MediaWiki REL1_32
XmlTypeCheck Class Reference

Public Member Functions

 __construct ( $input, $filterCallback=null, $isFile=true, $options=[])
 Allow filtering an XML file.
 
 getRootElement ()
 Get the root element.
 
 XmlErrorHandler ( $errno, $errstr)
 

Static Public Member Functions

static newFromFilename ( $fname, $filterCallback=null)
 Alternative constructor: from filename.
 
static newFromString ( $string, $filterCallback=null)
 Alternative constructor: from string.
 

Public Attributes

 $filterMatch = false
 Will be set to true if the optional element filter returned a match at some point.
 
mixed $filterMatchType = false
 Will contain the type of filter hit if the optional element filter returned a match at some point.
 
 $rootElement = ''
 Name of the document's root element, including any namespace as an expanded URL.
 
 $wellFormed = null
 Will be set to true or false to indicate whether the file is well-formed XML.
 

Protected Attributes

 $elementData = []
 A stack of strings containing the data of each xml element as it's processed.
 
 $elementDataContext = []
 A stack of element names and attributes, as we process them.
 
 $stackDepth = 0
 Current depth of the data stack.
 

Private Member Functions

 checkDTDIsSafe ( $internalSubset)
 Check if the internal subset of the DTD is safe.
 
 DTDHandler (XMLReader $reader)
 Handle coming across a <!DOCTYPE declaration.
 
 elementClose ()
 
 elementData ( $data)
 
 elementOpen ( $name, $attribs)
 
 expandNS ( $name, $namespaceURI)
 
 getAttributesArray (XMLReader $r)
 Get all of the attributes for an XMLReader's current node.
 
 parseDTD ( $dtd)
 Parse DTD into parts.
 
 processingInstructionHandler ( $target, $data)
 
 readNext (XMLReader $reader)
 
 validate ( $reader)
 
 validateFromInput ( $xml, $isFile)
 

Private Attributes

 $parserOptions
 Additional parsing options.
 

Detailed Description

Definition at line 28 of file XmlTypeCheck.php.

Constructor & Destructor Documentation

◆ __construct()

XmlTypeCheck::__construct (   $input,
  $filterCallback = null,
  $isFile = true,
  $options = [] 
)

Allow filtering an XML file.

Filters should return either true or a string to indicate something is wrong with the file. $this->filterMatch will store if the file failed validation (true = failed validation). $this->filterMatchType will contain the validation error. $this->wellFormed will contain whether the xml file is well-formed.

Note
If multiple filters are hit, only one of them will have the result stored in $this->filterMatchType.
Parameters
string$inputa filename or string containing the XML element
callable | null$filterCallback(optional) Function to call to do additional custom validity checks from the SAX element handler event. This gives you access to the element namespace, name, attributes, and text contents. Filter should return a truthy value describing the error.
bool$isFile(optional) indicates if the first parameter is a filename (default, true) or if it is a string (false)
array$optionslist of additional parsing options: processing_instruction_handler: Callback for xml_set_processing_instruction_handler external_dtd_handler: Callback for the url of external dtd subset dtd_handler: Callback given the full text of the <!DOCTYPE declaration. require_safe_dtd: Only allow non-recursive entities in internal dtd (default true)

Definition at line 107 of file XmlTypeCheck.php.

References $input, $options, and validateFromInput().

Member Function Documentation

◆ checkDTDIsSafe()

XmlTypeCheck::checkDTDIsSafe (   $internalSubset)
private

Check if the internal subset of the DTD is safe.

We whitelist an extremely restricted subset of DTD features.

Safe is defined as:

  • Only contains entity defintions (e.g. No <!ATLIST )
  • Entity definitions are not "system" entities
  • Entity definitions are not "parameter" (i.e. %) entities
  • Entity definitions do not reference other entites except & and quotes. Entity aliases (where the entity contains only another entity are allowed)
  • Entity references aren't overly long (>255 bytes).
  • <!ATTLIST svg xmlns:xlink CDATA #FIXED "http://www.w3.org/1999/xlink"> allowed if matched exactly for compatibility with graphviz
  • Comments.
Parameters
string$internalSubsetThe internal subset of the DTD
Returns
bool true if safe.

Definition at line 435 of file XmlTypeCheck.php.

References $res.

Referenced by DTDHandler().

◆ DTDHandler()

XmlTypeCheck::DTDHandler ( XMLReader  $reader)
private

Handle coming across a <!DOCTYPE declaration.

Parameters
XMLReader$readerReader currently pointing at DOCTYPE node.

Definition at line 372 of file XmlTypeCheck.php.

References checkDTDIsSafe(), and parseDTD().

Referenced by validate().

◆ elementClose()

XmlTypeCheck::elementClose ( )
private

Definition at line 319 of file XmlTypeCheck.php.

References $attribs, $name, elementData(), and list.

Referenced by validate().

◆ elementData()

XmlTypeCheck::elementData (   $data)
private
Parameters
string$data

Definition at line 343 of file XmlTypeCheck.php.

References elementData().

Referenced by elementClose(), elementData(), elementOpen(), and validate().

◆ elementOpen()

XmlTypeCheck::elementOpen (   $name,
  $attribs 
)
private
Parameters
string$name
string$attribs

Definition at line 313 of file XmlTypeCheck.php.

References $attribs, $name, and elementData().

Referenced by validate().

◆ expandNS()

XmlTypeCheck::expandNS (   $name,
  $namespaceURI 
)
private
Parameters
string$nameelement or attribute name, maybe with a full or short prefix
string$namespaceURI
Returns
string the name prefixed with namespaceURI

Definition at line 300 of file XmlTypeCheck.php.

References $name.

Referenced by getAttributesArray(), and validate().

◆ getAttributesArray()

XmlTypeCheck::getAttributesArray ( XMLReader  $r)
private

Get all of the attributes for an XMLReader's current node.

Parameters
XMLReader$r
Returns
array of attributes

Definition at line 281 of file XmlTypeCheck.php.

References $name, and expandNS().

Referenced by validate().

◆ getRootElement()

XmlTypeCheck::getRootElement ( )

Get the root element.

Simple accessor to $rootElement

Returns
string

Definition at line 148 of file XmlTypeCheck.php.

References $rootElement.

◆ newFromFilename()

static XmlTypeCheck::newFromFilename (   $fname,
  $filterCallback = null 
)
static

Alternative constructor: from filename.

Parameters
string$fnamethe filename of an XML document
callable | null$filterCallback(optional) Function to call to do additional custom validity checks from the SAX element handler event. This gives you access to the element namespace, name, and attributes, but not to text contents. Filter should return 'true' to toggle on $this->filterMatch
Returns
XmlTypeCheck

Definition at line 124 of file XmlTypeCheck.php.

References $fname, and true.

◆ newFromString()

static XmlTypeCheck::newFromString (   $string,
  $filterCallback = null 
)
static

Alternative constructor: from string.

Parameters
string$stringa string containing an XML element
callable | null$filterCallback(optional) Function to call to do additional custom validity checks from the SAX element handler event. This gives you access to the element namespace, name, and attributes, but not to text contents. Filter should return 'true' to toggle on $this->filterMatch
Returns
XmlTypeCheck

Definition at line 139 of file XmlTypeCheck.php.

References false.

Referenced by XmlTypeCheckTest\testMalFormedXML(), XmlTypeCheckTest\testRecursiveEntity(), and XmlTypeCheckTest\testWellFormedXML().

◆ parseDTD()

XmlTypeCheck::parseDTD (   $dtd)
private

Parse DTD into parts.

If there is an error parsing the dtd, sets wellFormed to false.

Parameters
string$dtd
Returns
array Possibly containing keys publicid, systemid, type and internal.

Definition at line 458 of file XmlTypeCheck.php.

References $res, $value, and as.

Referenced by DTDHandler().

◆ processingInstructionHandler()

XmlTypeCheck::processingInstructionHandler (   $target,
  $data 
)
private
Parameters
string$target
string$data

Definition at line 352 of file XmlTypeCheck.php.

Referenced by validate().

◆ readNext()

XmlTypeCheck::readNext ( XMLReader  $reader)
private

Definition at line 183 of file XmlTypeCheck.php.

References $ret.

Referenced by validate().

◆ validate()

XmlTypeCheck::validate (   $reader)
private

◆ validateFromInput()

XmlTypeCheck::validateFromInput (   $xml,
  $isFile 
)
private
Parameters
string$fnamethe filename

Definition at line 155 of file XmlTypeCheck.php.

References $e, $s, and validate().

Referenced by __construct().

◆ XmlErrorHandler()

XmlTypeCheck::XmlErrorHandler (   $errno,
  $errstr 
)

Definition at line 190 of file XmlTypeCheck.php.

Member Data Documentation

◆ $elementData

XmlTypeCheck::$elementData = []
protected

A stack of strings containing the data of each xml element as it's processed.

Append data to the top string of the stack, then pop off the string and process it when the element is closed.

Definition at line 59 of file XmlTypeCheck.php.

◆ $elementDataContext

XmlTypeCheck::$elementDataContext = []
protected

A stack of element names and attributes, as we process them.

Definition at line 64 of file XmlTypeCheck.php.

◆ $filterMatch

XmlTypeCheck::$filterMatch = false

Will be set to true if the optional element filter returned a match at some point.

Definition at line 39 of file XmlTypeCheck.php.

◆ $filterMatchType

mixed XmlTypeCheck::$filterMatchType = false

Will contain the type of filter hit if the optional element filter returned a match at some point.

Definition at line 46 of file XmlTypeCheck.php.

◆ $parserOptions

XmlTypeCheck::$parserOptions
private
Initial value:
= [
'processing_instruction_handler' => '',
'external_dtd_handler' => '',
'dtd_handler' => '',
'require_safe_dtd' => true
]
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition hooks.txt:2055

Additional parsing options.

Definition at line 74 of file XmlTypeCheck.php.

◆ $rootElement

XmlTypeCheck::$rootElement = ''

Name of the document's root element, including any namespace as an expanded URL.

Definition at line 52 of file XmlTypeCheck.php.

Referenced by getRootElement().

◆ $stackDepth

XmlTypeCheck::$stackDepth = 0
protected

Current depth of the data stack.

Definition at line 69 of file XmlTypeCheck.php.

◆ $wellFormed

XmlTypeCheck::$wellFormed = null

Will be set to true or false to indicate whether the file is well-formed XML.

Note that this doesn't check schema validity.

Definition at line 33 of file XmlTypeCheck.php.


The documentation for this class was generated from the following file: