'h2', 'h3', 'h4', 'h5', 'h6', 'cite', 'code', 'em', 's',
'strike', 'strong', 'tt', 'var', 'div', 'center',
'blockquote', 'ol', 'ul', 'dl', 'table', 'caption', 'pre',
- 'ruby', 'rt' , 'rb' , 'rp', 'p', 'span', 'abbr', 'dfn',
+ 'ruby', 'rt', 'rb', 'rp', 'p', 'span', 'abbr', 'dfn',
'kbd', 'samp'
);
if ( $wgHtml5 ) {
$extratags = array_flip( $extratags );
$removetags = array_flip( $removetags );
$htmlpairs = array_merge( $extratags, $htmlpairsStatic );
- $htmlelements = array_diff_key( array_merge( $extratags, $htmlelementsStatic ) , $removetags );
+ $htmlelements = array_diff_key( array_merge( $extratags, $htmlelementsStatic ), $removetags );
# Remove HTML comments
$text = Sanitizer::removeHTMLcomments( $text );
*/
static function removeHTMLcomments( $text ) {
wfProfileIn( __METHOD__ );
- while (($start = strpos($text, '<!--')) !== false) {
- $end = strpos($text, '-->', $start + 4);
- if ($end === false) {
+ while ( ($start = strpos( $text, '<!--' ) ) !== false ) {
+ $end = strpos( $text, '-->', $start + 4 );
+ if ( $end === false ) {
# Unterminated comment; bail out
break;
}
# Trim space and newline if the comment is both
# preceded and followed by a newline
- $spaceStart = max($start - 1, 0);
+ $spaceStart = max( $start - 1, 0 );
$spaceLen = $end - $spaceStart;
- while (substr($text, $spaceStart, 1) === ' ' && $spaceStart > 0) {
+ while ( substr( $text, $spaceStart, 1 ) === ' ' && $spaceStart > 0 ) {
$spaceStart--;
$spaceLen++;
}
- while (substr($text, $spaceStart + $spaceLen, 1) === ' ')
+ while ( substr( $text, $spaceStart + $spaceLen, 1 ) === ' ' )
$spaceLen++;
- if (substr($text, $spaceStart, 1) === "\n" and substr($text, $spaceStart + $spaceLen, 1) === "\n") {
+ if ( substr( $text, $spaceStart, 1 ) === "\n" and substr( $text, $spaceStart + $spaceLen, 1 ) === "\n" ) {
# Remove the comment, leading and trailing
# spaces, and leave only one newline.
- $text = substr_replace($text, "\n", $spaceStart, $spaceLen + 1);
+ $text = substr_replace( $text, "\n", $spaceStart, $spaceLen + 1 );
}
else {
# Remove just the comment.
- $text = substr_replace($text, '', $start, $end - $start);
+ $text = substr_replace( $text, '', $start, $end - $start );
}
}
wfProfileOut( __METHOD__ );
}
/**
- * Take an array of attribute names and values and fix some deprecated values
- * for the given element type.
- * This does not validate properties, so you should ensure that you call
- * validateTagAttributes AFTER this to ensure that the resulting style rule
- * this may add is safe.
- *
- * - Converts most presentational attributes like align into inline css
- *
- * @param $attribs Array
- * @param $element String
- * @return Array
- */
- static function fixDeprecatedAttributes( $attribs, $element ) {
- global $wgHtml5, $wgCleanupPresentationalAttributes;
-
- // presentational attributes were removed from html5, we can leave them
- // in when html5 is turned off
- if ( !$wgHtml5 || !$wgCleanupPresentationalAttributes ) {
- return $attribs;
- }
-
- $table = array( 'table' );
- $cells = array( 'td', 'th' );
- $colls = array( 'col', 'colgroup' );
- $tblocks = array( 'tbody', 'tfoot', 'thead' );
- $h = array( 'h1', 'h2', 'h3', 'h4', 'h5', 'h6' );
-
- $presentationalAttribs = array(
- 'align' => array( 'text-align', array_merge( array( 'caption', 'hr', 'div', 'p', 'tr' ), $table, $cells, $colls, $tblocks, $h ) ),
- 'clear' => array( 'clear', array( 'br' ) ),
- 'height' => array( 'height', $cells ),
- 'nowrap' => array( 'white-space', $cells ),
- 'size' => array( 'height', array( 'hr' ) ),
- 'type' => array( 'list-style-type', array( 'li', 'ol', 'ul' ) ),
- 'valign' => array( 'vertical-align', array_merge( $cells, $colls, $tblocks ) ),
- 'width' => array( 'width', array_merge( array( 'hr', 'pre' ), $table, $cells, $colls ) ),
- );
-
- // Ensure that any upper case or mixed case attributes are converted to lowercase
- foreach ( $attribs as $attribute => $value ) {
- if ( $attribute !== strtolower( $attribute ) && array_key_exists( strtolower( $attribute ), $presentationalAttribs ) ) {
- $attribs[strtolower( $attribute )] = $value;
- unset( $attribs[$attribute] );
- }
- }
-
- $style = "";
- foreach ( $presentationalAttribs as $attribute => $info ) {
- list( $property, $elements ) = $info;
-
- // Skip if this attribute is not relevant to this element
- if ( !in_array( $element, $elements ) ) {
- continue;
- }
-
- // Skip if the attribute is not used
- if ( !array_key_exists( $attribute, $attribs ) ) {
- continue;
- }
-
- $value = $attribs[$attribute];
-
- // For nowrap the value should be nowrap instead of whatever text is in the value
- if ( $attribute === 'nowrap' ) {
- $value = 'nowrap';
- }
-
- // clear="all" is clear: both; in css
- if ( $attribute === 'clear' && strtolower( $value ) === 'all' ) {
- $value = 'both';
- }
-
- // Size based properties should have px applied to them if they have no unit
- if ( in_array( $attribute, array( 'height', 'width', 'size' ) ) ) {
- if ( preg_match( '/^[\d.]+$/', $value ) ) {
- $value = "{$value}px";
- }
- }
-
- // Table align is special, it's about block alignment instead of
- // content align (see also bug 40306)
- if ( $attribute === 'align' && in_array( $element, $table ) ) {
- if ( $value === 'center' ) {
- $style .= ' margin-left: auto;';
- $property = 'margin-right';
- $value = 'auto';
- } else {
- $property = 'float';
- }
- }
-
- $style .= " $property: $value;";
-
- unset( $attribs[$attribute] );
- }
-
- if ( $style ) {
- // Prepend our style rules so that they can be overridden by user css
- if ( isset($attribs['style']) ) {
- $style .= " " . $attribs['style'];
- }
- $attribs['style'] = trim($style);
- }
-
- return $attribs;
- }
-
- /**
- * Takes attribute names and values for a tag and the tah name and
+ * Takes attribute names and values for a tag and the tag name and
* validates that the tag is allowed to be present.
* This DOES NOT validate the attributes, nor does it validate the
* tags themselves. This method only handles the special circumstances
* where we may want to allow a tag within content but ONLY when it has
* specific attributes set.
*
- * @param $
+ * @param $params
+ * @param $element
*/
static function validateTag( $params, $element ) {
$params = Sanitizer::decodeTagAttributes( $params );
}
$decoded = Sanitizer::decodeTagAttributes( $text );
- $decoded = Sanitizer::fixDeprecatedAttributes( $decoded, $element );
$stripped = Sanitizer::validateTagAttributes( $decoded, $element );
$attribs = array();
$id = str_replace( array_keys( $replace ), array_values( $replace ), $id );
if ( !preg_match( '/^[a-zA-Z]/', $id )
- && !in_array( 'noninitial', $options ) ) {
+ && !in_array( 'noninitial', $options ) ) {
// Initial character must be a letter!
$id = "x$id";
}
*/
static function escapeClass( $class ) {
// Convert ugly stuff to underscores and kill underscores in ugly places
- return rtrim(preg_replace(
- array('/(^[0-9\\-])|[\\x00-\\x20!"#$%&\'()*+,.\\/:;<=>?@[\\]^`{|}~]|\\xC2\\xA0/','/_+/'),
+ return rtrim( preg_replace(
+ array( '/(^[0-9\\-])|[\\x00-\\x20!"#$%&\'()*+,.\\/:;<=>?@[\\]^`{|}~]|\\xC2\\xA0/', '/_+/' ),
'_',
- $class ), '_');
+ $class ), '_' );
}
/**
$ret = Sanitizer::normalizeEntity( $matches[1] );
} elseif( $matches[2] != '' ) {
$ret = Sanitizer::decCharReference( $matches[2] );
- } elseif( $matches[3] != '' ) {
+ } elseif( $matches[3] != '' ) {
$ret = Sanitizer::hexCharReference( $matches[3] );
}
if( is_null( $ret ) ) {
return Sanitizer::decodeEntity( $matches[1] );
} elseif( $matches[2] != '' ) {
return Sanitizer::decodeChar( intval( $matches[2] ) );
- } elseif( $matches[3] != '' ) {
+ } elseif( $matches[3] != '' ) {
return Sanitizer::decodeChar( hexdec( $matches[3] ) );
}
# Last case should be an ampersand by itself
// Please note strings below are enclosed in brackets [], this make the
// hyphen "-" a range indicator. Hence it is double backslashed below.
// See bug 26948
- $rfc5322_atext = "a-z0-9!#$%&'*+\\-\/=?^_`{|}~" ;
- $rfc1034_ldh_str = "a-z0-9\\-" ;
+ $rfc5322_atext = "a-z0-9!#$%&'*+\\-\/=?^_`{|}~";
+ $rfc1034_ldh_str = "a-z0-9\\-";
$HTML5_email_regexp = "/
^ # start of string
[$rfc1034_ldh_str]+ # First domain part
(\\.[$rfc1034_ldh_str]+)* # Following part prefixed with a dot
$ # End of string
- /ix" ; // case Insensitive, eXtended
+ /ix"; // case Insensitive, eXtended
return (bool) preg_match( $HTML5_email_regexp, $addr );
}