darylldoyle/svg-sanitizer

View on GitHub
src/svg-scanner.php

Summary

Maintainability
A
0 mins
Test Coverage
F
0%
#!/usr/bin/env php
<?php

/*
 * Simple program that uses svg-sanitizer
 * to find issues in files specified on the
 * command line, and prints a JSON output with
 * the issues found on exit.
 */

require_once( __DIR__ . '/data/AttributeInterface.php' );
require_once( __DIR__ . '/data/TagInterface.php' );
require_once( __DIR__ . '/data/AllowedAttributes.php' );
require_once( __DIR__ . '/data/AllowedTags.php' );
require_once( __DIR__ . '/data/XPath.php' );
require_once( __DIR__ . '/ElementReference/Resolver.php' );
require_once( __DIR__ . '/ElementReference/Subject.php' );
require_once( __DIR__ . '/ElementReference/Usage.php' );
require_once( __DIR__ . '/Exceptions/NestingException.php' );
require_once( __DIR__ . '/Helper.php' );
require_once( __DIR__ . '/Sanitizer.php' );

/*
 * Print array as JSON and then
 * exit program with a particular
 * exit-code.
 */

function sysexit(
    $results,
    $status
) {
    echo json_encode(
        $results,
        JSON_PRETTY_PRINT
    );

    exit( $status );
}


/*
 * Main part begins
 */

global $argv;

/*
 * Set up results array, to
 * be printed on exit.
 */
$results = array(
    'totals' => array(
        'errors' => 0,
    ),

    'files' => array(
    ),
);


/*
 * Catch files to scan from $argv.
 */

$files_to_scan = $argv;
unset( $files_to_scan[0] );

$files_to_scan = array_values(
    $files_to_scan
);

/*
 * Catch no file specified.
 */

if ( empty( $files_to_scan ) ) {
    $results['totals']['errors']++;
    $results['messages'] = array(
        array( 'No files to scan specified' ),
    );

    sysexit(
        $results,
        1
    );
}

/*
 * Initialize the SVG scanner.
 *
 * Make sure to allow custom attributes,
 * and to remove remote references.
 */
$sanitizer = new enshrined\svgSanitize\Sanitizer();

$sanitizer->removeRemoteReferences( true );

/*
 * Scan each file specified to be scanned.
 */

foreach( $files_to_scan as $file_name ) {
    /*
     * Read SVG file.
     */
    $svg_file = @file_get_contents( $file_name );

    /*
     * If not found, report that and continue.
     */
    if ( false === $svg_file ) {
        $results['totals']['errors']++;

        $results['files'][ $file_name ][] = array(
            'errors' => 1,
            'messages' => array(
                array(
                    'message' => 'File specified could not be read (' . $file_name . ')',
                    'line' => null,
                ),
            ),
        );

        continue;
    }

    /*
     * Sanitize file and get issues found.
     */
    $sanitize_status = $sanitizer->sanitize( $svg_file );

    $xml_issues = $sanitizer->getXmlIssues();

    /*
     * If we find no issues, simply note that.
     */
    if ( empty( $xml_issues ) && ( false !== $sanitize_status ) ) {
        $results['files'][ $file_name ] = array(
            'errors' => 0,
            'messages' => array()
        );
    }

    /*
     * Could not sanitize the file.
     */
    else if (
        ( '' === $sanitize_status ) ||
        ( false === $sanitize_status )
    ) {
        $results['totals']['errors']++;

        $results['files'][ $file_name ] = array(
            'errors' => 1,
            'messages' => array(
                array(
                    'message' => 'Unable to sanitize file \'' . $file_name . '\'' ,
                    'line' => null,
                )
            ),
        );
    }

    /*
     * If we find issues, note it and update statistics.
     */

    else {
        $results['totals']['errors'] += count( $xml_issues );

        $results['files'][ $file_name ] = array(
            'errors' => count( $xml_issues ),
            'messages' => $xml_issues,
        );
    }

    unset( $svg_file );
    unset( $xml_issues );
    unset( $sanitize_status );
}


/*
 * Exit with a status
 * that reflects what issues
 * we found.
 */
sysexit(
    $results,
    ( $results['totals']['errors'] === 0 ? 0 : 1 )
);