[3.1.0] Extend scanner to catch $this->config; chmod new directories from Serializer. I'm not exactly sure what the implications of the bugfix are, but hopefully it won't blow up.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/trunk@1708 48356398-32a2-884e-a903-53898d9a118a
2025-07-30 19:00:10 +02:00 · 2008-05-13 03:17:38 +00:00
parent e0c0d8eab6
commit 77ce3e8b4a
6 changed files with 61 additions and 44 deletions
--- a/library/HTMLPurifier/DefinitionCache/Serializer.php
+++ b/library/HTMLPurifier/DefinitionCache/Serializer.php
@@ -100,18 +100,7 @@ class HTMLPurifier_DefinitionCache_Serializer extends
     * @return Number of bytes written if success, or false if failure.
     */
    private function _write($file, $data) {
-        static $file_put_contents;
-        if ($file_put_contents === null) {
-            $file_put_contents = function_exists('file_put_contents');
-        }
-        if ($file_put_contents) {
-            return file_put_contents($file, $data);
-        }
-        $fh = fopen($file, 'w');
-        if (!$fh) return false;
-        $status = fwrite($fh, $data);
-        fclose($fh);
-        return $status;
+        return file_put_contents($file, $data);
    }
    
    /**
@@ -130,7 +119,9 @@ class HTMLPurifier_DefinitionCache_Serializer extends
            } elseif (!$this->_testPermissions($base)) {
                return false;
            }
+            $old = umask(0022); // disable group and world writes
            mkdir($directory);
+            umask($old);
        } elseif (!$this->_testPermissions($directory)) {
            return false;
        }
--- a/library/HTMLPurifier/Generator.php
+++ b/library/HTMLPurifier/Generator.php
@@ -29,7 +29,7 @@ class HTMLPurifier_Generator
    /**
     * Configuration for the generator
     */
-    private $_config;
+    protected $config;
    
    /**
     * @param $config Instance of HTMLPurifier_Config
@@ -37,7 +37,7 @@ class HTMLPurifier_Generator
     */
    public function __construct($config = null, $context = null) {
        if (!$config) $config = HTMLPurifier_Config::createDefault();
-        $this->_config = $config;
+        $this->config = $config;
        $this->_scriptFix = $config->get('Output', 'CommentScriptContents');
        $this->_def = $config->getHTMLDefinition();
        $this->_xhtml = $this->_def->doctype->xml;
@@ -67,7 +67,7 @@ class HTMLPurifier_Generator
        }
        
        // Tidy cleanup
-        if (extension_loaded('tidy') && $this->_config->get('Output', 'TidyFormat')) {
+        if (extension_loaded('tidy') && $this->config->get('Output', 'TidyFormat')) {
            $tidy = new Tidy;
            $tidy->parseString($html, array(
               'indent'=> true,
@@ -81,7 +81,7 @@ class HTMLPurifier_Generator
        }
        
        // Normalize newlines to system defined value
-        $nl = $this->_config->get('Output', 'Newline');
+        $nl = $this->config->get('Output', 'Newline');
        if ($nl === null) $nl = PHP_EOL;
        if ($nl !== "\n") $html = str_replace("\n", $nl, $html);
        return $html;