mirror of https://tt-rss.org/git/tt-rss.git
Address PHPStan warnings in 'classes/sanitizer.php'.
This also includes some minor tweaks to things that call 'Sanitizer::sanitize()'.
This commit is contained in:
wn_
parent
3f8aaffd34
commit
03495c11ed
|
|
@ -351,7 +351,7 @@ class API extends Handler {
|
|||
$article['content'] = Sanitizer::sanitize(
|
||||
$entry->content,
|
||||
self::_param_to_bool($entry->hide_images),
|
||||
false, $entry->site_url, false, $entry->id);
|
||||
null, $entry->site_url, null, $entry->id);
|
||||
} else {
|
||||
$article['content'] = $entry->content;
|
||||
}
|
||||
|
|
@ -746,7 +746,7 @@ class API extends Handler {
|
|||
$headline_row["content"] = Sanitizer::sanitize(
|
||||
$line["content"],
|
||||
self::_param_to_bool($line['hide_images']),
|
||||
false, $line["site_url"], false, $line["id"]);
|
||||
null, $line["site_url"], null, $line["id"]);
|
||||
} else {
|
||||
$headline_row["content"] = $line["content"];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -271,7 +271,7 @@ class Feeds extends Handler_Protected {
|
|||
$this->_mark_timestamp(" pre-sanitize");
|
||||
|
||||
$line["content"] = Sanitizer::sanitize($line["content"],
|
||||
$line['hide_images'], false, $line["site_url"], $highlight_words, $line["id"]);
|
||||
$line['hide_images'], null, $line["site_url"], $highlight_words, $line["id"]);
|
||||
|
||||
$this->_mark_timestamp(" sanitize");
|
||||
|
||||
|
|
|
|||
|
|
@ -109,7 +109,7 @@ class Handler_Public extends Handler {
|
|||
$tpl->setVariable('ARTICLE_EXCERPT', $line["content_preview"], true);
|
||||
|
||||
$content = Sanitizer::sanitize($line["content"], false, $owner_uid,
|
||||
$feed_site_url, false, $line["id"]);
|
||||
$feed_site_url, null, $line["id"]);
|
||||
|
||||
$content = DiskCache::rewrite_urls($content);
|
||||
|
||||
|
|
@ -207,7 +207,7 @@ class Handler_Public extends Handler {
|
|||
$article['link'] = $line['link'];
|
||||
$article['title'] = $line['title'];
|
||||
$article['excerpt'] = $line["content_preview"];
|
||||
$article['content'] = Sanitizer::sanitize($line["content"], false, $owner_uid, $feed_site_url, false, $line["id"]);
|
||||
$article['content'] = Sanitizer::sanitize($line["content"], false, $owner_uid, $feed_site_url, null, $line["id"]);
|
||||
$article['updated'] = date('c', strtotime($line["updated"]));
|
||||
|
||||
if (!empty($line['note'])) $article['note'] = $line['note'];
|
||||
|
|
|
|||
|
|
@ -1,6 +1,10 @@
|
|||
<?php
|
||||
class Sanitizer {
|
||||
private static function strip_harmful_tags($doc, $allowed_elements, $disallowed_attributes) {
|
||||
/**
|
||||
* @param array<int, string> $allowed_elements
|
||||
* @param array<int, string> $disallowed_attributes
|
||||
*/
|
||||
private static function strip_harmful_tags(DOMDocument $doc, array $allowed_elements, $disallowed_attributes): DOMDocument {
|
||||
$xpath = new DOMXPath($doc);
|
||||
$entries = $xpath->query('//*');
|
||||
|
||||
|
|
@ -40,7 +44,7 @@ class Sanitizer {
|
|||
return $doc;
|
||||
}
|
||||
|
||||
public static function iframe_whitelisted($entry) {
|
||||
public static function iframe_whitelisted(DOMNode $entry): bool {
|
||||
$src = parse_url($entry->getAttribute("src"), PHP_URL_HOST);
|
||||
|
||||
if (!empty($src))
|
||||
|
|
@ -49,11 +53,16 @@ class Sanitizer {
|
|||
return false;
|
||||
}
|
||||
|
||||
private static function is_prefix_https() {
|
||||
private static function is_prefix_https(): bool {
|
||||
return parse_url(Config::get(Config::SELF_URL_PATH), PHP_URL_SCHEME) == 'https';
|
||||
}
|
||||
|
||||
public static function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) {
|
||||
/**
|
||||
* @param array<int, string>|null $highlight_words Words to highlight in the HTML output.
|
||||
*
|
||||
* @return false|string The HTML, or false if an error occurred.
|
||||
*/
|
||||
public static function sanitize(string $str, bool $force_remove_images = false, int $owner = null, string $site_url = null, array $highlight_words = null, int $article_id = null) {
|
||||
|
||||
if (!$owner && isset($_SESSION["uid"]))
|
||||
$owner = $_SESSION["uid"];
|
||||
|
|
@ -183,7 +192,7 @@ class Sanitizer {
|
|||
$div->appendChild($entry);
|
||||
}
|
||||
|
||||
if ($highlight_words && is_array($highlight_words)) {
|
||||
if (is_array($highlight_words)) {
|
||||
foreach ($highlight_words as $word) {
|
||||
|
||||
// http://stackoverflow.com/questions/4081372/highlight-keywords-in-a-paragraph
|
||||
|
|
|
|||
|
|
@ -181,8 +181,14 @@
|
|||
return Feeds::_get_counters($feed, $is_cat, true, $_SESSION["uid"]);
|
||||
}
|
||||
|
||||
/** function is @deprecated by Sanitizer::sanitize() */
|
||||
function sanitize($str, $force_remove_images = false, $owner = false, $site_url = false, $highlight_words = false, $article_id = false) {
|
||||
/**
|
||||
* @deprecated by Sanitizer::sanitize()
|
||||
*
|
||||
* @param array<int, string>|null $highlight_words Words to highlight in the HTML output.
|
||||
*
|
||||
* @return false|string The HTML, or false if an error occurred.
|
||||
*/
|
||||
function sanitize(string $str, bool $force_remove_images = false, int $owner = null, string $site_url = null, array $highlight_words = null, int $article_id = null) {
|
||||
return Sanitizer::sanitize($str, $force_remove_images, $owner, $site_url, $highlight_words, $article_id);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -133,7 +133,7 @@ class Share extends Plugin {
|
|||
|
||||
$line["content"] = Sanitizer::sanitize($line["content"],
|
||||
$line['hide_images'],
|
||||
$owner_uid, $line["site_url"], false, $line["id"]);
|
||||
$owner_uid, $line["site_url"], null, $line["id"]);
|
||||
|
||||
PluginHost::getInstance()->chain_hooks_callback(PluginHost::HOOK_RENDER_ARTICLE,
|
||||
function ($result) use (&$line) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue