ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
AttrValidator.php
Go to the documentation of this file.
1 <?php
2 
9 {
10 
18  public function validateToken($token, $config, $context)
19  {
20  $definition = $config->getHTMLDefinition();
21  $e =& $context->get('ErrorCollector', true);
22 
23  // initialize IDAccumulator if necessary
24  $ok =& $context->get('IDAccumulator', true);
25  if (!$ok) {
26  $id_accumulator = HTMLPurifier_IDAccumulator::build($config, $context);
27  $context->register('IDAccumulator', $id_accumulator);
28  }
29 
30  // initialize CurrentToken if necessary
31  $current_token =& $context->get('CurrentToken', true);
32  if (!$current_token) {
33  $context->register('CurrentToken', $token);
34  }
35 
36  if (!$token instanceof HTMLPurifier_Token_Start &&
37  !$token instanceof HTMLPurifier_Token_Empty
38  ) {
39  return;
40  }
41 
42  // create alias to global definition array, see also $defs
43  // DEFINITION CALL
44  $d_defs = $definition->info_global_attr;
45 
46  // don't update token until the very end, to ensure an atomic update
47  $attr = $token->attr;
48 
49  // do global transformations (pre)
50  // nothing currently utilizes this
51  foreach ($definition->info_attr_transform_pre as $transform) {
52  $attr = $transform->transform($o = $attr, $config, $context);
53  if ($e) {
54  if ($attr != $o) {
55  $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr);
56  }
57  }
58  }
59 
60  // do local transformations only applicable to this element (pre)
61  // ex. <p align="right"> to <p style="text-align:right;">
62  foreach ($definition->info[$token->name]->attr_transform_pre as $transform) {
63  $attr = $transform->transform($o = $attr, $config, $context);
64  if ($e) {
65  if ($attr != $o) {
66  $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr);
67  }
68  }
69  }
70 
71  // create alias to this element's attribute definition array, see
72  // also $d_defs (global attribute definition array)
73  // DEFINITION CALL
74  $defs = $definition->info[$token->name]->attr;
75 
76  $attr_key = false;
77  $context->register('CurrentAttr', $attr_key);
78 
79  // iterate through all the attribute keypairs
80  // Watch out for name collisions: $key has previously been used
81  foreach ($attr as $attr_key => $value) {
82 
83  // call the definition
84  if (isset($defs[$attr_key])) {
85  // there is a local definition defined
86  if ($defs[$attr_key] === false) {
87  // We've explicitly been told not to allow this element.
88  // This is usually when there's a global definition
89  // that must be overridden.
90  // Theoretically speaking, we could have a
91  // AttrDef_DenyAll, but this is faster!
92  $result = false;
93  } else {
94  // validate according to the element's definition
95  $result = $defs[$attr_key]->validate(
96  $value,
97  $config,
98  $context
99  );
100  }
101  } elseif (isset($d_defs[$attr_key])) {
102  // there is a global definition defined, validate according
103  // to the global definition
104  $result = $d_defs[$attr_key]->validate(
105  $value,
106  $config,
107  $context
108  );
109  } else {
110  // system never heard of the attribute? DELETE!
111  $result = false;
112  }
113 
114  // put the results into effect
115  if ($result === false || $result === null) {
116  // this is a generic error message that should replaced
117  // with more specific ones when possible
118  if ($e) {
119  $e->send(E_ERROR, 'AttrValidator: Attribute removed');
120  }
121 
122  // remove the attribute
123  unset($attr[$attr_key]);
124  } elseif (is_string($result)) {
125  // generally, if a substitution is happening, there
126  // was some sort of implicit correction going on. We'll
127  // delegate it to the attribute classes to say exactly what.
128 
129  // simple substitution
130  $attr[$attr_key] = $result;
131  } else {
132  // nothing happens
133  }
134 
135  // we'd also want slightly more complicated substitution
136  // involving an array as the return value,
137  // although we're not sure how colliding attributes would
138  // resolve (certain ones would be completely overriden,
139  // others would prepend themselves).
140  }
141 
142  $context->destroy('CurrentAttr');
143 
144  // post transforms
145 
146  // global (error reporting untested)
147  foreach ($definition->info_attr_transform_post as $transform) {
148  $attr = $transform->transform($o = $attr, $config, $context);
149  if ($e) {
150  if ($attr != $o) {
151  $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr);
152  }
153  }
154  }
155 
156  // local (error reporting untested)
157  foreach ($definition->info[$token->name]->attr_transform_post as $transform) {
158  $attr = $transform->transform($o = $attr, $config, $context);
159  if ($e) {
160  if ($attr != $o) {
161  $e->send(E_NOTICE, 'AttrValidator: Attributes transformed', $o, $attr);
162  }
163  }
164  }
165 
166  $token->attr = $attr;
167 
168  // destroy CurrentToken if we made it ourselves
169  if (!$current_token) {
170  $context->destroy('CurrentToken');
171  }
172 
173  }
174 
175 
176 }
177 
178 // vim: et sw=4 sts=4
$result
Validates the attributes of a token.
Concrete start token class.
Definition: Start.php:6
validateToken($token, $config, $context)
Validates the attributes of a token, mutating it as necessary.
static build($config, $context)
Builds an IDAccumulator, also initializing the default blacklist.
Concrete empty token class.
Definition: Empty.php:6