Adding SafeString which is going to replace p::clean() and p::purify().

Refactoring of Xss_Security_Test.
t() and t2() return a SafeString instance.

TODO:
 - Update all code to use SafeString where appropriate.
 - Update golden fole of Xss_Security_Test
 - Stop reporting CLEAN vars in Xss_Security_Test

1 files changed, 3 insertions, 13 deletions

diff --git a/modules/gallery/helpers/p.php b/modules/gallery/helpers/p.php
index 862c769b..e852c086 100644
--- a/modules/gallery/helpers/p.php
+++ b/modules/gallery/helpers/p.php
@@ -18,22 +18,12 @@
  * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
  */
 class p_Core {
-  private static $_purifier = null;
   static function clean($dirty_html) {
-    return html::specialchars($dirty_html);
+    return new SafeString($dirty_html);
   }
 
+  // Deprecated: Please use p::clean($var).purified_html()
   static function purify($dirty_html) {
-    if (empty(self::$_purifier)) {
-      require_once(dirname(__file__) . "/../lib/HTMLPurifier/HTMLPurifier.auto.php");
-      $config = HTMLPurifier_Config::createDefault();
-      foreach (Kohana::config('purifier') as $category => $key_value) {
-        foreach ($key_value as $key => $value) {
-          $config->set("$category.$key", $value);
-        }
-      }
-      self::$_purifier = new HTMLPurifier($config);
-    }
-    return self::$_purifier->purify($dirty_html);
+    return SafeString::of($dirty_html)->purified_html();
   }
 }