| [ PHPXref.com ] | [ Generated: Sun Jul 20 18:53:27 2008 ] | [ myPHPNuke 1.8.8_8 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 3 @( (bool)FALSE === strpos( $_SERVER['REQUEST_URI'], basename( __FILE__ ) ) ) OR exit( '!! ACCESS DENIED !!' ); 4 //error_reporting( _E_VALUE ); 5 6 /* vim: set expandtab tabstop=4 shiftwidth=4: */ 7 8 // ***** BEGIN LICENSE BLOCK ( DO NOT REMOVE ) ***** 9 10 // +----------------------------------------------------------------------+ 11 // | WebSanitizer For MPN 188_8 | 12 // | | 13 // | -> Web Security Front End Input/Output Content Sanitizing | 14 // | -> Request URI, Link, And Basic Form Validation | 15 // | -> Content Censoring | 16 // | -> Custom Html Formatting Replacements/Adjustments | 17 // | -> Automated Link And Smiley Conversions | 18 // | -> BBCode Tag Support | 19 // +----------------------------------------------------------------------+ 20 // | VERSION: 0.3 Alpha | 21 // +----------------------------------------------------------------------+ 22 // | LICENSE: GPL 2.0 (see docs/LICENSE_GPL) | 23 // | | 24 // | This file is part of WebSanitizer For MPN 188_8. | 25 // | | 26 // | WebSanitizer For MPN 188_8 is free software; you can redistribute it | 27 // | and/or modify it under the terms of the GNU General Public License | 28 // | as published by the Free Software Foundation; either version 2 | 29 // | of the License, or (at your option) any later version. | 30 // | | 31 // | WebSanitizer For MPN 188_8 is distributed in the hope that it | 32 // | will be useful, but WITHOUT ANY WARRANTY; without even the implied | 33 // | warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | 34 // | See the GNU General Public License for more details. | 35 // | | 36 // | You should have received a copy of the GNU General Public License | 37 // | along with WebSanitizer For MPN 188_8; if not, write to the | 38 // | Free Software Foundation, Inc., | 39 // | 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | 40 // +----------------------------------------------------------------------+ 41 // | AUTHOR(s): | 42 // | | 43 // | The Original Code is the WebSanitizer For MPN 188_8. | 44 // | The Initial Developer of the Original Code is Eric Haddix. | 45 // | | 46 // | Portions created by Eric Haddix or Kiril Threndor | 47 // | <support@websanitizer.illearth.net> are | 48 // | Copyright (C) 2003 Eric Haddix. All Rights Reserved. | 49 // | | 50 // | Portions from htmlfilter.inc v. 1.1, created by | 51 // | Konstantin Riabitsev <icon@linux.duke.edu> are | 52 // | Copyright (C) 2002-2003 by Duke University. All Rights Reserved. | 53 // +----------------------------------------------------------------------+ 54 // | CONTRIBUTOR(s): | 55 // | | 56 // | | 57 // +----------------------------------------------------------------------+ 58 // | MODIFICATIONS: | 59 // | | 60 // | | 61 // +----------------------------------------------------------------------+ 62 // | REQUIRED FILES: core_Sanitize.param.php | 63 // | core_AllowArrays.param.php ( Optional ) | 64 // +----------------------------------------------------------------------+ 65 // | NOTES: | 66 // | This Class is designed to work in conjunction with an appropriate | 67 // | subclass. You will need to build your own subclass(es) or use | 68 // | the ones provided with this class. | 69 // | | 70 // | The oringal htmlfilter source code can be found at: | 71 // | http://linux.duke.edu/projects/mini/htmlfilter/ | 72 // +----------------------------------------------------------------------+ 73 // | SUPPORT: | 74 // | WEB: http://myphpnuke.com/ | 75 // | EMAIL: support@websanitizer.illearth.net | 76 // +----------------------------------------------------------------------+ 77 // $Id: core_Sanitize.class.php,v 1.48.2.24.4.3 2004/12/01 13:52:02 kirilt Exp $ 78 79 // ***** END LICENSE BLOCK ( DO NOT REMOVE ) ***** 80 81 82 class Sanitizer 83 { 84 /** 85 * Default Parameter File ( relative to class root ) 86 * 87 * If you need to make adjustments to the default sanitizing parameters 88 * it is recommended you do it in the parameter file and not this class. 