3 // using _REQUEST because we accept GET and POST requests
5 $content = empty($_REQUEST['xml']) ?
'text/html' : 'application/xhtml+xml';
6 header("Content-type:$content;charset=UTF-8");
8 // prevent PHP versions with shorttags from barfing
9 echo '<?xml version="1.0" encoding="UTF-8" ?>
12 function getFormMethod() {
13 return (isset($_REQUEST['post'])) ?
'post' : 'get';
16 if (empty($_REQUEST['strict'])) {
17 ?
><!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
18 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
22 <!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
23 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
27 <html xmlns
="http://www.w3.org/1999/xhtml" lang
="en" xml
:lang
="en">
29 <title
>HTML Purifier Live Demo
</title
>
30 <meta name
="author" content
="Edward Z. Yang" />
31 <meta http
-equiv
="Content-Type" content
="text/html; charset=UTF-8" />
32 <link rel
="icon" href
="favicon.ico" type
="image/x-icon" />
33 <link rel
="shortcut icon" href
="favicon.ico" type
="image/x-icon" />
34 <link rel
="stylesheet" href
="common.css" type
="text/css" />
37 <img src
="logo.png" id
="logo" alt
="HTML Purifier" />
38 <div id
="header"><a href
="./"><span
class="html">HTML
</span
>
39 <span
class="purifier">Purifier
</span
></a
></div
>
40 <h1 id
="title">Live Demo
</h1
>
44 require_once 'live/library/HTMLPurifier.auto.php';
46 if (!empty($_REQUEST['html'])) { // start result
48 if (strlen($_REQUEST['html']) > 50000) {
50 <p
>Request exceeds maximum allowed text size of
50kb
.</p
>
52 } else { // start main processing
54 $html = get_magic_quotes_gpc() ?
stripslashes($_REQUEST['html']) : $_REQUEST['html'];
56 $config = HTMLPurifier_Config
::createDefault();
57 $config->set('Core', 'TidyFormat', !empty($_REQUEST['tidy']));
58 $config->set('HTML', 'Strict', !empty($_REQUEST['strict']));
59 $purifier = new HTMLPurifier($config);
60 $pure_html = $purifier->purify($html);
63 <p
>Here is your purified HTML
:</p
>
64 <div style
="border:5px solid #BCC8D8; margin:1em 10%; padding:1em;">
65 <?php
if(getFormMethod() == 'get') { ?
>
66 <div style
="float:right;">
67 <a href
="http://validator.w3.org/check?uri=referer"><img
68 src
="http://www.w3.org/Icons/valid-xhtml10"
69 alt
="Valid XHTML 1.0 Transitional" height
="31" width
="88" style
="border:0;" /></a
>
77 <div style
="clear:both;"></div
>
79 <p
>Here is the source code of the purified HTML
:</p
>
82 echo htmlspecialchars($pure_html, ENT_COMPAT
, 'UTF-8');
86 if (getFormMethod() == 'post') { // start POST validation notice
88 <p
>If you would like to validate the code with
89 <a href
="http://validator.w3.org/#validate-by-input">W3C
's
90 validator</a>, copy and paste the <em>entire</em> demo page's source
.</p
>
92 } // end POST validation notice
94 } // end main processing
100 <p
>Welcome to the live demo
. Enter some HTML
and see how HTML Purifier
107 <form id
="filter" action
="demo.php<?php
108 echo '?' . getFormMethod();
109 if (isset($_REQUEST['profile']) || isset($_REQUEST['XDEBUG_PROFILE'])) {
110 echo '&XDEBUG_PROFILE=1';
111 } ?>" method
="<?php echo getFormMethod(); ?>">
113 <legend
>HTML Purifier
Input (<?php
echo getFormMethod(); ?
>)</legend
>
114 <textarea name
="html" cols
="60" rows
="15"><?php
117 echo htmlspecialchars(
118 HTMLPurifier_Encoder
::cleanUTF8($html), ENT_COMPAT
, 'UTF-8');
121 <?php
if (getFormMethod() == 'get') { ?
>
122 <p
><strong
>Warning
:</strong
> GET request method can only hold
123 8129 characters (probably less depending on your browser
).
124 If you need to test anything
125 larger than that
, try the
<a href
="?post">POST form
</a
>.</p
>
127 <?php
if (extension_loaded('tidy')) { ?
>
128 <div
>Nicely format output with Tidy?
<input type
="checkbox" value
="1"
129 name
="tidy"<?php
if (!empty($_REQUEST['tidy'])) echo ' checked="checked"'; ?
> /></div
>
131 <div
>XHTML
1.0 Strict output?
<input type
="checkbox" value
="1"
132 name
="strict"<?php
if (!empty($_REQUEST['strict'])) echo ' checked="checked"'; ?
> /></div
>
133 <div
>Serve
as application
/xhtml+xml?
(not
for IE
) <input type
="checkbox" value
="1"
134 name
="xml"<?php
if (!empty($_REQUEST['xml'])) echo ' checked="checked"'; ?
> /></div
>
136 <input type
="submit" value
="Submit" name
="submit" class="button" />
140 <p
>Try the form in
<a href
="?get">GET
</a
> and <a href
="?post">POST
</a
> request
141 flavors (GET is easy to validate with W3C
, but POST allows larger inputs
).</p
>