From e1cdca6971468fc5216e6a69f06ec535a82a24a2 Mon Sep 17 00:00:00 2001
From: Teromene <teromene@teromene.fr>
Date: Wed, 11 Nov 2015 21:45:24 +0000
Subject: [PATCH] =?UTF-8?q?Ajout=20du=20param=C3=A8tre=20pattern=20pour=20?=
 =?UTF-8?q?les=20entr=C3=A9es=20de=20type=20texte,=20ajout=20du=20required?=
 =?UTF-8?q?=20c=C3=B4t=C3=A9=20HTML.=20Correction=20de=20la=20page=20d'acc?=
 =?UTF-8?q?ueuil=20pour=20qu'elle=20soit=20conforme=20aux=20standards=20du?=
 =?UTF-8?q?=20W3C.=20Correction=20de=20la=20regex=20de=20listage=20des=20f?=
 =?UTF-8?q?ichiers=20pour=20qu'elle=20ignore=20les=20sauvegardes.=20Ajout?=
 =?UTF-8?q?=20d'un=20nettoyeur=20HTML,=20par=20d=C3=A9faut.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 bridges/FacebookBridge.php        |  3 +-
 bridges/PickyWallpapersBridge.php |  3 +-
 bridges/YoutubeBridge.php         |  6 ++-
 index.php                         |  5 +--
 lib/Bridge.php                    | 17 ++++----
 lib/HTMLUtils.php                 | 71 +++++++++++++++++++++++++++----
 lib/Item.php                      |  2 +-
 7 files changed, 81 insertions(+), 26 deletions(-)

diff --git a/bridges/FacebookBridge.php b/bridges/FacebookBridge.php
index 98e7e8b6..49c8d26f 100644
--- a/bridges/FacebookBridge.php
+++ b/bridges/FacebookBridge.php
@@ -13,7 +13,8 @@ class FacebookBridge extends BridgeAbstract{
 		'[
 			{
 				"name" : "Username",
-				"identifier" : "u"
+				"identifier" : "u",
+				"required" : "required"
 			}
 		]';
 	}
diff --git a/bridges/PickyWallpapersBridge.php b/bridges/PickyWallpapersBridge.php
index 87cfb166..586d06aa 100644
--- a/bridges/PickyWallpapersBridge.php
+++ b/bridges/PickyWallpapersBridge.php
@@ -31,7 +31,8 @@ class PickyWallpapersBridge extends BridgeAbstract {
 			{
 				"name" : "resolution",
 				"identifier" : "r",
-				"exampleValue" : "1920x1200, 1680x1050, ..."
+				"exampleValue" : "1920x1200, 1680x1050, ...",
+				"pattern" : "[0-9]{3,4}x[0-9]{3,4}"
 			}
 
 		]';
diff --git a/bridges/YoutubeBridge.php b/bridges/YoutubeBridge.php
index bcc6d2f6..7147a23e 100644
--- a/bridges/YoutubeBridge.php
+++ b/bridges/YoutubeBridge.php
@@ -23,7 +23,8 @@ class YoutubeBridge extends BridgeAbstract {
 				"type" : "text",
 				"identifier" : "u",
 				"name" : "username",
-				"exampleValue" : "test"
+				"exampleValue" : "test",
+				"required" : "required"
 			}
 		]';
 
@@ -33,7 +34,8 @@ class YoutubeBridge extends BridgeAbstract {
 				"type" : "number",
 				"identifier" : "c",
 				"name" : "channel id",
-				"exampleValue" : "15"
+				"exampleValue" : "15",
+				"required" : "required"
 			}
 		]';
 
diff --git a/index.php b/index.php
index 6b8261bd..0d6bb9ba 100644
--- a/index.php
+++ b/index.php
@@ -131,9 +131,6 @@ $formats = Format::searchInformation();
     <meta name="description" content="Rss-bridge" />
     <title>RSS-Bridge</title>
     <link href="css/style.css" rel="stylesheet">
-    <!--[if IE]>
-        <script src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
-    <![endif]-->
 </head>
 
 <body>
@@ -152,7 +149,7 @@ $formats = Format::searchInformation();
 			if(Bridge::isWhitelisted($whitelist_selection, $bridgeName))
 			{
 				echo HTMLUtils::displayBridgeCard($bridgeName, $formats);
-	            $activeFoundBridgeCount++;
+	            		$activeFoundBridgeCount++;
 			}
 			elseif ($showInactive)
 			{
diff --git a/lib/Bridge.php b/lib/Bridge.php
index 93032100..6fb67b7f 100644
--- a/lib/Bridge.php
+++ b/lib/Bridge.php
@@ -279,15 +279,16 @@ class Bridge{
     */
 	static public function listBridges() {
 
-        $pathDirBridge = self::getDir();
-        $listBridge = array();
-	 	$dirFiles = scandir($pathDirBridge);
+		$pathDirBridge = self::getDir();
+		$listBridge = array();
+		$dirFiles = scandir($pathDirBridge);
 
-        if( $dirFiles !== false ){
-            foreach( $dirFiles as $fileName ){
-                if( preg_match('@([^.]+)\.php@U', $fileName, $out) ){
-					$listBridge[] = $out[1];
-				}
+		if( $dirFiles !== false ){
+
+		    foreach( $dirFiles as $fileName ) {
+		        if( preg_match('@([^.]+)\.php$@U', $fileName, $out) ){
+						$listBridge[] = $out[1];
+			}
 			}
 		}
 
diff --git a/lib/HTMLUtils.php b/lib/HTMLUtils.php
index 85c0dbe2..ff25130d 100644
--- a/lib/HTMLUtils.php
+++ b/lib/HTMLUtils.php
@@ -20,7 +20,6 @@ class HTMLUtils {
 	public static function displayBridgeCard($bridgeName, $formats, $isActive = true)
 	{
 
-
 		$bridgeElement = Bridge::create($bridgeName);
 		if($bridgeElement == false) {
 			return "";
@@ -41,7 +40,7 @@ CARD;
 		// If we don't have any parameter for the bridge, we print a generic form to load it.
 		if(count($bridgeElement->parameters) == 0) {
 
-			$card .= '<form method="POST" action="?">
+			$card .= '<form method="GET" action="?">
 					<input type="hidden" name="action" value="display" />
 					<input type="hidden" name="bridge" value="' . $bridgeName . '" />' . PHP_EOL;
 
@@ -59,11 +58,10 @@ CARD;
 
 		foreach($bridgeElement->parameters as $parameterName => $parameter)
 		{
-			$card .= '<ol class="list-use">' . PHP_EOL;
 			if(!is_numeric($parameterName)) {
 				$card .= '<h5>'.$parameterName.'</h5>' . PHP_EOL;
 			}
-			$card .= '<form method="POST" action="?">
+			$card .= '<form method="GET" action="?">
 						<input type="hidden" name="action" value="display" />
 						<input type="hidden" name="bridge" value="' . $bridgeName . '" />' . PHP_EOL;
 
@@ -71,21 +69,32 @@ CARD;
 
 			foreach($parameter as $inputEntry) {
 
+				$additionalInfoString = "";
+				if(isset($inputEntry['required'])) {
+
+					$additionalInfoString .= " required=\"required\"";
+
+				}
+				if(isset($inputEntry['pattern'])) {
+
+					$additionalInfoString .= " pattern=\"".$inputEntry['pattern']."\"";
+
+				}
 				if(!isset($inputEntry['exampleValue'])) $inputEntry['exampleValue'] = "";
 
-				$idArg = 'arg-' . $bridgeName . '-' . $parameterName . '-' . $inputEntry['identifier'];
+				$idArg = 'arg-' . urlencode($bridgeName) . '-' . urlencode($parameterName) . '-' . urlencode($inputEntry['identifier']);
 