89 * The class parameter defaults defined below should remain intact as 90 * a default safeguard. 91 * 92 * Note: Do not use prefix slash if in a sub-directory of class root 93 * 94 * @var string 95 */ 96 97 var $def_sanparam = 'inc/core_Sanitize.param.php'; 98 99 /** 100 * Process String Type ID 101 * 102 * This sets how to process the string 103 * See parameter comments in method sanitize 104 * 105 * @var bool 106 */ 107 108 var $proc_type = 1; 109 110 /** 111 * BB Encoder Enabled 112 * 113 * @var bool 114 */ 115 116 var $bbencoder_on = FALSE; 117 118 /** 119 * Enable / Disable Smiley Encoding 120 * 121 * @var bool ( Default FALSE ) 122 */ 123 124 var $encode_smileys = FALSE; 125 126 /** 127 * Available Smiles Array 128 * 129 * @var array ( Default NULL ) 130 */ 131 132 var $smile_ary = array(); 133 134 /** 135 * Absolute Path To Directory Where Smiles Are Kept 136 * 137 * Example: http://mydomain.com/images/smiles/ 138 * 139 * NOTE: Must Contain Trailing Slash 140 * 141 * @var string 142 */ 143 144 var $smile_uri = NULL; 145 146 /** 147 * Make Text "Links" Clickable 148 * 149 * @var bool ( Default FALSE ) 150 */ 151 152 var $make_clickable = FALSE; 153 154 /** 155 * Enable / Disable Return Literal 156 * 157 * @var bool ( Default FALSE ) 158 */ 159 160 var $return_literal = FALSE; 161 162 /** 163 * Holds Bool Value To Remove/Allow HTML Tags 164 * Once Shifted off the $taglist array 165 * 166 * @var bool ( default TRUE removes ALL tags if taglist array is empty ) 167 */ 168 169 var $rmtags = TRUE; 170 171 /** 172 * Holds Bool Value To Remove/Allow BBCode Tags 173 * Once Shifted off the $bbtaglist array 174 * 175 * @var bool ( default TRUE removes ALL tags if bbtaglist array is empty ) 176 */ 177 178 var $bbrmtags = TRUE; 179 180 /** 181 * Holds Bool Value To Replace Tags 182 * Once Shifted off the $rpltag_list array 183 * 184 * @var bool ( default FALSE -> Replace None ) 185 */ 186 187 var $rpl_tags = FALSE; 188 189 /** 190 * Enable / Disable tag closing 191 * 192 * Tags set in self_closing_tags array 193 * 194 * @var bool 195 */ 196 197 var $force_tag_closing = FALSE; 198 199 /** 200 * Protect Mode 201 * 202 * Indicates If In Protect Mode Or Not 203 * 204 * @var bool 205 */ 206 207 var $protect_mode = FALSE; 208 209 /** 210 * Body length of text being processed 211 * 212 * @var integer 213 */ 214 215 var $body_length = 0; 216 217 /** 218 * BBCode Delimiters 219 * 220 * @var array 221 */ 222 223 var $bb_delim = array( '[' , ']' ); 224 225 /** 226 * Default Print Delimiters 227 * 228 * @var array 229 */ 230 231 var $html_delim = array( '<', '>' ); 232 233 /** 234 * Allowed Opening Delimiter Array 235 * Provides For Dynamic Tag Checking 236 * 237 * @var array 238 */ 239 240 var $delim_open = array( '<', '[' ); 241 242 /** 243 * Allowed Closing Delimiter Array 244 * Provides For Dynamic Tag Checking 245 * 246 * @var array 247 */ 248 249 var $delim_close = array( '>', ']' ); 250 251 /** 252 * Default Opening Tag Delimiter 253 * 254 * @var string 255 */ 256 257 var $open_delim = '<'; 258 259 /** 260 * Default Closing Tag Delimiter 261 * 262 * @var string 263 */ 264 265 var $close_delim = '>'; 266 267 /** 268 * Protected Tag Name Holder 269 * 270 * @var array 271 */ 272 273 var $ptag = NULL; 274 275 /** 276 * Track Opening Protected