xpressengine /
xe-core
@@ -13,110 +13,110 @@ |
||
| 13 | 13 | abstract class HTMLPurifier_AttrDef |
| 14 | 14 | { |
| 15 | 15 | |
| 16 | - /** |
|
| 17 | - * Tells us whether or not an HTML attribute is minimized. Has no |
|
| 18 | - * meaning in other contexts. |
|
| 19 | - */ |
|
| 20 | - public $minimized = false; |
|
| 16 | + /** |
|
| 17 | + * Tells us whether or not an HTML attribute is minimized. Has no |
|
| 18 | + * meaning in other contexts. |
|
| 19 | + */ |
|
| 20 | + public $minimized = false; |
|
| 21 | 21 | |
| 22 | - /** |
|
| 23 | - * Tells us whether or not an HTML attribute is required. Has no |
|
| 24 | - * meaning in other contexts |
|
| 25 | - */ |
|
| 26 | - public $required = false; |
|
| 22 | + /** |
|
| 23 | + * Tells us whether or not an HTML attribute is required. Has no |
|
| 24 | + * meaning in other contexts |
|
| 25 | + */ |
|
| 26 | + public $required = false; |
|
| 27 | 27 | |
| 28 | - /** |
|
| 29 | - * Validates and cleans passed string according to a definition. |
|
| 30 | - * |
|
| 31 | - * @param $string String to be validated and cleaned. |
|
| 32 | - * @param $config Mandatory HTMLPurifier_Config object. |
|
| 33 | - * @param $context Mandatory HTMLPurifier_AttrContext object. |
|
| 34 | - */ |
|
| 35 | - abstract public function validate($string, $config, $context); |
|
| 28 | + /** |
|
| 29 | + * Validates and cleans passed string according to a definition. |
|
| 30 | + * |
|
| 31 | + * @param $string String to be validated and cleaned. |
|
| 32 | + * @param $config Mandatory HTMLPurifier_Config object. |
|
| 33 | + * @param $context Mandatory HTMLPurifier_AttrContext object. |
|
| 34 | + */ |
|
| 35 | + abstract public function validate($string, $config, $context); |
|
| 36 | 36 | |
| 37 | - /** |
|
| 38 | - * Convenience method that parses a string as if it were CDATA. |
|
| 39 | - * |
|
| 40 | - * This method process a string in the manner specified at |
|
| 41 | - * <http://www.w3.org/TR/html4/types.html#h-6.2> by removing |
|
| 42 | - * leading and trailing whitespace, ignoring line feeds, and replacing |
|
| 43 | - * carriage returns and tabs with spaces. While most useful for HTML |
|
| 44 | - * attributes specified as CDATA, it can also be applied to most CSS |
|
| 45 | - * values. |
|
| 46 | - * |
|
| 47 | - * @note This method is not entirely standards compliant, as trim() removes |
|
| 48 | - * more types of whitespace than specified in the spec. In practice, |
|
| 49 | - * this is rarely a problem, as those extra characters usually have |
|
| 50 | - * already been removed by HTMLPurifier_Encoder. |
|
| 51 | - * |
|
| 52 | - * @warning This processing is inconsistent with XML's whitespace handling |
|
| 53 | - * as specified by section 3.3.3 and referenced XHTML 1.0 section |
|
| 54 | - * 4.7. However, note that we are NOT necessarily |
|
| 55 | - * parsing XML, thus, this behavior may still be correct. We |
|
| 56 | - * assume that newlines have been normalized. |
|
| 57 | - */ |
|
| 58 | - public function parseCDATA($string) { |
|
| 59 | - $string = trim($string); |
|
| 60 | - $string = str_replace(array("\n", "\t", "\r"), ' ', $string); |
|
| 61 | - return $string; |
|
| 62 | - } |
|
| 37 | + /** |
|
| 38 | + * Convenience method that parses a string as if it were CDATA. |
|
| 39 | + * |
|
| 40 | + * This method process a string in the manner specified at |
|
| 41 | + * <http://www.w3.org/TR/html4/types.html#h-6.2> by removing |
|
| 42 | + * leading and trailing whitespace, ignoring line feeds, and replacing |
|
| 43 | + * carriage returns and tabs with spaces. While most useful for HTML |
|
| 44 | + * attributes specified as CDATA, it can also be applied to most CSS |
|
| 45 | + * values. |
|
| 46 | + * |
|
| 47 | + * @note This method is not entirely standards compliant, as trim() removes |
|
| 48 | + * more types of whitespace than specified in the spec. In practice, |
|
| 49 | + * this is rarely a problem, as those extra characters usually have |
|
| 50 | + * already been removed by HTMLPurifier_Encoder. |
|
| 51 | + * |
|
| 52 | + * @warning This processing is inconsistent with XML's whitespace handling |
|
| 53 | + * as specified by section 3.3.3 and referenced XHTML 1.0 section |
|
| 54 | + * 4.7. However, note that we are NOT necessarily |
|
| 55 | + * parsing XML, thus, this behavior may still be correct. We |
|
| 56 | + * assume that newlines have been normalized. |
|
| 57 | + */ |
|
| 58 | + public function parseCDATA($string) { |
|
| 59 | + $string = trim($string); |
|
| 60 | + $string = str_replace(array("\n", "\t", "\r"), ' ', $string); |
|
| 61 | + return $string; |
|
| 62 | + } |
|
| 63 | 63 | |
| 64 | - /** |
|
| 65 | - * Factory method for creating this class from a string. |
|
| 66 | - * @param $string String construction info |
|
| 67 | - * @return Created AttrDef object corresponding to $string |
|
| 68 | - */ |
|
| 69 | - public function make($string) { |
|
| 70 | - // default implementation, return a flyweight of this object. |
|
| 71 | - // If $string has an effect on the returned object (i.e. you |
|
| 72 | - // need to overload this method), it is best |
|
| 73 | - // to clone or instantiate new copies. (Instantiation is safer.) |
|
| 74 | - return $this; |
|
| 75 | - } |
|
| 64 | + /** |
|
| 65 | + * Factory method for creating this class from a string. |
|
| 66 | + * @param $string String construction info |
|
| 67 | + * @return Created AttrDef object corresponding to $string |
|
| 68 | + */ |
|
| 69 | + public function make($string) { |
|
| 70 | + // default implementation, return a flyweight of this object. |
|
| 71 | + // If $string has an effect on the returned object (i.e. you |
|
| 72 | + // need to overload this method), it is best |
|
| 73 | + // to clone or instantiate new copies. (Instantiation is safer.) |
|
| 74 | + return $this; |
|
| 75 | + } |
|
| 76 | 76 | |
| 77 | - /** |
|
| 78 | - * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work |
|
| 79 | - * properly. THIS IS A HACK! |
|
| 80 | - */ |
|
| 81 | - protected function mungeRgb($string) { |
|
| 82 | - return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string); |
|
| 83 | - } |
|
| 77 | + /** |
|
| 78 | + * Removes spaces from rgb(0, 0, 0) so that shorthand CSS properties work |
|
| 79 | + * properly. THIS IS A HACK! |
|
| 80 | + */ |
|
| 81 | + protected function mungeRgb($string) { |
|
| 82 | + return preg_replace('/rgb\((\d+)\s*,\s*(\d+)\s*,\s*(\d+)\)/', 'rgb(\1,\2,\3)', $string); |
|
| 83 | + } |
|
| 84 | 84 | |
| 85 | - /** |
|
| 86 | - * Parses a possibly escaped CSS string and returns the "pure" |
|
| 87 | - * version of it. |
|
| 88 | - */ |
|
| 89 | - protected function expandCSSEscape($string) { |
|
| 90 | - // flexibly parse it |
|
| 91 | - $ret = ''; |
|
| 92 | - for ($i = 0, $c = strlen($string); $i < $c; $i++) { |
|
| 93 | - if ($string[$i] === '\\') { |
|
| 94 | - $i++; |
|
| 95 | - if ($i >= $c) { |
|
| 96 | - $ret .= '\\'; |
|
| 97 | - break; |
|
| 98 | - } |
|
| 99 | - if (ctype_xdigit($string[$i])) { |
|
| 100 | - $code = $string[$i]; |
|
| 101 | - for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) { |
|
| 102 | - if (!ctype_xdigit($string[$i])) break; |
|
| 103 | - $code .= $string[$i]; |
|
| 104 | - } |
|
| 105 | - // We have to be extremely careful when adding |
|
| 106 | - // new characters, to make sure we're not breaking |
|
| 107 | - // the encoding. |
|
| 108 | - $char = HTMLPurifier_Encoder::unichr(hexdec($code)); |
|
| 109 | - if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue; |
|
| 110 | - $ret .= $char; |
|
| 111 | - if ($i < $c && trim($string[$i]) !== '') $i--; |
|
| 112 | - continue; |
|
| 113 | - } |
|
| 114 | - if ($string[$i] === "\n") continue; |
|
| 115 | - } |
|
| 116 | - $ret .= $string[$i]; |
|
| 117 | - } |
|
| 118 | - return $ret; |
|
| 119 | - } |
|
| 85 | + /** |
|
| 86 | + * Parses a possibly escaped CSS string and returns the "pure" |
|
| 87 | + * version of it. |
|
| 88 | + */ |
|
| 89 | + protected function expandCSSEscape($string) { |
|
| 90 | + // flexibly parse it |
|
| 91 | + $ret = ''; |
|
| 92 | + for ($i = 0, $c = strlen($string); $i < $c; $i++) { |
|
| 93 | + if ($string[$i] === '\\') { |
|
| 94 | + $i++; |
|
| 95 | + if ($i >= $c) { |
|
| 96 | + $ret .= '\\'; |
|
| 97 | + break; |
|
| 98 | + } |
|
| 99 | + if (ctype_xdigit($string[$i])) { |
|
| 100 | + $code = $string[$i]; |
|
| 101 | + for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) { |
|
| 102 | + if (!ctype_xdigit($string[$i])) break; |
|
| 103 | + $code .= $string[$i]; |
|
| 104 | + } |
|
| 105 | + // We have to be extremely careful when adding |
|
| 106 | + // new characters, to make sure we're not breaking |
|
| 107 | + // the encoding. |
|
| 108 | + $char = HTMLPurifier_Encoder::unichr(hexdec($code)); |
|
| 109 | + if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue; |
|
| 110 | + $ret .= $char; |
|
| 111 | + if ($i < $c && trim($string[$i]) !== '') $i--; |
|
| 112 | + continue; |
|
| 113 | + } |
|
| 114 | + if ($string[$i] === "\n") continue; |
|
| 115 | + } |
|
| 116 | + $ret .= $string[$i]; |
|
| 117 | + } |
|
| 118 | + return $ret; |
|
| 119 | + } |
|
| 120 | 120 | |
| 121 | 121 | } |
| 122 | 122 | |
@@ -99,19 +99,27 @@ |
||
| 99 | 99 | if (ctype_xdigit($string[$i])) { |
| 100 | 100 | $code = $string[$i]; |
| 101 | 101 | for ($a = 1, $i++; $i < $c && $a < 6; $i++, $a++) { |
| 102 | - if (!ctype_xdigit($string[$i])) break; |
|
| 102 | + if (!ctype_xdigit($string[$i])) { |
|
| 103 | + break; |
|
| 104 | + } |
|
| 103 | 105 | $code .= $string[$i]; |
| 104 | 106 | } |
| 105 | 107 | // We have to be extremely careful when adding |
| 106 | 108 | // new characters, to make sure we're not breaking |
| 107 | 109 | // the encoding. |
| 108 | 110 | $char = HTMLPurifier_Encoder::unichr(hexdec($code)); |
| 109 | - if (HTMLPurifier_Encoder::cleanUTF8($char) === '') continue; |
|
| 111 | + if (HTMLPurifier_Encoder::cleanUTF8($char) === '') { |
|
| 112 | + continue; |
|
| 113 | + } |
|
| 110 | 114 | $ret .= $char; |
| 111 | - if ($i < $c && trim($string[$i]) !== '') $i--; |
|
| 115 | + if ($i < $c && trim($string[$i]) !== '') { |
|
| 116 | + $i--; |
|
| 117 | + } |
|
| 112 | 118 | continue; |
| 113 | 119 | } |
| 114 | - if ($string[$i] === "\n") continue; |
|
| 120 | + if ($string[$i] === "\n") { |
|
| 121 | + continue; |
|
| 122 | + } |
|
| 115 | 123 | } |
| 116 | 124 | $ret .= $string[$i]; |
| 117 | 125 | } |
@@ -14,73 +14,73 @@ |
||
| 14 | 14 | class HTMLPurifier_AttrDef_CSS extends HTMLPurifier_AttrDef |
| 15 | 15 | { |
| 16 | 16 | |
| 17 | - public function validate($css, $config, $context) { |
|
| 17 | + public function validate($css, $config, $context) { |
|
| 18 | 18 | |
| 19 | - $css = $this->parseCDATA($css); |
|
| 19 | + $css = $this->parseCDATA($css); |
|
| 20 | 20 | |
| 21 | - $definition = $config->getCSSDefinition(); |
|
| 21 | + $definition = $config->getCSSDefinition(); |
|
| 22 | 22 | |
| 23 | - // we're going to break the spec and explode by semicolons. |
|
| 24 | - // This is because semicolon rarely appears in escaped form |
|
| 25 | - // Doing this is generally flaky but fast |
|
| 26 | - // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI |
|
| 27 | - // for details |
|
| 23 | + // we're going to break the spec and explode by semicolons. |
|
| 24 | + // This is because semicolon rarely appears in escaped form |
|
| 25 | + // Doing this is generally flaky but fast |
|
| 26 | + // IT MIGHT APPEAR IN URIs, see HTMLPurifier_AttrDef_CSSURI |
|
| 27 | + // for details |
|
| 28 | 28 | |
| 29 | - $declarations = explode(';', $css); |
|
| 30 | - $propvalues = array(); |
|
| 29 | + $declarations = explode(';', $css); |
|
| 30 | + $propvalues = array(); |
|
| 31 | 31 | |
| 32 | - /** |
|
| 33 | - * Name of the current CSS property being validated. |
|
| 34 | - */ |
|
| 35 | - $property = false; |
|
| 36 | - $context->register('CurrentCSSProperty', $property); |
|
| 32 | + /** |
|
| 33 | + * Name of the current CSS property being validated. |
|
| 34 | + */ |
|
| 35 | + $property = false; |
|
| 36 | + $context->register('CurrentCSSProperty', $property); |
|
| 37 | 37 | |
| 38 | - foreach ($declarations as $declaration) { |
|
| 39 | - if (!$declaration) continue; |
|
| 40 | - if (!strpos($declaration, ':')) continue; |
|
| 41 | - list($property, $value) = explode(':', $declaration, 2); |
|
| 42 | - $property = trim($property); |
|
| 43 | - $value = trim($value); |
|
| 44 | - $ok = false; |
|
| 45 | - do { |
|
| 46 | - if (isset($definition->info[$property])) { |
|
| 47 | - $ok = true; |
|
| 48 | - break; |
|
| 49 | - } |
|
| 50 | - if (ctype_lower($property)) break; |
|
| 51 | - $property = strtolower($property); |
|
| 52 | - if (isset($definition->info[$property])) { |
|
| 53 | - $ok = true; |
|
| 54 | - break; |
|
| 55 | - } |
|
| 56 | - } while(0); |
|
| 57 | - if (!$ok) continue; |
|
| 58 | - // inefficient call, since the validator will do this again |
|
| 59 | - if (strtolower(trim($value)) !== 'inherit') { |
|
| 60 | - // inherit works for everything (but only on the base property) |
|
| 61 | - $result = $definition->info[$property]->validate( |
|
| 62 | - $value, $config, $context ); |
|
| 63 | - } else { |
|
| 64 | - $result = 'inherit'; |
|
| 65 | - } |
|
| 66 | - if ($result === false) continue; |
|
| 67 | - $propvalues[$property] = $result; |
|
| 68 | - } |
|
| 38 | + foreach ($declarations as $declaration) { |
|
| 39 | + if (!$declaration) continue; |
|
| 40 | + if (!strpos($declaration, ':')) continue; |
|
| 41 | + list($property, $value) = explode(':', $declaration, 2); |
|
| 42 | + $property = trim($property); |
|
| 43 | + $value = trim($value); |
|
| 44 | + $ok = false; |
|
| 45 | + do { |
|
| 46 | + if (isset($definition->info[$property])) { |
|
| 47 | + $ok = true; |
|
| 48 | + break; |
|
| 49 | + } |
|
| 50 | + if (ctype_lower($property)) break; |
|
| 51 | + $property = strtolower($property); |
|
| 52 | + if (isset($definition->info[$property])) { |
|
| 53 | + $ok = true; |
|
| 54 | + break; |
|
| 55 | + } |
|
| 56 | + } while(0); |
|
| 57 | + if (!$ok) continue; |
|
| 58 | + // inefficient call, since the validator will do this again |
|
| 59 | + if (strtolower(trim($value)) !== 'inherit') { |
|
| 60 | + // inherit works for everything (but only on the base property) |
|
| 61 | + $result = $definition->info[$property]->validate( |
|
| 62 | + $value, $config, $context ); |
|
| 63 | + } else { |
|
| 64 | + $result = 'inherit'; |
|
| 65 | + } |
|
| 66 | + if ($result === false) continue; |
|
| 67 | + $propvalues[$property] = $result; |
|
| 68 | + } |
|
| 69 | 69 | |
| 70 | - $context->destroy('CurrentCSSProperty'); |
|
| 70 | + $context->destroy('CurrentCSSProperty'); |
|
| 71 | 71 | |
| 72 | - // procedure does not write the new CSS simultaneously, so it's |
|
| 73 | - // slightly inefficient, but it's the only way of getting rid of |
|
| 74 | - // duplicates. Perhaps config to optimize it, but not now. |
|
| 72 | + // procedure does not write the new CSS simultaneously, so it's |
|
| 73 | + // slightly inefficient, but it's the only way of getting rid of |
|
| 74 | + // duplicates. Perhaps config to optimize it, but not now. |
|
| 75 | 75 | |
| 76 | - $new_declarations = ''; |
|
| 77 | - foreach ($propvalues as $prop => $value) { |
|
| 78 | - $new_declarations .= "$prop:$value;"; |
|
| 79 | - } |
|
| 76 | + $new_declarations = ''; |
|
| 77 | + foreach ($propvalues as $prop => $value) { |
|
| 78 | + $new_declarations .= "$prop:$value;"; |
|
| 79 | + } |
|
| 80 | 80 | |
| 81 | - return $new_declarations ? $new_declarations : false; |
|
| 81 | + return $new_declarations ? $new_declarations : false; |
|
| 82 | 82 | |
| 83 | - } |
|
| 83 | + } |
|
| 84 | 84 | |
| 85 | 85 | } |
| 86 | 86 | |
@@ -53,7 +53,7 @@ |
||
| 53 | 53 | $ok = true; |
| 54 | 54 | break; |
| 55 | 55 | } |
| 56 | - } while(0); |
|
| 56 | + } while (0); |
|
| 57 | 57 | if (!$ok) continue; |
| 58 | 58 | // inefficient call, since the validator will do this again |
| 59 | 59 | if (strtolower(trim($value)) !== 'inherit') { |
@@ -36,8 +36,12 @@ discard block |
||
| 36 | 36 | $context->register('CurrentCSSProperty', $property); |
| 37 | 37 | |
| 38 | 38 | foreach ($declarations as $declaration) { |
| 39 | - if (!$declaration) continue; |
|
| 40 | - if (!strpos($declaration, ':')) continue; |
|
| 39 | + if (!$declaration) { |
|
| 40 | + continue; |
|
| 41 | + } |
|
| 42 | + if (!strpos($declaration, ':')) { |
|
| 43 | + continue; |
|
| 44 | + } |
|
| 41 | 45 | list($property, $value) = explode(':', $declaration, 2); |
| 42 | 46 | $property = trim($property); |
| 43 | 47 | $value = trim($value); |
@@ -47,14 +51,18 @@ discard block |
||
| 47 | 51 | $ok = true; |
| 48 | 52 | break; |
| 49 | 53 | } |
| 50 | - if (ctype_lower($property)) break; |
|
| 54 | + if (ctype_lower($property)) { |
|
| 55 | + break; |
|
| 56 | + } |
|
| 51 | 57 | $property = strtolower($property); |
| 52 | 58 | if (isset($definition->info[$property])) { |
| 53 | 59 | $ok = true; |
| 54 | 60 | break; |
| 55 | 61 | } |
| 56 | 62 | } while(0); |
| 57 | - if (!$ok) continue; |
|
| 63 | + if (!$ok) { |
|
| 64 | + continue; |
|
| 65 | + } |
|
| 58 | 66 | // inefficient call, since the validator will do this again |
| 59 | 67 | if (strtolower(trim($value)) !== 'inherit') { |
| 60 | 68 | // inherit works for everything (but only on the base property) |
@@ -63,7 +71,9 @@ discard block |
||
| 63 | 71 | } else { |
| 64 | 72 | $result = 'inherit'; |
| 65 | 73 | } |
| 66 | - if ($result === false) continue; |
|
| 74 | + if ($result === false) { |
|
| 75 | + continue; |
|
| 76 | + } |
|
| 67 | 77 | $propvalues[$property] = $result; |
| 68 | 78 | } |
| 69 | 79 | |
@@ -3,18 +3,18 @@ |
||
| 3 | 3 | class HTMLPurifier_AttrDef_CSS_AlphaValue extends HTMLPurifier_AttrDef_CSS_Number |
| 4 | 4 | { |
| 5 | 5 | |
| 6 | - public function __construct() { |
|
| 7 | - parent::__construct(false); // opacity is non-negative, but we will clamp it |
|
| 8 | - } |
|
| 6 | + public function __construct() { |
|
| 7 | + parent::__construct(false); // opacity is non-negative, but we will clamp it |
|
| 8 | + } |
|
| 9 | 9 | |
| 10 | - public function validate($number, $config, $context) { |
|
| 11 | - $result = parent::validate($number, $config, $context); |
|
| 12 | - if ($result === false) return $result; |
|
| 13 | - $float = (float) $result; |
|
| 14 | - if ($float < 0.0) $result = '0'; |
|
| 15 | - if ($float > 1.0) $result = '1'; |
|
| 16 | - return $result; |
|
| 17 | - } |
|
| 10 | + public function validate($number, $config, $context) { |
|
| 11 | + $result = parent::validate($number, $config, $context); |
|
| 12 | + if ($result === false) return $result; |
|
| 13 | + $float = (float) $result; |
|
| 14 | + if ($float < 0.0) $result = '0'; |
|
| 15 | + if ($float > 1.0) $result = '1'; |
|
| 16 | + return $result; |
|
| 17 | + } |
|
| 18 | 18 | |
| 19 | 19 | } |
| 20 | 20 | |
@@ -9,10 +9,16 @@ |
||
| 9 | 9 | |
| 10 | 10 | public function validate($number, $config, $context) { |
| 11 | 11 | $result = parent::validate($number, $config, $context); |
| 12 | - if ($result === false) return $result; |
|
| 12 | + if ($result === false) { |
|
| 13 | + return $result; |
|
| 14 | + } |
|
| 13 | 15 | $float = (float) $result; |
| 14 | - if ($float < 0.0) $result = '0'; |
|
| 15 | - if ($float > 1.0) $result = '1'; |
|
| 16 | + if ($float < 0.0) { |
|
| 17 | + $result = '0'; |
|
| 18 | + } |
|
| 19 | + if ($float > 1.0) { |
|
| 20 | + $result = '1'; |
|
| 21 | + } |
|
| 16 | 22 | return $result; |
| 17 | 23 | } |
| 18 | 24 | |
@@ -7,80 +7,80 @@ |
||
| 7 | 7 | class HTMLPurifier_AttrDef_CSS_Background extends HTMLPurifier_AttrDef |
| 8 | 8 | { |
| 9 | 9 | |
| 10 | - /** |
|
| 11 | - * Local copy of component validators. |
|
| 12 | - * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl. |
|
| 13 | - */ |
|
| 14 | - protected $info; |
|
| 15 | - |
|
| 16 | - public function __construct($config) { |
|
| 17 | - $def = $config->getCSSDefinition(); |
|
| 18 | - $this->info['background-color'] = $def->info['background-color']; |
|
| 19 | - $this->info['background-image'] = $def->info['background-image']; |
|
| 20 | - $this->info['background-repeat'] = $def->info['background-repeat']; |
|
| 21 | - $this->info['background-attachment'] = $def->info['background-attachment']; |
|
| 22 | - $this->info['background-position'] = $def->info['background-position']; |
|
| 23 | - } |
|
| 24 | - |
|
| 25 | - public function validate($string, $config, $context) { |
|
| 26 | - |
|
| 27 | - // regular pre-processing |
|
| 28 | - $string = $this->parseCDATA($string); |
|
| 29 | - if ($string === '') return false; |
|
| 30 | - |
|
| 31 | - // munge rgb() decl if necessary |
|
| 32 | - $string = $this->mungeRgb($string); |
|
| 33 | - |
|
| 34 | - // assumes URI doesn't have spaces in it |
|
| 35 | - $bits = explode(' ', strtolower($string)); // bits to process |
|
| 36 | - |
|
| 37 | - $caught = array(); |
|
| 38 | - $caught['color'] = false; |
|
| 39 | - $caught['image'] = false; |
|
| 40 | - $caught['repeat'] = false; |
|
| 41 | - $caught['attachment'] = false; |
|
| 42 | - $caught['position'] = false; |
|
| 43 | - |
|
| 44 | - $i = 0; // number of catches |
|
| 45 | - $none = false; |
|
| 46 | - |
|
| 47 | - foreach ($bits as $bit) { |
|
| 48 | - if ($bit === '') continue; |
|
| 49 | - foreach ($caught as $key => $status) { |
|
| 50 | - if ($key != 'position') { |
|
| 51 | - if ($status !== false) continue; |
|
| 52 | - $r = $this->info['background-' . $key]->validate($bit, $config, $context); |
|
| 53 | - } else { |
|
| 54 | - $r = $bit; |
|
| 55 | - } |
|
| 56 | - if ($r === false) continue; |
|
| 57 | - if ($key == 'position') { |
|
| 58 | - if ($caught[$key] === false) $caught[$key] = ''; |
|
| 59 | - $caught[$key] .= $r . ' '; |
|
| 60 | - } else { |
|
| 61 | - $caught[$key] = $r; |
|
| 62 | - } |
|
| 63 | - $i++; |
|
| 64 | - break; |
|
| 65 | - } |
|
| 66 | - } |
|
| 67 | - |
|
| 68 | - if (!$i) return false; |
|
| 69 | - if ($caught['position'] !== false) { |
|
| 70 | - $caught['position'] = $this->info['background-position']-> |
|
| 71 | - validate($caught['position'], $config, $context); |
|
| 72 | - } |
|
| 73 | - |
|
| 74 | - $ret = array(); |
|
| 75 | - foreach ($caught as $value) { |
|
| 76 | - if ($value === false) continue; |
|
| 77 | - $ret[] = $value; |
|
| 78 | - } |
|
| 79 | - |
|
| 80 | - if (empty($ret)) return false; |
|
| 81 | - return implode(' ', $ret); |
|
| 82 | - |
|
| 83 | - } |
|
| 10 | + /** |
|
| 11 | + * Local copy of component validators. |
|
| 12 | + * @note See HTMLPurifier_AttrDef_Font::$info for a similar impl. |
|
| 13 | + */ |
|
| 14 | + protected $info; |
|
| 15 | + |
|
| 16 | + public function __construct($config) { |
|
| 17 | + $def = $config->getCSSDefinition(); |
|
| 18 | + $this->info['background-color'] = $def->info['background-color']; |
|
| 19 | + $this->info['background-image'] = $def->info['background-image']; |
|
| 20 | + $this->info['background-repeat'] = $def->info['background-repeat']; |
|
| 21 | + $this->info['background-attachment'] = $def->info['background-attachment']; |
|
| 22 | + $this->info['background-position'] = $def->info['background-position']; |
|
| 23 | + } |
|
| 24 | + |
|
| 25 | + public function validate($string, $config, $context) { |
|
| 26 | + |
|
| 27 | + // regular pre-processing |
|
| 28 | + $string = $this->parseCDATA($string); |
|
| 29 | + if ($string === '') return false; |
|
| 30 | + |
|
| 31 | + // munge rgb() decl if necessary |
|
| 32 | + $string = $this->mungeRgb($string); |
|
| 33 | + |
|
| 34 | + // assumes URI doesn't have spaces in it |
|
| 35 | + $bits = explode(' ', strtolower($string)); // bits to process |
|
| 36 | + |
|
| 37 | + $caught = array(); |
|
| 38 | + $caught['color'] = false; |
|
| 39 | + $caught['image'] = false; |
|
| 40 | + $caught['repeat'] = false; |
|
| 41 | + $caught['attachment'] = false; |
|
| 42 | + $caught['position'] = false; |
|
| 43 | + |
|
| 44 | + $i = 0; // number of catches |
|
| 45 | + $none = false; |
|
| 46 | + |
|
| 47 | + foreach ($bits as $bit) { |
|
| 48 | + if ($bit === '') continue; |
|
| 49 | + foreach ($caught as $key => $status) { |
|
| 50 | + if ($key != 'position') { |
|
| 51 | + if ($status !== false) continue; |
|
| 52 | + $r = $this->info['background-' . $key]->validate($bit, $config, $context); |
|
| 53 | + } else { |
|
| 54 | + $r = $bit; |
|
| 55 | + } |
|
| 56 | + if ($r === false) continue; |
|
| 57 | + if ($key == 'position') { |
|
| 58 | + if ($caught[$key] === false) $caught[$key] = ''; |
|
| 59 | + $caught[$key] .= $r . ' '; |
|
| 60 | + } else { |
|
| 61 | + $caught[$key] = $r; |
|
| 62 | + } |
|
| 63 | + $i++; |
|
| 64 | + break; |
|
| 65 | + } |
|
| 66 | + } |
|
| 67 | + |
|
| 68 | + if (!$i) return false; |
|
| 69 | + if ($caught['position'] !== false) { |
|
| 70 | + $caught['position'] = $this->info['background-position']-> |
|
| 71 | + validate($caught['position'], $config, $context); |
|
| 72 | + } |
|
| 73 | + |
|
| 74 | + $ret = array(); |
|
| 75 | + foreach ($caught as $value) { |
|
| 76 | + if ($value === false) continue; |
|
| 77 | + $ret[] = $value; |
|
| 78 | + } |
|
| 79 | + |
|
| 80 | + if (empty($ret)) return false; |
|
| 81 | + return implode(' ', $ret); |
|
| 82 | + |
|
| 83 | + } |
|
| 84 | 84 | |
| 85 | 85 | } |
| 86 | 86 | |
@@ -26,7 +26,9 @@ discard block |
||
| 26 | 26 | |
| 27 | 27 | // regular pre-processing |
| 28 | 28 | $string = $this->parseCDATA($string); |
| 29 | - if ($string === '') return false; |
|
| 29 | + if ($string === '') { |
|
| 30 | + return false; |
|
| 31 | + } |
|
| 30 | 32 | |
| 31 | 33 | // munge rgb() decl if necessary |
| 32 | 34 | $string = $this->mungeRgb($string); |
@@ -45,17 +47,25 @@ discard block |
||
| 45 | 47 | $none = false; |
| 46 | 48 | |
| 47 | 49 | foreach ($bits as $bit) { |
| 48 | - if ($bit === '') continue; |
|
| 50 | + if ($bit === '') { |
|
| 51 | + continue; |
|
| 52 | + } |
|
| 49 | 53 | foreach ($caught as $key => $status) { |
| 50 | 54 | if ($key != 'position') { |
| 51 | - if ($status !== false) continue; |
|
| 55 | + if ($status !== false) { |
|
| 56 | + continue; |
|
| 57 | + } |
|
| 52 | 58 | $r = $this->info['background-' . $key]->validate($bit, $config, $context); |
| 53 | 59 | } else { |
| 54 | 60 | $r = $bit; |
