'it_html', # Name of global variable to use 'oldhtml' => false, 'prettyprint' => false, 'tags' => 'a,br,form,h1,h2,h3,h4,input,li,meta,table,td,th,tr,ul', 'moretags' => '', 'nonewlinetags' => 'a,img,span', 'preprocess_attr' => array(), 'charset' => "iso-8859-1", 'ie_png_fix' => false, # To enable, supply URL of a transparent gif (like /images/0.gif) 'show_content_type' => true, 'show_favicon' => true, 'show_boot_dom' => true, 'staticallycallable' => "q,u,select", # Those methods are statically callable (have same arguments as global stubs) but are a bit slower 'notexported' => "sanitize", # Those methods are not exported ); var $tags_seen = array('body' => true); # body always counts as seen var $_hasnonewline = array(); /** * Create a HTML object and global functions for all methods (exlcluding * methods starting with '_') in this class plus the default tags (see below). * * @param $config Configuration settings: * name => Name of global variable $this is assigned to (string) * prettyprint => Should output be indented? (bool) * oldhtml => Should output be in old-style html? (bool) * tags => Comma-separated list of default tag-functions to generate (string) * moretags => Comma-separated list of tag-functions to generate additionally to 'tags' (string) * nonewlinetags => Comma-separated list of tags that do not like newlines before/after them * use_it_state => If true, generate code needed by state.js (aka 'history iframe') */ function it_html($config = array()) { # Create current setting vars foreach ($config + $this->_defaultconfig as $key => $value) { $var = "_$key"; $this->$var = $value; } if (isset($this->_oldhtml) && !$this->_htmltype) $this->_htmltype = $this->_oldhtml ? "html" : "xhtml"; $this->_oldhtml = $this->_htmltype == "html"; $this->_hasnonewline = array_flip(explode(',', "dummy," . $this->_nonewlinetags)); # dummy keeps values >0 $notexported = array_flip(explode(',', "dummy," . $this->_notexported)); # dummy keeps values >0 # Create global functions for _tags foreach (array_merge(explode(',', $this->_tags), explode(',', $this->_moretags)) as $func) { if (!function_exists($func) && $func) $code[$func] = "function $func() { \$args = func_get_args(); return \$GLOBALS['$this->_name']->_tag('$func', \$args);}"; } # Create global functions for it_html methods foreach (get_class_methods(get_class($this)) as $func) { if (!preg_match('/^_/', $func) && !is_a($this, $func) && $func && !function_exists($func) && !$notexported[$func]) $code[$func] = "function $func() { \$args = func_get_args(); return \$GLOBALS['$this->_name']->$func(\$args); }"; } # Create global functions for methods that are statically callable (have same arguments as global stubs) foreach (explode(",", $this->_staticallycallable) as $func) { if ($func && !function_exists($func)) $code[$func] = "function $func() { \$args = func_get_args(); return call_user_func_array(array(&\$GLOBALS['$this->_name'], '$func'), \$args); }"; } eval(join("", (array)$code)); # Since name is given as param, it is our duty to store it, not our caller's. $GLOBALS[$this->_name] =& $this; } /** * Return a containing optional data. * @param $name tag name ('h1', 'div' etc.) * @param ... any number optional data or array of key => value arguments * @return string containing XML/HTML tag */ function tag($args) { $name = array_shift($args); return $this->_tag($name, $args); } /** * Internal: Create html tag from name and args array */ function _tag($name, $args) { $data = null; $attr = array(); foreach($args as $arg) { if (is_array($arg)) { foreach ($arg as $key => $value) { if (is_int($key)) $data .= $value; else if ($this->_preprocess_attr[$key]) $attr[$key] = call_user_func(($this->_preprocess_attr[$key]), $value, $name); else $attr[$key] = $value; } } else $data .= $arg; } $newline = $this->_hasnonewline[$name] ? "" : "\n"; # Ultra XML PrettyPrinter 3000 [\] by SCA if ($this->_prettyprint && $newline && (substr($data, -1, 1) == "\n") && (strpos($data, ' instead of for old html, for xhtml style) foreach($attr as $key => $value) { if (($value === null) || ($value === false)) # null or false: omit whole tag ; else if (isset($value) && $value !== true) # normal case: value $result .= " $key=\"" . (preg_match("/[<>&\"'\n\x80-\x9f]/", $value) ? str_replace("\n", " ", it_html::Q($value)) : $value) . '"'; else # true: tag without value $result .= $this->_oldhtml ? " $key" : " $key=\"$key\""; } # Apply a kind of magic... this needs further investigation if (isset($data) || preg_match('/^(a|div|iframe|script|span|td|textarea)$/i', $name)) $result .= ">$data$newline"; elseif ($this->_oldhtml) $result .= ">$newline"; else $result .= " />$newline"; if ($GLOBALS['debug_srclines']) { $trace = debug_backtrace(); $trace = $trace[2]; $result = "" . $result; } $this->tags_seen[$name] = true; return $result; } /** * Shortcut: return a div of a specific class * @param $class class name or null for no class= tag * @param ... any number optional data or array of key => value arguments * @return

...

*/ function div($args) { if (!is_array($args[0]) && ($class = array_shift($args)) !== null) array_unshift($args, compact('class')); return $this->_tag("div", $args); } /** * Special img() function patches png transparency for IE 5.5-6 if ie_png_fix is set * @param ... any number optional data or array of key => value arguments * @return */ function img($args) { if ($this->_ie_png_fix && preg_match('/MSIE [56]/', $_SERVER['HTTP_USER_AGENT'])) { foreach($args as $id => $arg) if (preg_match('/\.png(\?.*)?$/', $arg['src'])) { $args[$id]['style'] = "filter:progid:DXImageTransform.Microsoft.AlphaImageLoader(src='{$arg['src']}',sizingMethod='scale');" . $arg['style']; $args[$id]['src'] = $this->_ie_png_fix; } } return $this->_tag("img", $args); } /** * Shortcut: return a span of a specific class * @param $class class name or null for no class= tag * @param ... any number optional data or array of key => value arguments * @return ... */ function span($args) { if (!is_array($args[0]) && ($class = array_shift($args)) !== null) array_unshift($args, compact('class')); return $this->_tag("span", $args); } /** * Return HTML with all evil things stripped. Allowed are a coupld of simple * tags like div, p, i, b, br without attributes, a with absolute href, * img with absolute src url. Also ensures that tags are balanced. * @param $html HTML string to be sanitized * @return Sanitized HTML */ function sanitize($html) { $result = ""; $html = it::replace('[\0\n\r\s]+' => " ", $html); $urlpattern = 'https?://[^">]+'; if ($tag = it::match("(.*)<(div|p|i|b)[^>]*>(.*?)(.*)", $html)) { # Simple tags with content, no attributes kept list($head, $tagname, $content, $tail) = $tag; $result .= it_html::sanitize($head) . "<$tagname>" . it_html::sanitize($content) . "" . it_html::sanitize($tail); } else if ($tag = it::match('(.*)]+?href="(' . $urlpattern . ')"[^>]*?>(.*?)(.*)', $html)) { # Link tags, keeps only href attribute list($head, $href, $content, $tail) = $tag; $result .= it_html::sanitize($head) . "" . it_html::sanitize($content) . "" . it_html::sanitize($tail); } else if ($tag = it::match('(.*)]+?src="(' . $urlpattern . ')"[^>]*?>(.*)', $html)) { # Image tags, keeps only src attribute list($head, $src, $tail) = $tag; $result .= it_html::sanitize($head) . "

" . it_html::sanitize($tail); } else if ($tag = it::match("(.*)<(br)[^>]*>(.*)", $html)) { # Simple tags without content, no attributes kept list($head, $tagname, $tail) = $tag; $result .= it_html::sanitize($head) . "<$tagname />" . it_html::sanitize($tail); } else $result = Q(html_entity_decode(strip_tags($html))); return $result; } /** * Shortcut: return htmlspecialchars($string); * @param $string String to encode with htmlspecialchars() * @return htmlspecialchars($string) */ function q($string) { if ($GLOBALS['it_html']->_charset == "iso-8859-1") $string = preg_replace('/[\x80-\x9f]/', ' ', strtr($string, array("\x80"=>"EUR", "\x82"=>"'", "\x84"=>"\"", "\x85"=>"...", "\x8a"=>"S", "\x8c"=>"OE", "\x8e"=>"Z", "\x91"=>"'", "\x92"=>"'", "\x93"=>"\"", "\x94"=>"\"", "\x96"=>"-", "\x97"=>"-", "\x9a"=>"s", "\x9e"=>"z"))); return htmlspecialchars($string); } /** * Build a complete url from base-url and params * @param ... scalar args and numeric indices build base-url, rest as params */ function u(/* ... */) { $args = func_get_args(); $base = null; $params = array(); foreach($args as $arg) { if (is_array($arg)) { foreach ($arg as $key => $value) { if (is_int($key)) $base .= $value; else $params[$key] = $value; } } else $base .= $arg; } if (!isset($base)) $base = $_SERVER['PHP_SELF']; $base = preg_replace('|\0|', '', $base); $base = preg_replace('|[^\w.+!*(),:@&=/~$-]|e', 'urlencode("$0")', $base); $base = preg_replace('|^(\w+:)?//[^/]*$|', '$0/', $base); # Add slash if absolute url without a path, e.g. http://gna.ch $queryparams = array(); foreach ($params as $key => $value) { if (is_array($value)) { foreach ($value as $arrkey => $arrvalue) { if (strlen($arrvalue)) $queryparams[] = urlencode($key) . "[" . urlencode($arrkey) . "]=" . it_url::encode($arrvalue); } } else if (strlen($value)) $queryparams[] = urlencode($key) . "=" . it_url::encode($value); } return $base . ($queryparams ? ("?" . join("&", $queryparams)) : ""); } /** * Create a dropdown menu object. Warning: encodes html code within options! * @param $tags key => value pairs of