" => "\\x26",
313 );
314 return strtr( $string, $pairs );
315 }
316
317 /**
318 * Encode a variable of unknown type to JavaScript.
319 * Doesn't support hashtables just yet.
320 */
321 public static function encodeJsVar( $value ) {
322 if ( is_bool( $value ) ) {
323 $s = $value ? 'true' : 'false';
324 } elseif ( is_null( $value ) ) {
325 $s = 'null';
326 } elseif ( is_int( $value ) ) {
327 $s = $value;
328 } elseif ( is_array( $value ) ) {
329 $s = '[';
330 foreach ( $value as $name => $elt ) {
331 if ( $s != '[' ) {
332 $s .= ', ';
333 }
334 $s .= self::encodeJsVar( $elt );
335 }
336 $s .= ']';
337 } else {
338 $s = '"' . self::escapeJsString( $value ) . '"';
339 }
340 return $s;
341 }
342
343
344 /**
345 * Check if a string is well-formed XML.
346 * Must include the surrounding tag.
347 *
348 * @param $text String: string to test.
349 * @return bool
350 *
351 * @todo Error position reporting return
352 */
353 public static function isWellFormed( $text ) {
354 $parser = xml_parser_create( "UTF-8" );
355
356 # case folding violates XML standard, turn it off
357 xml_parser_set_option( $parser, XML_OPTION_CASE_FOLDING, false );
358
359 if( !xml_parse( $parser, $text, true ) ) {
360 //$err = xml_error_string( xml_get_error_code( $parser ) );
361 //$position = xml_get_current_byte_index( $parser );
362 //$fragment = $this->extractFragment( $html, $position );
363 //$this->mXmlError = "$err at byte $position:\n$fragment";
364 xml_parser_free( $parser );
365 return false;
366 }
367 xml_parser_free( $parser );
368 return true;
369 }
370
371 /**
372 * Check if a string is a well-formed XML fragment.
373 * Wraps fragment in an \<html\> bit and doctype, so it can be a fragment
374 * and can use HTML named entities.
375 *
376 * @param $text String:
377 * @return bool
378 */
379 public static function isWellFormedXmlFragment( $text ) {
380 $html =
381 Sanitizer::hackDocType() .
382 '<html>' .
383 $text .
384 '</html>';
385 return Xml::isWellFormed( $html );
386 }
387
388 /**
389 * Replace " > and < with their respective HTML entities ( &quot;,
390 * &gt;, &lt;)
391 *
392 * @param $in String: text that might contain HTML tags.
393 * @return string Escaped string
394 */
395 public static function escapeTagsOnly( $in ) {
396 return str_replace(
397 array( '"', '>', '<' ),
398 array( '&quot;', '&gt;', '&lt;' ),
399 $in );
400 }
401 }
402 ?>
Wiklou, le Wiki du Wiklou