[civicrm-core.git] / CRM / Utils / API / HTMLInputCoder.php

<?php
/*
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC. All rights reserved.                        |
 |                                                                    |
 | This work is published under the GNU AGPLv3 license with some      |
 | permitted exceptions and without any warranty. For full license    |
 | and copyright information, see https://civicrm.org/licensing       |
 +--------------------------------------------------------------------+
 */

/**
 * This class captures the encoding practices of CRM-5667 in a reusable
 * fashion.  In this design, all submitted values are partially HTML-encoded
 * before saving to the database.  If a DB reader needs to output in
 * non-HTML medium, then it should undo the partial HTML encoding.
 *
 * This class should be short-lived -- 4.3 should introduce an alternative
 * escaping scheme and consequently remove HTMLInputCoder.
 *
 * @package CRM
 * @copyright CiviCRM LLC https://civicrm.org/licensing
 */
class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
  private $skipFields = NULL;

  /**
   * @var CRM_Utils_API_HTMLInputCoder
   */
  private static $_singleton = NULL;

  /**
   * @return CRM_Utils_API_HTMLInputCoder
   */
  public static function singleton() {
    if (self::$_singleton === NULL) {
      self::$_singleton = new CRM_Utils_API_HTMLInputCoder();
    }
    return self::$_singleton;
  }

  /**
   * Get skipped fields.
   *
   * @return array<string>
   *   list of field names
   */
  public function getSkipFields() {
    if ($this->skipFields === NULL) {
      $this->skipFields = [
        'widget_code',
        'html_message',
        'body_html',
        'msg_html',
        'description',
        'intro',
        'thankyou_text',
        'tf_thankyou_text',
        'intro_text',
        'page_text',
        'body_text',
        'footer_text',
        'thankyou_footer',
        'thankyou_footer_text',
        'new_text',
        'renewal_text',
        'help_pre',
        'help_post',
        'confirm_title',
        'confirm_text',
        'confirm_footer_text',
        'confirm_email_text',
        'event_full_text',
        'waitlist_text',
        'approval_req_text',
        'report_header',
        'report_footer',
        'cc_id',
        'bcc_id',
        'premiums_intro_text',
        'honor_block_text',
        'pay_later_text',
        'pay_later_receipt',
        // This is needed for FROM Email Address configuration. dgg
        'label',
        // This is needed for navigation items urls
        'url',
        'details',
        // message templates’ text versions
        'msg_text',
        // (send an) email to contact’s and CiviMail’s text version
        'text_message',
        // data i/p of persistent table
        'data',
        // CRM-6673
        'sqlQuery',
        'pcp_title',
        'pcp_intro_text',
        // The 'new' text in word replacements
        'new',
        // e.g. '"Full Name" <user@example.org>'
        'replyto_email',
        'operator',
        // CRM-20468
        'content',
        // CiviCampaign Goal Details
        'goal_general',
        // https://lab.civicrm.org/dev/core/issues/1286
        'header',
        // https://lab.civicrm.org/dev/core/issues/1286
        'footer',
      ];
      $custom = CRM_Core_DAO::executeQuery('SELECT id FROM civicrm_custom_field WHERE html_type = "RichTextEditor"');
      while ($custom->fetch()) {
        $this->skipFields[] = 'custom_' . $custom->id;
      }
    }
    return $this->skipFields;
  }

  /**
   * going to filter the
   * submitted values across XSS vulnerability.
   *
   * @param array|string $values
   * @param bool $castToString
   *   If TRUE, all scalars will be filtered (and therefore cast to strings).
   *    If FALSE, then non-string values will be preserved
   */
  public function encodeInput(&$values, $castToString = FALSE) {
    if (is_array($values)) {
      foreach ($values as &$value) {
        $this->encodeInput($value, TRUE);
      }
    }
    elseif ($castToString || is_string($values)) {
      $values = $this->encodeValue($values);
    }
  }

  public function encodeValue($value) {
    return str_replace(['<', '>'], ['&lt;', '&gt;'], $value);
  }

  /**
   * Perform in-place decode on strings (in a list of records).
   *
   * @param array $rows
   *   Ex in: $rows[0] = ['first_name' => 'A&W'].
   *   Ex out: $rows[0] = ['first_name' => 'A&amp;W'].
   */
  public function encodeRows(&$rows) {
    foreach ($rows as $rid => $row) {
      $this->encodeRow($rows[$rid]);
    }
  }

  /**
   * Perform in-place encode on strings (in a single record).
   *
   * @param array $row
   *   Ex in: ['first_name' => 'A&W'].
   *   Ex out: ['first_name' => 'A&amp;W'].
   */
  public function encodeRow(&$row) {
    foreach ($row as $k => $v) {
      if (is_string($v) && !$this->isSkippedField($k)) {
        $row[$k] = $this->encodeValue($v);
      }
    }
  }

  /**
   * @param array $values
   * @param bool $castToString
   */
  public function decodeOutput(&$values, $castToString = FALSE) {
    if (is_array($values)) {
      foreach ($values as &$value) {
        $this->decodeOutput($value, TRUE);
      }
    }
    elseif ($castToString || is_string($values)) {
      $values = $this->decodeValue($values);
    }
  }

  public function decodeValue($value) {
    return str_replace(['&lt;', '&gt;'], ['<', '>'], $value);
  }

  /**
   * Perform in-place decode on strings (in a list of records).
   *
   * @param array $rows
   *   Ex in: $rows[0] = ['first_name' => 'A&amp;W'].
   *   Ex out: $rows[0] = ['first_name' => 'A&W'].
   */
  public function decodeRows(&$rows) {
    foreach ($rows as $rid => $row) {
      $this->decodeRow($rows[$rid]);
    }
  }

  /**
   * Perform in-place decode on strings (in a single record).
   *
   * @param array $row
   *   Ex in: ['first_name' => 'A&amp;W'].
   *   Ex out: ['first_name' => 'A&W'].
   */
  public function decodeRow(&$row) {
    foreach ($row as $k => $v) {
      if (is_string($v) && !$this->isSkippedField($k)) {
        $row[$k] = $this->decodeValue($v);
      }
    }
  }

}
Commit	Line	Data
a9396478 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
bc77d7c0	4	\| Copyright CiviCRM LLC. All rights reserved. \|
a9396478	5	\| \|
bc77d7c0 TO	6	\| This work is published under the GNU AGPLv3 license with some \|
	7	\| permitted exceptions and without any warranty. For full license \|
	8	\| and copyright information, see https://civicrm.org/licensing \|
a9396478	9	+--------------------------------------------------------------------+
d25dd0ee	10	*/
a9396478 TO	11
	12	/**
	13	* This class captures the encoding practices of CRM-5667 in a reusable
	14	* fashion. In this design, all submitted values are partially HTML-encoded
	15	* before saving to the database. If a DB reader needs to output in
	16	* non-HTML medium, then it should undo the partial HTML encoding.
	17	*
	18	* This class should be short-lived -- 4.3 should introduce an alternative
	19	* escaping scheme and consequently remove HTMLInputCoder.
	20	*
	21	* @package CRM
ca5cec67	22	* @copyright CiviCRM LLC https://civicrm.org/licensing
a9396478	23	*/
a9396478 TO	24	class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
	25	private $skipFields = NULL;
	26
	27	/**
	28	* @var CRM_Utils_API_HTMLInputCoder
	29	*/
	30	private static $_singleton = NULL;
	31
	32	/**
	33	* @return CRM_Utils_API_HTMLInputCoder
	34	*/
	35	public static function singleton() {
	36	if (self::$_singleton === NULL) {
	37	self::$_singleton = new CRM_Utils_API_HTMLInputCoder();
	38	}
	39	return self::$_singleton;
	40	}
	41
	42	/**
3d469574	43	* Get skipped fields.
	44	*
	45	* @return array<string>
	46	* list of field names
a9396478 TO	47	*/
	48	public function getSkipFields() {
	49	if ($this->skipFields === NULL) {
be2fb01f	50	$this->skipFields = [
a9396478 TO	51	'widget_code',
	52	'html_message',
	53	'body_html',
	54	'msg_html',
	55	'description',
	56	'intro',
	57	'thankyou_text',
	58	'tf_thankyou_text',
	59	'intro_text',
	60	'page_text',
	61	'body_text',
	62	'footer_text',
	63	'thankyou_footer',
	64	'thankyou_footer_text',
	65	'new_text',
	66	'renewal_text',
	67	'help_pre',
	68	'help_post',
	69	'confirm_title',
	70	'confirm_text',
	71	'confirm_footer_text',
	72	'confirm_email_text',
	73	'event_full_text',
	74	'waitlist_text',
	75	'approval_req_text',
	76	'report_header',
	77	'report_footer',
	78	'cc_id',
	79	'bcc_id',
	80	'premiums_intro_text',
	81	'honor_block_text',
	82	'pay_later_text',
	83	'pay_later_receipt',
6714d8d2 SL	84	// This is needed for FROM Email Address configuration. dgg
	85	'label',
	86	// This is needed for navigation items urls
	87	'url',
a9396478	88	'details',
6714d8d2 SL	89	// message templates’ text versions
	90	'msg_text',
	91	// (send an) email to contact’s and CiviMail’s text version
	92	'text_message',
	93	// data i/p of persistent table
	94	'data',
	95	// CRM-6673
	96	'sqlQuery',
a9396478 TO	97	'pcp_title',
a9396478 TO	98	'pcp_intro_text',
6714d8d2 SL	99	// The 'new' text in word replacements
	100	'new',
	101	// e.g. '"Full Name" <user@example.org>'
	102	'replyto_email',
a265eee1	103	'operator',
6714d8d2 SL	104	// CRM-20468
6714d8d2 SL	105	'content',
1107b319 SL	106	// CiviCampaign Goal Details
1107b319 SL	107	'goal_general',
edc4d8e7 MM	108	// https://lab.civicrm.org/dev/core/issues/1286
	109	'header',
	110	// https://lab.civicrm.org/dev/core/issues/1286
	111	'footer',
be2fb01f	112	];
ece8de2d CW	113	$custom = CRM_Core_DAO::executeQuery('SELECT id FROM civicrm_custom_field WHERE html_type = "RichTextEditor"');
	114	while ($custom->fetch()) {
	115	$this->skipFields[] = 'custom_' . $custom->id;
	116	}
a9396478 TO	117	}
	118	return $this->skipFields;
	119	}
	120
	121	/**
dc195289	122	* going to filter the
a9396478 TO	123	* submitted values across XSS vulnerability.
	124	*
	125	* @param array\|string $values
77855840 TO	126	* @param bool $castToString
77855840 TO	127	* If TRUE, all scalars will be filtered (and therefore cast to strings).
a9396478 TO	128	* If FALSE, then non-string values will be preserved
	129	*/
	130	public function encodeInput(&$values, $castToString = FALSE) {
	131	if (is_array($values)) {
	132	foreach ($values as &$value) {
	133	$this->encodeInput($value, TRUE);
	134	}
0db6c3e1 TO	135	}
0db6c3e1 TO	136	elseif ($castToString \|\| is_string($values)) {
d37a188f TO	137	$values = $this->encodeValue($values);
	138	}
	139	}
	140
	141	public function encodeValue($value) {
	142	return str_replace(['<', '>'], ['<', '>'], $value);
	143	}
	144
	145	/**
	146	* Perform in-place decode on strings (in a list of records).
	147	*
	148	* @param array $rows
	149	* Ex in: $rows[0] = ['first_name' => 'A&W'].
	150	* Ex out: $rows[0] = ['first_name' => 'A&W'].
	151	*/
	152	public function encodeRows(&$rows) {
	153	foreach ($rows as $rid => $row) {
	154	$this->encodeRow($rows[$rid]);
	155	}
	156	}
	157
	158	/**
	159	* Perform in-place encode on strings (in a single record).
	160	*
	161	* @param array $row
	162	* Ex in: ['first_name' => 'A&W'].
	163	* Ex out: ['first_name' => 'A&W'].
	164	*/
	165	public function encodeRow(&$row) {
	166	foreach ($row as $k => $v) {
	167	if (is_string($v) && !$this->isSkippedField($k)) {
	168	$row[$k] = $this->encodeValue($v);
	169	}
a9396478 TO	170	}
	171	}
	172
5bc392e6	173	/**
ae5ffbb7	174	* @param array $values
5bc392e6 EM	175	* @param bool $castToString
5bc392e6 EM	176	*/
a9396478 TO	177	public function decodeOutput(&$values, $castToString = FALSE) {
	178	if (is_array($values)) {
	179	foreach ($values as &$value) {
	180	$this->decodeOutput($value, TRUE);
	181	}
0db6c3e1 TO	182	}
0db6c3e1 TO	183	elseif ($castToString \|\| is_string($values)) {
d37a188f TO	184	$values = $this->decodeValue($values);
	185	}
	186	}
	187
	188	public function decodeValue($value) {
	189	return str_replace(['<', '>'], ['<', '>'], $value);
	190	}
	191
	192	/**
	193	* Perform in-place decode on strings (in a list of records).
	194	*
	195	* @param array $rows
	196	* Ex in: $rows[0] = ['first_name' => 'A&W'].
	197	* Ex out: $rows[0] = ['first_name' => 'A&W'].
	198	*/
	199	public function decodeRows(&$rows) {
	200	foreach ($rows as $rid => $row) {
	201	$this->decodeRow($rows[$rid]);
	202	}
	203	}
	204
	205	/**
	206	* Perform in-place decode on strings (in a single record).
	207	*
	208	* @param array $row
	209	* Ex in: ['first_name' => 'A&W'].
	210	* Ex out: ['first_name' => 'A&W'].
	211	*/
	212	public function decodeRow(&$row) {
	213	foreach ($row as $k => $v) {
	214	if (is_string($v) && !$this->isSkippedField($k)) {
	215	$row[$k] = $this->decodeValue($v);
	216	}
a9396478 TO	217	}
a9396478 TO	218	}
96025800	219
a9396478	220	}