kopia lustrzana https://github.com/friendica/friendica
71 wiersze
2.2 KiB
PHP
71 wiersze
2.2 KiB
PHP
|
<?php
|
||
|
|
||
|
/**
|
||
|
* Validates the HTML attribute ID.
|
||
|
* @warning Even though this is the id processor, it
|
||
|
* will ignore the directive Attr:IDBlacklist, since it will only
|
||
|
* go according to the ID accumulator. Since the accumulator is
|
||
|
* automatically generated, it will have already absorbed the
|
||
|
* blacklist. If you're hacking around, make sure you use load()!
|
||
|
*/
|
||
|
|
||
|
class HTMLPurifier_AttrDef_HTML_ID extends HTMLPurifier_AttrDef
|
||
|
{
|
||
|
|
||
|
// ref functionality disabled, since we also have to verify
|
||
|
// whether or not the ID it refers to exists
|
||
|
|
||
|
public function validate($id, $config, $context) {
|
||
|
|
||
|
if (!$config->get('Attr.EnableID')) return false;
|
||
|
|
||
|
$id = trim($id); // trim it first
|
||
|
|
||
|
if ($id === '') return false;
|
||
|
|
||
|
$prefix = $config->get('Attr.IDPrefix');
|
||
|
if ($prefix !== '') {
|
||
|
$prefix .= $config->get('Attr.IDPrefixLocal');
|
||
|
// prevent re-appending the prefix
|
||
|
if (strpos($id, $prefix) !== 0) $id = $prefix . $id;
|
||
|
} elseif ($config->get('Attr.IDPrefixLocal') !== '') {
|
||
|
trigger_error('%Attr.IDPrefixLocal cannot be used unless '.
|
||
|
'%Attr.IDPrefix is set', E_USER_WARNING);
|
||
|
}
|
||
|
|
||
|
//if (!$this->ref) {
|
||
|
$id_accumulator =& $context->get('IDAccumulator');
|
||
|
if (isset($id_accumulator->ids[$id])) return false;
|
||
|
//}
|
||
|
|
||
|
// we purposely avoid using regex, hopefully this is faster
|
||
|
|
||
|
if (ctype_alpha($id)) {
|
||
|
$result = true;
|
||
|
} else {
|
||
|
if (!ctype_alpha(@$id[0])) return false;
|
||
|
$trim = trim( // primitive style of regexps, I suppose
|
||
|
$id,
|
||
|
'A..Za..z0..9:-._'
|
||
|
);
|
||
|
$result = ($trim === '');
|
||
|
}
|
||
|
|
||
|
$regexp = $config->get('Attr.IDBlacklistRegexp');
|
||
|
if ($regexp && preg_match($regexp, $id)) {
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
if (/*!$this->ref && */$result) $id_accumulator->add($id);
|
||
|
|
||
|
// if no change was made to the ID, return the result
|
||
|
// else, return the new id if stripping whitespace made it
|
||
|
// valid, or return false.
|
||
|
return $result ? $id : false;
|
||
|
|
||
|
}
|
||
|
|
||
|
}
|
||
|
|
||
|
// vim: et sw=4 sts=4
|