 				$card .= '<label for="' .$idArg. '">' .$inputEntry['name']. ' : </label>' . PHP_EOL;
 
 				if(!isset($inputEntry['type']) || $inputEntry['type'] == 'text') {
-					$card .= '<input id="' . $idArg . '" type="text" value="" placeholder="' . $inputEntry['exampleValue'] . '" name="' . $inputEntry['identifier'] . '" /><br />' . PHP_EOL;
+					$card .= '<input '.$additionalInfoString.' id="' . $idArg . '" type="text" value="" placeholder="' . $inputEntry['exampleValue'] . '" name="' . $inputEntry['identifier'] . '" /><br />' . PHP_EOL;
 				} else if($inputEntry['type'] == 'number') {
-					$card .= '<input id="' . $idArg . '" type="number" value="" placeholder="' . $inputEntry['exampleValue'] . '" name="' . $inputEntry['identifier'] . '" /><br />' . PHP_EOL;
+					$card .= '<input '.$additionalInfoString.' id="' . $idArg . '" type="number" value="" placeholder="' . $inputEntry['exampleValue'] . '" name="' . $inputEntry['identifier'] . '" /><br />' . PHP_EOL;
 				} else if($inputEntry['type'] == 'list') {
-					$card .= '<select id="' . $idArg . '" name="' . $inputEntry['name'] . '" >';
+					$card .= '<select '.$additionalInfoString.' id="' . $idArg . '" name="' . $inputEntry['name'] . '" >';
 					foreach($inputEntry['values'] as $listValues) {
 
-						$card .= "<option value='" . $listValues['value'] . "'>" . $listValues['name'] . "</option>";
+						$card .= "<option $additionalInfoString value='" . $listValues['value'] . "'>" . $listValues['name'] . "</option>";
 
 					}
 					$card .= '</select><br >';
@@ -115,5 +124,49 @@ CARD;
 	}
 
 
+}
+
+class HTMLSanitizer {
+
+
+	var $tagsToRemove;
+	var $keptAttributes;
+	var $onlyKeepText;
+
+	const DEFAULT_CLEAR_TAGS = ["script", "iframe"];
+	const KEPT_ATTRIBUTES = ["title", "href", "src"];
+
+	const ONLY_TEXT = null;
+
+	function __construct($tags_to_remove = HTMLSanitizer::DEFAULT_CLEAR_TAGS, $kept_attributes = HTMLSanitizer::KEPT_ATTRIBUTES, $only_keep_text = HTMLSanitizer::ONLY_TEXT) {
+
+		$this->tagsToRemove = $tags_to_remove;
+		$this->keptAttributes = $kept_attributes;
+		$this->onlyKeepText = $only_keep_text;
+
+	}
+
+	function sanitize($textToSanitize) {
+
+		$htmlContent = str_get_html($textToSanitize);
+
+		foreach($htmlContent->find('*[!j_ai_pas_trouve_comment_tout_demander]') as $element) {
+			if(in_array($element->tag, $this->onlyKeepText)) {
+				$element->outertext = $element->plaintext;
+			} else if(in_array($element->tag, $this->tagsToRemove)) {
+				$element->outertext = '';
+			} else {
+				foreach($element->getAllAttributes() as $attributeName => $attribute) {
+
+					if(!in_array($attributeName, $this->keptAttributes)) $element->removeAttribute($attributeName);
+
+				}
+			}
+		}
+
+		return $htmlContent;
+
+	}
+
 }
 ?>
diff --git a/lib/Item.php b/lib/Item.php
index 806ecca8..2e15ffc3 100644
--- a/lib/Item.php
+++ b/lib/Item.php
@@ -13,4 +13,4 @@ class Item implements ItemInterface{
     public function __get($name){
         return isset($this->$name) ? $this->$name : null;
     }
-}
\ No newline at end of file
+}