| 55 | 61 | } |
| 56 | - if ($r === false) continue; |
|
| 62 | + if ($r === false) { |
|
| 63 | + continue; |
|
| 64 | + } |
|
| 57 | 65 | if ($key == 'position') { |
| 58 | - if ($caught[$key] === false) $caught[$key] = ''; |
|
| 66 | + if ($caught[$key] === false) { |
|
| 67 | + $caught[$key] = ''; |
|
| 68 | + } |
|
| 59 | 69 | $caught[$key] .= $r . ' '; |
| 60 | 70 | } else { |
| 61 | 71 | $caught[$key] = $r; |
@@ -65,7 +75,9 @@ discard block |
||
| 65 | 75 | } |
| 66 | 76 | } |
| 67 | 77 | |
| 68 | - if (!$i) return false; |
|
| 78 | + if (!$i) { |
|
| 79 | + return false; |
|
| 80 | + } |
|
| 69 | 81 | if ($caught['position'] !== false) { |
| 70 | 82 | $caught['position'] = $this->info['background-position']-> |
| 71 | 83 | validate($caught['position'], $config, $context); |
@@ -73,11 +85,15 @@ discard block |
||
| 73 | 85 | |
| 74 | 86 | $ret = array(); |
| 75 | 87 | foreach ($caught as $value) { |
| 76 | - if ($value === false) continue; |
|
| 88 | + if ($value === false) { |
|
| 89 | + continue; |
|
| 90 | + } |
|
| 77 | 91 | $ret[] = $value; |
| 78 | 92 | } |
| 79 | 93 | |
| 80 | - if (empty($ret)) return false; |
|
| 94 | + if (empty($ret)) { |
|
| 95 | + return false; |
|
| 96 | + } |
|
| 81 | 97 | return implode(' ', $ret); |
| 82 | 98 | |
| 83 | 99 | } |
@@ -49,14 +49,14 @@ |
||
| 49 | 49 | foreach ($caught as $key => $status) { |
| 50 | 50 | if ($key != 'position') { |
| 51 | 51 | if ($status !== false) continue; |
| 52 | - $r = $this->info['background-' . $key]->validate($bit, $config, $context); |
|
| 52 | + $r = $this->info['background-'.$key]->validate($bit, $config, $context); |
|
| 53 | 53 | } else { |
| 54 | 54 | $r = $bit; |
| 55 | 55 | } |
| 56 | 56 | if ($r === false) continue; |
| 57 | 57 | if ($key == 'position') { |
| 58 | 58 | if ($caught[$key] === false) $caught[$key] = ''; |
| 59 | - $caught[$key] .= $r . ' '; |
|
| 59 | + $caught[$key] .= $r.' '; |
|
| 60 | 60 | } else { |
| 61 | 61 | $caught[$key] = $r; |
| 62 | 62 | } |
@@ -44,89 +44,89 @@ |
||
| 44 | 44 | class HTMLPurifier_AttrDef_CSS_BackgroundPosition extends HTMLPurifier_AttrDef |
| 45 | 45 | { |
| 46 | 46 | |
| 47 | - protected $length; |
|
| 48 | - protected $percentage; |
|
| 49 | - |
|
| 50 | - public function __construct() { |
|
| 51 | - $this->length = new HTMLPurifier_AttrDef_CSS_Length(); |
|
| 52 | - $this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage(); |
|
| 53 | - } |
|
| 54 | - |
|
| 55 | - public function validate($string, $config, $context) { |
|
| 56 | - $string = $this->parseCDATA($string); |
|
| 57 | - $bits = explode(' ', $string); |
|
| 58 | - |
|
| 59 | - $keywords = array(); |
|
| 60 | - $keywords['h'] = false; // left, right |
|
| 61 | - $keywords['v'] = false; // top, bottom |
|
| 62 | - $keywords['ch'] = false; // center (first word) |
|
| 63 | - $keywords['cv'] = false; // center (second word) |
|
| 64 | - $measures = array(); |
|
| 65 | - |
|
| 66 | - $i = 0; |
|
| 67 | - |
|
| 68 | - $lookup = array( |
|
| 69 | - 'top' => 'v', |
|
| 70 | - 'bottom' => 'v', |
|
| 71 | - 'left' => 'h', |
|
| 72 | - 'right' => 'h', |
|
| 73 | - 'center' => 'c' |
|
| 74 | - ); |
|
| 75 | - |
|
| 76 | - foreach ($bits as $bit) { |
|
| 77 | - if ($bit === '') continue; |
|
| 78 | - |
|
| 79 | - // test for keyword |
|
| 80 | - $lbit = ctype_lower($bit) ? $bit : strtolower($bit); |
|
| 81 | - if (isset($lookup[$lbit])) { |
|
| 82 | - $status = $lookup[$lbit]; |
|
| 83 | - if ($status == 'c') { |
|
| 84 | - if ($i == 0) { |
|
| 85 | - $status = 'ch'; |
|
| 86 | - } else { |
|
| 87 | - $status = 'cv'; |
|
| 88 | - } |
|
| 89 | - } |
|
| 90 | - $keywords[$status] = $lbit; |
|
| 91 | - $i++; |
|
| 92 | - } |
|
| 93 | - |
|
| 94 | - // test for length |
|
| 95 | - $r = $this->length->validate($bit, $config, $context); |
|
| 96 | - if ($r !== false) { |
|
| 97 | - $measures[] = $r; |
|
| 98 | - $i++; |
|
| 99 | - } |
|
| 100 | - |
|
| 101 | - // test for percentage |
|
| 102 | - $r = $this->percentage->validate($bit, $config, $context); |
|
| 103 | - if ($r !== false) { |
|
| 104 | - $measures[] = $r; |
|
| 105 | - $i++; |
|
| 106 | - } |
|
| 107 | - |
|
| 108 | - } |
|
| 109 | - |
|
| 110 | - if (!$i) return false; // no valid values were caught |
|
| 111 | - |
|
| 112 | - $ret = array(); |
|
| 113 | - |
|
| 114 | - // first keyword |
|
| 115 | - if ($keywords['h']) $ret[] = $keywords['h']; |
|
| 116 | - elseif ($keywords['ch']) { |
|
| 117 | - $ret[] = $keywords['ch']; |
|
| 118 | - $keywords['cv'] = false; // prevent re-use: center = center center |
|
| 119 | - } |
|
| 120 | - elseif (count($measures)) $ret[] = array_shift($measures); |
|
| 121 | - |
|
| 122 | - if ($keywords['v']) $ret[] = $keywords['v']; |
|
| 123 | - elseif ($keywords['cv']) $ret[] = $keywords['cv']; |
|
| 124 | - elseif (count($measures)) $ret[] = array_shift($measures); |
|
| 125 | - |
|
| 126 | - if (empty($ret)) return false; |
|
| 127 | - return implode(' ', $ret); |
|
| 128 | - |
|
| 129 | - } |
|
| 47 | + protected $length; |
|
| 48 | + protected $percentage; |
|
| 49 | + |
|
| 50 | + public function __construct() { |
|
| 51 | + $this->length = new HTMLPurifier_AttrDef_CSS_Length(); |
|
| 52 | + $this->percentage = new HTMLPurifier_AttrDef_CSS_Percentage(); |
|
| 53 | + } |
|
| 54 | + |
|
| 55 | + public function validate($string, $config, $context) { |
|
| 56 | + $string = $this->parseCDATA($string); |
|
| 57 | + $bits = explode(' ', $string); |
|
| 58 | + |
|
| 59 | + $keywords = array(); |
|
| 60 | + $keywords['h'] = false; // left, right |
|
| 61 | + $keywords['v'] = false; // top, bottom |
|
| 62 | + $keywords['ch'] = false; // center (first word) |
|
| 63 | + $keywords['cv'] = false; // center (second word) |
|
| 64 | + $measures = array(); |
|
| 65 | + |
|
| 66 | + $i = 0; |
|
| 67 | + |
|
| 68 | + $lookup = array( |
|
| 69 | + 'top' => 'v', |
|
| 70 | + 'bottom' => 'v', |
|
| 71 | + 'left' => 'h', |
|
| 72 | + 'right' => 'h', |
|
| 73 | + 'center' => 'c' |
|
| 74 | + ); |
|
| 75 | + |
|
| 76 | + foreach ($bits as $bit) { |
|
| 77 | + if ($bit === '') continue; |
|
| 78 | + |
|
| 79 | + // test for keyword |
|
| 80 | + $lbit = ctype_lower($bit) ? $bit : strtolower($bit); |
|
| 81 | + if (isset($lookup[$lbit])) { |
|
| 82 | + $status = $lookup[$lbit]; |
|
| 83 | + if ($status == 'c') { |
|
| 84 | + if ($i == 0) { |
|
| 85 | + $status = 'ch'; |
|
| 86 | + } else { |
|
| 87 | + $status = 'cv'; |
|
| 88 | + } |
|
| 89 | + } |
|
| 90 | + $keywords[$status] = $lbit; |
|
| 91 | + $i++; |
|
| 92 | + } |
|
| 93 | + |
|
| 94 | + // test for length |
|
| 95 | + $r = $this->length->validate($bit, $config, $context); |
|
| 96 | + if ($r !== false) { |
|
| 97 | + $measures[] = $r; |
|
| 98 | + $i++; |
|
| 99 | + } |
|
| 100 | + |
|
| 101 | + // test for percentage |
|
| 102 | + $r = $this->percentage->validate($bit, $config, $context); |
|
| 103 | + if ($r !== false) { |
|
| 104 | + $measures[] = $r; |
|
| 105 | + $i++; |
|
| 106 | + } |
|
| 107 | + |
|
| 108 | + } |
|
| 109 | + |
|
| 110 | + if (!$i) return false; // no valid values were caught |
|
| 111 | + |
|
| 112 | + $ret = array(); |
|
| 113 | + |
|
| 114 | + // first keyword |
|
| 115 | + if ($keywords['h']) $ret[] = $keywords['h']; |
|
| 116 | + elseif ($keywords['ch']) { |
|
| 117 | + $ret[] = $keywords['ch']; |
|
| 118 | + $keywords['cv'] = false; // prevent re-use: center = center center |
|
| 119 | + } |
|
| 120 | + elseif (count($measures)) $ret[] = array_shift($measures); |
|
| 121 | + |
|
| 122 | + if ($keywords['v']) $ret[] = $keywords['v']; |
|
| 123 | + elseif ($keywords['cv']) $ret[] = $keywords['cv']; |
|
| 124 | + elseif (count($measures)) $ret[] = array_shift($measures); |
|
| 125 | + |
|
| 126 | + if (empty($ret)) return false; |
|
| 127 | + return implode(' ', $ret); |
|
| 128 | + |
|
| 129 | + } |
|
| 130 | 130 | |
| 131 | 131 | } |
| 132 | 132 | |
@@ -112,14 +112,14 @@ |
||
| 112 | 112 | $ret = array(); |
| 113 | 113 | |
| 114 | 114 | // first keyword |
| 115 | - if ($keywords['h']) $ret[] = $keywords['h']; |
|
| 115 | + if ($keywords['h']) $ret[] = $keywords['h']; |
|
| 116 | 116 | elseif ($keywords['ch']) { |
| 117 | 117 | $ret[] = $keywords['ch']; |
| 118 | 118 | $keywords['cv'] = false; // prevent re-use: center = center center |
| 119 | 119 | } |
| 120 | 120 | elseif (count($measures)) $ret[] = array_shift($measures); |
| 121 | 121 | |
| 122 | - if ($keywords['v']) $ret[] = $keywords['v']; |
|
| 122 | + if ($keywords['v']) $ret[] = $keywords['v']; |
|
| 123 | 123 | elseif ($keywords['cv']) $ret[] = $keywords['cv']; |
| 124 | 124 | elseif (count($measures)) $ret[] = array_shift($measures); |
| 125 | 125 | |
@@ -74,7 +74,9 @@ discard block |
||
| 74 | 74 | ); |
| 75 | 75 | |
| 76 | 76 | foreach ($bits as $bit) { |
| 77 | - if ($bit === '') continue; |
|
| 77 | + if ($bit === '') { |
|
| 78 | + continue; |
|
| 79 | + } |
|
| 78 | 80 | |
| 79 | 81 | // test for keyword |
| 80 | 82 | $lbit = ctype_lower($bit) ? $bit : strtolower($bit); |
@@ -107,23 +109,34 @@ discard block |
||
| 107 | 109 | |
| 108 | 110 | } |
| 109 | 111 | |
| 110 | - if (!$i) return false; // no valid values were caught |
|
| 112 | + if (!$i) { |
|
| 113 | + return false; |
|
| 114 | + } |
|
| 115 | + // no valid values were caught |
|
| 111 | 116 | |
| 112 | 117 | $ret = array(); |
| 113 | 118 | |
| 114 | 119 | // first keyword |
| 115 | - if ($keywords['h']) $ret[] = $keywords['h']; |
|
| 116 | - elseif ($keywords['ch']) { |
|
| 120 | + if ($keywords['h']) { |
|
| 121 | + $ret[] = $keywords['h']; |
|
| 122 | + } elseif ($keywords['ch']) { |
|
| 117 | 123 | $ret[] = $keywords['ch']; |
| 118 | 124 | $keywords['cv'] = false; // prevent re-use: center = center center |
| 125 | + } elseif (count($measures)) { |
|
| 126 | + $ret[] = array_shift($measures); |
|
| 119 | 127 | } |
| 120 | - elseif (count($measures)) $ret[] = array_shift($measures); |
|
| 121 | 128 | |
| 122 | - if ($keywords['v']) $ret[] = $keywords['v']; |
|
| 123 | - elseif ($keywords['cv']) $ret[] = $keywords['cv']; |
|
| 124 | - elseif (count($measures)) $ret[] = array_shift($measures); |
|
| 129 | + if ($keywords['v']) { |
|
| 130 | + $ret[] = $keywords['v']; |
|
| 131 | + } elseif ($keywords['cv']) { |
|
| 132 | + $ret[] = $keywords['cv']; |
|
| 133 | + } elseif (count($measures)) { |
|
| 134 | + $ret[] = array_shift($measures); |
|
| 135 | + } |
|
| 125 | 136 | |
| 126 | - if (empty($ret)) return false; |
|
| 137 | + if (empty($ret)) { |
|
| 138 | + return false; |
|
| 139 | + } |
|
| 127 | 140 | return implode(' ', $ret); |
| 128 | 141 | |
| 129 | 142 | } |
@@ -6,37 +6,37 @@ |
||
| 6 | 6 | class HTMLPurifier_AttrDef_CSS_Border extends HTMLPurifier_AttrDef |
| 7 | 7 | { |
| 8 | 8 | |
| 9 | - /** |
|
| 10 | - * Local copy of properties this property is shorthand for. |
|
| 11 | - */ |
|
| 12 | - protected $info = array(); |
|
| 9 | + /** |
|
| 10 | + * Local copy of properties this property is shorthand for. |
|
| 11 | + */ |
|
| 12 | + protected $info = array(); |
|
| 13 | 13 | |
| 14 | - public function __construct($config) { |
|
| 15 | - $def = $config->getCSSDefinition(); |
|
| 16 | - $this->info['border-width'] = $def->info['border-width']; |
|
| 17 | - $this->info['border-style'] = $def->info['border-style']; |
|
| 18 | - $this->info['border-top-color'] = $def->info['border-top-color']; |
|
| 19 | - } |
|
| 14 | + public function __construct($config) { |
|
| 15 | + $def = $config->getCSSDefinition(); |
|
| 16 | + $this->info['border-width'] = $def->info['border-width']; |
|
| 17 | + $this->info['border-style'] = $def->info['border-style']; |
|
| 18 | + $this->info['border-top-color'] = $def->info['border-top-color']; |
|
| 19 | + } |
|
| 20 | 20 | |
| 21 | - public function validate($string, $config, $context) { |
|
| 22 | - $string = $this->parseCDATA($string); |
|
| 23 | - $string = $this->mungeRgb($string); |
|
| 24 | - $bits = explode(' ', $string); |
|
| 25 | - $done = array(); // segments we've finished |
|
| 26 | - $ret = ''; // return value |
|
| 27 | - foreach ($bits as $bit) { |
|
| 28 | - foreach ($this->info as $propname => $validator) { |
|
| 29 | - if (isset($done[$propname])) continue; |
|
| 30 | - $r = $validator->validate($bit, $config, $context); |
|
| 31 | - if ($r !== false) { |
|
| 32 | - $ret .= $r . ' '; |
|
| 33 | - $done[$propname] = true; |
|
| 34 | - break; |
|
| 35 | - } |
|
| 36 | - } |
|
| 37 | - } |
|
| 38 | - return rtrim($ret); |
|
| 39 | - } |
|
| 21 | + public function validate($string, $config, $context) { |
|
| 22 | + $string = $this->parseCDATA($string); |
|
| 23 | + $string = $this->mungeRgb($string); |
|
| 24 | + $bits = explode(' ', $string); |
|
| 25 | + $done = array(); // segments we've finished |
|
| 26 | + $ret = ''; // return value |
|
| 27 | + foreach ($bits as $bit) { |
|
| 28 | + foreach ($this->info as $propname => $validator) { |
|
| 29 | + if (isset($done[$propname])) continue; |
|
| 30 | + $r = $validator->validate($bit, $config, $context); |
|
| 31 | + if ($r !== false) { |
|
| 32 | + $ret .= $r . ' '; |
|
| 33 | + $done[$propname] = true; |
|
| 34 | + break; |
|
| 35 | + } |
|
| 36 | + } |
|
| 37 | + } |
|
| 38 | + return rtrim($ret); |
|
| 39 | + } |
|
| 40 | 40 | |
| 41 | 41 | } |
| 42 | 42 | |
@@ -26,7 +26,9 @@ |
||
| 26 | 26 | $ret = ''; // return value |
| 27 | 27 | foreach ($bits as $bit) { |
| 28 | 28 | foreach ($this->info as $propname => $validator) { |
| 29 | - if (isset($done[$propname])) continue; |
|
| 29 | + if (isset($done[$propname])) { |
|
| 30 | + continue; |
|
| 31 | + } |
|
| 30 | 32 | $r = $validator->validate($bit, $config, $context); |
| 31 | 33 | if ($r !== false) { |
| 32 | 34 | $ret .= $r . ' '; |
@@ -29,7 +29,7 @@ |
||
| 29 | 29 | if (isset($done[$propname])) continue; |
| 30 | 30 | $r = $validator->validate($bit, $config, $context); |
| 31 | 31 | if ($r !== false) { |
| 32 | - $ret .= $r . ' '; |
|
| 32 | + $ret .= $r.' '; |
|
| 33 | 33 | $done[$propname] = true; |
| 34 | 34 | break; |
| 35 | 35 | } |
@@ -6,72 +6,72 @@ |
||
| 6 | 6 | class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef |
| 7 | 7 | { |
| 8 | 8 | |
| 9 | - public function validate($color, $config, $context) { |
|
| 9 | + public function validate($color, $config, $context) { |
|
| 10 | 10 | |
| 11 | - static $colors = null; |
|
| 12 | - if ($colors === null) $colors = $config->get('Core.ColorKeywords'); |
|
| 11 | + static $colors = null; |
|
| 12 | + if ($colors === null) $colors = $config->get('Core.ColorKeywords'); |
|
| 13 | 13 | |
| 14 | - $color = trim($color); |
|
| 15 | - if ($color === '') return false; |
|
| 14 | + $color = trim($color); |
|
| 15 | + if ($color === '') return false; |
|
| 16 | 16 | |
| 17 | - $lower = strtolower($color); |
|
| 18 | - if (isset($colors[$lower])) return $colors[$lower]; |
|
| 17 | + $lower = strtolower($color); |
|
| 18 | + if (isset($colors[$lower])) return $colors[$lower]; |
|
| 19 | 19 | |
| 20 | - if (strpos($color, 'rgb(') !== false) { |
|
| 21 | - // rgb literal handling |
|
| 22 | - $length = strlen($color); |
|
| 23 | - if (strpos($color, ')') !== $length - 1) return false; |
|
| 24 | - $triad = substr($color, 4, $length - 4 - 1); |
|
| 25 | - $parts = explode(',', $triad); |
|
| 26 | - if (count($parts) !== 3) return false; |
|
| 27 | - $type = false; // to ensure that they're all the same type |
|
| 28 | - $new_parts = array(); |
|
| 29 | - foreach ($parts as $part) { |
|
| 30 | - $part = trim($part); |
|
| 31 | - if ($part === '') return false; |
|
| 32 | - $length = strlen($part); |
|
| 33 | - if ($part[$length - 1] === '%') { |
|
| 34 | - // handle percents |
|
| 35 | - if (!$type) { |
|
| 36 | - $type = 'percentage'; |
|
| 37 | - } elseif ($type !== 'percentage') { |
|
| 38 | - return false; |
|
| 39 | - } |
|
| 40 | - $num = (float) substr($part, 0, $length - 1); |
|
| 41 | - if ($num < 0) $num = 0; |
|
| 42 | - if ($num > 100) $num = 100; |
|
| 43 | - $new_parts[] = "$num%"; |
|
| 44 | - } else { |
|
| 45 | - // handle integers |
|
| 46 | - if (!$type) { |
|
| 47 | - $type = 'integer'; |
|
| 48 | - } elseif ($type !== 'integer') { |
|
| 49 | - return false; |
|
| 50 | - } |
|
| 51 | - $num = (int) $part; |
|
| 52 | - if ($num < 0) $num = 0; |
|
| 53 | - if ($num > 255) $num = 255; |
|
| 54 | - $new_parts[] = (string) $num; |
|
| 55 | - } |
|
| 56 | - } |
|
| 57 | - $new_triad = implode(',', $new_parts); |
|
| 58 | - $color = "rgb($new_triad)"; |
|
| 59 | - } else { |
|
| 60 | - // hexadecimal handling |
|
| 61 | - if ($color[0] === '#') { |
|
| 62 | - $hex = substr($color, 1); |
|
| 63 | - } else { |
|
| 64 | - $hex = $color; |
|
| 65 | - $color = '#' . $color; |
|
| 66 | - } |
|
| 67 | - $length = strlen($hex); |
|
| 68 | - if ($length !== 3 && $length !== 6) return false; |
|
| 69 | - if (!ctype_xdigit($hex)) return false; |
|
| 70 | - } |
|
| 20 | + if (strpos($color, 'rgb(') !== false) { |
|
| 21 | + // rgb literal handling |
|
| 22 | + $length = strlen($color); |
|
| 23 | + if (strpos($color, ')') !== $length - 1) return false; |
|
| 24 | + $triad = substr($color, 4, $length - 4 - 1); |
|
| 25 | + $parts = explode(',', $triad); |
|
| 26 | + if (count($parts) !== 3) return false; |
|
| 27 | + $type = false; // to ensure that they're all the same type |
|
| 28 | + $new_parts = array(); |
|
| 29 | + foreach ($parts as $part) { |
|
| 30 | + $part = trim($part); |
|
| 31 | + if ($part === '') return false; |
|
| 32 | + $length = strlen($part); |
|
| 33 | + if ($part[$length - 1] === '%') { |
|
| 34 | + // handle percents |
|
| 35 | + if (!$type) { |
|
| 36 | + $type = 'percentage'; |
|
| 37 | + } elseif ($type !== 'percentage') { |
|
| 38 | + return false; |
|
| 39 | + } |
|
| 40 | + $num = (float) substr($part, 0, $length - 1); |
|
| 41 | + if ($num < 0) $num = 0; |
|
| 42 | + if ($num > 100) $num = 100; |
|
| 43 | + $new_parts[] = "$num%"; |
|
| 44 | + } else { |
|
| 45 | + // handle integers |
|
| 46 | + if (!$type) { |
|
| 47 | + $type = 'integer'; |
|
| 48 | + } elseif ($type !== 'integer') { |
|
| 49 | + return false; |
|
| 50 | + } |
|
| 51 | + $num = (int) $part; |
|
| 52 | + if ($num < 0) $num = 0; |
|
| 53 | + if ($num > 255) $num = 255; |
|
| 54 | + $new_parts[] = (string) $num; |
|
| 55 | + } |
|
| 56 | + } |
|
| 57 | + $new_triad = implode(',', $new_parts); |
|
| 58 | + $color = "rgb($new_triad)"; |
|
| 59 | + } else { |
|
| 60 | + // hexadecimal handling |
|
| 61 | + if ($color[0] === '#') { |
|
| 62 | + $hex = substr($color, 1); |
|
| 63 | + } else { |
|
| 64 | + $hex = $color; |
|
| 65 | + $color = '#' . $color; |
|
| 66 | + } |
|
| 67 | + $length = strlen($hex); |
|
| 68 | + if ($length !== 3 && $length !== 6) return false; |
|
| 69 | + if (!ctype_xdigit($hex)) return false; |
|
| 70 | + } |
|
| 71 | 71 | |
| 72 | - return $color; |
|
| 72 | + return $color; |
|
| 73 | 73 | |
| 74 | - } |
|
| 74 | + } |
|
| 75 | 75 | |
| 76 | 76 | } |
| 77 | 77 | |
@@ -9,26 +9,38 @@ discard block |
||
| 9 | 9 | public function validate($color, $config, $context) { |
| 10 | 10 | |
| 11 | 11 | static $colors = null; |
| 12 | - if ($colors === null) $colors = $config->get('Core.ColorKeywords'); |
|
| 12 | + if ($colors === null) { |
|
| 13 | + $colors = $config->get('Core.ColorKeywords'); |
|
| 14 | + } |
|
| 13 | 15 | |
| 14 | 16 | $color = trim($color); |
| 15 | - if ($color === '') return false; |
|
| 17 | + if ($color === '') { |
|
| 18 | + return false; |
|
| 19 | + } |
|
| 16 | 20 | |
| 17 | 21 | $lower = strtolower($color); |
| 18 | - if (isset($colors[$lower])) return $colors[$lower]; |
|
| 22 | + if (isset($colors[$lower])) { |
|
| 23 | + return $colors[$lower]; |
|
| 24 | + } |
|
| 19 | 25 | |
| 20 | 26 | if (strpos($color, 'rgb(') !== false) { |
| 21 | 27 | // rgb literal handling |
| 22 | 28 | $length = strlen($color); |
| 23 | - if (strpos($color, ')') !== $length - 1) return false; |
|
| 29 | + if (strpos($color, ')') !== $length - 1) { |
|
| 30 | + return false; |
|
| 31 | + } |
|
| 24 | 32 | $triad = substr($color, 4, $length - 4 - 1); |
| 25 | 33 | $parts = explode(',', $triad); |
| 26 | - if (count($parts) !== 3) return false; |
|
| 34 | + if (count($parts) !== 3) { |
|
| 35 | + return false; |
|
| 36 | + } |
|
| 27 | 37 | $type = false; // to ensure that they're all the same type |
| 28 | 38 | $new_parts = array(); |
| 29 | 39 | foreach ($parts as $part) { |
| 30 | 40 | $part = trim($part); |
| 31 | - if ($part === '') return false; |
|
| 41 | + if ($part === '') { |
|
| 42 | + return false; |
|
| 43 | + } |
|
| 32 | 44 | $length = strlen($part); |
| 33 | 45 | if ($part[$length - 1] === '%') { |
| 34 | 46 | // handle percents |
@@ -38,8 +50,12 @@ discard block |
||
| 38 | 50 | return false; |
| 39 | 51 | } |
| 40 | 52 | $num = (float) substr($part, 0, $length - 1); |
| 41 | - if ($num < 0) $num = 0; |
|
| 42 | - if ($num > 100) $num = 100; |
|
| 53 | + if ($num < 0) { |
|
| 54 | + $num = 0; |
|
| 55 | + } |
|
| 56 | + if ($num > 100) { |
|
| 57 | + $num = 100; |
|
| 58 | + } |
|
| 43 | 59 | $new_parts[] = "$num%"; |
| 44 | 60 | } else { |
| 45 | 61 | // handle integers |
@@ -49,8 +65,12 @@ discard block |
||
| 49 | 65 | return false; |
| 50 | 66 | } |
| 51 | 67 | $num = (int) $part; |
| 52 | - if ($num < 0) $num = 0; |
|
| 53 | - if ($num > 255) $num = 255; |
|
| 68 | + if ($num < 0) { |
|
| 69 | + $num = 0; |
|
| 70 | + } |
|
| 71 | + if ($num > 255) { |
|
| 72 | + $num = 255; |
|
| 73 | + } |
|
| 54 | 74 | $new_parts[] = (string) $num; |
| 55 | 75 | } |
| 56 | 76 | } |
@@ -65,8 +85,12 @@ discard block |
||
| 65 | 85 | $color = '#' . $color; |
| 66 | 86 | } |
| 67 | 87 | $length = strlen($hex); |
| 68 | - if ($length !== 3 && $length !== 6) return false; |
|
| 69 | - if (!ctype_xdigit($hex)) return false; |
|
| 88 | + if ($length !== 3 && $length !== 6) { |
|
| 89 | + return false; |
|
| 90 | + } |
|
| 91 | + if (!ctype_xdigit($hex)) { |
|
| 92 | + return false; |
|
| 93 | + } |
|
| 70 | 94 | } |
| 71 | 95 | |
| 72 | 96 | return $color; |
@@ -62,7 +62,7 @@ |
||
| 62 | 62 | $hex = substr($color, 1); |
| 63 | 63 | } else { |
| 64 | 64 | $hex = $color; |
| 65 | - $color = '#' . $color; |
|
| 65 | + $color = '#'.$color; |
|
| 66 | 66 | } |
| 67 | 67 | $length = strlen($hex); |
| 68 | 68 | if ($length !== 3 && $length !== 6) return false; |
@@ -12,26 +12,26 @@ |
||
| 12 | 12 | class HTMLPurifier_AttrDef_CSS_Composite extends HTMLPurifier_AttrDef |
| 13 | 13 | { |
| 14 | 14 | |
| 15 | - /** |
|
| 16 | - * List of HTMLPurifier_AttrDef objects that may process strings |
|
| 17 | - * @todo Make protected |
|
| 18 | - */ |
|
| 19 | - public $defs; |
|
| 15 | + /** |
|
| 16 | + * List of HTMLPurifier_AttrDef objects that may process strings |
|
| 17 | + * @todo Make protected |
|
| 18 | + */ |
|
| 19 | + public $defs; |
|
| 20 | 20 | |
| 21 | - /** |
|
| 22 | - * @param $defs List of HTMLPurifier_AttrDef objects |
|
| 23 | - */ |
|
| 24 | - public function __construct($defs) { |
|
| 25 | - $this->defs = $defs; |
|
| 26 | - } |
|
| 21 | + /** |
|
| 22 | + * @param $defs List of HTMLPurifier_AttrDef objects |
|
| 23 | + */ |
|
| 24 | + public function __construct($defs) { |
|
| 25 | + $this->defs = $defs; |
|
| 26 | + } |
|
| 27 | 27 | |
| 28 | - public function validate($string, $config, $context) { |
|
| 29 | - foreach ($this->defs as $i => $def) { |
|
| 30 | - $result = $this->defs[$i]->validate($string, $config, $context); |
|
| 31 | - if ($result !== false) return $result; |
|
| 32 | - } |
|
| 33 | - return false; |
|
| 34 | - } |
|
| 28 | + public function validate($string, $config, $context) { |
|
| 29 | + foreach ($this->defs as $i => $def) { |
|
| 30 | + $result = $this->defs[$i]->validate($string, $config, $context); |
|
| 31 | + if ($result !== false) return $result; |
|
| 32 | + } |
|
| 33 | + return false; |
|
| 34 | + } |
|
| 35 | 35 | |
| 36 | 36 | } |
| 37 | 37 | |
@@ -28,7 +28,9 @@ |
||
| 28 | 28 | public function validate($string, $config, $context) { |
| 29 | 29 | foreach ($this->defs as $i => $def) { |
| 30 | 30 | $result = $this->defs[$i]->validate($string, $config, $context); |
| 31 | - if ($result !== false) return $result; |
|
| 31 | + if ($result !== false) { |
|
| 32 | + return $result; |
|
| 33 | + } |
|
| 32 | 34 | } |
| 33 | 35 | return false; |
| 34 | 36 | } |
@@ -5,24 +5,24 @@ |
||
| 5 | 5 | */ |
| 6 | 6 | class HTMLPurifier_AttrDef_CSS_DenyElementDecorator extends HTMLPurifier_AttrDef |
| 7 | 7 | { |
| 8 | - public $def, $element; |
|
| 8 | + public $def, $element; |
|
| 9 | 9 | |
| 10 | - /** |
|
| 11 | - * @param $def Definition to wrap |
|
| 12 | - * @param $element Element to deny |
|
| 13 | - */ |
|
| 14 | - public function __construct($def, $element) { |
|
| 15 | - $this->def = $def; |
|
| 16 | - $this->element = $element; |
|
| 17 | - } |
|
| 18 | - /** |
|
| 19 | - * Checks if CurrentToken is set and equal to $this->element |
|
| 20 | - */ |
|
| 21 | - public function validate($string, $config, $context) { |
|
| 22 | - $token = $context->get('CurrentToken', true); |
|
| 23 | - if ($token && $token->name == $this->element) return false; |
|
| 24 | - return $this->def->validate($string, $config, $context); |
|
| 25 | - } |
|
| 10 | + /** |
|
| 11 | + * @param $def Definition to wrap |
|
| 12 | + * @param $element Element to deny |
|
| 13 | + */ |
|
| 14 | + public function __construct($def, $element) { |
|
| 15 | + $this->def = $def; |
|
| 16 | + $this->element = $element; |
|
| 17 | + } |
|
| 18 | + /** |
|
| 19 | + * Checks if CurrentToken is set and equal to $this->element |
|
| 20 | + */ |
|
| 21 | + public function validate($string, $config, $context) { |
|
| 22 | + $token = $context->get('CurrentToken', true); |
|
| 23 | + if ($token && $token->name == $this->element) return false; |
|
| 24 | + return $this->def->validate($string, $config, $context); |
|
| 25 | + } |
|
| 26 | 26 | } |
| 27 | 27 | |
| 28 | 28 | // vim: et sw=4 sts=4 |
@@ -20,7 +20,9 @@ |
||
| 20 | 20 | */ |
| 21 | 21 | public function validate($string, $config, $context) { |
| 22 | 22 | $token = $context->get('CurrentToken', true); |
| 23 | - if ($token && $token->name == $this->element) return false; |
|
| 23 | + if ($token && $token->name == $this->element) { |
|
| 24 | + return false; |
|
| 25 | + } |
|
| 24 | 26 | return $this->def->validate($string, $config, $context); |
| 25 | 27 | } |
| 26 | 28 | } |
