1: <?php
2: /**
3: *
4: * @package Legacy
5: * @version $Id: modifier.xoops_html_purifier.php,v 1.0 2010/03/25 15:12:36 kilica Exp $
6: * @copyright Copyright 2005-2007 XOOPS Cube Project <https://github.com/xoopscube/legacy>
7: * @license https://github.com/xoopscube/legacy/blob/master/docs/GPL_V2.txt GNU GENERAL PUBLIC LICENSE Version 2
8: *
9: */
10:
11: /*
12: * Smarty plugin
13: * -------------------------------------------------------------
14: * Type: modifier
15: * Name: xoops_html_purifier
16: * Purpose: Purify dirty html code(XSS contains).
17: * Input: html : html text
18: * encoding :
19: * doctype : HTML 4.01 Strict
20: * HTML 4.01 Transitional
21: * XHTML 1.0 Strict
22: * XHTML 1.0 Transitional
23: * XHTML 1.1
24: * -------------------------------------------------------------
25: */
26: function smarty_modifier_xoops_html_purifier($html, $ecoding=null, $doctype=null)
27: {
28: require_once XOOPS_LIBRARY_PATH.'/htmlpurifier/library/HTMLPurifier.auto.php';
29: $encoding = $encoding ? $encoding : _CHARSET;
30: $doctypeArr = array("HTML 4.01 Strict","HTML 4.01 Transitional","XHTML 1.0 Strict","XHTML 1.0 Transitional","XHTML 1.1");
31:
32: $config = HTMLPurifier_Config::createDefault();
33: $config->set('Core.Encoding', $encoding);
34: if(in_array($doctype, $doctypeArr)){
35: $config->set('HTML.Doctype', $doctype);
36: }
37:
38: $purifier = new HTMLPurifier($config);
39: return $purifier->purify($html);
40: }
41:
42: ?>
43: