From 77ce3e8b4a11deda12172a99fb9b523d405d0bc2 Mon Sep 17 00:00:00 2001 From: "Edward Z. Yang" Date: Tue, 13 May 2008 03:17:38 +0000 Subject: [PATCH] [3.1.0] Extend scanner to catch $this->config; chmod new directories from Serializer. I'm not exactly sure what the implications of the bugfix are, but hopefully it won't blow up. git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1708 48356398-32a2-884e-a903-53898d9a118a --- NEWS | 1 + TODO | 6 -- configdoc/usage.xml | 10 ++++ .../HTMLPurifier/DefinitionCache/Serializer.php | 15 +---- library/HTMLPurifier/Generator.php | 8 +-- maintenance/config-scanner.php | 65 ++++++++++++++-------- 6 files changed, 61 insertions(+), 44 deletions(-) diff --git a/NEWS b/NEWS index 96abd22e..8f9d14cc 100644 --- a/NEWS +++ b/NEWS @@ -46,6 +46,7 @@ NEWS ( CHANGELOG and HISTORY ) HTMLPurifier - If DOM throws and exception during parsing with PH5P (occurs in newer versions of DOM), HTML Purifier punts to DirectLex - Fatal error with unserialization of ScriptRequired +- Created directories are now chmod'ed properly . Out-of-date documentation revised . UTF-8 encoding check optimization as suggested by Diego . HTMLPurifier_Error removed in favor of exceptions diff --git a/TODO b/TODO index db82c4c2..eca4768c 100644 --- a/TODO +++ b/TODO @@ -11,12 +11,6 @@ If no interest is expressed for a feature that may require a considerable amount of effort to implement, it may get endlessly delayed. Do not be afraid to cast your vote for the next feature to be implemented! - - Figure out what to do with $this->config configuration object calls - in the scanner - - Quick optimizations for empty strings and strings without HTML (make sure - %HTML.Parent is accounted for) - Denis - - Ensure cache files by Serializer are chmod'ed properly - Denis - FUTURE VERSIONS --------------- diff --git a/configdoc/usage.xml b/configdoc/usage.xml index 286f8d16..0d7346b3 100644 --- a/configdoc/usage.xml +++ b/configdoc/usage.xml @@ -94,6 +94,16 @@ 41 + + + 70 + + + + + 84 + + 213 diff --git a/library/HTMLPurifier/DefinitionCache/Serializer.php b/library/HTMLPurifier/DefinitionCache/Serializer.php index be3c9ef9..ef082217 100644 --- a/library/HTMLPurifier/DefinitionCache/Serializer.php +++ b/library/HTMLPurifier/DefinitionCache/Serializer.php @@ -100,18 +100,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends * @return Number of bytes written if success, or false if failure. */ private function _write($file, $data) { - static $file_put_contents; - if ($file_put_contents === null) { - $file_put_contents = function_exists('file_put_contents'); - } - if ($file_put_contents) { - return file_put_contents($file, $data); - } - $fh = fopen($file, 'w'); - if (!$fh) return false; - $status = fwrite($fh, $data); - fclose($fh); - return $status; + return file_put_contents($file, $data); } /** @@ -130,7 +119,9 @@ class HTMLPurifier_DefinitionCache_Serializer extends } elseif (!$this->_testPermissions($base)) { return false; } + $old = umask(0022); // disable group and world writes mkdir($directory); + umask($old); } elseif (!$this->_testPermissions($directory)) { return false; } diff --git a/library/HTMLPurifier/Generator.php b/library/HTMLPurifier/Generator.php index 736772da..e35ce8cf 100644 --- a/library/HTMLPurifier/Generator.php +++ b/library/HTMLPurifier/Generator.php @@ -29,7 +29,7 @@ class HTMLPurifier_Generator /** * Configuration for the generator */ - private $_config; + protected $config; /** * @param $config Instance of HTMLPurifier_Config @@ -37,7 +37,7 @@ class HTMLPurifier_Generator */ public function __construct($config = null, $context = null) { if (!$config) $config = HTMLPurifier_Config::createDefault(); - $this->_config = $config; + $this->config = $config; $this->_scriptFix = $config->get('Output', 'CommentScriptContents'); $this->_def = $config->getHTMLDefinition(); $this->_xhtml = $this->_def->doctype->xml; @@ -67,7 +67,7 @@ class HTMLPurifier_Generator } // Tidy cleanup - if (extension_loaded('tidy') && $this->_config->get('Output', 'TidyFormat')) { + if (extension_loaded('tidy') && $this->config->get('Output', 'TidyFormat')) { $tidy = new Tidy; $tidy->parseString($html, array( 'indent'=> true, @@ -81,7 +81,7 @@ class HTMLPurifier_Generator } // Normalize newlines to system defined value - $nl = $this->_config->get('Output', 'Newline'); + $nl = $this->config->get('Output', 'Newline'); if ($nl === null) $nl = PHP_EOL; if ($nl !== "\n") $html = str_replace("\n", $nl, $html); return $html; diff --git a/maintenance/config-scanner.php b/maintenance/config-scanner.php index fb786b02..d933f875 100644 --- a/maintenance/config-scanner.php +++ b/maintenance/config-scanner.php @@ -62,7 +62,19 @@ foreach ($files as $file) { $tokens = token_get_all(file_get_contents($file)); $file = str_replace('\\', '/', $file); for ($i = 0, $c = count($tokens); $i < $c; $i++) { - if (!testToken($tokens[$i], T_VARIABLE, '$config')) continue; + $ok = false; + // Match $config + if (!$ok && testToken($tokens[$i], T_VARIABLE, '$config')) $ok = true; + // Match $this->config + while (!$ok && testToken($tokens[$i], T_VARIABLE, '$this')) { + consumeWhitespace($tokens, $i); + if (!testToken($tokens[$i], T_OBJECT_OPERATOR)) break; + consumeWhitespace($tokens, $i); + if (testToken($tokens[$i], T_STRING, 'config')) $ok = true; + break; + } + if (!$ok) continue; + $ok = false; for($i++; $i < $c; $i++) { if ($tokens[$i] === ',' || $tokens[$i] === ')' || $tokens[$i] === ';') { @@ -86,31 +98,40 @@ foreach ($files as $file) { $full_counter++; - // The T_CONSTANT_ENCAPSED_STRING may hide some more obscure use-cases; - // it may be useful to log these. - consumeWhitespace($tokens, $i); - if (!testToken($tokens[$i], T_CONSTANT_ENCAPSED_STRING)) continue; - $namespace = substr($tokens[$i][1], 1, -1); - - consumeWhitespace($tokens, $i); - if (!testToken($tokens[$i], ',')) continue; - - consumeWhitespace($tokens, $i); - if (!testToken($tokens[$i], T_CONSTANT_ENCAPSED_STRING)) continue; - $directive = substr($tokens[$i][1], 1, -1); - - $counter++; - - $id = "$namespace.$directive"; - if (!isset($tracker[$id])) $tracker[$id] = array(); - if (!isset($tracker[$id][$file])) $tracker[$id][$file] = array(); - $tracker[$id][$file][] = $line; + $matched = false; + do { + + // What we currently don't match are batch retrievals, and + // wildcard retrievals. This data might be useful in the future, + // which is why we have a do {} while loop that doesn't actually + // do anything. + + consumeWhitespace($tokens, $i); + if (!testToken($tokens[$i], T_CONSTANT_ENCAPSED_STRING)) continue; + $namespace = substr($tokens[$i][1], 1, -1); + + consumeWhitespace($tokens, $i); + if (!testToken($tokens[$i], ',')) continue; + + consumeWhitespace($tokens, $i); + if (!testToken($tokens[$i], T_CONSTANT_ENCAPSED_STRING)) continue; + $directive = substr($tokens[$i][1], 1, -1); + + $counter++; + $matched = true; + + $id = "$namespace.$directive"; + if (!isset($tracker[$id])) $tracker[$id] = array(); + if (!isset($tracker[$id][$file])) $tracker[$id][$file] = array(); + $tracker[$id][$file][] = $line; + + } while (0); - // echo "$file:$line uses $namespace.$directive\n"; + //echo "$file:$line uses $namespace.$directive\n"; } } -echo "\n$counter/$full_counter instances of \$config found in source code.\n"; +echo "\n$counter/$full_counter instances of \$config or \$this->config found in source code.\n"; echo "Generating XML... "; -- 2.11.4.GIT