Release 1.6.0, merged in r875-930.

git-svn-id: http://htmlpurifier.org/svnroot/htmlpurifier/branches/strict@931 48356398-32a2-884e-a903-53898d9a118a

library/HTMLPurifier/Config.php

@@ -53,8 +53,8 @@ class HTMLPurifier_Config
      *                      or a string filename of an ini file.
      * @return Configured HTMLPurifier_Config object
      */
-    function create($config) {
-        if (is_a($config, 'HTMLPurifier_Config')) return $config;
+    static function create($config) {
+        if ($config instanceof HTMLPurifier_Config) return $config;
         $ret = HTMLPurifier_Config::createDefault();
         if (is_string($config)) $ret->loadIni($config);
         elseif (is_array($config)) $ret->loadArray($config);
@@ -66,7 +66,7 @@ class HTMLPurifier_Config
      * @static
      * @return Default HTMLPurifier_Config object.
      */
-    function createDefault() {
+    static function createDefault() {
         $definition =& HTMLPurifier_ConfigSchema::instance();
         $config = new HTMLPurifier_Config($definition);
         return $config;

library/HTMLPurifier/ConfigSchema.php

@@ -73,7 +73,7 @@ class HTMLPurifier_ConfigSchema {
      * Retrieves an instance of the application-wide configuration definition.
      * @static
      */
-    function &instance($prototype = null) {
+    static function &instance($prototype = null) {
         static $instance;
         if ($prototype !== null) {
             $instance = $prototype;
@@ -95,7 +95,7 @@ class HTMLPurifier_ConfigSchema {
      *      HTMLPurifier_DirectiveDef::$type for allowed values
      * @param $description Description of directive for documentation
      */
-    function define(
+    static function define(
         $namespace, $name, $default, $type, 
         $description
     ) {
@@ -159,7 +159,7 @@ class HTMLPurifier_ConfigSchema {
      * @param $namespace Namespace's name
      * @param $description Description of the namespace
      */
-    function defineNamespace($namespace, $description) {
+    static function defineNamespace($namespace, $description) {
         $def =& HTMLPurifier_ConfigSchema::instance();
         if (isset($def->info[$namespace])) {
             trigger_error('Cannot redefine namespace', E_USER_ERROR);
@@ -192,7 +192,7 @@ class HTMLPurifier_ConfigSchema {
      * @param $alias Name of aliased value
      * @param $real Value aliased value will be converted into
      */
-    function defineValueAliases($namespace, $name, $aliases) {
+    static function defineValueAliases($namespace, $name, $aliases) {
         $def =& HTMLPurifier_ConfigSchema::instance();
         if (!isset($def->info[$namespace][$name])) {
             trigger_error('Cannot set value alias for non-existant directive',
@@ -223,7 +223,7 @@ class HTMLPurifier_ConfigSchema {
      * @param $name Name of directive
      * @param $allowed_values Arraylist of allowed values
      */
-    function defineAllowedValues($namespace, $name, $allowed_values) {
+    static function defineAllowedValues($namespace, $name, $allowed_values) {
         $def =& HTMLPurifier_ConfigSchema::instance();
         if (!isset($def->info[$namespace][$name])) {
             trigger_error('Cannot define allowed values for undefined directive',
@@ -260,7 +260,7 @@ class HTMLPurifier_ConfigSchema {
      * @param $new_namespace
      * @param $new_name Directive that the alias will be to
      */
-    function defineAlias($namespace, $name, $new_namespace, $new_name) {
+    static function defineAlias($namespace, $name, $new_namespace, $new_name) {
         $def =& HTMLPurifier_ConfigSchema::instance();
         if (!isset($def->info[$namespace])) {
             trigger_error('Cannot define directive alias in undefined namespace',
@@ -378,7 +378,7 @@ class HTMLPurifier_ConfigSchema {
      */
     function isError($var) {
         if (!is_object($var)) return false;
-        if (!is_a($var, 'HTMLPurifier_Error')) return false;
+        if (!($var instanceof HTMLPurifier_Error)) return false;
         return true;
     }
 }

library/HTMLPurifier/Encoder.php

@@ -90,7 +90,7 @@ class HTMLPurifier_Encoder
      *       would need that, and I'm probably not going to implement them.
      *       Once again, PHP 6 should solve all our problems.
      */
-    function cleanUTF8($str, $force_php = false) {
+    static function cleanUTF8($str, $force_php = false) {
         
         static $non_sgml_chars = array();
         if (empty($non_sgml_chars)) {
@@ -273,7 +273,7 @@ class HTMLPurifier_Encoder
     // | 00000000 | 00010000 | 11111111 | 11111111 | Defined upper limit of legal scalar codes
     // +----------+----------+----------+----------+ 
     
-    function unichr($code) {
+    static function unichr($code) {
         if($code > 1114111 or $code < 0 or
           ($code >= 55296 and $code <= 57343) ) {
             // bits are set outside the "valid" range as defined
@@ -314,7 +314,7 @@ class HTMLPurifier_Encoder
      * Converts a string to UTF-8 based on configuration.
      * @static
      */
-    function convertToUTF8($str, $config, &$context) {
+    static function convertToUTF8($str, $config, &$context) {
         static $iconv = null;
         if ($iconv === null) $iconv = function_exists('iconv');
         $encoding = $config->get('Core', 'Encoding');
@@ -333,7 +333,7 @@ class HTMLPurifier_Encoder
      * @note Currently, this is a lossy conversion, with unexpressable
      *       characters being omitted.
      */
-    function convertFromUTF8($str, $config, &$context) {
+    static function convertFromUTF8($str, $config, &$context) {
         static $iconv = null;
         if ($iconv === null) $iconv = function_exists('iconv');
         $encoding = $config->get('Core', 'Encoding');
@@ -366,7 +366,7 @@ class HTMLPurifier_Encoder
      * @note Sort of with cleanUTF8() but it assumes that $str is
      *       well-formed UTF-8
      */
-    function convertToASCIIDumbLossless($str) {
+    static function convertToASCIIDumbLossless($str) {
         $bytesleft = 0;
         $result = '';
         $working = 0;

library/HTMLPurifier/EntityLookup.php

@@ -29,7 +29,7 @@ class HTMLPurifier_EntityLookup {
      * @static
      * @param Optional prototype of custom lookup table to overload with.
      */
-    function instance($prototype = false) {
+    static function instance($prototype = false) {
         // no references, since PHP doesn't copy unless modified
         static $instance = null;
         if ($prototype) {

library/HTMLPurifier/HTMLDefinition.php

@@ -1,281 +1,281 @@
-<?php
-
-// components
-require_once 'HTMLPurifier/HTMLModuleManager.php';
-
-// this definition and its modules MUST NOT define configuration directives
-// outside of the HTML or Attr namespaces
-
-// will be superceded by more accurate doctype declaration schemes
-HTMLPurifier_ConfigSchema::define(
-    'HTML', 'Strict', false, 'bool',
-    'Determines whether or not to use Transitional (loose) or Strict rulesets. '.
-    'This directive has been available since 1.3.0.'
-);
-
-HTMLPurifier_ConfigSchema::define(
-    'HTML', 'BlockWrapper', 'p', 'string',
-    'String name of element to wrap inline elements that are inside a block '.
-    'context.  This only occurs in the children of blockquote in strict mode. '.
-    'Example: by default value, <code>&lt;blockquote&gt;Foo&lt;/blockquote&gt;</code> '.
-    'would become <code>&lt;blockquote&gt;&lt;p&gt;Foo&lt;/p&gt;&lt;/blockquote&gt;</code>. The '.
-    '<code>&lt;p&gt;</code> tags can be replaced '.
-    'with whatever you desire, as long as it is a block level element. '.
-    'This directive has been available since 1.3.0.'
-);
-
-HTMLPurifier_ConfigSchema::define(
-    'HTML', 'Parent', 'div', 'string',
-    'String name of element that HTML fragment passed to library will be '.
-    'inserted in.  An interesting variation would be using span as the '.
-    'parent element, meaning that only inline tags would be allowed. '.
-    'This directive has been available since 1.3.0.'
-);
-
-HTMLPurifier_ConfigSchema::define(
-    'HTML', 'AllowedElements', null, 'lookup/null',
-    'If HTML Purifier\'s tag set is unsatisfactory for your needs, you '.
-    'can overload it with your own list of tags to allow.  Note that this '.
-    'method is subtractive: it does its job by taking away from HTML Purifier '.
-    'usual feature set, so you cannot add a tag that HTML Purifier never '.
-    'supported in the first place (like embed, form or head).  If you change this, you '.
-    'probably also want to change %HTML.AllowedAttributes. '.
-    '<strong>Warning:</strong> If another directive conflicts with the '.
-    'elements here, <em>that</em> directive will win and override. '.
-    'This directive has been available since 1.3.0.'
-);
-
-HTMLPurifier_ConfigSchema::define(
-    'HTML', 'AllowedAttributes', null, 'lookup/null',
-    'IF HTML Purifier\'s attribute set is unsatisfactory, overload it! '.
-    'The syntax is \'tag.attr\' or \'*.attr\' for the global attributes '.
-    '(style, id, class, dir, lang, xml:lang).'.
-    '<strong>Warning:</strong> If another directive conflicts with the '.
-    'elements here, <em>that</em> directive will win and override. For '.
-    'example, %HTML.EnableAttrID will take precedence over *.id in this '.
-    'directive.  You must set that directive to true before you can use '.
-    'IDs at all. This directive has been available since 1.3.0.'
-);
-
-/**
- * Definition of the purified HTML that describes allowed children,
- * attributes, and many other things.
- * 
- * Conventions:
- * 
- * All member variables that are prefixed with info
- * (including the main $info array) are used by HTML Purifier internals
- * and should not be directly edited when customizing the HTMLDefinition.
- * They can usually be set via configuration directives or custom
- * modules.
- * 
- * On the other hand, member variables without the info prefix are used
- * internally by the HTMLDefinition and MUST NOT be used by other HTML
- * Purifier internals. Many of them, however, are public, and may be
- * edited by userspace code to tweak the behavior of HTMLDefinition.
- * 
- * HTMLPurifier_Printer_HTMLDefinition is a notable exception to this
- * rule: in the interest of comprehensiveness, it will sniff everything.
- */
-class HTMLPurifier_HTMLDefinition
-{
-    
-    /** FULLY-PUBLIC VARIABLES */
-    
-    /**
-     * Associative array of element names to HTMLPurifier_ElementDef
-     * @public
-     */
-    var $info = array();
-    
-    /**
-     * Associative array of global attribute name to attribute definition.
-     * @public
-     */
-    var $info_global_attr = array();
-    
-    /**
-     * String name of parent element HTML will be going into.
-     * @public
-     */
-    var $info_parent = 'div';
-    
-    /**
-     * Definition for parent element, allows parent element to be a
-     * tag that's not allowed inside the HTML fragment.
-     * @public
-     */
-    var $info_parent_def;
-    
-    /**
-     * String name of element used to wrap inline elements in block context
-     * @note This is rarely used except for BLOCKQUOTEs in strict mode
-     * @public
-     */
-    var $info_block_wrapper = 'p';
-    
-    /**
-     * Associative array of deprecated tag name to HTMLPurifier_TagTransform
-     * @public
-     */
-    var $info_tag_transform = array();
-    
-    /**
-     * Indexed list of HTMLPurifier_AttrTransform to be performed before validation.
-     * @public
-     */
-    var $info_attr_transform_pre = array();
-    
-    /**
-     * Indexed list of HTMLPurifier_AttrTransform to be performed after validation.
-     * @public
-     */
-    var $info_attr_transform_post = array();
-    
-    /**
-     * Nested lookup array of content set name (Block, Inline) to
-     * element name to whether or not it belongs in that content set.
-     * @public
-     */
-    var $info_content_sets = array();
-    
-    
-    
-    /** PUBLIC BUT INTERNAL VARIABLES */
-    
-    var $setup = false; /**< Has setup() been called yet? */
-    var $config; /**< Temporary instance of HTMLPurifier_Config */
-    
-    var $manager; /**< Instance of HTMLPurifier_HTMLModuleManager */
-    
-    /**
-     * Performs low-cost, preliminary initialization.
-     * @param $config Instance of HTMLPurifier_Config
-     */
-    function HTMLPurifier_HTMLDefinition(&$config) {
-        $this->config =& $config;
-        $this->manager = new HTMLPurifier_HTMLModuleManager();
-    }
-    
-    /**
-     * Processes internals into form usable by HTMLPurifier internals. 
-     * Modifying the definition after calling this function should not
-     * be done.
-     */
-    function setup() {
-        
-        // multiple call guard
-        if ($this->setup) {return;} else {$this->setup = true;}
-        
-        $this->processModules();
-        $this->setupConfigStuff();
-        
-        unset($this->config);
-        unset($this->manager);
-        
-    }
-    
-    /**
-     * Extract out the information from the manager
-     */
-    function processModules() {
-        
-        $this->manager->setup($this->config);
-        
-        foreach ($this->manager->activeModules as $module) {
-            foreach($module->info_tag_transform         as $k => $v) $this->info_tag_transform[$k]      = $v;
-            foreach($module->info_attr_transform_pre    as $k => $v) $this->info_attr_transform_pre[$k] = $v;
-            foreach($module->info_attr_transform_post   as $k => $v) $this->info_attr_transform_post[$k]= $v;
-        }
-        
-        $this->info = $this->manager->getElements($this->config);
-        $this->info_content_sets = $this->manager->contentSets->lookup;
-        
-    }
-    
-    /**
-     * Sets up stuff based on config. We need a better way of doing this.
-     */
-    function setupConfigStuff() {
-        
-        $block_wrapper = $this->config->get('HTML', 'BlockWrapper');
-        if (isset($this->info_content_sets['Block'][$block_wrapper])) {
-            $this->info_block_wrapper = $block_wrapper;
-        } else {
-            trigger_error('Cannot use non-block element as block wrapper.',
-                E_USER_ERROR);
-        }
-        
-        $parent = $this->config->get('HTML', 'Parent');
-        $def = $this->manager->getElement($parent, $this->config);
-        if ($def) {
-            $this->info_parent = $parent;
-            $this->info_parent_def = $def;
-        } else {
-            trigger_error('Cannot use unrecognized element as parent.',
-                E_USER_ERROR);
-            $this->info_parent_def = $this->manager->getElement(
-                $this->info_parent, $this->config);
-        }
-        
-        // support template text
-        $support = "(for information on implementing this, see the ".
-                   "support forums) ";
-        
-        // setup allowed elements, SubtractiveWhitelist module
-        $allowed_elements = $this->config->get('HTML', 'AllowedElements');
-        if (is_array($allowed_elements)) {
-            foreach ($this->info as $name => $d) {
-                if(!isset($allowed_elements[$name])) unset($this->info[$name]);
-                unset($allowed_elements[$name]);
-            }
-            // emit errors
-            foreach ($allowed_elements as $element => $d) {
-                trigger_error("Element '$element' is not supported $support", E_USER_WARNING);
-            }
-        }
-        
-        $allowed_attributes = $this->config->get('HTML', 'AllowedAttributes');
-        $allowed_attributes_mutable = $allowed_attributes; // by copy!
-        if (is_array($allowed_attributes)) {
-            foreach ($this->info_global_attr as $attr_key => $info) {
-                if (!isset($allowed_attributes["*.$attr_key"])) {
-                    unset($this->info_global_attr[$attr_key]);
-                } elseif (isset($allowed_attributes_mutable["*.$attr_key"])) {
-                    unset($allowed_attributes_mutable["*.$attr_key"]);
-                }
-            }
-            foreach ($this->info as $tag => $info) {
-                foreach ($info->attr as $attr => $attr_info) {
-                    if (!isset($allowed_attributes["$tag.$attr"]) &&
-                        !isset($allowed_attributes["*.$attr"])) {
-                        unset($this->info[$tag]->attr[$attr]);
-                    } else {
-                        if (isset($allowed_attributes_mutable["$tag.$attr"])) {
-                            unset($allowed_attributes_mutable["$tag.$attr"]);
-                        } elseif (isset($allowed_attributes_mutable["*.$attr"])) {
-                            unset($allowed_attributes_mutable["*.$attr"]);
-                        }
-                    }
-                }
-            }
-            // emit errors
-            foreach ($allowed_attributes_mutable as $elattr => $d) {
-                list($element, $attribute) = explode('.', $elattr);
-                if ($element == '*') {
-                    trigger_error("Global attribute '$attribute' is not ".
-                        "supported in any elements $support",
-                        E_USER_WARNING);
-                } else {
-                    trigger_error("Attribute '$attribute' in element '$element' not supported $support",
-                        E_USER_WARNING);
-                }
-            }
-        }
-        
-    }
-    
-    
-}
-
-?>
+<?php
+
+// components
+require_once 'HTMLPurifier/HTMLModuleManager.php';
+
+// this definition and its modules MUST NOT define configuration directives
+// outside of the HTML or Attr namespaces
+
+// will be superceded by more accurate doctype declaration schemes
+HTMLPurifier_ConfigSchema::define(
+    'HTML', 'Strict', false, 'bool',
+    'Determines whether or not to use Transitional (loose) or Strict rulesets. '.
+    'This directive has been available since 1.3.0.'
+);
+
+HTMLPurifier_ConfigSchema::define(
+    'HTML', 'BlockWrapper', 'p', 'string',
+    'String name of element to wrap inline elements that are inside a block '.
+    'context.  This only occurs in the children of blockquote in strict mode. '.
+    'Example: by default value, <code>&lt;blockquote&gt;Foo&lt;/blockquote&gt;</code> '.
+    'would become <code>&lt;blockquote&gt;&lt;p&gt;Foo&lt;/p&gt;&lt;/blockquote&gt;</code>. The '.
+    '<code>&lt;p&gt;</code> tags can be replaced '.
+    'with whatever you desire, as long as it is a block level element. '.
+    'This directive has been available since 1.3.0.'
+);
+
+HTMLPurifier_ConfigSchema::define(
+    'HTML', 'Parent', 'div', 'string',
+    'String name of element that HTML fragment passed to library will be '.
+    'inserted in.  An interesting variation would be using span as the '.
+    'parent element, meaning that only inline tags would be allowed. '.
+    'This directive has been available since 1.3.0.'
+);
+
+HTMLPurifier_ConfigSchema::define(
+    'HTML', 'AllowedElements', null, 'lookup/null',
+    'If HTML Purifier\'s tag set is unsatisfactory for your needs, you '.
+    'can overload it with your own list of tags to allow.  Note that this '.
+    'method is subtractive: it does its job by taking away from HTML Purifier '.
+    'usual feature set, so you cannot add a tag that HTML Purifier never '.
+    'supported in the first place (like embed, form or head).  If you change this, you '.
+    'probably also want to change %HTML.AllowedAttributes. '.
+    '<strong>Warning:</strong> If another directive conflicts with the '.
+    'elements here, <em>that</em> directive will win and override. '.
+    'This directive has been available since 1.3.0.'
+);
+
+HTMLPurifier_ConfigSchema::define(
+    'HTML', 'AllowedAttributes', null, 'lookup/null',
+    'IF HTML Purifier\'s attribute set is unsatisfactory, overload it! '.
+    'The syntax is \'tag.attr\' or \'*.attr\' for the global attributes '.
+    '(style, id, class, dir, lang, xml:lang).'.
+    '<strong>Warning:</strong> If another directive conflicts with the '.
+    'elements here, <em>that</em> directive will win and override. For '.
+    'example, %HTML.EnableAttrID will take precedence over *.id in this '.
+    'directive.  You must set that directive to true before you can use '.
+    'IDs at all. This directive has been available since 1.3.0.'
+);
+
+/**
+ * Definition of the purified HTML that describes allowed children,
+ * attributes, and many other things.
+ * 
+ * Conventions:
+ * 
+ * All member variables that are prefixed with info
+ * (including the main $info array) are used by HTML Purifier internals
+ * and should not be directly edited when customizing the HTMLDefinition.
+ * They can usually be set via configuration directives or custom
+ * modules.
+ * 
+ * On the other hand, member variables without the info prefix are used
+ * internally by the HTMLDefinition and MUST NOT be used by other HTML
+ * Purifier internals. Many of them, however, are public, and may be
+ * edited by userspace code to tweak the behavior of HTMLDefinition.
+ * 
+ * HTMLPurifier_Printer_HTMLDefinition is a notable exception to this
+ * rule: in the interest of comprehensiveness, it will sniff everything.
+ */
+class HTMLPurifier_HTMLDefinition
+{
+    
+    /** FULLY-PUBLIC VARIABLES */
+    
+    /**
+     * Associative array of element names to HTMLPurifier_ElementDef
+     * @public
+     */
+    var $info = array();
+    
+    /**
+     * Associative array of global attribute name to attribute definition.
+     * @public
+     */
+    var $info_global_attr = array();
+    
+    /**
+     * String name of parent element HTML will be going into.
+     * @public
+     */
+    var $info_parent = 'div';
+    
+    /**
+     * Definition for parent element, allows parent element to be a
+     * tag that's not allowed inside the HTML fragment.
+     * @public
+     */
+    var $info_parent_def;
+    
+    /**
+     * String name of element used to wrap inline elements in block context
+     * @note This is rarely used except for BLOCKQUOTEs in strict mode
+     * @public
+     */
+    var $info_block_wrapper = 'p';
+    
+    /**
+     * Associative array of deprecated tag name to HTMLPurifier_TagTransform
+     * @public
+     */
+    var $info_tag_transform = array();
+    
+    /**
+     * Indexed list of HTMLPurifier_AttrTransform to be performed before validation.
+     * @public
+     */
+    var $info_attr_transform_pre = array();
+    
+    /**
+     * Indexed list of HTMLPurifier_AttrTransform to be performed after validation.
+     * @public
+     */
+    var $info_attr_transform_post = array();
+    
+    /**
+     * Nested lookup array of content set name (Block, Inline) to
+     * element name to whether or not it belongs in that content set.
+     * @public
+     */
+    var $info_content_sets = array();
+    
+    
+    
+    /** PUBLIC BUT INTERNAL VARIABLES */
