]>
Commit | Line | Data |
---|---|---|
d4949327 NL |
1 | <?php\r |
2 | \r | |
3 | /**\r | |
4 | * XHTML 1.1 Forms module, defines all form-related elements found in HTML 4.\r | |
5 | */\r | |
6 | class HTMLPurifier_HTMLModule_Forms extends HTMLPurifier_HTMLModule\r | |
7 | {\r | |
8 | /**\r | |
9 | * @type string\r | |
10 | */\r | |
11 | public $name = 'Forms';\r | |
12 | \r | |
13 | /**\r | |
14 | * @type bool\r | |
15 | */\r | |
16 | public $safe = false;\r | |
17 | \r | |
18 | /**\r | |
19 | * @type array\r | |
20 | */\r | |
21 | public $content_sets = array(\r | |
22 | 'Block' => 'Form',\r | |
23 | 'Inline' => 'Formctrl',\r | |
24 | );\r | |
25 | \r | |
26 | /**\r | |
27 | * @param HTMLPurifier_Config $config\r | |
28 | */\r | |
29 | public function setup($config)\r | |
30 | {\r | |
31 | $form = $this->addElement(\r | |
32 | 'form',\r | |
33 | 'Form',\r | |
34 | 'Required: Heading | List | Block | fieldset',\r | |
35 | 'Common',\r | |
36 | array(\r | |
37 | 'accept' => 'ContentTypes',\r | |
38 | 'accept-charset' => 'Charsets',\r | |
39 | 'action*' => 'URI',\r | |
40 | 'method' => 'Enum#get,post',\r | |
41 | // really ContentType, but these two are the only ones used today\r | |
42 | 'enctype' => 'Enum#application/x-www-form-urlencoded,multipart/form-data',\r | |
43 | )\r | |
44 | );\r | |
45 | $form->excludes = array('form' => true);\r | |
46 | \r | |
47 | $input = $this->addElement(\r | |
48 | 'input',\r | |
49 | 'Formctrl',\r | |
50 | 'Empty',\r | |
51 | 'Common',\r | |
52 | array(\r | |
53 | 'accept' => 'ContentTypes',\r | |
54 | 'accesskey' => 'Character',\r | |
55 | 'alt' => 'Text',\r | |
56 | 'checked' => 'Bool#checked',\r | |
57 | 'disabled' => 'Bool#disabled',\r | |
58 | 'maxlength' => 'Number',\r | |
59 | 'name' => 'CDATA',\r | |
60 | 'readonly' => 'Bool#readonly',\r | |
61 | 'size' => 'Number',\r | |
62 | 'src' => 'URI#embedded',\r | |
63 | 'tabindex' => 'Number',\r | |
64 | 'type' => 'Enum#text,password,checkbox,button,radio,submit,reset,file,hidden,image',\r | |
65 | 'value' => 'CDATA',\r | |
66 | )\r | |
67 | );\r | |
68 | $input->attr_transform_post[] = new HTMLPurifier_AttrTransform_Input();\r | |
69 | \r | |
70 | $this->addElement(\r | |
71 | 'select',\r | |
72 | 'Formctrl',\r | |
73 | 'Required: optgroup | option',\r | |
74 | 'Common',\r | |
75 | array(\r | |
76 | 'disabled' => 'Bool#disabled',\r | |
77 | 'multiple' => 'Bool#multiple',\r | |
78 | 'name' => 'CDATA',\r | |
79 | 'size' => 'Number',\r | |
80 | 'tabindex' => 'Number',\r | |
81 | )\r | |
82 | );\r | |
83 | \r | |
84 | $this->addElement(\r | |
85 | 'option',\r | |
86 | false,\r | |
87 | 'Optional: #PCDATA',\r | |
88 | 'Common',\r | |
89 | array(\r | |
90 | 'disabled' => 'Bool#disabled',\r | |
91 | 'label' => 'Text',\r | |
92 | 'selected' => 'Bool#selected',\r | |
93 | 'value' => 'CDATA',\r | |
94 | )\r | |
95 | );\r | |
96 | // It's illegal for there to be more than one selected, but not\r | |
97 | // be multiple. Also, no selected means undefined behavior. This might\r | |
