ILIAS  Release_4_2_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
HTMLPurifier_AttrDef Class Reference

Base class for all validating attribute definitions. More...

+ Inheritance diagram for HTMLPurifier_AttrDef:
+ Collaboration diagram for HTMLPurifier_AttrDef:

Public Member Functions

 validate ($string, $config, $context)
 Validates and cleans passed string according to a definition.
 parseCDATA ($string)
 Convenience method that parses a string as if it were CDATA.
 make ($string)
 Factory method for creating this class from a string.

Data Fields

 $minimized = false
 Tells us whether or not an HTML attribute is minimized.
 $required = false
 Tells us whether or not an HTML attribute is required.

Protected Member Functions

 mungeRgb ($string)
 Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work properly.
 expandCSSEscape ($string)
 Parses a possibly escaped CSS string and returns the "pure" version of it.

Detailed Description

Base class for all validating attribute definitions.

This family of classes forms the core for not only HTML attribute validation, but also any sort of string that needs to be validated or cleaned (which means CSS properties and composite definitions are defined here too). Besides defining (through code) what precisely makes the string valid, subclasses are also responsible for cleaning the code if possible.

Definition at line 13 of file AttrDef.php.

Member Function Documentation

HTMLPurifier_AttrDef::expandCSSEscape (   $string)
protected

Parses a possibly escaped CSS string and returns the "pure" version of it.

Definition at line 89 of file AttrDef.php.

References $ret, HTMLPurifier_Encoder\cleanUTF8(), and HTMLPurifier_Encoder\unichr().

Referenced by HTMLPurifier_AttrDef_CSS_URI\validate(), and HTMLPurifier_AttrDef_CSS_FontFamily\validate().

{
// flexibly parse it
$ret = '';
for ($i = 0, $c = strlen($string); $i < $c; $i++) {
if ($string[$i] === '\\') {
$i++;
if ($i >= $c) {
$ret .= '\\';
break;
}
if (ctype_xdigit($string[$i])) {
$code = $string[$i];
for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {
if (!ctype_xdigit($string[$i])) break;
$code .= $string[$i];
}
// We have to be extremely careful when adding
// new characters, to make sure we're not breaking
// the encoding.
$char = HTMLPurifier_Encoder::unichr(hexdec($code));
if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue;
$ret .= $char;
if ($i < $c && trim($string[$i]) !== '') $i--;
continue;
}
if ($string[$i] === "\n") continue;
}
$ret .= $string[$i];
}
return $ret;
}

+ Here is the call graph for this function:

+ Here is the caller graph for this function:

HTMLPurifier_AttrDef::make (   $string)

Factory method for creating this class from a string.

Parameters
$stringString construction info
Returns
Created AttrDef object corresponding to $string

Reimplemented in HTMLPurifier_AttrDef_Enum, HTMLPurifier_AttrDef_HTML_Pixels, HTMLPurifier_AttrDef_HTML_Bool, and HTMLPurifier_AttrDef_URI.

Definition at line 69 of file AttrDef.php.

Referenced by HTMLPurifier_AttrDef_CSS_Length\__construct(), and HTMLPurifier_AttrDef_CSS_Length\validate().

{
// default implementation, return a flyweight of this object.
// If $string has an effect on the returned object (i.e. you
// need to overload this method), it is best
// to clone or instantiate new copies. (Instantiation is safer.)
return $this;
}

+ Here is the caller graph for this function:

HTMLPurifier_AttrDef::mungeRgb (   $string)
protected

Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work properly.

THIS IS A HACK!

Definition at line 81 of file AttrDef.php.

Referenced by HTMLPurifier_AttrDef_CSS_Border\validate(), and HTMLPurifier_AttrDef_CSS_Background\validate().

{
return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string);
}

+ Here is the caller graph for this function:

HTMLPurifier_AttrDef::parseCDATA (   $string)

Convenience method that parses a string as if it were CDATA.

This method process a string in the manner specified at http://www.w3.org/TR/html4/types.html#h-6.2 by removing leading and trailing whitespace, ignoring line feeds, and replacing carriage returns and tabs with spaces. While most useful for HTML attributes specified as CDATA, it can also be applied to most CSS values.

Note
This method is not entirely standards compliant, as trim() removes more types of whitespace than specified in the spec. In practice, this is rarely a problem, as those extra characters usually have already been removed by HTMLPurifier_Encoder.
Warning
This processing is inconsistent with XML's whitespace handling as specified by section 3.3.3 and referenced XHTML 1.0 section 4.7. However, note that we are NOT necessarily parsing XML, thus, this behavior may still be correct. We assume that newlines have been normalized.

Definition at line 58 of file AttrDef.php.

Referenced by HTMLPurifier_AttrDef_Text\validate(), HTMLPurifier_AttrDef_CSS_TextDecoration\validate(), HTMLPurifier_AttrDef_CSS_Filter\validate(), HTMLPurifier_AttrDef_CSS\validate(), HTMLPurifier_AttrDef_CSS_URI\validate(), HTMLPurifier_AttrDef_CSS_Length\validate(), HTMLPurifier_AttrDef_CSS_Border\validate(), HTMLPurifier_AttrDef_CSS_Percentage\validate(), HTMLPurifier_AttrDef_CSS_ListStyle\validate(), HTMLPurifier_AttrDef_CSS_Background\validate(), HTMLPurifier_AttrDef_CSS_Number\validate(), HTMLPurifier_AttrDef_URI\validate(), HTMLPurifier_AttrDef_HTML_LinkTypes\validate(), HTMLPurifier_AttrDef_CSS_Font\validate(), HTMLPurifier_AttrDef_CSS_Multiple\validate(), HTMLPurifier_AttrDef_Integer\validate(), and HTMLPurifier_AttrDef_CSS_BackgroundPosition\validate().

{
$string = trim($string);
$string = str_replace(array("\n", "\t", "\r"), ' ', $string);
return $string;
}

+ Here is the caller graph for this function:

HTMLPurifier_AttrDef::validate (   $string,
  $config,
  $context 
)
abstract

Validates and cleans passed string according to a definition.

Parameters
$stringString to be validated and cleaned.
$configMandatory HTMLPurifier_Config object.
$contextMandatory HTMLPurifier_AttrContext object.

Reimplemented in HTMLPurifier_AttrDef_CSS_BackgroundPosition, HTMLPurifier_AttrDef_CSS_FontFamily, HTMLPurifier_AttrDef_Integer, HTMLPurifier_AttrDef_CSS_Multiple, HTMLPurifier_AttrDef_Enum, HTMLPurifier_AttrDef_CSS_Font, HTMLPurifier_AttrDef_CSS_Composite, HTMLPurifier_AttrDef_HTML_LinkTypes, HTMLPurifier_AttrDef_URI, HTMLPurifier_AttrDef_CSS_Background, HTMLPurifier_AttrDef_CSS_Number, HTMLPurifier_AttrDef_URI_Host, HTMLPurifier_AttrDef_CSS_ListStyle, HTMLPurifier_AttrDef_CSS_Border, HTMLPurifier_AttrDef_CSS_DenyElementDecorator, HTMLPurifier_AttrDef_CSS_ImportantDecorator, HTMLPurifier_AttrDef_CSS_Percentage, HTMLPurifier_AttrDef_CSS_Length, HTMLPurifier_AttrDef_CSS_URI, HTMLPurifier_AttrDef_HTML_ID, HTMLPurifier_AttrDef_CSS_Filter, HTMLPurifier_AttrDef_CSS, HTMLPurifier_AttrDef_HTML_Pixels, HTMLPurifier_AttrDef_URI_IPv4, HTMLPurifier_AttrDef_HTML_Bool, HTMLPurifier_AttrDef_HTML_FrameTarget, HTMLPurifier_AttrDef_HTML_Length, HTMLPurifier_AttrDef_HTML_MultiLength, HTMLPurifier_AttrDef_URI_IPv6, HTMLPurifier_AttrDef_CSS_TextDecoration, HTMLPurifier_AttrDef_CSS_AlphaValue, HTMLPurifier_AttrDef_Lang, HTMLPurifier_AttrDef_URI_Email_SimpleCheck, HTMLPurifier_AttrDef_CSS_Color, HTMLPurifier_AttrDef_HTML_Color, HTMLPurifier_AttrDef_HTML_Nmtokens, and HTMLPurifier_AttrDef_Text.

Field Documentation

HTMLPurifier_AttrDef::$minimized = false

Tells us whether or not an HTML attribute is minimized.

Has no meaning in other contexts.

Definition at line 20 of file AttrDef.php.

HTMLPurifier_AttrDef::$required = false

Tells us whether or not an HTML attribute is required.

Has no meaning in other contexts

Definition at line 26 of file AttrDef.php.


The documentation for this class was generated from the following file: