[civicrm-core.git] / CRM / Utils / API / HTMLInputCoder.php

<?php
/*
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC. All rights reserved.                        |
 |                                                                    |
 | This work is published under the GNU AGPLv3 license with some      |
 | permitted exceptions and without any warranty. For full license    |
 | and copyright information, see https://civicrm.org/licensing       |
 +--------------------------------------------------------------------+
 */

/**
 * This class captures the encoding practices of CRM-5667 in a reusable
 * fashion.  In this design, all submitted values are partially HTML-encoded
 * before saving to the database.  If a DB reader needs to output in
 * non-HTML medium, then it should undo the partial HTML encoding.
 *
 * This class should be short-lived -- 4.3 should introduce an alternative
 * escaping scheme and consequently remove HTMLInputCoder.
 *
 * @package CRM
 * @copyright CiviCRM LLC https://civicrm.org/licensing
 */
class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
  private $skipFields = NULL;

  /**
   * @var CRM_Utils_API_HTMLInputCoder
   */
  private static $_singleton = NULL;

  /**
   * @return CRM_Utils_API_HTMLInputCoder
   */
  public static function singleton() {
    if (self::$_singleton === NULL) {
      self::$_singleton = new CRM_Utils_API_HTMLInputCoder();
    }
    return self::$_singleton;
  }

  /**
   * Get skipped fields.
   *
   * @return array<string>
   *   list of field names
   */
  public function getSkipFields() {
    if ($this->skipFields === NULL) {
      $this->skipFields = [
        'widget_code',
        'html_message',
        'body_html',
        'msg_html',
        'description',
        'intro',
        'thankyou_text',
        'tf_thankyou_text',
        'intro_text',
        'page_text',
        'body_text',
        'footer_text',
        'thankyou_footer',
        'thankyou_footer_text',
        'new_text',
        'renewal_text',
        'help_pre',
        'help_post',
        'confirm_title',
        'confirm_text',
        'confirm_footer_text',
        'confirm_email_text',
        'event_full_text',
        'waitlist_text',
        'approval_req_text',
        'report_header',
        'report_footer',
        'cc_id',
        'bcc_id',
        'premiums_intro_text',
        'honor_block_text',
        'pay_later_text',
        'pay_later_receipt',
        // This is needed for FROM Email Address configuration. dgg
        'label',
        // This is needed for navigation items urls
        'url',
        'details',
        // message templates’ text versions
        'msg_text',
        // (send an) email to contact’s and CiviMail’s text version
        'text_message',
        // data i/p of persistent table
        'data',
        // CRM-6673
        'sqlQuery',
        'pcp_title',
        'pcp_intro_text',
        // The 'new' text in word replacements
        'new',
        // e.g. '"Full Name" <user@example.org>'
        'replyto_email',
        'operator',
        // CRM-20468
        'content',
        // CiviCampaign Goal Details
        'goal_general',
        // https://lab.civicrm.org/dev/core/issues/1286
        'header',
        // https://lab.civicrm.org/dev/core/issues/1286
        'footer',
        // SavedSearch entity
        'api_params',
        // SearchDisplay entity
        'settings',
      ];
      $custom = CRM_Core_DAO::executeQuery('SELECT id FROM civicrm_custom_field WHERE html_type = "RichTextEditor"');
      while ($custom->fetch()) {
        $this->skipFields[] = 'custom_' . $custom->id;
      }
    }
    return $this->skipFields;
  }

  /**
   * going to filter the
   * submitted values across XSS vulnerability.
   *
   * @param array|string $values
   * @param bool $castToString
   *   If TRUE, all scalars will be filtered (and therefore cast to strings).
   *    If FALSE, then non-string values will be preserved
   */
  public function encodeInput(&$values, $castToString = FALSE) {
    if (is_array($values)) {
      foreach ($values as &$value) {
        $this->encodeInput($value, TRUE);
      }
    }
    elseif ($castToString || is_string($values)) {
      $values = $this->encodeValue($values);
    }
  }

  public function encodeValue($value) {
    return str_replace(['<', '>'], ['&lt;', '&gt;'], $value);
  }

  /**
   * Perform in-place decode on strings (in a list of records).
   *
   * @param array $rows
   *   Ex in: $rows[0] = ['first_name' => 'A&W'].
   *   Ex out: $rows[0] = ['first_name' => 'A&amp;W'].
   */
  public function encodeRows(&$rows) {
    foreach ($rows as $rid => $row) {
      $this->encodeRow($rows[$rid]);
    }
  }

  /**
   * Perform in-place encode on strings (in a single record).
   *
   * @param array $row
   *   Ex in: ['first_name' => 'A&W'].
   *   Ex out: ['first_name' => 'A&amp;W'].
   */
  public function encodeRow(&$row) {
    foreach ($row as $k => $v) {
      if (is_string($v) && !$this->isSkippedField($k)) {
        $row[$k] = $this->encodeValue($v);
      }
    }
  }

  /**
   * @param array $values
   * @param bool $castToString
   */
  public function decodeOutput(&$values, $castToString = FALSE) {
    if (is_array($values)) {
      foreach ($values as &$value) {
        $this->decodeOutput($value, TRUE);
      }
    }
    elseif ($castToString || is_string($values)) {
      $values = $this->decodeValue($values);
    }
  }

  public function decodeValue($value) {
    return str_replace(['&lt;', '&gt;'], ['<', '>'], $value);
  }

  /**
   * Perform in-place decode on strings (in a list of records).
   *
   * @param array $rows
   *   Ex in: $rows[0] = ['first_name' => 'A&amp;W'].
   *   Ex out: $rows[0] = ['first_name' => 'A&W'].
   */
  public function decodeRows(&$rows) {
    foreach ($rows as $rid => $row) {
      $this->decodeRow($rows[$rid]);
    }
  }

  /**
   * Perform in-place decode on strings (in a single record).
   *
   * @param array $row
   *   Ex in: ['first_name' => 'A&amp;W'].
   *   Ex out: ['first_name' => 'A&W'].
   */
  public function decodeRow(&$row) {
    foreach ($row as $k => $v) {
      if (is_string($v) && !$this->isSkippedField($k)) {
        $row[$k] = $this->decodeValue($v);
      }
    }
  }

}
Commit	Line	Data
a9396478 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
bc77d7c0	4	\| Copyright CiviCRM LLC. All rights reserved. \|
a9396478	5	\| \|
bc77d7c0 TO	6	\| This work is published under the GNU AGPLv3 license with some \|
	7	\| permitted exceptions and without any warranty. For full license \|
	8	\| and copyright information, see https://civicrm.org/licensing \|
a9396478	9	+--------------------------------------------------------------------+
d25dd0ee	10	*/
a9396478 TO	11
	12	/**
	13	* This class captures the encoding practices of CRM-5667 in a reusable
	14	* fashion. In this design, all submitted values are partially HTML-encoded
	15	* before saving to the database. If a DB reader needs to output in
	16	* non-HTML medium, then it should undo the partial HTML encoding.
	17	*
	18	* This class should be short-lived -- 4.3 should introduce an alternative
	19	* escaping scheme and consequently remove HTMLInputCoder.
	20	*
	21	* @package CRM
ca5cec67	22	* @copyright CiviCRM LLC https://civicrm.org/licensing
a9396478	23	*/
a9396478 TO	24	class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
	25	private $skipFields = NULL;
	26
	27	/**
	28	* @var CRM_Utils_API_HTMLInputCoder
	29	*/
	30	private static $_singleton = NULL;
	31
	32	/**
	33	* @return CRM_Utils_API_HTMLInputCoder
	34	*/
	35	public static function singleton() {
	36	if (self::$_singleton === NULL) {
	37	self::$_singleton = new CRM_Utils_API_HTMLInputCoder();
	38	}
	39	return self::$_singleton;
	40	}
	41
	42	/**
3d469574	43	* Get skipped fields.
	44	*
	45	* @return array<string>
	46	* list of field names
a9396478 TO	47	*/
	48	public function getSkipFields() {
	49	if ($this->skipFields === NULL) {
be2fb01f	50	$this->skipFields = [
a9396478 TO	51	'widget_code',
	52	'html_message',
	53	'body_html',
	54	'msg_html',
	55	'description',
	56	'intro',
	57	'thankyou_text',
	58	'tf_thankyou_text',
	59	'intro_text',
	60	'page_text',
	61	'body_text',
	62	'footer_text',
	63	'thankyou_footer',
	64	'thankyou_footer_text',
	65	'new_text',
	66	'renewal_text',
	67	'help_pre',
	68	'help_post',
	69	'confirm_title',
	70	'confirm_text',
	71	'confirm_footer_text',
	72	'confirm_email_text',
	73	'event_full_text',
	74	'waitlist_text',
	75	'approval_req_text',
	76	'report_header',
	77	'report_footer',
	78	'cc_id',
	79	'bcc_id',
	80	'premiums_intro_text',
	81	'honor_block_text',
	82	'pay_later_text',
	83	'pay_later_receipt',
6714d8d2 SL	84	// This is needed for FROM Email Address configuration. dgg
	85	'label',
	86	// This is needed for navigation items urls
	87	'url',
a9396478	88	'details',
6714d8d2 SL	89	// message templates’ text versions
	90	'msg_text',
	91	// (send an) email to contact’s and CiviMail’s text version
	92	'text_message',
	93	// data i/p of persistent table
	94	'data',
	95	// CRM-6673
	96	'sqlQuery',
a9396478 TO	97	'pcp_title',
a9396478 TO	98	'pcp_intro_text',
6714d8d2 SL	99	// The 'new' text in word replacements
	100	'new',
	101	// e.g. '"Full Name" <user@example.org>'
	102	'replyto_email',
a265eee1	103	'operator',
6714d8d2 SL	104	// CRM-20468
6714d8d2 SL	105	'content',
1107b319 SL	106	// CiviCampaign Goal Details
1107b319 SL	107	'goal_general',
edc4d8e7 MM	108	// https://lab.civicrm.org/dev/core/issues/1286
	109	'header',
	110	// https://lab.civicrm.org/dev/core/issues/1286
	111	'footer',
23e56526 CW	112	// SavedSearch entity
23e56526 CW	113	'api_params',
07e07e87 CW	114	// SearchDisplay entity
07e07e87 CW	115	'settings',
be2fb01f	116	];
ece8de2d CW	117	$custom = CRM_Core_DAO::executeQuery('SELECT id FROM civicrm_custom_field WHERE html_type = "RichTextEditor"');
	118	while ($custom->fetch()) {
	119	$this->skipFields[] = 'custom_' . $custom->id;
	120	}
a9396478 TO	121	}
	122	return $this->skipFields;
	123	}
	124
	125	/**
dc195289	126	* going to filter the
a9396478 TO	127	* submitted values across XSS vulnerability.
	128	*
	129	* @param array\|string $values
77855840 TO	130	* @param bool $castToString
77855840 TO	131	* If TRUE, all scalars will be filtered (and therefore cast to strings).
a9396478 TO	132	* If FALSE, then non-string values will be preserved
	133	*/
	134	public function encodeInput(&$values, $castToString = FALSE) {
	135	if (is_array($values)) {
	136	foreach ($values as &$value) {
	137	$this->encodeInput($value, TRUE);
	138	}
0db6c3e1 TO	139	}
0db6c3e1 TO	140	elseif ($castToString \|\| is_string($values)) {
d37a188f TO	141	$values = $this->encodeValue($values);
	142	}
	143	}
	144
	145	public function encodeValue($value) {
	146	return str_replace(['<', '>'], ['<', '>'], $value);
	147	}
	148
	149	/**
	150	* Perform in-place decode on strings (in a list of records).
	151	*
	152	* @param array $rows
	153	* Ex in: $rows[0] = ['first_name' => 'A&W'].
	154	* Ex out: $rows[0] = ['first_name' => 'A&W'].
	155	*/
	156	public function encodeRows(&$rows) {
	157	foreach ($rows as $rid => $row) {
	158	$this->encodeRow($rows[$rid]);
	159	}
	160	}
	161
	162	/**
	163	* Perform in-place encode on strings (in a single record).
	164	*
	165	* @param array $row
	166	* Ex in: ['first_name' => 'A&W'].
	167	* Ex out: ['first_name' => 'A&W'].
	168	*/
	169	public function encodeRow(&$row) {
	170	foreach ($row as $k => $v) {
	171	if (is_string($v) && !$this->isSkippedField($k)) {
	172	$row[$k] = $this->encodeValue($v);
	173	}
a9396478 TO	174	}
	175	}
	176
5bc392e6	177	/**
ae5ffbb7	178	* @param array $values
5bc392e6 EM	179	* @param bool $castToString
5bc392e6 EM	180	*/
a9396478 TO	181	public function decodeOutput(&$values, $castToString = FALSE) {
	182	if (is_array($values)) {
	183	foreach ($values as &$value) {
	184	$this->decodeOutput($value, TRUE);
	185	}
0db6c3e1 TO	186	}
0db6c3e1 TO	187	elseif ($castToString \|\| is_string($values)) {
d37a188f TO	188	$values = $this->decodeValue($values);
	189	}
	190	}
	191
	192	public function decodeValue($value) {
	193	return str_replace(['<', '>'], ['<', '>'], $value);
	194	}
	195
	196	/**
	197	* Perform in-place decode on strings (in a list of records).
	198	*
	199	* @param array $rows
	200	* Ex in: $rows[0] = ['first_name' => 'A&W'].
	201	* Ex out: $rows[0] = ['first_name' => 'A&W'].
	202	*/
	203	public function decodeRows(&$rows) {
	204	foreach ($rows as $rid => $row) {
	205	$this->decodeRow($rows[$rid]);
	206	}
	207	}
	208
	209	/**
	210	* Perform in-place decode on strings (in a single record).
	211	*
	212	* @param array $row
	213	* Ex in: ['first_name' => 'A&W'].
	214	* Ex out: ['first_name' => 'A&W'].
	215	*/
	216	public function decodeRow(&$row) {
	217	foreach ($row as $k => $v) {
	218	if (is_string($v) && !$this->isSkippedField($k)) {
	219	$row[$k] = $this->decodeValue($v);
	220	}
a9396478 TO	221	}
a9396478 TO	222	}
96025800	223
a9396478	224	}