From b1e9c73b2777b802925bcdcec6d7012b6d98f1cb Mon Sep 17 00:00:00 2001 From: Andreas Treichel Date: Sat, 29 Dec 2018 22:10:19 +0100 Subject: [PATCH] Allow strip_tags with an array of allowed tagnames --- UPGRADING | 4 +++ ext/standard/string.c | 28 +++++++++++++--- .../tests/strings/strip_tags_array.phpt | 32 +++++++++++++++++++ .../tests/strings/strip_tags_variation2.phpt | 27 ---------------- 4 files changed, 60 insertions(+), 31 deletions(-) create mode 100644 ext/standard/tests/strings/strip_tags_array.phpt diff --git a/UPGRADING b/UPGRADING index 4e8507b641..c735b4d521 100644 --- a/UPGRADING +++ b/UPGRADING @@ -121,6 +121,10 @@ PHP 7.4 UPGRADE NOTES check whether this statement is read-only, i.e. whether it doesn't modify the database. +- Standard: + . strip_tags() now also accepts an array of allowed tags: Instead of + strip_tags($str, '

') you can now write strip_tags($str, ['a', 'p']). + ======================================== 3. Changes in SAPI modules ======================================== diff --git a/ext/standard/string.c b/ext/standard/string.c index d9c5e6b10e..7a8e54ad59 100644 --- a/ext/standard/string.c +++ b/ext/standard/string.c @@ -4780,6 +4780,7 @@ PHP_FUNCTION(strip_tags) zval *allow=NULL; const char *allowed_tags=NULL; size_t allowed_tags_len=0; + smart_str tags_ss = {0}; ZEND_PARSE_PARAMETERS_START(1, 2) Z_PARAM_STR(str) @@ -4787,15 +4788,34 @@ PHP_FUNCTION(strip_tags) Z_PARAM_ZVAL(allow) ZEND_PARSE_PARAMETERS_END(); - /* To maintain a certain BC, we allow anything for the second parameter and return original string */ if (allow) { - convert_to_string(allow); - allowed_tags = Z_STRVAL_P(allow); - allowed_tags_len = Z_STRLEN_P(allow); + if (Z_TYPE_P(allow) == IS_ARRAY) { + zval *tmp; + zend_string *tag; + + ZEND_HASH_FOREACH_VAL(Z_ARRVAL_P(allow), tmp) { + tag = zval_get_string(tmp); + smart_str_appendc(&tags_ss, '<'); + smart_str_append(&tags_ss, tag); + smart_str_appendc(&tags_ss, '>'); + zend_string_release(tag); + } ZEND_HASH_FOREACH_END(); + if (tags_ss.s) { + smart_str_0(&tags_ss); + allowed_tags = ZSTR_VAL(tags_ss.s); + allowed_tags_len = ZSTR_LEN(tags_ss.s); + } + } else { + /* To maintain a certain BC, we allow anything for the second parameter and return original string */ + convert_to_string(allow); + allowed_tags = Z_STRVAL_P(allow); + allowed_tags_len = Z_STRLEN_P(allow); + } } buf = zend_string_init(ZSTR_VAL(str), ZSTR_LEN(str), 0); ZSTR_LEN(buf) = php_strip_tags_ex(ZSTR_VAL(buf), ZSTR_LEN(str), NULL, allowed_tags, allowed_tags_len, 0); + smart_str_free(&tags_ss); RETURN_NEW_STR(buf); } /* }}} */ diff --git a/ext/standard/tests/strings/strip_tags_array.phpt b/ext/standard/tests/strings/strip_tags_array.phpt new file mode 100644 index 0000000000..5c2e6118e6 --- /dev/null +++ b/ext/standard/tests/strings/strip_tags_array.phpt @@ -0,0 +1,32 @@ +--TEST-- +Test strip_tags() function : basic functionality - with array argument +--FILE-- +foo bar foobar

'; +var_dump(strip_tags($string)); +var_dump(strip_tags($string, ['a'])); +var_dump(strip_tags($string, ['p', 'a'])); +var_dump(strip_tags($string, [])); +var_dump(strip_tags($string, ['p' => true, 'a' => false])); +var_dump(strip_tags($string, ['p' => 'a'])); + +// Previous tests from strip_tags_variation2.phpt +var_dump(strip_tags($string, [0])); +var_dump(strip_tags($string, [1])); +var_dump(strip_tags($string, [1, 2])); +var_dump(strip_tags($string, ['color' => 'red', 'item' => 'pen'])); +echo "Done"; +?> +--EXPECT-- +string(14) "foo bar foobar" +string(30) "foo bar foobar" +string(37) "

foo bar foobar

" +string(14) "foo bar foobar" +string(14) "foo bar foobar" +string(30) "foo bar foobar" +string(14) "foo bar foobar" +string(14) "foo bar foobar" +string(14) "foo bar foobar" +string(14) "foo bar foobar" +Done diff --git a/ext/standard/tests/strings/strip_tags_variation2.phpt b/ext/standard/tests/strings/strip_tags_variation2.phpt index a32e3eccad..c30f29dc3f 100644 --- a/ext/standard/tests/strings/strip_tags_variation2.phpt +++ b/ext/standard/tests/strings/strip_tags_variation2.phpt @@ -48,13 +48,6 @@ $values = array( 10.6E-10, .5, - // array data - array(), - array(0), - array(1), - array(1, 2), - array('color' => 'red', 'item' => 'pen'), - // null data NULL, null, @@ -113,24 +106,14 @@ string(10) "helloworld" -- Iteration 9 -- string(10) "helloworld" -- Iteration 10 -- - -Notice: Array to string conversion in %s on line %d string(10) "helloworld" -- Iteration 11 -- - -Notice: Array to string conversion in %s on line %d string(10) "helloworld" -- Iteration 12 -- - -Notice: Array to string conversion in %s on line %d string(10) "helloworld" -- Iteration 13 -- - -Notice: Array to string conversion in %s on line %d string(10) "helloworld" -- Iteration 14 -- - -Notice: Array to string conversion in %s on line %d string(10) "helloworld" -- Iteration 15 -- string(10) "helloworld" @@ -146,14 +129,4 @@ string(10) "helloworld" string(10) "helloworld" -- Iteration 21 -- string(10) "helloworld" --- Iteration 22 -- -string(10) "helloworld" --- Iteration 23 -- -string(10) "helloworld" --- Iteration 24 -- -string(10) "helloworld" --- Iteration 25 -- -string(10) "helloworld" --- Iteration 26 -- -string(10) "helloworld" Done -- 2.50.1