98 | // be difficult to implement; perhaps an injector, or a context variable.\r | |
99 | \r | |
100 | $textarea = $this->addElement(\r | |
101 | 'textarea',\r | |
102 | 'Formctrl',\r | |
103 | 'Optional: #PCDATA',\r | |
104 | 'Common',\r | |
105 | array(\r | |
106 | 'accesskey' => 'Character',\r | |
107 | 'cols*' => 'Number',\r | |
108 | 'disabled' => 'Bool#disabled',\r | |
109 | 'name' => 'CDATA',\r | |
110 | 'readonly' => 'Bool#readonly',\r | |
111 | 'rows*' => 'Number',\r | |
112 | 'tabindex' => 'Number',\r | |
113 | )\r | |
114 | );\r | |
115 | $textarea->attr_transform_pre[] = new HTMLPurifier_AttrTransform_Textarea();\r | |
116 | \r | |
117 | $button = $this->addElement(\r | |
118 | 'button',\r | |
119 | 'Formctrl',\r | |
120 | 'Optional: #PCDATA | Heading | List | Block | Inline',\r | |
121 | 'Common',\r | |
122 | array(\r | |
123 | 'accesskey' => 'Character',\r | |
124 | 'disabled' => 'Bool#disabled',\r | |
125 | 'name' => 'CDATA',\r | |
126 | 'tabindex' => 'Number',\r | |
127 | 'type' => 'Enum#button,submit,reset',\r | |
128 | 'value' => 'CDATA',\r | |
129 | )\r | |
130 | );\r | |
131 | \r | |
132 | // For exclusions, ideally we'd specify content sets, not literal elements\r | |
133 | $button->excludes = $this->makeLookup(\r | |
134 | 'form',\r | |
135 | 'fieldset', // Form\r | |
136 | 'input',\r | |
137 | 'select',\r | |
138 | 'textarea',\r | |
139 | 'label',\r | |
140 | 'button', // Formctrl\r | |
141 | 'a', // as per HTML 4.01 spec, this is omitted by modularization\r | |
142 | 'isindex',\r | |
143 | 'iframe' // legacy items\r | |
144 | );\r | |
145 | \r | |
146 | // Extra exclusion: img usemap="" is not permitted within this element.\r | |
147 | // We'll omit this for now, since we don't have any good way of\r | |
148 | // indicating it yet.\r | |
149 | \r | |
150 | // This is HIGHLY user-unfriendly; we need a custom child-def for this\r | |
151 | $this->addElement('fieldset', 'Form', 'Custom: (#WS?,legend,(Flow|#PCDATA)*)', 'Common');\r | |
152 | \r | |
153 | $label = $this->addElement(\r | |
154 | 'label',\r | |
155 | 'Formctrl',\r | |
156 | 'Optional: #PCDATA | Inline',\r | |
157 | 'Common',\r | |
158 | array(\r | |
159 | 'accesskey' => 'Character',\r | |
160 | // 'for' => 'IDREF', // IDREF not implemented, cannot allow\r | |
161 | )\r | |
162 | );\r | |
163 | $label->excludes = array('label' => true);\r | |
164 | \r | |
165 | $this->addElement(\r | |
166 | 'legend',\r | |
167 | false,\r | |
168 | 'Optional: #PCDATA | Inline',\r | |
169 | 'Common',\r | |
170 | array(\r | |
171 | 'accesskey' => 'Character',\r | |
172 | )\r | |
173 | );\r | |
174 | \r | |
175 | $this->addElement(\r | |
176 | 'optgroup',\r | |
177 | false,\r | |
178 | 'Required: option',\r | |
179 | 'Common',\r | |
180 | array(\r | |
181 | 'disabled' => 'Bool#disabled',\r | |
182 | 'label*' => 'Text',\r | |
183 | )\r | |
184 | );\r | |
185 | // Don't forget an injector for <isindex>. This one's a little complex\r | |
186 | // because it maps to multiple elements.\r | |
187 | }\r | |
188 | }\r | |
189 | \r | |
190 | // vim: et sw=4 sts=4\r |