PEEL Shopping
Open source ecommerce : PEEL Shopping
htmlawed.php
Go to the documentation of this file.
1 <?php
2 // This file should be in UTF8 without BOM - Accents examples: éèê
3 // +----------------------------------------------------------------------+
4 // | Copyright (c) 2004-2015 Advisto SAS, service PEEL - contact@peel.fr |
5 // +----------------------------------------------------------------------+
6 // | This file is part of PEEL Shopping 8.0.0, which is subject to an |
7 // | opensource GPL license: you are allowed to customize the code |
8 // | for your own needs, but must keep your changes under GPL |
9 // | More information: https://www.peel.fr/lire/licence-gpl-70.html |
10 // +----------------------------------------------------------------------+
11 // | Author: Advisto SAS, RCS 479 205 452, France, https://www.peel.fr/ |
12 // +----------------------------------------------------------------------+
13 // $Id: htmlawed.php 46935 2015-09-18 08:49:48Z gboussin $
14 if (!defined('IN_PEEL'))
15 {
16  die();
17 }
18 
19 if (!function_exists('htmLawed'))
20 {
21  /*
22 htmLawed 1.1.14, 8 August 2012
23 Copyright Santosh Patnaik
24 Dual licensed with LGPL 3 and GPL 2+
25 A PHP Labware internal utility; www.bioinformatics.org/phplabware/internal_utilities/htmLawed
26 
27 See htmLawed_README.txt/htm
28 */
29 
30  function htmLawed($t, $C=1, $S=array())
31  {
32  $C = is_array($C) ? $C : array();
33  if (!empty($C['valid_xhtml']))
34  {
35  $C['elements'] = empty($C['elements']) ? '*-center-dir-font-isindex-menu-s-strike-u' : $C['elements'];
36  $C['make_tag_strict'] = isset($C['make_tag_strict']) ? $C['make_tag_strict'] : 2;
37  $C['xml:lang'] = isset($C['xml:lang']) ? $C['xml:lang'] : 2;
38  }
39  // config eles
40  // 86/deprecated+embed+ruby
41  $e = array('a'=>1, 'abbr'=>1, 'acronym'=>1, 'address'=>1, 'applet'=>1, 'area'=>1, 'b'=>1, 'bdo'=>1, 'big'=>1, 'blockquote'=>1, 'br'=>1, 'button'=>1, 'caption'=>1, 'center'=>1, 'cite'=>1, 'code'=>1, 'col'=>1, 'colgroup'=>1, 'dd'=>1, 'del'=>1, 'dfn'=>1, 'dir'=>1, 'div'=>1, 'dl'=>1, 'dt'=>1, 'em'=>1, 'embed'=>1, 'fieldset'=>1, 'font'=>1, 'form'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'hr'=>1, 'i'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'ins'=>1, 'isindex'=>1, 'kbd'=>1, 'label'=>1, 'legend'=>1, 'li'=>1, 'map'=>1, 'menu'=>1, 'noscript'=>1, 'object'=>1, 'ol'=>1, 'optgroup'=>1, 'option'=>1, 'p'=>1, 'param'=>1, 'pre'=>1, 'q'=>1, 'rb'=>1, 'rbc'=>1, 'rp'=>1, 'rt'=>1, 'rtc'=>1, 'ruby'=>1, 's'=>1, 'samp'=>1, 'script'=>1, 'select'=>1, 'small'=>1, 'span'=>1, 'strike'=>1, 'strong'=>1, 'sub'=>1, 'sup'=>1, 'table'=>1, 'tbody'=>1, 'td'=>1, 'textarea'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1, 'tt'=>1, 'u'=>1, 'ul'=>1, 'var'=>1);
42 
43  if (!empty($C['safe']))
44  {
45  unset($e['applet'], $e['embed'], $e['iframe'], $e['object'], $e['script']);
46  }
47  $x = !empty($C['elements']) ? str_replace(array("\n", "\r", "\t", ' '), '', $C['elements']) : '*';
48  if ($x == '-*')
49  {
50  $e = array();
51  }
52  else
53  if (strpos($x, '*') === false)
54  {
55  $e = array_flip(explode(',', $x));
56  }
57  else
58  {
59  if (isset($x[1]))
60  {
61  preg_match_all('`(?:^|-|\+)[^\-+]+?(?=-|\+|$)`', $x, $m, PREG_SET_ORDER);
62  for ($i=count($m); --$i>=0; )
63  {
64  $m[$i] = $m[$i][0];
65  }
66  foreach ($m as $v)
67  {
68  if ($v[0] == '+')
69  {
70  $e[substr($v, 1)] = 1;
71  }
72  if ($v[0] == '-' && isset($e[($v = substr($v, 1))]) && !in_array('+'. $v, $m))
73  {
74  unset($e[$v]);
75  }
76  }
77  }
78  }
79  $C['elements'] =& $e;
80  // config attrs
81  $x = !empty($C['deny_attribute']) ? str_replace(array("\n", "\r", "\t", ' '), '', $C['deny_attribute']) : '';
82  $x = array_flip((isset($x[0]) && $x[0] == '*') ? explode('-', $x) : explode(',', $x. (!empty($C['safe']) ? ',on*' : '')));
83  if (isset($x['on*']))
84  {
85  unset($x['on*']);
86  // LISTE Ajoutée par GB
87  $x += array('onabort' => 1, 'onactivate' => 1, 'onafterprint' => 1, 'onafterupdate' => 1, 'onbeforeactivate' => 1, 'onbeforecopy' => 1, 'onbeforecut' => 1, 'onbeforedeactivate' => 1, 'onbeforeeditfocus' => 1, 'onbeforepaste' => 1, 'onbeforeprint' => 1, 'onbeforeunload' => 1, 'onbeforeupdate' => 1, 'onbounce' => 1, 'oncellchange' => 1, 'oncontextmenu' => 1, 'oncontrolselect' => 1, 'oncopy' => 1, 'oncut' => 1, 'ondataavailable' => 1, 'ondatasetchanged' => 1, 'ondatasetcomplete' => 1, 'ondeactivate' => 1, 'ondrag' => 1, 'ondragdrop' => 1, 'ondragend' => 1, 'ondragenter' => 1, 'ondragleave' => 1, 'ondragover' => 1, 'ondragstart' => 1, 'ondrop' => 1, 'onerror' => 1, 'onerrorupdate' => 1, 'onfilterupdate' => 1, 'onfinish' => 1, 'onfocusin' => 1, 'onfocusout' => 1, 'onhelp' => 1, 'onlayoutcomplete' => 1, 'onload' => 1, 'onlosecapture' => 1, 'onmouseenter' => 1, 'onmouseleave' => 1, 'onmousewheel' => 1, 'onmove' => 1, 'onmoveend' => 1, 'onmovestart' => 1, 'onpaste' => 1, 'onpropertychange' => 1, 'onreadystatechange' => 1, 'onresize' => 1, 'onresizeend' => 1, 'onresizestart' => 1, 'onrowexit' => 1, 'onrowsdelete' => 1, 'onrowsinserted' => 1, 'onscroll' => 1, 'onselectionchange' => 1, 'onselectstart' => 1, 'onstart' => 1, 'onstop' => 1, 'onunload' => 1);
88  // LISTE STANDARD
89  $x += array('onblur'=>1, 'onchange'=>1, 'onclick'=>1, 'ondblclick'=>1, 'onfocus'=>1, 'onkeydown'=>1, 'onkeypress'=>1, 'onkeyup'=>1, 'onmousedown'=>1, 'onmousemove'=>1, 'onmouseout'=>1, 'onmouseover'=>1, 'onmouseup'=>1, 'onreset'=>1, 'onselect'=>1, 'onsubmit'=>1);
90  }
91  $C['deny_attribute'] = $x;
92  // config URL
93  $x = (isset($C['schemes'][2]) && strpos($C['schemes'], ':')) ? strtolower($C['schemes']) : 'href: aim, feed, file, ftp, gopher, http, https, irc, mailto, news, nntp, sftp, ssh, telnet; *:file, http, https, data';
94  $C['schemes'] = array();
95  foreach (explode(';', str_replace(array(' ', "\t", "\r", "\n"), '', $x)) as $v)
96  {
97  $x = $x2 = null;
98  list($x, $x2) = explode(':', $v, 2);
99  if ($x2)
100  {
101  $C['schemes'][$x] = array_flip(explode(',', $x2));
102  }
103  }
104  if (!isset($C['schemes']['*']))
105  {
106  $C['schemes']['*'] = array('file'=>1, 'http'=>1, 'https'=>1,);
107  }
108  if (!empty($C['safe']) && empty($C['schemes']['style']))
109  {
110  $C['schemes']['style'] = array('!'=>1);
111  }
112  $C['abs_url'] = isset($C['abs_url']) ? $C['abs_url'] : 0;
113  if (!isset($C['base_url']) or !preg_match('`^[a-zA-Z\d.+\-]+://[^/]+/(.+?/)?$`', $C['base_url']))
114  {
115  $C['base_url'] = $C['abs_url'] = 0;
116  }
117  // config rest
118  $C['and_mark'] = empty($C['and_mark']) ? 0 : 1;
119  $C['anti_link_spam'] = (isset($C['anti_link_spam']) && is_array($C['anti_link_spam']) && count($C['anti_link_spam']) == 2 && (empty($C['anti_link_spam'][0]) or hl_regex($C['anti_link_spam'][0])) && (empty($C['anti_link_spam'][1]) or hl_regex($C['anti_link_spam'][1]))) ? $C['anti_link_spam'] : 0;
120  $C['anti_mail_spam'] = isset($C['anti_mail_spam']) ? $C['anti_mail_spam'] : 0;
121  $C['balance'] = isset($C['balance']) ? (bool)$C['balance'] : 1;
122  $C['cdata'] = isset($C['cdata']) ? $C['cdata'] : (empty($C['safe']) ? 3 : 0);
123  $C['clean_ms_char'] = empty($C['clean_ms_char']) ? 0 : $C['clean_ms_char'];
124  $C['comment'] = isset($C['comment']) ? $C['comment'] : (empty($C['safe']) ? 3 : 0);
125  $C['css_expression'] = empty($C['css_expression']) ? 0 : 1;
126  $C['direct_list_nest'] = empty($C['direct_list_nest']) ? 0 : 1;
127  $C['hexdec_entity'] = isset($C['hexdec_entity']) ? $C['hexdec_entity'] : 1;
128  $C['hook'] = (!empty($C['hook']) && function_exists($C['hook'])) ? $C['hook'] : 0;
129  $C['hook_tag'] = (!empty($C['hook_tag']) && function_exists($C['hook_tag'])) ? $C['hook_tag'] : 0;
130  $C['keep_bad'] = isset($C['keep_bad']) ? $C['keep_bad'] : 6;
131  $C['lc_std_val'] = isset($C['lc_std_val']) ? (bool)$C['lc_std_val'] : 1;
132  $C['make_tag_strict'] = isset($C['make_tag_strict']) ? $C['make_tag_strict'] : 1;
133  $C['named_entity'] = isset($C['named_entity']) ? (bool)$C['named_entity'] : 1;
134  $C['no_deprecated_attr'] = isset($C['no_deprecated_attr']) ? $C['no_deprecated_attr'] : 1;
135  $C['parent'] = isset($C['parent'][0]) ? strtolower($C['parent']) : 'body';
136  $C['show_setting'] = !empty($C['show_setting']) ? $C['show_setting'] : 0;
137  $C['style_pass'] = empty($C['style_pass']) ? 0 : 1;
138  $C['tidy'] = empty($C['tidy']) ? 0 : $C['tidy'];
139  $C['unique_ids'] = isset($C['unique_ids']) ? $C['unique_ids'] : 1;
140  $C['xml:lang'] = isset($C['xml:lang']) ? $C['xml:lang'] : 0;
141 
142  if (isset($GLOBALS['C']))
143  {
144  $reC = $GLOBALS['C'];
145  }
146  $GLOBALS['C'] = $C;
147  $S = is_array($S) ? $S : hl_spec($S);
148  if (isset($GLOBALS['S']))
149  {
150  $reS = $GLOBALS['S'];
151  }
152  $GLOBALS['S'] = $S;
153 
154  $t = preg_replace('`[\x00-\x08\x0b-\x0c\x0e-\x1f]`', '', $t);
155  if ($C['clean_ms_char'])
156  {
157  $x = array("\x7f"=>'', "\x80"=>'&#8364;', "\x81"=>'', "\x83"=>'&#402;', "\x85"=>'&#8230;', "\x86"=>'&#8224;', "\x87"=>'&#8225;', "\x88"=>'&#710;', "\x89"=>'&#8240;', "\x8a"=>'&#352;', "\x8b"=>'&#8249;', "\x8c"=>'&#338;', "\x8d"=>'', "\x8e"=>'&#381;', "\x8f"=>'', "\x90"=>'', "\x95"=>'&#8226;', "\x96"=>'&#8211;', "\x97"=>'&#8212;', "\x98"=>'&#732;', "\x99"=>'&#8482;', "\x9a"=>'&#353;', "\x9b"=>'&#8250;', "\x9c"=>'&#339;', "\x9d"=>'', "\x9e"=>'&#382;', "\x9f"=>'&#376;');
158  $x = $x + ($C['clean_ms_char'] == 1 ? array("\x82"=>'&#8218;', "\x84"=>'&#8222;', "\x91"=>'&#8216;', "\x92"=>'&#8217;', "\x93"=>'&#8220;', "\x94"=>'&#8221;') : array("\x82"=>'\'', "\x84"=>'"', "\x91"=>'\'', "\x92"=>'\'', "\x93"=>'"', "\x94"=>'"'));
159  $t = strtr($t, $x);
160  }
161  if ($C['cdata'] or $C['comment'])
162  {
163  $t = preg_replace_callback('`<!(?:(?:--.*?--)|(?:\[CDATA\[.*?\]\]))>`sm', 'hl_cmtcd', $t);
164  }
165  $t = preg_replace_callback('`&amp;([A-Za-z][A-Za-z0-9]{1,30}|#(?:[0-9]{1,8}|[Xx][0-9A-Fa-f]{1,7}));`', 'hl_ent', str_replace('&', '&amp;', $t));
166  if ($C['unique_ids'] && !isset($GLOBALS['hl_Ids']))
167  {
168  $GLOBALS['hl_Ids'] = array();
169  }
170  if ($C['hook'])
171  {
172  $t = $C['hook']($t, $C, $S);
173  }
174  if ($C['show_setting'] && preg_match('`^[a-z][a-z0-9_]*$`i', $C['show_setting']))
175  {
176  $GLOBALS[$C['show_setting']] = array('config'=>$C, 'spec'=>$S, 'time'=>microtime());
177  }
178  // main
179  $t = preg_replace_callback('`<(?:(?:\s|$)|(?:[^>]*(?:>|$)))|>`m', 'hl_tag', $t);
180  $t = $C['balance'] ? hl_bal($t, $C['keep_bad'], $C['parent']) : $t;
181  $t = (($C['cdata'] or $C['comment']) && strpos($t, "\x01") !== false) ? str_replace(array("\x01", "\x02", "\x03", "\x04", "\x05"), array('', '', '&', '<', '>'), $t) : $t;
182  $t = $C['tidy'] ? hl_tidy($t, $C['tidy'], $C['parent']) : $t;
183  unset($C, $e);
184  if (isset($reC))
185  {
186  $GLOBALS['C'] = $reC;
187  }
188  if (isset($reS))
189  {
190  $GLOBALS['S'] = $reS;
191  }
192  return $t;
193  // eof
194  }
195 
196  function hl_attrval($t, $p)
197  {
198  // check attr val against $S
199  $o = 1;
200  $l = strlen($t);
201  foreach ($p as $k=>$v)
202  {
203  switch ($k)
204  {
205  case 'maxlen':
206  if ($l > $v)
207  {
208  $o = 0;
209  }
210  break;
211  case 'minlen':
212  if ($l < $v)
213  {
214  $o = 0;
215  }
216  break;
217  case 'maxval':
218  if ((float)($t) > $v)
219  {
220  $o = 0;
221  }
222  break;
223  case 'minval':
224  if ((float)($t) < $v)
225  {
226  $o = 0;
227  }
228  break;
229  case 'match':
230  if (!preg_match($v, $t))
231  {
232  $o = 0;
233  }
234  break;
235  case 'nomatch':
236  if (preg_match($v, $t))
237  {
238  $o = 0;
239  }
240  break;
241  case 'oneof':
242  $m = 0;
243  foreach (explode('|', $v) as $n)
244  {
245  if ($t == $n)
246  {
247  $m = 1;
248  break;
249  }
250  }
251  $o = $m;
252  break;
253  case 'noneof':
254  $m = 1;
255  foreach (explode('|', $v) as $n)
256  {
257  if ($t == $n)
258  {
259  $m = 0;
260  break;
261  }
262  }
263  $o = $m;
264  break;
265  default:
266  break;
267  }
268  if (!$o)
269  {
270  break;
271  }
272  }
273  return($o ? $t : (isset($p['default']) ? $p['default'] : 0));
274  // eof
275  }
276 
277  function hl_bal($t, $do=1, $in='div')
278  {
279  // balance tags
280  // by content
281  // Block
282  $cB = array('blockquote'=>1, 'form'=>1, 'map'=>1, 'noscript'=>1);
283 
284  // Empty
285  $cE = array('area'=>1, 'br'=>1, 'col'=>1, 'embed'=>1, 'hr'=>1, 'img'=>1, 'input'=>1, 'isindex'=>1, 'param'=>1);
286 
287  // Flow; later context-wise dynamic move of ins & del to $cI
288  $cF = array('button'=>1, 'del'=>1, 'div'=>1, 'dd'=>1, 'fieldset'=>1, 'iframe'=>1, 'ins'=>1, 'li'=>1, 'noscript'=>1, 'object'=>1, 'td'=>1, 'th'=>1);
289 
290  // Inline
291  $cI = array('a'=>1, 'abbr'=>1, 'acronym'=>1, 'address'=>1, 'b'=>1, 'bdo'=>1, 'big'=>1, 'caption'=>1, 'cite'=>1, 'code'=>1, 'dfn'=>1, 'dt'=>1, 'em'=>1, 'font'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'i'=>1, 'kbd'=>1, 'label'=>1, 'legend'=>1, 'p'=>1, 'pre'=>1, 'q'=>1, 'rb'=>1, 'rt'=>1, 's'=>1, 'samp'=>1, 'small'=>1, 'span'=>1, 'strike'=>1, 'strong'=>1, 'sub'=>1, 'sup'=>1, 'tt'=>1, 'u'=>1, 'var'=>1);
292 
293  // Illegal
294  $cN = array('a'=>array('a'=>1), 'button'=>array('a'=>1, 'button'=>1, 'fieldset'=>1, 'form'=>1, 'iframe'=>1, 'input'=>1, 'label'=>1, 'select'=>1, 'textarea'=>1), 'fieldset'=>array('fieldset'=>1), 'form'=>array('form'=>1), 'label'=>array('label'=>1), 'noscript'=>array('script'=>1), 'pre'=>array('big'=>1, 'font'=>1, 'img'=>1, 'object'=>1, 'script'=>1, 'small'=>1, 'sub'=>1, 'sup'=>1), 'rb'=>array('ruby'=>1), 'rt'=>array('ruby'=>1));
295 
296  $cN2 = array_keys($cN);
297  $cR = array('blockquote'=>1, 'dir'=>1, 'dl'=>1, 'form'=>1, 'map'=>1, 'menu'=>1, 'noscript'=>1, 'ol'=>1, 'optgroup'=>1, 'rbc'=>1, 'rtc'=>1, 'ruby'=>1, 'select'=>1, 'table'=>1, 'tbody'=>1, 'tfoot'=>1, 'thead'=>1, 'tr'=>1, 'ul'=>1);
298  // Specific - immediate parent-child
299  $cS = array('colgroup'=>array('col'=>1), 'dir'=>array('li'=>1), 'dl'=>array('dd'=>1, 'dt'=>1), 'menu'=>array('li'=>1), 'ol'=>array('li'=>1), 'optgroup'=>array('option'=>1), 'option'=>array('#pcdata'=>1), 'rbc'=>array('rb'=>1), 'rp'=>array('#pcdata'=>1), 'rtc'=>array('rt'=>1), 'ruby'=>array('rb'=>1, 'rbc'=>1, 'rp'=>1, 'rt'=>1, 'rtc'=>1), 'select'=>array('optgroup'=>1, 'option'=>1), 'script'=>array('#pcdata'=>1), 'table'=>array('caption'=>1, 'col'=>1, 'colgroup'=>1, 'tfoot'=>1, 'tbody'=>1, 'tr'=>1, 'thead'=>1), 'tbody'=>array('tr'=>1), 'tfoot'=>array('tr'=>1), 'textarea'=>array('#pcdata'=>1), 'thead'=>array('tr'=>1), 'tr'=>array('td'=>1, 'th'=>1), 'ul'=>array('li'=>1));
300 
301  if ($GLOBALS['C']['direct_list_nest'])
302  {
303  $cS['ol'] = $cS['ul'] += array('ol'=>1, 'ul'=>1);
304  }
305  // Other
306  $cO = array('address'=>array('p'=>1), 'applet'=>array('param'=>1), 'blockquote'=>array('script'=>1), 'fieldset'=>array('legend'=>1, '#pcdata'=>1), 'form'=>array('script'=>1), 'map'=>array('area'=>1), 'object'=>array('param'=>1, 'embed'=>1));
307 
308  // Omitable closing
309  $cT = array('colgroup'=>1, 'dd'=>1, 'dt'=>1, 'li'=>1, 'option'=>1, 'p'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1);
310 
311  // block/inline type; ins & del both type; #pcdata: text
312  $eB = array('address'=>1, 'blockquote'=>1, 'center'=>1, 'del'=>1, 'dir'=>1, 'dl'=>1, 'div'=>1, 'fieldset'=>1, 'form'=>1, 'ins'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'hr'=>1, 'isindex'=>1, 'menu'=>1, 'noscript'=>1, 'ol'=>1, 'p'=>1, 'pre'=>1, 'table'=>1, 'ul'=>1);
313  $eI = array('#pcdata'=>1, 'a'=>1, 'abbr'=>1, 'acronym'=>1, 'applet'=>1, 'b'=>1, 'bdo'=>1, 'big'=>1, 'br'=>1, 'button'=>1, 'cite'=>1, 'code'=>1, 'del'=>1, 'dfn'=>1, 'em'=>1, 'embed'=>1, 'font'=>1, 'i'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'ins'=>1, 'kbd'=>1, 'label'=>1, 'map'=>1, 'object'=>1, 'q'=>1, 'ruby'=>1, 's'=>1, 'samp'=>1, 'select'=>1, 'script'=>1, 'small'=>1, 'span'=>1, 'strike'=>1, 'strong'=>1, 'sub'=>1, 'sup'=>1, 'textarea'=>1, 'tt'=>1, 'u'=>1, 'var'=>1);
314  // GB pour tolérance sur <p> pas bien positionnés => sinon c'est trop strict et vire du HTML pourtant presque XHTML
315  $eI['p'] = 1;
316  $eI['table'] = 1;
317  $eI['hr'] = 1;
318  $eI['li'] = 1;
319  // FIN MODIF GB
320  // Exclude from specific ele; $cN values
321  $eN = array('a'=>1, 'big'=>1, 'button'=>1, 'fieldset'=>1, 'font'=>1, 'form'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'label'=>1, 'object'=>1, 'ruby'=>1, 'script'=>1, 'select'=>1, 'small'=>1, 'sub'=>1, 'sup'=>1, 'textarea'=>1);
322 
323  // Missing in $eB & $eI
324  $eO = array('area'=>1, 'caption'=>1, 'col'=>1, 'colgroup'=>1, 'dd'=>1, 'dt'=>1, 'legend'=>1, 'li'=>1, 'optgroup'=>1, 'option'=>1, 'param'=>1, 'rb'=>1, 'rbc'=>1, 'rp'=>1, 'rt'=>1, 'rtc'=>1, 'script'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'thead'=>1, 'th'=>1, 'tr'=>1);
325 
326  $eF = $eB + $eI;
327 
328  // $in sets allowed child
329  $in = ((isset($eF[$in]) && $in != '#pcdata') or isset($eO[$in])) ? $in : 'div';
330  if (isset($cE[$in]))
331  {
332  return(!$do ? '' : str_replace(array('<', '>'), array('&lt;', '&gt;'), $t));
333  }
334  if (isset($cS[$in]))
335  {
336  $inOk = $cS[$in];
337  }
338  else
339  if (isset($cI[$in]))
340  {
341  $inOk = $eI;
342  $cI['del'] = 1;
343  $cI['ins'] = 1;
344  }
345  else
346  if (isset($cF[$in]))
347  {
348  $inOk = $eF;
349  unset($cI['del'], $cI['ins']);
350  }
351  else
352  if (isset($cB[$in]))
353  {
354  $inOk = $eB;
355  unset($cI['del'], $cI['ins']);
356  }
357  if (isset($cO[$in]))
358  {
359  $inOk = $inOk + $cO[$in];
360  }
361  if (isset($cN[$in]))
362  {
363  $inOk = array_diff_assoc($inOk, $cN[$in]);
364  }
365 
366  $t = explode('<', $t);
367  // $q seq list of open non-empty ele
368  $ok = $q = array();
369 
370  ob_start();
371 
372  for ($i=-1, $ci=count($t); ++$i<$ci; )
373  {
374  // allowed $ok in parent $p
375  if ($ql = count($q))
376  {
377  $p = array_pop($q);
378  $q[] = $p;
379  if (isset($cS[$p]))
380  {
381  $ok = $cS[$p];
382  }
383  else
384  if (isset($cI[$p]))
385  {
386  $ok = $eI;
387  $cI['del'] = 1;
388  $cI['ins'] = 1;
389  }
390  else
391  if (isset($cF[$p]))
392  {
393  $ok = $eF;
394  unset($cI['del'], $cI['ins']);
395  }
396  else
397  if (isset($cB[$p]))
398  {
399  $ok = $eB;
400  unset($cI['del'], $cI['ins']);
401  }
402  if (isset($cO[$p]))
403  {
404  $ok = $ok + $cO[$p];
405  }
406  if (isset($cN[$p]))
407  {
408  $ok = array_diff_assoc($ok, $cN[$p]);
409  }
410  }
411  else
412  {
413  $ok = $inOk;
414  unset($cI['del'], $cI['ins']);
415  }
416  // bad tags, & ele content
417  if (isset($e) && ($do == 1 or(isset($ok['#pcdata']) && ($do == 3 or $do == 5))))
418  {
419  echo '&lt;', $s, $e, $a, '&gt;';
420  }
421  if (isset($x[0]))
422  {
423  if (strlen(trim($x)) && (($ql && isset($cB[$p])) or(isset($cB[$in]) && !$ql)))
424  {
425  echo '<div>', $x, '</div>';
426  }
427  else
428  if ($do < 3 or isset($ok['#pcdata']))
429  {
430  echo $x;
431  }
432  else
433  if (strpos($x, "\x02\x04"))
434  {
435  foreach (preg_split('`(\x01\x02[^\x01\x02]+\x02\x01)`', $x, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY) as $v)
436  {
437  echo(substr($v, 0, 2) == "\x01\x02" ? $v : ($do > 4 ? preg_replace('`\S`', '', $v) : ''));
438  }
439  }
440  else
441  if ($do > 4)
442  {
443  echo preg_replace('`\S`', '', $x);
444  }
445  }
446  // get markup
447  if (!preg_match('`^(/?)([a-z1-6]+)([^>]*)>(.*)`sm', $t[$i], $r))
448  {
449  $x = $t[$i];
450  continue;
451  }
452  $s = null;
453  $e = null;
454  $a = null;
455  $x = null;
456  list($all, $s, $e, $a, $x) = $r;
457  // close tag
458  if ($s)
459  {
460  // Empty/unopen
461  if (isset($cE[$e]) or !in_array($e, $q))
462  {
463  continue;
464  }
465 
466  // Last open
467  if ($p == $e)
468  {
469  array_pop($q);
470  echo '</', $e, '>';
471  unset($e);
472  continue;
473  }
474 
475  // Nesting - close open tags that need to be
476  $add = '';
477 
478  for ($j=-1, $cj=count($q); ++$j<$cj; )
479  {
480  if (($d = array_pop($q)) == $e)
481  {
482  break;
483  }
484  else
485  {
486  $add .= "</{$d}>";
487  }
488  }
489  echo $add, '</', $e, '>';
490  unset($e);
491  continue;
492  }
493  // open tag
494  // $cB ele needs $eB ele as child
495  if (isset($cB[$e]) && strlen(trim($x)))
496  {
497  $t[$i] = "{$e}{$a}>";
498  array_splice($t, $i+1, 0, 'div>'. $x);
499  unset($e, $x);
500  ++$ci;
501  --$i;
502  continue;
503  }
504  if ((($ql && isset($cB[$p])) or(isset($cB[$in]) && !$ql)) && !isset($eB[$e]) && !isset($ok[$e]))
505  {
506  array_splice($t, $i, 0, 'div>');
507  unset($e, $x);
508  ++$ci;
509  --$i;
510  continue;
511  }
512  // if no open ele, $in = parent; mostly immediate parent-child relation should hold
513  if (!$ql or !isset($eN[$e]) or !array_intersect($q, $cN2))
514  {
515  if (!isset($ok[$e]))
516  {
517  if ($ql && isset($cT[$p]))
518  {
519  echo '</', array_pop($q), '>';
520  unset($e, $x);
521  --$i;
522  }
523  continue;
524  }
525  if (!isset($cE[$e]))
526  {
527  $q[] = $e;
528  }
529  echo '<', $e, $a, '>';
530  unset($e);
531  continue;
532  }
533  // specific parent-child
534  if (isset($cS[$p][$e]))
535  {
536  if (!isset($cE[$e]))
537  {
538  $q[] = $e;
539  }
540  echo '<', $e, $a, '>';
541  unset($e);
542  continue;
543  }
544  // nesting
545  $add = '';
546  $q2 = array();
547  for ($k=-1, $kc=count($q); ++$k<$kc; )
548  {
549  $d = $q[$k];
550  $ok2 = array();
551  if (isset($cS[$d]))
552  {
553  $q2[] = $d;
554  continue;
555  }
556  $ok2 = isset($cI[$d]) ? $eI : $eF;
557  if (isset($cO[$d]))
558  {
559  $ok2 = $ok2 + $cO[$d];
560  }
561  if (isset($cN[$d]))
562  {
563  $ok2 = array_diff_assoc($ok2, $cN[$d]);
564  }
565  if (!isset($ok2[$e]))
566  {
567  if (!$k && !isset($inOk[$e]))
568  {
569  continue 2;
570  }
571  $add = "</{$d}>";
572  for (;
573  ++$k<$kc;
574  )
575  {
576  $add = "</{$q[$k]}>{$add}";
577  }
578  break;
579  }
580  else
581  {
582  $q2[] = $d;
583  }
584  }
585  $q = $q2;
586  if (!isset($cE[$e]))
587  {
588  $q[] = $e;
589  }
590  echo $add, '<', $e, $a, '>';
591  unset($e);
592  continue;
593  }
594 
595  // end
596  if ($ql = count($q))
597  {
598  $p = array_pop($q);
599  $q[] = $p;
600  if (isset($cS[$p]))
601  {
602  $ok = $cS[$p];
603  }
604  else
605  if (isset($cI[$p]))
606  {
607  $ok = $eI;
608  $cI['del'] = 1;
609  $cI['ins'] = 1;
610  }
611  else
612  if (isset($cF[$p]))
613  {
614  $ok = $eF;
615  unset($cI['del'], $cI['ins']);
616  }
617  else
618  if (isset($cB[$p]))
619  {
620  $ok = $eB;
621  unset($cI['del'], $cI['ins']);
622  }
623  if (isset($cO[$p]))
624  {
625  $ok = $ok + $cO[$p];
626  }
627  if (isset($cN[$p]))
628  {
629  $ok = array_diff_assoc($ok, $cN[$p]);
630  }
631  }
632  else
633  {
634  $ok = $inOk;
635  unset($cI['del'], $cI['ins']);
636  }
637  if (isset($e) && ($do == 1 or(isset($ok['#pcdata']) && ($do == 3 or $do == 5))))
638  {
639  echo '&lt;', $s, $e, $a, '&gt;';
640  }
641  if (isset($x[0]))
642  {
643  if (strlen(trim($x)) && (($ql && isset($cB[$p])) or(isset($cB[$in]) && !$ql)))
644  {
645  echo '<div>', $x, '</div>';
646  }
647  else
648  if ($do < 3 or isset($ok['#pcdata']))
649  {
650  echo $x;
651  }
652  else
653  if (strpos($x, "\x02\x04"))
654  {
655  foreach (preg_split('`(\x01\x02[^\x01\x02]+\x02\x01)`', $x, -1, PREG_SPLIT_DELIM_CAPTURE | PREG_SPLIT_NO_EMPTY) as $v)
656  {
657  echo(substr($v, 0, 2) == "\x01\x02" ? $v : ($do > 4 ? preg_replace('`\S`', '', $v) : ''));
658  }
659  }
660  else
661  if ($do > 4)
662  {
663  echo preg_replace('`\S`', '', $x);
664  }
665  }
666  while (!empty($q) && ($e = array_pop($q)))
667  {
668  echo '</', $e, '>';
669  }
670  $o = ob_get_contents();
671  ob_end_clean();
672  return $o;
673  // eof
674  }
675 
676  function hl_cmtcd($t)
677  {
678  // comment/CDATA sec handler
679  $t = $t[0];
680  global $C;
681  if (!($v = $C[$n = $t[3] == '-' ? 'comment' : 'cdata']))
682  {
683  return $t;
684  }
685  if ($v == 1)
686  {
687  return '';
688  }
689  if ($n == 'comment')
690  {
691  if (substr(($t = preg_replace('`--+`', '-', substr($t, 4, -3))), -1) != ' ')
692  {
693  $t .= ' ';
694  }
695  }
696  else
697  {
698  $t = substr($t, 1, -1);
699  }
700  $t = $v == 2 ? str_replace(array('&', '<', '>'), array('&amp;', '&lt;', '&gt;'), $t) : $t;
701  return str_replace(array('&', '<', '>'), array("\x03", "\x04", "\x05"), ($n == 'comment' ? "\x01\x02\x04!--$t--\x05\x02\x01" : "\x01\x01\x04$t\x05\x01\x01"));
702  // eof
703  }
704 
705  function hl_ent($t)
706  {
707  // entitity handler
708  global $C;
709  $t = $t[1];
710  static $U = array('quot'=>1,'amp'=>1,'lt'=>1,'gt'=>1);
711  static $N = array('fnof'=>'402', 'Alpha'=>'913', 'Beta'=>'914', 'Gamma'=>'915', 'Delta'=>'916', 'Epsilon'=>'917', 'Zeta'=>'918', 'Eta'=>'919', 'Theta'=>'920', 'Iota'=>'921', 'Kappa'=>'922', 'Lambda'=>'923', 'Mu'=>'924', 'Nu'=>'925', 'Xi'=>'926', 'Omicron'=>'927', 'Pi'=>'928', 'Rho'=>'929', 'Sigma'=>'931', 'Tau'=>'932', 'Upsilon'=>'933', 'Phi'=>'934', 'Chi'=>'935', 'Psi'=>'936', 'Omega'=>'937', 'alpha'=>'945', 'beta'=>'946', 'gamma'=>'947', 'delta'=>'948', 'epsilon'=>'949', 'zeta'=>'950', 'eta'=>'951', 'theta'=>'952', 'iota'=>'953', 'kappa'=>'954', 'lambda'=>'955', 'mu'=>'956', 'nu'=>'957', 'xi'=>'958', 'omicron'=>'959', 'pi'=>'960', 'rho'=>'961', 'sigmaf'=>'962', 'sigma'=>'963', 'tau'=>'964', 'upsilon'=>'965', 'phi'=>'966', 'chi'=>'967', 'psi'=>'968', 'omega'=>'969', 'thetasym'=>'977', 'upsih'=>'978', 'piv'=>'982', 'bull'=>'8226', 'hellip'=>'8230', 'prime'=>'8242', 'Prime'=>'8243', 'oline'=>'8254', 'frasl'=>'8260', 'weierp'=>'8472', 'image'=>'8465', 'real'=>'8476', 'trade'=>'8482', 'alefsym'=>'8501', 'larr'=>'8592', 'uarr'=>'8593', 'rarr'=>'8594', 'darr'=>'8595', 'harr'=>'8596', 'crarr'=>'8629', 'lArr'=>'8656', 'uArr'=>'8657', 'rArr'=>'8658', 'dArr'=>'8659', 'hArr'=>'8660', 'forall'=>'8704', 'part'=>'8706', 'exist'=>'8707', 'empty'=>'8709', 'nabla'=>'8711', 'isin'=>'8712', 'notin'=>'8713', 'ni'=>'8715', 'prod'=>'8719', 'sum'=>'8721', 'minus'=>'8722', 'lowast'=>'8727', 'radic'=>'8730', 'prop'=>'8733', 'infin'=>'8734', 'ang'=>'8736', 'and'=>'8743', 'or'=>'8744', 'cap'=>'8745', 'cup'=>'8746', 'int'=>'8747', 'there4'=>'8756', 'sim'=>'8764', 'cong'=>'8773', 'asymp'=>'8776', 'ne'=>'8800', 'equiv'=>'8801', 'le'=>'8804', 'ge'=>'8805', 'sub'=>'8834', 'sup'=>'8835', 'nsub'=>'8836', 'sube'=>'8838', 'supe'=>'8839', 'oplus'=>'8853', 'otimes'=>'8855', 'perp'=>'8869', 'sdot'=>'8901', 'lceil'=>'8968', 'rceil'=>'8969', 'lfloor'=>'8970', 'rfloor'=>'8971', 'lang'=>'9001', 'rang'=>'9002', 'loz'=>'9674', 'spades'=>'9824', 'clubs'=>'9827', 'hearts'=>'9829', 'diams'=>'9830', 'apos'=>'39', 'OElig'=>'338', 'oelig'=>'339', 'Scaron'=>'352', 'scaron'=>'353', 'Yuml'=>'376', 'circ'=>'710', 'tilde'=>'732', 'ensp'=>'8194', 'emsp'=>'8195', 'thinsp'=>'8201', 'zwnj'=>'8204', 'zwj'=>'8205', 'lrm'=>'8206', 'rlm'=>'8207', 'ndash'=>'8211', 'mdash'=>'8212', 'lsquo'=>'8216', 'rsquo'=>'8217', 'sbquo'=>'8218', 'ldquo'=>'8220', 'rdquo'=>'8221', 'bdquo'=>'8222', 'dagger'=>'8224', 'Dagger'=>'8225', 'permil'=>'8240', 'lsaquo'=>'8249', 'rsaquo'=>'8250', 'euro'=>'8364', 'nbsp'=>'160', 'iexcl'=>'161', 'cent'=>'162', 'pound'=>'163', 'curren'=>'164', 'yen'=>'165', 'brvbar'=>'166', 'sect'=>'167', 'uml'=>'168', 'copy'=>'169', 'ordf'=>'170', 'laquo'=>'171', 'not'=>'172', 'shy'=>'173', 'reg'=>'174', 'macr'=>'175', 'deg'=>'176', 'plusmn'=>'177', 'sup2'=>'178', 'sup3'=>'179', 'acute'=>'180', 'micro'=>'181', 'para'=>'182', 'middot'=>'183', 'cedil'=>'184', 'sup1'=>'185', 'ordm'=>'186', 'raquo'=>'187', 'frac14'=>'188', 'frac12'=>'189', 'frac34'=>'190', 'iquest'=>'191', 'Agrave'=>'192', 'Aacute'=>'193', 'Acirc'=>'194', 'Atilde'=>'195', 'Auml'=>'196', 'Aring'=>'197', 'AElig'=>'198', 'Ccedil'=>'199', 'Egrave'=>'200', 'Eacute'=>'201', 'Ecirc'=>'202', 'Euml'=>'203', 'Igrave'=>'204', 'Iacute'=>'205', 'Icirc'=>'206', 'Iuml'=>'207', 'ETH'=>'208', 'Ntilde'=>'209', 'Ograve'=>'210', 'Oacute'=>'211', 'Ocirc'=>'212', 'Otilde'=>'213', 'Ouml'=>'214', 'times'=>'215', 'Oslash'=>'216', 'Ugrave'=>'217', 'Uacute'=>'218', 'Ucirc'=>'219', 'Uuml'=>'220', 'Yacute'=>'221', 'THORN'=>'222', 'szlig'=>'223', 'agrave'=>'224', 'aacute'=>'225', 'acirc'=>'226', 'atilde'=>'227', 'auml'=>'228', 'aring'=>'229', 'aelig'=>'230', 'ccedil'=>'231', 'egrave'=>'232', 'eacute'=>'233', 'ecirc'=>'234', 'euml'=>'235', 'igrave'=>'236', 'iacute'=>'237', 'icirc'=>'238', 'iuml'=>'239', 'eth'=>'240', 'ntilde'=>'241', 'ograve'=>'242', 'oacute'=>'243', 'ocirc'=>'244', 'otilde'=>'245', 'ouml'=>'246', 'divide'=>'247', 'oslash'=>'248', 'ugrave'=>'249', 'uacute'=>'250', 'ucirc'=>'251', 'uuml'=>'252', 'yacute'=>'253', 'thorn'=>'254', 'yuml'=>'255');
712  if ($t[0] != '#')
713  {
714  return($C['and_mark'] ? "\x06" : '&'). (isset($U[$t]) ? $t : (isset($N[$t]) ? (!$C['named_entity'] ? '#'. ($C['hexdec_entity'] > 1 ? 'x'. dechex($N[$t]) : $N[$t]) : $t) : 'amp;'. $t)). ';';
715  }
716  if (($n = ctype_digit($t = substr($t, 1)) ? intval($t) : hexdec(substr($t, 1))) < 9 or($n > 13 && $n < 32) or $n == 11 or $n == 12 or($n > 126 && $n < 160 && $n != 133 && $n != 153 && $n != 156) or($n > 55295 && ($n < 57344 or($n > 64975 && $n < 64992) or $n == 65534 or $n == 65535 or $n > 1114111)))
717  {
718  return($C['and_mark'] ? "\x06" : '&'). "amp;#{$t};";
719  }
720  return($C['and_mark'] ? "\x06" : '&'). '#'. (((ctype_digit($t) && $C['hexdec_entity'] < 2) or !$C['hexdec_entity']) ? $n : 'x'. dechex($n)). ';';
721  // eof
722  }
723 
724  function hl_prot($p, $c=null)
725  {
726  // check URL scheme
727  global $C;
728  $b = $a = '';
729  if ($c == null)
730  {
731  $c = 'style';
732  $b = $p[1];
733  $a = $p[3];
734  $p = trim($p[2]);
735  }
736  $c = isset($C['schemes'][$c]) ? $C['schemes'][$c] : $C['schemes']['*'];
737  static $d = 'denied:';
738  if (isset($c['!']) && substr($p, 0, 7) != $d)
739  {
740  $p = "$d$p";
741  }
742  // All ok, frag, query, param
743  if (isset($c['*']) or !strcspn($p, '#?;') or(substr($p, 0, 7) == $d))
744  {
745  return "{$b}{$p}{$a}";
746  }
747 
748  // Denied prot
749  if (preg_match('`^([a-z\d\-+.&#; ]+?)(:|&#(58|x3a);|%3a|\\\\0{0,4}3a).`i', $p, $m) && !isset($c[strtolower($m[1])]))
750  {
751 
752  return "{$b}{$d}{$p}{$a}";
753  }
754  if ($C['abs_url'])
755  {
756  // Make url rel
757  if ($C['abs_url'] == -1 && strpos($p, $C['base_url']) === 0)
758  {
759 
760  $p = substr($p, strlen($C['base_url']));
761  // Make URL abs
762  }
763  else
764  if (empty($m[1]))
765  {
766 
767  if (substr($p, 0, 2) == '//')
768  {
769  $p = substr($C['base_url'], 0, strpos($C['base_url'], ':')+1). $p;
770  }
771  else
772  if ($p[0] == '/')
773  {
774  $p = preg_replace('`(^.+?://[^/]+)(.*)`', '', $C['base_url']). $p;
775  }
776  else
777  if (strcspn($p, './'))
778  {
779  $p = $C['base_url']. $p;
780  }
781  else
782  {
783  preg_match('`^([a-zA-Z\d\-+.]+://[^/]+)(.*)`', $C['base_url'], $m);
784  $p = preg_replace('`(?<=/)\./`', '', $m[2]. $p);
785  while (preg_match('`(?<=/)([^/]{3,}|[^/.]+?|\.[^/.]|[^/.]\.)/\.\./`', $p))
786  {
787  $p = preg_replace('`(?<=/)([^/]{3,}|[^/.]+?|\.[^/.]|[^/.]\.)/\.\./`', '', $p);
788  }
789  $p = $m[1]. $p;
790  }
791  }
792  }
793  return "{$b}{$p}{$a}";
794  // eof
795  }
796 
797  function hl_regex($p)
798  {
799  // ?regex
800  if (empty($p))
801  {
802  return 0;
803  }
804  if ($t = ini_get('track_errors'))
805  {
806  $o = isset($php_errormsg) ? $php_errormsg : null;
807  }
808  else
809  {
810  @ini_set('track_errors', 1);
811  }
812  unset($php_errormsg);
813  if (($d = ini_get('display_errors')))
814  {
815  @ini_set('display_errors', 0);
816  }
817  preg_match($p, '');
818  if ($d)
819  {
820  @ini_set('display_errors', 1);
821  }
822  $r = isset($php_errormsg) ? 0 : 1;
823  if ($t)
824  {
825  $php_errormsg = isset($o) ? $o : null;
826  }
827  else
828  {
829  @ini_set('track_errors', 0);
830  }
831  return $r;
832  // eof
833  }
834 
835  function hl_spec($t)
836  {
837  // final $spec
838  $s = array();
839  $t = str_replace(array("\t", "\r", "\n", ' '), '', preg_replace('/"(?>(`.|[^"])*)"/sme', 'substr(str_replace(array(";", "|", "~", " ", ",", "/", "(", ")", \'`"\'), array("\x01", "\x02", "\x03", "\x04", "\x05", "\x06", "\x07", "\x08", "\""), "$0"), 1, -1)', trim($t)));
840  for ($i = count(($t = explode(';', $t))); --$i>=0; )
841  {
842  $w = $t[$i];
843  if (empty($w) or($e = strpos($w, '=')) === false or !strlen(($a = substr($w, $e+1))))
844  {
845  continue;
846  }
847  $y = $n = array();
848  foreach (explode(',', $a) as $v)
849  {
850  if (!preg_match('`^([a-z:\-\*]+)(?:\((.*?)\))?`i', $v, $m))
851  {
852  continue;
853  }
854  if (($x = strtolower($m[1])) == '-*')
855  {
856  $n['*'] = 1;
857  continue;
858  }
859  if ($x[0] == '-')
860  {
861  $n[substr($x, 1)] = 1;
862  continue;
863  }
864  if (!isset($m[2]))
865  {
866  $y[$x] = 1;
867  continue;
868  }
869  foreach (explode('/', $m[2]) as $m)
870  {
871  if (empty($m) or($p = strpos($m, '=')) == 0 or $p < 5)
872  {
873  $y[$x] = 1;
874  continue;
875  }
876  $y[$x][strtolower(substr($m, 0, $p))] = str_replace(array("\x01", "\x02", "\x03", "\x04", "\x05", "\x06", "\x07", "\x08"), array(";", "|", "~", " ", ",", "/", "(", ")"), substr($m, $p+1));
877  }
878  if (isset($y[$x]['match']) && !hl_regex($y[$x]['match']))
879  {
880  unset($y[$x]['match']);
881  }
882  if (isset($y[$x]['nomatch']) && !hl_regex($y[$x]['nomatch']))
883  {
884  unset($y[$x]['nomatch']);
885  }
886  }
887  if (!count($y) && !count($n))
888  {
889  continue;
890  }
891  foreach (explode(',', substr($w, 0, $e)) as $v)
892  {
893  if (!strlen(($v = strtolower($v))))
894  {
895  continue;
896  }
897  if (count($y))
898  {
899  $s[$v] = $y;
900  }
901  if (count($n))
902  {
903  $s[$v]['n'] = $n;
904  }
905  }
906  }
907  return $s;
908  // eof
909  }
910 
911  function hl_tag($t)
912  {
913  // tag/attribute handler
914  global $C;
915  $t = $t[0];
916  // invalid < >
917  if ($t == '< ')
918  {
919  return '&lt; ';
920  }
921  if ($t == '>')
922  {
923  return '&gt;';
924  }
925  if (!preg_match('`^<(/?)([a-zA-Z][a-zA-Z1-6]*)([^>]*?)\s?>$`m', $t, $m))
926  {
927  if(strstr($t, 'data:image')){
928  return $t;
929  }else{
930  return str_replace(array('<', '>'), array('&lt;', '&gt;'), $t);
931  }
932  }
933  else
934  if (!isset($C['elements'][($e = strtolower($m[2]))]))
935  {
936  return(($C['keep_bad']%2) ? str_replace(array('<', '>'), array('&lt;', '&gt;'), $t) : '');
937  }
938  // attr string
939  $a = str_replace(array("\n", "\r", "\t"), ' ', trim($m[3]));
940  // tag transform
941  // Deprecated
942  static $eD = array('applet'=>1, 'center'=>1, 'dir'=>1, 'embed'=>1, 'font'=>1, 'isindex'=>1, 'menu'=>1, 's'=>1, 'strike'=>1, 'u'=>1);
943 
944  if ($C['make_tag_strict'] && isset($eD[$e]))
945  {
946  $trt = hl_tag2($e, $a, $C['make_tag_strict']);
947  if (!$e)
948  {
949  return(($C['keep_bad']%2) ? str_replace(array('<', '>'), array('&lt;', '&gt;'), $t) : '');
950  }
951  }
952  // close tag
953  // Empty ele
954  static $eE = array('area'=>1, 'br'=>1, 'col'=>1, 'embed'=>1, 'hr'=>1, 'img'=>1, 'input'=>1, 'isindex'=>1, 'param'=>1);
955 
956  if (!empty($m[1]))
957  {
958  return(!isset($eE[$e]) ? (empty($C['hook_tag']) ? "</$e>" : $C['hook_tag']($e)) : (($C['keep_bad'])%2 ? str_replace(array('<', '>'), array('&lt;', '&gt;'), $t) : ''));
959  }
960 
961  // open tag & attr
962  // Ele-specific
963  static $aN = array('abbr'=>array('td'=>1, 'th'=>1), 'accept-charset'=>array('form'=>1), 'accept'=>array('form'=>1, 'input'=>1), 'accesskey'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'legend'=>1, 'textarea'=>1), 'action'=>array('form'=>1), 'align'=>array('caption'=>1, 'embed'=>1, 'applet'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'object'=>1, 'legend'=>1, 'table'=>1, 'hr'=>1, 'div'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'p'=>1, 'col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'alt'=>array('applet'=>1, 'area'=>1, 'img'=>1, 'input'=>1), 'archive'=>array('applet'=>1, 'object'=>1), 'axis'=>array('td'=>1, 'th'=>1), 'bgcolor'=>array('embed'=>1, 'table'=>1, 'tr'=>1, 'td'=>1, 'th'=>1), 'border'=>array('table'=>1, 'img'=>1, 'object'=>1), 'bordercolor'=>array('table'=>1, 'td'=>1, 'tr'=>1), 'cellpadding'=>array('table'=>1), 'cellspacing'=>array('table'=>1), 'char'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'charoff'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'charset'=>array('a'=>1, 'script'=>1), 'checked'=>array('input'=>1), 'cite'=>array('blockquote'=>1, 'q'=>1, 'del'=>1, 'ins'=>1), 'classid'=>array('object'=>1), 'clear'=>array('br'=>1), 'code'=>array('applet'=>1), 'codebase'=>array('object'=>1, 'applet'=>1), 'codetype'=>array('object'=>1), 'color'=>array('font'=>1), 'cols'=>array('textarea'=>1), 'colspan'=>array('td'=>1, 'th'=>1), 'compact'=>array('dir'=>1, 'dl'=>1, 'menu'=>1, 'ol'=>1, 'ul'=>1), 'coords'=>array('area'=>1, 'a'=>1), 'data'=>array('object'=>1), 'datetime'=>array('del'=>1, 'ins'=>1), 'declare'=>array('object'=>1), 'defer'=>array('script'=>1), 'dir'=>array('bdo'=>1), 'disabled'=>array('button'=>1, 'input'=>1, 'optgroup'=>1, 'option'=>1, 'select'=>1, 'textarea'=>1), 'enctype'=>array('form'=>1), 'face'=>array('font'=>1), 'flashvars'=>array('embed'=>1), 'for'=>array('label'=>1), 'frame'=>array('table'=>1), 'frameborder'=>array('iframe'=>1), 'headers'=>array('td'=>1, 'th'=>1), 'height'=>array('embed'=>1, 'iframe'=>1, 'td'=>1, 'th'=>1, 'img'=>1, 'object'=>1, 'applet'=>1), 'href'=>array('a'=>1, 'area'=>1), 'hreflang'=>array('a'=>1), 'hspace'=>array('applet'=>1, 'img'=>1, 'object'=>1), 'ismap'=>array('img'=>1, 'input'=>1), 'label'=>array('option'=>1, 'optgroup'=>1), 'language'=>array('script'=>1), 'longdesc'=>array('img'=>1, 'iframe'=>1), 'marginheight'=>array('iframe'=>1), 'marginwidth'=>array('iframe'=>1), 'maxlength'=>array('input'=>1), 'method'=>array('form'=>1), 'model'=>array('embed'=>1), 'multiple'=>array('select'=>1), 'name'=>array('button'=>1, 'embed'=>1, 'textarea'=>1, 'applet'=>1, 'select'=>1, 'form'=>1, 'iframe'=>1, 'img'=>1, 'a'=>1, 'input'=>1, 'object'=>1, 'map'=>1, 'param'=>1), 'nohref'=>array('area'=>1), 'noshade'=>array('hr'=>1), 'nowrap'=>array('td'=>1, 'th'=>1), 'object'=>array('applet'=>1), 'onblur'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'select'=>1, 'textarea'=>1), 'onchange'=>array('input'=>1, 'select'=>1, 'textarea'=>1), 'onfocus'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'label'=>1, 'select'=>1, 'textarea'=>1), 'onreset'=>array('form'=>1), 'onselect'=>array('input'=>1, 'textarea'=>1), 'onsubmit'=>array('form'=>1), 'pluginspage'=>array('embed'=>1), 'pluginurl'=>array('embed'=>1), 'prompt'=>array('isindex'=>1), 'readonly'=>array('textarea'=>1, 'input'=>1), 'rel'=>array('a'=>1), 'rev'=>array('a'=>1), 'rows'=>array('textarea'=>1), 'rowspan'=>array('td'=>1, 'th'=>1), 'rules'=>array('table'=>1), 'scope'=>array('td'=>1, 'th'=>1), 'scrolling'=>array('iframe'=>1), 'selected'=>array('option'=>1), 'shape'=>array('area'=>1, 'a'=>1), 'size'=>array('hr'=>1, 'font'=>1, 'input'=>1, 'select'=>1), 'span'=>array('col'=>1, 'colgroup'=>1), 'src'=>array('embed'=>1, 'script'=>1, 'input'=>1, 'iframe'=>1, 'img'=>1), 'standby'=>array('object'=>1), 'start'=>array('ol'=>1), 'summary'=>array('table'=>1), 'tabindex'=>array('a'=>1, 'area'=>1, 'button'=>1, 'input'=>1, 'object'=>1, 'select'=>1, 'textarea'=>1), 'target'=>array('a'=>1, 'area'=>1, 'form'=>1), 'type'=>array('a'=>1, 'embed'=>1, 'object'=>1, 'param'=>1, 'script'=>1, 'input'=>1, 'li'=>1, 'ol'=>1, 'ul'=>1, 'button'=>1), 'usemap'=>array('img'=>1, 'input'=>1, 'object'=>1), 'valign'=>array('col'=>1, 'colgroup'=>1, 'tbody'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1), 'value'=>array('input'=>1, 'option'=>1, 'param'=>1, 'button'=>1, 'li'=>1), 'valuetype'=>array('param'=>1), 'vspace'=>array('applet'=>1, 'img'=>1, 'object'=>1), 'width'=>array('embed'=>1, 'hr'=>1, 'iframe'=>1, 'img'=>1, 'object'=>1, 'table'=>1, 'td'=>1, 'th'=>1, 'applet'=>1, 'col'=>1, 'colgroup'=>1, 'pre'=>1), 'wmode'=>array('embed'=>1), 'xml:space'=>array('pre'=>1, 'script'=>1, 'style'=>1));
964 
965  // Empty
966  static $aNE = array('checked'=>1, 'compact'=>1, 'declare'=>1, 'defer'=>1, 'disabled'=>1, 'ismap'=>1, 'multiple'=>1, 'nohref'=>1, 'noresize'=>1, 'noshade'=>1, 'nowrap'=>1, 'readonly'=>1, 'selected'=>1);
967 
968  // Need scheme check; excludes style, on* & src
969  static $aNP = array('action'=>1, 'cite'=>1, 'classid'=>1, 'codebase'=>1, 'data'=>1, 'href'=>1, 'longdesc'=>1, 'model'=>1, 'pluginspage'=>1, 'pluginurl'=>1, 'usemap'=>1);
970 
971  // Univ & exceptions
972  static $aNU = array('class'=>array('param'=>1, 'script'=>1), 'dir'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'iframe'=>1, 'param'=>1, 'script'=>1), 'id'=>array('script'=>1), 'lang'=>array('applet'=>1, 'br'=>1, 'iframe'=>1, 'param'=>1, 'script'=>1), 'xml:lang'=>array('applet'=>1, 'br'=>1, 'iframe'=>1, 'param'=>1, 'script'=>1), 'onclick'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'ondblclick'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'onkeydown'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'onkeypress'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'onkeyup'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'onmousedown'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'onmousemove'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'onmouseout'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'onmouseover'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'onmouseup'=>array('applet'=>1, 'bdo'=>1, 'br'=>1, 'font'=>1, 'iframe'=>1, 'isindex'=>1, 'param'=>1, 'script'=>1), 'style'=>array('param'=>1, 'script'=>1), 'title'=>array('param'=>1, 'script'=>1));
973 
974 
975  if ($C['lc_std_val'])
976  {
977  // predef attr vals for $eAL & $aNE ele
978  static $aNL = array('all'=>1, 'baseline'=>1, 'bottom'=>1, 'button'=>1, 'center'=>1, 'char'=>1, 'checkbox'=>1, 'circle'=>1, 'col'=>1, 'colgroup'=>1, 'cols'=>1, 'data'=>1, 'default'=>1, 'file'=>1, 'get'=>1, 'groups'=>1, 'hidden'=>1, 'image'=>1, 'justify'=>1, 'left'=>1, 'ltr'=>1, 'middle'=>1, 'none'=>1, 'object'=>1, 'password'=>1, 'poly'=>1, 'post'=>1, 'preserve'=>1, 'radio'=>1, 'rect'=>1, 'ref'=>1, 'reset'=>1, 'right'=>1, 'row'=>1, 'rowgroup'=>1, 'rows'=>1, 'rtl'=>1, 'submit'=>1, 'text'=>1, 'top'=>1);
979  static $eAL = array('a'=>1, 'area'=>1, 'bdo'=>1, 'button'=>1, 'col'=>1, 'form'=>1, 'img'=>1, 'input'=>1, 'object'=>1, 'optgroup'=>1, 'option'=>1, 'param'=>1, 'script'=>1, 'select'=>1, 'table'=>1, 'td'=>1, 'tfoot'=>1, 'th'=>1, 'thead'=>1, 'tr'=>1, 'xml:space'=>1);
980  $lcase = isset($eAL[$e]) ? 1 :
981  0;
982  }
983 
984  $depTr = 0;
985  if ($C['no_deprecated_attr'])
986  {
987  // dep attr:applicable ele
988  static $aND = array('align'=>array('caption'=>1, 'div'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'hr'=>1, 'img'=>1, 'input'=>1, 'legend'=>1, 'object'=>1, 'p'=>1, 'table'=>1), 'bgcolor'=>array('table'=>1, 'td'=>1, 'th'=>1, 'tr'=>1), 'border'=>array('img'=>1, 'object'=>1), 'bordercolor'=>array('table'=>1, 'td'=>1, 'tr'=>1), 'clear'=>array('br'=>1), 'compact'=>array('dl'=>1, 'ol'=>1, 'ul'=>1), 'height'=>array('td'=>1, 'th'=>1), 'hspace'=>array('img'=>1, 'object'=>1), 'language'=>array('script'=>1), 'name'=>array('a'=>1, 'form'=>1, 'iframe'=>1, 'img'=>1, 'map'=>1), 'noshade'=>array('hr'=>1), 'nowrap'=>array('td'=>1, 'th'=>1), 'size'=>array('hr'=>1), 'start'=>array('ol'=>1), 'type'=>array('li'=>1, 'ol'=>1, 'ul'=>1), 'value'=>array('li'=>1), 'vspace'=>array('img'=>1, 'object'=>1), 'width'=>array('hr'=>1, 'pre'=>1, 'td'=>1, 'th'=>1));
989  static $eAD = array('a'=>1, 'br'=>1, 'caption'=>1, 'div'=>1, 'dl'=>1, 'form'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'hr'=>1, 'iframe'=>1, 'img'=>1, 'input'=>1, 'legend'=>1, 'li'=>1, 'map'=>1, 'object'=>1, 'ol'=>1, 'p'=>1, 'pre'=>1, 'script'=>1, 'table'=>1, 'td'=>1, 'th'=>1, 'tr'=>1, 'ul'=>1);
990  $depTr = isset($eAD[$e]) ? 1 : 0;
991  }
992 
993  // attr name-vals
994  // No comment/CDATA sec
995  if (strpos($a, "\x01") !== false)
996  {
997  $a = preg_replace('`\x01[^\x01]*\x01`', '', $a);
998  }
999 
1000  $mode = 0;
1001  $a = trim($a, ' /');
1002  $aA = array();
1003  while (strlen($a))
1004  {
1005  $w = 0;
1006  switch ($mode)
1007  {
1008  // Name
1009  case 0:
1010 
1011  if (preg_match('`^[a-zA-Z][\-a-zA-Z:]+`', $a, $m))
1012  {
1013  $nm = strtolower($m[0]);
1014  $w = $mode = 1;
1015  $a = ltrim(substr_replace($a, '', 0, strlen($m[0])));
1016  }
1017  break;
1018  case 1:
1019  // =
1020  if ($a[0] == '=')
1021  {
1022 
1023  $w = 1;
1024  $mode = 2;
1025  $a = ltrim($a, '= ');
1026  // No val
1027  }
1028  else
1029  {
1030 
1031  $w = 1;
1032  $mode = 0;
1033  $a = ltrim($a);
1034  $aA[$nm] = '';
1035  }
1036  // Val
1037  break;
1038  case 2:
1039 
1040  if (preg_match('`^((?:"[^"]*")|(?:\'[^\']*\')|(?:\s*[^\s"\']+))(.*)`', $a, $m))
1041  {
1042  $a = ltrim($m[2]);
