ILIAS  Release_4_3_x_branch Revision 61807
 All Data Structures Namespaces Files Functions Variables Groups Pages
HTMLPurifier_AttrDef_CSS Class Reference

Validates the HTML attribute style, otherwise known as CSS. More...

+ Inheritance diagram for HTMLPurifier_AttrDef_CSS:
+ Collaboration diagram for HTMLPurifier_AttrDef_CSS:

Public Member Functions

 validate ($css, $config, $context)
 Validates and cleans passed string according to a definition.
- Public Member Functions inherited from HTMLPurifier_AttrDef
 parseCDATA ($string)
 Convenience method that parses a string as if it were CDATA.
 make ($string)
 Factory method for creating this class from a string.

Additional Inherited Members

- Data Fields inherited from HTMLPurifier_AttrDef
 $minimized = false
 Tells us whether or not an HTML attribute is minimized.
 $required = false
 Tells us whether or not an HTML attribute is required.
- Protected Member Functions inherited from HTMLPurifier_AttrDef
 mungeRgb ($string)
 Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work properly.
 expandCSSEscape ($string)
 Parses a possibly escaped CSS string and returns the "pure" version of it.

Detailed Description

Validates the HTML attribute style, otherwise known as CSS.

Note
We don't implement the whole CSS specification, so it might be difficult to reuse this component in the context of validating actual stylesheet declarations.
If we were really serious about validating the CSS, we would tokenize the styles and then parse the tokens. Obviously, we are not doing that. Doing that could seriously harm performance, but would make these components a lot more viable for a CSS filtering solution.

Definition at line 14 of file CSS.php.

Member Function Documentation

HTMLPurifier_AttrDef_CSS::validate (   $string,
  $config,
  $context 
)

Validates and cleans passed string according to a definition.

Parameters
$stringString to be validated and cleaned.
$configMandatory HTMLPurifier_Config object.
$contextMandatory HTMLPurifier_AttrContext object.

Name of the current CSS property being validated.

Reimplemented from HTMLPurifier_AttrDef.

Definition at line 17 of file CSS.php.

References $ok, $result, and HTMLPurifier_AttrDef\parseCDATA().

{
$css = $this->parseCDATA($css);
$definition = $config->getCSSDefinition();
// we're going to break the spec and explode by semicolons.
// This is because semicolon rarely appears in escaped form
// Doing this is generally flaky but fast
// IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI
// for details
$declarations = explode(';', $css);
$propvalues = array();
$property = false;
$context->register('CurrentCSSProperty', $property);
foreach ($declarations as $declaration) {
if (!$declaration) continue;
if (!strpos($declaration, ':')) continue;
list($property, $value) = explode(':', $declaration, 2);
$property = trim($property);
$value = trim($value);
$ok = false;
do {
if (isset($definition->info[$property])) {
$ok = true;
break;
}
if (ctype_lower($property)) break;
$property = strtolower($property);
if (isset($definition->info[$property])) {
$ok = true;
break;
}
} while(0);
if (!$ok) continue;
// inefficient call, since the validator will do this again
if (strtolower(trim($value)) !== 'inherit') {
// inherit works for everything (but only on the base property)
$result = $definition->info[$property]->validate(
$value, $config, $context );
} else {
$result = 'inherit';
}
if ($result === false) continue;
$propvalues[$property] = $result;
}
$context->destroy('CurrentCSSProperty');
// procedure does not write the new CSS simultaneously, so it's
// slightly inefficient, but it's the only way of getting rid of
// duplicates. Perhaps config to optimize it, but not now.
$new_declarations = '';
foreach ($propvalues as $prop => $value) {
$new_declarations .= "$prop:$value;";
}
return $new_declarations ? $new_declarations : false;
}

+ Here is the call graph for this function:


The documentation for this class was generated from the following file: