]>
Commit | Line | Data |
---|---|---|
d4949327 NL |
1 | <?php\r |
2 | \r | |
3 | /**\r | |
4 | * Validates a number as defined by the CSS spec.\r | |
5 | */\r | |
6 | class HTMLPurifier_AttrDef_CSS_Number extends HTMLPurifier_AttrDef\r | |
7 | {\r | |
8 | \r | |
9 | /**\r | |
10 | * Indicates whether or not only positive values are allowed.\r | |
11 | * @type bool\r | |
12 | */\r | |
13 | protected $non_negative = false;\r | |
14 | \r | |
15 | /**\r | |
16 | * @param bool $non_negative indicates whether negatives are forbidden\r | |
17 | */\r | |
18 | public function __construct($non_negative = false)\r | |
19 | {\r | |
20 | $this->non_negative = $non_negative;\r | |
21 | }\r | |
22 | \r | |
23 | /**\r | |
24 | * @param string $number\r | |
25 | * @param HTMLPurifier_Config $config\r | |
26 | * @param HTMLPurifier_Context $context\r | |
27 | * @return string|bool\r | |
28 | * @warning Some contexts do not pass $config, $context. These\r | |
29 | * variables should not be used without checking HTMLPurifier_Length\r | |
30 | */\r | |
31 | public function validate($number, $config, $context)\r | |
32 | {\r | |
33 | $number = $this->parseCDATA($number);\r | |
34 | \r | |
35 | if ($number === '') {\r | |
36 | return false;\r | |
37 | }\r | |
38 | if ($number === '0') {\r | |
39 | return '0';\r | |
40 | }\r | |
41 | \r | |
42 | $sign = '';\r | |
43 | switch ($number[0]) {\r | |
44 | case '-':\r | |
45 | if ($this->non_negative) {\r | |
46 | return false;\r | |
47 | }\r | |
48 | $sign = '-';\r | |
49 | case '+':\r | |
50 | $number = substr($number, 1);\r | |
51 | }\r | |
52 | \r | |
53 | if (ctype_digit($number)) {\r | |
54 | $number = ltrim($number, '0');\r | |
55 | return $number ? $sign . $number : '0';\r | |
56 | }\r | |
57 | \r | |
58 | // Period is the only non-numeric character allowed\r | |
59 | if (strpos($number, '.') === false) {\r | |
60 | return false;\r | |
61 | }\r | |
62 | \r | |
63 | list($left, $right) = explode('.', $number, 2);\r | |
64 | \r | |
65 | if ($left === '' && $right === '') {\r | |
66 | return false;\r | |
67 | }\r | |
68 | if ($left !== '' && !ctype_digit($left)) {\r | |
69 | return false;\r | |
70 | }\r | |
71 | \r | |
72 | $left = ltrim($left, '0');\r | |
73 | $right = rtrim($right, '0');\r | |
74 | \r | |
75 | if ($right === '') {\r | |
76 | return $left ? $sign . $left : '0';\r | |
77 | } elseif (!ctype_digit($right)) {\r | |
78 | return false;\r | |
79 | }\r | |
80 | return $sign . $left . '.' . $right;\r | |
81 | }\r | |
82 | }\r | |
83 | \r | |
84 | // vim: et sw=4 sts=4\r |