1043  $m = $m[1];
1044  $w = 1;
1045  $mode = 0;
1046  $aA[$nm] = trim(($m[0] == '"' or $m[0] == '\'') ? substr($m, 1, -1) : $m);
1047  }
1048  break;
1049  }
1050  // Parse errs, deal with space, " & '
1051  if ($w == 0)
1052  {
1053 
1054  $a = preg_replace('`^(?:"[^"]*("|$)|\'[^\']*(\'|$)|\S)*\s*`', '', $a);
1055  $mode = 0;
1056  }
1057  }
1058  if ($mode == 1)
1059  {
1060  $aA[$nm] = '';
1061  }
1062 
1063  // clean attrs
1064  global $S;
1065  $rl = isset($S[$e]) ? $S[$e] : array();
1066  $a = array();
1067  $nfr = 0;
1068  foreach ($aA as $k=>$v)
1069  {
1070  if (((isset($C['deny_attribute']['*']) ? isset($C['deny_attribute'][$k]) : !isset($C['deny_attribute'][$k])) && (isset($aN[$k][$e]) or(isset($aNU[$k]) && !isset($aNU[$k][$e]))) && !isset($rl['n'][$k]) && !isset($rl['n']['*'])) or isset($rl[$k]))
1071  {
1072  if (isset($aNE[$k]))
1073  {
1074  $v = $k;
1075  }
1076  // Rather loose but ?not cause issues
1077  elseif (!empty($lcase) && (($e != 'button' or $e != 'input') or $k == 'type'))
1078  {
1079 
1080  $v = (isset($aNL[($v2 = strtolower($v))])) ? $v2 : $v;
1081  }
1082  if ($k == 'style' && !$C['style_pass'])
1083  {
1084  if (false !== strpos($v, '&#'))
1085  {
1086  static $sC = array('&#x20;'=>' ', '&#32;'=>' ', 'E;'=>'e', 'E;'=>'e', 'e;'=>'e', 'e;'=>'e', 'X;'=>'x', 'X;'=>'x', 'x;'=>'x', 'x;'=>'x', 'P;'=>'p', 'P;'=>'p', 'p;'=>'p', 'p;'=>'p', 'S;'=>'s', 'S;'=>'s', 's;'=>'s', 's;'=>'s', 'I;'=>'i', 'I;'=>'i', 'i;'=>'i', 'i;'=>'i', 'O;'=>'o', 'O;'=>'o', 'o;'=>'o', 'o;'=>'o', 'N;'=>'n', 'N;'=>'n', 'n;'=>'n', 'n;'=>'n', 'U;'=>'u', 'U;'=>'u', 'u;'=>'u', 'u;'=>'u', 'R;'=>'r', 'R;'=>'r', 'r;'=>'r', 'r;'=>'r', 'L;'=>'l', 'L;'=>'l', 'l;'=>'l', 'l;'=>'l', '(;'=>'(', '(;'=>'(', ');'=>')', ');'=>')', '&#x20;'=>':', '&#32;'=>':', '";'=>'"', '";'=>'"', '&#x27;'=>"'", '&#39;'=>"'", '/;'=>'/', '/;'=>'/', '*;'=>'*', '*;'=>'*', ''=>'\\', ''=>'\\');
1087  $v = strtr($v, $sC);
1088  }
1089  $v = preg_replace_callback('`(url(?:\()(?: )*(?:\'|"|&(?:quot|apos);)?)(.+?)((?:\'|"|&(?:quot|apos);)?(?: )*(?:\)))`iS', 'hl_prot', $v);
1090  $v = !$C['css_expression'] ? preg_replace('`expression`i', ' ', preg_replace('`\\\\\S|(/|(%2f))(\*|(%2a))`i', ' ', $v)) : $v;
1091  }
1092  else
1093  if (isset($aNP[$k]) or strpos($k, 'src') !== false or $k[0] == 'o')
1094  {
1095  $v = str_replace("\xad", ' ', (strpos($v, '&') !== false ? str_replace(array('&#xad;', '&#173;', '&shy;'), ' ', $v) : $v));
1096  $v = hl_prot($v, $k);
1097  // X-spam
1098  if ($k == 'href')
1099  {
1100 
1101  if ($C['anti_mail_spam'] && strpos($v, 'mailto:') === 0)
1102  {
1103  $v = str_replace('@', htmlspecialchars($C['anti_mail_spam']), $v);
1104  }
1105  else
1106  if ($C['anti_link_spam'])
1107  {
1108  $r1 = $C['anti_link_spam'][1];
1109  if (!empty($r1) && preg_match($r1, $v))
1110  {
1111  continue;
1112  }
1113  $r0 = $C['anti_link_spam'][0];
1114  if (!empty($r0) && preg_match($r0, $v))
1115  {
1116  if (isset($a['rel']))
1117  {
1118  if (!preg_match('`\bnofollow\b`i', $a['rel']))
1119  {
1120  $a['rel'] .= ' nofollow';
1121  }
1122  }
1123  else
1124  if (isset($aA['rel']))
1125  {
1126  if (!preg_match('`\bnofollow\b`i', $aA['rel']))
1127  {
1128  $nfr = 1;
1129  }
1130  }
1131  else
1132  {
1133  $a['rel'] = 'nofollow';
1134  }
1135  }
1136  }
1137  }
1138  }
1139  if (isset($rl[$k]) && is_array($rl[$k]) && ($v = hl_attrval($v, $rl[$k])) === 0)
1140  {
1141  continue;
1142  }
1143  $a[$k] = str_replace('"', '&quot;', $v);
1144  }
1145  }
1146  if ($nfr)
1147  {
1148  $a['rel'] = isset($a['rel']) ? $a['rel']. ' nofollow' : 'nofollow';
1149  }
1150 
1151  // rqd attr
1152  // GB : changé alt=>image par défaut en alt=>' ' pour que le mot image n'apparaisse pas si petites images n'existent pas
1153  static $eAR = array('area'=>array('alt'=>'area'), 'bdo'=>array('dir'=>'ltr'), 'form'=>array('action'=>''), 'img'=>array('src'=>'', 'alt'=>''), 'map'=>array('name'=>''), 'optgroup'=>array('label'=>''), 'param'=>array('name'=>''), 'script'=>array('type'=>'text/javascript'), 'textarea'=>array('rows'=>'10', 'cols'=>'50'));
1154  if (isset($eAR[$e]))
1155  {
1156  foreach ($eAR[$e] as $k=>$v)
1157  {
1158  if (!isset($a[$k]))
1159  {
1160  $a[$k] = isset($v[0]) ? $v : $k;
1161  }
1162  }
1163  }
1164 
1165  // depr attrs
1166  if ($depTr)
1167  {
1168  $c = array();
1169  foreach ($a as $k=>$v)
1170  {
1171  if ($k == 'style' or !isset($aND[$k][$e]))
1172  {
1173  continue;
1174  }
1175  if ($k == 'align')
1176  {
1177  unset($a['align']);
1178  if ($e == 'img' && ($v == 'left' or $v == 'right'))
1179  {
1180  $c[] = 'float: '. $v;
1181  }
1182  else
1183  if (($e == 'div' or $e == 'table') && $v == 'center')
1184  {
1185  $c[] = 'margin: auto';
1186  }
1187  else
1188  {
1189  $c[] = 'text-align: '. $v;
1190  }
1191  }
1192  else
1193  if ($k == 'bgcolor')
1194  {
1195  unset($a['bgcolor']);
1196  $c[] = 'background-color: '. $v;
1197  }
1198  else
1199  if ($k == 'border')
1200  {
1201  unset($a['border']);
1202  $c[] = "border: {$v}px";
1203  }
1204  else
1205  if ($k == 'bordercolor')
1206  {
1207  unset($a['bordercolor']);
1208  $c[] = 'border-color: '. $v;
1209  }
1210  else
1211  if ($k == 'clear')
1212  {
1213  unset($a['clear']);
1214  $c[] = 'clear: '. ($v != 'all' ? $v : 'both');
1215  }
1216  else
1217  if ($k == 'compact')
1218  {
1219  unset($a['compact']);
1220  $c[] = 'font-size: 85%';
1221  }
1222  else
1223  if ($k == 'height' or $k == 'width')
1224  {
1225  unset($a[$k]);
1226  $c[] = $k. ': '. ($v[0] != '*' ? $v. (ctype_digit($v) ? 'px' : '') : 'auto');
1227  }
1228  else
1229  if ($k == 'hspace')
1230  {
1231  unset($a['hspace']);
1232  $c[] = "margin-left: {$v}px; margin-right: {$v}px";
1233  }
1234  else
1235  if ($k == 'language' && !isset($a['type']))
1236  {
1237  unset($a['language']);
1238  $a['type'] = 'text/'. strtolower($v);
1239  }
1240  else
1241  if ($k == 'name')
1242  {
1243  if ($C['no_deprecated_attr'] == 2 or($e != 'a' && $e != 'map'))
1244  {
1245  unset($a['name']);
1246  }
1247  if (!isset($a['id']) && preg_match('`[a-zA-Z][a-zA-Z\d.:_\-]*`', $v))
1248  {
1249  $a['id'] = $v;
1250  }
1251  }
1252  else
1253  if ($k == 'noshade')
1254  {
1255  unset($a['noshade']);
1256  $c[] = 'border-style: none; border: 0; background-color: gray; color: gray';
1257  }
1258  else
1259  if ($k == 'nowrap')
1260  {
1261  unset($a['nowrap']);
1262  $c[] = 'white-space: nowrap';
1263  }
1264  else
1265  if ($k == 'size')
1266  {
1267  unset($a['size']);
1268  $c[] = 'size: '. $v. 'px';
1269  }
1270  else
1271  if ($k == 'start' or $k == 'value')
1272  {
1273  unset($a[$k]);
1274  }
1275  else
1276  if ($k == 'type')
1277  {
1278  unset($a['type']);
1279  static $ol_type = array('i'=>'lower-roman', 'I'=>'upper-roman', 'a'=>'lower-latin', 'A'=>'upper-latin', '1'=>'decimal');
1280  $c[] = 'list-style-type: '. (isset($ol_type[$v]) ? $ol_type[$v] : 'decimal');
1281  }
1282  else
1283  if ($k == 'vspace')
1284  {
1285  unset($a['vspace']);
1286  $c[] = "margin-top: {$v}px; margin-bottom: {$v}px";
1287  }
1288  }
1289  if (count($c))
1290  {
1291  $c = implode('; ', $c);
1292  $a['style'] = isset($a['style']) ? rtrim($a['style'], ' ;'). '; '. $c. ';': $c. ';';
1293  }
1294  }
1295  // unique ID
1296  if ($C['unique_ids'] && isset($a['id']))
1297  {
1298  if (!preg_match('`^[A-Za-z][A-Za-z0-9_\-.:]*$`', ($id = $a['id'])) or(isset($GLOBALS['hl_Ids'][$id]) && $C['unique_ids'] == 1))
1299  {
1300  unset($a['id']);
1301  }
1302  else
1303  {
1304  while (isset($GLOBALS['hl_Ids'][$id]))
1305  {
1306  $id = $C['unique_ids']. $id;
1307  }
1308  $GLOBALS['hl_Ids'][($a['id'] = $id)] = 1;
1309  }
1310  }
1311  // xml:lang
1312  if ($C['xml:lang'] && isset($a['lang']))
1313  {
1314  $a['xml:lang'] = isset($a['xml:lang']) ? $a['xml:lang'] : $a['lang'];
1315  if ($C['xml:lang'] == 2)
1316  {
1317  unset($a['lang']);
1318  }
1319  }
1320  // for transformed tag
1321  if (!empty($trt))
1322  {
1323  $a['style'] = isset($a['style']) ? rtrim($a['style'], ' ;'). '; '. $trt : $trt;
1324  }
1325  // return with empty ele /
1326  if (empty($C['hook_tag']))
1327  {
1328  $aA = '';
1329  foreach ($a as $k=>$v)
1330  {
1331  $aA .= " {$k}=\"{$v}\"";
1332  }
1333  return "<{$e}{$aA}". (isset($eE[$e]) ? ' /' : ''). '>';
1334  }
1335  else
1336  {
1337  return $C['hook_tag']($e, $a);
1338  }
1339  // eof
1340  }
1341 
1342  function hl_tag2(&$e, &$a, $t=1)
1343  {
1344  // transform tag
1345  if ($e == 'center')
1346  {
1347  $e = 'div';
1348  return 'text-align: center;';
1349  }
1350  if ($e == 'dir' or $e == 'menu')
1351  {
1352  $e = 'ul';
1353  return '';
1354  }
1355  if ($e == 's' or $e == 'strike')
1356  {
1357  $e = 'span';
1358  return 'text-decoration: line-through;';
1359  }
1360  if ($e == 'u')
1361  {
1362  $e = 'span';
1363  return 'text-decoration: underline;';
1364  }
1365  static $fs = array('0'=>'xx-small', '1'=>'xx-small', '2'=>'small', '3'=>'medium', '4'=>'large', '5'=>'x-large', '6'=>'xx-large', '7'=>'300%', '-1'=>'smaller', '-2'=>'60%', '+1'=>'larger', '+2'=>'150%', '+3'=>'200%', '+4'=>'300%');
1366  if ($e == 'font')
1367  {
1368  $a2 = '';
1369  if (preg_match('`face\s*=\s*(\'|")([^=]+?)\\1`i', $a, $m) or preg_match('`face\s*=(\s*)(\S+)`i', $a, $m))
1370  {
1371  $a2 .= ' font-family: '. str_replace('"', '\'', trim($m[2])). ';';
1372  }
1373  if (preg_match('`color\s*=\s*(\'|")?(.+?)(\\1|\s|$)`i', $a, $m))
1374  {
1375  $a2 .= ' color: '. trim($m[2]). ';';
1376  }
1377  if (preg_match('`size\s*=\s*(\'|")?(.+?)(\\1|\s|$)`i', $a, $m) && isset($fs[($m = trim($m[2]))]))
1378  {
1379  $a2 .= ' font-size: '. $fs[$m]. ';';
1380  }
1381  $e = 'span';
1382  return ltrim($a2);
1383  }
1384  if ($t == 2)
1385  {
1386  $e = 0;
1387  return 0;
1388  }
1389  return '';
1390  // eof
1391  }
1392 
1393  function hl_tidy($t, $w, $p)
1394  {
1395  // Tidy/compact HTM
1396  if (strpos(' pre,script,textarea', "$p,"))
1397  {
1398  return $t;
1399  }
1400  $t = str_replace(' </', '</', preg_replace(array('`(<\w[^>]*(?<!/)>)\s+`', '`\s+`', '`(<\w[^>]*(?<!/)>) `'), array(' ', ' ', ''), preg_replace_callback(array('`(<(!\[CDATA\[))(.+?)(\]\]>)`sm', '`(<(!--))(.+?)(-->)`sm', '`(<(pre|script|textarea)[^>]*?>)(.+?)(</>)`sm'), create_function('$m', 'return $m[1]. str_replace(array("<", ">", "\n", "\r", "\t", " "), array("\x01", "\x02", "\x03", "\x04", "\x05", "\x07"), $m[3]). $m[4];
1401  '), $t)));
1402  if (($w = strtolower($w)) == -1)
1403  {
1404  return str_replace(array("\x01", "\x02", "\x03", "\x04", "\x05", "\x07"), array('<', '>', "\n", "\r", "\t", ' '), $t);
1405  }
1406  $s = strpos(" $w", 't') ? "\t" : ' ';
1407  $s = preg_match('`\d`', $w, $m) ? str_repeat($s, $m[0]) : str_repeat($s, ($s == "\t" ? 1 : 2));
1408  $N = preg_match('`[ts]([1-9])`', $w, $m) ? $m[1] : 0;
1409  $a = array('br'=>1);
1410  $b = array('button'=>1, 'input'=>1, 'option'=>1);
1411  $c = array('caption'=>1, 'dd'=>1, 'dt'=>1, 'h1'=>1, 'h2'=>1, 'h3'=>1, 'h4'=>1, 'h5'=>1, 'h6'=>1, 'isindex'=>1, 'label'=>1, 'legend'=>1, 'li'=>1, 'object'=>1, 'p'=>1, 'pre'=>1, 'td'=>1, 'textarea'=>1, 'th'=>1);
1412  $d = array('address'=>1, 'blockquote'=>1, 'center'=>1, 'colgroup'=>1, 'dir'=>1, 'div'=>1, 'dl'=>1, 'fieldset'=>1, 'form'=>1, 'hr'=>1, 'iframe'=>1, 'map'=>1, 'menu'=>1, 'noscript'=>1, 'ol'=>1, 'optgroup'=>1, 'rbc'=>1, 'rtc'=>1, 'ruby'=>1, 'script'=>1, 'select'=>1, 'table'=>1, 'tbody'=>1, 'tfoot'=>1, 'thead'=>1, 'tr'=>1, 'ul'=>1);
1413  $T = explode('<', $t);
1414  $X = 1;
1415  while ($X)
1416  {
1417  $n = $N;
1418  $t = $T;
1419  ob_start();
1420  if (isset($d[$p]))
1421  {
1422  echo str_repeat($s, ++$n);
1423  }
1424  echo ltrim(array_shift($t));
1425  for ($i=-1, $j=count($t); ++$i<$j; )
1426  {
1427  $r = '';
1428  list($e, $r) = explode('>', $t[$i]);
1429  $x = $e[0] == '/' ? 0 : (substr($e, -1) == '/' ? 1 : ($e[0] != '!' ? 2 : -1));
1430  $y = !$x ? ltrim($e, '/') : ($x > 0 ? substr($e, 0, strcspn($e, ' ')) : 0);
1431  $e = "<$e>";
1432  if (isset($d[$y]))
1433  {
1434  if (!$x)
1435  {
1436  if ($n)
1437  {
1438  echo "\n", str_repeat($s, --$n), "$e\n", str_repeat($s, $n);
1439  }
1440  else
1441  {
1442  ++$N;
1443  ob_end_clean();
1444  continue 2;
1445  }
1446  }
1447  else
1448  {
1449  echo "\n", str_repeat($s, $n), "$e\n", str_repeat($s, ($x != 1 ? ++$n : $n));
1450  }
1451  echo ltrim($r);
1452  continue;
1453  }
1454  $f = "\n". str_repeat($s, $n);
1455  if (isset($c[$y]))
1456  {
1457  if (!$x)
1458  {
1459  echo $e, $f, ltrim($r);
1460  }
1461  else
1462  {
1463  echo $f, $e, $r;
1464  }
1465  }
1466  else
1467  if (isset($b[$y]))
1468  {
1469  echo $f, $e, $r;
1470  }
1471  else
1472  if (isset($a[$y]))
1473  {
1474  echo $e, $f, ltrim($r);
1475  }
1476  else
1477  if (!$y)
1478  {
1479  echo $f, $e, $f, ltrim($r);
1480  }
1481  else
1482  {
1483  echo $e, $r;
1484  }
1485  }
1486  $X = 0;
1487  }
1488  $t = preg_replace('`[\n]\s*?[\n]+`', "\n", ob_get_contents());
1489  ob_end_clean();
1490  if (($l = strpos(" $w", 'r') ? (strpos(" $w", 'n') ? "\r\n" : "\r") : 0))
1491  {
1492  $t = str_replace("\n", $l, $t);
1493  }
1494  return str_replace(array("\x01", "\x02", "\x03", "\x04", "\x05", "\x07"), array('<', '>', "\n", "\r", "\t", ' '), $t);
1495  // eof
1496  }
1497 
1498  function hl_version()
1499  {
1500  // rel
1501  return '1.1.14';
1502  // eof
1503  }
1504 
1505  function kses($t, $h, $p=array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'gopher', 'mailto'))
1506  {
1507  // kses compat
1508  foreach ($h as $k=>$v)
1509  {
1510  $h[$k]['n']['*'] = 1;
1511  }
1512  $C['cdata'] = $C['comment'] = $C['make_tag_strict'] = $C['no_deprecated_attr'] = $C['unique_ids'] = 0;
1513  $C['keep_bad'] = 1;
1514  $C['elements'] = count($h) ? strtolower(implode(',', array_keys($h))) : '-*';
1515  $C['hook'] = 'kses_hook';
1516  $C['schemes'] = '*:'. implode(',', $p);
1517  return htmLawed($t, $C, $h);
1518  // eof
1519  }
1520 
1521  function kses_hook($t, &$C, &$S)
1522  {
1523  // kses compat
1524  return $t;
1525  // eof
1526  }
1527 }
$mode
if(strlen($date2)== '10') if($type== 'users-by-age'&&a_priv('admin_users', true)) elseif($type== 'forums-count'&&a_priv('admin_content', true)) elseif($type== 'forums-categories'&&a_priv('admin_content', true)) elseif($type== 'users-count'&&a_priv('admin_users', true)) elseif($type== 'product-categories'&&a_priv('admin_products', true)) elseif($type== 'users-by-sex'&&a_priv('admin_users', true)) elseif($type== 'users-by-country'&&a_priv('admin_users', true)) elseif($type== 'sales'&&a_priv('admin_sales', true))
Definition: chart-data.php:160
if(empty($GLOBALS['site_parameters']['unsubscribe_order_process']))
$GLOBALS['page_columns_count']
global $l
Definition: afr.php:33
$id
Definition: articles.php:22

This documentation for Open ecommerce PEEL Shopping and PEEL.fr has been generated by Doxygen on Thu Oct 15 2015 14:31:17 - Peel ecommerce is a product of Agence web Advisto SAS. All rights reserved.