<?php
/**
 * This file is part of the transcoding library. It contains the
 * definition of the {@link TranscodingActionDeletePopup} class.
 * 
 * @author Sylvain Lequeux
 * @author Francois Daoust <fd@w3.org>
 * @package TransPythia
 * @version $Revision: 1.18 $
 * @license http://www.w3.org/Consortium/Legal/2002/copyright-software-20021231.html W3C Software Notice and License
 * @copyright Copyright (c) 2009, W3C (MIT, ERCIM, Keio)
 */


/**
 * Include the {@link TranscodingAction} base class definition.
 */
require_once(dirname(__FILE__) . '/transcodingaction.php');


/**
 * Transcoding action that removes scripts from the given HTML content when the
 * requesting device does not support them.
 * 
 * The action removes script tags and event attributes.
 * 
 * The DDR property reference that the transcoding action uses to tell whether
 * the requesting device supports scripting or not may be defined in a
 * "script_support" option through a call to {@link TranscodingAction::setOption()}.
 * The action uses the scriptSupport property of the DDR Core Vocabulary by default.
 * 
 * @author Sylvain Lequeux
 * @author Francois Daoust <fd@w3.org>
 * @package TransPythia
 * @version $Revision: 1.18 $
 * @license http://www.w3.org/Consortium/Legal/2002/copyright-software-20021231.html W3C Software Notice and License
 * @copyright Copyright (c) 2009, W3C (MIT, ERCIM, Keio)
 */
class TranscodingActionDeleteScript extends TranscodingAction {
	
	/**
	 * Removes all occurrences of script from the given content if the
	 * requesting device does not support scripting.
	 * 
	 * @param $content string The HTML content to transcode.
	 * @param $content string The HTML content to transcode.
	 * @return string The transcoded content.
	 * @exception SystemException The evidence is not valid.
	 */
	public function apply($content, $evidence){
		$this->initPropertyValues($evidence);
		
		$this->initProperty('script_support',
			'scriptSupport',
			TranscodingAction::$CORE_VOCABULARY,
			'webBrowser');
			
		$property = $this->getOption('script_support');
		$support_scripting = $this->getPropertyValuePr($property);
		
		if(!isset($support_scripting)
		|| in_array("ecmascript-MP", $support_scripting->getEnumeration())){
		  	return $content;
		}
		
		// Remove external script references
		$pattern = '<script(\s[^>]*)?/>';
		$content = preg_replace('|'.$pattern.'|i', '', $content);
		
		// Remove inline scripts
		$pattern = '<script(\s[^>]*)?>[^<]*</script\s?>';
		$content = preg_replace('|'.$pattern.'|i', '', $content);
		
		// Remove intrinsic events (e.g. onclick="alert('example');")
		// Full list at http://www.w3.org/TR/html4/interact/scripts.html#h-18.2.3
		$on_attributes = array(
				'onload',
				'onunload',
				'onclick',
				'ondblclick',
				'onmousedown',
				'onmouseup',
				'onmouseover',
				'onmousemove',
				'onmouseout',
				'onfocus',
				'onblur',
				'onkeypress',
				'onkeydown',
				'onkeyup',
				'onsubmit',
				'onreset',
				'onselect',
				'onchange'
			);
		foreach($on_attributes as $attribute){
			$patterns = array();
			// on_attribute with double quote
			$patterns[0] = '|(<[^\s]+(\s[^>]*)?)\s'.$attribute.'\="[^"]*"([^>]*>)|U';
			// on_attribute with simple quote
			$patterns[1] = '|(<[^\s]+(\s[^>]*)?)\s'.$attribute."\='[^']*'([^>]*>)|U";
			// on_attribute without quote
			$patterns[2] = '|(<[^\s]+(\s[^>]*)?)\s'.$attribute."\=[^\s]*([^>]*>)|U";
			$replace = array('\\1\\3', '\\1\\3', '\\1\\3');
			$content = preg_replace($patterns, $replace, $content);
		}	
		
		return $content;
	}
}

?>