| blob | 31ebb785ff7324a74b82578b36c4cdbcbfaa8c0e |
1 <?php
15 'only accepts ISO-8859-1 if iconv is not enabled.'
16 );
27 'directive has been available since 1.4.0.'
28 );
31 // only encodings with native PHP support
35 'iso-8859-1'
36 )
37 );
41 )
42 );
43 }
48 'exist and use only pure PHP implementations.'
49 );
51 /**
52 * A UTF-8 specific character encoder that handles cleaning and transforming.
53 * @note All functions in this class should be static.
54 */
55 class HTMLPurifier_Encoder
56 {
58 /**
59 * Constructor throws fatal error if you attempt to instantiate class
60 */
63 }
65 /**
66 * Error-handler that mutes errors, alternative to shut-up operator.
67 */
70 /**
71 * Cleans a UTF-8 string for well-formedness and SGML validity
72 *
73 * It will parse according to UTF-8 and return a valid UTF8 string, with
74 * non-SGML codepoints excluded.
75 *
76 * @static
77 * @note Just for reference, the non-SGML code points are 0 to 31 and
78 * 127 to 159, inclusive. However, we allow code points 9, 10
79 * and 13, which are the tab, line feed and carriage return
80 * respectively. 128 and above the code points map to multibyte
81 * UTF-8 representations.
82 *
83 * @note Fallback code adapted from utf8ToUnicode by Henri Sivonen and
84 * hsivonen@iki.fi at <http://iki.fi/hsivonen/php-utf8/> under the
85 * LGPL license. Notes on what changed are inside, but in general,
86 * the original code transformed UTF-8 text into an array of integer
87 * Unicode codepoints. Understandably, transforming that back to
88 * a string would be somewhat expensive, so the function was modded to
89 * directly operate on the string. However, this discourages code
90 * reuse, and the logic enumerated here would be useful for any
91 * function that needs to be able to understand UTF-8 characters.
92 * As of right now, only smart lossless character encoding converters
93 * would need that, and I'm probably not going to implement them.
94 * Once again, PHP 6 should solve all our problems.
95 */
101 // non-SGML ASCII chars
102 // save \r, \t and \n
105 }
108 }
109 }
114 // UTF-8 validity is checked since PHP 4.3.5
115 // This is an optimization: if the string is already valid UTF-8, no
116 // need to do iconv/php stuff. 99% of the time, this will be the case.
119 }
122 // do the shortcut way
127 }
130 // until the beginning of the next UTF8 character sequence
134 // original code involved an $out that was an array of Unicode
135 // codepoints. Instead of having to convert back into UTF-8, we've
136 // decided to directly append valid UTF-8 characters onto a string
137 // $out once they're done. $char accumulates raw bytes, while $mUcs4
138 // turns into the Unicode code point, so there's some redundancy.
148 // When mState is zero we expect either a US-ASCII character
149 // or a multi-octet sequence.
151 // US-ASCII, pass straight through.
154 ) {
155 // control characters, remove
158 }
159 // reset
163 // First octet of 2 octet sequence
169 // First octet of 3 octet sequence
175 // First octet of 4 octet sequence
181 // First octet of 5 octet sequence.
182 //
183 // This is illegal because the encoded codepoint must be
184 // either:
185 // (a) not the shortest form or
186 // (b) outside the Unicode range of 0-0x10FFFF.
187 // Rather than trying to resynchronize, we will carry on
188 // until the end of the sequence and let the later error
189 // handling code catch it.
195 // First octet of 6 octet sequence, see comments for 5
196 // octet sequence.
202 // Current octet is neither in the US-ASCII range nor a
203 // legal first octet of a multi-octet sequence.
208 }
210 // When mState is non-zero, we expect a continuation of the
211 // multi-octet sequence
213 // Legal continuation.
220 // End of the multi-octet sequence. mUcs4 now contains
221 // the final Unicode codepoint to be output
223 // Check for illegal sequences and codepoints.
225 // From Unicode 3.1, non-shortest form is illegal
230 // From Unicode 3.2, surrogate characters = illegal
232 // Codepoints outside the Unicode range are illegal
234 ) {
238 ) {
240 }
241 // initialize UTF8 cache (reset)
246 }
248 // ((0xC0 & (*in) != 0x80) && (mState != 0))
249 // Incomplete multi-octet sequence.
250 // used to result in complete fail, but we'll reset
255 }
256 }
257 }
259 }
261 /**
262 * Translates a Unicode codepoint into its corresponding UTF-8 character.
263 * @static
264 * @note Based on Feyd's function at
265 * <http://forums.devnetwork.net/viewtopic.php?p=191404#191404>,
266 * which is in public domain.
267 * @note While we're going to do code point parsing anyway, a good
268 * optimization would be to refuse to translate code points that
269 * are non-SGML characters. However, this could lead to duplication.
270 * @note This is very similar to the unichr function in
271 * maintenance/generate-entity-file.php (although this is superior,
272 * due to its sanity checks).
273 */
275 // +----------+----------+----------+----------+
276 // | 33222222 | 22221111 | 111111 | |
277 // | 10987654 | 32109876 | 54321098 | 76543210 | bit
278 // +----------+----------+----------+----------+
279 // | | | | 0xxxxxxx | 1 byte 0x00000000..0x0000007F
280 // | | | 110yyyyy | 10xxxxxx | 2 byte 0x00000080..0x000007FF
281 // | | 1110zzzz | 10yyyyyy | 10xxxxxx | 3 byte 0x00000800..0x0000FFFF
282 // | 11110www | 10wwzzzz | 10yyyyyy | 10xxxxxx | 4 byte 0x00010000..0x0010FFFF
283 // +----------+----------+----------+----------+
284 // | 00000000 | 00011111 | 11111111 | 11111111 | Theoretical upper limit of legal scalars: 2097151 (0x001FFFFF)
285 // | 00000000 | 00010000 | 11111111 | 11111111 | Defined upper limit of legal scalar codes
286 // +----------+----------+----------+----------+
291 // bits are set outside the "valid" range as defined
292 // by UNICODE 4.1.0
294 }
298 // regular ASCII character
301 // set up bits for UTF-8
312 }
313 }
314 }
315 // set up the actual character
323 }
325 /**
326 * Converts a string to UTF-8 based on configuration.
327 * @static
328 */
338 }
340 }
342 /**
343 * Converts a string from UTF-8 based on configuration.
344 * @static
345 * @note Currently, this is a lossy conversion, with unexpressable
346 * characters being omitted.
347 */
355 }
360 }
362 }
364 /**
365 * Lossless (character-wise) conversion of HTML to ASCII
366 * @static
367 * @param $str UTF-8 string to be converted to ASCII
368 * @returns ASCII encoded string with non-ASCII character entity-ized
369 * @warning Adapted from MediaWiki, claiming fair use: this is a common
370 * algorithm. If you disagree with this license fudgery,
371 * implement it yourself.
372 * @note Uses decimal numeric entities since they are best supported.
373 * @note This is a DUMB function: it has no concept of keeping
374 * character entities that the projected character encoding
375 * can allow. We could possibly implement a smart version
376 * but that would require it to also know which Unicode
377 * codepoints the charset supported (not an easy task).
378 * @note Sort of with cleanUTF8() but it assumes that $str is
379 * well-formed UTF-8
380 */
397 }
407 }
408 }
410 }
413 }