HTMLPurifier_AttrDef_CSS::validate() - Code Metrics - Inspection of "Merge pull request #250 from mambax7/feature/htmlp..." - XOOPS/XoopsCore25 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 14e79d...7a4940 )

by Richard

created 2017-02-06 18:33 UTC

HTMLPurifier_AttrDef_CSS::validate() D

↳ Parent: HTMLPurifier_AttrDef_CSS

Complexity

Conditions	14
Paths	124

Size

Total Lines	85
Code Lines	48

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	14
eloc	48
nc	124
nop	3
dl	0
loc	85
rs	4.6283
c	0
b	0
f	0

How to fix Long Method Complexity

<?php

/**
 * Validates the HTML attribute style, otherwise known as CSS.
 * @note We don't implement the whole CSS specification, so it might be
 *       difficult to reuse this component in the context of validating
 *       actual stylesheet declarations.
 * @note If we were really serious about validating the CSS, we would
 *       tokenize the styles and then parse the tokens. Obviously, we
 *       are not doing that. Doing that could seriously harm performance,
 *       but would make these components a lot more viable for a CSS
 *       filtering solution.
 */
class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
{

    /**
     * @param string $css
     * @param HTMLPurifier_Config $config
     * @param HTMLPurifier_Context $context
     * @return bool|string
     */
    public function validate($css, $config, $context)
    {
        $css = $this->parseCDATA($css);

        $definition = $config->getCSSDefinition();
        $allow_duplicates = $config->get("CSS.AllowDuplicates");

        // we're going to break the spec and explode by semicolons.
        // This is because semicolon rarely appears in escaped form
        // Doing this is generally flaky but fast
        // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI
        // for details

        $declarations = explode(';', $css);
        $propvalues = array();
        $new_declarations = '';

        /**
         * Name of the current CSS property being validated.
         */
        $property = false;
        $context->register('CurrentCSSProperty', $property);

        foreach ($declarations as $declaration) {
            if (!$declaration) {
                continue;
            }
            if (!strpos($declaration, ':')) {
                continue;
            }
            list($property, $value) = explode(':', $declaration, 2);
            $property = trim($property);
            $value = trim($value);
            $ok = false;
            do {
                if (isset($definition->info[$property])) {
                    $ok = true;
                    break;
                }
                if (ctype_lower($property)) {
                    break;
                }
                $property = strtolower($property);
                if (isset($definition->info[$property])) {
                    $ok = true;
                    break;
                }
            } while (0);
            if (!$ok) {
                continue;
            }
            // inefficient call, since the validator will do this again
            if (strtolower(trim($value)) !== 'inherit') {
                // inherit works for everything (but only on the base property)
                $result = $definition->info[$property]->validate(
                    $value,
                    $config,
                    $context
                );
            } else {
                $result = 'inherit';
            }
            if ($result === false) {
                continue;
            }
            if ($allow_duplicates) {
                $new_declarations .= "$property:$result;";
            } else {
                $propvalues[$property] = $result;
            }
        }

        $context->destroy('CurrentCSSProperty');

        // procedure does not write the new CSS simultaneously, so it's
        // slightly inefficient, but it's the only way of getting rid of
        // duplicates. Perhaps config to optimize it, but not now.

        foreach ($propvalues as $prop => $value) {
            $new_declarations .= "$prop:$value;";
        }

        return $new_declarations ? $new_declarations : false;

    }

}

// vim: et sw=4 sts=4


1			<?php
2
3			/**
4			* Validates the HTML attribute style, otherwise known as CSS.
5			* @note We don't implement the whole CSS specification, so it might be
6			* difficult to reuse this component in the context of validating
7			* actual stylesheet declarations.
8			* @note If we were really serious about validating the CSS, we would
9			* tokenize the styles and then parse the tokens. Obviously, we
10			* are not doing that. Doing that could seriously harm performance,
11			* but would make these components a lot more viable for a CSS
12			* filtering solution.
13			*/
14			class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef
15			{
16
17			/**
18			* @param string $css
19			* @param HTMLPurifier_Config $config
20			* @param HTMLPurifier_Context $context
21			* @return bool\|string
22			*/
23			public function validate($css, $config, $context)
24			{
25			$css = $this->parseCDATA($css);
26
27			$definition = $config->getCSSDefinition();
28			$allow_duplicates = $config->get("CSS.AllowDuplicates");
29
30			// we're going to break the spec and explode by semicolons.
31			// This is because semicolon rarely appears in escaped form
32			// Doing this is generally flaky but fast
33			// IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI
34			// for details
35
36			$declarations = explode(';', $css);
37			$propvalues = array();
38			$new_declarations = '';
39
40			/**
41			* Name of the current CSS property being validated.
42			*/
43			$property = false;
44			$context->register('CurrentCSSProperty', $property);
45
46			foreach ($declarations as $declaration) {
47			if (!$declaration) {
48			continue;
49			}
50			if (!strpos($declaration, ':')) {
51			continue;
52			}
53			list($property, $value) = explode(':', $declaration, 2);
54			$property = trim($property);
55			$value = trim($value);
56			$ok = false;
57			do {
58			if (isset($definition->info[$property])) {
59			$ok = true;
60			break;
61			}
62			if (ctype_lower($property)) {
63			break;
64			}
65			$property = strtolower($property);
66			if (isset($definition->info[$property])) {
67			$ok = true;
68			break;
69			}
70			} while (0);
71			if (!$ok) {
72			continue;
73			}
74			// inefficient call, since the validator will do this again
75			if (strtolower(trim($value)) !== 'inherit') {
76			// inherit works for everything (but only on the base property)
77			$result = $definition->info[$property]->validate(
78			$value,
79			$config,
80			$context
81			);
82			} else {
83			$result = 'inherit';
84			}
85			if ($result === false) {
86			continue;
87			}
88			if ($allow_duplicates) {
89			$new_declarations .= "$property:$result;";
90			} else {
91			$propvalues[$property] = $result;
92			}
93			}
94
95			$context->destroy('CurrentCSSProperty');
96
97			// procedure does not write the new CSS simultaneously, so it's
98			// slightly inefficient, but it's the only way of getting rid of
99			// duplicates. Perhaps config to optimize it, but not now.
100
101			foreach ($propvalues as $prop => $value) {
102			$new_declarations .= "$prop:$value;";
103			}
104
105			return $new_declarations ? $new_declarations : false;
106
107			}
108
109			}
110
111			// vim: et sw=4 sts=4
112

XOOPS / XoopsCore25

Push — master ( 14e79d...7a4940 )

HTMLPurifier_AttrDef_CSS::validate() D

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like