Merge branch 'develop'

burzum · Sep 18, 2014 · 45e02e8 · 45e02e8
2 parents 4035d73 + 63f1e82
commit 45e02e8
Show file tree

Hide file tree

Showing 6 changed files with 186 additions and 19 deletions.
diff --git a/Config/bootstrap.php b/Config/bootstrap.php
@@ -1,7 +1,7 @@
 <?php
 if (Configure::read('HtmlPurifier.standalone') != true) {
-	require_once( CakePlugin::path('HtmlPurifier') . 'Vendor' . DS . 'HtmlPurifier' . DS . 'library' . DS . 'HTMLPurifier.auto.php' );
+	require_once(CakePlugin::path('HtmlPurifier') . 'Vendor' . DS . 'HtmlPurifier' . DS . 'library' . DS . 'HTMLPurifier.auto.php');
 } else {
-	require_once( CakePlugin::path('HtmlPurifier') . 'Vendor' . DS . 'Htmlpurifier-4.4.0-standalone' . DS . 'HTMLPurifier.standalone.php' );
+	require_once(CakePlugin::path('HtmlPurifier') . 'Vendor' . DS . 'htmlpurifier-4.4.0-standalone' . DS . 'HTMLPurifier.standalone.php');
 }
 App::uses('Purifier', 'HtmlPurifier.Lib');
diff --git a/Model/Behavior/HtmlPurifierBehavior.php b/Model/Behavior/HtmlPurifierBehavior.php
@@ -9,15 +9,37 @@
  */
 class HtmlPurifierBehavior extends ModelBehavior {
 
+/**
+ * Default config
+ *
+ * @var array
+ */
+	protected $_defaultConfig = array(
+		'purifyOn' => 'beforeSave',
+		'fields' => array(),
+		'purifierConfig' => 'default',
+	);
+
 /**
  * Setup
  *
  * @param Model $Model
  * @param array $settings
+ * @throws RuntimeException
+ * @return void
  */
 	public function setup(Model $Model, $settings = array()) {
-		$this->settings[$Model->alias] = (array)$settings;
+		$settings = Hash::merge($this->_defaultConfig, $settings);
+		// Legacy check
+		if (isset($settings['config'])) {
+			$settings['purifierConfig'] = $settings['config'];
+		}
+		if (!is_string($settings['purifierConfig'])) {
+			throw new RuntimeException(__d('html_purifier', 'No purifier config name provided!'));
+		}
+		$this->settings[$Model->alias] = $settings;
 	}
+
 /**
  * beforeSave
  *
@@ -26,17 +48,46 @@ public function setup(Model $Model, $settings = array()) {
  * @return boolean
  */
 	public function beforeSave(Model $Model, $options = array()) {
-		extract($this->settings[$Model->alias]); 
-
-		foreach($fields as $field) { 
-			if (isset($Model->data[$Model->alias][$field])) { 
-				$Model->data[$Model->alias][$field] = $this->purifyHtml($Model, $Model->data[$Model->alias][$field], $config);
-			}
+		if ($this->settings[$Model->alias]['purifyOn'] === 'beforeSave') {
+			$Model->data = $this->cleanFields($Model, $Model->data);
 		}
+		return true;
+	}
 
+/**
+ * beforeValidate
+ *
+ * @param Model $Model
+ * @param array $options
+ * @return boolean
+ */
+	public function beforeValidate(Model $Model, $options = array()) {
+		if ($this->settings[$Model->alias]['purifyOn'] === 'afterSave') {
+			$Model->data = $this->cleanFields($Model, $Model->data);
+		}
 		return true;
 	}
 
+/**
+ * Cleans fields of a record
+ *
+ * Provided data must match the structure Model.field, Model.field2...
+ *
+ * @param Model $Model
+ * @param array $data
+ * @param array $options
+ * @return array
+ */
+	public function cleanFields(Model $Model, $data = array(), $options = array()) {
+		extract(Hash::merge($this->settings[$Model->alias], $options));
+		foreach($fields as $field) {
+			if (isset($data[$Model->alias][$field])) {
+				$data[$Model->alias][$field] = $this->purifyHtml($Model, $data[$Model->alias][$field], $purifierConfig);
+			}
+		}
+		return $data;
+	}
+
 /**
  * Cleans markup
  *
@@ -48,4 +99,4 @@ public function purifyHtml(Model $Model, $markup, $config) {
 		return Purifier::clean($markup, $config);
 	}
 
-}
+}
diff --git a/README.md b/README.md
@@ -63,8 +63,7 @@ A pure HTML Purifier config might look like this one:
 ```php
 $config = HTMLPurifier_Config::createDefault();
 $config->set('HTML.AllowedElements', 'a, em, blockquote, p, strong, pre, code, span,ul,ol,li,img');
-$config->set('HTML.AllowedAttributes', 'a.href, a.title, img.src, img.alt');
-$config->set('HTML.AllowedAttributes', "*.style");
+$config->set('HTML.AllowedAttributes', 'a.href, a.title, img.src, img.alt, *.style');
 $config->set('CSS.AllowedProperties', 'text-decoration');
 $config->set('HTML.TidyLevel', 'heavy');
 $config->set('HTML.Doctype', 'XHTML 1.0 Transitional');

diff --git a/Test/Case/Model/Behavior/HtmlPurifierBehaviorTest.php b/Test/Case/Model/Behavior/HtmlPurifierBehaviorTest.php
@@ -0,0 +1,111 @@
+<?php
+App::uses('Model', 'Model');
+App::uses('HtmlPurifierBehavior', 'HtmlPurifier.HtmlPurifier/Behavior');
+
+class PurifierTestModel extends Model {
+
+	public $useTable = false;
+
+	public $actsAs = array(
+		'HtmlPurifier.HtmlPurifier' => array(
+			'purifierConfig' => 'default',
+			'fields' => array(
+				'markup'
+			)
+		)
+	);
+
+}
+
+class HtmlPurifierBehaviorTest extends CakeTestCase {
+
+/**
+ * Purifier property
+ *
+ * @var object
+ */
+	public $Purifier = null;
+
+/**
+ * Fixture data, unclean HTML to test against
+ *
+ * @var string
+ */
+	public $uncleanHtml = '<p style="font-weight: bold;"><script>alert("alert!");</script><span style="text-decoration: line-through;" _mce_style="text-decoration: line-through;">shsfhshs</span></p><p><strong>sdhsdhds</strong></p><p><em>shsdh</em><span style="text-decoration: underline;" _mce_style="text-decoration: underline;">dsh</span></p><ul><li>sdgsgssgd</li><li>sdgdsg</li><li>sdgsdgsg</li><li>sdgdg<br></li></ul>';
+
+/**
+ * Expected HTML
+ *
+ * @var string
+ */
+	public $expectedHtml = '<p><span style="text-decoration:line-through;">shsfhshs</span></p><p><strong>sdhsdhds</strong></p><p><em>shsdh</em><span style="text-decoration:underline;">dsh</span></p><ul><li>sdgsgssgd</li><li>sdgdsg</li><li>sdgsdgsg</li><li>sdgdg</li></ul>';
+
+/**
+ * setUp method
+ *
+ * @return void
+ */
+	public function setUp() {
+		parent::setUp();
+		$this->Model = ClassRegistry::init('PurifierTestModel');
+
+		Purifier::config('default', array(
+			'HTML.AllowedElements' => 'a, em, blockquote, p, strong, pre, code, span,ul,ol,li,img',
+			'HTML.AllowedAttributes' => 'a.href, a.title, img.src, img.alt, *.style',
+			'CSS.AllowedProperties' => 'text-decoration',
+			'HTML.TidyLevel' => 'heavy',
+			'HTML.Doctype' => 'XHTML 1.0 Transitional'
+		));
+	}
+
+/**
+ * tearDown method
+ *
+ * @return void
+ */
+	public function tearDown() {
+		parent::tearDown();
+		unset($this->Model);
+	}
+
+/**
+ * testCleanFields
+ *
+ * @return void
+ */
+	public function testCleanFields() {
+		$data = array(
+			'PurifierTestModel' => array(
+				'markup' => $this->uncleanHtml
+			)
+		);
+		$result = $this->Model->cleanFields($data);
+		$this->assertEquals($result['PurifierTestModel']['markup'], $this->expectedHtml);
+	}
+
+/**
+ * testBeforeSave
+ *
+ * @return void
+ */
+	public function testBeforeSave() {
+		$this->Model->set(array(
+			'PurifierTestModel' => array(
+				'markup' => $this->uncleanHtml
+			)
+		));
+		$this->Model->save();
+		$this->assertEquals($this->Model->data['PurifierTestModel']['markup'], $this->expectedHtml);
+	}
+
+/**
+ * testCleanSomeTinyMceOutput
+ *
+ * @var array
+ */
+	public function testCleanSomeTinyMceOutput() {
+		$html = $this->Model->purifyHtml($this->uncleanHtml, 'default');
+		$this->assertEquals($html, $this->expectedHtml);
+	}
+
+}
diff --git a/Test/Case/View/Helper/HtmlPurifierHelperTest.php b/Test/Case/View/Helper/HtmlPurifierHelperTest.php
@@ -4,7 +4,7 @@
 App::uses('AppHelper', 'View/Helper');
 App::uses('HtmlPurifierHelper', 'HtmlPurifier.View/Helper');
 
-class HtmlHelperTest extends CakeTestCase {
+class HtmlPurifierHelperTest extends CakeTestCase {
 
 /**
  * Purifier property
@@ -25,11 +25,11 @@ public function setUp() {
 
 		Purifier::config('default', array(
 			'HTML.AllowedElements' => 'a, em, blockquote, p, strong, pre, code, span,ul,ol,li,img',
-			'HTML.AllowedAttributes' => 'a.href, a.title, img.src, img.alt',
-			'HTML.AllowedAttributes' => "*.style",
+			'HTML.AllowedAttributes' => 'a.href, a.title, img.src, img.alt, *.style',
 			'CSS.AllowedProperties' => 'text-decoration',
 			'HTML.TidyLevel' => 'heavy',
-			'HTML.Doctype' => 'XHTML 1.0 Transitional'));
+			'HTML.Doctype' => 'XHTML 1.0 Transitional'
+		));
 	}
 
 /**
@@ -43,12 +43,14 @@ public function tearDown() {
 	}
 
 /**
- * 
+ * testCleanSomeTinyMceOutput
+ *
+ * @return void
  */
 	public function testCleanSomeTinyMceOutput() {
 		$html = '<p style="font-weight: bold;"><script>alert("alert!");</script><span style="text-decoration: line-through;" _mce_style="text-decoration: line-through;">shsfhshs</span></p><p><strong>sdhsdhds</strong></p><p><em>shsdh</em><span style="text-decoration: underline;" _mce_style="text-decoration: underline;">dsh</span></p><ul><li>sdgsgssgd</li><li>sdgdsg</li><li>sdgsdgsg</li><li>sdgdg<br></li></ul>';
 		$html = $this->Purifier->clean($html, 'default');
-		$this->assertEqual($html, '<p><span style="text-decoration:line-through;">shsfhshs</span></p><p><strong>sdhsdhds</strong></p><p><em>shsdh</em><span style="text-decoration:underline;">dsh</span></p><ul><li>sdgsgssgd</li><li>sdgdsg</li><li>sdgsdgsg</li><li>sdgdg</li></ul>');
+		$this->assertEquals($html, '<p><span style="text-decoration:line-through;">shsfhshs</span></p><p><strong>sdhsdhds</strong></p><p><em>shsdh</em><span style="text-decoration:underline;">dsh</span></p><ul><li>sdgsgssgd</li><li>sdgdsg</li><li>sdgsdgsg</li><li>sdgdg</li></ul>');
 	}
 
 }
diff --git a/composer.json b/composer.json
@@ -14,6 +14,10 @@
 	"minimum-stability": "stable",
 	"require": {
 		"php": ">=5.3.2",
-		"ezyang/htmlpurifier": "*"
+		"ezyang/htmlpurifier": "*",
+		"composer/installers": "*"
+	},
+	"extra": {
+		"installer-name": "HtmlPurifier"
 	}
 }