ILIAS  release_5-1 Revision 5.0.0-5477-g43f3e3fab5f
HTMLPurifier_AttrDef Class Reference

Base class for all validating attribute definitions. More...

+ Inheritance diagram for HTMLPurifier_AttrDef:
+ Collaboration diagram for HTMLPurifier_AttrDef:

Public Member Functions

 validate ($string, $config, $context)
 Validates and cleans passed string according to a definition. More...
 
 parseCDATA ($string)
 Convenience method that parses a string as if it were CDATA. More...
 
 make ($string)
 Factory method for creating this class from a string. More...
 

Data Fields

 $minimized = false
 Tells us whether or not an HTML attribute is minimized. More...
 
 $required = false
 Tells us whether or not an HTML attribute is required. More...
 

Protected Member Functions

 mungeRgb ($string)
 Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work properly. More...
 
 expandCSSEscape ($string)
 Parses a possibly escaped CSS string and returns the "pure" version of it. More...
 

Detailed Description

Base class for all validating attribute definitions.

This family of classes forms the core for not only HTML attribute validation, but also any sort of string that needs to be validated or cleaned (which means CSS properties and composite definitions are defined here too). Besides defining (through code) what precisely makes the string valid, subclasses are also responsible for cleaning the code if possible.

Definition at line 13 of file AttrDef.php.

Member Function Documentation

◆ expandCSSEscape()

HTMLPurifier_AttrDef::expandCSSEscape (   $string)
protected

Parses a possibly escaped CSS string and returns the "pure" version of it.

Definition at line 96 of file AttrDef.php.

97 {
98 // flexibly parse it
99 $ret = '';
100 for ($i = 0, $c = strlen($string); $i < $c; $i++) {
101 if ($string[$i] === '\\') {
102 $i++;
103 if ($i >= $c) {
104 $ret .= '\\';
105 break;
106 }
107 if (ctype_xdigit($string[$i])) {
108 $code = $string[$i];
109 for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) {
110 if (!ctype_xdigit($string[$i])) {
111 break;
112 }
113 $code .= $string[$i];
114 }
115 // We have to be extremely careful when adding
116 // new characters, to make sure we're not breaking
117 // the encoding.
118 $char = HTMLPurifier_Encoder::unichr(hexdec($code));
119 if (HTMLPurifier_Encoder::cleanUTF8($char) === '') {
120 continue;
121 }
122 $ret .= $char;
123 if ($i < $c && trim($string[$i]) !== '') {
124 $i--;
125 }
126 continue;
127 }
128 if ($string[$i] === "\n") {
129 continue;
130 }
131 }
132 $ret .= $string[$i];
133 }
134 return $ret;
135 }
static unichr($code)
Translates a Unicode codepoint into its corresponding UTF-8 character.
Definition: Encoder.php:309
static cleanUTF8($str, $force_php=false)
Cleans a UTF-8 string for well-formedness and SGML validity.
Definition: Encoder.php:127
$code
Definition: example_050.php:99

References $code, $ret, HTMLPurifier_Encoder\cleanUTF8(), and HTMLPurifier_Encoder\unichr().

Referenced by HTMLPurifier_AttrDef_CSS_FontFamily\validate(), and HTMLPurifier_AttrDef_CSS_URI\validate().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ make()

HTMLPurifier_AttrDef::make (   $string)

Factory method for creating this class from a string.

Parameters
string$stringString construction info
Returns
HTMLPurifier_AttrDef Created AttrDef object corresponding to $string

Reimplemented in HTMLPurifier_AttrDef_Clone, HTMLPurifier_AttrDef_Enum, HTMLPurifier_AttrDef_HTML_Bool, HTMLPurifier_AttrDef_HTML_Pixels, and HTMLPurifier_AttrDef_URI.

Definition at line 72 of file AttrDef.php.

73 {
74 // default implementation, return a flyweight of this object.
75 // If $string has an effect on the returned object (i.e. you
76 // need to overload this method), it is best
77 // to clone or instantiate new copies. (Instantiation is safer.)
78 return $this;
79 }

◆ mungeRgb()

HTMLPurifier_AttrDef::mungeRgb (   $string)
protected

Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work properly.

THIS IS A HACK!

Parameters
string$stringa CSS colour definition
Returns
string

Definition at line 87 of file AttrDef.php.

88 {
89 return preg_replace('/rgb\‍((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\‍)/', 'rgb(\1,\2,\3)', $string);
90 }

Referenced by HTMLPurifier_AttrDef_CSS_Background\validate(), HTMLPurifier_AttrDef_CSS_Border\validate(), and HTMLPurifier_AttrDef_CSS_Multiple\validate().

+ Here is the caller graph for this function:

◆ parseCDATA()

HTMLPurifier_AttrDef::parseCDATA (   $string)

Convenience method that parses a string as if it were CDATA.

This method process a string in the manner specified at http://www.w3.org/TR/html4/types.html#h-6.2 by removing leading and trailing whitespace, ignoring line feeds, and replacing carriage returns and tabs with spaces. While most useful for HTML attributes specified as CDATA, it can also be applied to most CSS values.

Note
This method is not entirely standards compliant, as trim() removes more types of whitespace than specified in the spec. In practice, this is rarely a problem, as those extra characters usually have already been removed by HTMLPurifier_Encoder.
Warning
This processing is inconsistent with XML's whitespace handling as specified by section 3.3.3 and referenced XHTML 1.0 section 4.7. However, note that we are NOT necessarily parsing XML, thus, this behavior may still be correct. We assume that newlines have been normalized.

Definition at line 60 of file AttrDef.php.

61 {
62 $string = trim($string);
63 $string = str_replace(array("\n", "\t", "\r"), ' ', $string);
64 return $string;
65 }

Referenced by HTMLPurifier_AttrDef_CSS\validate(), HTMLPurifier_AttrDef_Integer\validate(), HTMLPurifier_AttrDef_CSS_Number\validate(), HTMLPurifier_AttrDef_CSS_Background\validate(), HTMLPurifier_AttrDef_CSS_BackgroundPosition\validate(), HTMLPurifier_AttrDef_CSS_Border\validate(), HTMLPurifier_AttrDef_CSS_Font\validate(), HTMLPurifier_AttrDef_CSS_Length\validate(), HTMLPurifier_AttrDef_CSS_ListStyle\validate(), HTMLPurifier_AttrDef_CSS_Multiple\validate(), HTMLPurifier_AttrDef_CSS_Percentage\validate(), HTMLPurifier_AttrDef_CSS_TextDecoration\validate(), HTMLPurifier_AttrDef_HTML_LinkTypes\validate(), HTMLPurifier_AttrDef_Text\validate(), HTMLPurifier_AttrDef_URI\validate(), HTMLPurifier_AttrDef_CSS_URI\validate(), and HTMLPurifier_AttrDef_CSS_Filter\validate().

+ Here is the caller graph for this function:

◆ validate()

HTMLPurifier_AttrDef::validate (   $string,
  $config,
  $context 
)
abstract

Validates and cleans passed string according to a definition.

Parameters
string$stringString to be validated and cleaned.
HTMLPurifier_Config$configMandatory HTMLPurifier_Config object.
HTMLPurifier_Context$contextMandatory HTMLPurifier_Context object.

Reimplemented in HTMLPurifier_AttrDef_URI_IPv4, HTMLPurifier_AttrDef_URI_IPv6, HTMLPurifier_AttrDef_CSS_Color, HTMLPurifier_AttrDef_CSS, HTMLPurifier_AttrDef_HTML_ID, HTMLPurifier_AttrDef_Integer, HTMLPurifier_AttrDef_CSS_AlphaValue, HTMLPurifier_AttrDef_CSS_Number, HTMLPurifier_AttrDef_CSS_Background, HTMLPurifier_AttrDef_CSS_BackgroundPosition, HTMLPurifier_AttrDef_CSS_Border, HTMLPurifier_AttrDef_CSS_Composite, HTMLPurifier_AttrDef_CSS_DenyElementDecorator, HTMLPurifier_AttrDef_CSS_Font, HTMLPurifier_AttrDef_CSS_FontFamily, HTMLPurifier_AttrDef_CSS_Ident, HTMLPurifier_AttrDef_CSS_ImportantDecorator, HTMLPurifier_AttrDef_CSS_Length, HTMLPurifier_AttrDef_CSS_ListStyle, HTMLPurifier_AttrDef_CSS_Multiple, HTMLPurifier_AttrDef_CSS_Percentage, HTMLPurifier_AttrDef_CSS_TextDecoration, HTMLPurifier_AttrDef_Enum, HTMLPurifier_AttrDef_HTML_Bool, HTMLPurifier_AttrDef_HTML_Color, HTMLPurifier_AttrDef_HTML_FrameTarget, HTMLPurifier_AttrDef_HTML_Length, HTMLPurifier_AttrDef_HTML_LinkTypes, HTMLPurifier_AttrDef_HTML_MultiLength, HTMLPurifier_AttrDef_HTML_Nmtokens, HTMLPurifier_AttrDef_HTML_Pixels, HTMLPurifier_AttrDef_Lang, HTMLPurifier_AttrDef_Text, HTMLPurifier_AttrDef_URI_Email_SimpleCheck, HTMLPurifier_AttrDef_URI_Host, HTMLPurifier_AttrDef_URI, HTMLPurifier_AttrDef_CSS_URI, HTMLPurifier_AttrDef_Clone, and HTMLPurifier_AttrDef_CSS_Filter.

Field Documentation

◆ $minimized

HTMLPurifier_AttrDef::$minimized = false

Tells us whether or not an HTML attribute is minimized.

Has no meaning in other contexts. @type bool

Definition at line 21 of file AttrDef.php.

◆ $required

HTMLPurifier_AttrDef::$required = false

Tells us whether or not an HTML attribute is required.

Has no meaning in other contexts @type bool

Definition at line 28 of file AttrDef.php.


The documentation for this class was generated from the following file: