Elgg  Version master
Public Member Functions | Public Attributes | List of all members
Elgg\Views\HtmlFormatter Class Reference

Various helper method for formatting and sanitizing output. More...

Public Member Functions

 __construct (protected ViewsService $views, protected EventsService $events, protected AutoParagraph $autop)
 Output constructor. More...
 
 formatBlock (string $html, array $options=[])
 Prepare HTML output. More...
 
 parseUrls (string $text)
 Takes a string and turns any URLs into formatted links. More...
 
 parseEmails (string $text)
 Takes a string and turns any email addresses into formatted links. More...
 
 parseMentions (string $text)
 Takes a string and turns any @ mentions into a formatted link. More...
 
 addParagaraphs (string $string)
 Create paragraphs from text with line spacing. More...
 
 formatAttributes (array $attrs=[])
 Converts an associative array into a string of well-formed HTML/XML attributes Returns a concatenated string of HTML attributes to be inserted into a tag (e.g., <tag $attrs>) More...
 
 formatElement (string $tag_name, array $attributes=[], string $text= '', array $options=[])
 Format an HTML element. More...
 
 stripTags (string $string, string $allowable_tags=null)
 Strip tags and offer plugins the chance. More...
 
 decode (string $string)
 Decode HTML markup into a raw text string. More...
 
 inlineCss (string $html, string $css, bool $body_only=false)
 Adds inline style to html content. More...
 
 normalizeUrls (string $text)
 Replaces relative urls in href or src attributes in text. More...
 

Public Attributes

const MENTION_REGEX = '/<a[^>]*?>.*?<\/a>|<.*?>|(^|\s|\!|\.|\?|>|\G)+(@([^\s<&]+))/iu'
 Mentions regex. More...
 

Detailed Description

Various helper method for formatting and sanitizing output.

Definition at line 16 of file HtmlFormatter.php.

Constructor & Destructor Documentation

Elgg\Views\HtmlFormatter::__construct ( protected ViewsService  $views,
protected EventsService  $events,
protected AutoParagraph  $autop 
)

Output constructor.

Parameters
ViewsService$viewsViews service
EventsService$eventsEvents service
AutoParagraph$autopParagraph wrapper

Definition at line 47 of file HtmlFormatter.php.

Member Function Documentation

Elgg\Views\HtmlFormatter::addParagaraphs ( string  $string)

Create paragraphs from text with line spacing.

Parameters
string$stringThe string
Returns
string

Definition at line 193 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::decode ( string  $string)

Decode HTML markup into a raw text string.

This applies html_entity_decode() to a string while re-entitising HTML special char entities to prevent them from being decoded back to their unsafe original forms.

This relies on html_entity_decode() not translating entities when doing so leaves behind another entity, e.g. &gt; if decoded would create > which is another entity itself. This seems to escape the usual behaviour where any two paired entities creating a HTML tag are usually decoded, i.e. a lone > is not decoded, but <foo> would be decoded to <foo> since it creates a full tag.

Note: html_entity_decode() is poorly explained in the manual - which is really bad given its potential for misuse on user input already escaped elsewhere. Stackoverflow is littered with advice to use this function in the precise way that would lead to user input being capable of injecting arbitrary HTML.

Parameters
string$stringEncoded HTML
Returns
string
Author
Pádraic Brady

Definition at line 389 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::formatAttributes ( array  $attrs = [])

Converts an associative array into a string of well-formed HTML/XML attributes Returns a concatenated string of HTML attributes to be inserted into a tag (e.g., <tag $attrs>)

An example of the attributes: Attribute value can be a scalar value, an array of scalar values, or true $attrs = [ 'class' => ['elgg-input', 'elgg-input-text'], // will be imploded with spaces 'style' => ['margin-left:10px;', 'color: #666;'], // will be imploded with spaces 'alt' => 'Alt text', // will be left as is 'disabled' => true, // will be converted to disabled="disabled" 'data-options' => json_encode(['foo' => 'bar']), // will be output as an escaped JSON string 'batch' => <>, // will be ignored 'items' => [<>], // will be ignored ];

Parameters
array$attrsAn array of attribute => value pairs
Returns
string
See also
elgg_format_element()

Definition at line 230 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::formatBlock ( string  $html,
array  $options = [] 
)

Prepare HTML output.

Parameters
string$htmlHTML string
array$optionsFormatting options

bool $parse_urls Replace URLs with anchor tags bool $parse_emails Replace email addresses with anchor tags bool $sanitize Sanitize HTML tags bool $autop Add paragraphs instead of new lines

Returns
string

Definition at line 67 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::formatElement ( string  $tag_name,
array  $attributes = [],
string  $text = '',
array  $options = [] 
)

Format an HTML element.

Parameters
string$tag_nameThe element tagName. e.g. "div". This will not be validated.
array$attributesThe element attributes.
string$textThe contents of the element. Assumed to be HTML unless encode_text is true.
array$optionsOptions array with keys:
                      - encode_text   => (bool, default false) If true, $text will be HTML-escaped. Already-escaped entities
                      will not be double-escaped.

                      - double_encode => (bool, default false) If true, the $text HTML escaping will be allowed to double
                      encode HTML entities: '&times;' will become '&amp;times;'

                      - is_void       => (bool) If given, this determines whether the function will return just the open tag.
                      Otherwise this will be determined by the tag name according to this list:
                      http://www.w3.org/html/wg/drafts/html/master/single-page.html#void-elements

                      - is_xml        => (bool, default false) If true, void elements will be formatted like "<tag />"
Returns
string
Since
1.9.0
Exceptions
InvalidArgumentException

Definition at line 311 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::inlineCss ( string  $html,
string  $css,
bool  $body_only = false 
)

Adds inline style to html content.

Parameters
string$htmlhtml content
string$cssstyle text
bool$body_onlytoggle to return the body contents instead of a full html
Returns
string
Since
4.0

Definition at line 414 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::normalizeUrls ( string  $text)

Replaces relative urls in href or src attributes in text.

Parameters
string$textsource content
Returns
string
Since
4.0

Definition at line 434 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::parseEmails ( string  $text)

Takes a string and turns any email addresses into formatted links.

Parameters
string$textThe input string
Returns
string The output string with formatted links
Since
2.3

Definition at line 131 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::parseMentions ( string  $text)

Takes a string and turns any @ mentions into a formatted link.

Parameters
string$textThe input string
Returns
string
Since
5.0

Definition at line 145 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::parseUrls ( string  $text)

Takes a string and turns any URLs into formatted links.

Parameters
string$textThe input string
Returns
string The output string with formatted links

Definition at line 116 of file HtmlFormatter.php.

Elgg\Views\HtmlFormatter::stripTags ( string  $string,
string  $allowable_tags = null 
)

Strip tags and offer plugins the chance.

Plugins register for output:strip_tags event. Original string included in $params['original_string']

Parameters
string$stringFormatted string
string$allowable_tagsOptional parameter to specify tags which should not be stripped
Returns
string String run through strip_tags() and any event.

Definition at line 352 of file HtmlFormatter.php.

Member Data Documentation

const Elgg\Views\HtmlFormatter::MENTION_REGEX = '/<a[^>]*?>.*?<\/a>|<.*?>|(^|\s|\!|\.|\?|>|\G)+(@([^\s<&]+))/iu'

Mentions regex.

Match anchor tag with all attributes and wrapped html we want to exclude matches that have already been wrapped in an anchor '<a[^>]*?>.*?<\/a>'

Match tag name and attributes we want to exclude matches that found within tag attributes '<.*?>'

Match at least one space or punctuation char before a match '(^||!|.|\?|>|)+'

Match @ followed by username

See also
::assertValidUsername() '(@([^<&]+))'

Definition at line 38 of file HtmlFormatter.php.


The documentation for this class was generated from the following file: