5 * Contains Drupal\htmlawed\Plugin\Filter\Filterhtmlawed
8 namespace Drupal\htmlawed\Plugin\Filter;
10 use Drupal\Component\Utility\Html;
11 use Drupal\Core\Form\FormStateInterface;
13 use Drupal\filter\FilterProcessResult;
14 use Drupal\filter\Plugin\FilterBase;
17 * Provides for use of htmLawed
18 * (www.bioinformatics.org/phplabware/internal_utilities/htmLawed)
19 * to restrict and purify/correct HTML to make content secure,
20 * and standard- and admin. policy-compliant.
23 * id = "filter_htmlawed",
24 * title = @Translation("htmLawed HTML filter and purifier"),
25 * description = @Translation("Use the htmLawed filter to restrict and purify HTML for compliance with admin. policy and standards and for security"),
26 * type = Drupal\filter\Plugin\FilterInterface::TYPE_HTML_RESTRICTOR,
29 * "config" = "'safe' => 1, 'elements' => 'a, em, strong, cite, code, ol, ul, li, dl, dt, dd, br, p', 'deny_attribute' => 'id, style'",
31 * "help" = @Translation("Allowed HTML tags: <a>, <em>, <strong>, <cite>, <code>, <ol>, <ul>, <li>, <dl>, <dt>, <dd>, <br>, <p>"),
32 * "helplong" = @Translation("These HTML tags are allowed: <a>, <em>, <strong>, <cite>, <code>, <ol>, <ul>, <li>, <dl>, <dt>, <dd>, <br>, <p>. Javascript and the 'id' and 'style' HTML attributes are not permitted."),
37 class Filterhtmlawed extends FilterBase {
42 public function process($text, $langcode) {
44 // Use htmLawed filter settings for the $config and $spec arguments to htmLawed();
45 // use default values if needed.
46 $htmLawed_settings = $this->settings;
48 if (!empty($htmLawed_settings['config'])) {
49 eval('$config = array(' . $htmLawed_settings['config'] . ');');
51 if (!is_array($config)) {
52 $config = array('safe'=>1, 'elements'=>'a, em, strong, cite, code, ol, ul, li, dl, dt, dd, br, p', 'deny_attribute'=>'id, style');
55 // If PHP code blocks are to be preserved, hide the special characters
56 // like '<' of '<?php'.The 'save_php' parameter is NOT an htmLawed parameter per se.
57 if (!empty($config['save_php'])) {
58 $text = preg_replace_callback('`<\?php(.+?)\?>|<\?php(.*?)$`sm', function($m){return "\x83?php". str_replace(array('<', '>', '&'), array('<', '>', '&'), $m[1]). (substr($m[0], -2) == '?>' ? "?\84" : '');}, $text);
61 // If Libraries module (API 3.x) is enabled, use htmLawed library through it;
62 // else use the htmLawed library provided with the htmLawed module.
63 $module_path = drupal_get_path('module', 'htmlawed');
64 if (function_exists('libraries_load') && ($library = libraries_load('htmLawed')) && !empty($library['loaded']) && function_exists('htmLawed')) {
65 $doc_path = libraries_get_path('htmLawed') . '/';
66 $Libraries_api_used = 1;
69 include_once ("$module_path/htmLawed/htmLawed.php");
72 // htmLawed filtering.
73 $text = htmLawed($text, $config, $htmLawed_settings['spec']);
75 // In case Drupal's teaser-break is in use;
76 // since htmLawed corrects HTML comments to use the right format.
77 $text = str_replace('<!--break -->', '<!--break-->', $text);
79 // Handle any PHP code preservation.
80 if (!empty($config['save_php'])) {
81 $text = preg_replace_callback('`\x83\?php(.+?)\?\x84|\x83\?php(.*?)$`sm', function($m){return "<?php". str_replace(array('&', '<', '>'), array('&', '<', '>'), $m[1]). (substr($m[0], -2) == "?\x84" ? "?>" : '');}, $text);
85 $result = new FilterProcessResult($text);
92 public function settingsForm(array $form, FormStateInterface $form_state) {
93 $htmLawed_settings = $this->settings;
94 $form['config'] = array(
95 '#prefix' => t('<a href=":url">Help</a>', array(':url' => Url::fromUri('base:admin/help/htmlawed')->toString())),
96 '#type' => 'textarea',
98 '#title' => $this->t('Config.'),
99 '#default_value' => $htmLawed_settings['config'],
100 '#description' => $this->t("Comma-separated, quoted key-value pairs that will be used for htmLawed's %config parameter", array('%config' => 'config')),
102 $form['spec'] = array(
103 '#type' => 'textarea',
105 '#title' => $this->t('Spec.'),
106 '#default_value' => $htmLawed_settings['spec'],
107 '#description' => $this->t("(Optional) Value for htmLawed's %spec parameter", array('%spec' => 'spec')),
109 $form['help'] = array(
110 '#type' => 'textarea',
112 '#title' => $this->t('Short tip'),
113 '#default_value' => $htmLawed_settings['help'],
114 '#description' => $this->t('Brief information for users'),
116 $form['helplong'] = array(
117 '#type' => 'textarea',
119 '#title' => $this->t('Long tip'),
120 '#default_value' => $htmLawed_settings['helplong'],
121 '#description' => $this->t('More detailed information for users'),
129 public function tips($long = FALSE) {
130 $htmLawed_settings = $this->settings;
131 $help = !$long ? Html::escape($htmLawed_settings['help']) : Html::escape($htmLawed_settings['helplong']);
132 $help = !empty($help) ? $help : (!$long ? t('HTML markup is restricted/corrected with the htmLawed filter.') : t('HTML markup is restricted/corrected with the @htmLawed filter for compliance with admin. policy and standards and for security. More details about the restrictions in effect may be available elsewhere, such as in the text of the filter-tips of text formats that use htmLawed and on the forms for configuring text formats.', array('@htmLawed' => \Drupal::l('htmLawed', Url::fromUri('http://www.bioinformatics.org/phplabware/internal_utilities/htmLawed')))) . (!\Drupal::currentUser()->hasPermission('administer filters') ? '' : t(' For information on configuring the htmLawed filter, visit the htmLawed module @help section.', array('@help' => \Drupal::l(t('help'), Url::fromUri('base:admin/help/htmlawed'))))));
projects / yaffs-website / blob