[civicrm-core.git] / CRM / Utils / API / HTMLInputCoder.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 5                                                  |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2019                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License and the CiviCRM Licensing Exception along                  |
 | with this program; if not, contact CiviCRM LLC                     |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
 */

/**
 * This class captures the encoding practices of CRM-5667 in a reusable
 * fashion.  In this design, all submitted values are partially HTML-encoded
 * before saving to the database.  If a DB reader needs to output in
 * non-HTML medium, then it should undo the partial HTML encoding.
 *
 * This class should be short-lived -- 4.3 should introduce an alternative
 * escaping scheme and consequently remove HTMLInputCoder.
 *
 * @package CRM
 * @copyright CiviCRM LLC (c) 2004-2019
 */
class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
  private $skipFields = NULL;

  /**
   * @var CRM_Utils_API_HTMLInputCoder
   */
  private static $_singleton = NULL;

  /**
   * @return CRM_Utils_API_HTMLInputCoder
   */
  public static function singleton() {
    if (self::$_singleton === NULL) {
      self::$_singleton = new CRM_Utils_API_HTMLInputCoder();
    }
    return self::$_singleton;
  }

  /**
   * Get skipped fields.
   *
   * @return array<string>
   *   list of field names
   */
  public function getSkipFields() {
    if ($this->skipFields === NULL) {
      $this->skipFields = [
        'widget_code',
        'html_message',
        'body_html',
        'msg_html',
        'description',
        'intro',
        'thankyou_text',
        'tf_thankyou_text',
        'intro_text',
        'page_text',
        'body_text',
        'footer_text',
        'thankyou_footer',
        'thankyou_footer_text',
        'new_text',
        'renewal_text',
        'help_pre',
        'help_post',
        'confirm_title',
        'confirm_text',
        'confirm_footer_text',
        'confirm_email_text',
        'event_full_text',
        'waitlist_text',
        'approval_req_text',
        'report_header',
        'report_footer',
        'cc_id',
        'bcc_id',
        'premiums_intro_text',
        'honor_block_text',
        'pay_later_text',
        'pay_later_receipt',
        // This is needed for FROM Email Address configuration. dgg
        'label',
        // This is needed for navigation items urls
        'url',
        'details',
        // message templates’ text versions
        'msg_text',
        // (send an) email to contact’s and CiviMail’s text version
        'text_message',
        // data i/p of persistent table
        'data',
        // CRM-6673
        'sqlQuery',
        'pcp_title',
        'pcp_intro_text',
        // The 'new' text in word replacements
        'new',
        // e.g. '"Full Name" <user@example.org>'
        'replyto_email',
        'operator',
        // CRM-20468
        'content',
      ];
      $custom = CRM_Core_DAO::executeQuery('SELECT id FROM civicrm_custom_field WHERE html_type = "RichTextEditor"');
      while ($custom->fetch()) {
        $this->skipFields[] = 'custom_' . $custom->id;
      }
    }
    return $this->skipFields;
  }

  /**
   * going to filter the
   * submitted values across XSS vulnerability.
   *
   * @param array|string $values
   * @param bool $castToString
   *   If TRUE, all scalars will be filtered (and therefore cast to strings).
   *    If FALSE, then non-string values will be preserved
   */
  public function encodeInput(&$values, $castToString = FALSE) {
    if (is_array($values)) {
      foreach ($values as &$value) {
        $this->encodeInput($value, TRUE);
      }
    }
    elseif ($castToString || is_string($values)) {
      $values = str_replace(['<', '>'], ['&lt;', '&gt;'], $values);
    }
  }

  /**
   * @param array $values
   * @param bool $castToString
   */
  public function decodeOutput(&$values, $castToString = FALSE) {
    if (is_array($values)) {
      foreach ($values as &$value) {
        $this->decodeOutput($value, TRUE);
      }
    }
    elseif ($castToString || is_string($values)) {
      $values = str_replace(['&lt;', '&gt;'], ['<', '>'], $values);
    }
  }

}
Commit	Line	Data
a9396478 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
fee14197	4	\| CiviCRM version 5 \|
a9396478	5	+--------------------------------------------------------------------+
6b83d5bd	6	\| Copyright CiviCRM LLC (c) 2004-2019 \|
a9396478 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License and the CiviCRM Licensing Exception along \|
	21	\| with this program; if not, contact CiviCRM LLC \|
	22	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	23	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	24	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	25	+--------------------------------------------------------------------+
d25dd0ee	26	*/
a9396478 TO	27
	28	/**
	29	* This class captures the encoding practices of CRM-5667 in a reusable
	30	* fashion. In this design, all submitted values are partially HTML-encoded
	31	* before saving to the database. If a DB reader needs to output in
	32	* non-HTML medium, then it should undo the partial HTML encoding.
	33	*
	34	* This class should be short-lived -- 4.3 should introduce an alternative
	35	* escaping scheme and consequently remove HTMLInputCoder.
	36	*
	37	* @package CRM
6b83d5bd	38	* @copyright CiviCRM LLC (c) 2004-2019
a9396478	39	*/
a9396478 TO	40	class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
	41	private $skipFields = NULL;
	42
	43	/**
	44	* @var CRM_Utils_API_HTMLInputCoder
	45	*/
	46	private static $_singleton = NULL;
	47
	48	/**
	49	* @return CRM_Utils_API_HTMLInputCoder
	50	*/
	51	public static function singleton() {
	52	if (self::$_singleton === NULL) {
	53	self::$_singleton = new CRM_Utils_API_HTMLInputCoder();
	54	}
	55	return self::$_singleton;
	56	}
	57
	58	/**
3d469574	59	* Get skipped fields.
	60	*
	61	* @return array<string>
	62	* list of field names
a9396478 TO	63	*/
	64	public function getSkipFields() {
	65	if ($this->skipFields === NULL) {
be2fb01f	66	$this->skipFields = [
a9396478 TO	67	'widget_code',
	68	'html_message',
	69	'body_html',
	70	'msg_html',
	71	'description',
	72	'intro',
	73	'thankyou_text',
	74	'tf_thankyou_text',
	75	'intro_text',
	76	'page_text',
	77	'body_text',
	78	'footer_text',
	79	'thankyou_footer',
	80	'thankyou_footer_text',
	81	'new_text',
	82	'renewal_text',
	83	'help_pre',
	84	'help_post',
	85	'confirm_title',
	86	'confirm_text',
	87	'confirm_footer_text',
	88	'confirm_email_text',
	89	'event_full_text',
	90	'waitlist_text',
	91	'approval_req_text',
	92	'report_header',
	93	'report_footer',
	94	'cc_id',
	95	'bcc_id',
	96	'premiums_intro_text',
	97	'honor_block_text',
	98	'pay_later_text',
	99	'pay_later_receipt',
6714d8d2 SL	100	// This is needed for FROM Email Address configuration. dgg
	101	'label',
	102	// This is needed for navigation items urls
	103	'url',
a9396478	104	'details',
6714d8d2 SL	105	// message templates’ text versions
	106	'msg_text',
	107	// (send an) email to contact’s and CiviMail’s text version
	108	'text_message',
	109	// data i/p of persistent table
	110	'data',
	111	// CRM-6673
	112	'sqlQuery',
a9396478 TO	113	'pcp_title',
a9396478 TO	114	'pcp_intro_text',
6714d8d2 SL	115	// The 'new' text in word replacements
	116	'new',
	117	// e.g. '"Full Name" <user@example.org>'
	118	'replyto_email',
a265eee1	119	'operator',
6714d8d2 SL	120	// CRM-20468
6714d8d2 SL	121	'content',
be2fb01f	122	];
ece8de2d CW	123	$custom = CRM_Core_DAO::executeQuery('SELECT id FROM civicrm_custom_field WHERE html_type = "RichTextEditor"');
	124	while ($custom->fetch()) {
	125	$this->skipFields[] = 'custom_' . $custom->id;
	126	}
a9396478 TO	127	}
	128	return $this->skipFields;
	129	}
	130
	131	/**
dc195289	132	* going to filter the
a9396478 TO	133	* submitted values across XSS vulnerability.
	134	*
	135	* @param array\|string $values
77855840 TO	136	* @param bool $castToString
77855840 TO	137	* If TRUE, all scalars will be filtered (and therefore cast to strings).
a9396478 TO	138	* If FALSE, then non-string values will be preserved
	139	*/
	140	public function encodeInput(&$values, $castToString = FALSE) {
	141	if (is_array($values)) {
	142	foreach ($values as &$value) {
	143	$this->encodeInput($value, TRUE);
	144	}
0db6c3e1 TO	145	}
0db6c3e1 TO	146	elseif ($castToString \|\| is_string($values)) {
be2fb01f	147	$values = str_replace(['<', '>'], ['<', '>'], $values);
a9396478 TO	148	}
	149	}
	150
5bc392e6	151	/**
ae5ffbb7	152	* @param array $values
5bc392e6 EM	153	* @param bool $castToString
5bc392e6 EM	154	*/
a9396478 TO	155	public function decodeOutput(&$values, $castToString = FALSE) {
	156	if (is_array($values)) {
	157	foreach ($values as &$value) {
	158	$this->decodeOutput($value, TRUE);
	159	}
0db6c3e1 TO	160	}
0db6c3e1 TO	161	elseif ($castToString \|\| is_string($values)) {
be2fb01f	162	$values = str_replace(['<', '>'], ['<', '>'], $values);
a9396478 TO	163	}
a9396478 TO	164	}
96025800	165
a9396478	166	}