+    
+    var $setup = false; /**< Has setup() been called yet? */
+    var $config; /**< Temporary instance of HTMLPurifier_Config */
+    
+    var $manager; /**< Instance of HTMLPurifier_HTMLModuleManager */
+    
+    /**
+     * Performs low-cost, preliminary initialization.
+     * @param $config Instance of HTMLPurifier_Config
+     */
+    function HTMLPurifier_HTMLDefinition(&$config) {
+        $this->config =& $config;
+        $this->manager = new HTMLPurifier_HTMLModuleManager();
+    }
+    
+    /**
+     * Processes internals into form usable by HTMLPurifier internals. 
+     * Modifying the definition after calling this function should not
+     * be done.
+     */
+    function setup() {
+        
+        // multiple call guard
+        if ($this->setup) {return;} else {$this->setup = true;}
+        
+        $this->processModules();
+        $this->setupConfigStuff();
+        
+        unset($this->config);
+        unset($this->manager);
+        
+    }
+    
+    /**
+     * Extract out the information from the manager
+     */
+    function processModules() {
+        
+        $this->manager->setup($this->config);
+        
+        foreach ($this->manager->activeModules as $module) {
+            foreach($module->info_tag_transform         as $k => $v) $this->info_tag_transform[$k]      = $v;
+            foreach($module->info_attr_transform_pre    as $k => $v) $this->info_attr_transform_pre[$k] = $v;
+            foreach($module->info_attr_transform_post   as $k => $v) $this->info_attr_transform_post[$k]= $v;
+        }
+        
+        $this->info = $this->manager->getElements($this->config);
+        $this->info_content_sets = $this->manager->contentSets->lookup;
+        
+    }
+    
+    /**
+     * Sets up stuff based on config. We need a better way of doing this.
+     */
+    function setupConfigStuff() {
+        
+        $block_wrapper = $this->config->get('HTML', 'BlockWrapper');
+        if (isset($this->info_content_sets['Block'][$block_wrapper])) {
+            $this->info_block_wrapper = $block_wrapper;
+        } else {
+            trigger_error('Cannot use non-block element as block wrapper.',
+                E_USER_ERROR);
+        }
+        
+        $parent = $this->config->get('HTML', 'Parent');
+        $def = $this->manager->getElement($parent, $this->config);
+        if ($def) {
+            $this->info_parent = $parent;
+            $this->info_parent_def = $def;
+        } else {
+            trigger_error('Cannot use unrecognized element as parent.',
+                E_USER_ERROR);
+            $this->info_parent_def = $this->manager->getElement(
+                $this->info_parent, $this->config);
+        }
+        
+        // support template text
+        $support = "(for information on implementing this, see the ".
+                   "support forums) ";
+        
+        // setup allowed elements, SubtractiveWhitelist module
+        $allowed_elements = $this->config->get('HTML', 'AllowedElements');
+        if (is_array($allowed_elements)) {
+            foreach ($this->info as $name => $d) {
+                if(!isset($allowed_elements[$name])) unset($this->info[$name]);
+                unset($allowed_elements[$name]);
+            }
+            // emit errors
+            foreach ($allowed_elements as $element => $d) {
+                trigger_error("Element '$element' is not supported $support", E_USER_WARNING);
+            }
+        }
+        
+        $allowed_attributes = $this->config->get('HTML', 'AllowedAttributes');
+        $allowed_attributes_mutable = $allowed_attributes; // by copy!
+        if (is_array($allowed_attributes)) {
+            foreach ($this->info_global_attr as $attr_key => $info) {
+                if (!isset($allowed_attributes["*.$attr_key"])) {
+                    unset($this->info_global_attr[$attr_key]);
+                } elseif (isset($allowed_attributes_mutable["*.$attr_key"])) {
+                    unset($allowed_attributes_mutable["*.$attr_key"]);
+                }
+            }
+            foreach ($this->info as $tag => $info) {
+                foreach ($info->attr as $attr => $attr_info) {
+                    if (!isset($allowed_attributes["$tag.$attr"]) &&
+                        !isset($allowed_attributes["*.$attr"])) {
+                        unset($this->info[$tag]->attr[$attr]);
+                    } else {
+                        if (isset($allowed_attributes_mutable["$tag.$attr"])) {
+                            unset($allowed_attributes_mutable["$tag.$attr"]);
+                        } elseif (isset($allowed_attributes_mutable["*.$attr"])) {
+                            unset($allowed_attributes_mutable["*.$attr"]);
+                        }
+                    }
+                }
+            }
+            // emit errors
+            foreach ($allowed_attributes_mutable as $elattr => $d) {
+                list($element, $attribute) = explode('.', $elattr);
+                if ($element == '*') {
+                    trigger_error("Global attribute '$attribute' is not ".
+                        "supported in any elements $support",
+                        E_USER_WARNING);
+                } else {
+                    trigger_error("Attribute '$attribute' in element '$element' not supported $support",
+                        E_USER_WARNING);
+                }
+            }
+        }
+        
+    }
+    
+    
+}
+
+?>

library/HTMLPurifier/LanguageFactory.php

@@ -57,7 +57,7 @@ class HTMLPurifier_LanguageFactory
      * @param $prototype Optional prototype to overload sole instance with,
      *                   or bool true to reset to default factory.
      */
-    function &instance($prototype = null) {
+    static function &instance($prototype = null) {
         static $instance = null;
         if ($prototype !== null) {
             $instance = $prototype;

library/HTMLPurifier/Lexer.php

@@ -144,7 +144,7 @@ class HTMLPurifier_Lexer
      * @param $prototype Optional prototype lexer.
      * @return Concrete lexer.
      */
-    function create($prototype = null) {
+    static function create($prototype = null) {
         // we don't really care if it's a reference or a copy
         static $lexer = null;
         if ($prototype) {
@@ -171,7 +171,7 @@ class HTMLPurifier_Lexer
      * @param $string HTML string to process.
      * @returns HTML with CDATA sections escaped.
      */
-    function escapeCDATA($string) {
+    static function escapeCDATA($string) {
         return preg_replace_callback(
             '/<!\[CDATA\[(.+?)\]\]>/',
             array('HTMLPurifier_Lexer', 'CDATACallback'),
@@ -189,7 +189,7 @@ class HTMLPurifier_Lexer
      *                  and 1 the inside of the CDATA section.
      * @returns Escaped internals of the CDATA section.
      */
-    function CDATACallback($matches) {
+    static function CDATACallback($matches) {
         // not exactly sure why the character set is needed, but whatever
         return htmlspecialchars($matches[1], ENT_COMPAT, 'UTF-8');
     }

