]>
Commit | Line | Data |
---|---|---|
d4949327 NL |
1 | <?php\r |
2 | \r | |
3 | /**\r | |
4 | * Validates Color as defined by CSS.\r | |
5 | */\r | |
6 | class HTMLPurifier_AttrDef_CSS_Color extends HTMLPurifier_AttrDef\r | |
7 | {\r | |
8 | \r | |
9 | /**\r | |
10 | * @param string $color\r | |
11 | * @param HTMLPurifier_Config $config\r | |
12 | * @param HTMLPurifier_Context $context\r | |
13 | * @return bool|string\r | |
14 | */\r | |
15 | public function validate($color, $config, $context)\r | |
16 | {\r | |
17 | static $colors = null;\r | |
18 | if ($colors === null) {\r | |
19 | $colors = $config->get('Core.ColorKeywords');\r | |
20 | }\r | |
21 | \r | |
22 | $color = trim($color);\r | |
23 | if ($color === '') {\r | |
24 | return false;\r | |
25 | }\r | |
26 | \r | |
27 | $lower = strtolower($color);\r | |
28 | if (isset($colors[$lower])) {\r | |
29 | return $colors[$lower];\r | |
30 | }\r | |
31 | \r | |
32 | if (strpos($color, 'rgb(') !== false) {\r | |
33 | // rgb literal handling\r | |
34 | $length = strlen($color);\r | |
35 | if (strpos($color, ')') !== $length - 1) {\r | |
36 | return false;\r | |
37 | }\r | |
38 | $triad = substr($color, 4, $length - 4 - 1);\r | |
39 | $parts = explode(',', $triad);\r | |
40 | if (count($parts) !== 3) {\r | |
41 | return false;\r | |
42 | }\r | |
43 | $type = false; // to ensure that they're all the same type\r | |
44 | $new_parts = array();\r | |
45 | foreach ($parts as $part) {\r | |
46 | $part = trim($part);\r | |
47 | if ($part === '') {\r | |
48 | return false;\r | |
49 | }\r | |
50 | $length = strlen($part);\r | |
51 | if ($part[$length - 1] === '%') {\r | |
52 | // handle percents\r | |
53 | if (!$type) {\r | |
54 | $type = 'percentage';\r | |
55 | } elseif ($type !== 'percentage') {\r | |
56 | return false;\r | |
57 | }\r | |
58 | $num = (float)substr($part, 0, $length - 1);\r | |
59 | if ($num < 0) {\r | |
60 | $num = 0;\r | |
61 | }\r | |
62 | if ($num > 100) {\r | |
63 | $num = 100;\r | |
64 | }\r | |
65 | $new_parts[] = "$num%";\r | |
66 | } else {\r | |
67 | // handle integers\r | |
68 | if (!$type) {\r | |
69 | $type = 'integer';\r | |
70 | } elseif ($type !== 'integer') {\r | |
71 | return false;\r | |
72 | }\r | |
73 | $num = (int)$part;\r | |
74 | if ($num < 0) {\r | |
75 | $num = 0;\r | |
76 | }\r | |
77 | if ($num > 255) {\r | |
78 | $num = 255;\r | |
79 | }\r | |
80 | $new_parts[] = (string)$num;\r | |
81 | }\r | |
82 | }\r | |
83 | $new_triad = implode(',', $new_parts);\r | |
84 | $color = "rgb($new_triad)";\r | |
85 | } else {\r | |
86 | // hexadecimal handling\r | |
87 | if ($color[0] === '#') {\r | |
88 | $hex = substr($color, 1);\r | |
89 | } else {\r | |
90 | $hex = $color;\r | |
91 | $color = '#' . $color;\r | |
92 | }\r | |
93 | $length = strlen($hex);\r | |
94 | if ($length !== 3 && $length !== 6) {\r | |
95 | return false;\r | |
96 | }\r | |
97 | if (!ctype_xdigit($hex)) {\r | |
98 | return false;\r | |
99 | }\r | |
100 | }\r | |
101 | return $color;\r | |
102 | }\r | |
103 | }\r | |
104 | \r | |
105 | // vim: et sw=4 sts=4\r |