Tag Delimiter If In Protect Mode. 277 * 278 * @var array 279 * $syntax array( $open_delim, $close_delim ) 280 * @default NULL (leave at default) 281 */ 282 283 var $ptag_delims = NULL; 284 285 /** 286 * Strip Tags And Tag Content By Delimiter 287 * 288 * This arrays consists of opening delimters for 289 * tags and their content you want unconditionally removed 290 * 291 * @var array 292 */ 293 294 var $strip_tags = array(); 295 296 /** 297 * Allow / Disallow HTML Tag Array 298 * 299 * @var array 300 */ 301 302 var $taglist = array 303 ( 304 FALSE 305 , 'html' 306 , 'head' 307 , 'meta' 308 , 'link' 309 , 'body' 310 , 'frameset' 311 , 'frame' 312 , 'blink' 313 , 'object' 314 , 'font' 315 , 'iframe' 316 , 'layer' 317 , 'ilayer' 318 , 'form' 319 , 'script' 320 , 'plaintext' 321 ); 322 323 324 /** 325 * BBCode Runtime TagList 326 * 327 * @var array 328 */ 329 330 var $bbtaglist = array 331 ( 332 TRUE 333 , 'code' 334 , 'quote' 335 , 'b' 336 , 'i' 337 , 'list' 338 , 'li' 339 , 'uri' 340 , 'img' 341 , 'addsig' 342 ); 343 344 /** 345 * Optional List Of Tags To Use As Replacements 346 * for tags in the $tag_list array 347 * 348 * To Be Implemented At A Later Time 349 * 350 * Default: Replace None 351 * 352 * @var array 353 */ 354 355 var $rpltag_list = array(); 356 357 /** 358 * Store Valid Links From Body 359 * 360 * Enable/Disable Link Storage 361 * 362 * @var bool 363 */ 364 365 var $track_links = FALSE; 366 367 /** 368 * Validate Links From Body On Secondary Scans 369 * 370 * Enable/Disable Secodary Link Check 371 * 372 * Secondary link validation is more 373 * restrictive than the primary sanitizing check 374 * 375 * @var bool 376 */ 377 378 var $validate_links = TRUE; 379 380 /** 381 * Restricted Characters In Request URI And Links 382 * 383 * String MUST be compatible with function preg_match() 384 * It is highly recommended you leave this value at it's default 385 * Related methods scan for restricted characters ONLY 386 * 387 * @var string ( regex compatible with preq_match() ) 388 * @default '/[\\\\:\/\<\>\.\*\(\)\[\]\{\}\$\^\!\s\%\|]/' 389 * @access private 390 * @note The default will cause an "access denied" in GET requests 391 * if they contain spaces. If you want to allow spaces in GET 392 * requests, remove the "\s" from the regex string 393 */ 394 395 var $_uri_restrict_char = '/[\\\\:\/\<\>\.\*\(\)\[\]\{\}\$\^\!\s\%\|]/'; 396 397 /** 398 * Valid Links From Body 399 * 400 * @var array 401 */ 402 403 var $valid_links = array( 404 'a' => array() 405 , 'img' => array() 406 , 'form' => array() 407 , 'script' => array() 408 , 'applet' => array() 409 ); 410 411 /** 412 * Store Form Tag Names 413 * 414 * Store the names of the form elements 415 * 416 * @var bool 417 */ 418 419 var $track_forms = FALSE; 420 421 /** 422 * Array Of Allowed Form Tag Names 423 * 424 * Used to store form element names 425 * 426 * @var array 427 */ 428 429 var $form_tags = array( 430 'form' => array() 431 , 'input' => array( 'name' => array() ) 432 , 'select' => array( 'name' => array() ) 433 , 'option' => array( 'name' => array() ) 434 , 'textarea' => array( 'name' => array() ) 435 , 'button' => array( 'name' => array() ) 436 ); 437 438 /** 439 * Array Of Form Variables From The Above form_tag_list 440 * 441 * Used to store form element names 442 * 443 * @var array 444 */ 445 446 var $form_variables = array(); 447 448 /** 449 * Array Of original form methods in the event it is replaced. 450 * ex. replaced get with post, but need to know the original method later. 451 * Indexed by Form ID number. 452 * 453 * @var array 454 */ 455 456 var $form_methods = array(); 457 458 /** 459 * Array of Form ID's 460 * 461 * @var array 462 */ 463 464 var $form_ids = array(); 465 466 /** 467 * Current Form ID Being Processed 468 * 469 * @var integer 470 */ 471 472 var $form_id = 0; 473 474 /** 475 * Form Counter 476 * 477 * Tracks The Current Form Number 478 * 479 * @var int 480 */ 481 482 var $form_cnt = 0; 483 484 /** 485 * Form Number 486 * 487 * Expected number of forms in a particular scan 488 * This number when set should match the size of 489 * the form ID array EXACTLY 490 * 491 * @var int 492 */ 493 494 var $form_num = 0; 495 496 /** 497 * Tags To Skip Additional Action On 498 * During Scans Done On Free Content 499 * 500 * @var array 501 */ 502 503 var $skip_action_tag = array( 'a', 'uri', 'img' ); 504 505 /** 506 * Protect Content Tag Array 507 * Default: Protect None 508 * 509 * @var array 510 */ 511 512 var $protect_content = array( 'code', 'pre', 'lit' ); 513 514 /** 515 * Tags that must have content along with the tag 516 * 517 * @var array 518 */ 519 520 var $rm_tags_with_content = array 521 ( 522 'script' 523 , 'style' 524 , 'applet' 525 , 'embed' 526 , 'head' 527 , 'frameset' 528 , 'frame' 529 , 'xml' 530 , 'form' 531 ); 532 533 /** 534 * Tags that should self close ( XHTML ) 535 * 536 * @var array 537 */ 538 539 var $self_closing_tags = array 540 ( 541 'br' 542 , 'hr' 543 , 'input' 544 , 'li' 545 , 'addsig' 546 , 'img' 547 ); 548 549 /** 550 * Remove all attributes from allowed tags 551 * listed in this array 552 * 553 * @var array 554 */ 555 556 var $rm_all_att = array 557 ( 558 'script' 559 , 'style' 560 , 'applet' 561 , 'embed' 562 , 'head' 563 , 'frameset' 564 , 'xml' 565 , 'form' 566 ); 567 568 /** 569 * Remove bad attributes names 570 * 571 * @var array 572 */ 573 574 var $rm_attnames = array 575 ( 576 '/.*/' => array 577 ( 578 '/target/i' 579 , '/^on.*/i' 580 , '/^dynsrc/i' 581 , '/^datasrc/i' 582 , '/^data.*/i' 583 , '/^lowsrc/i' 584 ) 585 ); 586 587 /** 588 * Remove bad attribute values 589 * 590 * @var array 591 */ 592 593 var $bad_attvals = array 594 ( 595 '/.*/' => array 596 ( 597 '/.*/' => array 598 ( 599 array 600 ( 601 '/^([\'\"])\s*\S+\s*script\s*:*(.*)([\'\"])/si' 602 , '/^([\'\"])\s*https*\s*:(.*)([\'\"])/si' 603 , '/^([\'\"])\s*mocha\s*:*(.*)([\'\"])/si' 604 , '/^([\'\"])\s*about\s*:(.*)([\'\"])/si' 605 ) 606 607 ,array 608 ( 609 '\\1oddjob:\\2\\1' 610 , '\\1uucp:\\2\\1' 611 , '\\1amaretto:\\2\\1' 612 , '\\1round:\\2\\1' 613 ) 614 ) 615 616 ,'/^style/i' => array 617 ( 618 array 619 ( 620 '/expression/i' 621 , '/behaviou*r/i' 622 , '/binding/i' 623 , '/include-source/i' 624 , '/url\s*\(\s*([\'\"]*)\s*https*:.*([\'\"]*)\s*\)/si' 625 , '/url\s*\(\s*([\'\"]*)\s*\S+\s*script:.*([\'\"]*)\s*\)/si' 626 ) 627 628 ,array 629 ( 630 'idiocy' 631 , 'idiocy' 632 , 'idiocy' 633 , 'idiocy' 634 , 'url(\\1http://securityfocus.com/\\1)' 635 , 'url(\\1http://securityfocus.com/\\1)' 636 ) 637 ) 638 ) 639 ); 640 641 /** 642 * Fix bad attribute values 643 * 644 * @var array 645 */ 646 647 var $fix_bad_attr_vals = array(); 648 649 /** 650 * Allowed http:// Attribute Values 651 * tag => attname array 652 * 653 * @var array 654 */ 655 656 var $allow_http_attval = array 657 ( 658 'a' => array( 'href' ) 659 , 'uri' => array( 'href' ) 660 , 'img' => array( 'src' ) 661 ); 662 663 /** 664 * Add Attributes To Tags 665 * 666 * @var bool 667 */ 668 669 var $add_attrib = FALSE; 670 671 /** 672 * Array Of Attributes To Add 673 * 674 * @var array 675 */ 676 677 var $add_attr_to_tag = array 678 ( 679 'a' => array( 'target' => '"_blank"' ) 680 ); 681 682 /** 683 * Censor Body Text 684 * 685 * @var bool 686 */ 687 688 var $censor = TRUE; 689 690 /** 691 * Strip Slashes 692 * 693 * @var bool DEFAULT = TRUE ( Stripem ) 694 */ 695 696 var $strip_slashes = TRUE; 697 698 /** 699 * Add Position Comments In Free Content 700 * 701 * @var bool DEFAULT = FALSE 702 */ 703 704 var $add_pos_comm = FALSE; 705 706 /** 707 * Position Comment Insert Increment 708 * 709 * This will insert a position comment every n 710 * characters at the closest match to n in free content 711 * 712 * @var integer DEFAULT = 500 713 */ 714 715 var $add_pos_inc = 500; 716 717 /** 718 * Tracks Previous Comment Insert Position 719 * 720 * @var interger DEFAULT = 0 721 */ 722 723 var $add_pos_tracker = 0; 724 725 /** 726 * Check Restricted Domains. 727 * 728 * URL list is in file restricted_doms.csv 729 * To add a URL to the list, enter any valid part of a domain 730 * you want to restrict. One URL per line starting on line 3. 731 * 732 * This checks content that runs through method validateContent. 733 * 734 * @var bool DEFAULT = TRUE 735 */ 736 737 var $_chk_restricted_doms = TRUE; 738 739 /** 740 * Check All Content For Restricted Domains. 741 * 742 * Same as above, except this will run scan all content, not just content 743 * that gets run through method validateContent. 744 * 745 * CAUTION: This could be expensive, use with caution. 746 * 747 * @var bool DEFAULT = FALSE 748 */ 749 750 var $chkall_restricted_doms = TRUE; 751 752 /** 753 * Restricted URL Array. 754 * 755 * Array of restricted URL's extracted from ./classes/restricted_doms.csv 756 * 757 * @var bool DEFAULT = TRUE 758 */ 759 760 var $restricted_doms = array(); 761 762 763 /** 764 * Class Constructor 765 * 766 * This is where the initial sanitizing parameters are set. 767 * See method sanitize for a more complete rundown on the arrays 768 * 769 * @param $allow_html ( bool -> allow HTML or un-conditionally deny ) 770 * @param $param_arrays ( string -> path and filename to custom sanitizing parameter arrays ) 771 * @param $allowed_tags ( array -> allowed / disallowed tag array ) 772 * @param $censor ( bool -> Enable / Disable Word Censoring ) 773 * 774 * @return void. 775 */ 776 777 function Sanitizer( $allow_html = TRUE, $param_arrays = NULL, $allowed_tags = NULL, $censor = TRUE ) 778 { 779 $num_args = func_num_args(); 780 $init = (bool)FALSE; 781 782 if ( $num_args == 4 ) 783 { 784 // Unconditionally Strip ALL Tags And Content Containing This Delimiter 785 786 if ( ! $allow_html ) { $this -> strip_tags = array( '<' ); } 787 788 // Core Sainitizing Parameter Arrays 789 790 if ( ! empty( $param_arrays ) ) { $init = $param_arrays; } 791 792 // Allowed / Disallowed Tags 793 794 if ( ! empty( $allowed_tags ) ) { $this -> taglist = $allowed_tags; } 795 796 // Censor Words 797 798 if ( ! $censor ) { $this -> censor = (bool)FALSE; } 799 } 800 801 // Initialize The Class Variables 802 803 if ( $this -> censor ) 804 { 805 if ( $list = file( './censor_list.csv' ) ) 806 { 807 foreach ( $list as $v ) 808 { 809 $list_tmp = explode( ',' , $v ); 810 811 $tmp1 = trim( $list_tmp[0] ); 812 $tmp2 = trim( $list_tmp[1] ); 813 814 $this -> censor_list[] = "/\b$tmp1\b/si"; 815 $this -> censor_replace[] = "$tmp2"; 816 } 817 818 unset( $list, $list_tmp, $tmp1, $tmp2 ); 819 } 820 } 821 822 // Get Restricted URL's Array If Required 823 824 if ( $this -> _chk_restricted_doms ) 825 { 826 if ( @is_file( _DP_CLASS_PAR . 'restricted_doms.csv' ) ) 827 { 828 $this -> restricted_doms = @file( _DP_CLASS_PAR . 'restricted_doms.csv' ); 829 unset( $this -> restricted_doms[0], $this -> restricted_doms[1] ); 830 $this -> trimContent( $this -> restricted_doms ); 831 } 832 } 833 834 // Turn Off Strip Slashes If Magic Quotes Is Off 835 836 if ( ! get_magic_quotes_gpc() ) 837 { 838 $this -> strip_slashes = (bool)FALSE; 839 } 840 841 if ( empty( $init ) && defined( '_DPF_SANITY' ) ) 842 { 843 $init = _DPF_SANITY; 844 } 845 846 if ( $init && include $init ) 847 { 848 // Allowed / Disallowed Tags 849 850 if ( empty( $allowed_tags ) ) 851 { 852 $this -> taglist = $tag_list; 853 } 854 855 if ( is_bool( $this -> taglist[0] ) ) 856 { 857 $this -> rmtags = array_shift( $this -> taglist ); 858 } 859 860 // Normalize 861 862 array_walk( $this -> taglist, array( $this, 'casenormalize' ) ); 863 864 // Optional Replacement Tag Array For Above Tags 865 866 if ( ! empty( $rpltag_list ) ) 867 { 868 $this -> rpltag_list = $rpltag_list; 869 870 if ( is_bool( $this -> rpltag_list[0] ) ) 871 { 872 $this -> rpl_tags = array_shift( $this -> rpltag_list ); 873 } 874 } 875 876 // Remove Tags And Content Contained Within Unconditionally 877 878 if ( ! empty( $rm_tags_with_content ) ) 879 { 880 $this -> rm_tags_with_content = $rm_tags_with_content; 881 array_walk( $this -> rm_tags_with_content, array( $this, 'casenormalize' ) ); 882 } 883 884 // Fix Bad HTML ( self-closing tags ) 885 886 if ( ! empty( $self_closing_tags ) ) 887 { 888 $this -> self_closing_tags = $self_closing_tags; 889 array_walk( $this -> self_closing_tags, array( $this, 'casenormalize' ) ); 890 } 891 892 // Disallowed Attributes 893 894 if ( ! empty( $rm_all_att ) ) 895 { 896 $this -> rm_all_att = $rm_all_att; 897 } 898 899 // Disallowed Attributes 900 901 if ( ! empty( $rm_attnames ) ) 902 { 903 $this -> rm_attnames = $rm_attnames; 904 } 905 906 // Bad Attribute Values 907 908 if ( ! empty( $bad_attvals ) ) 909 { 910 $this -> bad_attvals = $bad_attvals; 911 } 912 913 // Fix Bad Attribute Values 914 915 if ( ! empty( $fix_bad_attr_vals ) ) 916 { 917 $this -> fix_bad_attr_vals = $fix_bad_attr_vals; 918 } 919 920 // Allowed http:// Attribute Values tag => attname array 921 922 if ( ! empty( $allow_http_attr_vals ) ) 923 { 924 $this -> allow_http_attval = $allow_http_attr_vals; 925 } 926 927 // Add Attributes To Tags 928 929 if ( ! empty( $add_attr_to_tag ) ) 930 { 931 $this -> add_attr_to_tag = $add_attr_to_tag; 932 } 933 } 934 else 935 { 936 exit( '<h1>!! SECURITY COMPROMISED !!</h1>' ); 937 } 938 939 } // End Constructor 940 941 942 /** 943 * #################### ORIGINAL HELPER METHODS #################### 944 * 945 * The following three methods are helper functions that were 946 * part of the original htmlfilter.inc, but were modified for the class. 947 * 948 */ 949 950 /** 951 * This is a debugging method used throughout the code. To enable 952 * debugging you have to change the class variable debug to TRUE 953 * and uncomment the appropriate (or all) calls to this method. 954 * 955 * @param $message ( string -> Message to output. ) 956 * @return void. 957 */ 958 959 function wsDump( $message ) 960 { 961 if ( $this -> debug ) 962 { 963 echo '<br />' . $message; 964 } 965 966 } // End Method wsDump 967 968 /** 969 * This method skips any whitespace from the current position within 970 * a string and to the next non-whitespace value. 971 * 972 * @param $body ( string -> Content string to process ) 973 * @param $offset ( integer -> the offset within the string where we should start 974 * looking for the next non-whitespace character. ) 975 * 976 * @return integer ( the integer position within the $body where the next 977 * non-whitespace char is located. ) 978 */ 979 980 function skipspace( $body, $offset ) 981 { 982 if ( 0 !== ( preg_match( '/^(\s*)/s', substr( $body, $offset ), $matches ) ) ) 983 { 984 $count = strlen( $matches[1] ); 985 986 //$this -> wsDump( "Method skipspace: skipped $count chars\n" ); 987 988 $offset += $count; 989 } 990 991 return $offset; 992 993 } // End Method skipspace 994 995 /** 996 * A small helper method to use with array_walk. Modifies a by-ref 997 * value and makes it lowercase. 998 *