[civicrm-core.git] / CRM / Utils / API / HTMLInputCoder.php

<?php
/*
 +--------------------------------------------------------------------+
 | CiviCRM version 5                                                  |
 +--------------------------------------------------------------------+
 | Copyright CiviCRM LLC (c) 2004-2019                                |
 +--------------------------------------------------------------------+
 | This file is a part of CiviCRM.                                    |
 |                                                                    |
 | CiviCRM is free software; you can copy, modify, and distribute it  |
 | under the terms of the GNU Affero General Public License           |
 | Version 3, 19 November 2007 and the CiviCRM Licensing Exception.   |
 |                                                                    |
 | CiviCRM is distributed in the hope that it will be useful, but     |
 | WITHOUT ANY WARRANTY; without even the implied warranty of         |
 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.               |
 | See the GNU Affero General Public License for more details.        |
 |                                                                    |
 | You should have received a copy of the GNU Affero General Public   |
 | License and the CiviCRM Licensing Exception along                  |
 | with this program; if not, contact CiviCRM LLC                     |
 | at info[AT]civicrm[DOT]org. If you have questions about the        |
 | GNU Affero General Public License or the licensing of CiviCRM,     |
 | see the CiviCRM license FAQ at http://civicrm.org/licensing        |
 +--------------------------------------------------------------------+
 */

/**
 * This class captures the encoding practices of CRM-5667 in a reusable
 * fashion.  In this design, all submitted values are partially HTML-encoded
 * before saving to the database.  If a DB reader needs to output in
 * non-HTML medium, then it should undo the partial HTML encoding.
 *
 * This class should be short-lived -- 4.3 should introduce an alternative
 * escaping scheme and consequently remove HTMLInputCoder.
 *
 * @package CRM
 * @copyright CiviCRM LLC (c) 2004-2019
 */
class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
  private $skipFields = NULL;

  /**
   * @var CRM_Utils_API_HTMLInputCoder
   */
  private static $_singleton = NULL;

  /**
   * @return CRM_Utils_API_HTMLInputCoder
   */
  public static function singleton() {
    if (self::$_singleton === NULL) {
      self::$_singleton = new CRM_Utils_API_HTMLInputCoder();
    }
    return self::$_singleton;
  }

  /**
   * Get skipped fields.
   *
   * @return array<string>
   *   list of field names
   */
  public function getSkipFields() {
    if ($this->skipFields === NULL) {
      $this->skipFields = [
        'widget_code',
        'html_message',
        'body_html',
        'msg_html',
        'description',
        'intro',
        'thankyou_text',
        'tf_thankyou_text',
        'intro_text',
        'page_text',
        'body_text',
        'footer_text',
        'thankyou_footer',
        'thankyou_footer_text',
        'new_text',
        'renewal_text',
        'help_pre',
        'help_post',
        'confirm_title',
        'confirm_text',
        'confirm_footer_text',
        'confirm_email_text',
        'event_full_text',
        'waitlist_text',
        'approval_req_text',
        'report_header',
        'report_footer',
        'cc_id',
        'bcc_id',
        'premiums_intro_text',
        'honor_block_text',
        'pay_later_text',
        'pay_later_receipt',
        // This is needed for FROM Email Address configuration. dgg
        'label',
        // This is needed for navigation items urls
        'url',
        'details',
        // message templates’ text versions
        'msg_text',
        // (send an) email to contact’s and CiviMail’s text version
        'text_message',
        // data i/p of persistent table
        'data',
        // CRM-6673
        'sqlQuery',
        'pcp_title',
        'pcp_intro_text',
        // The 'new' text in word replacements
        'new',
        // e.g. '"Full Name" <user@example.org>'
        'replyto_email',
        'operator',
        // CRM-20468
        'content',
        // CiviCampaign Goal Details
        'goal_general',
      ];
      $custom = CRM_Core_DAO::executeQuery('SELECT id FROM civicrm_custom_field WHERE html_type = "RichTextEditor"');
      while ($custom->fetch()) {
        $this->skipFields[] = 'custom_' . $custom->id;
      }
    }
    return $this->skipFields;
  }

  /**
   * going to filter the
   * submitted values across XSS vulnerability.
   *
   * @param array|string $values
   * @param bool $castToString
   *   If TRUE, all scalars will be filtered (and therefore cast to strings).
   *    If FALSE, then non-string values will be preserved
   */
  public function encodeInput(&$values, $castToString = FALSE) {
    if (is_array($values)) {
      foreach ($values as &$value) {
        $this->encodeInput($value, TRUE);
      }
    }
    elseif ($castToString || is_string($values)) {
      $values = $this->encodeValue($values);
    }
  }

  public function encodeValue($value) {
    return str_replace(['<', '>'], ['&lt;', '&gt;'], $value);
  }

  /**
   * Perform in-place decode on strings (in a list of records).
   *
   * @param array $rows
   *   Ex in: $rows[0] = ['first_name' => 'A&W'].
   *   Ex out: $rows[0] = ['first_name' => 'A&amp;W'].
   */
  public function encodeRows(&$rows) {
    foreach ($rows as $rid => $row) {
      $this->encodeRow($rows[$rid]);
    }
  }

  /**
   * Perform in-place encode on strings (in a single record).
   *
   * @param array $row
   *   Ex in: ['first_name' => 'A&W'].
   *   Ex out: ['first_name' => 'A&amp;W'].
   */
  public function encodeRow(&$row) {
    foreach ($row as $k => $v) {
      if (is_string($v) && !$this->isSkippedField($k)) {
        $row[$k] = $this->encodeValue($v);
      }
    }
  }

  /**
   * @param array $values
   * @param bool $castToString
   */
  public function decodeOutput(&$values, $castToString = FALSE) {
    if (is_array($values)) {
      foreach ($values as &$value) {
        $this->decodeOutput($value, TRUE);
      }
    }
    elseif ($castToString || is_string($values)) {
      $values = $this->decodeValue($values);
    }
  }

  public function decodeValue($value) {
    return str_replace(['&lt;', '&gt;'], ['<', '>'], $value);
  }

  /**
   * Perform in-place decode on strings (in a list of records).
   *
   * @param array $rows
   *   Ex in: $rows[0] = ['first_name' => 'A&amp;W'].
   *   Ex out: $rows[0] = ['first_name' => 'A&W'].
   */
  public function decodeRows(&$rows) {
    foreach ($rows as $rid => $row) {
      $this->decodeRow($rows[$rid]);
    }
  }

  /**
   * Perform in-place decode on strings (in a single record).
   *
   * @param array $row
   *   Ex in: ['first_name' => 'A&amp;W'].
   *   Ex out: ['first_name' => 'A&W'].
   */
  public function decodeRow(&$row) {
    foreach ($row as $k => $v) {
      if (is_string($v) && !$this->isSkippedField($k)) {
        $row[$k] = $this->decodeValue($v);
      }
    }
  }

}
Commit	Line	Data
a9396478 TO	1	<?php
	2	/*
	3	+--------------------------------------------------------------------+
fee14197	4	\| CiviCRM version 5 \|
a9396478	5	+--------------------------------------------------------------------+
6b83d5bd	6	\| Copyright CiviCRM LLC (c) 2004-2019 \|
a9396478 TO	7	+--------------------------------------------------------------------+
	8	\| This file is a part of CiviCRM. \|
	9	\| \|
	10	\| CiviCRM is free software; you can copy, modify, and distribute it \|
	11	\| under the terms of the GNU Affero General Public License \|
	12	\| Version 3, 19 November 2007 and the CiviCRM Licensing Exception. \|
	13	\| \|
	14	\| CiviCRM is distributed in the hope that it will be useful, but \|
	15	\| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	16	\| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. \|
	17	\| See the GNU Affero General Public License for more details. \|
	18	\| \|
	19	\| You should have received a copy of the GNU Affero General Public \|
	20	\| License and the CiviCRM Licensing Exception along \|
	21	\| with this program; if not, contact CiviCRM LLC \|
	22	\| at info[AT]civicrm[DOT]org. If you have questions about the \|
	23	\| GNU Affero General Public License or the licensing of CiviCRM, \|
	24	\| see the CiviCRM license FAQ at http://civicrm.org/licensing \|
	25	+--------------------------------------------------------------------+
d25dd0ee	26	*/
a9396478 TO	27
	28	/**
	29	* This class captures the encoding practices of CRM-5667 in a reusable
	30	* fashion. In this design, all submitted values are partially HTML-encoded
	31	* before saving to the database. If a DB reader needs to output in
	32	* non-HTML medium, then it should undo the partial HTML encoding.
	33	*
	34	* This class should be short-lived -- 4.3 should introduce an alternative
	35	* escaping scheme and consequently remove HTMLInputCoder.
	36	*
	37	* @package CRM
6b83d5bd	38	* @copyright CiviCRM LLC (c) 2004-2019
a9396478	39	*/
a9396478 TO	40	class CRM_Utils_API_HTMLInputCoder extends CRM_Utils_API_AbstractFieldCoder {
	41	private $skipFields = NULL;
	42
	43	/**
	44	* @var CRM_Utils_API_HTMLInputCoder
	45	*/
	46	private static $_singleton = NULL;
	47
	48	/**
	49	* @return CRM_Utils_API_HTMLInputCoder
	50	*/
	51	public static function singleton() {
	52	if (self::$_singleton === NULL) {
	53	self::$_singleton = new CRM_Utils_API_HTMLInputCoder();
	54	}
	55	return self::$_singleton;
	56	}
	57
	58	/**
3d469574	59	* Get skipped fields.
	60	*
	61	* @return array<string>
	62	* list of field names
a9396478 TO	63	*/
	64	public function getSkipFields() {
	65	if ($this->skipFields === NULL) {
be2fb01f	66	$this->skipFields = [
a9396478 TO	67	'widget_code',
	68	'html_message',
	69	'body_html',
	70	'msg_html',
	71	'description',
	72	'intro',
	73	'thankyou_text',
	74	'tf_thankyou_text',
	75	'intro_text',
	76	'page_text',
	77	'body_text',
	78	'footer_text',
	79	'thankyou_footer',
	80	'thankyou_footer_text',
	81	'new_text',
	82	'renewal_text',
	83	'help_pre',
	84	'help_post',
	85	'confirm_title',
	86	'confirm_text',
	87	'confirm_footer_text',
	88	'confirm_email_text',
	89	'event_full_text',
	90	'waitlist_text',
	91	'approval_req_text',
	92	'report_header',
	93	'report_footer',
	94	'cc_id',
	95	'bcc_id',
	96	'premiums_intro_text',
	97	'honor_block_text',
	98	'pay_later_text',
	99	'pay_later_receipt',
6714d8d2 SL	100	// This is needed for FROM Email Address configuration. dgg
	101	'label',
	102	// This is needed for navigation items urls
	103	'url',
a9396478	104	'details',
6714d8d2 SL	105	// message templates’ text versions
	106	'msg_text',
	107	// (send an) email to contact’s and CiviMail’s text version
	108	'text_message',
	109	// data i/p of persistent table
	110	'data',
	111	// CRM-6673
	112	'sqlQuery',
a9396478 TO	113	'pcp_title',
a9396478 TO	114	'pcp_intro_text',
6714d8d2 SL	115	// The 'new' text in word replacements
	116	'new',
	117	// e.g. '"Full Name" <user@example.org>'
	118	'replyto_email',
a265eee1	119	'operator',
6714d8d2 SL	120	// CRM-20468
6714d8d2 SL	121	'content',
1107b319 SL	122	// CiviCampaign Goal Details
1107b319 SL	123	'goal_general',
be2fb01f	124	];
ece8de2d CW	125	$custom = CRM_Core_DAO::executeQuery('SELECT id FROM civicrm_custom_field WHERE html_type = "RichTextEditor"');
	126	while ($custom->fetch()) {
	127	$this->skipFields[] = 'custom_' . $custom->id;
	128	}
a9396478 TO	129	}
	130	return $this->skipFields;
	131	}
	132
	133	/**
dc195289	134	* going to filter the
a9396478 TO	135	* submitted values across XSS vulnerability.
	136	*
	137	* @param array\|string $values
77855840 TO	138	* @param bool $castToString
77855840 TO	139	* If TRUE, all scalars will be filtered (and therefore cast to strings).
a9396478 TO	140	* If FALSE, then non-string values will be preserved
	141	*/
	142	public function encodeInput(&$values, $castToString = FALSE) {
	143	if (is_array($values)) {
	144	foreach ($values as &$value) {
	145	$this->encodeInput($value, TRUE);
	146	}
0db6c3e1 TO	147	}
0db6c3e1 TO	148	elseif ($castToString \|\| is_string($values)) {
d37a188f TO	149	$values = $this->encodeValue($values);
	150	}
	151	}
	152
	153	public function encodeValue($value) {
	154	return str_replace(['<', '>'], ['<', '>'], $value);
	155	}
	156
	157	/**
	158	* Perform in-place decode on strings (in a list of records).
	159	*
	160	* @param array $rows
	161	* Ex in: $rows[0] = ['first_name' => 'A&W'].
	162	* Ex out: $rows[0] = ['first_name' => 'A&W'].
	163	*/
	164	public function encodeRows(&$rows) {
	165	foreach ($rows as $rid => $row) {
	166	$this->encodeRow($rows[$rid]);
	167	}
	168	}
	169
	170	/**
	171	* Perform in-place encode on strings (in a single record).
	172	*
	173	* @param array $row
	174	* Ex in: ['first_name' => 'A&W'].
	175	* Ex out: ['first_name' => 'A&W'].
	176	*/
	177	public function encodeRow(&$row) {
	178	foreach ($row as $k => $v) {
	179	if (is_string($v) && !$this->isSkippedField($k)) {
	180	$row[$k] = $this->encodeValue($v);
	181	}
a9396478 TO	182	}
	183	}
	184
5bc392e6	185	/**
ae5ffbb7	186	* @param array $values
5bc392e6 EM	187	* @param bool $castToString
5bc392e6 EM	188	*/
a9396478 TO	189	public function decodeOutput(&$values, $castToString = FALSE) {
	190	if (is_array($values)) {
	191	foreach ($values as &$value) {
	192	$this->decodeOutput($value, TRUE);
	193	}
0db6c3e1 TO	194	}
0db6c3e1 TO	195	elseif ($castToString \|\| is_string($values)) {
d37a188f TO	196	$values = $this->decodeValue($values);
	197	}
	198	}
	199
	200	public function decodeValue($value) {
	201	return str_replace(['<', '>'], ['<', '>'], $value);
	202	}
	203
	204	/**
	205	* Perform in-place decode on strings (in a list of records).
	206	*
	207	* @param array $rows
	208	* Ex in: $rows[0] = ['first_name' => 'A&W'].
	209	* Ex out: $rows[0] = ['first_name' => 'A&W'].
	210	*/
	211	public function decodeRows(&$rows) {
	212	foreach ($rows as $rid => $row) {
	213	$this->decodeRow($rows[$rid]);
	214	}
	215	}
	216
	217	/**
	218	* Perform in-place decode on strings (in a single record).
	219	*
	220	* @param array $row
	221	* Ex in: ['first_name' => 'A&W'].
	222	* Ex out: ['first_name' => 'A&W'].
	223	*/
	224	public function decodeRow(&$row) {
	225	foreach ($row as $k => $v) {
	226	if (is_string($v) && !$this->isSkippedField($k)) {
	227	$row[$k] = $this->decodeValue($v);
	228	}
a9396478 TO	229	}
a9396478 TO	230	}
96025800	231
a9396478	232	}