library/HTMLPurifier/URISchemeRegistry.php

@@ -38,7 +38,7 @@ class HTMLPurifier_URISchemeRegistry
      * @note Pass a registry object $prototype with a compatible interface and
      *       the function will copy it and return it all further times.
      */
-    function &instance($prototype = null) {
+    static function &instance($prototype = null) {
         static $instance = null;
         if ($prototype !== null) {
             $instance = $prototype;

smoketests/common.php

@@ -3,7 +3,7 @@
 header('Content-type: text/html; charset=UTF-8');
 
 require_once '../library/HTMLPurifier.auto.php';
-error_reporting(E_ALL);
+error_reporting(E_ALL | E_STRICT);
 
 function escapeHTML($string) {
     $string = HTMLPurifier_Encoder::cleanUTF8($string);
@@ -11,4 +11,4 @@ function escapeHTML($string) {
     return $string;
 }
 
-?>
+?>

tests/Debugger.php

@@ -73,7 +73,7 @@ class Debugger
     /**
      * @static
      */
-    function &instance() {
+    static function &instance() {
         static $soleInstance = false;
         if (!$soleInstance) $soleInstance = new Debugger();
         return $soleInstance;
@@ -145,4 +145,4 @@ class Debugger
     
 }
 
-?>
+?>

tests/HTMLPurifier/HTMLModuleManagerTest.php

@@ -187,11 +187,9 @@ class HTMLPurifier_HTMLModuleManagerTest extends UnitTestCase
         $this->expectError( // active variables, watch out!
             'Illegal inclusion array at index 1 found collection HTML, '.
             'inclusion arrays must be at start of collection (index 0)');
-                $c = array(
+        $c = array(
             'HTML' => array('Legacy', array('XHTML')),
             'XHTML' => array('Text', 'Hypertext')
-
-
         );
         $this->manager->processCollections($c);
         unset($c);
@@ -200,8 +198,6 @@ class HTMLPurifier_HTMLModuleManagerTest extends UnitTestCase
             'module Foobar');
         $c = array(
             'HTML' => array('Foobar')
-
-
         );
         $this->manager->processCollections($c);
         unset($c);
@@ -210,8 +206,6 @@ class HTMLPurifier_HTMLModuleManagerTest extends UnitTestCase
             'collection _Common');
         $c = array(
             'HTML' => array(array('_Common'), 'Legacy')
-
-
         );
         $this->manager->processCollections($c);
         unset($c);
@@ -221,8 +215,6 @@ class HTMLPurifier_HTMLModuleManagerTest extends UnitTestCase
         $c = array(
             'HTML' => array(array('XHTML')),
             'XHTML' => array(array('HTML'))
-
-
         );
         $this->manager->processCollections($c);
         unset($c);

tests/HTMLPurifier/LexerTest.php

@@ -16,9 +16,8 @@ class HTMLPurifier_LexerTest extends UnitTestCase
         
         $this->DirectLex = new HTMLPurifier_Lexer_DirectLex();
         
-        // E_STRICT = 2048, int used for PHP4 compat
         if ( $GLOBALS['HTMLPurifierTest']['PEAR'] && 
-             ((error_reporting() & 2048) != 2048)
+             ((error_reporting() & E_STRICT) != E_STRICT)
         ) {
             $this->_has_pear = true;
             require_once 'HTMLPurifier/Lexer/PEARSax3.php';
@@ -327,4 +326,4 @@ class HTMLPurifier_LexerTest extends UnitTestCase
     
 }
 
-?>
+?>

tests/index.php

@@ -3,7 +3,7 @@
 // call one file using /?f=FileTest.php , see $test_files array for
 // valid values
 
-error_reporting(E_ALL);
+error_reporting(E_ALL | E_STRICT);
 define('HTMLPurifierTest', 1);
 
 // wishlist: automated calling of this file from multiple PHP versions so we